Home Home > Distribution > Tumbleweed
Sign up | Login

Archive for the ‘Tumbleweed’ Category

openSUSE Develops Legal Review System

November 8th, 2018 by

The open-source community has a new project designed to help Linux/GNU distributions with the legal review process of licenses.

The new project called Cavil is legal review system that is collectively beneficial not only for the  openSUSE Project, but distributions and projects that want to use it.

The project provides an add-on service for the Open Build Service.

Every OBS request for openSUSE Factory goes through a legal review process to ensure licenses are compatible. Cavil indexes these and creates a legal report for every single request. Bot comments in OBS are made through the legal-auto python script, but the entire project is much larger than the script and bots.

Sebastian Riedel and Stephan Kulow have been developing the project for two years and it has been used in production for more than a year and half. The Cavil legal review system replaces an older system and provides much more efficiency. Cavil can automatically accept more than 90 percent of all new requests based on data from previous reviews, so packages are much more streamlined into openSUSE Factory.

The project has been so efficient that two lawyers who do all the legal reviews with the system, which is also used by SUSE, had reviewed about 110,000 packages this past year. The same lawyers curated a library with 27.000 license patterns for 600 licenses and 20 license patterns for 100 of the  most common licenses that are used to create legal reports. Riedel said there is a desire hope to expand that in the future with the hope of collecting new patterns with the open-source community.

The legal Data Base used by SUSE to generate reports with new license patterns  is about 2TB and has about 68.433.436 pattern matches in 27.319.682 individual files.

Like openQA, Cavil is written in Perl, with Mojolicious/Minion and PostgreSQL.

A quick look at the statistics about the content of the legal database showed the most popular open source licenses were GPL-2.0, BSD-3-Clause, GPL-Unspecified and MIT respectively.

Tumbleweed Gets New Versions of KDE Applications, Krita, Apache Subversion

October 19th, 2018 by

Since last week’s openSUSE Tumbleweed update, there were two snapshots released that brought KDE users a newer version of Applications 18.08.2 and all Tumbleweed users could update to Linux Kernel 4.18.13.

Last week brought newer versions of KDE’s Plasma 5.14  and Frameworks 5.50.0, and this week the arrival of Applications 18.08.2 came in snapshot 20181015. Applications 18.08.2 contained only bug fixes and translation updates. Among the key bug fixes was the dragging of a file in Dolphin that no longer accidentally triggers inline renaming; KCalc again allows both ‘dot’ and ‘comma’ keys when entering decimals and a visual glitch in the Paris card deck for KDE’s card games was fixed. Snapshot 20181015 had a few other updated packages like the open source painting program krita 4.1.5, which fixed a missing shortcut from the Fill Tool tooltip and a change of importing SVG files as vector layers instead of pixel layers. The ibus-table 1.9.21 update, which is an engine framework for table-based input methods, migrated IBusConfig to GSettings; non-gnome users have a Draw InputMode text instead of icon into panel. The 4.18.13 Linux Kernel was also included in the snapshot and fixed an unexpected failure of nocow buffered writes for Btrfs after snapshoting when a user is low on space; the newer kernel also added support for Apple Magic Keyboards. Python-jedi 0.13.1 removed Python 3.3 support. The Apache version-control package subversion 1.10.3 fixed conflict resolver crashes and endless scan in some cases.

Snapshot 20181012 brought several new packages including an update of Mozilla Thunderbird 60.2.1. The  email client has some calendar changes and security fixes including a fix of CVE-2018-12383 that is related to stored passwords. The open-source audio platform audacity 2.3.0 was updated in the snapshot and it now has the ability to resize the toolbars controlling volume and speed for greater precision. Gstreamer and several of its plugins were updated to version 1.14.4, which added functionality needed for Mean Squared Error (MSE) use case fixing YouTube playback in epiphany/webkit-gtk. There were many incremental improvements and bug fixes with libvirt 4.8.0 that was released earlier this month including the libxl driver now supports virDomainPMSuspendForDuration and virDomainPMWakeup Application Programming Interfaces (APIs). Compiling parser generator Bison now requires a C99 compiler with the update of the bison 3.1 package. Other packages updated in the 20181012 snapshot were gpgme 1.12.0, which provided a major overhaul of the Python language bindings documentation, gthumb 3.6.2, libzypp 17.7.2, python-Pillow 5.3.0, snapper 0.6.1, and sqlite3 3.25.2.

Both snapshots are trending a stable rating of 94 or above according to the Tumbleweed snapshot reviewer.

KDE and openSUSE: Plasma 5.14, Qt 5.12 and more

October 17th, 2018 by

Plasma 5.14

Plasma 5.14 was released with many improvements.

It was planned to have it in a released in a Tumbleweed snapshot on the same day, but openQA issues prevented snapshot 20181008 from getting published. Instead, Tumbleweed users got it with snapshot 20181009 on Thursday morning. Currently, 5.14.1 is staged to be accepted in Tumbleweed.

To get it on Leap 15 (and even 42.3 with restrictions), you can add https://en.opensuse.org/SDB:KDE_repositories#KDE_Frameworks_5.2C_Plasma_5_and_Applications. Note that those are not part of the official distribution and therefore not as well supported.

KDE:Unstable drops support for Leap 42.3

The KDE:Unstable projects will drop support for openSUSE 42.3 next week.

Builds of KDE software from git master have been available for Leap 15 even before the official release, which should’ve given everyone enough time to migrate.

The Argon media got switched to Leap 15 just after release as well. If you haven’t heard of Argon (and Krypton) yet, they’re installable live media with the latest version of KDE software on Leap and Tumbleweed.

See the wiki article (https://en.opensuse.org/SDB:Argon_and_Krypton) for more information.

Migrating to Leap 15 also means that less system libraries (like libinput) need to be replaced, as the version in Leap 15 is sufficient for now.

If you haven’t migrated to Leap 15 yet, read https://en.opensuse.org/SDB:System_upgrade#Command_line_2. The provided instructions work just fine for the KDE:Unstable repositories.

Goodbye to Webkit (from a default install)

Did you know that two major browsers, Safari and Chromium, are based on KDE software? That’s right, KHTML was used by Apple as foundation when creating the WebKit Browser engine. During the development of Chrome, Google forked WebKit into Blink. (more…)

Tumbleweed Gets Plasma 5.14, Frameworks 5.50

October 11th, 2018 by

Four openSUSE Tumbleweed snapshots this week brought new versions of software along with new versions of KDE’s Plasma and Frameworks as well as python-setuptools and many other packages.

The most recent snapshot, 20181009, updated KDE’s Plasma 5.14. The new Plasma version has several new features like the new Display Configuration widget for screen management, which is useful for presentations. The Audio Volume widget has a built in speaker test feature moved from Phonon settings and the Network widget now works for SSH VPN tunnels again. The Global menu now supports GTK applications as well.  Mozilla Firefox 62.0.3 fixed a few Common Vulnerabilities and Exposures including a vulnerability in register allocation of JavaScript that can lead to type confusion, which allows for an arbitrary read and write. The cpupower package, which is a collection of tools to examine and tune power, was updated to version 4.19 and deleted some patches that are now part of the mainline. Source-control-management system mercurial 4.7.2 fixed a potential out-of-bounds read in manifest parsing C code. Other packages including in the snapshot were inxi 3.0.26, lftp 4.8.4, libinput 1.12.1, okteta 0.25.4 and vm-install 0.10.04

Snapshot 20181004 included several package updates as well. NetworkManager-openvpn 1.8.6 fixed an endless loop checking for encrypted certificate. The open source antivirus engine clamav 0.100.2 disabled the opt-in minor feature of OnAccess scanning on Linux systems and will  re-enabled in a future release. Users who enabled the feature in clamd.conf will see a warning informing them that the feature is not active. The Linux Kernel was updated to 4.18.11 and had several fixes for Ext4. Developers using python-setuptools 40.4.3 will see a few changes from the previous 40.2.0 version that was in Tumbleweed like the vendored pyparsing in pkg_resources to 2.2.1. Those using Samba will see a fix  for cluster CTDB configuration with the 4.9.1 version. Caching proxy squid  4.3 updated systemd dependencies in squid.service and vlc 3.0.4  improve support for broken HEVC inside MKV.

Firefox was updated earlier in the week to 62.0.2 in snapshot 20181002. The rest of KDE Frameworks 5.50.0 was made available in the snapshot; most of the packages for Frameworks were updated in the snapshot the previous day. The systems library for input/output KIO and the KTextEditor had the most changes in the updated Frameworks. Multimedia frameworks gstreamer along with its several gstreamer plugins were updated to version 1.14.3 and it fixed major buffer leak with the compositor. Some libqt5 packages were updated to version 5.11.2, but most of the libqt5 packages were release in snapshot 20181001. Mariadb 10.2.18 cleans up some code and now Supports DDL commands during backup. (more…)

VIM, Xen, Git Packages Updated in This Week’s Tumbleweed Snapshots

September 28th, 2018 by

There were a total of four openSUSE Tumbleweed snapshots this week that updated packages like VIM, Xen, Git and ImageMagick.

The latest snapshot, 20180925, updated three packages. All the packages updated in this snapshot were zero dot packages. The updated packages were obs-service-set_version 0.5.10, purple-carbons 0.1.6 and shotwell 0.30.0. The obs-service-set_version 0.5.10 version fixed a zip file crash associated with python. The version change regarding purple-carbons 0.1.6 was basically cleaning up the code. The shotwell 0.30.0 package updated translations and fixed random segfaults in GNOME settings.

The 20180924 snapshot updated a little more than a handful of packages. Among the package updates were hdf5’s jump from version 1.10.1 to 1.10.3. The HDF5 package is a high performance data software library and file format to manage, process, and store heterogeneous data. The version added a few patches and had an upstream fix that dropped a warning patch. The text-mode web browser links 2.17 package had multiple changes. Among some of the most important fixes for the package was verifying SSL certificates for numeric IPv6 addresses and fixing an infinite loop that happened in graphics mode if the user clicked on OK in the “Miscellaneous options” dialog when more than one window was open. The nano 3.1 version fixed a fix a misbinding of ^H that had an effect with some terminals on certain systems. Three rubygem packages were also updated in the snapshot. The packages were rubygem-marcel 0.3.3, rubygem-sass 3.6.0 and rubygem-uglifier 4.1.19.

The Tumbleweed snapshot that had the most packages updated in the week was snapshot 20180920. Roughly 17 packages were updated in this snapshot. ImageMagick 7.0.8.11 added support for a “module” security policy and disabled PDF coders in default policy.xml. The GNOME library gtksourceview 3.24.9 improved the syntax highlighting of Haskell, C++, GLSL, and Markdown. Text editor vim 8.1.0401 refreshed a patch that is still working through some various issues. The newer version update of pciutils 3.6.2 fixed a couple of bugs in computation of bus topology.

(more…)

Tumbleweed Gets New Versions of KDE Plasma, Applications

September 20th, 2018 by

A total of four openSUSE Tumbleweed snapshots were delivered to users of the rolling release this past week and the snapshot brought new versions of KDE Plasma and KDE Applications.

The most recent snapshot 20180917 updated three packages. The GNOME package dconf-editor was updated to  3.30.0. Users of the ext2 filesystem will notice the utility package e2fsprogs 1.44.4 will fix the debugs ncheck command to work for files with multiple hard links; the updated package also has new debugfs commands for dumping xattr blocks and i_blocks array. Another GNOME package was updated with the iagno 3.30.0 package for the game reversi, which shows that GNOME 3.30 packages are starting to be integrated into Tumbleweed snapshots.

Another three packages were updated in the 20180916 snapshot. The GNU Project debugger, gdb 8.2, added several patches and support access to new POWER8 registers. A fix was made for a GNU Compiler Collection 8.1 warning with the perl-DBD-mysql 4.047 updated, which also added options needed for public key based security. The other package that was updated in the snapshot was perl-Glib 1.327.

The GNOME Web browser was updated to version 3.30.0 with the update to the epiphany package in snapshot 20180915. Plenty of other packages were updated in this snapshot along with KDE Applications 18.08.1. Improvements in the new applications update include several bug fixes and the KIO-MTP component no longer crashes when the device is already accessed by a different application. Sending mails in KMail now uses the password when specified via password prompt and Okular now remembers the sidebar mode after saving PDF documents. The open source video editor pitivi 0.999 aded the Shift+click option to select a range of clips and the Save and Render buttons in the headerbar were moved to the right side.

(more…)

Latest Tumbleweed Snapshot Brings Major Versions of Flatpak, qemu, Thunderbird , Nano

September 14th, 2018 by

Since the last openSUSE Tumbleweed update, three snapshots have been released and the latest snapshot has brought two new major versions of both Flatpak and qemu.

On the heels of the Libre Application Summit last week, which is a conference focusing on sandboxing and application distribution, a new major version of Flatpak was released in Snapshot 20180911. Flatpak 1.0 marks a significant improvement in performance and reliability, and includes a big collection of bug fixes with a collection of new features. Naturally, libostree 2018.8 was updated with Flatpak and added a new feature that provides an auto-update-summary config option for repositories. Full-system emulation with qemu 3.0.0 isn’t necessarily significant. The changelog states not to “read anything into the major version number update. It’s been decided to increase the major version number each year.” Yet there is improved support for nested Kernel-based Virtual Machine (KVM) guests running on Hyper-V. The project did emphasized that ongoing feature deprecation is tracked at both http://wiki.qemu-project.org/Features/LegacyRemoval and in Appendix B of the qemu-doc.* files installed with the qemu package. Mesa 18.1.7 had a handful of fixes and once again added wayland to egl_platforms. The Linux Kernel 4.18.7 added support for Intel Ice Lake microarchitecture in the snapshot. There were several other minor updates in the snapshot, but the nodejs10 update to version 10.9.0 brought a few Common Vulnerability and Exposure (CVE) fixes and upgraded dependencies to OpenSSL 1.0.2.

Mozilla Thunderbird also received a major version update this week in snapshot 20180910. Thunderbird 60.0 improved message handling and composing and also provided Internet Message Access Protocol (IMAP) fixes. A list of CVEs were addressed with the update and the email client also added support for OAuth2 and FIDO U2F. Pixel format translation library babl updated its license to LGPL 3.0 in with the version update to 0.1.56. The library and command-line tool for transferring data using various protocols known as curl had several changes in version 7.61.1 and warn the user if a given file name looks like an option. The GNOME Web browser package epiphany 3.28.4 fixes a crash on homedepot.com and improved the performance of adblocker. The 4.18.6 kernel was made available in this snapshot. Text editor nano 3.0  also had a major version update and provided some speed improvements. Pdf renderer poppler 0.68.0 added Reason and Location to SignatureInfo. Web developers will be happy to see webkit2gtk3 2.22.0. The updated webkit2gtk3 package provides a new JavaScriptCore GLib application programming interface (API) and added playbin3 support to GStreamer media backend.

(more…)

Hexchat, Duplicity Among Packages Updated in Tumbleweed

September 6th, 2018 by

Three openSUSE Tumbleweed snapshots were released this week that updated versions of dbus, hexchat and more.

Snapshot 20180903 updated extended attributes extensions with the attr 2.4.48 package, which removed various deprecated sections like attr/attr.h and added a patch to have tests working with newer perls. The bash-completion 2.8 package fixed getting username in non-login shells. The dbus-1 1.12.10 and dbus-1-x11 1.12.10 both fixed builds with GNU Compiler Collection 8 -Werror=cast-function-type and a minor memory leak when a DBusServer listens on a new address. IRC Client hexchat 2.14.2 added appstream metainfo for plugins and removed shift+click binding to close tabs. The USB Wifi driver package rtl8812au 5.2.20.2 added new hardware support and the Schily Tool Box, schily version 2018.08.24, added support for SELinux. C library libHX updated to version 3.23 and python-kiwi to 9.16.12.

The end of month snapshot, 20180831, had a version bump with GNOME’s goffice to 0.10.43.

Several perl packages were updated like perl-Cpanel-JSON-XS 4.06, perl-Module-Signature 0.83 and perl-Net-Netmask 1.9104. The dateutil module available in Python, which provides powerful extensions to the standard datetime module, fixed an issue with the setup script running in non-UTF-8 environments with python-python-dateutil 2.7.3. A change was made to licensing with the ucode-intel 20180807a update and yast2-journal 4.1.2 fixed a crash when changing the filter as a non-root user.

The snapshot that began the week had two package changes in snapshot 20180829. Encrypted backup package duplicity 0.7.18.1 cleaned up spec file and now uses modern python macros. The remmina package, which is a remote desktop client for access any operating system, provided some enhancements in version 1.2.31.4 with implementing send ctrl+alt+fn keys and fix some bugs including libssh deprecations.

All snapshots are stable according to the Tumbleweed snapshot reviewer with snapshot 20180903 recording a 91 rating and snapshot 20180831 trending at 95 rating and snapshot  20180903 trending at 96 rating.

Tumbleweed Snapshots Bring Changes for KVM, QEMU, Xen

August 23rd, 2018 by

Two openSUSE Tumbleweed snapshots were once again released this past week, which included two Linux Kernel updates.

The most recent snapshot, 20180818, updated the kernel to version 4.18.0, which brought many changes for KVM (Kernel-based Virtual Machine). Mozilla Firefox 61.0.2 improved website rendering with the Retained Display List feature enabled and also fixed broken DevTools panels. The ffmpeg 4.0.2 package in the snapshot added conditional package configuration and AOMedia Video 1 (AV1) support. Netfilter project nftables was restored as the default backend with firewalld 0.6.1 and now nftables and iptables can co-exist after a bug fix with the ‘nat’ table form the 4.18 kernel. The Command Line Interface configuration utility for wireless devices known as iw added support in its 4.14 for all new kernel features of kernel 4.14. The HTTP client/server library for GNOME, libsoup 2.62.3, now uses an atomic-refcounting in classes that are not using GObject-refcounting. The Linux Kernel 4.16 or higher is needed for the strace 4.24 package, which implemented decoding of KVM vcpu (virtual central processing unit) exit reason as an option, and yast2-http-server 4.1.1 fixed PHP support by dropping php5 and using php7.

The 20180815 Tumbleweed snapshot had the last 4.17 kernel with an update from Kernel 4.17.3 to 4.17.4. The new 7.0.8.9 version of ImageMagick has the XBM coder leave the hex image data uninitialized if hex value of the pixel is negative. Several fixes were made with btrfsprogs 4.17.1 and an add ability to fix wrong ram_bytes for compressed inline files was also made with the package update in the snapshot. The advanced twin panel file manager for KDE Plasma, krusader 2.7.1, had a few fixes including a fix to the search bar in the application that showed results for a file that was deleted. The qemu 2.12.1 package dropped several patches and the updated gave new mitigation functionality for CVE-2018-3639. Caching proxy squid 4.2 provided fixes for GNU Compiler Collection 8 and a missing pointer. There were also several patches in the xen 4.11.0 update for GCC 8 and the yast2-storage-ng 4.1.4 update addressed the partitioner and now displays Xen virtual partitions and allows users to format and mount them.

Snapshot 20180815 recorded a stable rating of 93 on the snapshot reviewer and 20180818 is currently trending a moderate rating of 86.

Language, Networking Packages Get Updates in Tumbleweed

August 16th, 2018 by

There were two openSUSE Tumbleweed snapshots this past week that mostly focused on language and network packages.

The Linux Kernel also received an update a couple days ago to version 4.17.13.

The packages in the 20180812 Tumbleweed snapshot brought fixes in NetworkManager-applet 1.8.16, which also modernized the package for GTK 3 use in preparations for GTK 4. The free remote desktop protocol client had its third release candidate for freerdp 2.0.0 where it improved automatic reconnects, added Wave2 support and fixed automount issues. More network device card IDs for the Intel 9000 series were added in kernel  4.17.13. A jump from libstorage-ng 4.1.0 to version 4.1.10 brought several translations and added unit test for probing xen xvd devices. Two Common Vulnerabilities and Exposures fixes were made with the update in postgresql 10.5. Several rubygem packages were updated to versions 5.2.1 including rubygem-rails 5.2.1, which makes the master.key file read-only for the owner upon generation on POSIX-compliant systems. Processing XML and HTML with python-lxml 4.2.4 should have fewer crashes thanks to a fix of sporadic crashes during garbage collection when parse-time schema validation is used and the parser participates in a reference cycle. Several YaST packages receive updates including a new ServiceWidget to manage the service status with yast2-ftp-server 4.1.3 as well with yast2-http-server, yast2-slp-server and yast2-squid 4.1.0 versions.

The snapshot from 20180808 brought the firewalld 0.6.0 version, which switched back to an ‘iptables’ backend as a default; “loads of new services” were added in the newer version including the addition of firewall-config adding a ipv6-icmp to the protocol dropdown box. The Linux Filesystem in Userspace interface, fuse 2.9.8, provided security update for systems where SELinux is active. The security update stops an unprivileged users to specify the allow_other option even when it was forbidden in the /etc/fuse.conf. The snapshot also updated yast2-network 4.1.5 that fixes the networking AutoYaST schema

Snapshot 20180808 recorded a stable rating of 95 on the snapshot reviewer and 20180812 is trending at a 96 rating.