Archaeopteryx

joined 3 months ago
 

Issue #99 of Commodore Free Magazine for July 2024 has been released.

Commodore Free Magazine is a free-to-download magazine dedicated to Commodore computers. Available as PDF, ePUB, D64 disk image and other formats.

 

Welcome to the monthly update for openSUSE Tumbleweed for July 2024. Last month was busy with events like the Community Summit in Berlin and the openSUSE Conference. Both events were productive and well-received. Despite the busy schedule and follow on discussion from the conference about the Rebranding of the Project, a number of snapshots continued to roll out to users this month.

Stay tuned and tumble on!

Should readers desire more frequent information about snapshot updates, they are encouraged to subscribe to the openSUSE Factory mailing list.

New Features and Enhancements

  • Linux Kernel 6.9.9: This kernel introduces several important fixes and enhancements across various subsystems. Key updates include the introduction of devm_mutex_init() for mutex initialization in multiple components, addressing issues in the Hisilicon debugfs uninit process, and resolving shared IRQ handling in DRM Lima drivers. Fixes in the PowerPC architecture avoid nmi_enter/nmi_exit in real mode interrupts, while networking improvements prevent unnecessary BUG() calls in net/dql. Enhancements in WiFi drivers such as RTW89 include improved handling for 6 GHz channels. Updates in DRM/AMD drivers address multiple issues, from uninitialized variable warnings to ensuring proper timestamp initialization and memory management. The RISC-V architecture receives a fix for initial sample period values, and several BPF selftests see adjustments for better error detection. These updates collectively enhance system stability, performance, and security.
  • KDE Plasma 6.1.3: Discover now auto-handles Flatpak rebases from runtimes and properly uninstalls EOL refs without replacements. In Kglobalacceld, invalid keycodes are explicitly processed. Kpipewire introduces proper cleanup on deactivate and fixes thread handling for PipeWireSourceStream. KScreen now uses ContextualHelpButton from Kirigami, and Kscreenlocker adds a property to track past prompts. KWin sees numerous improvements: relaxed nightlight constraints, simplified Wayland popup handling, better input method windows, and enhanced screencast plugins. Plasma Mobile enhancements improve home screen interactions, translation issues, and swipe detection. Plasma Networkmanager and Plasma Workspace benefit from shared QQmlEngine and various bug fixes, including avatar image decoding and pointer warping on Wayland.
  • Frameworks 6.4.0: Attica updates its gitignore to include VS Code directories. Baloo reverts a QCoreApplication change and ports QML modules. Breeze Icons introduces a ColorScheme-Accent and fixes data-warning icons. KArchive now rejects tar files with negative sizes and fixes crashes with malformed files. KAuth and KBookmarks add VS Code directories to gitignore. KCalendarCore adds missing QtCore dependencies and QML bindings for calendar models. KIO improves systemd process handling and deprecates unused features. Kirigami enhances navigation and dialog components. KTextEditor adds a tool for testing JavaScript scripts and ensures even indent sizes, fixing multiple bugs.
  • KDE Gear 24.05.2: Akonadi-calendar adds missing change notifications. Dolphin updates Meta-Object Compiler generation. Filelight enables appx building and ensures hicolor icon presence while Itinerary fixes calendar permissions, corrupted notes, and the package introduces new extractors. Kdenlive addresses timeline, aspect ratio, and compilation issues. Okular fixes a crash with certain PDF actions.
  • Supermin 5.3.4: This update introduces several key enhancements, including support for OCaml 5 and kylinsecos. It improves package management by detecting dnf5 and omitting missing options. The update also refines OCaml compilation by using -output-complete-exe instead of -custom that fixes kernel filtering for the aarch64 architecture, and enables kernel uncompression on RISC-V. The update removes previously applied patches now included in the new tarball, helping to streamline the codebase and improve maintainability.
  • Checkpolicy 3.7: The latest update brings support for Classless Inter-Domain Routing notation in nodecon statements, enhancing SELinux policy definition capabilities. Error messages are now more descriptive, and error handling has been improved. Key bug fixes include handling unprintable tokens, avoiding garbage value assignments, freeing temporary bounds types and performing contiguous checks in host byte order.

Key Package Updates

  • NetworkManager 1.48.4: This update introduces support for matching Open vSwitch (OVS) system interfaces by MAC address, enhancing network interface management. Additionally, NetworkManager now considers the contents of /etc/hosts when determining the system hostname from reverse DNS lookups of configured interface addresses, improving hostname resolution accuracy. Subpackages updated include NetworkManager-bluetooth, NetworkManager-lang, NetworkManager-tui, NetworkManager-wwan, libnm0, and typelib-1_0-NM-1_0. These enhancements contribute to more robust and precise network configuration handling in Linux environments.
  • libguestfs 1.53.5: This update includes significant enhancements and fixes. The --chown parameter is now correctly split on the ':' character, and a new checksum command is supported. Detection for Circle Linux and support for the LoongArch architecture have been added, including file architecture translation fixes. The update allows nbd+unix:// URIs and reimplements GPT partition functions using sfdisk. DHCP configuration improvements and a new virt-customize --inject-blnsvr operation enhance usability. Deprecated features include the removal of gluster, sheepdog, and tftp drive support. New APIs such as findfs_partuuid and findfs_partlabel improve functionality, while inspection tools now resolve PARTUUID and PARTLABEL in /etc/fstab. These updates enhance compatibility, performance, and functionality across various environments.
  • glib2 2.80.4: The latest update backports key patches: mapping EADDRNOTAVAIL to G_IO_ERROR_CONNECTION_REFUSED, handling files larger than 4GB in g_file_load_contents(), and correcting GIR install locations and build race conditions. Additionally, improvements in gthreadedresolver ensure returned records are properly reference-counted in lookup_records().
  • ruby3.3 3.3.4: This release addresses a regression where dependencies were missing in the gemspec for some bundled gems such as net-pop, net-ftp, net-imap, and prime. Other fixes include preventing Warning.warn calls for disabled warnings, correcting memory allocation sizes in String.new(:capacity) and resolving string corruption issues.
  • libgcrypt 1.11.0: The latest update introduces several new interfaces and performance enhancements. New features include an API for Key Encapsulation Mechanism (KEM), support for algorithms like Streamlined NTRU Prime sntrup761, Kyber, and Classic McEliece, and various Key Derivation Functions (KDFs) including HKDF and X963KDF. Performance improvements feature optimized implementations for SM3, SM4, and other cryptographic operations on ARMv8/AArch64, PowerPC, and AVX2/AVX512 architectures. Other changes include various enhancements for constant time operations and deprecates the GCRYCTL_ENABLE_M_GUARD control code.

Bug Fixes

  • orc 0.4.39:

    • CVE-2024-40897 was solved with versions before 0.4.39, which had a buffer overflow vulnerability in orcparse.c.
  • java-21-openjdk 21.0.4.0:

  • ovmf 202402 had three months of CVE patches in its quarterly update.

  • Mozilla Firefox 128.0: This release fixes 16 CVEs. The most severe was CVE-2024-6604; this was a memory safety bug in Firefox 128, Firefox ESR 115.13, Thunderbird 128 and Thunderbird 115.13. These bugs showed evidence of memory corruption that potentially allowed arbitrary code execution.

  • ghostscript 10.03.1)

    • CVE-2024-33869 allowed bypassing restrictions via crafted PostScript documents.
    • CVE-2023-52722
    • CVE-2024-33870 allows access to arbitrary files via crafted PostScript documents.
    • CVE-2024-33871 allowed arbitrary code execution via crafted PostScript documents using custom Driver libraries in contrib/opvp/gdevopvp.c.
    • CVE-2024-29510 allowed memory corruption and SAFER sandbox bypass via format string injection in a uniprint device.
  • xwayland 24.1.1 3:

    • CVE-2024-31080 had a vulnerability that could allow attackers to trigger the X server to read and transmit heap memory values, leading to a crash.
    • CVE-2024-31081 could cause memory leakage and segmentation faults, leading to a crash.
    • CVE-2024-31083 allowed arbitrary code execution by authenticated attackers through specially crafted requests.
  • libreoffice 24.2.5.2:

    • CVE-2024-5261 allows fetching remote resources without proper security checks.
  • GTK3 3.24.43:

    • CVE-2024-6655 allowed a library injection into a GTK application from the current working directory under certain conditions.
  • netpbm 11.7.0:

    • CVE-2024-38526: doc, which provides API documentation for Python projects, had a vulnerability where pdoc --math linked to malicious JavaScript files from polyfill.io.

Conclusion

The month of July 2024 was marked by significant updates, security fixes and enhancements. The Linux Kernel 6.9.9 update introduced several key fixes and improvements across various subsystems, enhancing overall stability and performance. KDE Plasma 6.1.3 brought numerous UI improvements and better handling of Flatpak rebases. The updates to Frameworks 6.4.0 and KDE Gear 24.05.2 provided additional enhancements and bug fixes, improving user experience and system reliability. Critical security vulnerabilities were addressed in various packages, including Firefox, ghostscript, and xwayland, ensuring Tumbleweed remains secure, efficient, and feature-rich for all users. Additionally, the Aeon team announced the release of Aeon Desktop to Release Candidate 3 status that came from the release of a Tumbleweed snapshot last week.

For those Tumbleweed users who want to contribute or want to engage with detailed technological discussions, subscribe to the openSUSE Factory mailing list . The openSUSE team encourages users to continue participating through bug reports, feature suggestions and discussions.

Contributing to openSUSE Tumbleweed

Your contributions and feedback make openSUSE Tumbleweed better with every update. Whether reporting bugs, suggesting features, or participating in community discussions, your involvement is highly valued.

More Information about openSUSE:

Official

Fediverse

(Image made with DALL-E)

[–] [email protected] 1 points 1 month ago

Yeah. That case is amazing.

 

Join me on this retro journey where we explore the Schmolz Unternehmensberatung Compucase 64d conversion kit for the Commodore 64. We look inside, socket the...

 

Data East's Lemmings Arcade was never made....until now! We scratch build our imagining o...

 

An experimental "Pre-RC3" image for the Aeon Desktop has been published and testers are encouraged to try out the final prototype before it becomes the official Release Candidate 3 (RC3). The new image can be downloaded from the openSUSE development repository.

This prototype, which has been submitted to openSUSE Factory, introduces some significant changes and improvements. Notably, the dd backend in the tik installer has been replaced with a new systemd-repart backend. This change allows for the installation of Aeon with Full Disk Encryption that enhances the security features of the operating system.

Existing users of Aeon RC2 and earlier versions will need to perform a reinstall to take advantage of the new features destined for RC3. Due to the fundamental changes in partition layout necessary for the new encryption features, an in-place upgrade from RC2 is not feasible without risking data integrity, according to a post on the new Aeon Desktop subreddit. Users can utilize Aeon's reinstall feature, which facilitates the backup and restoration of user data as long as a sufficiently large USB stick is used.

Users installing the prototype image may encounter some packages from the OBS devel project. These can be removed by running transactional-update --interactive dup and selecting solutions that replace devel:microos packages with official ones.

Testers are encouraged to provide feedback and report any issues encountered during the testing phase on the Aeon Desktop bug report page.

Next Steps

If the prototype is accepted into Factory and becomes RC3, the development of Aeon will be in its final stages before an official release. RC3 will serve as the basis for writing openQA tests for Aeon, which are crucial for ensuring the desktop's stability and functionality.

There is a possibility of an RC4, which aims to streamline the installer process by embedding the full Aeon install within the installer image, potentially reducing the download size by 50 percent. If this approach is not feasible in the short term, it may be revisited post-release.

Full Disk Encryption is set up in one of two modes: Default or Fallback. Get more info about that in the Aeon Desktop Introduces Comprehensive Full Disk Encryption article.

More Information about openSUSE:

Official

Fediverse

 

"We worked very closely with Capcom, and our relationship definitely grew in the process"

 

Full Disk Encryption is planned to be introduced in the forthcoming release candidate of the Aeon Desktop to enhance data security for its users.
The feature is expected to be included in the upcoming Release Candidate 3 (RC3).

Full Disk Encryption is designed to protect data in cases of device loss, theft or unauthorized booting into an alternative operating system.
Depending on the hardware configuration of a system, Aeon's encryption will be set up in one of two modes: Default or Fallback.

Default Mode

The Default Mode is the preferred method of encryption provided the system has the required hardware. This mode utilizes the Trusted Platform Module(TPM) 2.0 chipset with PolicyAuthorizeNV support (TPM 2.0 version 1.38 or newer). In this mode, Aeon Desktop measures several aspects of the system's integrity. These including:

  • UEFI Firmware
  • Secure Boot state (enabled or disabled)
  • Partition Table
  • Boot loader and drivers
  • Kernel and initrd (including kernel command line parameters)

These measurements are stored in the system's TPM. During startup, the current state is compared with the stored measurements. If these match, the system boots normally. If discrepancies are found, users are prompted to enter a Recovery Key provided during installation. This safeguard ensures that unauthorized changes or tampering attempts are flagged.

Fallback Mode

The Fallback Mode is employed when the necessary hardware for Default Mode is not detected. This mode requires users to enter a passphrase each time the system starts. While it does not check system integrity as comprehensively as Default Mode, Secure Boot is strongly recommended to ensure some level of security, confirming that the bootloader and kernel have not been tampered with.

Contrary to initial concerns, Default Mode is not less secure than Fallback Mode despite not requiring a passphrase at startup. The strong integrity checks in Default Mode protect against attacks that could bypass normal authentication methods. For example, it can detect changes to the kernel command line that could otherwise allow unauthorized access. Furthermore, it safeguards against modifications to initrd thereby preventing potential passphrase capture in Fallback Mode.

Secure Boot, while optional in Default Mode due to the comprehensive integrity checks, is critical in Fallback Mode to maintain system security. Disabling Secure Boot in Fallback Mode increases vulnerability to tampering and attacks aimed at capturing the passphrase.

Aeon's implementation of Full Disk Encryption provides robust security options tailored to the capabilities of users' hardware. By offering both Default and Fallback modes, Aeon ensures that all users can benefit from enhanced data protection.

The inclusion of this feature in RC3 marks a significant step forward in safeguarding user data against potential threats.
Aeon users are encouraged to read and bookmark the Aeon Encryption Guide.

More Information about openSUSE:

Official

Fediverse

(Image made with DALL-E)

[–] [email protected] 1 points 2 months ago

I second this. XnView MP is one of the best free programs out there.

[–] [email protected] 4 points 2 months ago

I am using Lutris for Windows games (sometimes Windows applications, too) almost exclusively on my rig. It works perfectly fine.

 

NUREMBERG, Germany – The release of Leap 15.6 is official and paves the way for professionals and organizations to transition to SUSE's enterprise distribution with extended support or prepare for the next major release, which will be Leap 16.

Demands for robust, secure and stable operating systems in the digital infrastructure sector are more critical than ever. The combination of the community-driven Leap 15.6 and SUSE Linux Enterprise 15 Service Pack 6, which integrates new features and enhancements, offers an optimal solution for managing critical infrastructure. Notably, SUSE's general support and [extended support]](https://www.suse.com/products/long-term-service-pack-support/) versions; these Product Support Lifecycles last well beyond Leap 15's lifespan, ensuring longer and reliable service for users.

SLE 15 SP 6 is a feature release, so users can expect several more features in the Leap 15.6 release.

This alignment ensures businesses and professionals using Leap for operational needs can enjoy a clear, supported transition to an enterprise environment, which is crucial in a move for systems that require long-term stability and enhanced security. As organizations strategize their upgrade paths, adopting an enterprise-grade solution like SUSE becomes a strategic decision, especially for those managing extensive networks and critical data across various sectors.

Since being released on May 25, 2018, Leap has added several additions like container technologies, immutable systems, virtualization, embedded development, along with other high-tech advances. A rise in usage from each minor release shows that entrepreneurs, hobbyists, professionals and developers are consistently choosing Leap as a preferred Linux distribution.

Leap 15.6 is projected to receive maintenance and security updates until the end of 2025 to ensure sufficient overlap with the next release. This will provide users with plenty of time to upgrade to the release's successor, which is Leap 16, or switch to SUSE's extended service support version. Users interested in commercial support can use a migration tool to move to SUSE's commercial support version.

The inclusion of the Cockpit[1] package in openSUSE Leap 15.6 represents a significant enhancement in system and container management capabilities for users. This integration into Leap 15.6 improves usability and access as well as providing a link between advanced system administration and user-friendly operations from the web browser. The addition underscores openSUSE's commitment to providing powerful tools that cater to both professionals and hobbyists. Leap does not come with a SELinux policy, so SELinux capablities for Cockpit are not functioning.

Container technologies receive a boost with Podman 4.8, which includes tailored support for Nextcloud through quadlets, alongside the latest releases of Distrobox, Docker, python-podman, Skopeo, containerd, libcontainers-common, ensuring a robust container management system. Virtualization technologies are also enhanced, featuring updates to Xen 4.18, KVM 8.2.2, libvirt 10.0, and virt-manager 4.1.

The Leap 15.6 release incorporates several key software upgrades enhancing performance and security. It integrates Linux Kernel 6.4, which provides backports for some of latest hardware drivers, which offer performance enhancements. OpenSSL 3.1 becomes the new default and provides robust security features and updated cryptographic algorithms. Database management systems receive significant updates with MariaDB 10.11.6 and PostgreSQL 16. Redis 7.2 offers advanced data handling capabilities and the software stack is rounded out with PHP 8.2 and Node.js 20; both received updates for better performance and security in web development. Leap will also have OpenJDK 21 providing improvements for enhanced performance and security in Java-based applications.

Updates in telecommunications software are seen with DPDK 22.11 and Open vSwitch versions 3.1 and OVN 23.03.

The KDE environment advances with the introduction of KDE Plasma 5.27.11, which is the latest Long Term Support version, Qt 5.15.12+kde151, and KDE Frameworks 5.115.0, as well as Qt6 version 6.6.3, facilitating smooth application operations with updated Python bindings for PyQt5 and PyQt6 aligning with Python 3.11.

Many unmaintatined Python packages were removed as part of a transition to Python 3.11; more details can be found in the release notes.

GNOME 45 brings enhancements to the desktop environment, adding features that elevate the user experience. Audio technologies see major upgrades with the release of PulseAudio 17.0 and PipeWire 1.0.4, which improve hardware compatibility and Bluetooth functionality, including device battery level indicators.

These updates collectively enhance the system’s stability and user experience and make Leap 15.6 a compelling choice for professionals, companies and organizations.

Leap can be downloaded at get.opensuse.org.

End of Life

Leap 15.5 will have its End of Life (EOL) six months from today’s release. Users should update to Leap 15.6 within six months of today to continue to receive security and maintenance updates.

Download Leap 15.6

To download the ISO image, visit https://get.opensuse.org/leap/

If you have a question about the release or found a bug, we would love to hear from you at:

https://t.me/openSUSE

https://chat.opensuse.org

https://lists.opensuse.org/opensuse-support/

https://discordapp.com/invite/openSUSE

https://www.facebook.com/groups/opensuseproject

Get involved

The openSUSE Project is a worldwide community that promotes the use of Linux everywhere. It creates two of the world’s best Linux distributions, the Tumbleweed rolling-release, and Leap, the hybrid enterprise-community distribution. openSUSE is continuously working together in an open, transparent and friendly manner as part of the worldwide Free and Open Source Software community. The project is controlled by its community and relies on the contributions of individuals, working as testers, writers, translators, usability experts, artists and ambassadors or developers. The project embraces a wide variety of technology, people with different levels of expertise, speaking different languages and having different cultural backgrounds. Learn more about it on opensuse.org

1 [Root login is disabled by default. Please read details in the Try Cockpit in Leap Release Candidate article.

***** Two bugs related to Chrome with Wayland on GNOME 45 may see a fix coming in an update. *****

Retrospective

Provide your feedback to our release team by visiting survey.opensuse.org/ and taking our retrospective survey.

More Information about openSUSE:

Official

Fediverse

<sub><sup>(Image made with DALL-E)</sup></sub>

 

Members of openSUSE Project are excited about the launch of Leap 15.6 on June 12 and encourages people to host a Release Party.

If you don’t know how to do this, there is a list of steps below on how to have a successful release party.

If you’re interested in hosting your own Release Party, there’s a handy checklist to help you plan a successful event:

  • Find a Date: A weekend date is usually best, but flexibility is key. Find a common date that works for most people.
  • Find a Place: A café, bar, or Linux group meetup location works great. Whether you opt for a coffee and cake party or a beer and pizza gathering, the key is to have fun.
  • Cake: While not essential, a cake adds to the celebration. You can also bake openSUSE cookies.
  • Pictures: Capture the moment with photos or videos and share them on social media. Tag openSUSE on X, Facebook, Mastodon, BlueSky or more.

There is already a plan to have people to meet virtually in the openSUSE Bar for the launch June 12. The virtual release party will feature members of the release team and community members. Join sometime on June 12 as participants from various countries are encouraged to join and interact with the openSUSE community.

Some will celebration the event in Nuremberg. Certainly people at the openSUSE Conference will highlight the release during the BBQ/Release Party.

These launch parties provide a chance for the community to connect with the people behind the project and to show an appreciation for contributors who make the release of Leap 15.6 possible. It's an excellent opportunity for the community to gather, celebrate and discuss the new release after months of development.

Schedule your release party today on the wiki and have a lot of fun!

More Information about openSUSE:

Official

Fediverse

(Image made with DALL-E)

 

What is openSUSE.Asia Summit?

The openSUSE Project is excited to announce that openSUSE.Asia Summit 2024 will be held in Tokyo, Japan. The openSUSE.Asia Summit is an annual conference for users and contributors of openSUSE and FLOSS enthusiasts. The former summits received major participation from Indonesia, China, Taiwan, Japan, South Korea, and India.

Since the first openSUSE.Asia Summit was held in Beijing in 2014, the summits have been great opportunities for the online community to gather in person, know each other, and share knowledge and experiences about openSUSE including applications running on it. However, COVID-19 made it difficult for 3 years. One of our goals of this year’s summit is to provide a place for communication. Please note that we will not accept talks by video call this year.

The summit dates

The summit will be held on Nov. 2 and 3. An excursion for speakers is expected on Nov. 4, which will be announced later.

You might be interested in Open Source Summit Japan and Open Compliance Summit, held by the Linux Foundation near the venue just before our summit.

Cross-Distro Track

We are going to co-host the Cross-Distro Track by the collaboration with Cross Distro Developers Camp (XDDC). XDDC is a wider developer community of FLOSS OS distribution including openSUSE, Debian and Ubuntu and works together to resolve common issues especially related to Japanese. This year, we are considering inviting speakers and participants from other distribution communities, which will undoubtedly contribute to making the event even more exciting. Furthermore, it will be a great chance to let them know how openSUSE and its community are.

Venue

Azabudai Hills

The openSUSE.Asia Summit 2024 is going to be held in SHIFT Inc., located in Azabudai Hills, Minato-ku, Tokyo, Japan. SHIFT Inc. is a company that supports to create sellable products and services and to grow the business of its customers. It offers integrated IT solutions and consulting services, including development, testing, UI/UX, and security, with its outstanding knowledge in software quality assurance.

Azabudai Hills is a large-scale urban redevelopment project completed in November 2023. This area, which combines offices, residential units, retail outlets, and cultural facilities, is also a newly prominent tourist attraction. It is, of course, easy to access from Tokyo/Haneda airport and anywhere in the capital area by public transportation.

Tokyo and Japan

Tokyo food & scenery

Tokyo is the capital of Japan. Its infrastructure and global connectivity will help attendees travel to the summit. There are direct flights from major cities in Asia Pacific as well as Europe and North America to either Tokyo/Haneda or Tokyo/Narita.

Tokyo is also a popular place for sightseeing with its unique culture, food, etc. Especially, characters from video games, anime, and comics, which are now common globally, attract tourists to Japan. In Tokyo, you can easily find character shops and get items related to works you love.

The number of tourists from abroad has recovered last year to the same level as before COVID-19. Due to the currency exchange rate, it will be a great chance to enjoy your trip to Japan while saving your money.

However, if there is any possibility of attending the summit, you should book your hotel right away with a cancelable plan. Some of our recommended hotels start accepting reservations from 5 months ago, which is June 1. Because Nov. 4 is a public holiday in Japan, rooms in budget hotels become sold out soon, or you will need to pay for your hotel at an inappropriately expensive rate, which might not be covered by the Travel Support Program.

Please also check the following web sites for tourism information in Tokyo and Japan:

Call for speakers

We will start to call for speakers in June. Please read another post for the call for speakers on news.opensuse.org, published in a couple of days.

Wrapping Up

The openSUSE.Asia Summit is a great opportunity for the openSUSE community to meet together. The attendees will be able to enjoy their stay in Tokyo during the summit.

We are looking forward to seeing you this November in Tokyo.

Have a lot of fun!

More Information about openSUSE:

Official

Fediverse