Weekly roundup 2017 – week 43

Posted on October 29, 2017 by Donald Stewart

Before we get into the updates and Mageia news, a quick suggestion from the Free Software Foundation:

Image credit – https://twitter.com/fsf/status/923644337140924418

Cauldron

The big updates in Cauldron this week are to Mate 1.19.1 and Plasma 5.11.2, here are a few of the other big updates:

  • kernel 4.13.10
  • ffmpeg 3.4
  • libreoffice 5.4.3 rc1
  • Chromium browser 62

There were also updates to some Perl modules and some of the underlying Mageia libraries that are used in our tools, like urpmi, the Control Centre and the Installer.

Also, a quick note about our ARM support, as mentioned a few weeks ago, we are thinking of dropping arm5tl, this seems more and more likely, builds take a very long time and developers are starting to drop support for it. If you have any opinion on whether it should be kept or not, bringing it to the discussion on the dev mailing list would be useful.

Mageia 6

There were some big updates for Mageia 6 this week, here are the major ones:

  • virtualbox, kmod-vboxadditons & kmod-virtualbox 5.1.30 – multiple CVE fixes
  • upx-3.94-1 – CVE fix
  • mysql-connector-java-5.1.42-1 – CVE fixes
  • rust-1.21.0-1 & cargo-0.22.0-1 – Version update

Mageia 5

  • virtualbox, kmod-vboxadditons & kmod-virtualbox 5.1.30 – multiple CVE fixes
  • upx-3.94-1 – CVE fix
  • kernel-4.4.92-1 – multiple CVE fixes
  • mysql-connector-java-5.1.42-1 – CVE fixes

Community

Mageia will have a booth at the OpenRhineRhur event next weekend (4th to 5th November), thanks to the volunteers for hosting the booth and we hope to see and talk to lots of interesting people there. If you are in the area, feel free to drop by!

 

Posted in community, Weekly roundup | 7 Comments

Mageia at OpenRheinRuhr 2017

Posted on October 27, 2017 by Marc Lattemann

Since we took a break last year, we are happy to announce our participation at the OpenRheinRuhr 2017 in Oberhausen (Germany). We are pleased to have this opportunity to present our lovely distribution there.
As always the ORR takes place at the nice old-fashioned industrial museum (“Rheinisches Industriemuseum“) from the 4th to the 5th November.
This year a lot of projects and companies show their work and contributions around the topic of free and open software and Mageia is proud to be a part of that.
Additionally there is a wide program and a lot of very interesting talks and presentations so it is really worth it to spend this autumn weekend there.
Come along to our booth and discuss with us the news about our community and the project or tell us your experience with our distribution.
We’re looking forward to welcoming you there.

See also blogpost in German.

 

 

 

Posted in Uncategorized | 7 Comments

Weekly roundup 2017 – week 42

Posted on October 22, 2017 by Donald Stewart

Cauldron

The biggest update this week has been Plasma 5.11.1 and also the addition of the Julia numerical oriented programming language, the full import should be ready soon.

Big changes in Cauldron this week include:

  • lame 3.100
  • ardour 5.12.0
  • cmake 3.10.0 RC3
  • kernel 4.13.8
  • openfoam 5.0
  • virtualbox 5.1.30
  • cups 2.2.5

Mageia 6

Lots of updates to both Mageia 6 and 5 this week, most notably a fix for the wpa_supplicant and hostapd vulnerabilities.

  • kernel 4.9.56-1 & matching headers and modules – multiple CVE fixes
  • db48 4.8.30-21.1 & db53 5.3.28-10.1 – CVE fix
  • php-memchache 3.0.8-10 – fixes mga#21833
  • hostapd 2.6-1.1 & wpa_supplicant 2.6-1.1 – multiple CVE fixes
  • poppler 0.52.0-3.3 – multiple CVE fixes
  • flash-player-plugin 27.0.0.170-1 – CVE fix
  • webmin 1.860-1 – CVE fix
  • wireshark 2.2.10-1 – multiple CVE fixes
  • libxfont 1.5.2-1.1 & libxfont2 2.0.1-4.1 – CVE fixes
  • ruby 2.2.8-1 & ruby-json 1.8.3-3.1 – multiple CVE fixes
  • openvpn 2.4.4-1 – CVE fix

Mageia 5

  • db48 4.8.30-18.1 & db53 5.3.28-4.1 – CVE fix
  • hostapd 2.6-1 & wpa_supplicant 2.6-1 – multiple CVE fixes
  • poppler 0.26.5-2.5 – multiple CVE fixes
  • flash-player-plugin 27.0.0.170-1 – CVE fix
  • webmin 1.860-1 – CVE fix
  • wireshark 2.0.16-1 – CVE fix
  • libxfont 1.5.1-1.1 – CVE fixes
  • ruby 2.0.0.p648-1.5 & ruby-json 1.8.1-3.1 – multiple CVE fixes
Posted in Weekly roundup | 4 Comments

2017 week 41 and some extras

Posted on October 15, 2017 by Donald Stewart

Cauldron

The Mageia 7 feature proposals are being discussed more, as some of them are very large and will bring large changes to the distribution and installer, scoping the work and looking at the needed resources and timelines is a big job. The big 2 are moving more towards manatools and integrating dnf into the installer, implementing a shim for the existing urpmi commands and ensuring that there is no loss in functionality if we decide to switch for Mageia 7.

While not strictly a Cauldron piece of news, we will in all likelihood drop arm5tl and start to work towards building aarch64 and well as the current arm7hl.

Big changes in Cauldron this week include:

  • rust 1.21.0
  • kernel 4.13.7 – preliminary support for Coffee Lake (i915 alpha)
  • wine 2.18
  • R-base 3.4.2
  • apache 2.4.28
  • x11-server 1.19.5
  • rpm 4.14.0
  • vlc 3.0.0 (git snapshot with fix for drag and drop)

Mageia 6

There have been plenty of security updates for Mageia 6, here are a few of them:

  • thunderbird-52.4.0-1 – Security fix
  • weechat-1.7.1-1.1 – CVE fix
  • pjproject-2.5.5-4.1 – CVE fixes
  • dnsmasq-2.77-1.2 – multiple CVE fixes
  • x11-server-1.19.4-1 – CVE fixes
  • firefox-52.4.0-1 – multiple CVE fixes
  • ghostscript-9.20-3.1 – multiple CVE fixes
  • mariadb-10.1.28-1 – maintenance and bugfix release

Mageia 5

Similarly for Mageia 5, plenty of new updates:

  • thunderbird-52.4.0-1 – Security fix
  • weechat-0.4.1-7.2 – CVE fix
  • pjproject-2.3-1.1 – CVE fixes
  • dnsmasq-2.77-1.1 – multiple CVE fixes
  • x11-server-1.16.4-2.3 – CVE fixes
  • firefox-52.4.0-1 – multiple CVE fixes
  • ghostscript-9.20-1.1 – multiple CVE fixes
  • gstreamer0.10-plugins-good-0.10.31-9.2 & gstreamer1.0-plugins-good-1.4.3-2.2 – multiple CVE fixes

Community

We have been having ongoing issues with spam and fraudulent accounts on our bugzilla so we introduced a special group which can edit bugs. We already added many relevant contributors to it. We think this is a temporary measure until we can properly test a more complete authentication system. Note that this change won’t effect your ability to post bugs. Just edit ones already posted, if there are issues from this, contacting the relevant mailing list should get it resolved quickly.

 

Posted in Weekly roundup | 10 Comments

Weekly roundup 2017, week 38

Posted on September 23, 2017 by Donald Stewart

Firstly a short apology for the lack of blogs recently. With summertime and other commitments, Mageia has sadly had less time from some contributors recently.

Cauldron

Since it has been 8 weeks since the last update, there have been massive changes to Cauldron. I won’t discuss a of them here, instead, here are a few of the more recent larger changes:

  • Updated Ruby stack
  • Update Perl stack
  • kernel 4.12.14
  • llvm 4.0.1
  • flatpak 0.9.12
  • vim 8.0.1097
  • mesa 17.2.1

There is also the update to the base toolchain, which is requiring large scale rebuilds and will likely cause some issues until everything has settled.

Feature proposals for Mageia 7 are well underway, so if you have anything you would like to see included. or have thoughts on the ideas put forward, now is the time to shape what Mageia 7 will become.

Mageia 6

Since the last roundup, there have been countless updates for Mageia 6, here are a few of the more critical fixes that have gone through QA:

  • tor-0.2.9.12 – CVE fix
  • tomcat-8.0.46 – CVE fixes
  • bluez-5.45-2.1 – CVE fix
  • ffmpeg-3.3.4 – security update
  • kernel-4.9.50 – multiple CVE fixes
  • flash-player-plugin-27.0.0.130 – CVE fixes
  • tcpdump-4.9.2 – multiple CVE fixes

Mageia 5

Like Mageia 6, there have been many updates, again, here is a selection of the more critical fixes:

  • tor-0.2.8.15 – CVE fix
  • tomcat-7.0.81 – CVE fixes
  • bluez-5.28 – CVE fix
  • kernel-4.4.88 – multiple CVE fixes
  • flash-player-plugin-27.0.0.130 – CVE fixes
  • tcpdump-4.9.2 – multiple CVE fixes

Community

The recent campaign from the Free Software Foundation Europe, Public Money, Public Code, that is aiming to have code written with public funding for the public sector released under open licensing is something that Mageia is more than happy to get behind. Such goals that share so many of the principles that Mageia was founded on and that aim to help Open Source deserve all of the support that we can offer – more details available in the blog about our support.

There has also been issues with spam from fresh accounts on the wiki, so sadly we have had to restrict write access until a full solution can be found, in the meantime, if you wish to edit, please contact the doc-discuss mailing list.

Posted in Weekly roundup | 6 Comments