A total of five openSUSE Tumbleweed snapshots were released so far this week.
Two out the five snapshots updated more than three packages like the most recent snapshot; snapshot 20210203 updated gthumb 3.10.2. The image viewer and browser utility for the GNOME environment fixed a jump to the bottom when selecting thumbnails with mouse and fixed a possible crash to the app after cancelling a search. KDE’s hex editor for viewing and editing raw data of a file, okteta 0.26.5, improved the cursor flash time setting and improved a new menu entry for selecting a custom UI color scheme. The xfce4-cpufreq-plugin 1.2.4 package now creates a label widget if it does not already exist. This panel plugin shows information about the CPU governor and frequencies supported and used by a system.
PulseAudio disabled Link Time Optimisation on armv7 in the updated 14.2 version in Snapshot 20210202. The snapshot updated the Linux Kernel to version 5.10.12 and ImageMagick to version 184.108.40.206, which now generates histograms by comparing pixel components rather than color. LibreOffice fixed some text that wrongly aligned in its 7.0.4 update. Wayland 1.19.0 had a minor update with bug fixes and protocol updates. Several Python Packages were updated in the snapshot including python-packaging 20.8, which reverted back to setuptools for compatibility purposes for some Linux distros, and python-Pillow 8.1.0, which fixed Common Vulnerabilities and Exposures that a Read Overflow in PCX Decoding. A patch was removed in firewalld 0.9.3 and fixes were made for iptables when an ipset is used as a zone source. The general-purpose parser generator bison 3.7.5 fixed the Table Generation that was generating incorrect parsers when there are many useless tokens. Other packages updated in the snapshot were xterm 363, yast2 4.3.51, iproute2 5.10.0 and zeromq 4.3.4.
Snapshot 20210131 updated the theorem prover from Microsoft Research; this z3 package was updated to version 4.8.10, which rewrote the arithmetic solver thereby replacing the legacy arithmetic solver.
Both Mozilla Firefox and Thunderbird were updated in snapshot 20210130. The new 85.0 major version of Firefox eliminated 13 CVEs. A new feature in the browser protects from supercookies, which is a type of tracker that can stay hidden in the browser and track even after clearing cookies. Thunderbird 78.7.0 fixed a half dozen CVEs. One of the CVEs was related to an IMAP response injection when using the Opportunistic Transport Security Layer. Flatpak 1.10.1 switched to an upstream release tarball, updated translations and had a fix for some compiler warnings. Documentation typos were fixed and a fix to a minor extensions problem was made in the update of sqlite3 3.34.1. Other packages to update in the snapshot were bind 9.16.11, icewm 2.1.1, soundtouch 2.2 and yast2-bootloader 4.3.20, which ensures the proposal is re-calculated when the partitioning plan has changed,
Another snapshot with three packages updated was 20210128. This snapshot updated perl-Mojolicious to version 8.72, which deprecated quite a few connection methods, but did add support for trusted reverse proxies. Other packages to update in the snapshot were perl-IO-Tty 1.16, which switched to a github for tracking issues, and kvm_stat 5.10.9, which installs the systemd unit file in the proper place, so that the service can be started right away.
Tags: openSUSE Tumbleweed YaST Wayland Developers Open Source CVE Python systemd firewalld Mozilla Kernel GNU Bison Firefox GNOME gthumb okteta Patch KDE xfce exif Imagemagick iproute Microsoft openSUSE Thunderbird mojolicious icewm