Weekly roundup 2017 – week 46

Cauldron

Another busy week for Cauldron, while not as many large updates, lots of other packages have seen work, as well as getting ready for future upgrades.

  • flatpak 0.10.0
  • boost 1.65.1
  • glib 0.7.4
  • chromium-browser 62
  • zsh 5.4.2
  • kmymoney4.8.1

There was also an update to PHP, so plenty of module updates and rebuilds for that and boost.

The other big update that is coming is Firefox, there is an issue with its build and our rust toolchain, but once that is sorted then Firefox 57 will be coming your way.

One other interesting discussion that will have to be resisted, most likely many more times before a full decision is made, is what to do with the 32-bit media. While they are still needed for now as not everyone has access to high-speed internet for net installs and most likely they will be the ones without access to newer 64-bit hardware.Currently there are also many others who do have 64-bit hardware but for some reason still use 32-bit install. At least it seems that way from torrent statistics shared by some of our contributors. Hearing opinion on this is always useful, although this is probably something more for Mageia 8.

Mageia 6

A busy week for updates, here are some of the important ones:

  • konversation 1.7.3-1 – CVE fix
  • firefox 52.5.0-1, nss 3.28.6-1.1 & rootcerts 20171025.00-1 – CVE fixes
  • nextcloud-client 2.3.2-1 – bugfix update
  • php 5.6.32-1 – Security fix
  • cups 2.2.6-1 – bugfix update
  • flash-player-plugin 27.0.0.187-1 – multiple CVE fixes

Mageia 5

Also some important updates for Mageia 5, here are some of them:

  • konversation 1.5.1-1.1 – CVE fix
  • firefox 52.5.0-1, nss 3.28.6-1.1 & rootcerts 20171025.00-1 – CVE fixes
  • bluez 5.28-1.2 – CVE fix
  • php 5.6.32-1 – Security fix
  • flash-player-plugin 27.0.0.187-1 – multiple CVE fixes
Posted in Weekly roundup | 10 Comments

Weekly roundup 2017 – week 45

Cauldron

Lots of big updates since the last roundup, here are a few of the big ones:

  • networkmanager 1.10.0
  • kernel 4.13.12
  • libreoffice 5.4.3.2
  • lxqt 0.12
  • mesa 17.2.4

llvm 5 has also been moved out of testing, so a fair few rebuilds of big packages have been needed. Please reports any bugs or issues with that on the Bugzilla.

Mageia 6

  • libjpeg-1.5.1-1.1 – CVE fix
  • flash-player-plugin-27.0.0.183-1 – bugfix and security update
  • openssl-1.0.2m-1 – CVE fixes
  • git-2.13.6-1 – CVE fix
  • nvidia-current-384.90-2 & ldetect-lst-0.3.7.2-1 – new hardware support (Quadro P5200) and bugfix
  • arduino-1.6.5-3.1 – bugfix update
  • x11-server-1.19.5-1.1 – multiply CVE fixes
  • libpng-1.6.34-1 – update

Mageia 5

The big news for Mageia 5 was the extension of its support period until December 31st, 2017, full details available in this blog.

  • libjpeg-1.3.1-4.2 – CVE fix
  • flash-player-plugin-27.0.0.183-1 – bugfix and security update
  • openssl-1.0.2m-1 – CVE fixes
  • nvidia-current-384.90-2 & ldetect-lst-0.1.346.8-1 –  new hardware support (Quadro P5200) and bugfix

Community

The Paris Open Source Summit is coming up in December, we will be there, so if you would like to come along and meet some contributors and all of the other events happening, or help out at the booth, feel free to get in touch.

Posted in Weekly roundup | 4 Comments

Mageia 5 EOL postponed

As the upgrade path from Mageia 5 to Mageia 6 is harder than anticipated, many users are still on Mageia 5 today. We have therefore decided to prolong the support of Mageia 5 until December 31st, 2017 (instead of October 31st, 2017 as announced until now).

“Best effort” support limited to critical security fixes

This extended support will be limited to critical security fixes for components found in most systems, such as the kernel, glibc, firefox, flash-player-plugin, etc. The exact scope will be decided for each package by the packager maintainers and security teams, based on the severity of the issue and the resources that we have in terms of packaging and quality assurance.

So, in summary: your Mageia 5 system will not be exposed to known critical vulnerabilities until its EOL in 2 months, but the support will still be much more limited than that of Mageia 6 systems. We encourage the remaining Mageia 5 users to use this time to upgrade to Mageia 6 as soon as possible.

Upgrade advice

Many users reported critical issues when upgrading complex systems to Mageia 6, especially using KDE4, NVIDIA proprietary drivers, and/or third-party packages. Such issues can be package conflicts that prevent the upgrade from finishing properly, leaving the system in a hybrid state that may not properly survive a reboot, or they can be drivers issues that lead to the graphical X.org server failing to initialize itself, landing users on a terminal instead of the desktop environment.

For this reason, we disabled the system that prompts users to upgrade via our GUI tool mgaonline, so only manual upgrades can be done using our CLI tool urpmi. We are still working on solving the main issues mentioned above to allow us to re-enable the mgaonline upgrade path, but we want to warn users that there might still be caveats to this specific upgrade.

When possible, we recommend that Mageia 5 users do a clean install of Mageia 6 on a different partition (thus keeping both systems next to each other), and copy the relevant parts of their Mageia 5 configuration (typically the hidden folders in your /home) onto the new system. It should also work fine to reuse the same /home partition if it’s separate from the root partition. You can even use the same username and UID (user identifier), but keep in mind that systems upgraded from older Mageia releases might still have user IDs starting at 500, while Mageia 6 requires user IDs to start at 1000. There’s a wiki page with some more instructions for upgrade.

When in doubt, please get in touch with other community members on the forums, mailing lists or IRC, there will always be helpful people ready to help you.

We are sorry for the inconvenience and will work hard to provide a more stable upgrade path from Mageia 6 to Mageia 7.

Posted in Mageia, QA, release | 17 Comments

Weekly roundup 2017 – week 43

Before we get into the updates and Mageia news, a quick suggestion from the Free Software Foundation:

Image credit – https://twitter.com/fsf/status/923644337140924418

Cauldron

The big updates in Cauldron this week are to Mate 1.19.1 and Plasma 5.11.2, here are a few of the other big updates:

  • kernel 4.13.10
  • ffmpeg 3.4
  • libreoffice 5.4.3 rc1
  • Chromium browser 62

There were also updates to some Perl modules and some of the underlying Mageia libraries that are used in our tools, like urpmi, the Control Centre and the Installer.

Also, a quick note about our ARM support, as mentioned a few weeks ago, we are thinking of dropping arm5tl, this seems more and more likely, builds take a very long time and developers are starting to drop support for it. If you have any opinion on whether it should be kept or not, bringing it to the discussion on the dev mailing list would be useful.

Mageia 6

There were some big updates for Mageia 6 this week, here are the major ones:

  • virtualbox, kmod-vboxadditons & kmod-virtualbox 5.1.30 – multiple CVE fixes
  • upx-3.94-1 – CVE fix
  • mysql-connector-java-5.1.42-1 – CVE fixes
  • rust-1.21.0-1 & cargo-0.22.0-1 – Version update

Mageia 5

  • virtualbox, kmod-vboxadditons & kmod-virtualbox 5.1.30 – multiple CVE fixes
  • upx-3.94-1 – CVE fix
  • kernel-4.4.92-1 – multiple CVE fixes
  • mysql-connector-java-5.1.42-1 – CVE fixes

Community

Mageia will have a booth at the OpenRhineRhur event next weekend (4th to 5th November), thanks to the volunteers for hosting the booth and we hope to see and talk to lots of interesting people there. If you are in the area, feel free to drop by!

 

Posted in community, Weekly roundup | 7 Comments

Mageia at OpenRheinRuhr 2017

Since we took a break last year, we are happy to announce our participation at the OpenRheinRuhr 2017 in Oberhausen (Germany). We are pleased to have this opportunity to present our lovely distribution there.
As always the ORR takes place at the nice old-fashioned industrial museum (“Rheinisches Industriemuseum“) from the 4th to the 5th November.
This year a lot of projects and companies show their work and contributions around the topic of free and open software and Mageia is proud to be a part of that.
Additionally there is a wide program and a lot of very interesting talks and presentations so it is really worth it to spend this autumn weekend there.
Come along to our booth and discuss with us the news about our community and the project or tell us your experience with our distribution.
We’re looking forward to welcoming you there.

See also blogpost in German.

 

 

 

Posted in Uncategorized | 7 Comments