Tumbleweed Brings KDE Users Frameworks, Gear Updates

This week brought KDE users of openSUSE‘s rolling release Tumbleweed updates for Frameworks and Gear along with several other updated packages.

Snapshots have been rolling out with various enhancements and bug fixes this week.

The more recent snapshot, 20230712, updated GNU Compiler Collection 13.1.1 and the changes related to the architecture levels for the Adaptable Linux Platform. A patch was also removed. The Linux Kernel also updated in the snapshot as kernel-source 6.4.2 addressed a Common Vulnerability and Exposure. CVE-2023-3269 addressed the lock handling for accessing and updating virtual memory areas. The tool to copy files cpio backported some upstream fixes, refreshed some patches and removed four patches. A few GNOME packages updated in the snapshot. Miscellaneous bug fixes along with some cleanup, and updated translations arrived in the gnome-shell 44.3; it also fixed a cursor offset issue with the magnifier. The 44.3 mutter had improvements to ensure the preferred monitor mode is always included and to avoid rapid toggling of dynamic maximum render time. It also fixes an issue with a dynamic maximum render time. Additionally, there are miscellaneous bug fixes and updated translations. An update of yast2-storage-ng 4.6.12 ensures that storage support packages are added correctly for MicroOS, which uses a custom partitions proposal client instead of another specific client. Several other packages were updated in the snapshot.

Only one package was updated in snapshot 20230710. The update of the one-time password toolkit oath-toolkit to version 2.6.8 brings some changes. The libpskc component was updated to address compatibility issues with a recent libxmlsec release, which ensures smooth operation and proper integration with the latest libraries. The authentication process in pam_oath was improved to avoid failure when pam_modutil_getpwnam is unable to recognize the user in a specific case. The self-test functionality for pam_oath was also enhanced.

Snapshot 20230709 brought an update of KDE’s Frameworks 5.108.0. With that, Kirigami had some bugfixes, improves some functionality, and enhanced the user experience by ensuring proper behavior of notifications and prioritizing user input events for a more responsive interface. The update of KIO restored compatibility with the Plasma file dialog and the previewjob now checks for the validity of thumbRootDevice before accessing it. These updates improve functionality, fix bugs, and enhance the user experience in KIO. The file indexing and file search package Baloo fixed a parameter name and had a change to correctly parse empty quoted strings. Another change improved performance of indexing files that are not yet indexed by dividing UnindexedFileIndexer into multiple smaller transactions. The only other package to update in the release was Xen 4.17.1. This updates addresses several upstream bugs that are documented in a Bugzilla issue. The update fixed two CVEs with CVE-2022-42335 and CVE-2022-42336 being resolved. The latter CVE addresses the mishandling of guest SSBD selection on AMD hardware, where a guest can under or overflow the per-core thread counter, resulting in ineffective attempts to set SSBD and causing potential security vulnerabilities.

Snapshot 20230708 saw a major version update and a version bump for a browser. The new inih 57 major enhanced functionality for handling unsigned values and reading 64bit integers; this expands the capabilities of the library and improves compatibility with different types of configurations. The KDE hex editor for viewing and editing the raw data of files, okteta, updated to version 0.26.12, which improves translations and resolves issues related to the export and saving functionalities. Mozilla Firefox 115.0.1, which the major version arrived earlier in the week, had a version bump.

KDE users received Gear 23.04.3 in snapshot 20230707. The Kdenlive video editor update fixes some disappearing effects from the timeline sequence and other synchronization issues. An update of kitinerary improves the handling of URLs and ensured that URLs are fully encoded when passed to the Android Application Programming Interface and QFile. Image viewer gwenview addresses a bug to prevent a crash in the exiv2 library. The KMail package had a change to prevent the removal of certain margins and updates the HTML characters for the subject field of email messages. Several other Gear packages updated in the snapshot, but only one other non-KDE package updated. The libstorage-ng 4.5.122 places prioritization of swap activation, which suggests that the handling of swap partitions are given higher priority, potentially resulting in more efficient swap utilization.

The newest major version of a browser was released in snapshot 20230706. Mozilla Firefox 115 can now migrate payment methods saved in Chrome-based browsers to Firefox. Hardware video decoding is enabled for Intel GPUs on Linux. The tab manager dropdown includes close buttons for quicker tab closing. Users without support for H264 video decoding can fallback to Cisco’s OpenH264 plugin. The hardware detection tool from openSUSE, hwinfo, also had a major version landing in the snapshot; the 23.1 version export symbols were adjusted to match the test case in yast2-hardware-detection and a compile warning related to Point-to-Point Protocol over Ethernet (PPPoE). An update of Python 3.11.4 fixes a few security flaws. The patch from CVE-2007-4559 was also dropped. An update of the power-sources package upower updates to version 1.90.1. Its changes include the detection and automatic disappearance of headsets with kernel batteries when turned off, which hides duplicate Logitech Bluetooth and wireless devices. Other packages to update in the snapshot were gnome-maps 44.3, gupnp 1.6.4, libxcrypt 4.4.35 and more.