Weekly Roundup 2018 – Week 2

The year is definitely under way, with an astonishing 412 packages coming through commits – mostly for cauldron, but a few are the last remaining updates for Mageia 5, as well as important security updates for Mageia 6.

Among those updates are all the kernel and microcode updates – our thanks to tmb and our untiring devs for these – to begin hitting Meltdown and Spectre on the head.

A big hand for the upstream kernel team, as well as our own packagers, QA testers and everyone else that was involved in getting this tested and released.

The best place to check these updates out fully is the Mageia Advisories page:

Screenshot of Mageia Advisories page

The Mageia Advisories page is full of information! Clicking on the Advisory number (second column) will take you to the full advisory; so, clicking on MGASA-2018-0076, the advisory for the most recent kernel updates to Mageia 6, takes you to an explanation of what is covered in the fix, plus references for further reading.

Screenshot of Advisory MGASA 2018-0076

If you’re more interested in the original security announcement, the list of CVEs in the right-hand column is also filled with links; clicking on any one of those links will take you to the information for that CVE. If, like CVE 2017-5715, it covers a number of fixes in Mageia, you will arrive at an interim page where all the updates covering that advisory are aggregated, looking like this:

Screenshot of Advisories aggregation

On the aggregated page, clicking on the part of the heading containing the advisory number

Screenshot of advisories heading

will take you to the CVE announcement.

You can keep up with all the other goings-on in Mageia on IRC or the Forums, as well as all the mailing lists – they’re all very active and welcoming places, so please join in!

Posted in Mageia, Weekly roundup | 8 Comments

Weekly Roundup 2018 – Week 1

In the spirit of a new year, Mageians have been very busy.

Meltdown and Spectre mitigation

meltdown and spectre logos

If you’ve been anywhere near a news channel in the last few days, you’ll have heard of these two CPU flaws – there’s an overview at arstechnica for those who haven’t seen it yet. It’s important to note that not only Intel CPUs are vulnerable!

Mageia kernel updates to mitigate these two flaws are already being worked on. Mageia 6 kernel updates released in the last 24 hours don’t as yet solve all the problems, but kernel-4.14.12-2.mga6 is in updates/testing (as is the .mga7 kernel for Cauldron). Expect updates very shortly. Our thanks to our tireless kernel devs and our ever busy QA team!

Mageia 5 is at end of life, people – to avoid issues with Meltdown and Spectre, it’s time to update to Mageia 6. Before you begin, please read “Upgrading from Mageia 5” and the associated links. That said, we have decided to apply specific updates to the kernel and to Firefox, just to deal with the Spectre and Meltdown vulnerabilities. Subsequent updates of the kernel to minimise the performance impact of the security updates will not be applied in Mageia 5, similar for other security fixes. So you have a little time to prepare to upgrade, but do get on it!

While all that has been going on, there has been a constant stream of updates into Cauldron, updates for Mageia 6 and the last few for Mageia 5, and plenty of packages going into testing. Check out the usual suspects: Mageia Advisories, the Mageia AppDBPkgSubmit to see the last 48 hours, and Bugzilla.

Have a great week!

Posted in Mageia, Weekly roundup | 11 Comments

Weekly roundup 2017, Week 52

From the last hours of 2017: Happy 2018!

Warm good wishes for a happy, successful and peaceful New Year to all Mageians everywhere.

This last week of 2017, there have been loads of updates – check out the usual links to see where we’re at: Mageia Advisories, the Mageia AppDBPkgSubmit to see the last 48 hours, and Bugzilla.

Although Mageia 5 is scheduled to reach the end of support on the last day of 2017, due to an unexpected surge in last minute updates being submitted for testing by the qa team, it may be several days into the new year before updates for Mageia 5 stop becoming available.

I don’t believe any of the devs or QA folk have taken any time off since the last roundup, there has been such a lot coming through! Our heartfelt thanks to them, who keep our distro such a magical thing.

What a year 2017 has been!

In January, as well as working up to the second stabilisation snapshot of Mageia 6, we were preparing for FOSDEM, where ennael and stormi presented the talk Mageia, successes and lessons learned 6 years after forking. If you weren’t lucky enough to be in Brussels to meet up with other Mageians and hear the talk, you can still pick it up from the FOSDEM archive; the video is here.

February saw the first of these Weekly Roundup posts, so that we could all see a snapshot of what’s happening behind the scenes. Our Atelier leader schultz has been tireless all through the year in bringing these to us; I hope to live up to the standards he’s set! We also saw the FOSDEM report, with a brilliant couple of meetings; and we took stock of the progress on the way to Mageia 6, which by that time was very late!

March saw us make a donation to Framasoft, where our pads are hosted – we’re thankful for their service several times a month, so it was time to reciprocate. We attended Chemnitzer Linuxtag and were preparing to attend JDLL – see the March blog posts to read the reports. And the RC ISOs for Mageia 6 were in testing…

April was a bit mixed – we shut down a couple of servers and the web services were offline for a bit, but the Classical ISOs for Mageia 6 were almost ready! We did get all our servers upgraded to Mageia 5, and that made everything more secure for everyone.

May: the Mageia 6 RC is released! Oh my, the work that was behind that tiny sentence. In June, we went into release freeze, and at the end of the month the message went out: “Nobody touch anything!”

And in mid-July, it finally happened: Mageia 6 was released. What a huge work that was – so many packages with enormous version upgrades, so much work from the developers and testers to get it all to play nice. And, isn’t it lovely? great new artwork and lots of new packages to play with. Then, in August, we went a little bit quiet, because everyone needed a rest!

From September until now, the developers, testers and QA folks have been working on two fronts; sorting out any issues with Mageia 6 packages, and setting the frameworks for Mageia 7. Documenters and translators have been busy, especially with updating the wiki – check it out!

We’re approaching the time where Mageia 5 will come to the end of its life, and looking forward to the new release – just like with the calendar, where we’re looking back over the past year even as we embark on the new year.

Happy Mageia New Year!

Posted in Mageia, Weekly roundup | 10 Comments

Weekly roundup 2017 – Week 51

So, it’s Week 51, so of course it’s the festive holiday season! We wish all Mageians everywhere the very best of all things for the holidays, whichever way you celebrate them.

We’ll get to the new year in next week’s roundup!

In the last week, the developers and the Q&A folks have been sending through a steady stream of updates. Wow, they’ve worked hard. As always, you can check Mageia Advisories  and the Mageia AppDB  to get a notion of what they’ve been up to; and PkgSubmit  to see the last 48 hours.

Another interesting way to keep track of what’s happening is Bugzilla. On the Home page you’ll find some links at the bottom left, so you can look at recent bugs and changes – the last day or the last 7 days:

There are also RSS feeds, if you like that kind of thing.

One thing that’s still happening is that distrib-coffee is still out of service; the festive season might have something to do with that. Check out the Infrastructure bug here.

Again, warm good wishes from all at Mageia to all Mageians, all over the world.

Posted in Mageia, Weekly roundup | 5 Comments

Weekly roundup 2017 – Week 50

2 weeks left until 2018… but who’s counting?

Some important news

In case you haven’t seen this announcement elsewhere – Tier 1 mirror distrib-ccoffee.ipsl.jussieu.fr is down, due to hardware breakage, and will be available again next week at the earliest. To avoid long breakages for our end-users, we request that mirrors that have been mirroring from distrib-coffee switch to another Tier 1.

Currently that is:
rsync://mageia.c3sl.ufpr.br/mageia/ located in Curitiba (Brasil)
rsync://mirrors.kernel.org/mirrors/mageia/ located in USA and Europe
rsync://ftp.acc.umu.se/mirror/mageia/ located in Umea (Sweden)
rsync://mirror.math.princeton.edu/pub/mageia/ located in Princeton (USA)
rsync://distro.ibiblio.org/mageia/ located in Durham (USA)

Also, if you have selected distrib-coffee as the mirror for your updates, you’ll need to move to another for the duration. A good place to check mirror status is https://mirrors.mageia.org/status, and if you’re not sure how to configure the mirror you use, check this wiki page https://wiki.mageia.org/en/Software_management#Choosing_a_specific_media_source.

Security updates:

openssl Mga5, Mga6
rsync Mga5, Mga6
lynx Mga5, Mga6
evince Mga5, Mga6
deluge Mga5

As always, check https://advisories.mageia.org/ for CVEs and package details.

Cauldron updates have been roaring through as usual! Too many to list here, but check out http://pkgsubmit.mageia.org/ for what’s been happening in the last 48 hours.

Onward and upward!

Posted in Uncategorized | 6 Comments