2017 week 41 and some extras

Posted on October 15, 2017 by Donald Stewart

Cauldron

The Mageia 7 feature proposals are being discussed more, as some of them are very large and will bring large changes to the distribution and installer, scoping the work and looking at the needed resources and timelines is a big job. The big 2 are moving more towards manatools and integrating dnf into the installer, implementing a shim for the existing urpmi commands and ensuring that there is no loss in functionality if we decide to switch for Mageia 7.

While not strictly a Cauldron piece of news, we will in all likelihood drop arm5tl and start to work towards building aarch64 and well as the current arm7hl.

Big changes in Cauldron this week include:

  • rust 1.21.0
  • kernel 4.13.7 – preliminary support for Coffee Lake (i915 alpha)
  • wine 2.18
  • R-base 3.4.2
  • apache 2.4.28
  • x11-server 1.19.5
  • rpm 4.14.0
  • vlc 3.0.0 (git snapshot with fix for drag and drop)

Mageia 6

There have been plenty of security updates for Mageia 6, here are a few of them:

  • thunderbird-52.4.0-1 – Security fix
  • weechat-1.7.1-1.1 – CVE fix
  • pjproject-2.5.5-4.1 – CVE fixes
  • dnsmasq-2.77-1.2 – multiple CVE fixes
  • x11-server-1.19.4-1 – CVE fixes
  • firefox-52.4.0-1 – multiple CVE fixes
  • ghostscript-9.20-3.1 – multiple CVE fixes
  • mariadb-10.1.28-1 – maintenance and bugfix release

Mageia 5

Similarly for Mageia 5, plenty of new updates:

  • thunderbird-52.4.0-1 – Security fix
  • weechat-0.4.1-7.2 – CVE fix
  • pjproject-2.3-1.1 – CVE fixes
  • dnsmasq-2.77-1.1 – multiple CVE fixes
  • x11-server-1.16.4-2.3 – CVE fixes
  • firefox-52.4.0-1 – multiple CVE fixes
  • ghostscript-9.20-1.1 – multiple CVE fixes
  • gstreamer0.10-plugins-good-0.10.31-9.2 & gstreamer1.0-plugins-good-1.4.3-2.2 – multiple CVE fixes

Community

We have been having ongoing issues with spam and fraudulent accounts on our bugzilla so we introduced a special group which can edit bugs. We already added many relevant contributors to it. We think this is a temporary measure until we can properly test a more complete authentication system. Note that this change won’t effect your ability to post bugs. Just edit ones already posted, if there are issues from this, contacting the relevant mailing list should get it resolved quickly.

 

Posted in Weekly roundup | 10 Comments

Weekly roundup 2017, week 38

Posted on September 23, 2017 by Donald Stewart

Firstly a short apology for the lack of blogs recently. With summertime and other commitments, Mageia has sadly had less time from some contributors recently.

Cauldron

Since it has been 8 weeks since the last update, there have been massive changes to Cauldron. I won’t discuss a of them here, instead, here are a few of the more recent larger changes:

  • Updated Ruby stack
  • Update Perl stack
  • kernel 4.12.14
  • llvm 4.0.1
  • flatpak 0.9.12
  • vim 8.0.1097
  • mesa 17.2.1

There is also the update to the base toolchain, which is requiring large scale rebuilds and will likely cause some issues until everything has settled.

Feature proposals for Mageia 7 are well underway, so if you have anything you would like to see included. or have thoughts on the ideas put forward, now is the time to shape what Mageia 7 will become.

Mageia 6

Since the last roundup, there have been countless updates for Mageia 6, here are a few of the more critical fixes that have gone through QA:

  • tor-0.2.9.12 – CVE fix
  • tomcat-8.0.46 – CVE fixes
  • bluez-5.45-2.1 – CVE fix
  • ffmpeg-3.3.4 – security update
  • kernel-4.9.50 – multiple CVE fixes
  • flash-player-plugin-27.0.0.130 – CVE fixes
  • tcpdump-4.9.2 – multiple CVE fixes

Mageia 5

Like Mageia 6, there have been many updates, again, here is a selection of the more critical fixes:

  • tor-0.2.8.15 – CVE fix
  • tomcat-7.0.81 – CVE fixes
  • bluez-5.28 – CVE fix
  • kernel-4.4.88 – multiple CVE fixes
  • flash-player-plugin-27.0.0.130 – CVE fixes
  • tcpdump-4.9.2 – multiple CVE fixes

Community

The recent campaign from the Free Software Foundation Europe, Public Money, Public Code, that is aiming to have code written with public funding for the public sector released under open licensing is something that Mageia is more than happy to get behind. Such goals that share so many of the principles that Mageia was founded on and that aim to help Open Source deserve all of the support that we can offer – more details available in the blog about our support.

There has also been issues with spam from fresh accounts on the wiki, so sadly we have had to restrict write access until a full solution can be found, in the meantime, if you wish to edit, please contact the doc-discuss mailing list.

Posted in Weekly roundup | 6 Comments

Mageia supports the Public Money, Public Code campaign

Posted on September 21, 2017 by Donald Stewart

Open Source software, or more specifically, the ideals behind it go far beyond Mageia or the wider GNU/Linux Community. Being a part of this is something that Mageia has always been very proud of, and when possible, we have given back to, or helped raise awareness of projects that have similar ideals to our own. So with that in mind, we are very happy to give our full support to the Public Money, Public Code campaign launched by the Free Software Foundation Europe.

The campaign aims to require all code written with public funding for the public sector to be under an open source license. Full details and a video detailing the goals and how they hope to achieve them can be seen on the campaign’s website.

In the week since the campaign launched, many Open Source projects have put their names behind the cause, it is very heartening to see Mageia listed with other Distributions such as Debian, Gentoo and OpenSUSE as well as big projects like GNOME, LibreOffice and KDE. There are also numerous other Linux publications and groups in the list of supporting organisations which is great to see.

We hope that this campaign gains the traction that it deserves and brings about the legislative changes needed to ensure that the public money leads to public code and the plethora of benefits that that would bring.

 

Posted in Collaboration, community | 7 Comments

Weekly roundup 2017 week 28 – 30

Posted on July 31, 2017 by Donald Stewart

So this is the first roundup since the release of Mageia 6, so there are a few more weeks in here than normal.

Cauldron

As expected, Cauldron has been flooded with large updates, and despite their best efforts, everything seems to be working well. Note that big breakage now is very normal, pushing the risky and large scale changes to very low-level things now gives the most room for testing, so things are expected to break. That said, the toolchain and rpm still have some large updates and changes to come, so there is still plenty of opportunity for things to break.

Here are a few of the big updates:

  • Qt 5.9.1
  • Plasma 5.10.4
  • KDE Applications 17.04
  • Kernel 4.9.40
  • Gnome 3.24.3
  • Cinnamon 3.4.4
  • Chromium Browser 59

There have also been updates to the Perl stack, vlc and countless other packages.

Mageia 6

So this is the first time that there has been a Mageia 6 heading here, which is a nice addition, to say the least. It also wouldn’t really be fitting to start this list without there being an entry for flash 🙂 So, here are some of the big updates for Mageia 6:

  • flash-player-plugin-26.0.0.137 – Multiple CVE fixes
  • wine-2.0.2 – Bugfix update
  • mesa-17.1.5 – Bugfix update including Vulkan fixes
  • mariadb-10.1.25 – Bugfix release
  • wireshark-2.2.8 – Multiple CVE fixes
  • rust-1.19.0 and cargo-0.20.0 – New stable release

Several bugfix updates have also been pushed to fix upgrade issues from Mageia 5.

Note that you can consult all update advisories directly on the dedicated page.

Mageia 5

Even though Mageia 6 is available, Mageia 5 is very far from forgotten, here are some of the important updates it has received since the last roundup:

  • flash-player-plugin-26.0.0.137 – Multiple CVE fixes
  • openvpn-2.3.17 – Multiple CVE fixes
  • libgcrypt-1.5.4-5.4 – CVE fix
  • nvidia-current -375.66 & ldetect-lst-0.1.346.6 – Added support for latest 10xx card

 

Posted in Weekly roundup | 4 Comments

Known issues with upgrades from Mageia 5 to Mageia 6

Posted on July 22, 2017 by Donald Stewart

Since the release of Mageia 6 last week, there have been several reports about issues with upgrades from Mageia 5, particularly for users upgrading from KDE 4. While that is not surprising due to the complex nature of the upgrade from KDE 4 to Plasma 5, those issues had sadly not been noticed by our QA team during its extensive pre-release testing.

We want to both acknowledge that we are aware of the issues and working on needed fixes, and make sure that those wanting to upgrade from Mageia 5 are aware of the issues and read the errata beforehand. To avoid bad surprises for the least tech savvy users, we temporarily disabled the upgrade notification that prompts users to upgrade to Mageia 6 from their live session – it will be re-enabled as soon as we are confident that most users will have a smooth upgrade.

Also note that these issues are not present on new installs and the installation experience, particularly switching from KDE 4 to Plasma 5, will be easier with a fresh installation. As such all upgrade issues should be fixable via normal package updates, and no new ISOs are planned.

The section in the Mageia 6 errata relating to upgrades highlights the procedure to minimize some of the known issues. A big thing to note that has caused issues is the use of third party packages installed in Mageia 5, especially NVIDIA graphics drivers from the upstream website (as opposed to the ones packaged by Mageia).

Here is a small summary of things to look out for:

A note on upgrades in general – performing the upgrade offline with the Classical ISO works only if update repositories are enabled, as a full Mageia 5 upgrade requires more packages than are available on the ISO images. The recommended way to start an upgrade is to do it from a non-graphical terminal (e.g. tty2 accessed via Ctrl+Alt+F2) using urpmi, as outlined in the release notes.

If you have any upgrade issue, make sure to reach out with the community on the forums, mailing lists or IRC, where advanced users can help you debug and often fix an apparently broken system.

Apart from those upgrade issues affecting some Mageia 5 systems, most users seem to be pretty happy with Mageia 6 – we will continue showcasing some of the interesting developments made for this release in future blog posts. If you missed it, be sure to check out the last post outlining some of the goodies introduced thanks to the DNF support in Mageia 6.

Posted in Mageia, release, users | 28 Comments