Audacity, OpenSSL, systemd Update Tumbleweed

The past week has produced a few openSUSE Tumbleweed snapshots and automatic migrations kicked off for the first snapshot of February.

Some of the packages covered this week include updates for the GNU Compiler Collection, GStreamer, KDE Gear, those mentioned in the headline and several more.

Snapshot 20230208 provided the second update of ImageMagick listed in this post; the 7.1.0.61 version clarified some documentation and moved around the -set profile command-line interface handling. Various language translations were made with the 6.4.36 fetchmail update. An update of xwayland 22.1.8 fixed a second possible Out-of-band remote access OOB access. The backward compatibility package also fixed CVE-2023-0494, which could have allowed for local privilege elevation on systems where an X server runs privileged and remote code execution for SSH X forwarding sessions. The snapshot had several other package updates including hwdata 0.367, ncurses 6.4.20230128, texinfo 7.0.2, ceph and more.

The 20230207 snapshot brought an update of the network infrastructure package dnsmasq 2.89; the package fixed a bug that resulted in the corruption of the DNS cache internal data structures and logging of “cache internal error”. The changelog notes that “this has only been seen in one place in the wild, and it took considerable effort to even generate a test case to reproduce it, but there’s no way to be sure it won’t strike, and the effect is to break the cache badly.“ The policy analysis tools for SELinux, setools, updated to version 4.4.1 and updated the permission map. The package also has some code cleanup and replaced a deprecated function that was removed in NetworkX 3.0 version. An improved codec selection logic, better handling of latency, and an improved frame discard to avoid audio/video desynchronization was made with the webkit2gtk3 2.38.4 update. An update of kernel-firmware 20230125 and the Linux kernel-source 6.1.10 appeared to have several AMD additions and arm64 fixes respectively.

Audio software audacity updated to version 3.2.4 in snapshot 20230204. Audio can now be shared publicly on audio.com thanks to the upgrade. A new toolbar with cut/copy/paste buttons have also been added. KDE Gear 22.12.2 arrived in the rolling release soon after its announcement and file manager Dolphin fixed the size of directories if a subdirectory fails to open. A startup crash was fixed with the package’s Kalendar update. Video editor Kdenlive also fixed a crash and a screen split that did not save subclips. Georgian translations were made in the libstorage-ng 4.5.68 update and php8 8.1.15 had multiple fixes to including fixing a wrong comparison in block optimisation pass after an opcode update. The package also handles speed-optimized hash algorithm XXH3 better.

An update of the Mozilla Firefox browser to version 109.0.1 was made in snapshot 20230202. The update had some emoji character fixes. An update of NetworkManager 1.40.12 had a fix involving concurrent invocation of iptables in IPv4 shared mode. The library for configuring and customizing font access, fontconfig, updated to version 2.14.2. The package fixed a typo in descriptions, adjusted an indentation and added a rendering option.

An OpenSSL change from version 1.1.1s to 3.0.7 was made in the snapshot. The new version is set as the default and was a major project spanning a long period of time to make it available to users. The changes relaxes the crypto-policy requirement for regression tests and it removed some patches. OpenSSL 3.0 is a major release and various packages had to be adapted. The new version has tons of improvements. The build and installation procedure has changed significantly and many structures have been made opaque in the new version. More information is available in the migration guide.

Text editor vim 9.0.1270 had multiple fixes to include a few code that was indented more than necessary and a fix that now recognizes the NetworkManager connection. An update of GStreamer 1.22.0 and several of its plugins with the same version were updated in the snapshot. Some AV1 video codec improvements were made and a couple WebRTC supporting efforts were made. There is also new plugins for Amazon AWS storage and audio transcription services.

Snapshot 20230201 had a few packages updated like gcc13. The 13.0.1 plus version added support for new front-ends Rust and Modula-2. The GNU compiler also fixes a Go frontend to fix failed builds on s390x. The first snapshot of the month was significant as it kicks off automatic migrations with zypper dup pertaining to the i586 carve-out from Factory. Changing the repo could include a bunch of package downgrades as the rebuild counters are not synced across projects, according to notes from openSUSE’s last release engineering meeting. By the end of March, the expectation is that all users will have completed the migration; by then Tumbleweed will have disable build/publish of i586 packages, except for the roughly 1,800 packages identified in the Staging:O workflow of the Factory codebase.

The end-of-month snapshot, 20230131, provided the first update of ImageMagick with the 7.1.0.60 version. The image editor had only three commits, which were mostly cleaning up some code. The systemd 252.5 update introduced a preset to allow systemd user units for MicroOS users and added a transactional-update-notifier that allows for users of the distribution, which is optimized for cloud and container deployments, to have desktop notifications about transactional updates either succeeding or failing. Another package to update in the snapshot was xterm 378 and it improved some descriptions and several checks like one that improved a check for unsupported formatting characters.