Home Home > Tag > TLS
Sign up | Login

Posts Tagged ‘TLS’

LibreOffice, Firefox, Curl Receive Updates in Tumbleweed

January 15th, 2020 by

Several packages were updated this week for openSUSE Tumbleweed as was expected after the holiday season. Five snapshots of the rolling release have been delivered so far this week after passing the rigorous testing applied by openQA.

The releases are trending incredibly stable with trending or recorded ratings abovea 96 rating, according to the Tumbleweed snapshot reviewer.

The most recent snapshot, 20200112, updated Xfce desktop environment with an update for xfce4-session 4.14.1 and xfce4-settings 4.14.2. Various developer visible changes were made with Google’s 20200101 re2 library for regular expressions updates. GNOME’s application for managing images with a users Flickr account, frogr 1.6, removed the deprecated use of GTimeVal. The open source platform for the scale-out of public and private cloud storage, glusterfs 7.1, fixed storage rebalancing caused by an input error and fixed a memory leak in the glusterfsd process. ImageMagick version optimized the special effects performance of Fx and virglrenderer 0.8.1, which is a project to investigate the possibility of creating a virtual 3D GPU for use inside qemu virtual machines to accelerate 3D rendering, added some patches. The snapshot continued to update packages for KDE Applications 19.12.1 that started in the 20200111 snapshot. Improvements to the scroll wheel speed was made for KDE’s Dolphin, the video editing software Kdenlive had multiple fixes and an adjustment for faster rendering, and obsolete code was removed from Applications’ diagram package umbrello. Most of the KDE Applications packages also updated the Copyright year to 2020.

In addition to the  KDE Applications 19.12.1 packages that began arriving in snapshot 20200111, KDE’s Plasma 5.17.5 also arrived in the snapshot. The updated Plasma fixed a regression in the “Port the pager applet away from QtWidgets” and fixed the drag from Dolphin to a virtual desktop switcher widget. The Plasma NetworkManager also had a fix for a crash when changing advanced IPv4 configurations. The much-anticipated fix for the security vulnerability in Firefox was made with the Mozilla update to Firefox 72.0.1; there were eight Common Vulnerabilities and Exposures (CVE) fixes in the update from the previous 71 version included in Tumbleweed, but the 72.0.1 fixed the bug that hackers could use to access a computer of anyone using the browser because of incorrect alias information in the IonMonkey JIT compiler. LibreOffice added a patch to fix a button that allowed the wrong ordering of a Qt interface and curl 7.68.0 had a lengthy amount of fixes and changes to include adding a BearSSL vtls implementation for the Transport Layer Security (TLS). openSUSE’s snapper 0.8.8 version had a rewrite of a subpackage from Python to C++ and several YaST packages were updated, which included the fixing of an error during an upgrade if /var/lib/YaST2 was missing when using Btrfs.

Troubleshooting tool sysdig was updated in snapshot 20200110; it fixed a memory leak as well as updated the use of Kubernetes APIs to support version 1.16.vMany GNOME packages were updated to version 3.34.3 and the fwupd 1.3.6 package for updating firmware added a new plugin for working with embedded MultiMediaCard (eMMC) devices. A drop of python3-setuptools dependencies from rpm-build was made with the update of rpm 4.15.1 and Optimized Inner Loop Runtime Compiler (orc) 0.4.31 fixed various PowerPC issues.

Snapshots 20200109 and 20200108 had a minimal amount of package updates, but the Linux Kernel was updated to version 5.4.7 in the 20200108, which provided a large amount of updates from the previous 5.3.12 kernel Tumbleweed was running. Updates for Btrfs in the kernel were plentiful and there were about a handful of fixes in the kernel for IBM’s s390 and for the file system ext4.

Plasma, Applications, Frameworks arrive in Latest Tumbleweed Snapshot

October 17th, 2019 by

Since last week, there have been four openSUSE Tumbleweed snapshots released and the snapshots brought new versions of software from KDE, Mozilla and more.

The most recent snapshot, 20191014, updated several packages around KDE’s projects. Plasma 5.17.0 arrived in the snapshot and there are some extraordinary changes to the new version. The release announcement says this new version is as lightweight and thrifty with resources as ever before. The start-up scripts were converted from a slower Bash to a faster C++ and now run asynchronously, which means it can run several tasks simultaneously, instead of having to run them one after another. Improvements to the widget editing User Experience were made and the Night Color feature became available, which subtly changes the hue and brightness of the elements on the screen when it gets dark; this diminishes glare and makes it more relaxing to the eyes. The same snapshot brought KDE Applications 19.08.2 and the second version of the 19.08 release improved High-DPI support in Konsole and other applications; there were many bugs fixes as well and KMail can once again save messages directly to remote folders. There was more KDE packages arriving in Tumbleweed with the update of KDE Frameworks 5.63.0; KIO, Kirigami and KTextEditor had the most bug fixes in frameworks latest release. The Tumbleweed snapshot had several other software packages updated like the file system utilities package e2fsprogs 1.45.4, which addressed Common Vulnerabilities and Exposures CVE-2019-5094 where an attacker would have been able to corrupt a ext4 partition. The 3.6.10 version of gnutls added support for deterministic Elliptic Curve Digital Signature Algorithm (ECDSA) / Digital Signature Algorithm (DSA). Text editor Nano updated to version 4.5 and offers a new ‘tabgives’ command allowing users to specify per syntax whatthe <Tab> key should produce. The php7 7.3.10 version modified some patches and fixed some bugs. With all these changes, the snapshot is trending at a stable rating of 95, according to the Tumbleweed snapshot reviewer.

The 20191012 snapshot had one package update and it was for Linux Kernel 5.3.5. The single kernel update appears to have increased the stability of Tumbleweed as it is trending at a stable rating of 96, according to the Tumbleweed snapshot reviewer. That’s four rating points up from the snapshot the day before, 20191011, which is trending at a stable rating of 92.

Snapshot 20191011 had updates for ImageMagick that now supports animated WebP encoding/decoding. Both Moxilla Firefox and Thunderbird were updated to version 69.0.2 and 68.1.1 respectively. Firefox had a single fix for a Linux-only crash when changing the playback speed while watching YouTube videos. Thunderbird on the other hand had multiple bug fixes to include various theme fixes and dark theme improvements for the calendar. The fwupd package, which is a daemon to allow session software to update firmware,  version 1.3.1 now allows the disabling of all plugins and added support for thunderbolt interface for kernel safety checks. GStreamer and many of its plugins were updated to version 1.16.1; the new versions offer many performance improvements and fixed a Wayland event source burning CPU in certain circumstances. Other packages updated in the snapshot were nodejs12 12.11.1, python-packaging 19.2 and tcpdump 4.9.3, which addressed more than two dozen CVEs.

Snapshot 20191009 recorded a moderate rating of 90 on the Tumbleweed snapshot reviewer had 10 packages updated in the snapshot. Ultra fast download utility aria2 1.35.0 dropped SSLv3.0 and TLSv1.0 and add TLSv1.3. The wicked framework version 0.6.60 shipped the internal helper library, libwicked, inside of the wicked package and the Linux Kernel sources were updated from version 5.3.2 to 5.3.4.

Thunderbird, YaST, Sudo Updates Arrive in Tumbleweed

November 29th, 2018 by

Three openSUSE Tumbleweed snapshots were released since the last blog.

The three Tumbleweed snapshots this week brought a newer Linux Kernel, several rubygem package updates and improvements for an Xfce support library.

Snapshot 20181126 brought the 4.19.4 Linux Kernel, which fixed accelerated VLAN handling and fixed a memory leak with the Nouveau secure boot. Yet another Setup Tool (YaST) had some updates with yast2-fonts 4.0.2 that changes the desktop file fonts to system-wide fonts and multiple translations were also updated with the yast2-trans package. The support library for Xfce desktop environment, exo, updated to version 0.12.3; it improved layout spacing and alignment and hides the exo launchers from GNOME Software. The package for Integrated Development Environment cross-platform, kdevelop5 5.3.0, brought improved language support for php, python and c++; it also offers a new clazy analyzer plugin. Multiple other libraries were updated including libjansson 2.11, libsemanage 2.8, libsepol 2.8, libzypp 17.9.0 and more. Several rubygem packages were updated in the snapshot and rubygem-bundler 1.17.1 had a significant amount of additions and improvements including an add config option to disable platform warnings. The mailutils 3.5 package for the handling of email fixed a bug in the base64 encoder. Parser generator bison 3.2.2 brought massive improvements to the deterministic C++ skeleton, lalr1.cc and the library for manipulation of TIFF images, tiff 4.0.10, added a few patches that address the 10 Common Vulnerabilities and Exposures (CVE) patches that were removed.

Eight packages were updated in the 20181122 snapshot; three of them were YaST associated packages like yast2-ntp-client 4.1.6, which aligned a  “Synchronize Now” button and “NTP Server Address” box, which doesn’t break the previous fix and does not hide the manual checkbox in TextMode. The fourth release candidate of the free implementation of the Remote Desktop Protocol (RDP) freerdp 2.0.0,  added support to set the Transport Layer Security (TLS) security level for openssl 1.1.0 and also added smartcard support for substring filters. Sudo now treats the LOGNAME and USER environment variables (as well as the LOGIN variable on AIX) as a single unit with the update to sudo 1.8.26, which also added support for the OpenLDAP TLS_REQCERT setting in the ldap.conf. The xapian-core 1.4.9 package fixed a bug to efficiently handle insertion of a batch of extra positions in ascending order, which could lead to missing positions and corrupted encoded positional data, according to the changelog.


Plasma, Ceph, Git Update in Tumbleweed

July 6th, 2017 by

Plasma 5.10.3, Ceph, Git and LibreOffice are among the top package to arrive in openSUSE Tumbleweed this week.

A total of six openSUSE Tumbleweed snapshots arrived in the repositories this week and one of the snapshots includes a new beta version of AqBanking for banking.

AqBanking, which is the successor of OpenHBCI2, is a free library for online-banking and abides by the open German Online Banking Standard. The 20170629 snapshot updated Aqbanking to the 5.7.6 Beta version, which fixes an unclean Transport Layer Security connection shutdown by HBCI servers.

The most recent snapshot, 20170703, had two packages. It updated the Linux Kernel to 4.11.8, which fixed ldisc crash on reopened tty. Kernel 4.11.7 was updated earlier in the week in snapshot 20170628 and had multiple insertions and deletions. Snapshot 20170703 also delivered nano 2.8.5 and now avoids some flickering when resizing the screen while in the file browser.

Snapshot 20170702 brought much of the Plasma 5.10.3 packages that include feature refinements and new modules to complete the desktop experience; the release also Introduced KDE_NO_GLOBAL_MENU env variable to disable global menu, which allows the run of specific Qt applications with global menu disabled in case of issues. Besides the KDE packages, yast2 3.2.40 added support for the new Expert Partitioner and yast2-apparmor 3.2.1 fixed the name of apparmor systemd service.