Final Call for RMLL, the Wiki and a Roundup

Ha! It looked like another 2-week gap, but we’re not quite that late, thankfully.

Final Call for RMLL volunteers RMLL/LSM

Mageia will be present with a stand in at RMLL in Strasbourg, but we have very few volunteers who have put their names down for the stand: https://framadate.org/dbLxWJPnci6o6aqb If you’re going to be there, please go to that signup page and let us know – RMLL starts this coming Saturday, so we need you urgently!

New look for the Wiki

The new Wiki front page is up – feast your eyes on this: 

Thanks once again to Zalappy for the design, and apb for all the work to make it happen.

Behind the Scenes

While all that was happening, devs and QA have been quietly working away as always – 388 packages into Cauldron! Here’s the list of updates since the last Roundup:

Security

  • libgcrypt – Mga5
  • ansible – Mga5, 6
  • taglib – Mga5, 6
  • firefox, firefox-l10n – Mga6
  • phpmyadmin – Mga6
  • webkit2 – Mga6
  • libgcrypt – Mga6
  • ncurses – Mga6
  • java-1.8.0-openjdk, copy-jdk-configs – Mga6

Bugfix (Mga 6 only)

  • rust
  • perl-URPM, task-obsolete
  • imagemagick

Don’t forget, you can check Mageia Advisories, the Mageia AppDB, and PkgSubmit to see the last 48 hours, and Bugzilla to see what’s currently happening.

Thanks also for all the nice comments on the last post!

Posted in Atelier, events, Updates, Weekly roundup | 5 Comments

Weekly Roundup and News – weeks 24 & 25

The Mageia Wiki  

For the longest time our wiki main page has been very plain and simple; our own Zalappy has designed a new look, and the modifications are almost ready! Keep watching, because it’s looking really good! Thanks to Zalappy for his artistic flair, and to apb for his hard work making it happen.

What else is happening?

Around 700 packages landed in Cauldron – it’s certainly bubbling! Our appreciative thanks go to our tireless devs and QA folk, without whom we wouldn’t have a grand distro like Mageia. We had lots of updates over the last two weeks – here’s the list:

Security:

  • librsvg Mga5
  • file Mga5, 6
  • libvorbis Mga5, 6
  • gnupg, gnupg2, python-gnupg Mga5, 6
  • poppler Mga5, 6
  • perl-DBD-mysql Mga5, 6
  • jasper Mga5, 6
  • patch Mga5, 6
  • kernel, kernel-userspace-headers, kmod-vboxadditions, kmod-virtualbox, kmod-xtables-addons, wireguard-tools Mga6
  • glibc Mga6
  • librsvg Mga6
  • xdg-utils Mga6
  • roundcubemail Mga6
  • freedink-dfarc Mga6
  • flash-player-plugin Mga6
  • imagemagick Mga6
  • qt3 Mga6
  • firefox, firefox-l10n Mga6
  • gifsicle Mga6
  • leptonica Mga6
  • scummvm Mga6

Bugfixes:

  • minitube
  • speech-dispatcher
  • powertop
  • baloo-widgets
  • task-obsolete, perl-URPM
  • drakx-net, meta-task
  • rapid-photo-downloader
  • mageia-prime
  • minetest
  • ocrfeeder
  • grsync
  • brasero

If you need to check what’s happening between roundups, you can check Mageia Advisories, the Mageia AppDB, PkgSubmit to see the last 48 hours, and Bugzilla to see what’s currently happening.

A Word about Trolls

Mageia has a persistent troll targeting people associated with Mageia.

Currently going by the name Andrew, a troll hiding behind tor anonymizing servers has been targeting Mageia for some time.

The From: address will typically look like
‘From: “Andrew (Mageia Community Leadership Committee)”<BM-2cTUvERX7xLR1c1Pb5its4T4b1SSaFcPCj@bitmessage.ch>’
although they change the From: address at times – a technique known as nymshifting.

There is no Mageia Community Leadership Committee. The troll has also claimed to be the Mageia Council Leader, and various other titles.

Due to their creating many identities and spamming various Mageia mailing lists, all email addresses using anonymizing services we are aware of have been blocked from use when signing up at identity.mageia.org, and have been blocked from sending messages to the mailing lists.

They have also sent some email messages with the from address forged to make it look like it was coming from someone who is on the Mageia Council.

Here are the actual lists of Mageia people:

There are no Mageia conferences planned, let alone ones with fully paid trips for council or board members.

They have contacted various people trying to convince Mageia to hide bitcoin mining software they’d provide in every browser we package, with the money going to them, and a small percentage for us, of course. The suggestion is abhorrent to the Mageia community and would never be allowed. All package changes committed by Mageia packagers are publicly available for viewing.

We can’t prevent them from sending messages like this to anyone whose email address they have found.

All we can do is remind people that the internet has trolls. From: addresses in email message can be set to whatever the sender wants. Whether this troll is just a psychopath who enjoys getting an emotional response from people, or is someone trying to help destroy the usefulness of anonymizing services by getting more people to block them is open to speculation.

With any messages on the internet, people have to trust but verify the messages are from the person who normally uses that name. If the message looks strange, compare the sending IP address of that message to the sending IP address from normal messages from the user. While many ISPs do try to stop their users from sending messages with from addresses that are not for that ISP, most don’t, and for those that do there are always ways around their blocks.

Either add the various anonymizing email servers to your spam filters, or just ignore messages from trolls. Responding to them in any way just encourages more abusive messages.

Many thanks to the Mageians who have been working to inform people and shut this troll down.

Posted in Weekly roundup | 8 Comments

Mageia at RMLL – and a roundup

Please join us at RMLL! RMLL/LSM

RMLL  (also known as LSM, Libre Software Meeting) is one of Mageia’s important annual events and 2018 is no different. It’s the premier world meeting for Libre Software, upon the principles of which our distro and our community is based.

This year RMLL is to be held in in Strasbourg, and we have a booth! We’re calling for people to come and spend a little time on the stand, or a lot of time if you have a lot – we need Mageians to come talk to people about our distro, and encourage them to try us out, join the community and contribute in any way they want. It’s also a great opportunity to meet a wide variety of people in the Libre Software community, both developers and users, and catch up on what’s happening in our world.

Our own jybz will be there, and dtux/LibrePC; there’s a Framadate for people to sign up to attend the booth – note that the first volunteers will need to set the stand up.

RMLL runs from July 7th through 12th; jybz has set up a Framapad  with information about organising things ahead of time.

So, if you’ll be around Strasbourg while RMLL is on, please jump in!

…and the Roundup, Week 23

Aside from more than 400 packages into Cauldron this week, we had bugfixes for Mageia 6 and security updates for both Mageia 5 and Mageia 6:

Security:

  • SDL_image – Mga5, 6
  • python3 – Mga5, 6
  • corosync – Mga6
  • qtpass – Mga6
  • gimp – Mga6
  • glpi – Mga6
  • libreoffice – Mga6
  • mariadb – Mga6
  • chromium-browser-stable – Mga6

Bugfixes:

  • gnucash
  • xorriso
  • perl-Finance-Quote
  • luajit
  • drakxtools

You can always catch up with progress at the usual places: Mageia Advisories, the Mageia AppDBPkgSubmit to see the last 48 hours, and Bugzilla to see what’s currently happening. And don’t forget the wiki!

Posted in events, RMLL, Weekly roundup | Tagged , , | 7 Comments

Weekly Roundup 2018 – Week 22

Just a quick and simple roundup, and then back to work:

It’s been a busy week, as usual! 378 packages came into Cauldron, 15 into Mga6 testing. Work is still going on to get the Mga5 -> Mga6 upgrade happening and then the Mga6.1 ISOs ready. There are some bugs, and here (already fixed), and here connected with the tray update in the pipeline,  if you’re interested…

Heaps of updates are coming in to the wiki, and there will soon be a look-and-feel update. Keep your eyes on the wiki, it will be worth it!

Security updates:

  • mariadb   Mga5
  • python   Mga5, Mga6
  • git   Mga6
  • wireshark   Mga6
  • kernel-linus   Mga6
  • kernel-tmb   Mga6
  • kernel, kernel-userspace-headers, kmod-vboxadditions, kmod-virtualbox, kmod-xtables-addons, wireguard-tools   Mga6
  • libvirt   Mga6
  • thunderbird, thunderbird-l10n   Mga6
  • microcode   Mga6
  • webkit2   Mga6
  • virtualbox, kmod-virtualbox, kmod-vboxadditions   Mga6

Bugfix updates:

  • qtwebkit5   Mga6
  • pidgin   Mga6
  • libwacom   Mga6
  • ntfs-3g, testdisk, partclone   Mga6
  • kernel-firmware-nonfree, radeon-firmware   Mga6
  • monitor-edid   Mga6

You can always catch up with progress at the usual places: Mageia Advisories, the Mageia AppDBPkgSubmit to see the last 48 hours, and Bugzilla to see what’s currently happening. And don’t forget the wiki!

Posted in Uncategorized | 4 Comments

Weekly Roundup 2018 – Weeks 20 & 21:

Now that we’re starting to recover from the Grand Update, the mad flow of security and bugfix updates is resuming (see below), and tmb warns of more Spectre-related updates coming:

Spectre… “the gift that keeps giving…”

https://www.phoronix.com/scan.php?page=news_item&px=Spectre-V3-V4-Vulnerabilities

Upstream kernel 4.14 branch has the fixes/mitigation backports for variant 4 currently going through stable queue review process and should be released tonight / tomorrow after which I will release it to cauldron and mga6 testing.

Spectre v3A will get microcode fixes in the coming weeks so we’ll get to that part later…

Kernel 4.14 is indeed in testing for both Cauldron and Mga6, so should appear in your update queues soon. Meanwhile, a list of the updates since the last roundup:

Security fixes:

  • perl     Mga5, 6
  • gnupg2      Mga5, 6
  • graphite2      Mga5, 6
  • librelp      Mga5, 6
  • libtiff      Mga5, 6
  • wget      Mga5, 6
  • quassel      Mga5, 6
  • libsndfile      Mga5, 6
  • pdns      Mga6
  • bctoolbox, hiawatha, mbedtls, shadowsocks-libev, dolphin-emu Mga6
  • pdns-recursor      Mga6
  • miniupnpc      Mga6
  • kernel, kernel-userspace-headers, kmod-vboxadditions, kmod-virtualbox, kmod-xtables-addons, wireguard-tools      Mga6
  • firefox, firefox-l10n, nss, rootcerts      Mga6
  • 389-ds-base      Mga6
  • libraw      Mga6
  • exempi      Mga6
  • golang      Mga6
  • util-linux      Mga6
  • spring-ldap      Mga6
  • libpam4j      Mga6

Bugfixes (all Mga6):

  • kdenlive
  • kbookmarks, kcmutils, kcompletion, kdnssd, kitemviews, kjobwidgets, knewstuff, knotifyconfig, kpty, ktextwidgets, kunitconversion, kxmlrpcclient
  • lxterminal
  • nvidia-current, ldetect-lst
  • kodi
  • java-1.8.0-openjfx
  • 0ad, 0ad-data, sodium
  • psi
  • qgis
  • qelectrotech
  • mc
  • tellico
  • darktable
  • sddm
  • twinkle
  • broadcom-wl
  • lm_sensors
  • ldetect-lst, nvidia-current
  • wesnoth
  • youtube-dl
  • ntp
  • mesa, libdrm
  • kbookmarks, kcmutils, kcompletion, kdnssd, kitemviews, kjobwidgets, knewstuff, knotifyconfig, kpty, ktextwidgets, kunitconversion, kxmlrpcclient

…and around 650 updates went into Cauldron.

You can catch up with progress any time at the usual places: Mageia Advisories, the Mageia AppDBPkgSubmit to see the last 48 hours, and Bugzilla to see what’s currently happening.

Posted in Weekly roundup | 5 Comments