Archive:Weekly news 27
tagline: From openSUSE
Welcome to issue #27 of openSUSE Weekly News!
In this week:
- HOT! Upcoming o p e n S U S E 1 1 . 0
- People of openSUSE: Rupert Horstkötter
- Sneak Peeks at openSUSE 11.0: KDE with Stephan Binner
- Tips and Tricks: Jigish Gohil: Getting NVIDIA and ATI drivers on openSUSE 11.0
- Planet SUSE: Ben Kevan: Why upgrade to openSUSE 11 from openSUSE 10.x
- "Over the weekend, Accessibility pages were created on opensuse.org's Wiki (See http://en.opensuse.org/Accessibility). The intent is to highlight efforts made within the openSUSE community to improve Accessibility (a11y) standards within our distribution, as well as become more aware of who within our community works on a11y issues."
- "The next openSUSE project meeting will take place at the official #opensuse-project IRC channel on freenode (irc://irc.freenode.net/openSUSE-project) on Wednesday: 2008/06/18 18:00 CEST (16:00 GMT)"
- "The release is on Thursday! Get it!"
In the Community
- "This week the openSUSE Project announced the launch of forums.opensuse.org, a merger of the three largest openSUSE forums. Continuing the openSUSE Forums euphoria we present you the Project Manager - Rupert Horstkötter."
openSUSE 11.0 Launch Party Locations
- There will be Launch Parties allover the globe. Check our location !
- openSUSE 11.0 Launch Party, Provo/Utah, US
- "Well, you know it’s a great day when we’re planning an OpenSUSE 11.0 Release Party. Yeah, that’s going to be pretty exciting. If you are anywhere close to Provo, Utah on June 19, 2008, we’d love to see you at the Open Source Technology Center (building A). It will be at 6:00 PM. If you have friends who are interested in checking out which Linux they should use, have them come by. "
- openSUSE 11.0 Launch Party, Boston/Cambridge, US
- "On Thursday, June 19th at 6 PM, we’ll be holding an openSUSE 11.0 launch party at the Novell Cambridge office at 8 Cambridge Center (Kendall Square area)."
- openSUSE 11.0 Launch Party, Vadodara/Baroda, India
- "openSUSE 11.0 is coming, join the party if you are in my town - Vadodara/Baroda, put yourself on this list. We’d be distributing DVDs, doing a small presentation introducing all the cool new stuff and of course have some beverages and snacks ;)"
- openSUSE 11.0 GA will be announced on thursday.
- Czech Packagers Team meeting minutes 2008-06-12
- YaST Workshop 2008
Wiki / Communication / Events
- opensuse-marketing: LRL UK Talk confirmed
Sneak Peeks at openSUSE 11.0
- "With openSUSE 11.0 just a few days away, it’s time to look at one of the stars of the show: KDE. In openSUSE 11.0, you get two KDEs for the price of one. Here we’ll take a look at what’s coming in KDE, and talk to one of openSUSE’s KDE contributors, Stephan Binner."
- Other Sneak Peeks:
Tips and Tricks
- "openSUSE 11.0 just went Gold, and would be available on mirrors in 5 days, here is a handy guide to get ATI and NVIDIA drivers, use whichever way that suite you."
- "For folks not that used to web interfaces, the openSUSE Forums team provides a secondary interface to our forums - NNTP. The intention of this post is to raise your attention on this possibility."
Covering just a few posts from Planet SUSE, an aggregation of all SUSE contributors' blogs:
- "You’re at the breaking point of what to do with your current openSUSE 10.x (hopefully at least 10.2) installation. You hear that openSUSE 11.0 is just about to come out, but why should you go from a .2/.3 release to a .0 release? Well here are some main reasons why..."
- "openSUSE 11.0 will be finally released on Thursday! :) The Sneak Peeks story about KDE has just been published and I want to follow up with a list how our Plasma desktop differs from the stock KDE 4.0 version."
- "openSUSE 11.0 will be released this Thursday (June 19). As I’m writing this my laptop is updating from rc1 to the gold master, as I happened to come across a mirror that had the 11.0 repositories accessible a bit prematurely. So I guess it’s time to write a little about 11.0. It’s a rather monumental release, but I’ll try to give a brief overview of what everyone should know about the new version."
- "Some code was added to the buildservice backend already that generates Hermes notifications. That means that Hermes is getting closer, I will work this week to start a first test with Hermes on the production build service. So let me introduce Hermes a bit. "
- "The KDE team met on Wednesday, 11 June 2008. See the meetings page for details."
- "The GNOME team met on Thursday, 12 June 2008. Watch the meetings page for details."
- "There will be an openSUSE Project Meeting on June 18, 2008 in the #openSUSE-project Freenode IRC channel"
- "openSUSE 11.0 Public Release. See the roadmap"
- "Don't miss the next GNOME Team Meeting on June 19!"
- "Don't miss the next KDE Team Meeting on June 25!"
To view the security announcements in full, or to receive them as soon as they're released, refer to the openSUSE Security Announce mailing list.
- Multiple vulnerabilities in the X.org X Server were reported by iDefense and fixed:
- CVE-2008-2360 - RENDER Extension heap buffer overflow
- CVE-2008-2361 - RENDER Extension crash
- CVE-2008-2362 - RENDER Extension memory corruption
- CVE-2008-1379 - MIT-SHM arbitrary memory read
- CVE-2008-1377 - RECORD and Security extensions memory corruption
- Multiple buffer overflows have been fixed in Evolution.
- CVE-2008-1108: A buffer overflow in Evolution, when the ITip Formatter plugin is disabled, allows remote attackers potentially to execute arbitrary code via a long timezone string in an iCalendar attachment.
- CVE-2008-1109: A heap-based buffer overflow in Evolution allows user-assisted remote attackers to execute arbitrary code via a long DESCRIPTION property in an iCalendar attachment, which is not properly handled during a reply in the calendar view (aka the Calendars window).
- Solved Security Vulnerabilities:
- MozillaThunderbird 188.8.131.52
- mozilla-xulrunner181 security release
- tkimg GIF problems
- cups png and pdf problems
- qemu raw disk format emulation escape
- gstreamer010-plugins-good speex problem
- pan nzb file denial of service
- libxslt match processing overflow
- The Opera web browser was brought to security update level 9.50. Following security problems were fixed:
- CVE-2008-2714: Opera before 9.26 allows remote attackers to misrepresent web page addresses using "certain characters" that "cause the page address text to be misplaced."
- CVE-2008-2715: Unspecified vulnerability in Opera before 9.5 allows remote attackers to read cross-domain images via HTML CANVAS elements that use the images as patterns.
- CVE-2008-2716: Unspecified vulnerability in Opera before 9.5 allows remote attackers to spoof the contents of trusted frames on the same parent page by modifying the location, which can facilitate phishing attacks.
In the Press
- "Of all the community distributions, probably the least known is openSUSE. After two and a half years, the distro is not only still working out details about how its community operates -- including how its governing board is elected -- but also struggling to come out of the shadow of its corporate parent Novell, much as Fedora has emerged from its initial dominance by Red Hat. With the pending release of openSUSE 11.0, community manager Joe "Zonker" Brockmeier suggests that the distribution is finally starting to get the recognition it deserves. In the middle of preparations for the new release, Brockmeier took the time to talk with Linux.com about the priorities within the community and its relation with the larger world of free software."
- "The six month update cycles of major Linux distributions guarantees that there will be plenty of fresh releases for every spring and fall. At the end of 2007 we ranked the best distributions of the year, but as most distros have been refreshed since it is time to have another look at the current Linux offering. In the past six months the development has been incremental, but with a few nice surprises as well. As before our focus is on typical desktop and Internet usage, seeking an open-source alternative to Windows. We value a good out-of-the-box experience, polished desktop design and usability over other features. The winner: openSUSE 11.0 "
- "Es war mal wieder an der Zeit eine neue Linux Distro zu versuchen. Gerade in Zeiten wo KDE 4.0, was ja eigentlich nur für Entwickler gedacht ist, “Main-Stream” Distributionen wie Kubuntu und Fedora bereits KDE 4.0.x als Desktop anbieten wollte ich mal gucken wie sich OpenSuSE auf diesem Markt schlägt."
- It was time to try a new Linux Distro. In times where KDE 4.0, althought being published for developers, is being made default desktop in "Main-Stream" Distributions like Kubuntu and Fedora, i took a look at openSUSE.
- "I know it's a day early, but I was able to get my hands on a copy of the release version of openSUSE 11 and I must say it's a really good distribution! Here are three lists of what I noticed, what I liked, and what I didn't like about this new release (the GNOME live CD, specifically)..."
Numbers in brackets show the changes compared to the previous week.
The openSUSE Forums have 1523 (+534) registered users.
The Build Service now hosts 2984 (+51) projects, 44717 (+2152) packages, 6493 (+116) repositories by 6623 (+137) confirmed users.
The numbers for all openSUSE project products are this week:
- All Open Reports: 3932 (+49)
- Blocker: 19
- Critical: 145 (+9)
- Major: 571 (+3)
- Normal: 2281 (+33)
- Minor: 332 (+7)
- Enhancements: 584 (-3)
Daily updated translation statistics are available on the openSUSE Localization Portal.
Feedback / Communicate / Get Involved
news.openSUSE.org story comment section and let us know! To communicate and get help from the wider openSUSE community -- via IRC, forums, or mailing lists -- see Communicate.
You can subscribe to the openSUSE Weekly News RSS feed at http://news.opensuse.org/category/weekly-news/?feed=rss2