Archive:Weekly news 28
Welcome to issue #28 of openSUSE Weekly News!
In this week:
- GNOME Helping Hands Project Launches
- People of openSUSE: Tanja Roth
- Masim Sugianto: How to Make openSUSE 11.0 GM Live USB
- Benjamin Weber: openSUSE 11.0 KDE4 inclusion
- tuxmachines.org: Battle of the Titans - Mandriva vs openSUSE: The Rematch
- "The openSUSE Project is proud to announce the release of openSUSE 11.0 -- everything you need to get started with Linux on the desktop and on the server. Promoting the use of Linux everywhere, the openSUSE Project provides free, easy access to the world's most usable Linux distribution, openSUSE."
- "The openSUSE-GNOME Team is proud to announce the launch of the Helping Hands Project. Our first event will be the Helping Hands Grand Opening in the #opensuse-gnome channel on the FreeNode IRC network, June 27th at 14:30 UTC"
- "I’m happy to announce that OpenOffice.org 2.4.1 is available in the Build Service OpenOffice.org:STABLE project."
- "webpin 1.0.0 is available in the openSUSE:Tools build service repository."
In the Community
- "For a while, now, I have been making nightly package of KOffice for OpenSuSE (10.3, 10.4, 11.0) using the OpenSuSE build service. - Big tnx, Cyrille!"
- "How important is documentation to you and people around you? Certainly it is a lot! Then good news because openSUSE has a team focused on manuals for the SUSE Linux/openSUSE distribution. Today’s we have the opportunity to salute openSUSE Documentation Team member Tanja Roth!"
- "Erin Quill interviews Joe 'Zonker' Brockmeier and Martin Lasarsch about the release of openSUSE 11.0. They discuss KDE 4, a quicker installer and package manager, and live CDs."
- "Let me share some numbers for the openSUSE 11.0 release. Do you remember the 10.3 release? Again we used akamai for distribution of the images. Again for 30 hours, and yes, we made more than 100TB this time!"
Tips and Tricks
- An experimental/updated howto
- Upgrading openSUSE between releases while the system is running is not a currently supported method of upgrading. The supported method is to boot from an install medium and select the upgrade option. Nevertheless, it is possible to upgrade a running system. Read on to see how it works!
Covering just a few posts from Planet SUSE, an aggregation of all SUSE contributors' blogs:
- "There seems to be a lot of misconceptions regarding the inclusion of KDE4 in openSUSE 11.0 that are leading to a great deal of anger on the mailing lists."
- "openSUSE 11.0 is out so i synced zypper's usage page with it. This changes page may be of particular interest for those already familiar with zypper. I also took a while to reorganize the main page a bit."
- "KDE 4.1 Beta 2 + openSUSE 11.0 = KDE Four Live 1.0.83 :)"
- "There was a public Project Meeting on Wednesday, 18 June 2008. See the meeting page for details."
- "The GNOME team met on Thursday, 19 June 2008. See the meetings page for details."
- "The KDE team met on Wednesday, 25 June 2008. See the meetings page for details."
- "Don't miss the next GNOME Team Meeting on June 26!"
- "The GNOME Team will host its first Helping Hands event this coming Friday"
- "There will be an openSUSE Project Meeting on July 02, 2008 in the #openSUSE-project Freenode IRC channel"
To view the security announcements in full, or to receive them as soon as they're released, refer to the openSUSE Security Announce mailing list.
- The Linux kernel update was updated on openSUSE 10.2 and 10.3 to fix the following security problems:
- CVE-2008-2136: A problem in SIT IPv6 tunnel handling could be used by remote attackers to immediately crash the machine.
- CVE-2007-6282: A remote attacker could crash the IPSec/IPv6 stack by sending a bad ESP packet. This requires the host to be able to receive such packets (default filtered by the firewall).
- CVE-2007-5904: A remote buffer overflow in CIFS was fixed which could potentially be used by remote attackers to crash the machine or potentially execute code.
- CVE-2008-1615: On x86_64 a denial of service attack could be used by local attackers to immediately panic / crash the machine.
- CVE-2008-2358: A security problem in DCCP was fixed, which could be used by remote attackers to crash the machine. Only a fix for openSUSE 10.2 was necessary.
- CVE-2008-2148: The permission checking in sys_utimensat was incorrect and local attackers could change the file times of files they do not own to the current time.
- CVE-2007-6206: An information leakage during core dumping of root processes was fixed. This problem was already fixed for openSUSE 10.3 previously and was now fixed for openSUSE 10.2.
- CVE-2007-6712: A integer overflow in the hrtimer_forward function (hrtimer.c) in Linux kernel, when running on 64-bit systems, allows local users to cause a denial of service (infinite loop) via a timer with a large expiry value, which causes the timer to always be expired.
- CVE-2008-1669: Fixed a SMP ordering problem in fcntl_setlk could potentially allow local attackers to execute code by timing file locking.
- CVE-2008-1367: Clear the "direction" flag before calling signal handlers. For specific not yet identified programs under specific timing conditions this could potentially have caused memory corruption or code execution.
- CVE-2008-1375: Fixed a dnotify race condition, which could be used by local attackers to potentially execute code.
- CVE-2007-5500: A ptrace bug could be used by local attackers to hang their own processes indefinitely.
In the Press
- "It’s still early after the launch, but I think we’ve been pretty successful in getting the word out about openSUSE. Here’s what I’m seeing on the Internet the Monday after the launch ..."
- Review page
- "Welcome to our grudge match - In the blue corner weighing in at 4.4 GB, defending champion Mandriva 2008.1 Spring. In the green corner weighing in at 4.3 GB is our returning challenger openSUSE 11.0."
- "Micro-Star International will deliver low-cost, mini-notebooks pre-loaded with SUSE Linux Enterprise Desktop"
- openSUSE 11.0 is a fabulous release. The pretty new graphics set the stage for significant improvements under the surface. All the time and energy put into the package management system has paid off. Including KDE 4 is not as big of a risk for openSUSE as it might be for other major distributions because of the conservative and intuitive way KDE 4 is set up.
- This is a very strong OpenSUSE release with a lot of compelling improvements. OpenSUSE 11 offers the best KDE 4 experience out there and will continue to be our reference distribution for KDE testing. OpenSUSE 11 is also an increasingly solid choice for GNOME users—its unique GNOME customizations add a nice level of polish, and the inclusion of Banshee and Beagle ensure that it provides a better set of default applications out of the box than Ubuntu and Fedora.
Numbers in brackets show the changes compared to the previous week.
The openSUSE Forums have 2942 (+1419) registered users. Most users ever online including guests was 1593, 23-Jun-2008 at 11:17 PM.
The Build Service now hosts 3034 (+50) projects, 46513 (+1796) packages, 5638 (-855) repositories by 6886 (+263) confirmed users.
The numbers for all openSUSE project products are this week:
- All Open Reports: 4342 (+410)
- Blocker: 20 (+1)
- Critical: 185 (+40)
- Major: 665 (+94)
- Normal: 2430 (+149)
- Minor: 372 (+40)
- Enhancements: 670 (+86)
Daily updated translation statistics are available on the openSUSE Localization Portal.
A full Swedish remaster of openSUSE 11.0 is available on LINUX.EXTON.NET. It is called EXTON-OpSuS 11.0 LiveDVD.
Feedback / Communicate / Get Involved
Got any comments on any of the things mentioned in this article? Then head right over to the news.openSUSE.org story comment section and let us know! To communicate and get help from the wider openSUSE community -- via IRC, forums, or mailing lists -- see Communicate.
You can subscribe to the openSUSE Weekly News RSS feed at http://news.opensuse.org/category/weekly-news/?feed=rss2