Home Home > Tag > CVE
Sign up | Login

Posts Tagged ‘CVE’

Plasma, Ceph, Git Update in Tumbleweed

July 6th, 2017 by

Plasma 5.10.3, Ceph, Git and LibreOffice 5.4.0.1 are among the top package to arrive in openSUSE Tumbleweed this week.

A total of six openSUSE Tumbleweed snapshots arrived in the repositories this week and one of the snapshots includes a new beta version of AqBanking for banking.

AqBanking, which is the successor of OpenHBCI2, is a free library for online-banking and abides by the open German Online Banking Standard. The 20170629 snapshot updated Aqbanking to the 5.7.6 Beta version, which fixes an unclean Transport Layer Security connection shutdown by HBCI servers.

The most recent snapshot, 20170703, had two packages. It updated the Linux Kernel to 4.11.8, which fixed ldisc crash on reopened tty. Kernel 4.11.7 was updated earlier in the week in snapshot 20170628 and had multiple insertions and deletions. Snapshot 20170703 also delivered nano 2.8.5 and now avoids some flickering when resizing the screen while in the file browser.

Snapshot 20170702 brought much of the Plasma 5.10.3 packages that include feature refinements and new modules to complete the desktop experience; the release also Introduced KDE_NO_GLOBAL_MENU env variable to disable global menu, which allows the run of specific Qt applications with global menu disabled in case of issues. Besides the KDE packages, yast2 3.2.40 added support for the new Expert Partitioner and yast2-apparmor 3.2.1 fixed the name of apparmor systemd service.

(more…)

Tumbleweed Snapshots Pick Up Pace

June 8th, 2017 by

The care and thoroughness of making GNU Compiler Collection 7 the default compiler for openSUSE Tumbleweed produced a gradual decrease in snapshots over the past month, but it looks like snapshots of the rolling release are beginning to pick up the pace.

The four snapshots released this week aligns much to closer to upstream development and releases of GNOME, KDE, QEMU and Mesa top the list of this week’s new packages in Tumbleweed.

The newest snapshot, 20170605, saw a patch added for grub2 that fixed page fault exception when grub loads with NVIDIA cards and the libgcrypt 1.7.7 update made the noteworthy fix of a possible timing attack on EdDSA session key, which was previously patched. Nano 2.8.4 also improved PHP syntax highlighting in the snapshot.

Both Mozilla Thunderbird received changes to optimize and enhance compatibility with GCC 7 in the 20170604 snapshot with 64-bit. Expect 32-bit to come soon. QEMU 2.9.0 fixed several Common Vulnerabilities and Exposures (CVE) and improved support for several architectures and virtualization. Snapshot 20170604 also fixed some minor vulnerabilities like CVE-2017-9351 with Wireshark’s 2.2.7 version update and sudo 1.8.20 fixed CVE-2017-1000367.

(more…)

GNOME 3.24.1, Plasma 5.9.5 Arrive in Tumbleweed

May 5th, 2017 by

A total of seven openSUSE Tumbleweed snapshots were released since last week’s update, which brought several minor version updates and less than a handful of major version updates.

A change on the server that prepares the .diff emails that are generated caused a hiccup for the Tumbleweed announcer, so snapshots 20170428, 20170429, 20170430 and 20170502 were all listed in snapshots 20170503. The change to the server was to create a similar data comparison file to generate emails for Leap 42.3, so it could list packages that are changed during its rolling development process.

(more…)

Samba, Ceph, LightDM Update in Tumbleweed Snapshots

April 20th, 2017 by

Snapshots released the past two weeks of openSUSE Tumbleweed have slowed down a bit, but new software continues to be updated in the five snapshots that have been release since April 6.

The most recent snapshot, 20170417, brought Samba 4.6.2, which had an enormous amount of bug fixes and addressed regression issues introduced by the security fixes for CVE-2017-2619. gPhoto had lots of improvements thanks to the update to libgphoto2 2.5.13. The snapshot also updated ethtool to version 4.10, which synchronized the utility used for displaying and modifying some parameters of network interface controllers with the upstream release, and yast2-fonts’ 3.2.0 version fixed regression introduced in version 3.1.17 and added UTF-8 encoding to Ruby strings.

Snapshot 20170414  provided the 3.5.25 version of squid in the repositories, which fixed aspects involved with data connections and FTP traffic intercepts, and yast2-dhcp-server’s 3.2.2 version fixed a crash happens with the latest yast2-core and yast2-ruby-bindings packages. The premier library for Internationalization Components for Unicode (ICU), which provides globalized support for software applications, was updated to version  58.2 and fixed some issues for Cantonese, Greek and Arabic users as well as updated Emoji characters and 19 new symbols for the new 4K TV standard.

Mozilla Firefox fixed a startup crash on Linux with it’s 52.0.2 release in Tumbleweed’s 20170413 snapshot and the Linux Kernel was updated to version 4.10.9. Linux Kernel initiator open-iscsi had a large amount of patch removals and additions. The btrfs file system matured even more with the release of version 4.10.2. The suite and art application Calligra received a fix for crash when using arrow keys in version 3.0.1 and it’s Flow chart added undo commands. The snapshot also merged upstream Ceph fixes for the codestream. WindowMaker 0.95.8 added some patches and new features for veteran users. (more…)

Newest GNOME, KDE, Kernel Arrive in Tumbleweed

April 6th, 2017 by

Eighteen openSUSE Tumbleweed snapshots brought several new packages to users last month, which included both  GNOME 3.24 and KDE Plasma 5.9.4.

GNOME 3.24 received most of the hype in snapshot 20170322, but that release also included Mozilla Firefox’s newest 52.0.1 version, which added support for WebAssembly, an emerging standard that brings near-native performance to Web-based games, apps, and software libraries without the use of plugins.

Closing out the month, snapshot 20170331 brought git 2.12.2 that provided a Command Line Interface output fix and python 3.6.1, which provided some bug fixes and updates to documentation. Ruby 2.2 switched to git-branch based patching and patched an exploitable heap overflow vulnerability for CVE-2016-2339. (more…)