Home Home > Tag > apparmor
Sign up | Login

Posts Tagged ‘apparmor’

Firefox, Graphene, Krita update in Tumbleweed

September 19th, 2019 by

Two openSUSE Tumbleweed snapshots were released this week.

The snapshots furnished the update for KDE Applications 19.08.1 and updated several libraries including Intel’s Graphene library OS.

Snapshot 20190917 delivered four packages. The Graphene package updated to 1.10.0 and now uses an ancillary library called (micro) µTest for its test suite, which makes possible to build and run the test suite without depending on GLib. Mozilla Firefox 69.0 provided Enhanced Tracking Protection (ETP) with stronger privacy protections and added support for receiving multiple video codecs to makes it easier for WebRTC conferencing services to mix video from different clients. The other two package updates in the snapshot were icecream 1.3, which takes compile jobs from a build and distributes it among remote machines allowing a parallel build, and the HTTP client/server library for GNOME libsoup 2.66.3. The update of  icecream 1.3 improved the speed of creating compiler tarballs. The snapshot is trending at a moderately stable rating of 87, according to the Tumbleweed snapshot reviewer.

The 20190916 snapshot finished the updates of KDE Applications 19.08.1, which were in the previous week’s snapshots. The 5.2.14 version of the Linux Kernel had some fixes for Ceph buffers and Advanced Linux Sound Architecture. The graphics editor written in Qt, Krita 4.2.6 had several fixes and added a new layer from visible to layer right-click context menu. Among the most key libraries updated in the snapshot were an update to glib2 2.60.7, which fixed more than a handful of bugs; libvirt 5.7.0, which added apparmor-abstractions as a required package for daemon; and gtk3 3.24.11, which added Wayland support for xdg-output v3 and has improved the monitoring of metadata with X11. The User Interface manager for GTK, amtk updated it’s first five series minor release to 5.0.1 that fixed a small new compilation warning. Rendering engine webkit2gtk3 2.26.0 added support for HSTS (HTTP Strict Transport Security). The only major release to come in the snapshot was perl-HTML-Clean  1.2 from version 0.9. Other notable packages updated in the snapshot were flatpak-builder 1.0.8, texinfo 6.6 and virtualbox 6.0.12 that fixed a potential crash when using the medium Input/Output functionality of VBoxManage. The snapshot is trending at a moderately stable rating of 80, according to the Tumbleweed snapshot reviewer.

LibreOffice, php, GTK Packages Updated in Tumbleweed

January 31st, 2019 by

Three openSUSE Tumbleweed snapshots were released this week.

The three snapshots delivered new versions of php7, poppler, gtk3 and LibreOffice. The first snapshot of the week completed all the package upgrades for KDE Applications, which began showing up in last week’s snapshots.

The most recent snapshot, 20190126, brought libreoffice 6.2.0.3, which added a patch to build with java-11.2; the new version also includes a patch submitted last week that has the basic rendering of organizational charts with LibreOffice’s SmartArt objects. There were plenty of security fixes made with java-11-openjdk 11.0.2.0 to include improved JPEG processing and web server connections. The jump from btrfsprogs 4.19.1 to 4.20.1 brought a new metadata Universally Unique Identifier (UUID) feature and a lightweight change of the UUID without rewriting all metadata became available in the newest version. There was a fix for GVariant tests on the P6 microarchitecture i686 with the update of glib2 2.58.3. The newest version of gnome-builder, 3.30.3, now uses –frame and –thread with the GNU Project debugger. Widget toolkit gtk3 3.24.4 had a few fixes for Wayland and updated translations. GNOME’s mobile-broadband-provider-info package was updated after almost two-years to the 20190116 version; the package provides mobile broadband settings for various service provider and a prepaid feature for Iliad telecommunications in Italy help trigger the updated version. Several bug fixes were made with the php7 7.3.1, which included a timevalue change for the curl_getinfo transfer. Significant changes were made in both poppler and poppler-qt5 0.72.0 to avoid cycles in PDF parsing and memory leak, respectively. Other packages updated in the snapshot worth noting were snapper  0.8.2, wicked and YaST.

Snapshot 20190125 only brought a handful of updated packages. The email, contacts and calendar server package cyrus-imapd  2.4.20 provided a fix for crash and a fix for a configured socket path is too long for its buffer. The package without a description, python-xcffib 0.6.0, was updated. The qpdf  8.3.0 and yast2-schema 4.1.1 packages were updated in the snapshot. Attackers can be thwarted with the upgrade of distributed messaging package zeromq 4.3.1.

Snapshot 20190124 completed all the package upgrades for KDE’s Applications 18.12.1, which offers about 20 bug fixes. Tumbleweed started the week with an upgrade of the Linux Kernel to 4.20.2. Indonesian and Spanish translations were updated with the libstorage-ng 4.1.78 update. The package for tracking mission-critical IT infrastructure, nagios 4.4.3, had more than a dozen fixes with one of those fixing a make error when building on the aarch64 architecture. The lightweight Music Player pragha 1.3.99 added a new visualizer plugin and remote desktop client remmina 1.3.0 added language detection and removed deprecated floating toolbar. A long list of changes were made with python-kiwi 9.17.1 package and yast2 packages had several changes for the network, firewall and apparmor packages.

Snapshot 20190124 recorded an unstable rating of 70, according to the Tumbleweed snapshot reviewer. Snapshot 20190125 is trending as moderately stable with a rating of 77 and snapshot 20190126 is trending as stable with a current rating of 88.

Tumbleweed Starts Year with New Plasma, Applications, VIM, curl

January 18th, 2019 by

This new year has brought several updated packages to users of openSUSE’s rolling release Tumbleweed.

Three snapshots have been released in 2019 so far and among the packages updated in the snapshots are KDE’s Plasma, VIM, RE2, QEMU and curl.

The 20190112 snapshot brought a little more than a handful of packages. The new upstream Long-Term-Support version of nodejs10 10.15.0 addressed some timing vulnerabilities, updated a dependency with an upgrade to OpenSSL 1.1.0j and the versional also has a 40-seconds timeout that is now applied to servers receiving HTTP headers. The changelog listed several fixes for the highly configurable text editor with vim 8.1.0687, which should now be able to be built with Ruby 2.6.0 that was released at the end of December. Google’s re2 20190101 offered some performance tweaks and bug fixes. The fast real-time compression algorithm of zstd 1.3.8 has better decompression speed on large files. There was a change in the yast2-firewall package, which arrived in the the 20190110 snapshot, that allows new ‘forward_ports’, ‘rich_rules’ and ‘source_ports’ elements in zone entries with yast2-schema 4.1.0.

KDE’s Plasma 5.14.5 arrived in snapshot 20190110; the update fixed the max cache limit for Plasma addons and there were updates for Breeze GTK, Discover, KWin, Plasma Workspace, Powerdevil and more. The Intel tool that provides powersaving modes in userspace, kernel and hardware, powertop 2.10, enabled support for Intel GLK, which was formerly known as Gemini Lake, and support for Intel CNL-U/Y. The geolocations services package geoclue2 2.5.2 had a change that allow multiple clients on the same D-Bus connection and adds an application programming interface (API) for it, which was mainly done for the Flatpak location portal. The IRC client irssi 1.1.2 had multiple fixes and synced a new script. GNOME’s jhbuild 3.28.0 enabled a build of libosinfo tests. Translations were update for Czech with libstorage-ng 4.1.75 through Weblate and several YaST packages were updated, including yast2 4.1.48 and yast2-multipath 4.1.1, which had a fix for the use of a random file name.

The first snapshot of the year was extremely huge. Snapshot 20190108 updated more than a hundred packages. KDE’s Application 18.12.0 were updated and it brought more than 140 bugs fixes for applications like Kontact Suite, Cantor, Dolphin, Gwenview, KmPlot, Okular, Spectacle, Umbrello and more. The update of curl 7.63.0 had a fix for IPv6 numeral address parser along with several other fixes and a support session resume with TLS 1.3 protocol via OpenSSL. Apparmor 2.13.2 fixed a syntax error in rc.apparmor.functions, which could cause policy load failures. The Linux Kernel 4.19.12 was in the first snapshot of the year and should move closer to the latest stable version in the coming weeks. Various fixes and compatibility tweaks were made with the update of libreoffice 6.1.4.2, which removed some patches. The compression format package brotli 1.0.7 now has faster decoding on ARM. The newest version of claws-mail 3.17.3, added support for TLS Server Name Indication (SNI), which enables the sending of a hostname, if available, to the server so that it can select the appropriate certificate for a domain; this is useful for servers that host multiple domains on the same IP address. Other noteworthy updates were  Python-setuptools 40.6.3, qemu 3.1.0 and squid 4.5.

All snapshots have either logged or are treading as moderately stable with a rating of 83 or above, according to the Tumbleweed snapshot reviewer. There are more than 300 packages in staging that will likely be released in several snapshots over the coming weeks.

Tumbleweed Rolls with Package Updates of Git, Virtualbox, OpenSSH

December 6th, 2018 by

openSUSE’s rolling release Tumbleweed had a total of five snapshots this week and is preparing for an update to the KDE Plasma 5.14.4 packages in forthcoming snapshots.

The five Tumbleweed snapshots this week brought the 5.19.5 Linux Kernel, which was the only package updated in the 20181130 snapshot. The kernel-source 4.19.5 package added a force option for the pciserial device for x86 architecture and fixed HiperSockets sniffer for s390 architecture.

The most recently released snapshot, 20181204, had more than a dozen packages updated. GNOME’s application for manage their Flickr image hosting accounts, frogr 1.5, fixed issues with the content and installation of the AppData file and moved the functionality menu. GNOME’s goffice had a version bump to 0.10.44. Various rubygem packages were updated and the most significant change was of the packages was that rubygem-pry 0.12.2 dropped support for Rubinius. Both python-boto3 1.9.57 and python-botocore 1.12.57 had multiple application programming interface (API) changes. The obs-service-set_version 0.5.11 package needed “python suff” and now allow running tests with python3.

The first snapshot to arrive in December was snapshot 20181203. Among the package changes were an update to checkmedia 4.1, which fixed digest calculation in tagmedia, GNOME’s framework for media discovery grilo 0.3.7, and distributed compiler icecream 1.2, which made load calculations better and also cleaned up the general code. A python-docutils build dependency was added with cifs-utils 6.8 and elfutils 0.175 fixed three Common Vulnerabilities and Exposures issues. Major changes came with the man 2.8.4 package. One of the changes relies on decompressors reading from their standard input rather than redundantly passing them the input file on their command line; this works better with downstream AppArmor confinement of decompressors. Virtualbox 5.2.22 fixed a regression in the Core Audio backend causing a hang when returning from host sleep when processing input buffers and webkit2gtk3 2.22.4 fixed serval crashes and rendering issues and Fix a crash when using graphics library Cairo versions between 1.15 and 1.16.0.

(more…)

Tumbleweed Gets New Mesa, KDE Frameworks, GNOME Packages

April 26th, 2018 by

A total of four openSUSE Tumbleweed snapshots were released this week that brought new updates for the Linux Kernel, Mesa and a major version update of libglvnd.

RADV received several fixes in snapshot 20180424 with the update to Mesa 18.0.1. Mesa core also had some patches to fix issues around overriding the OpenGL/ES supported version through environment variables, and a patch to fix an issue with texture samples found in “The Witness” through Wine. An updated description for the SSLProtocol option was made available with the apache2 2.4.33 package and apparmor 2.13 delivered a change of the (writeable) cache directory to /var/cache/apparmor/ with the new btrfs layout. The reason for using /var/lib/apparmor/cache/, which was “it’s part of the / subvolume”, is gone, and /var/cache makes more sense for the cache, according to the changelog. The cleanup process and behavior are a lot better with the update of ccache 3.4.2. Backup tool deja-dup 38.0 was a major update and exclude snap cache directories by default. GTK has a new ‘Widgetbowl‘ demo and the wayland backend now supports the stable xdg-shell protocol in gtk3 3.22.30. Linux Kernel 4.16.3 arrived in the snapshot and the GL Vendor-Neutral Dispatch library, libglvnd, was bumped to major version 1.0.0 thanks to EGL and GLX interfaces being defined and stable. The Tumbleweed rating tool is currently treading the snapshot as stable with an 88 rating.

Snapshot 20180420 is also treading at an 88 rating. The snapshot added btrfsprogs 4.16, which added the new LGPL library libbtrfsutil packages to wrap userspace functionality. KDE users will notice new features for the kmediaplayer package with Frameworks 5.45.0. Poppler 0.63.0, which is the utility library for rendering PDFs, had multiple fixes to include a fix for a new Object Application Programming Interface porting bug. The autocompletion and static analysis library for python, python-jedi 0.12.0, removes Python 2.6 support and provides better namespace completion.

(more…)

Kernels Becoming Tumbleweed Norm, Grub 2 Gets Release Candidate

February 16th, 2017 by

Two Linux Kernels per week in openSUSE Tumbleweed is becoming the norm as the rolling release is providing daily snapshots of new software that are closely aligned with upstream development.

Kernel 4.9.8 and 4.9.9 were released in the 20170208 and 20170212 snapshots respectively and the later brought a fix for a Btrfs system call.

Beside the 4.9.8 Kernel in the first week’s snapshot, 20170208, Mesa users will be happy to see version 13.0.4 had a specfile fix for build configuration for ARM, Power PC and s390 architectures. Gimp 2.8.20 made the color selection of the paint tool more robust and updated translations for a number of European languages. Several other packages were updated in the repositories from this snapshot and python3-kiwi 9.0.2 and vim 8.0.311 provided the most fixes.

Snapshot 20170209 brought the first major release of libosinfo (Operating System information database) in Tumbleweed with version 1.0.0, which focuses on metadata about operating systems and provides a single place to manage it in a virtualized environment.  F Virtual Window Manager (FVWM) 2.6.7 added a handful of new features and removed several other features like  GTK 1.x support.

Plasma 5.9.1 came in the 20170211 snapshot and AppArmor 2.11.0 update provided multiple improvements and fixes, one of which fixed an issue that Kernel 4.8 and above affected Apparmor policy enforcement. Libssh hackers made use of their time at FOSDEM and squashed bugs, which came in the libssh 0.7.4. (more…)

New systemd, Plasma 5.9 Arrive in Tumbleweed

February 2nd, 2017 by


Another busy week for openSUSE Tumbleweed brought several new packages in the rolling release along with Plasma 5.9 and systemd 232.

The most recent snapshot, 20170131, added several new features with KDE’s Plasma 5.9.

“In our ongoing effort to make you more productive with Plasma, we added interactive previews to our notifications,” according to the release announcement on Plasma 5.9.

Additional features like icon widgets being created for applications and document when dragged to the desktop and several other new features like streamlined visuals, global menus and a new network configuration module can be found in the newest Plasma 5.9 version.

The  20170131 snapshot also update KDE Frameworks 5.30.0, AppStream 0.10.5, libvirt 3.0.0 and libzypp 16.4.0.

Another big update in Tumbleweed this past week was the arrival of systemd 232 in the 20170128 snapshot. The new systemd version in Tumbleweed includes new options for RemoveIPC, ProtectKernelModules and more.

(more…)

Tumbleweed brings Halloween Treats

November 3rd, 2016 by

A new framework for desktop applications on Linux has been added to Tumbleweed and now users can enjoy the most up-to-date version of Flatpak.

Flatpak 0.6.13 arrived in the 20161028 snapshot  last week and complements another package updated in the snapshot; OSTree 2016.12, which is a tool that combines a “git-like” model for committing and downloading bootable filesystem trees, along with a layer for deploying them and managing the bootloader configuration.

The “new feature will surely need some testing,” wrote Dominique Leuenberger, in his weekly review about Tumbleweed to the Factory Mailing List.

Snapshot 20161028 also provided several updated packages in the repositories including Mozilla Firefox 49.0.2 and Frameworks 5.27.0, which provides new mimetypes icons in the version.

(more…)