Weekly roundup 2017 – Week 48

Posted on December 3, 2017 by Patricia Fraser

There’s lots of work still going on behind the scenes – wide-awake folks have noticed that Kernel 4.14.3 has made its way into Cauldron, along with loads of other goodies; the commits mailing list has been very active!

The devteam folks had a huge long meeting during the week to begin nailing down plans and features for Mageia 7; check out the meeting logs. Lots of stuff will continue to be discussed and refined for a while yet, but the process is well begun.

Here’s a selection of the additions and updates to Cauldron during the week:

enlightenment-0.22.1-2.mga7
firefox-57.0.1-1.mga7
firefox-beta-58.0-0.b7.1.mga7
get_iplayer-3.07-1.mga7
kernel-4.14.3-1.mga7
pulseaudio-11.1-1.mga7
virtualbox-5.2.2-2.mga7

There are also several perl and php packages – check out the full list. It’s also good to know what the QA team has in the pipeline – check it out on the AppDB. You’ll see updates being tested, updates ready to be pushed, and then there’s the backports.

Security and bugfix advisories are always available online; check out the Advisories site for CVEs on the security updates, as well as info on the bugfix updates. Here’s the list for the past week.

drakxtools (bugfix) – Mga 6
gnucash (bugfix) – Mga 6
nvidia-current, ldetect-lst (bugfix) – Mga 5, 6
php-ssh2 (bugfix) – Mga 5, 6
xdg-utils (bugfix) – Mga 6
apr-util (security) – Mga 5, 6
bchunk (security) – Mga 5, 6
botan (security) – Mga 5, 6
chromium-browser-stable (security) – Mga 6
ghostscript (security) – Mga 5, 6
krb5 (security) – Mga 5, 6
libtiff (security) – Mga 5, 6
mediawiki (security) – Mga 6
postgresql9.3, postgresql9.4, postgresql9.6 (security) – Mga 5, 6
sssd (security) – Mga 6
thunderbird, thunderbird-l10n (security) – Mga 5, 6
vlc (security) – Mga 5
webkit2 (security) – Mga 6

Onward and upward…

Posted in Weekly roundup | 8 Comments

Weekly Roundup 2017 – Week 47

Posted on November 28, 2017 by Patricia Fraser

Schultz is flat out this week, so apologies if the content of this roundup is a little sparse. I’ll do better in future!

Behind the scenes in Mageia land:

Packagers and QA are seriously busy people – so busy that they haven’t recorded an actual meeting for many months, but they’re likely to have one this week while they polish up the specs for Mageia 7. Look for updates in coming roundups. Meanwhile, much work is going on testing and validating Kernel 4.14; if that works out well enough, and the problems with the update process from Mageia 5 to Mageia 6 are ironed out, there’s a possibility we might have a Mageia 6.1 release. No promises! but watch this space.

While all that’s happening, the updates and additions are coming on in great big chunks:

* LibreOffice 5.4.3.2
* thunderbird 52.5.0 (cauldron + mga5 & mga6 testing) ,
* kernel 4.14.2 (cauldron + mga6 testing),
* virtualbox 5.2.2 (cauldron + mga6 testing),
* cinnamon 3.6.6 (cauldron),
* ocaml 4.06.0 (cauldron + update/rebuild of all ocaml stack),
* alsa 1.1.5 (cauldron),
* supertuxkart 0.9.3 (cauldron + mga6 testing),
* boost 1.65.1

…and tons of rebuilds of dependent packages (cauldron), and many, many more.

Oh, and something else nice in Cauldron: PulseEffects, which adds a nice graphic equalizer and filters and so on to PulseAudio. Still working on getting it to play nice with Plasma, but the Magicians are dealing with it.

Don’t forget that you can check out the Mageia AppDB (https://madb.mageia.org/) at any time to see what’s being updated across all Mageia versions; you’ll see that there were lots of updates this week. Also, if you want to keep track of security updates in between roundups – particularly to check out the CVE advisories – take a look at https://advisories.mageia.org/, where you can select the Mageia version and type of update. Click on the advisory number to check out what the fix was all about.

And thank the QA team and the packagers!

See you next week!

Posted in Uncategorized | 8 Comments

Weekly roundup 2017 – week 46

Posted on November 19, 2017 by Donald Stewart

Cauldron

Another busy week for Cauldron, while not as many large updates, lots of other packages have seen work, as well as getting ready for future upgrades.

  • flatpak 0.10.0
  • boost 1.65.1
  • glib 0.7.4
  • chromium-browser 62
  • zsh 5.4.2
  • kmymoney4.8.1

There was also an update to PHP, so plenty of module updates and rebuilds for that and boost.

The other big update that is coming is Firefox, there is an issue with its build and our rust toolchain, but once that is sorted then Firefox 57 will be coming your way.

One other interesting discussion that will have to be resisted, most likely many more times before a full decision is made, is what to do with the 32-bit media. While they are still needed for now as not everyone has access to high-speed internet for net installs and most likely they will be the ones without access to newer 64-bit hardware.Currently there are also many others who do have 64-bit hardware but for some reason still use 32-bit install. At least it seems that way from torrent statistics shared by some of our contributors. Hearing opinion on this is always useful, although this is probably something more for Mageia 8.

Mageia 6

A busy week for updates, here are some of the important ones:

  • konversation 1.7.3-1 – CVE fix
  • firefox 52.5.0-1, nss 3.28.6-1.1 & rootcerts 20171025.00-1 – CVE fixes
  • nextcloud-client 2.3.2-1 – bugfix update
  • php 5.6.32-1 – Security fix
  • cups 2.2.6-1 – bugfix update
  • flash-player-plugin 27.0.0.187-1 – multiple CVE fixes

Mageia 5

Also some important updates for Mageia 5, here are some of them:

  • konversation 1.5.1-1.1 – CVE fix
  • firefox 52.5.0-1, nss 3.28.6-1.1 & rootcerts 20171025.00-1 – CVE fixes
  • bluez 5.28-1.2 – CVE fix
  • php 5.6.32-1 – Security fix
  • flash-player-plugin 27.0.0.187-1 – multiple CVE fixes
Posted in Weekly roundup | 15 Comments

Weekly roundup 2017 – week 45

Posted on November 13, 2017 by Donald Stewart

Cauldron

Lots of big updates since the last roundup, here are a few of the big ones:

  • networkmanager 1.10.0
  • kernel 4.13.12
  • libreoffice 5.4.3.2
  • lxqt 0.12
  • mesa 17.2.4

llvm 5 has also been moved out of testing, so a fair few rebuilds of big packages have been needed. Please reports any bugs or issues with that on the Bugzilla.

Mageia 6

  • libjpeg-1.5.1-1.1 – CVE fix
  • flash-player-plugin-27.0.0.183-1 – bugfix and security update
  • openssl-1.0.2m-1 – CVE fixes
  • git-2.13.6-1 – CVE fix
  • nvidia-current-384.90-2 & ldetect-lst-0.3.7.2-1 – new hardware support (Quadro P5200) and bugfix
  • arduino-1.6.5-3.1 – bugfix update
  • x11-server-1.19.5-1.1 – multiply CVE fixes
  • libpng-1.6.34-1 – update

Mageia 5

The big news for Mageia 5 was the extension of its support period until December 31st, 2017, full details available in this blog.

  • libjpeg-1.3.1-4.2 – CVE fix
  • flash-player-plugin-27.0.0.183-1 – bugfix and security update
  • openssl-1.0.2m-1 – CVE fixes
  • nvidia-current-384.90-2 & ldetect-lst-0.1.346.8-1 –  new hardware support (Quadro P5200) and bugfix

Community

The Paris Open Source Summit is coming up in December, we will be there, so if you would like to come along and meet some contributors and all of the other events happening, or help out at the booth, feel free to get in touch.

Posted in Weekly roundup | 4 Comments

Mageia 5 EOL postponed

Posted on November 7, 2017 by Rémi Verschelde

As the upgrade path from Mageia 5 to Mageia 6 is harder than anticipated, many users are still on Mageia 5 today. We have therefore decided to prolong the support of Mageia 5 until December 31st, 2017 (instead of October 31st, 2017 as announced until now).

“Best effort” support limited to critical security fixes

This extended support will be limited to critical security fixes for components found in most systems, such as the kernel, glibc, firefox, flash-player-plugin, etc. The exact scope will be decided for each package by the packager maintainers and security teams, based on the severity of the issue and the resources that we have in terms of packaging and quality assurance.

So, in summary: your Mageia 5 system will not be exposed to known critical vulnerabilities until its EOL in 2 months, but the support will still be much more limited than that of Mageia 6 systems. We encourage the remaining Mageia 5 users to use this time to upgrade to Mageia 6 as soon as possible.

Upgrade advice

Many users reported critical issues when upgrading complex systems to Mageia 6, especially using KDE4, NVIDIA proprietary drivers, and/or third-party packages. Such issues can be package conflicts that prevent the upgrade from finishing properly, leaving the system in a hybrid state that may not properly survive a reboot, or they can be drivers issues that lead to the graphical X.org server failing to initialize itself, landing users on a terminal instead of the desktop environment.

For this reason, we disabled the system that prompts users to upgrade via our GUI tool mgaonline, so only manual upgrades can be done using our CLI tool urpmi. We are still working on solving the main issues mentioned above to allow us to re-enable the mgaonline upgrade path, but we want to warn users that there might still be caveats to this specific upgrade.

When possible, we recommend that Mageia 5 users do a clean install of Mageia 6 on a different partition (thus keeping both systems next to each other), and copy the relevant parts of their Mageia 5 configuration (typically the hidden folders in your /home) onto the new system. It should also work fine to reuse the same /home partition if it’s separate from the root partition. You can even use the same username and UID (user identifier), but keep in mind that systems upgraded from older Mageia releases might still have user IDs starting at 500, while Mageia 6 requires user IDs to start at 1000. There’s a wiki page with some more instructions for upgrade.

When in doubt, please get in touch with other community members on the forums, mailing lists or IRC, there will always be helpful people ready to help you.

We are sorry for the inconvenience and will work hard to provide a more stable upgrade path from Mageia 6 to Mageia 7.

Posted in Mageia, QA, release | 18 Comments