Reading view

There are new articles available, click to refresh the page.

New Year Starts with Slowroll Version Bump

The openSUSE Slowroll community has welcomed the January version bump that was completed recently.

Slowroll’s snapshots mark the beginning of fresh updates with the initial updates now accessible on mirrors globally.

This month’s bump comes a day early to avoid interruptions caused by routine maintenance on critical infrastructure. Updates are rolling out and users get new Tumbleweed versions from the 20250101 snapshot.

The updates integrate advancements from the openSUSE reproducibility initiative, which derive from Factory/Tumbleweed. Key improvements include enhanced tools for reproducible builds and fixes for dependency handling, parallelism and race conditions in packages such as Python, Qt and others.

Slowroll’s smart roll approach delivers a dependable foundation for users seeking a reliable system with essential security updates that avoid frequent changes seen in traditional rolling-release models. The balance makes it an excellent choice for those who want a balance of stability and access to modern software.

Updates for Slowroll arrive between an average of 5 to 10 days after being released in Tumbleweed. Users can read the latest monthly update for Tumbleweed to see what packages are arriving in Slowroll; recent updates include QEMU 9.2.0, which adds 3D acceleration for Vulkan apps and enhanced crypto support, and GPG 2.5.2, which features ECC+Kyber key generation and improved smart card handling.

While still marked as experimental (for lack of automated tests), Slowroll continues to evolve and offers users a dependable and innovative alternative in the openSUSE ecosystem.

For more details, visit the project’s roadmap.

Tumbleweed Monthly Update - December 2024

Tumbleweed continues to exemplify a solid rolling release and December 2024 wraps up a year of several snapshots and large array of updates! KDE Gear 24.12 improves app usability, SQLite introduces innovative query features and snapshots brought critical patches across various packages for enhanced security. These updates not only strengthen functionality but also set the stage for an exciting 2025.

As always, remember to roll back using snapper if any issues arise.

Happy updating and tumble on!

For more details on the change logs for the month, visit the openSUSE Factory mailing list.

New Features and Enhancements

  • KDE Gear 24.12: This update delivers many enhancements across KDE’s diverse application suite. Dolphin now boasts better keyboard navigation, file sorting and a new mobile-optimized interface for Plasma Mobile. Document viewer Okular enhances its annotation, form-handling and digital signing capabilities, while Kdenlive introduces features like timeline item resizing and proxy generation improvements. Other apps like certificate manage Kleopatra and KDE Connect also see notable upgrades that ncludes improved cryptography tools and improved Bluetooth connectivity.
  • KDE Ships Frameworks 6.9.0: Key highlights include better accessibility, improved file handling and updated icon sets across various modules. Frameworks like Baloo and Kirigami received significant updates for test reliability and usability, while Breeze Icons introduced new symbolic versions for better UI consistency. The transition to Qt6 progresses with many components now optimized for compatibility, and new Python bindings extend functionality in multiple libraries. Other improvements address cryptographic handling, better integration with Flatpak, and fixes for platform-specific builds like Haiku.
  • sqlite 3.47.1 & 3.47.2: The 3.47.1 version fixes makefile DESTDIR handling, addresses issues with certain IN queries and resolves bugs from prior releases. The upgrade introduces arbitrary expressions for RAISE, enhanced query optimizations, improved group_concat behavior and new CLI features like median() and .www. Several query planner improvements boost performance, while SQLite now avoids “long double” usage for better compatibility. Additional enhancements include custom locale-aware FTS5 tokenizers, contentless FTS5 tables, and an experimental sqlite3_rsync tool. Compatibility for TCL9 is added, and JavaScript OPFS VFS issues are fixed. The 3.47.2 version resolves a text-to-floating-point conversion issue affecting specific numeric text values on x64 and i386 systems, introduced in version 3.47.0. Minor bug fixes are included, and the session extension is now enabled to support NodeJS 22.
  • Kernel-firmware 20241128: This introduces extensive updates that include the i915 Xe2LPD DMC v2.24, new Cirrus CS35L56 firmware for Dell laptops, and multiple amdgpu updates. It also adds new aliases for kernel 6.13-rc1 and enhances support for various AMD GPUs, iwlwifi and other devices.
  • gpg 2.5.2: This update introduces ECC+Kyber key generation, trustdb validation post-key import and improved handling of expired trusted keys. Enhancements include fixes for encryption issues, robust error handling for smart cards and performance boosts for certificate listings. Other updates refine ADSK key usage, address database race conditions and optimize directory creation during extraction.
  • curl 8.11.1: This release addresses a critical security issue involving netrc and redirect credential leaks. Improvements include fixes for cookie handling, enhanced trace timestamps and better error messaging for expired certificates. Updates also resolve issues with netrc parsing, libssh IPv6 handling and HTTP content decoding.

Key Package Updates

  • Kernel Source 6.12.6: The kernel introduces numerous improvements and fixes. Key updates include enhanced USB support, addresses issues in device suspension and improves audio compatibility for specific devices. Other notable fixes involve enhancements to scheduling, block storage, network protocols and RISC-V architecture. It also includes critical patches for BPF, IOMMU, and several drivers.
  • Flatpak 1.15.12: This fixes crashes during app installations by reverting to process IDs in cgroup names, introduces USB metadata parameters (--usb, --no-usb), enhances accessibility with --a11y-own-name, improves debugging with flatpak run -vv, adds KDE search completion support and includes build fixes, updated dependencies, and memory leak resolutions.
  • systemd 256.9 and 256.10: This 256.9 update clarifies $WATCHDOG_USEC usage for the shutdown binary and addresses SAS wide ports in udev-builtin-path_id. It reverts a commit causing regressions, disables EFI on non-compliant architectures, and removes /run/systemd when switching root. The 256.10 update includes fixes for VLAN ranges, improved WireGuard key error reporting and adjustments to systemctl for better user feedback.
  • LLVM 19.1.5 and 19.1.6: This minor update provides bug fixes and the llvm-do-not-install-static-libraries.patch was rebased to align with the update.
  • qemu 9.2.0: This update introduces 3D acceleration for Vulkan apps via virtio-gpu, enhanced crypto with SHA-384 support and QATzip migration compression. arm gains FEAT_EBF16 emulation, two-stage SMMU and CPU Security Extensions for xilinx-zynq-a9. RISC-V sees IOMMU support, extensions for control flow integrity and improved vector performance. x86 highlights include a new Nitro Enclave machine type and AVX10 KVM enhancements.
  • GStreamer 1.24.10: This update addresses more than 40 security vulnerabilities in components like MP4, Matroska and Ogg demuxers and includes fixes for avviddec assertions, appsink/appsrc, decodebin3, closed captioning and pipeline graph generation.
  • vim 9.1.0908: This update includes new file type recognitions, enhancements to documentation, better syntax support for various languages and numerous bug fixes across features like completion, file operations, and plugins. It also refreshes translations and improves runtime components like netrw and termdebug.
  • libzypp 17.35.15: This update updates to treat = as a safe character in URL query values, adds support for recognizing rpmdb.sqlite as a database file, fixes a typo and adjusts the FastCGI header.
  • gedit 48.1: This update removes plugins like External Tools, Snippets and Python Console. The package rewrites the Text Size plugin in C, and eliminates the background-pattern grid feature. Fixes include Wayland unmaximize bug and compilation warnings, alongside code refactoring and updated translations. The gedit-plugins-python-env.patch was dropped as obsolete.
  • AppStream 1.0.4: This release brings new features, including AS_BUNDLE_KIND_SYSUPDATE for system updates and dark theme support for Plasma and Pantheon. Improvements were made to memory size detection for Illumos, Solaris, and GNU/Hurd along with enhanced branding color exposure in Qt. Bug fixes address race conditions in GResource loading, timezone handling and legacy compatibility tags.

Bug Fixes and Security Updates

Several key security vulnerabilities were addressed this month:

  • avahi:
    • CVE-2024-52616: Predictable Avahi-daemon DNS transaction IDs enable potential spoofing attacks.
  • mozjs128 128.5.1:
    • CVE-2024-11691: Out-of-bounds write in Apple GPU drivers via WebGL.
    • CVE-2024-11692: Select list elements could display over another site.
    • CVE-2024-11694: CSP bypass and XSS exposure via Web Compatibility Shims.
    • CVE-2024-11695: URL bar spoofing through manipulated Punycode and whitespace characters.
    • CVE-2024-11696: Unhandled exception during add-on signature verification.
    • CVE-2024-11697: Improper keypress handling in executable file confirmation dialog.
  • curl 8.11.1:
    • CVE-2024-11053: Versions 6.5–8.11.0 leaked .netrc passwords during HTTP redirects.
  • libheif:
    • CVE-2023-0996: Addressed out-of-bounds read and write issues during HEIF file decoding with forged overlay image offsets.
    • CVE-2024-41311 : Fixes mitigating vulnerabilities that could lead to memory corruption during malformed HEIF file handling.
    • CVE-2023-29659: Enhances overall security and addresses security flaws in HEIF file processing to prevent out-of-bounds access.
  • socat 1.8.0.2:
    • CVE-2024-54661: Predictable temp file paths in socat may allow arbitrary file overwrites.
  • emacs:
    • CVE-2024-53920: On untrusted Emacs, Lisp code can trigger unsafe macro expansion, allowing arbitrary code execution.

Conclusion

December 2024 capped off the year with significant updates. Notable enhancements include QEMU’s improved virtualization features, systemd’s refined user feedback and hardware compatibility, and the kernel’s advancements in boosting device support and performance. Updates to Flatpak and AppStream further enhance the ecosystem, providing better app management and integration. As Tumbleweed users roll into 2025, they can count on a comfortable, secure open-source software experience. Happy tumbling!

Slowroll Arrivals

Please note that these updates also apply to Slowroll and arrive between an average of 5 to 10 days after being released in Tumbleweed snapshot. This monthly approach has been consistent for many months, ensuring stability and timely enhancements for users.

Contributing to openSUSE Tumbleweed

Stay updated with the latest snapshots by subscribing to the openSUSE Factory mailing list. For those Tumbleweed users who want to contribute or want to engage with detailed technological discussions, subscribe to the openSUSE Factory mailing list . The openSUSE team encourages users to continue participating through bug reports, feature suggestions and discussions.

Your contributions and feedback make openSUSE Tumbleweed better with every update. Whether reporting bugs, suggesting features, or participating in community discussions, your involvement is highly valued.

Board Election Schedule Revised

Members of the openSUSE Election Committee have provided an update regarding this year’s Board election. This election will fill three board seats. All eligible openSUSE members are encouraged to participate in shaping the future of the project.

The nomination process, originally scheduled for completion in December, has been extended due to an insufficient number of candidates. The updated timeline aims to provide more opportunities for members to engage in the process.

Revised Election Timeline

  • Jan. 3, 2025: Extension for nominations and applications for Board candidacy; membership drive begins
  • Jan. 18, 2025: Final candidate list announced; campaign begins; membership drive continues (new members can vote but not run)
  • Jan. 19, 2025: Voting opens
  • Feb. 2, 2025: Voting closes
  • Feb. 3, 2025: Election results announced

The three open seats are held by Douglas DeMaio, Neal Gompa, and Patrick Fitzgerald. Board members serve as guides for the community, handle key project functions, facilitate initiatives, organize meetings, and manage openSUSE domains and trademarks. They also uphold community standards, including overseeing complaints and ensuring compliance with the openSUSE Code of Conduct.

How to Participate

Any openSUSE member can stand for election by sending an email to project@lists.opensuse.org and election-officials@lists.opensuse.org. Members can also nominate others by contacting the Election Committee, who will confirm the nominee’s interest.

Eligibility Requirements

Per the Election Rules, only current members are eligible to run for board positions. New members joining during the membership drive can participate in voting but cannot stand as candidates.

The election is overseen by committee members Ish Sookun, Edwin Zakaria, and Ariez Vachha. Their responsibilities include finalizing the candidate list and ensuring a smooth election process.

Let’s work together to make this election a success and continue driving openSUSE forward into 2025!

New Package Management Tool Debuts

The name for this project was updated to Myrlyn on Jan. 9, 2025.

YQPkg, a promising new package management tool for openSUSE, is preparing to make waves in the Linux community.

Designed as a standalone GUI, the software package offers a lightweight, intuitive alternative to traditional tools like YaST for users of openSUSE distributions.

YQPkg provides a glimpse into the future of package management on openSUSE systems. The usable alpha when packaged and released for Tumbleweed and Slowroll will include most of the key features necessary for effective package management.

YQPkg was developed during Hack Week 24 and is a standalone Qt-based package manager, free from YaST dependencies. It supports real package installation, updates, and removals with dependency resolution and user feedback. It’s alpha but usable, with read-only and root modes.

Users can run it as root for full functionality or as a regular user in read-only mode. It features a straightforward progress bar and users can toggle detailed views during operations.

However, some limitations remain. Repository refresh operations and gpg key handling are not yet implemented, so users are advised to manually refresh repositories (sudo zypper ref) before starting the program. YQPkg is still in active development, with known bugs and potential issues; IT IS RECOMMENDED TO AVOID USING IT ON CRITICAL PRODUCTION SYSTEMS AT THIS POINT.

Unlike its predecessor, YQPkg does not depend on YaST infrastructure as it relies only on libzypp. This independence ensures a streamlined experience and reduces some complexity. Libzypp is a C++-based package management library that handles package dependency resolution and management, independent of any graphical user interface framework like Qt.

The tool will introduce flexible summary views, allowing users to review completed tasks or return to previous steps for additional changes. Preferences like summary page settings and countdown timers are saved for future sessions.

Users wanting to explore YQPkg will be able to easily get started upon its release; after refreshing repositories with sudo zypper ref, users can download the latest alpha release and run the tool in either non-root read-only mode or with root permissions for full functionality; this accessibility ensures YQPkg is ready to meet the needs of both casual users and power users alike.

Though still in development, YQPkg is steadily evolving. Future updates promise enhancements like improved error handling, GPG key management, and repository refresh prompts. YQPkg is shaping up for a bright future related to package management within the openSUSE ecosystem.

You can build it from source from its GitHub repo. The current development status and screenshots are available here; scroll down for the latest news.

Leap 15.5 Nears End of Life

The release of Leap 15.6 on June 12 set in motion the End of Life for maintenance and security for Leap 15.5, which will happen at the end of December.

Users should upgrade to openSUSE Leap 15.6 to continue to receive security and maintenance updates. Leap versions have a six-month end-of-life period after the release of a new version.

The openSUSE Project is in the development for stage forLeap 16.0 with the pre-Alpha version people can test.

Early adopters and contributors are encouraged to explore this release and provide feedback to shape the next Leap release, which will come with the Agama installer.

Visit get.opensuse.org to try an openSUSE distribution. For users seeking extended support, SUSE offers long-term support options through its subscription services.

Cheers to 5 Years of openSUSE Bar

The openSUSE community will celebrate the 5-year anniversary of the openSUSE Bar on Dec. 19. Join people in the bar and celebrate this social space where open-source enthusiasts, developers and like minded individuals can come together to discuss open source and other topics.

The bar has become more than just a meeting place; it is a space to collaborate, connect and a welcoming atmosphere for sharing ideas. For years, the space has had countless informal meetups and networking events, celebratory moments after openSUSE milestones and is a place for openSUSE fans to gather.

People are invited to join in the celebration and to share memories or stories of their experience in the openSUSE Bar.

You can find a video about the beginning of the openSUSE Bar from a talk at openSUSE Conference 2022.

Choosing Better Alternatives Amid Confusing Policies

A recent back-and-forth on Windows 11’s hardware requirements and the end-of-life timeline for Windows 10 leaves millions of users frustrated and uncertain about their next steps.

With millions of PCs being labeled by mainstream media as becoming obsolete and potential extended security updates costing users even more, the need for a reliable and sustainable alternative has never been greater.

Linux distributions like openSUSE offer a clear and practical solution. It eliminates the risks of vendor lock-in and avoids the pitfalls of Microsoft’s opaque and ever-changing policies.

The recent uncertainty around Microsoft’s policies underscores the challenges of depending on a company that prioritizes profits over a user’s fundamental needs, which is the ability to use their existing hardware and software effectively.

Microsoft initially doubled down on strict hardware requirements for Windows 11, requiring Trusted Platform Module (TPM) 2.0. In a surprising reversal, the company issued instructions for installing Windows 11 on incompatible PCs, which can leave users even more confused.

This apparent change now is undermined by caveats like updates may not be available for unsupported PCs, and the company has openly warned that such installations could lead to system malfunctions. For many, the message is clear; Upgrade to Freedom! Upgrade to openSUSE!

Microsoft deserves some credit for extending some support, avoiding responsibility for one of the largest preventable e-waste surges in history caused by a software upgrade. However, these efforts do little to address the broader challenges impacting millions of users and the wider consequences for consumers and the environment.

The case for Linux and openSUSE is clear. Linux provides viable, cost-effective and sustainable alternatives. Users can enjoy a free, open-source operating system that doesn’t require costly upgrades or restrictive hardware requirements with installing openSUSE. Here are a few things users that want to transition can consider:

  • Complete Transparency: Linux distributions like openSUSE are governed by open-source principles, ensuring clear and consistent development.
  • No Forced Obsolescence: openSUSE supports a wide range of hardware like modern machines to older PCs that allow users to extend the life of their devices.
  • Cost Savings: openSUSE is free to use, with no licensing fees or hidden subscription costs for extended support.

By switching to Linux, users can help combat e-waste as every PC saved from a landfill is a win for the environment.

Transitioning to Linux is easier than people think and openSUSE is one of the most user-friendly distributions that provides comprehensive tools for installation and configuration.

  • Back Up Your Data: Safeguard important files before transitioning.
  • Download openSUSE: Visit get.opensuse.org to choose between Leap (stable, less updates) or Tumbleweed (rolling updates, several).
  • Install openSUSE: Create a bootable USB and follow the guided installation process.
  • Explore Applications: Discover free alternatives to popular software, such as LibreOffice for productivity, GIMP for image editing, and Steam for gaming.

Take control of your tech future and embrace the ability to Upgrade to Freedome with openSUSE. Your next step is just a click away - get.opensuse.org.

This is part of a series on Upgrade to Freedom where we offer reasons to transition from Windows to Linux.

Using GPIO on BeagleY-AI

By: admin

GPIO stands for General-Purpose Input/Output. It’s a set of programmable pins that you can use to connect and control various electronic components.

You can set each pin to either read signals (input) from things like buttons and sensors or send signals (output) to things like LEDs and motors. This lets you interact with and control the physical world using code!

A great resource for understanding pin numbering can be found at pinout.beagley.ai

import gpiod
import time

gpio14 = gpiod.find_line('GPIO14')
gpio14.request(consumer='beagle', type=gpiod.LINE_REQ_DIR_OUT, default_val=0)

while True:
   gpio14.set_value(1)
   time.sleep(1)
   gpio14.set_value(0)
   time.sleep(1)

...

See more at https://docs.beagle.cc/boards/beagley/ai/demos/beagley-ai-using-gpio.html

The post Using GPIO on BeagleY-AI appeared first on BeagleBoard.

Linux, openSUSE ready for Everyday Users

Most people don’t give much thought to their operating system, but with Windows 10 support ending in October 2025, many will start searching for alternatives that keep them secure without spending more than $100 for a software upgrade or on hardware that still works perfectly.

User-friendly Linux distribution like openSUSE and others offer an excellent solution for everyday tasks like social media, video conferencing, web browsing and more.

If you’re a casual computer user wondering whether you can accomplish the same tasks on Linux that you’ve been doing on Windows, the answer is a resounding YES!

From messaging apps like Telegram to video conferencing with Zoom, openSUSE has you covered. This guide will show you how easy it is to get started with Linux and continue using the apps and tools you’re familiar with.

Get the below applications as a Flatpak in the software center of your desktop environment.

Web Browsing: Chrome, Firefox, Brave, and More

Browsing the web on Linux is just as simple as it is on Windows or macOS. openSUSE supports a wide range of web browsers, including some of the most popular names in the market.

  • Mozilla Firefox comes pre-installed with most Linux distributions, including openSUSE. It’s fast, privacy-focused, and supports all major web standards, making it perfect for everything from casual browsing to online shopping and video streaming.
  • Google Chrome is available on Linux and can be installed easily on openSUSE. If you’re used to Chrome’s features, including syncing bookmarks and settings across devices, you’ll feel right at home.
  • Brave is another great option for privacy-conscious users. It blocks trackers and ads by default and gives people a fast and secure browsing experience. Brave is also easy to install on openSUSE. All these browsers support extensions and features you’re already familiar with, so switching to Linux won’t feel like a big leap.

Social Media Apps: Telegram, Discord, and More

Staying connected on social media is easy, especially getting your favorite apps for messaging, video calls and group chats. Whether as a native downloadable app or as Flatpak app, you will hardly know a difference.

  • Telegram is available for Linux and can be installed directly from the openSUSE software repositories. It works just like the version you’re used to. It allows you to chat, make voice calls and share media with your contacts.
  • Discord, a popular platform for gamers and communities, this also works seamlessly on Linux. You can download the Linux version from the Discord website or install it as a Flatpak for easy updates. Whether you’re chatting with friends or joining online communities, Discord on openSUSE is just as powerful as its Windows counterpart.
  • Signal, a privacy-focused messaging app, is available for Linux and ensures that your chats are secure with end-to-end encryption. It’s a great alternative to WhatsApp for privacy-conscious users.

Video Conferencing: Zoom and Alternatives

Video conferencing has become a staple for work and personal use, and openSUSE has strong support for popular platforms like Zoom and others.

  • Zoom offers a Linux version that works just like the Windows app. You can download it from Zoom’s official website or use the Flatpak version. Whether you’re attending work meetings, online classes or virtual hangouts with friends, Zoom on openSUSE is fully functional and reliable.

  • Jitsi Meet is a free, open-source alternative to Zoom that doesn’t require any installation. You can use it directly from your web browser. The project even uses it for its online bar making it a quick and easy option for video conferencing without the need for additional software. Visit the openSUSE Bar and the may be some people there ready to explain how easy it is to move to Linux.
  • Google Meet and Microsoft Teams are also fully supported on Linux via web browsers like Chrome or Firefox, so you can join meetings without any issues. There is even an unofficial Flatpak app for Teams.

Email: Thunderbird, Evolution, and More

Managing your email is easy through the browser or on with several great apps to choose from.

  • Mozilla Thunderbird is a popular email client that comes pre-installed on many Linux distributions, including openSUSE. It supports multiple email accounts, calendars and task management, which makes it great for everyday use.
  • Evolution is another feature-rich email client that supports Microsoft Exchange, Google accounts, and more. It’s an option if you need advanced email, calendar, and task management features.
  • Gmail, Outlook, and other web-based email services are fully accessible via your preferred browser, just as they are on Windows.

Streaming and Multimedia: Spotify, VLC and More

Linux supports popular platforms for streaming music, videos and other media.

  • Spotify has an official Linux client that you can install on openSUSE. It works the same as it does on other operating systems, giving you access to your playlists, podcasts and favorite music.
  • VLC Media Player is the go-to app for playing virtually any media file. Whether you’re watching movies, TV shows or home videos, VLC’s powerful playback features make it a top choice on a Linux distribution.
  • YouTube and other streaming services, such as Netflix, Hulu, and Disney+, are fully supported on Linux via web browsers like Chrome or Firefox.

File Sharing and Cloud Storage: Dropbox, Google Drive, and Nextcloud

Managing your files and cloud storage is simple on openSUSE.

  • Nextcloud is a popular open-source alternative to commercial cloud storage services. It allows you to host your own cloud storage solution, giving you full control over your files.
  • Dropbox has a Linux client that integrates seamlessly with your desktop and allows you to sync files just as you would on Windows or macOS.
  • Google Drive can be accessed through the web browser.

How to Install

Users transitioning from Windows 10 to openSUSE should know it has the same functionality for common tasks like browsing, messaging, video conferencing, and media streaming, but without the need for expensive hardware and software upgrades. Here is an easy step-by-step guide to downloading software on your openSUSE Linux distribution:

KDE Plasma: Using Discover Software Center

KDE Plasma’s default software center is called Discover, which provides an easy way to search for and install applications.

Plasma Step 1: Open Discover

  1. Click on the Application Launcher (bottom-left corner of your screen, represented by a green chameleon logo or KDE logo).
  2. Type Discover in the search bar, and click on the Discover app to open it.

Plasma Step 2: Search for Software

  1. Once Discover is open, you’ll see a search bar at the top.
  2. Type the name of the software you’re looking for, such as “Firefox,” “Telegram,” or “Zoom.”

Plasma Step 3: Install the Application

  1. Click on the application from the search results.
  2. Click the Install button.
  3. Wait for the installation process to complete. Once done, the Install button will change to Launch.

Plasma Step 4: Launch the Application

  1. You can launch the newly installed application from the Discover window by clicking Launch, or find it in your Application Launcher.

GNOME: Using GNOME Software Center

GNOME’s default software center is called GNOME Software, which functions similarly to an app store.

GNOME Step 1: Open GNOME Software

  1. Click on Activities in the top-left corner of your screen.
  2. Type Software in the search bar, and click on GNOME Software to open it.

GNOME Step 2: Search for Software

  1. At the top of the GNOME Software window, there’s a search bar.
  2. Type the name of the software you want to install, such as “Brave,” “Signal,” or “Spotify.”

GNOME Step 3: Install the Application

  1. Select the application from the search results.
  2. Click the Install button.
  3. GNOME Software will handle the download and installation. Once finished, you can launch the app directly from the software center.

GNOME Step 4: Launch the Application

  1. After installation, you can click the Launch button in the software center, or find the app in the Activities overview by searching for it.

Whether you’re using KDE Plasma or GNOME, installing software on openSUSE is straightforward with the software centers. Both Discover (KDE) and GNOME Software provide user-friendly interfaces that allow you to search for, install, and manage your applications just like you would in an app store. This makes it easy for users transitioning from Windows 10 to feel comfortable using their new Linux system for everyday tasks.

This is part of a series on Upgrade to Freedom where we offer reasons to transition from Windows to Linux.

GPU Switching: A Multi-GPU Game Changer

Users of openSUSE can now rely on the built-in switcherooctl tool for GPU switching, which is already integrated into our distributions with major desktop environments like GNOME and KDE Plasma.

This is a game changer because it eliminates the need for additional tools and simplifies multi-GPU management while enhancing compatibility and performance with users’ systems.

For years, tools such as suse-prime and bbswitch have been staples in managing NVIDIA Optimus laptops and multi-GPU systems, but advancements in kernel drivers and desktop environments have made these tools unnecessary in most cases.

Installations of openSUSE now handle these configurations out of the box, whether using the open-source Nouveau driver or NVIDIA’s proprietary drivers.

In a recent update on multi-GPU systems, users are encouraged to move away from legacy tools like suse-prime, bbswitch, and bumblebee, as they can cause more harm than good on modern systems.

The recommended solution is switcherooctl, which is a lightweight userspace utility designed to manage GPU switching on systems with multiple GPUs. It integrates well with Wayland and Xorg; its functionality extends across both Intel + NVIDIA and AMD + NVIDIA setups. By using switcherooctl, users can easily select which GPU to use for specific applications and eliminate the need for complex scripts or environment variables.

Benefits of switcherooctl

  • Seamless Integration: Unlike older tools, switcherooctl is designed to work natively with modern Linux systems and desktop environments. This ensures a smoother user experience without requiring complex configurations.

  • Improved Performance: Users can specify which GPU to use for specific tasks, so switcherooctl enables optimal performance. Compute-heavy applications, such as gaming or 3D rendering, can utilize the discrete GPU, while less intensive tasks default to the integrated GPU to save power.

  • Enhanced Power Management: Switching back to the integrated GPU when the discrete GPU is not needed conserves battery life and makes it ideal for laptops and portable systems.

  • Wayland and Xorg Compatibility: With increasing adoption of Wayland, having a tool that supports both Wayland and Xorg ensures compatibility across a broad range of systems and setups.

  • Cross-Vendor Support: The Intel + NVIDIA or AMD + NVIDIA configuration make the systems more versatile for all users.

Users should being embracing switcherooctl for multi-GPU management as some of the older tools like suse-prime, bbswitch and bumblebee are likely to be phased out.

https://news.opensuse.org/2024/12/09/2024-12-09-gpu-switching-game-changing/

Users of openSUSE can now rely on the built-in switcherooctl tool for GPU switching, which is already integrated into our distributions with major desktop environments like GNOME and KDE Plasma.

This is a game changer because it eliminates the need for additional tools and simplifies multi-GPU management while enhancing compatibility and performance with users’ systems.

For years, tools such as suse-prime and bbswitch have been staples in managing NVIDIA Optimus laptops and multi-GPU systems, but advancements in kernel drivers and desktop environments have made these tools unnecessary in most cases.

Installations of openSUSE now handle these configurations out of the box, whether using the open-source Nouveau driver or NVIDIA’s proprietary drivers.

In a recent update on multi-GPU systems, users are encouraged to move away from legacy tools like suse-prime, bbswitch, and bumblebee, as they can cause more harm than good on modern systems.

The recommended solution is switcherooctl, which is a lightweight userspace utility designed to manage GPU switching on systems with multiple GPUs. It integrates well with Wayland and Xorg; its functionality extends across both Intel + NVIDIA and AMD + NVIDIA setups. By using switcherooctl, users can easily select which GPU to use for specific applications and eliminate the need for complex scripts or environment variables.

Benefits of switcherooctl

  • Seamless Integration: Unlike older tools, switcherooctl is designed to work natively with modern Linux systems and desktop environments. This ensures a smoother user experience without requiring complex configurations.

  • Improved Performance: Users can specify which GPU to use for specific tasks, so switcherooctl enables optimal performance. Compute-heavy applications, such as gaming or 3D rendering, can utilize the discrete GPU, while less intensive tasks default to the integrated GPU to save power.

  • Enhanced Power Management: Switching back to the integrated GPU when the discrete GPU is not needed conserves battery life and makes it ideal for laptops and portable systems.

  • Wayland and Xorg Compatibility: With increasing adoption of Wayland, having a tool that supports both Wayland and Xorg ensures compatibility across a broad range of systems and setups.

  • Cross-Vendor Support: The Intel + NVIDIA or AMD + NVIDIA configuration make the systems more versatile for all users.

Users should being embracing switcherooctl for multi-GPU management as some of the older tools like suse-prime, bbswitch and bumblebee are likely to be phased out.

💾

Leap Micro 6.1 Officially Released

The openSUSE community is excited to announce the official release of Leap Micro 6.1.

Leap Micro continues its alignment with SUSE Linux Enterprise Micro, ensuring robust container and virtual machine hosting capabilities. The release has a new opensuse-migration-tool, which simplifies upgrades for smoother transitions between releases. Some enhanced features include reworked jeos-firstboot, soft-reboot support to further minimize downtime, two-factor authentication with cockpit and additional tools like vhostmd for SAP Virtualization.

You might want to check our Leap Micro 6.1 video showcasing fully encrypted disk image with TPM 2.0 chip, and the two factor authentication with cockpit.

The release of Leap Micro 6.1 signals the End of Life (EOL) for Leap Micro 5.5. Users are strongly encouraged to upgrade to either Leap Micro 6.0 or 6.1 to continue receiving updates and support.

For a detailed upgrade guide, visit the openSUSE Wiki or SLE Micro 6.1 Release notes.

Leap Micro 6.1 video

Leap Micro 6.1 Release Candidate

Release Candidate images of Leap Micro 6.1 can be found at get.opensuse.org.

At this point we’re only awaiting confirmation of the Leap Micro 6.1 maintenance setup prior making an official release; hopefully coming later this week.

Please be aware that the release of Leap Micro 6.1 means the end of life for Leap Micro 5.5.

Users are advised to upgrade to either Leap Micro 6.0 or 6.1 and can find details about release cycle on the openSUSE wiki.

Users upgrading from previous releases can consider our experimental opensuse-migration-tool. The migration tool will be part of Leap Micro 6.1+; users from older release can still get the tool from git.

See our Leap Micro upgrade wiki for more information about upgrade options.

See SLE Micro 6.1 Release notes and a summary for a list of changes in the Leap Micro 6.1 Alpha announcement.

openSUSE Empowers Creative Professionals

Creative professionals exploring alternatives that allow them to continue working without investing in costly new hardware and software upgrades can look at Linux as the end of Windows 10 approaches.

Distributions and flavors like openSUSE’s Tumbleweed, Leap, Slowroll, Kalpa and Aeon and other Linux distributions offer an excellent platform for creators with a wide variety of powerful, open-source tools designed to meet the needs of artists, designers, photographers, videographers and video editors.

From Indie short films to podcasts, open-source software and tools are available as a Flatpak, AppImage or as a native applications for creative people to create.

Many user-friendly tools are viable alternatives to popular, proprietary commercial applications like Photoshop, Illustrator, Final Cut Pro and others.

This article explores some of the top creative tools available on Linux and how transitioning to openSUSE can help creative professionals maintain, or even improve, their productivity.

Transitioning from Photoshop to GIMP

For many creatives, Photoshop is the go-to application for photo editing and graphic design. However, GIMP is an excellent open-source alternative that provides a wide range of professional-grade features.

GIMP supports many file formats, including PSD and offers powerful tools for retouching, editing and manipulating images. Creative professionals will find familiar features like layers, masks, blending modes and a variety of brushes. GIMP also supports high-bit-depth images and allows users to create professional-quality designs.

GIMP may have a slightly different workflow than Photoshop, but it is flexible, customizable and its plugin support makes it a highly versatile tool for image editing and graphic design. Many users find that GIMP offers all the functionality they need to complete complex projects.

Alternatives to Illustrator: Inkscape

For vector graphics, Inkscape is a known alternative to Illustrator. Inkscape is a powerful, free tool for creating logos, illustrations and scalable graphics. It supports common vector formats, including SVG, AI, and EPS, which make it easy to integrate into existing workflows.

Inkscape’s interface is intuitive for Illustrator users and features many of the same tools, such as the Pen tool, curves, shape tools and layer management. Its active development community ensures frequent updates, and the software is highly customizable through extensions and plugins.

For those focused on scalable design and illustration, Inkscape provides a professional-grade environment without the subscription fees associated with cloud creative services. This saves costs and opens people’s minds to the alternatives that are available.

Video Editing: Kdenlive and Blender

Creative professionals working in video production and editing have strong options to use both Kdenlive and Blender. Kdenlive, which is part of the KDE ecosystem, is a feature-rich video editor that provides tools for cutting, splitting and arranging video clips. It supports multiple video and audio tracks, transitions, effects and keyframe animation, which makes it suitable for everything from simple edits to more complex projects.

Blender is an industry-leading, open-source application meant for those working on 3D animation, video effects or visual effects (VFX). Blender’s capabilities include 3D modeling, animation, rendering and compositing, as well as a fully functional video editor. Blender is widely used in professional studios for film, game development and visual effects, which makes it a powerful option for creative professionals. Blender’s source code is governed by the GNU General Public License, embodying the same principles of freedom and collaboration that drives distributions like openSUSE and others.

Audio Production: Ardour and Audacity

Creative professionals working in music production, sound design or podcasting have options. Software packages like Ardour and Audacity offer powerful audio editing solutions. Ardour is a digital audio workstation (DAW) that supports multi-track recording, mixing and mastering. It is widely used for professional audio production, supporting VST plugins and offers advanced feature sets comparable to Logic Pro and Pro Tools.

Audacity is a simple and easy-to-use tool for audio editing; it’s ideal for basic recording, podcasting and sound editing tasks. It’s perfect for quick edits and simple projects, with support for a variety of audio formats and built-in effects.

3D Modeling and Animation: Blender

Blender deserves a second mention here because of its dominance in the field of 3D modeling and animation. Blender’s comprehensive suite of tools allows users to create everything from character animations to architectural models. It offers sculpting tools, UV unwrapping, rigging, particle simulation, and more.

For creative professionals used to proprietary 3D modeling software like Autodesk Maya or 3ds Max, Blender provides a comparable, if not superior, set of features with the added benefit of being open-source.

Publishing and Layout: Scribus

For professionals in publishing or those who need to create print-ready materials, Scribus is a capable desktop publishing tool. It provides features for designing brochures, books, magazines and other print materials. It’s similar to InDesign and just as functional.

Scribus supports advanced typography, CMYK colors, ICC color profiles and PDF export, which makes it a professional solution for designers working on print projects. With a clean, organized interface, it makes a transition from InDesign relatively smooth.

Why openSUSE?

Besides Windows 10 expiring and having to spend more than $100 USD for an upgrade depending on the country you live in, openSUSE provides a solid environment for creative professionals to transition to a new operating system. It offers stability, security and flexibility that allows users to customize their systems to fit their specific needs. Tumbleweed, which is openSUSE’s rolling release version, ensures access to the latest versions of creative software, while the Leap version offers long-term stability with fewer updates; Leap is ideal for users who prefer to avoid frequent changes.

With software centers and tools like openSUSE’s YaST configuration tool, managing software and updates are incredibly easy; this can be a big advantage for those new to Linux.

Creative professionals can continue producing high-quality work without the need for expensive software subscriptions or hardware upgrades. From GIMP and Inkscape to Blender and Ardour, the open-source Linux ecosystem offers powerful, free alternatives that rival commercial counterparts.

The “Upgrade to Freedom!” campaign is here to help creative people make the switch. By choosing openSUSE, you not only gain access to a suite of professional-grade tools but also extend the life of your hardware and avoid contributing to e-waste.

Now is the perfect time for creative professionals to embrace the freedom of open-source software and continue thriving on Linux.

This is part of a series on Upgrade to Freedom where we offer reasons to transition from Windows to Linux.Those who would like to order a laptop with Linux, can visit slimbook.com or other providers of Linux machines.

Upgrading to Leap Micro 6.1 Beta with opensuse-migration-tool

Leap Micro 6.1 Beta was released last Wednesday. Images can be found at get.opensuse.org As this is mostly a rebrand of SUSE Linux Enterprise Micro 6.1, unless some serious issues are found, users can expect a quick transition to RC and GA next week.

We’re introducing a new migration tool with Leap Micro 6.1 which should hopefully ease future upgrades to a Leap Micro releases, specifically new major versions. Let’s have a look at how to deploy it from git on older Leap Micro releases as well as how to install it on Leap Micro 6.1 Beta.

The main benefit for the user is that you don’t have to deal manually with any repository changes that might have been introduced in a new releases. This will hopefully lead to smoother and more straightforward upgrades. As of now the opensuse-migration-tool is still experimental.

Testing the tool with Leap Micro container from your Leap or Tumbleweed

We have to be running an older version of Leap Micro to be able to upgrade to 6.1.

Since we’re using distrobox in this example our host can be running Leap, Tumbleweed, Aeon. Distrobox will have access to your home directory, including the git checkout.

The key is to use –pre-release to have Leap Micro 6.1 as an available upgrade target.

$ git clone https://github.com/openSUSE/opensuse-migration-tool.git
$ cd opensuse-migration-tool
$ distrobox create --image registry.opensuse.org/opensuse/leap-micro/6.0/toolbox --name micro60
$ distrobox enter micro60 # from now on inside distrobox
$ zypper in bc jq curl dialog sed gawk
$ ./opensuse-migration-tool --pre-release --dry-run
$ sudo ./opensuse-migration-tool --pre-release # Chooose Leap Micro 6.1
$ cat /etc/os-release # should confirm that you've upgraded to 6.1

Enjoy your new Leap Micro 6.1 Beta container

If you trash your container, just type exit podman stop micro60 or docker stop micro60 followed by distrobox rm micro60. And you can start all over again.

Testing the tool on Leap Micro host or inside the VM

Here we have to use transactional-update shell as we’re working inside Leap Micro 6.0 or even 5.5 host or a VM. Just like in the previous case, the important piece is to try it from a Leap Micro release older than 6.1, as otherwise, the only migration target would be MicroOS.

Make sure to use –pre-release to have 6.1 Beta as a viable migration target.

$ sudo transactional-update shell # from now on inside shell
$ zypper in git bc jq curl dialog sed gawk 
$ git clone https://github.com/openSUSE/opensuse-migration-tool.git
$ cd opensuse-migration-tool
$ ./opensuse-migration-tool --pre-release --dry-run
$ sudo ./opensuse-migration-tool --pre-release  # Choose Leap Micro 6.1 as a target
$ reboot

*Enjoy Leap Micro 6.1 Beta

Don’t worry In case you mess up, we’re using transactional-update shell. You can always boot the previous snapshot.

Testing Leap Micro 6.1 to MicroOS upgrade migration

Since there is no newer point release than Leap Micro 6.1 Beta, the only migration/upgrade target would be MicroOS.

The point of this example is to show that the Leap Micro 6.1 repository already contains the opensuse-migration-tool Therefore there is no need to run it from a git checkout unless you want to tinker with it.

$ sudo transactional-update shell
$ zypper in opensuse-migration-tool # Will work only on Leap Micro 6.1
$ sudo opensuse-migration-tool --dry-run # to oversee what would change
$ sudo opensuse-migration-tool # MicroOS is expected to be the only migration option from Leap Micro 6.1 Beta

Don’t bother re-running the opensuse-migration-tool once you upgrade to MicroOS which is in fact openSUSE Tumbleweed. There is really nothing newer that you could migrate to, and you’ll get the message that openSUSE Tumbleweed is unsupported. This behavior is expected.

Known issues

Bug 1233982 - Upgrade to 6.1 (netcfg) failed

This particular issue will for sure pop up in your distrobox-based experiments. Distrobox mounts over /etc/hostname with a bind mount and the upgrade of netcfg will fail on post-script. This is safe to ignore (type i in interactive zypper dup).

The migration tool tries to run non-interactively at first, and in case it fails it leaves problem resolution on the user by re-running zypper dup in interactive mode.

Contributing

If you’re interested in contributing feel free to send PR, report issues or features against openSUSE/opensuse-migration-tool Github repository

Tumbleweed Monthly Update - November 2024

This month, the rolling-release continues to shine as a well-oiled machine. November brings key updates for Mesa, gtk4, php8, postgresql17 and more. Alongside these key updates, important security fixes arrived for mozjs128, postgresql, Firefox, and OpenSC, which resolved several CVEs to help bolster your system’s resilience. The fresh design introduced last month, with its revamped logo and day/night-themed wallpapers, continues to enhance Tumbleweed’s aesthetic appeal while the updates this month improve functionality and security.

As always, remember to roll back using snapper if any issues arise.

Happy updating and tumble on!

For more details on the change logs for the month, visit the openSUSE Factory mailing list.

New Features and Enhancements

  • GTK4 4.16.6 and 4.16.7: The newest version reduces the size of error underlines in text rendering for better visual clarity. The 4.16.6 version provides fixes for a smoother user experience. Wayland color management is now opt-in, helping prevent compatibility issues with KWin. Users can experiment with this feature by setting GDK_DEBUG=color-mgmt. Improvements include preventing emoji selection when inserted in GtkText, setting default window icons from the application ID in GtkApplication and enhancing GtkFontChooser to make its dialog more adaptable.The release also includes updated translations.
  • postgresql 17.2: The package received two updates this month and resolves an ABI break affecting extensions that interact with ResultRelInfo and restores the functionality of ALTER {ROLE|DATABASE} SET role. Logical replication slots now handle restart_lsn correctly to avoid backward movement. The update prevents deletion of required WAL files during pg_rewind and fixes race conditions with shared statistics entries. Index statistics in contrib/bloom are now correctly counted. The update fixes an assertion failure in regular expression parsing caused by disconnected NFA sub-graphs.
  • gnutls 3.8.8: Improvements in this package were made in post-quantum cryptography and Online Certificate Status Protocol handling. Experimental support for X25519MLKEM768 and SecP256r1MLKEM768 key exchange algorithms in TLS 1.3 were added that align with the final ML-KEM standard. This update requires liboqs 0.11.0 or newer. Additionally, the library now validates all records in OCSP responses, ensuring the server certificate is checked against all available records instead of only the first. Improvements in handling malformed compress_certificate extensions bring stricter RFC 8879 compliance, replacing incorrect alerts with illegal_parameter and rejecting overlong extension data.
  • KDE Plasma 6.2.3:
    Bluedevil improves PIN entry behavior, while Breeze resolves a potential null pointer issue. Discover updates its backend for compatibility with fwupd 2.0.0 and corrects review visibility in the Application Page. KWin receives extensive updates, including fixes for crashes, colormap leaks, file descriptor handling, and HDR brightness management. Plasma Desktop fixes app tooltips, task manager icon alignment, emoji search, and optimizes activity management. Other components like KPipeWire, KSystemStats, and Powerdevil improve stream handling, sensor robustness, and brightness adjustments, respectively. Plasma Mobile simplifies and cleans up the Action Drawer and enhances app list navigation and search functionality. Plasma Audio Volume Control ensures accurate device name updates, while Plasma Workspace adjusts logout screen behavior, theme defaults, and mobile user interface fixes.
  • KDE Gear 24.08.3: Elisa fixes missing icons on certain platforms. K3b corrects file pattern parsing for ripped files and removes deprecated MusicBrainz code. KAccounts-Integration improves logging, fixes dangling references, and handles missing files gracefully. Kate addresses session group saving, export order for SQL and builds on openSUSE with updated dependencies. Kdenlive resolves multiple crashes and improves project handling, proxy generation, and timeline management. KIO-Extras adds WebP thumbnail support. Kitinerary expands ticket extraction support for multiple transport services and improves handling of Renfe and Agoda formats. Konsole fixes issues with OSC color commands.
  • KDE Frameworks 6.8.0: Baloo now excludes model/obj and text/rust from indexing. Breeze Icons adds support for text/x-typst mimetype icons and unifies index themes for better consistency. Extra CMake Modules gain Python bindings and improved static Qt6 support. KIO sees improvements in http handling, resizing in KFilePlacesView, and overall UX enhancements. Kirigami resolves various issues with icons, themes, and overlays, improving usability. KTextEditor enhances session restore, template handling, and introduces comprehensive swap file tests. Solid restores media change handling for audio CDs and adopts libmount on Linux for better functionality. This release also includes numerous bug fixes, CI improvements for static builds, enhanced Qt 6 compatibility, and updated translations.
  • gnome-control-center 47.2: GNOME users see accessibility improvements by removing excessive “screen” labels. The appearance settings fix accidental resets of accent colors. Lemory leak are addressed in the Apps section, while Color ensures profiles are connected before use. Printers fix an incorrect tooltip in the “Add Printer” button. Updated translations are included.
  • ruby3.3 3.3.6: This update includes the merging of JSON 2.7.2 and reline 0.5.10, along with an upgrade to REXML 3.3.9. The release resolves significant bugs, such as improper object freeing when using Data_Make_Struct, broken IO#close functionality under Fiber scheduling, and errors with multibyte path names on Windows. Additional fixes address issues with Float handling ASCII-incompatible strings, memory management in IO::Buffer operations, and discrepancies in instance_method behavior across Ruby versions. This version also corrects corrupt RUBY_DESCRIPTION metadata when specific flags are used and improves hash key retrieval after Process.warmup.

Key Package Updates

  • Mesa 24.3.0: The package introduces a new stable release with updates enhancing its graphical capabilities and addressing security and build issues. The update refreshes patches for various vulnerabilities, including CVE-2023-45913, CVE-2023-45919, and CVE-2023-45922, while incorporating fixes for Python 3.6 build compatibility and other adjustments. Deprecated options like -Ddri3=enabled and -Ddri-search-path have been removed to streamline the build configuration. Vulkan 1.3 is now supported on Raspberry Pi 4 and 5 via v3dv, while the NVK driver adds support for important extensions like VK_EXT_descriptor_buffer, VK_KHR_dynamic_rendering_local_read, and VK_KHR_pipeline_binary. RADV sees new features and Shader support is significantly enhanced. Full details can be accessed in the release notes.
  • kernel-source 6.11.8: Key updates for the Linux Kernel address issues like dangling pointers in virtual socket and hyper-v socket initialization, improved support for AMD audio on certain laptops, and fixes for display rendering and timeout handling in Intel and AMD graphics drivers. The update resolves several memory management, file system and USB-related bugs, which includes USB Type-C and serial device handling. Fixes were made to Thunderbolt connections, media device parsing, and the management of system clocks and platformance features for AMD processors. Updates to the Btrfs file system enhance subvolume flag management and quota handling.
  • GStreamer 1.24.9: Fixes include better timestamp handling in flvmux, RTPManager keyframe management and enhanced SRT and V4L2 support. Updates optimize aggregator, playbin3, and qtdemux, with broader format and library compatibility.
  • gpgme 1.24.0: This package brings several significant enhancements and fixes, including extended decryption and verification commands that now support direct file output. Encryption and signing commands also allow input data to be read from files. Additional features include improved handling of designated revocation keys, new context flags for advanced operations like importing options and processing all signatures and the introduction of an easier method to change owner trust and enable or disable keys. The Qt library now supports simultaneous builds for Qt 5 and Qt 6, enabling file-based operations for encryption and signing while offering better integration for importing options and appending detached signatures.
  • gtk4 4.16.3: This update enhances how default cursor themes are handled by searching within XDG directories to ensure better compatibility with Wayland environments. The default cursor size now matches the gsettings schema and provides a more consistent user experience. The fallback process for portal settings was refined as settings_portal is cleared when switching to fallback without portal settings. This release also includes updated translations.
  • php8 8.3.14: Fixes include addressing segmentation faults in DOM, GD, and FFI, memory leak in Reflection and OpenSSL, and use-after-free vulnerabilities in SPL and sockets. The update also resolves overflows in multiple modules, such as mbstring, streams and GMP for more stable and secure handling of edge cases. Notable security improvements include patches for out-of-bounds writes in LDAP CVE-2024-8932, heap buffer over-reads in MySQLnd CVE-2024-8929, and CRLF injection vulnerabilities in streams CVE-2024-11234.
  • ibus 1.5.31: This includes enhanced CI support for both generic setups and Wayland environments, as well as updates to compose keys based on the latest Xorg and GTK standards. The release transitions to using localectl for XKB configuration retrieval in Wayland, enhancing integration. Security improvements include a change to the IBus unique name, while updates to XKB engines and Unicode categories ensure broader compatibility. This version resolves various issues, including problems with X11 applications and games, Emoji handling, Flatpak integration, and preedit behavior in specific input methods like m17n:sa:itrans.

Bug Fixes and Security Updates

Several key security vulnerabilities were addressed this month:

  • Firefox 132:
  • CVE-2024-10458: Permission leak via embed or object elements.
    • CVE-2024-10459: Use-after-free in layout with accessibility, potentially leading to an exploitable crash.
    • CVE-2024-10460: Confusing display of origin for external protocol handler prompt.
    • CVE-2024-10461: XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response.
    • CVE-2024-10462: Origin of permission prompt could be spoofed by a long URL.
    • CVE-2024-10463: Cross-origin video frame leak in some conditions.
    • CVE-2024-10468: Race conditions in IndexedDB could cause memory corruption and a potentially exploitable crash.
    • CVE-2024-10464: History interface could cause a Denial of Service condition.
    • CVE-2024-10465: Clipboard “paste” button persisted across tabs, allowing a potential spoofing attack.
    • CVE-2024-10466: DOM push subscription message could hang Firefox, causing it to become unresponsive.
    • CVE-2024-10467: Memory safety bugs fixed, potentially exploitable to run arbitrary code.
  • php8 8.3.14:
    • CVE-2024-8932: An out-of-bounds access in the LDAP extension’s ldap_escape function.
    • CVE-2024-8929: A heap buffer over-read in MySQLnd that could leak partial heap content.
    • CVE-2024-11233: An issue in the Streams component allowing potential CRLF injection via proxy configurations.
    • CVE-2024-11234: A vulnerability in the Streams component related to CRLF injection.
    • CVE-2024-11236: Integer overflows in PDO DBLIB and PDO Firebird quoters, leading to out-of-bounds writes.
  • opensc 0.26.0:
    • CVE-2024-45615: Uninitialized values in libopensc and pkcs15init could lead to undefined behavior.
    • CVE-2024-45616: Incorrect checks or usage of APDU response values in libopensc may result in uninitialized values.
    • CVE-2024-45617: Missing or incorrect return value checks in libopensc can cause uninitialized values.
    • CVE-2024-45618: Similar issues in pkcs15init due to improper return value handling.
    • CVE-2024-45619**: Improper handling of buffer or file lengths in libopensc.
    • CVE-2024-45620**: Similar buffer or file length handling issues in pkcs15init.
    • CVE-2024-8443**: A heap buffer overflow in the OpenPGP driver during key generation.
  • libsoup:
    • CVE-2024-52531: A buffer overflow in soup_header_parse_param_list_strict could occur during UTF-8 conversion in applications using libsoup versions prior to 3.6.1. This issue cannot be triggered by input received over the network.
    • CVE-2024-52532: An infinite loop and excessive memory consumption were possible when reading certain patterns of WebSocket data from clients in libsoup versions before 3.6.1.
  • mozjs128 128.4.0:
    • CVE-2024-10458: Permission leak via embed or object elements.
    • CVE-2024-10459: Use-after-free in layout with accessibility.
    • CVE-2024-10460: Confusing display of origin for external protocol handler prompt.
    • CVE-2024-10461: XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response.
    • CVE-2024-10462: Origin of permission prompt could be spoofed by long URL.
    • CVE-2024-10463: Cross-origin video frame leak.
    • CVE-2024-10464: History interface could cause a Denial of Service condition.
    • CVE-2024-10465: Clipboard “paste” button persisted across tabs.
    • CVE-2024-10466: DOM push subscription message could hang Firefox.
    • CVE-2024-10467: Memory safety bugs fixed in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4
  • postgresql17 17.1:
    • CVE-2024-10976: Incomplete tracking of tables with row-level security could allow reused queries to access unintended rows.
    • CVE-2024-10977: Error messages during SSL or GSS protocol negotiation could be spoofed by a man-in-the-middle.
    • CVE-2024-10978: Incorrect privilege assignment could allow less-privileged users to view or modify unintended rows.
    • CVE-2024-10979: In PL/Perl, unprivileged database users could alter sensitive process environment variables, potentially leading to arbitrary code execution.
  • libssh2_org 1.11.1:
    • CVE-2023-48795: A vulnerability that could cause mishandled handshake and sequence numbers, allowing attackers to bypass integrity checks and downgrade security features in certain OpenSSH extensions.
  • Xen 4.19.0_06:
    • CVE-2024-45818: Fixed a deadlock in x86 HVM standard VGA handling.
    • CVE-2024-45819: Only x86 systems running PVH guests are affected; HVM and PV guests are not vulnerable. The libxl toolstack may leak data to PVH guests via ACPI tables.
  • python-tornado6 6.4.2:
    • CVE-2024-52804: The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in the event loop thread and may block the processing of other requests. Version 6.4.2 fixes the issue

Conclusion

November 2024 was another stellar month for Tumbleweed as it showcased its commitment to delivering the newest software with an impressive array of updates. Notable updates to Mesa, GTK4, KDE Plasma, PostgreSQL and more provide rolling release users with the latest in open-source technology for a secure and robust system. Keep rolling forward, and don’t forget to check out the detailed changelogs and discussions on the openSUSE Factory mailing list. Here’s to another month of seamless updates—happy tumbling!

Slowroll Arrivals

Please note that these updates also apply to Slowroll and arrive between an average of 5 to 10 days after being released in Tumbleweed snapshot. This monthly approach has been consistent for many months, ensuring stability and timely enhancements for users.

Contributing to openSUSE Tumbleweed

Stay updated with the latest snapshots by subscribing to the openSUSE Factory mailing list. For those Tumbleweed users who want to contribute or want to engage with detailed technological discussions, subscribe to the openSUSE Factory mailing list . The openSUSE team encourages users to continue participating through bug reports, feature suggestions and discussions.

Your contributions and feedback make openSUSE Tumbleweed better with every update. Whether reporting bugs, suggesting features, or participating in community discussions, your involvement is highly valued.

Project to have AMA with SUSE’s GM

The openSUSE community is invited to an online engagement with SUSE’s General Manager for Business Critical Linux on Dec. 3 at 16:00 UTC.

Rick Spencer, who leads the SUSE Linux Enterprise and SUSE Multi-Linux Manager teams, works closely with those contributing to openSUSE as part of his day-to-day roles. He is eager to strengthen the ties between SUSE and the openSUSE communities.

The Ask Me Anything session is an opportunity for open dialogue with members of the project and open-source contributors.

Participants can ask questions, share insights and learn about SUSE’s ongoing initiatives involving openSUSE and open-source development. Questions can also be submitted in advance to Rick Spencer or Gerald Pfeifer to guide the discussion.

Event Details:

  • Event: openSUSE Open Door Session with Rick Spencer

  • Date: Dec. 3, 2024

  • Time: 17:00–17:45 CET / 11:00–11:45 ET

  • Location: Online

How to Participate:

Spencer provided the keynote at this year’s openSUSE Conference.

Transition from Windows to Linux: A Step-by-Step Guide

With Microsoft ending support for Windows 10 in October 2025, millions of users are looking for alternatives that avoid costly hardware upgrades, additional upgrade costs to Windows 11 depending on the country a person is in or to mitigate security risks.

A compelling options for many are open-source operating systems. Linux distributions like openSUSE and others extend the life of hardware, enhance security and provide flexibility without additional expenses.

For those who reached this point, this Upgrade to Freedom guide will detail a beginner-friendly approach to transitioning from Windows to one of openSUSE’s distributions, which are known for being user-friendly, stable, and powerful.


Step 1: Prepare Your System

Before diving into the installation process, take the following steps to prepare:

  1. Back Up Your Data
    Save important files to an external drive, cloud storage or another secure location. Transitioning to Linux distributions typically involves reformatting your hard drive, which will erase existing data.

  2. Check Your Hardware Compatibility
    Most modern hardware works well with Linux, but it’s good practice to confirm compatibility. Visit the openSUSE wiki for more information.

  3. Choose Your Version of openSUSE
    openSUSE offers two versions:

    • Leap: A stable release designed for extended reliability and maintenance.
    • Tumbleweed: A rolling release with the latest updates.

    Beginners often prefer Leap for its stability. Tumbleweed will have constant, almost daily updates. Tumbleweed is favored by enthusiasts and developers who prioritize access to the newest features, technologies, and software update


Step 2: Download openSUSE

  1. Visit get.opensuse.org.
  2. Select the version you prefer (Leap or Tumbleweed).
  3. Download the ISO file to your computer.

Step 3: Create a Bootable USB

You’ll need a USB drive (at least 8GB) to install openSUSE.

  1. Insert a USB Drive
    Plug the USB drive into your computer.

  2. Create the Bootable USB
    Use software like:

    • Rufus (Windows)
    • Etcher (cross-platform)

    Select the downloaded openSUSE ISO file and follow the tool’s instructions to write the ISO to the USB drive.


Step 4: Boot Into the Installer

  1. Restart Your Computer
    During the boot process, press the key to enter your BIOS or boot menu (typically F2, F10, F12, or Delete).

  2. Select the USB Drive
    From the boot menu, choose your USB drive as the boot device. Then save and exit.

  3. Start the Installation
    When the openSUSE installer loads, select “Install.”


Step 5: Install openSUSE

The openSUSE installer will guide you through the setup process.

  1. Select Your Language and Region
    Choose your preferred language and time zone.

  2. Partition Your Drive
    • Select automatic partitioning if you’re unsure.
    • For advanced users, manual partitioning allows custom setups.
  3. Create a User Account
    Set up a username, password, and root (administrator) password.

  4. Review and Confirm
    The installer will show a summary of your settings. Confirm to begin the installation.

There are options to select Desktop Environments (DE) during instalations. GNOME, KDE Plasma, Xfce and more. It’s a good idea to research these DEs beforehand to find one that matches your preferences. Many new users find GNOME reminiscent of macOS, while KDE Plasma and Xfce are often compared by new users to the traditional Windows desktop.


Step 6: Configure Your System

Once the installation is complete, restart your computer and remove the USB drive. openSUSE will boot up, and you can begin configuring your system.

  1. Set Up Updates
    Run the following command in the terminal to update your system: Leap
    sudo zypper update
    

    Tumbleweed

    sudo zypper dup
    

    Congratulations on your Upgrade to Freedom!!!

Moving to Linux offers significant environmental benefits, as highlighted by Joanna Murzyn at the 2024 KDE Akademy conference, where she warned about the growing e-waste crisis and emphasized the importance of extending the lifespan of perfectly usable computers in her presentation, Only Hackers Will Survive.

This is part of a series on Upgrade to Freedom where we offer reasons to transition from Windows to Linux.Those who would like to order a laptop with Linux, can visit slimbook.com or other providers of Linux machines.

https://news.opensuse.org/2024/11/26/2024-11-26-transition-from-windows-step-by-step/

With Microsoft ending support for Windows 10 in October 2025, millions of users are looking for alternatives that avoid costly hardware upgrades, additional upgrade costs to Windows 11 depending on the country a person is in or to mitigate security risks.

A compelling options for many are open-source operating systems. Linux distributions like openSUSE and others extend the life of hardware, enhance security and provide flexibility without additional expenses.

For those who reached this point, this Upgrade to Freedom guide will detail a beginner-friendly approach to transitioning from Windows to one of openSUSE’s distributions, which are known for being user-friendly, stable, and powerful.


Step 1: Prepare Your System

Before diving into the installation process, take the following steps to prepare:

  1. Back Up Your Data
    Save important files to an external drive, cloud storage or another secure location. Transitioning to Linux distributions typically involves reformatting your hard drive, which will erase existing data.

  2. Check Your Hardware Compatibility
    Most modern hardware works well with Linux, but it’s good practice to confirm compatibility. Visit the openSUSE wiki for more information.

  3. Choose Your Version of openSUSE
    openSUSE offers two versions:

    • Leap: A stable release designed for extended reliability and maintenance.
    • Tumbleweed: A rolling release with the latest updates.

    Beginners often prefer Leap for its stability. Tumbleweed will have constant, almost daily updates. Tumbleweed is favored by enthusiasts and developers who prioritize access to the newest features, technologies, and software update


Step 2: Download openSUSE

  1. Visit get.opensuse.org.
  2. Select the version you prefer (Leap or Tumbleweed).
  3. Download the ISO file to your computer.

Step 3: Create a Bootable USB

You’ll need a USB drive (at least 8GB) to install openSUSE.

  1. Insert a USB Drive
    Plug the USB drive into your computer.

  2. Create the Bootable USB
    Use software like:

    • Rufus (Windows)
    • Etcher (cross-platform)

    Select the downloaded openSUSE ISO file and follow the tool’s instructions to write the ISO to the USB drive.


Step 4: Boot Into the Installer

  1. Restart Your Computer
    During the boot process, press the key to enter your BIOS or boot menu (typically F2, F10, F12, or Delete).

  2. Select the USB Drive
    From the boot menu, choose your USB drive as the boot device. Then save and exit.

  3. Start the Installation
    When the openSUSE installer loads, select “Install.”


Step 5: Install openSUSE

The openSUSE installer will guide you through the setup process.

  1. Select Your Language and Region
    Choose your preferred language and time zone.

  2. Partition Your Drive
    • Select automatic partitioning if you’re unsure.
    • For advanced users, manual partitioning allows custom setups.
  3. Create a User Account
    Set up a username, password, and root (administrator) password.

  4. Review and Confirm
    The installer will show a summary of your settings. Confirm to begin the installation.

There are options to select Desktop Environments (DE) during instalations. GNOME, KDE Plasma, Xfce and more. It’s a good idea to research these DEs beforehand to find one that matches your preferences. Many new users find GNOME reminiscent of macOS, while KDE Plasma and Xfce are often compared by new users to the traditional Windows desktop.


Step 6: Configure Your System

Once the installation is complete, restart your computer and remove the USB drive. openSUSE will boot up, and you can begin configuring your system.

  1. Set Up Updates
    Run the following command in the terminal to update your system: Leap
    sudo zypper update
    

    Tumbleweed

    sudo zypper dup
    

    Congratulations on your Upgrade to Freedom!!!

Moving to Linux offers significant environmental benefits, as highlighted by Joanna Murzyn at the 2024 KDE Akademy conference, where she warned about the growing e-waste crisis and emphasized the importance of extending the lifespan of perfectly usable computers in her presentation, Only Hackers Will Survive.

This is part of a series on Upgrade to Freedom where we offer reasons to transition from Windows to Linux.

💾

❌