openSUSE News

Planet News Roundup

admin@opensuse.org (Douglas DeMaio) — Fri, 13 Mar 2026 07:00:00 +0000

This is a roundup of articles from the openSUSE community listed on planet.opensuse.org.

The community blog feed aggregator lists the featured highlights below from March 6 to March 12.

Blogs this week highlight digiKam 9.0’s new Survey tool for rapid photo comparison, IBM’s compact speech AI for edge deployment, FreeBSD installation on the HP Z2 Mini, Plasma 6.5’s sixth bugfix update, and FDE improvements dropping legacy pcr-oracle support. Blogs also cover reasons for using Tumbleweed’s Thunderbird release, Rocky Linux joining KDE as a sponsor, the Lenovo ThinkBook Modular AI PC concept, OBS’ post-mortem analysis on a stuck jobs queue, syslog-ng 4.11.0 release notes, and more.

Here is a summary and links for each post:

Thunderbird Always Updated from openSUSE Tumbleweed Repositories

Victorhck explains how openSUSE Tumbleweed users benefit from receiving official Mozilla Thunderbird releases directly through the distribution’s rolling update channel without relying on Flatpak or third-party repositories. The post details how Tumbleweed’s rapid packaging pipeline ensures users get security patches and new features within hours of upstream releases.

Launched digiKam 9.0, introducing the new Survey tool

The KDE Blog announces the release of image organizer and tag editor digiKam 9.0. The new major version has a migration to Qt 6.10.1 for higher speed and stability for Wayland Linux users. The blog points out RAW support updates for Canon EOS R1, Nikon Z6-III, Sony A9-III and more. There is also support for batch coordinate editing and a new home screen design.

Granite 4.0 1B Speech: Compact voice AI for the edge

Alessandro’s Blog provides information about IBM’s new Granite 4.0 1B. The model, under the Apache 2.0 license, explains the capabilities of automatic speech recognition (ASR) and automatic speech translation (AST) across six languages. The ASR covers English, French, German, Spanish, Portuguese, and Japanese while the two-way AST pairs these languages and English. It also has additional pairs such as English–Italian and English–Mandarin in speech-to-text-to-text scenarios. Granite 4.0 1B Speech is available on Hugging Face.

The syslog-ng Insider 2026-03: 4.11.0 release; OpenSearch; ElasticSearch

Peter Czánik’s Blog links the March syslog-ng community newsletter covering version 4.11.0 availability. The newsletter covers OpenSearch data streams and changes to the Elasticsearch destination. The full newsletter is available at the syslog-ng community blog.

Dropping pcr-oracle in user space Full Disk Encryption

The openSUSE News site informs users of the deprecation of pcr-oracle in user space Full Disk Encryption (FDE) for those openSUSE systems using Trusted Platform Module 2 (TPM2). The shift moves from signed policy with JSON files stored in the EFI System Partition to systemd-pcrlock, which stores policy in TPM2 non-volatile RAM under a password (recovery PIN). The change resolves rollback attack vulnerabilities inherent to signed policies and simplifies maintenance across multiple boot loaders.

Sixth Plasma 6.5 update

The KDE Blog announces the sixth bugfix update for Plasma 6.5. The update continues KDE’s regular maintenance cycle and highlights novelties like automatic light/dark theme switching, new initial setup wizard (KISS), global WiFi password storage, KWin performance improvements and more.

Lenovo Thinkbook Modular Dual Screen Laptop | Blathering

The CubicleNate Blog examines Lenovo’s ThinkBook Modular AI PC concept unveiled at Mobile World Congress 2026. The machine is a 14-inch ultra-thin laptop with a detachable secondary display. Nate covers the pros and cons while expressing concern over the proprietary components.

New toy: Installing FreeBSD on the HP Z2 Mini

Peter Czánik’s Blog continues to update readers on his new toy and the installation of FreeBSD 15.0 installation on the AMD Ryzen AI Max+ PRO 395-powered workstation. The installation proceeded smoothly, and the system runs at exceptional speeds even when compiling software from FreeBSD ports with minimal noise. FreeBSD boots only via EFI menu boot from file option since standard boot managers don’t recognize it.

The KDE Blog announces Rocky Linux as a new KDE patron organization. Congratulations to both. Rocky Linux joins recent sponsors Kubuntu Focus, g10 Code, and Techpaladin alongside longer-standing backers like The Qt Company, SUSE, Google, Blue Systems, Slimbook, Pine64 and more.

Post-mortem: Stuck Critical Jobs Queue

The Open Build Service Blog publishes a post-mortem analysis of service degradation between March 4–5. Users experienced inability to retrieve diff changes for submit requests. Multiple code change factors contributed to the stuck critical jobs queue.

OWASP SP offers ModSecurity (CRS) for openSUSE.

Alessandro’s Blog reports that OWASP São Paulo chapter released ModSecurity Core Rule Set (CRS) version 4.24.1. CRS is a ruleset for Web Application Firewalls that provides generic detection rules to protect web applications against common attacks. This incremental update focuses on stability improvements, enhanced attack detection, and reduced false positives, and makes it essential for systems using ModSecurity or compatible WAF engines to stay protected against emerging threats.

Much Progress in Marknote and Drawy – This Week in KDE Apps

The KDE Blog highlights significant developments across KDE applications, with Marknote reaching version 1.4.0 featuring undo/redo for sketches, drag-and-drop notes between notebooks and more. Drawy received a major overhaul with a new interface, improved zoom controls, and a plugin system for tools.

Updating perltidy (and other dependencies) in os-autoinst

The openQA bites post short blurb explains that when updating dependencies in the dependencies.yaml file in os-autoinst that it will update cpanfile for the user.

Linux Saloon 191 – Application Managers

The CubicleNate Blog covers a lively discussion from the Linux Saloon podcast. Participants shared their impressions about topics like Android sideloading and the evolution of software distribution methods in the Linux ecosystem.

3 Native Racing Games for Linux

The KDE Blog showcases three demanding native Linux racing games. Speed Dreams offers a realistic racing simulator with diverse vehicles and multiple game modes. Trigger Rally provides arcade-focused fun with more than 100 maps across varied terrain. Stunt Rally rounds out the selection with the most complex and creative experience and features more than 200 tracks across 37 scenarios..

openSUSE Tumbleweed Weekly Review – Week 10 of 2026

Victorhck and dimstar report on the snapshots delivered in week 10. The review covers a minor selinux-policy update that inadvertently exposed code relying on incorrect previous behavior, causing boot failures detected by openQA before reaching users. Other updates include Python 3.14, KDE Plasma 6.6.1 and 6.6.2, Linux kernel 6.19.5, and more. Upcoming changes include the GNOME 50 release candidate, glibc 2.43, and a switch to systemd-boot as the default UEFI bootloader, which will align Tumbleweed to MicroOS standards.

Third Update of KDE Gear 25.12

The KDE Blog highlights the third maintenance release of KDE Gear 25.12. The update has corrections to KDE Connect plugin toggling, NeoChat message behavior, an Umbrello crash and more.

Seeing people through the walls with Wi-Fi – π RuView: WiFi DensePose

Watch on Vimeo

Alessandro’s Blog looks at RuView, which is an open-source privacy-first system that analyzes Wi-Fi signal disturbances (CSI data) to reconstruct human pose, detect respiration and heart rates, and sense presence through walls without any cameras. Applications range from elderly fall detection and perimeter security to industrial monitoring, and more.

View more blogs or learn to publish your own on planet.opensuse.org.

Dropping pcr-oracle in user space Full Disk Encryption

admin@opensuse.org (Alberto Planas) — Wed, 11 Mar 2026 11:00:00 +0000

Introduction

In user space Full Disk Encryption (FDE), as opposed to the boot loader based FDE, developers for openSUSE supported signed policy and NVIndex policy from the beginning when Trusted Platform Module 2 (TPM2) is used.

With this signed policy, we deliver a JSON file in the EFI System Partition (ESP) that is being read during the initrd stage by systemd-cryptsetup. This file contains the hash policy, which basically describes the expected values of the PCR registers of the TPM2 (measured boot). Together with the policy, we will find a signature that will be validated by the TPM2, and if the PCR values and the signatures are valid, then the TPM2 will unseal the password for the encrypted hard disk, and the boot process can continue.

This method is simple and very flexible. We can update the policy to generate new predictions (for example if a new kernel was installed). Using a private key, that can be stored in the encrypted side of the system, we can sign it and install in the ESP. Another advantage is that we can generate multiple files that support multiple valid configurations, which can represent different snapshots, kernels, or initrd installed in the system.

But one limitation of this method is that we are not protected against a rollback attack. Some one can copy the JSON file (the ESP is not encrypted), together with the kernel and the initrd and wait until some CVE is published for this configuration. After that, the assets can be copied back to the ESP and the signature of the policy will be still valid as far as the TPM2 is concerned. Technically, this can be resolved generating a new private key and enrolling again the devices, but this is not ideal.

systemd-pcrlock provides a new alternative, known as NVIndex policy, which store the policy in the TPM2 non-volatile RAM under a password (recovery PIN). This approach is a bit better for our case, as it resolves the rollback attack. This method is used by default if the TPM2 support it, but because policyAuthorizeNV was introduced in TPM2 Revision 1.38 ten years ago (2016), not all devices can do that. sdbootutil fallbacks to pcr-oracle (signed policy) if NVIndex policy cannot be used.

The next version of sdbootutil will drop pcr-oracle.

Motivation

Basically it is time to do that. The rollback attack is a good argument to avoid signed policies, but we need to factor the maintenance of pcr-oracle for multiple boot loaders (GRUB2 and systemd-boot).

The way that pcr-oracle works means that any change in the event log order or structure needs to be addressed in the source code, but with systemd-pcrlock it is a matter of generating some JSON files stored in /var/lib/pcrlock.d and updating the TPM2 policy in the right moment.

This difference makes pcr-oracle stay behind in the current support, making in effectively broken for any metric.

Migration

The good news is that if you have a TPM2 produced after 2016, you can migrate to systemd-pcrlock very easily. sdbootutil still recognize systems registered with pcr-oracle and can unenroll them. The migration process is as easy as:

  # sdbootutil unenroll --method=tpm2
  #  sdbootutil enroll --ask-pin --method=tpm2

If sadly your TPM2 revision is older, the password enrollment is always available:

  # sdbootutil unenroll --method=tpm2
  #  sdbootutil enroll --method=password

Further Documentation

Planet News Roundup

admin@opensuse.org (Douglas DeMaio) — Fri, 06 Mar 2026 08:00:00 +0000

This is a roundup of articles from the openSUSE community listed on planet.opensuse.org.

The community blog feed aggregator lists the featured highlights below from Feb. 27 to March 5.

Blogs this week highlight the openSUSE Board Election 2025 and Tumbleweed’s February monthly review to sound-reactive LED projects and whether data has weight. Blogs also highlight installing Fedora on the HP Z2 Mini, syslog-ng 4.11.0 packaging status, Obsidian for note-taking, the second Plasma 6.6 bugfix update, KDE Express podcast episodes, Linux Saloon discussions, and open-source playable world generation.

Here is a summary and links for each post:

Episode 70 of KDE Express: Plasma 6.6.1 and the United Nations

The KDE Blog highlights episode 70 of KDE Express with coverage Plasma 6.6.1 updates including Spectacle’s OCR capabilities, accessibility enhancements like grayscale filters and pointer tracking, KDE Connect modernization proposals, and new options for saving global themes and configuring WiFi via QR codes.

New Version Tracking through API and Automatic Labeling

The OBS Blog announces enhancements for a Foster Collaboration beta program as well as new features for package version management along with new status labels. These enhancements add a notification filter for version alerts and display last-synced timestamps to help developers monitor packages at a glance.

KDE Express Episode 69: Trinity Reloaded with Full Plasma

The KDE Blog presents episode 69 of KDE Express, covering the SonicDE fork of KDE Plasma for legacy X11 support, CachyOS adopting Plasma Login Manager, KDE Connect fixes for Bluetooth logging and more.

Data Has Weight But Only on SSDs | Blathering

The CubicleNate Blog explores a lighthearted science exploration rather than practical finding as he dives into the curious concept that data has mass on solid-state drives. Since SSDs store data by trapping electrons in floating gates via quantum tunneling, writing data adds electrons with measurable (though femtogram-scale) mass; this is in contrast with HDDs which merely rearrange existing magnetic polarity without gaining weight. A lighthearted science exploration rather than a practical finding.

New toy: Installing Fedora Linux on the HP Z2 Mini

Peter Czánik’s Blog continues the HP Z2 Mini series with a smooth Fedora installation on the AMD Ryzen AI Max+ PRO 395-powered workstation. Despite Fedora not being listed on the HP data sheet, the graphical installer worked without issue and GNOME’s consistent cross-distro interface made the system immediately familiar. Steam and Need for Speed ran flawlessly, and initial AI acceleration configuration via Copr packages successfully detected the RyzenAI NPU5.

Sound-reactive Sideboard

Sebas’ Blog documents a living room IKEA sideboard turned into a sound-reactive LED centerpiece using an ESP32-based controller running the open-source WLED firmware. The setup uses WS2812B LED strips behind frosted plexi glass doors, processes audio via FFT on one core while rendering up to 200 FPS of LED effects on the other, all under 10W. The project also solved amplifier overheating with HomeAssistant-automated fan control and features a walnut wood finish.

Syslog-ng 4.11.0 Packaging Status

Peter Czánik’s Blog provides an overview of the packaging status for syslog-ng 4.11.0 across various operating systems and tracks which distributions have already made the release available as easy-to-install packages for users who prefer not to compile from source.

Second Plasma 6.6 update

The KDE Blog reports the second bugfix update for Plasma 6.6, delivered two weeks after the initial release. The post recaps Plasma 6.6’s flagship features including the new Plasma Keyboard for touch devices, OCR text extraction in Spectacle, the Plasma Setup wizard, per-application volume control via hover, emoji skin tone selection, QR code Wi-Fi scanning and more.

Victorhck compiles and translates the March 2026 FSF newsletter into Spanish as it highlights the FSF’s 40th anniversary. Highlights include the FSF’s opposition to Google’s mandatory developer verification proposal that threatens F-Droid, coverage of Americans destroying Flock surveillance cameras, and a report on Microsoft confirming it will provide BitLocker recovery keys to authorities under valid legal orders.

Episode 68 of KDE Express: esLibre2026 dixit editor. Editorial design with free software

The KDE Blog presents episode 68 of the KDE Express podcast, covering editorial design with free software and previewing the esLibre2026 event.

Tumbleweed Monthly Update - February 2026

The openSUSE News site publishes the February monthly review covering 17 snapshots. Major highlights include the arrival of Plasma 6.6 with its new on-screen keyboard and Spectacle OCR, KDE Frameworks 6.23.0 with LeakSanitizer memory safety fixes, Linux kernel 6.19.3 with a new listns() system call, GRUB2 2.14 strengthening boot workflows for immutable systems like MicroOS, Mesa 26.0.1 fixing gaming regressions and more.

Obsidian | The Quest for the Perfect Note-Taking Application

The CubicleNate Blog reviews Obsidian as a replacement for TiddlyWiki, praising its markdown-based local-first approach, extensive plugin ecosystem, cross-platform availability via Flatpak and AppImage, and seamless synchronization through Syncthing. While not an open source project, Obsidian is free to use and offers the combination of OneNote’s ease, TiddlyWiki’s power, and standard markdown formatting that the author had been seeking.

Voting Is Now Open for the openSUSE Board Election 2025

The openSUSE News site announces voting has opened for two Board seats for the openSUSE Board Election. Four candidates are on the ballot. Voting runs until March 8 with results announced March 9. All openSUSE Members received ballot links by email.

KDE Express Episode 67: Plasma in Virtual Reality Mode

The KDE Blog presents episode 67 of the KDE Express podcast and covers what’s new with KDE Plasma 6.6 (beta at the time) and highlights a winner of the “car of the year” uses KWin under the engine.

LingBot-World: Open-source “playable” world generation.

Alessandro’s Blog covers LingBot-World, the first high-capacity fully open-source interactive world model. Unlike passive video generation tools, LingBot-World lets users control a camera through AI-generated scenes in real time using W, A, S, and D keys. It achieves 16 FPS with emergent spatial memory that maintains object consistency even after 60 seconds off-screen. The project releases both source code and full model weights.

Linux Saloon 190 | News Flight Night

The CubicleNate Blog highlights episode 190 of Linux Saloon. The news flight night covered Bazzite tripling its user base in 8 months as gamers seek Windows alternatives, F-Droid’s open letter opposing Google’s mandatory developer verification, and broader discussions about changes to the Android ecosystem.

Linux Saloon 189 | Early Edition

The CubicleNate Blog highlights the return of Linux Saloon’s Early Edition monthly format. Discussion topics included the EU OS proposal for a standardized Linux desktop with Windows migration focus using KDE Plasma, Wayland and desktop environments for modern gaming featuring Bazzite and Nobara, and participants’ recent tech activities including seeking VMware alternatives.

The power of saying “No”

Victorhck reflects on the power of saying “No” in the context of free software and community participation. You may find wisdom in No.

Vietnamese lunar calendar and more rounded highlights – This week in Plasma

Your browser does not support the video tag.

The KDE Blog covers the weekly “This Week in Plasma” update, which highlights Vietnamese lunar calendar support and more rounded highlight styles. The blog also covers performance improvements.

openSUSE Tumbleweed Weekly Review – Week 9 of 2026

Victorhck and dimstar report on the snapshots delivered in week 9. The review highlights updates including Linux kernel 6.19.3, PipeWire 1.6.0, Mozilla Firefox 148.0, Mesa 26.0.1, Poppler 26.02.0, QEMU 10.2.1, and DNF 5.4.0. It also covers the progress on the switch to systemd-boot as the default bootloader on UEFI systems to align with Tumbleweed to MicroOS.

My desk Plasma February 2026

The KDE Blog shares thoughts on the Plasma desktop setup, running on a Slimbook Kymera with KDE Neon.. The setup includes functional elements like a moon phase widget, system tray, virtual desktop selector, and a Valencian-language clock, all designed to create a dark yet highly organized workspace.

View more blogs or learn to publish your own on planet.opensuse.org.

Tumbleweed Monthly Update - February 2026

admin@opensuse.org (Douglas DeMaio) — Mon, 02 Mar 2026 10:00:00 +0000

Software package updates during the second month of 2026 for openSUSE Tumbleweed have been consistent totalling 17 snapshots in the 28 days of the month.

Tumbleweed saw the arrival of Plasma 6.6 with a new on-screen keyboard, text recognition in Spectacle, and a Setup wizard for cleaner device handovers, while KDE Frameworks 6.23.0 focused heavily on memory safety with LeakSanitizer fixes across multiple libraries. The Linux kernel moved to 6.19.3 and brought a new listns() system call, expanded hardware support, and made numerous filesystem and driver fixes. GRUB2 2.14 landed to strengthen the boot workflows for immutable systems like MicroOS. Mesa 26.0.1 fixed regressions in popular games, btrfsprogs now enables block-group-tree by default for faster mount times, and systemd resolved a logind session-tracking regression.

As always, be sure to roll back using snapper if any issues arise.

For more details on the change logs for the month, visit the openSUSE Factory mailing list.

New Features and Enhancements

Plasma 6.6: This release is dedicated to Björn Balazs who was a passionate contributor and will be missed. The release has a new on-screen Plasma Keyboard, designed for touch and accessibility, and Spectacle now includes text recognition. The new Plasma Setup wizard decouples user account creation from OS installation and enables cleaner device handovers for vendors, refurbishers, or personal use. Workflow improvements were made for the hover-to-open in the Windows List widget, the Alt+double-click to open file properties directly from the desktop and more. Other highlights include virtual desktops limited to the primary screen, optional auto brightness with ambient light sensors, a new connect to Wi-Fi by scanning a QR code with your camera and more.

KDE Frameworks 6.23.0: A major focus for this release was memory safety as with LeakSanitizer (LSAN) as it addressed numerous memory leaks fixes in libraries like KTextEditor, KIO, KWindowSystem, and others. KIO gains a “Run Executable” action, better drop handling from Places View, and refined preview and metadata logic. The KImageFormats adds support for legacy formats like CD-i IFF images and Atari ST VDAT. Kirigami refines UI behavior and holiday data for Japan, Slovenia, Nepal, and the Philippines were updated in **KHolidays.

freerdp 3.22.0: This version overhauls the SDL client and introduces a WINPR_ATTR_NODISCARD macro to catch misuse of API calls. It addresses several critical vulnerabilities and hardens error handling across channels like Smartcard, RDP Sound, and video redirection. Server-side Kerberos authentication is more robust, and several NULL pointer checks prevent crashes during logon or gateway negotiation.

cryptsetup 2.8.4: This update fixes critical issues in disk encryption management that affect usability and correctness. It corrects device size reporting for drives using sector sizes larger than 512 bytes to ensure accurate status output, and fixes integrity device resizing in bitmap mode, which previously failed due to incorrect journal settings. These fixes are essential for users relying on LUKS or integrity protection.

Qt 6.10.2: This update resolves numerous issues affecting desktop, mobile, and embedded platforms. It fixes crashes in WebEngine, touch input problems on Android and WebAssembly, and rendering glitches in Qt Quick Controls and SVG. The core libraries were, which improves internationalization and image handling. Developers also benefit from better CMake support, SBOM generation for supply chain transparency, and fixes for QML tooling, accessibility, and deployment.

dnsmasq 2.92: Updates for this software package now correctly validates or safely bypasses validation for “overlay” domains without a global DNS chain of trust, while also fixing critical edge cases with DNAME records and RFC-1918 reverse lookups. DHCP functionality is enhanced with new leasequery support (sponsored by JAXPORT), better REBIND behavior matching DHCPv4, and a new --dhcp-split-relay option for non-routable networks. TFTP gains windowsize and timeout options per RFC standards, and several race conditions and caching bugs—including MAC address tagging in TCP mode—are resolved.

python-packaging 26.0: The update for core utilities for Python packages adds support for PEP 751 (pylock files) and PEP 794 (import name metadata) to enable better tooling for modern Python workflows. Version and specifier handling has more correct prerelease logic, safer comparisons, and support for pattern matching and __replace__. Performance is enhanced with canonicalize_name and the release also improves correctness in license expression parsing, marker evaluation, and subclassing, while adding full type annotations and Python 3.14 compatibility.

KDE Gear 25.12.2: This update provides fixes for plasma users. Dolphin resolves crashes in header dragging and ensures context menu plugins reload on config changes, while Kdenlive stabilizes audio thumbnails, fixes monitor display glitches, and improves clip dragging and effect handling. KDE Connect enhances security with packet size limits and restores MDNS discovery. NeoChat addresses timeline rendering and crash issues around long reactions and pinned messages. Kitinerary adds support for SNCF TER barcodes and adapts to Poppler 26.02 and ZXing 3.0 API changes. KAlarm fixes hangs related to time zone recurrence calculations.

AppStream 1.1.2: This cross-distribution software package adds basic bash completion for the appstreamcli tool, improves validation by catching more cases of empty but present component properties, and updates internal build practices for better symbol visibility and translation handling. The CLI now prefers pkgcli over the legacy pkcon when available, aligning with modern package management trends. A test compatibility fix ensures stability with newer versions of libfyaml, while a temporary patch maintains support for older distributions.

Totem 43.2+git402.b8d8108e0: GNOME’s default video player reverts the app name back to Totem, updates metadata to reflect current capabilities, and switches from deprecated appdata to the standard metainfo format. The build system is overhauled; it now uses AppStream instead of appstream-glib, adopts Libpeas 2, and migrates to libsoup 3 in Flatpak builds. Legacy features like easy codec installation are removed as they’re no longer supported upstream, and outdated YouTube API keys were purged.

Poppler 26.01.0 and 26.02.0: The 26.02.0 update refines the Signature checking and increases its reliability when validating signed documents. Rendering of PDFs using the CalGray color space is improved and crash fixes for malformed documents were made. With the 26.01.0 update, uers benefit from better digital signature compatibility, improved handling of annotation icons, and additional blending modes that enhance rendering accuracy—especially in edge cases. Tools like pdfinfo now expose alternative text in structured output, and Qt applications gain improved reading order control for extracted text.

Key Package Updates

Linux kernel 6.18.9 to 6.19.3:: The Linux kernel 6.19 brings enhanced hardware support and introduces a new listns() system call for namespace enumeration and more. The 6.19.3 update patches the QLA2xxx SCSI driver to prevent a double-free crash. The f2fs filesystem receives significant attention, with fixes for use-after-free conditions, out-of-bounds sysfs access, swapfile block mapping errors, checkpoint flag inconsistencies, and improved support for non-4KB block sizes. USB serial support is expanded, and on the graphics side, Intel i915 ALPM display fixes are included. Architecture-specific improvements include a KASAN rework for LoongArch systems and a display graph correction for ARM64 MediaTek MT8183 devices. The 6.19.2 update resolves multiple use-after-free vulnerabilities in XFS, EROFS, and HFS, prevents crashes in SMB client/server due to credit management bugs, and hardens Bluetooth and Wi-Fi drivers with new device IDs and memory safety fixes. Prior to the 6.19.3 fix, QLA2xxx SCSI driver gained better error recovery for tape devices and avoided crashes during module unload. The crypto subsystems (IAA, Octeon, Virtio) are patched for out-of-bounds access and race conditions. A reverted change in the driver core restores expected device-matching behavior.

iproute2 6.19: This update brings new networking capabilities relevant to Tumbleweed users. The devlink subsystem gains support for burst period configuration on health reporters and 64-bit parameters, improving network device diagnostics and flexibility. The generic netlink utility (genl) now supports JSON output to make it easier to script and parse network configuration data. MPTCP introduces laminar endpoint support, refining multipath TCP connection handling. Finally, iplink_can adds initial support CAN XL (Controller Area Network Extended Length) for high-speed automotive and industrial networks.

GRUB2 2.14: This update adds Boot Loader Specification (BLS) and Unified Kernel Image support, which enables a more standardized Linux boot workflows especially for immutable systems like MicroOS. Security is strengthened with TPM2 key protector support, Argon2 KDF, NX protection on EFI, and Appended Signature Secure Boot for PowerPC. New filesystem capabilities include EROFS, LVM integrity/cache volumes, and the ability to store GRUB’s environment block inside Btrfs headers. The release also fixes a sporadic boot failure in BLS setups and extends date handling beyond the year 2038.

systemd 258.3: This update resolves a logind regression that broke session tracking, improves isolation behavior by correctly preserving triggered units only when their dependencies are active, and enhances Btrfs support with nodatacow subvolume handling. The release removes outdated workarounds, drops legacy System V init compatibility, and refines PAM integration to avoid conflicts with network user directories like SSSD. Security-related Polkit actions are now properly validated, and soft-reboot reliability is improved with explicit TTY switching.

btrfsprogs 6.19: This update brings a notable default change where mkfs.btrfs now enables the block-group-tree feature by default, which speeds up mount times on large filesystems. Users needing backward compatibility with older kernels can disable it with -O ^bgt. Filesystem creation is also faster thanks to optimized initial device discard ordering. The btrfs check tool gains new repair capabilities and has a fix for DUP profile on mixed zoned devices to ensure correct write pointer tracking. On the experimental side, initial support for a remap tree (a new logical-to-logical mapping layer expected when Linux kernel 7.0 is introduced.

Mesa 26.0.1: This first minor release resolves regressions in popular games like Genshin Impact, Tekken 8, Civilization VII, and Killer7. Vulkan drivers see improvements with RADV fixes and GPU hangs. Compiler and NIR infrastructure fixes prevent crashes and miscompilations while Asahi, PanVK, and Turnip receive stability patches.

GVFS 1.58.1: This update improves reliability and resource usage in GNOME’s virtual filesystem layer. It fixes the track duration for the last audio CD track on certain media, resolves build failures when Google integration is disabled, and patches some memory leaks that could affect long-running file operations.

Python 3.13.12: This release patches multiple critical vulnerabilities that could lead to header injection, cookie smuggling, or arbitrary code execution. The update blocks control characters in http.cookies, wsgiref.headers, and data:. It hardens email header serialization against unsafe folding. Beyond security, it fixes crashes in ctypes, tkinter, pickle, and multiprocessing, which includes a forkserver regression that broke sys.argv.

UPower 1.91.1: This update improves the prevention of crashes from NULL GError handling, and correcting invalid ACPI-reported battery capacity values. It enhances battery calibration logic by skipping critical power actions during recalibration. The capacity_level and luminosity properties are now deprecated. Additionally, battery history tracking now includes voltage data that enables better diagnostics and power analytics.

libsoup 3.6.6: This update resolves numerous CVEs, addresses issues across WebSocket handling, header parsing, and multipart processing. Key fixes include an out-of-bounds read in WebSocket frame processing, a heap-use-after-free from double-finishing queue items, and a crash in digest authentication. The release also sanitizes Content-Disposition filenames, validates URIs more strictly, and ensures headers from untrusted sources are always checked—closing avenues for smuggling or injection attacks. Numerous memory leaks and a potential deadlock during initialization are resolved and improve stability for applications like GNOME Software, WebKitGTK, and REST clients.

Security Updates

freerdp 3.22.0:

CVE-2026-24682: A fix for a heap-buffer-overflow could let a remote RDP server crash the client or corrupt memory.
CVE-2026-24683: This fixes input event handling that may allow a malicious RDP server to crash the client or execute code.
CVE-2026-24676: A fix that could let a malicious server crash or compromise the client.
CVE-2026-24677: This fixes a heap buffer overflow path that could allow a malicious server to crash or corrupt a client.
CVE-2026-24678: This fixes a CVE that could allow a malicious server to crash or exploit the client.
CVE-2026-24684: Fixes an exploit that could lead to a hostile RDP server crash or compromise the client.
CVE-2026-24679: Fixes a heap buffer overflow that could lead to a server potentially crashing or exploiting the client.
CVE-2026-24681: Fixes a USB bulk transfer code that may crash the server or compromise the client.
CVE-2026-24675: Fixes an exploit that could lead to a hostile RDP server crash or compromise the client.
CVE-2026-24491: Fixes an exploit that could lead to a hostile RDP server crash or compromise the client.
CVE-2026-24680: Fixes a pointer update function, enabling a malicious server to crash or corrupt the client.

python-pip 26.0.1:

CVE-2025-14576: A vulnerability may incorrectly treat keychain credentials as valid even when they should not be accepted, which could risk disclosure or misuse of stored credentials.

openssl-3:

CVE-2026-22795: Fixes a NULL pointer dereference that could potentially leading to a denial of service.
CVE-2025-69420: Fixes a type confusion vulnerability that causes a NULL pointer dereference and potentially leads to denial of service.
CVE-2025-69421: Fixes a function when processing a malformed PKCS#12 file that could potentially lead to a crash.
CVE-2025-69419: An out-of-bounds write is fixed that could potentially compromise data integrity or cause a crash.
CVE-2025-66199: A resource exhaustion vulnerability that may have allowed for excessive memory allocation and potentially led to denial of service.
CVE-2025-68160: Fixes an out-of-bounds write potentially causing memory corruption or a crash.
CVE-2025-69418: A flaw was fixed for inputs that could leave trailing bytes unencrypted and unauthenticated on hardware-accelerated platforms.
CVE-2025-15469: Fixes a flaw that could have left trailing data unauthenticated.
CVE-2025-15467: A critical stack buffer overflow was fixed in which parsing could enable pre-authentication remote code execution.
CVE-2025-11187: Fixes a stack buffer overflow or crash.
CVE-2025-15468: Fixes a NULL pointer that could potentially cause a denial of service.
CVE-2025-9230: A patch was added fixing an out-of-bounds read and write that could compromise encryption and potentially lead to denial of service or code execution.
CVE-2025-9231: Fixes a timing side-channel that could potentially allow remote recovery of the private key.
CVE-2025-9232: Fixes an out-of-bounds read for IPv6 address potentially causing a crash.

Python 3.13.12:

CVE-2025-11468: This fixes a header-injection flaw in Python’s email header folding logic.
CVE-2026-0672: This fixes a header injection vulnerability.
CVE-2026-0865: A Python HTTP header injection flaw was fixed that could lead to inappropriately HTTP responses.
CVE-2025-15366: This fixes a command-injection issue where newline-containing user commands can inject additional commands into an IMAP session.
CVE-2025-15282: An HTTP response splitting vulnerability was fixed that could allow injecting headers into responses.
CVE-2025-15367: Fixes a POP3 command injection flaw that can be interpreted as extra commands by the server.
CVE-2025-12781: Fixes a base64 decoding anomaly where the b64decode() functions may accept certain characters regardless of expected alphabet settings and this could potentially cause data integrity issues.

busybox:

CVE-2026-26158: Fixes a vulnerability that can be triggered by a malicious guest and potentially allows memory corruption or a crash in the host process.

libsoup 3.0:

CVE-2025-32049: Fixes a flaw with WebSocket handling where accepting very large WebSocket messages can trigger excessive memory allocation and lead to a denial-of-service crash.
CVE-2026-2443: Fixes an out-of-bounds read vulnerability that could have potentially exposed portions of server memory beyond the intended response.
CVE-2026-2369: Fixes a memory-handling issue that could have caused an application-level denial of service.
CVE-2026-1536: Fixes a header injection flaw that can lead to HTTP header injection or response splitting.
CVE-2026-1761: This fixes a stack-based buffer overflow that may lead to memory corruption or crashes when parsing crafted responses.

expat 2.7.4:

CVE-2025-68615: This fixes a buffer overflow causing the daemon to crash.
CVE-2024-47191: This fixes a flaw that could allow for enabling a privileged file overwrite and potential escalation if improperly configured.

qemu:

CVE-2026-0665: A fix that could have lead to a malicious guest causing out-of-bounds memory access in the host.

net‑snmp 5.9.5.2:

CVE-2025-68615: Fixes a buffer overflow from crafted SNMP packets that can crash the service.

oath‑toolkit 2.6.14:

CVE-2024-47191: This fixes a flaw that may have allowed for the enabling of a privileged file overwrite and lead to a potential escalation if improperly configured.

Users are advised to update to the latest versions to mitigate these vulnerabilities.

Conclusion

This was a security-heavy month for Tumbleweed as major fixes landed across OpenSSL, FreeRDP, libsoup, and Python. Beyond security, the KDE stack received meaningful change with Plasma 6.6 and Frameworks 6.23.0, the kernel jumped to 6.19 expanded hardware and filesystem capabilities, and GRUB2 2.14 modernized the boot process. Tumbleweed users are well-served by keeping their systems up to date this month.

Slowroll Arrivals

Please note that these updates also apply to Slowroll and arrive between an average of 5 to 10 days after being released in Tumbleweed snapshot. This monthly approach has been consistent for many months, ensuring stability and timely enhancements for users. Updated packages for Slowroll are regularly published in emails on openSUSE Factory mailing list.

Contributing to openSUSE Tumbleweed

Stay updated with the latest snapshots by subscribing to the openSUSE Factory mailing list. For those Tumbleweed users who want to contribute or want to engage with detailed technological discussions, subscribe to the openSUSE Factory mailing list . The openSUSE team encourages users to continue participating through bug reports, feature suggestions and discussions.

Your contributions and feedback make openSUSE Tumbleweed better with every update. Whether reporting bugs, suggesting features, or participating in community discussions, your involvement is highly valued.

Voting Is Now Open for the openSUSE Board Election 2025

admin@opensuse.org (Lubos Kocman) — Sun, 01 Mar 2026 17:00:00 +0000

Voting for the 2025 openSUSE Board election starts today.

All openSUSE Members have the right to vote and should have received their personal ballot link by email yesterday. Please check your inbox (and your spam folder, just in case) and take a few minutes to cast your vote.

This year we are electing two Board seats, currently held by Simon Lees and Shawn W Dunn. Both Simon and Shawn have stepped forward and are seeking re-election. Joining them on the ballot are Ihno Krumreich and Soc Virnyl Estela.

Voting is open from March 1 until March 8, and we plan to announce the results on March 9.

Full details about the election process can be found here.

Although voting is taking place in 2026, this is officially the 2025 openSUSE Board Election due to a delayed start of the election cycle.

Meet the Candidates

Four members of our community have stepped forward to stand for election this year.

From left to right on the top picture: Shawn W Dunn, Simon Lees, Soc Virnyl Estela, Ihno Krumreich.

In addition to their individual platforms, Luboš Kocman asked all candidates two questions:

1. What is your opinion on the new governance proposal initiated by Jeff Mahoney, and how can the project help ensure the success of the proposed committees?

2. Do you plan to attend openSUSE Conference 2026 in person?

Below is a short overview of each candidate, along with links to their platforms and responses.

Ihno Krumreich (bigiron)

Ihno was nominated by Sarah Julia Kriesch, who described him as a knowledgeable and trusted member of the openSUSE community and part of the openSUSE zSystems Team. She highlighted his openness, experience, and ability to act as a bridge between SUSE and the broader openSUSE community.

The nomination can be read here.

Ihno recently retired after 25 years at SUSE, where he worked for more than 22 years as Project Manager for SUSE Linux Enterprise Server (SLES) for System z. His long experience with enterprise Linux and large-scale development brings deep historical and organizational insight to the project.

The questions addressed to Ihno can be found here.

Shawn W Dunn (sfalken)

Shawn has served on the openSUSE Board since 2024 and is seeking re-election.

In his candidacy announcement, he outlined several ongoing efforts he would like to continue supporting, including governance discussions, moderation policy alignment, questions about the project’s legal status, and representing the community during the transition to a git-based packaging and maintenance workflow.

More about Shawn and his background can be found here.

His responses to the governance and oSC2026 questions can be found here.

Simon Lees (simotek)

Simon has been part of the openSUSE community for more than 15 years and has served multiple terms on the Board. He is also running for re-election.

Simon has expressed strong support for the governance proposal, describing it as an important step toward empowering committees and enabling more contributors to take initiative. He emphasized the importance of trust in newly formed groups and clearer contribution pathways for community members.

His full platform is available here.

His responses to the governance and conference questions can be found here.

Soc Virnyl Estela (uncomfyhalomacro)

Soc, also known as uncomfyhalomacro, is a self-taught developer who began contributing to open source in 2019. He holds a degree in Biology (Major in Microbiology) and contributes to openSUSE as a packager and developer.

He maintains obs-service-cargo and roast, tools that help automate Rust software packaging in the openSUSE Build Service.

Soc views the governance proposal as an opportunity to diversify leadership and distribute responsibilities through new committees. He describes governance as something that evolves through change and experimentation.

His platform can be found here.

His responses to the governance and conference questions can be found here.

If you are an openSUSE Member, please participate and cast your vote before March 8. If you are an active openSUSE member and haven’t received email with subject openSUSE 2025 Board Election please reach out to Election officials.

Serving on the Board is not an easy task. It requires commitment, thoughtful decision-making, and a steady hand during times of change. We truly appreciate the courage and dedication of all candidates who stepped forward, and we wish them the very best.

Lubos Kocman on behalf
of The Board Election Committee
election-officials@lists.opensuse.org

Planet News Roundup

admin@opensuse.org (Douglas DeMaio) — Thu, 26 Feb 2026 07:00:00 +0000

This is a roundup of articles from the openSUSE community listed on planet.opensuse.org.

The community blog feed aggregator lists the featured highlights below from Feb. 20 to 26.

Blogs this week highlight music and Saloons to NVIDIA GPUs and a Git workshop. Blogs also highlight Ubuntu and openSUSE installs on the HP Z2 Mini, KDE Plasma and Krita releases, syslog-ng 4.11’s new features, and openSUSE Tumbleweed’s latest snapshot updates.

Here is a summary and links for each post:

New Toy: Installing Ubuntu on the HP Z2 Mini

Peter Czánik’s Blog revisits and expands on a prior blog covered below about installing Ubuntu 24.04 as an officially supported Linux distribution for the Ryzen AI Max+ PRO 395-powered HP Z2 Mini workstation. The 24.04 installer failed to run—while Ubuntu 25.10 installed successfully even from an openSUSE-branded USB stick.

How to Configure KDE Plasma’s “Only Icons” Taskbar Behavior

The KDE Blog explains how to switch the Plasma task manager to “Icons Only” mode for a minimalist desktop layout that displays application icons without window titles or progress indicators. The tutorial walks users through right-clicking the task manager panel, accessing Task Manager Settings, and selecting the “Icons Only” option under the Display Style dropdown.

Version 4.11.0 of syslog-ng Is Now Available

Peter Czánik’s Blog announces the release of syslog-ng 4.11.0 that now enables bidirectional integration with Kafka pipelines. The update introduces Elasticsearch/OpenSearch data stream support, OAuth2 authentication for cloud destinations including gRPC-based modules, load-balancer failover functionality, and more. Fedora 44/Rawhide and openSUSE Tumbleweed updates are expected shortly as the project maintains its commitment to broad platform accessibility.

Krita 5.3 and Krita 6.0 Betas Released

The KDE Blog announces the second beta releases of both Krita 5.3.0 and Krita 6.0.0, which features a completely rewritten text tool with direct canvas editing and OpenType support plus a new knife tool for splitting vector objects in the 5.3 branch. The 6.0 beta introduces foundational Qt6 migration with native Wayland support including color management, fractional scaling, and HDR on Linux.

First Update for Plasma 6.6 Released

The KDE Blog reports that the KDE Community delivered the first bugfix update for Plasma 6.6 one week after its release. The update builds upon Plasma 6.6’s flagship features including OCR text extraction in Spectacle, the redesigned Plasma Keyboard for touch devices, Plasma Setup assistant for post-install configuration and more.

New toy: Installing openSUSE Tumbleweed on the HP Z2 Mini

Peter Czánik’s Blog details his successful installation of openSUSE Tumbleweed on the compact HP Z2 Mini AI workstation after Ubuntu 24.04’s installer crashed and the machine’s finicky USB boot support rejected older flash drives, which requires a USB-C stick and BIOS adjustments including Secure Boot disablement before Linux would install. The Tumbleweed installer with its classic YaST interface worked flawlessly on the AMD Ryzen AI Max+ PRO 395 hardware, though an unexpected snag emerged post-installation when GRUB2-BLS.

Git Workshop: The Premier Libre Collaboration Tool at LliureJam 2026 Valencia

The KDE Blog covers a Git workshop held at the LliureJAM 2026 event in Valencia, where participants learned about Git as a key free and collaborative version-control tool. The session taught fundamentals for software development, game creation, and documentation management. It was preceded by an install party offering GNU/Linux installation assistance, ad-blocking setup for mobile devices, and guidance on libre social networks.

Free Software Could Change the World of AI Music Overnight

The Assunto Nerd Blog discusses how open-source software is rapidly reshaping the landscape of AI-driven music generation. It highlights how combining open-source models like ACE-Step-1.5 with intuitive frontends such as ACE-Step UI, which allows users to generate full songs in seconds on consumer GPUs.

3 Native FPS Games for Linux

The KDE Blog highlights three free, open-source first-person shooters games available natively on Linux via Flathub. Total Chaos, Wolfenstein: Blade of Agony and The AMC Squad. All three titles offer substantial single-player campaigns with character progression systems while adhering to libre software principles.

Linux Saloon 188 | MX Linux 25.1 Distribution Exploration

The CubicleNate Blog highlights episode 188 of Linux Saloon. The discussion covered MX Linux’s unique positioning between traditional Debian stability and modern usability features, which includes MX Tools for system maintenance, snapshot capabilities via Timeshift, and seamless migration paths for former Windows users seeking a gentle Linux introduction. Participants also debated the distribution’s community-driven governance model and its pragmatic approach to balancing legacy hardware support with contemporary desktop expectations.

Installation of NVIDIA drivers on openSUSE and SLE (G07)

Stefan’s Blog explains how to install the G07 NVIDIA drivers on openSUSE and SUSE Linux Enterprise, which covers both the Open and CUDA repository methods. Users on Tumbleweed, Leap 15.6/16.0, and all current SLE versions must continue using G06 drivers until G07 packages complete QA and become available through official update channels.

Plasma 6.6 Is Here – This Week in Plasma

The KDE Blog covers the official release of Plasma 6.6. The update delivers practical workflow enhancements including per-application volume control via task manager hover, emoji skin tone selection, QR code Wi‑Fi scanning, customizable global themes with automatic day/night switching, and four colorblind accessibility filters including a new grayscale mode. It also introduces smoother high-refresh-rate animations, expanded Wayland accessibility support, flexible virtual desktop options, and gaming improvements.

Librsvg Got Its First AI Slop Pull Request

The Federico’s Blog reports that the librsvg project received two so-called “AI slop” pull request on GitHub despite its code being developed in gitlab.gnome.org with the README warning not to send PRs to GitHub. Both PRs were closed by the submitter within minutes of creation. The author reported the submissions as spam.

openSUSE Tumbleweed Weekly Review – Week 8 of 2026

Victorhck and dimstar report on the six snapshots there were delivered. The review highlights updates including KDE Plasma 6.6’s official arrival in the repository, Mesa 26.0.0 final release, and glibc 2.43 integration—marking major milestones for graphics performance, desktop experience, and core system libraries.

What Windows Doesn’t Let You Do But Linux Does

introduces a video and discussion about capabilities that Linux offers which Windows typically restricts or complicates, aimed at users reconsidering Windows as support ends. The article highlights practical examples like replacing display servers, customizing window management behaviors down to the pixel level, packaging applications in multiple formats without vendor lock-in, and maintaining full control over when and how system updates are applied.

View more blogs or learn to publish your own on planet.opensuse.org.

Planet News Roundup

admin@opensuse.org (Douglas DeMaio) — Fri, 20 Feb 2026 07:00:00 +0000

This is a roundup of articles from the openSUSE community listed on planet.opensuse.org.

The community blog feed aggregator lists the featured highlights below from Feb. 13 to 19.

Blogs this week highlight several blog posts ranging from Linux Kernel CVEs to a collaborative Markdown editor. Blogs also highlights openSUSE elections and Leap 16.0 cloud images. Other blogs focus on building a self-hosted fintech solution and video AI going viral.

Here is a summary and links for each post:

Community Refines Git Packaging Workflow – openSUSE News

The openSUSE News site reports that contributors and developers gathered to refine the Git-based packaging workflow for Leap 16 and how updating package changes are proposed and managed across the project. The discussion emphasized adopting Git as the exclusive version control system, using pull requests for changes, and standardizing workflows to improve transparency and collaboration. Tumbleweed’s migration to a git workflow still requires additional work.

Reverting a Software Package to a Previous Version in openSUSE Tumbleweed

Victorhck explains how without the use of the Brtfs file system, he found a solution to safely roll back individual packages. The post describes finding an older RPM from the Tumbleweed snapshot history, installing it with zypper --oldpackage, and locking it to prevent immediate re-updates until a fix arrives. Practical tips include handling dependency conflicts and later removing the lock once an updated package fixes the issue.

Community Advances Governance Proposal After Virtual Meeting

The openSUSE News site reports that community members convened to refine a draft governance structure featuring four key bodies. The proposal—hosted as a living document on GitLab helps to formalize the draft proposal into a formal governance framework that can be voted on by those with openSUSE membership.

New Toy in the House for AI, Gaming, Linux, Windows and FreeBSD

Peter Czánik’s blog introduces a compact HP Z2 Mini workstation powered by AMD’s Ryzen AI Max+ PRO 395 chip and 128 GB RAM, acquired for local AI experimentation, Kubernetes cluster testing, home server duties, photo editing with Capture One Pro, and occasional gaming, which is all done within a footprint barely larger than a book. The plan is to install multiple operating systems including his primary desktop choice openSUSE, Fedora (to leverage AMD-specific AI acceleration features), and FreeBSD 15 for both server and desktop evaluation.

UDP Reliability Improved in syslog-ng Debian Packaging – Peter Czanik

Peter Czánik blogs about the improvements to UDP log collection reliability in the syslog-ng Debian packaging ahead of the upcoming 4.11.0 release. The enhancement leverages Linux’s eBPF capabilities to reduce packet loss during high-volume UDP traffic, which can be a common pain point for syslog-ng deployments relying on the widely used transport protocol.

Post-mortem: Service Degradation in OBS

The Open Build Service blog post reports on service degradations that affected the build infrastructure between Feb. 15 and 18. The post-mortem outlines the technical factors behind the instability, the remediation steps taken to restore full service reliability, and the preventive measures implemented to avoid a recurrence.

Introducing pass-exporter – Export your passwords from pass to Bitwarden CSV format

foursixnine introduces pass-exporter, which is a simple tool for extracting passwords stored with the pass password manager into a CSV format compatible with Bitwarden. The post explains how to export your GPG-encrypted keys and then run the tool to generate a pass_exported_passwords.csv that Bitwarden can import.

Protect Your Framework Laptop 13 — Why Bumpers Matter

CubicleNate explains why adding bumpers to a Framework Laptop 13 can help protect it from drops and daily wear. The post discusses how lightweight protective bumpers absorb shock without adding bulk and help to preserve the laptop’s modular design and repair-friendly design philosophy.

Building Self-Hosted Trading Infrastructure on openSUSE

The openSUSE News team explores how modern Linux systems like openSUSE are well-suited for running autonomous, self-hosting fintech trading infrastructure without depending on proprietary services. The article highlights using openSUSE to run reliable policy-driven trading agents with transparent, manageable configurations and logging through familiar tools like systemd. The setup leverages Node.js services controlled entirely through environment variables for indicators like RSI thresholds, trade fractions and more.

LliureJam 2026 Comes to Valencia Hosted by GNU/Linux Valencia and Hackerspace VLC

The KDE Blog announces the upcoming hackathon and community gathering in Valencia, Spain. The event will bring together developers, enthusiasts, and KDE contributors for hands-on coding sessions, workshops, and discussions focused on libre software development and community building in the Valencian region.

openSUSE Leap 16.0 Now Available on Google Cloud Platform

Ish reports that openSUSE Leap 16.0 is now offered as a public image on Google Cloud Platform with both x86_64 and Arm64 architectures available for Compute Engine instances launched directly from the GCP Console. However, the Google Cloud Ops Agent for monitoring and logging remains unsupported due to a repository mismatch—the installation script incorrectly identifies Leap 16.0 as SLES 16 and attempts to access a non-existent sles16 package repository, leaving users unable to leverage automated observability tooling.

Seedance 2.0: ByteDance’s Video AI Goes Viral and Triggers Hollywood Concerns

Assunto Nerd reports on ByteDance’s Seedance 2.0, a multimodal AI video generator that creates hyper-realistic 15-second cinematic clips from simple text prompts and has gone viral in China with millions of views for AI-generated scenes featuring celebrities and fictional characters. It also highlights how Hollywood studios and unions are sounding alarms over potential copyright violations and unauthorized use of actors’ likenesses.

Plasma 6.6 Released: KDE’s Latest Desktop Environment Update

The KDE Blog announces release of Plasma 6.6 and features major usability enhancements including OCR text extraction in Spectacle screenshots, a redesigned on-screen Plasma Keyboard for touch devices, and a new Plasma Setup assistant for streamlined user account and network configuration outside the installer. The update introduces practical workflow improvements like per-application volume control via task manager hover, emoji skin tone selection, QR code Wi-Fi scanning and more.

KDE Frameworks 6.23: Stability Updates and Dialog Improvements

The KDE Blog reports on the release of KDE Frameworks 6.23.0. The update continues KDE’s monthly release cadence for its foundational libraries, providing developers with refined APIs and end users with smoother file operations and more reliable core functionality. As part of the Frameworks 6 series built on Qt 6, this release paves the way for upcoming Plasma 6.6 features while maintaining backward compatibility for the entire KDE software ecosystem.

Call for Board Moves Forward: openSUSE Election Process Resumes

The openSUSE news site and Ish update followers about the nominations and candidacy for the regular openSUSE Board Elections. Voting is scheduled to begin March 1 to fill two open seats. Eligible openSUSE members can self-nominate through February 28 by emailing project@lists.opensuse.org and election-officials@lists.opensuse.org.

Linux CVE assignment process

Greg Kroah-Hartman’s Kernel Log explains how the Linux kernel CVE team automatically reviews and handles assigning CVE identifiers as its own CVE Numbering Authority. The blog emphasizes that most CVEs aren’t applicable to any single system and strongly recommends simply updating to the latest stable kernel rather than cherry-picking individual CVE fixes.

Free Study Cards with WordQuiz

KDE Blog introduces WordQuiz (KWordQuiz), a libre flashcard application from the KDE Education suite that helps users master vocabulary and terminology through an intuitive two-column editor and five distinct practice modes including flashcards, multiple choice, and fill-in-the-blank quizzes. The tool supports multiple vocabulary file formats. As part of KDE’s education-focused software collection, WordQuiz offers a privacy-respecting, offline-capable alternative to proprietary spaced-repetition tools for students and lifelong learners on Linux desktops.

Linux Saloon 187 | Open Mic Night

CubicleNate recaps the Linux Saloon 187, a two-hour open mic session. The post highlights lively conversations on topics such as home servers, using AI tools, rolling vs static distro relevance, and more. It also lists interesting project links and Strawpoll questions that encourage debate.

Final Preparations for Plasma 6.6 – This Week in Plasma

KDE Blog reports on the final polishing work for the upcoming KDE Plasma 6.6, with release expected within days of publication and packed with significant new features, UI refinements, and stability improvements. Highlights include unified HDR window appearance, a 50x performance boost when moving files to trash, seamless Samba sharing that auto-starts the required service, and numerous bug fixes for tiling behavior, monitor handling, and Wayland protocol workarounds.

Deskflow – Seamless Multi-Computer Control

CubicleNate introduces Deskflow, a tool for controlling multiple computers with a single keyboard and mouse. The post highlights Deskflow’s evolution and its improved support for modern Linux display servers, including seamless operation under Wayland. Nate highlights use cases like multi-device productivity and streamlining workflows for users working on several machines at once.

openSUSE Tumbleweed Weekly Review – Week 7 of 2026

Victorhck and dimstar report on the steady stream of updates for openSUSE Tumbleweed during the seventh week of 2026. The review covers five snapshots with notable package updates like systemd 258.3, Mesa 26.0.0 RC3, KDE Gear 25.12.2, and Firefox 147.0.3. It also previews upcoming improvements with future versions of libzypp, KDE Plasma 6.6, glibc 2.43, and the Linux kernel 6.19.0.

Mist: A Collaborative Real-Time Markdown Editor

Victorhck introduces Mist as a Markdown editor enabling real-time collaborative editing with multiple users simultaneously working on the same document. The tool includes useful collaboration features like inline comments, suggestion modes for proposed changes, and live Markdown rendering to preview formatting as you write.

The syslog-ng Insider 2026-02: stats-exporter; blank filter; Kafka source

Peter Czanik summarizes the February 2026 issue of the syslog-ng Insider newsletter. The post explains how the stats-exporter() now covers all functionality of syslog-ng-ctl, making Prometheus metrics collection more complete. It also introduces the new blank() filter for simpler configurations and provides a hands-on tutorial for testing the Kafka source by building the package from source.

What’s New in LibreOffice 26.2

The KDE Blog highlights the new LibreOffice 26.2 release, which brings improved Markdown import/export support and overall performance enhancements. The update also improves compatibility with Microsoft Office formats and adds refinements to usability across Writer, Calc, and other components.

View more blogs or learn to publish your own on planet.opensuse.org.

Community Refines Git Packaging Workflow

admin@opensuse.org (Douglas DeMaio) — Thu, 19 Feb 2026 16:00:00 +0000

Contributors and developers within openSUSE Project recently met to coordinate the Git-based packaging workflow for Leap 16 and discussed how the process applies to the Leap distribution going forward, but not to the rolling-release Tumbleweed, which still needs some work to transition.

The workflow, built on Gitea as the UI platform, represents a shift toward a more transparent, package-centric development. Architectural decisions documented by the project include adopting Git as the sole version control system, using pull requests for change management and standardizing workflows across repositories.

Package sources for all official distributions are hosted at src.opensuse.org/pool. Community packages use branches named leap-x.y, such as leap-16.0. Packages originating from SUSE Linux Enterprise, also known as SUSE Linux Framework One (SLFO), use slfo-main or versioned slfo-x.y branches. When both branch types exist for a package, contributors should work from the leap-x.y branch.

The project relies on several automations to manage the workflow. The workflow-pr bot handles pull request lifecycles, including reviews and merging. The workflow-direct bot synchronizes submodules when changes are pushed to trusted development projects. The obs-staging-bot creates isolated testing environments in the Open Build Service for end-to-end validation. Sources for the automations are available in AutoGits repository. They do not require special permissions to operate and generally operate as regular users in Gitea.

Contributors are encouraged to use standard tooling; the osc client for OBS interactions, git-lfs for handling large files, and obs-git-init for initializing new package repositories are useful. Metadata such as maintainer lists, workflow configurations and project settings are stored directly in Git project repositories, with the obs-scm-bridge service generating Open Build Service metadata on demand. The git-obs tool exists (part of osc package) as an interface to Gitea, including the ability to use any of Gitea’s APIs directly from the terminal.

For community-owned packages, the workflow involves forking the repository, making changes in the appropriate leap-x.y branch and submitting a pull request. Pull requests automatically link to build results for verification. Contributors testing changes before submission can use the osc fork command, which creates a personal branch while preserving OBS project structure.

Packages maintained by SUSE follow separate procedures due to certification requirements. However, public requests for changes to these packages should be submitted through the Leap feature tracker at code.opensuse.org. Submissions are reviewed weekly during Leap features meetings.

During the meeting, participants discussed challenges with the transition. One of the attendees noted the workflow may feel unfamiliar to long-time openSUSE contributors and raised a point about repository initialization and the complexity of replicating OBS frontend functionality through bots. Another attendeee requested clearer mapping between the legacy processes and the new Git-based approach.

A key contributor to the OBS infrastructure emphasized that the goal is to make workflows transparent and reproducible. He invited contributors to report issues directly, and noted that binary-identical builds should be achievable when source transformations are not involved.

Attendees at the meeting acknowledged the need for improved tooling to support coordinated updates across multiple packages.

The project is seeking community support to complete the migration of development projects to the Git-based workflow. Documentation for the git workflow is available at src.opensuse.org and feedback can be submitted via GitHub issues at github.com/openSUSE/openSUSE-git.

Known issues include limitations on pull requests between branches in the package pool for non-collaborators. Work is ongoing to improve staging workflows for Factory to eventually transition to a git workflow.

Find more information, visit the recently update Git Packaging Workflow wiki page.

Community Advances Governance Proposal After Virtual Meeting

admin@opensuse.org (Douglas DeMaio) — Thu, 19 Feb 2026 12:00:00 +0000

The openSUSE Project moved forward with a proposed governance structure following a virtual meeting yesterday that drew community members together for a discussion on advancing a leadership framework.

The session was productive with participants reviewing a draft proposal for governing bodies for the project; a Technical Steering Committee, a Community and Marketing Committee, representation of an Infrastructure Team and a Board.

The proposal is hosted on GitLab. It is designed as a living document that welcomes revision through community input.

The discussions during the meeting proposed that the Technical Steering Committee should begin with five members with a chair elected by the committee. The group would establish clear processes for reviewing and approving technical changes, drawing inspiration from Fedora’s FESCo model. Decisions for the TSC would use a voting system of +1 to approve, 0 for neutral, or -1 to block. A proposal passes without objection. A -1 vote would require a dedicated meeting, where a majority of attendees would decide the outcome. Objections must include a clear, documented rationale.

Discussions related to the Community and Marketing Committee would focus on outreach, advocacy, and community growth. It could also serve as an initial escalation point for disputes. If consensus cannot be reached at that level, matters would advance to the Board.

The Board’s role would center on representation, including coordination with SUSE, governance oversight, conflict mediation, and strategic guidance. Over time, its operational duties may narrow to function like a supervisory body, handling trademarks, budget approval, and final appeals when necessary.

Participants emphasized that cultivating a strong culture of maintainer responsibility remains essential and could be one of the more challenging aspects of bootstrapping a new structure.

Community members are encouraged to submit pull requests to refine the governance draft.

The document is available here. Organizers note that discussions should occur through proposed changes to the text.

No timeline for final adoption was announced. Project contributors will continue discussions through the GitLab repository and future community meetings.

Building Self-Hosted Trading Infrastructure on openSUSE

admin@opensuse.org (Douglas DeMaio) — Wed, 18 Feb 2026 13:00:00 +0000

Modern Linux systems are increasingly used to run autonomous, policy-driven services that operate continuously without user interaction. One example is a self-hosted trading agent running on openSUSE Tumbleweed, and can be run on other openSUSE flavors if desired.

There is no flashy interface, no proprietary cloud service, no opaque black box and no paid service that charges a monthly fee. Instead, the system runs reliably 24/7 continuously executing predefined policies in response to market signals.

The setup highlights the use of Linux distributions in the age of decentralized finance. Running autonomous and securely with minimal human intervention is a natural fit for Linux-based operating environments.

Unlike trading apps and services, this approach favors transparency. Configurations are easy. Logs are readable. Services are managed through systemd. When something goes wrong, administrators can inspect, roll back or fine-tune their system without surrendering control to closed platforms.

Open-source tooling allows users to deploy and audit their own automation logic without relying on proprietary platforms. A trading agent built on a development platform’s APIs allows anyone with a laptop or Raspberry Pi running openSUSE or other another Linux distribution to operate in 24-hour financial markets.

While this example focuses on trading logic, the architecture applies equally to other continuous workloads such as telemetry processing, monitoring systems, API polling services or data aggregation pipelines.

Trading logic implemented in these systems may adopt a conservative posture; however, this does not eliminate risk. Users reading this assume full responsibility for both market exposure and technical failure modes. This content does not constitute financial advice, but is only showing a use case for the technology available to Linux users.

The agent checks price data and calculates a desired indicator as well as other services. One indicator that can be used is the Relative Strength Index (RSI) of recent candles. When the RSI drops below a threshold, the agent considers buying a digital asset. When the RSI rises above an upper threshold, it considers selling that digital asset.

The example shown operates only in spot markets and avoids leverage.

The example given is not a high-frequency system. It is designed to run quietly, sometimes doing nothing at all.

Running the Agent on openSUSE

The trading agent runs as a standard Node.js service. On openSUSE, it is typically managed using a user-level systemd unit.

Starting the Agent manually:

sudo zypper in nodejs

node --max-old-space-size=8192 dist/bot.js

Running it as a background service:

systemctl --user enable --now jup-bot.service

Monitoring logs:

journalctl --user -u jup-bot.service -f

The approach works identical on Leap, Tumbleweed and MicroOS. MicroOS users can benefit from automatic rollback if a system update ever breaks the runtime.

One of the system’s defining characteristics is that all trading behavior is controlled through environment variables, not hard-coded values.

This makes experimentation safer and easier. Changes can be tested, reverted or tuned without recompiling the application.

Timing and Conditions

Defines how many candles are used for RSI calculation.

RSI_PERIOD=14

Fourteen is a common default for 15-minute charts and balances responsiveness with noise reduction. Shorter periods react faster but generate more signals, while longer periods smooth fluctuations and trade less frequently.

Buy and Sell

Define the thresholds that trigger trades.

RSI_BUY=30
RSI_SELL=70

Lowering the buy threshold makes buy signals more selective, reducing trade frequency. Raising the sell threshold delays exits, also reducing churn. Moving either threshold closer to the midpoint increases trading activity and sensitivity to price movement.

Fine-tuning on openSUSE

openSUSE users often fine-tune in stages rather than all at once.

A conservative configuration might look like:

TRADE_FRACTION=0.40
MIN_SOL_RESERVE=0.20
RSI_BUY=28
RSI_SELL=72
CHECK_INTERVAL_SECONDS=900
COOLDOWN_SECONDS=3600

A more aggressive configuration might look like:

TRADE_FRACTION=0.80
MIN_SOL_RESERVE=0.05
RSI_BUY=30
RSI_SELL=70
CHECK_INTERVAL_SECONDS=900
COOLDOWN_SECONDS=1800

Changes are applied simply by restarting the service.

This use case is not about digital assets or cryptocurrency; it is about demonstrating its use case in the space.

The distribution provides a foundation for autonomous, policy-driven systems that must run as programmed continuously, transparently and easily recover from failure. Whether the task is trading, data aggregation, monitoring or infrastructure automation, the same principles apply.

Running autonomous services on open systems reinforces transparency, recoverability and operational control. Whether the workload is trading, monitoring or automation, openSUSE provides the foundation.

Here are differentiators for each openSUSE flavor. Leap offers enterprise-grade stability for users who prefer slower change and long support cycles; plus there is the option to upgrade to SUSE Linux Enterprise Server for those who want it. Tumbleweed provides up-to-date kernels and libraries, ideal for developers working with fast-moving blockchain SDKs. MicroOS, with its transactional updates and immutable filesystem, is especially well-suited for unattended edge services where reliability and rollback matter more than manual tweaking.

The trading agent may be watching price charts, but the real story here is about control; who has it, how it is exercised, and whether users can see and understand the system they are using. On openSUSE, they can.

Have alot of fun!