Sync Updates for Week 5, 2024

EbonJaeger

Heya folks! It's Friday, and that means it's time for the weekly Solus roundup!

There are a couple of new packages included in the repository this week. The first is doctl, a CLI tool to help manage Digital Ocean resources. If you use Digital Ocean services, you'll likely want to check this out. Next is kamoso, a KDE Gear application for taking photos and video using your webcam.

Deprecated this week is the package latencytop. The program is unmaintained upstream, and has the major disadvantage that building a kernel with it has a per-kernel-task memory penalty, even when the user space tooling is not active.

Security updates

We begin this week with security updates. @algent resolved issues with two packages, opensc and libebml. opensc was updated to 0.24.0, fixing a total of four vulnerabilities:

Likewise, libebml was updated to 1.4.5, fixing CVE-2023-52339.

Glibc has some widely reported-on vulnerabilities this week that were resolved by importing the upstream patches. These vulnerabilities could be used for local privilege escalation, but could usually not be exploited remotely.

Runc had a container breakout vulnerability patched by updating to the latest release:

CVE-2024-21626

OpenSSL had several minor vulnerabilities patched by updating to 3.1.5. These are generally not exploitable, which is why we did not update the package previously with backported fixes.

As always, ensure that you install updates to get the latest security vulnerability fixes.

Media updates

aom was updated to 3.8.1 (@ReillyBrogan)
geeqie was updated to 2.2.0 (@algent)
geonkick was updated to 3.3.2 (@malfisya)
mediainfo was updated to 24.01 (@Harvey)

Gaming updates

frozen-bubble had AppStream metadata included (@malfisya)
ppsspp was updated to 1.17 (@ReillyBrogan)

CLI tool updates

calc was updated to 2.0.15.5 (@malfisya)
curl was updated to 8.6.0 (@silkeh)
ddrescue was updated to 1.28 (@ReillyBrogan)
docker-compose was updated to 2.24.5 (@ReillyBrogan)
fastfetch was updated to 2.7.1 (@algent)
github-cli was updated to 2.43.1 (@EbonJaeger)
go-task was updated to 3.34.1 (@ReillyBrogan)
gnupg was updated to 2.4.4 (@ReillyBrogan)
gnuplot was updated to 6.0.0 (@algent)
strace was updated to 6.7 (@EbonJaeger)

System updates

Linux kernel (current) was updated to 6.6.15 (@ReillyBrogan)
Linux kernel (LTS) was updated to 5.15.147 (@ReillyBrogan)
libsodium was updated to 1.0.19 (@ReillyBrogan)
mesalib was updated to 23.3.5 (@ReillyBrogan)
openssl was updated to 3.1.5 (@ReillyBrogan)
Pipewire was updated to 1.0.3 (@ReillyBrogan)
sqlite3 was updated to 3.45.1 (@ReillyBrogan)
systemd was updated to 253.16 (@ReillyBrogan)
binutils was updated to 2.42 (@ReillyBrogan)
libblockdev was updated to 3.1.0 (@ReillyBrogan)
qemu was updated to 8.2.1 (@ReillyBrogan)
virtiofsd was updated to 1.10.1 (@ReillyBrogan)
gnupg was updated to 2.4.4 (@ReillyBrogan)
zlib was updated to 1.3.1 (@ReillyBrogan)
libidn was updated to 1.42 (@ReillyBrogan)
libidn2 was updated to 2.3.7 (@ReillyBrogan)
mariadb was updated to 10.6.16 (@ReillyBrogan)
docker was updated to 25.0.2 (@ReillyBrogan)
containerd was updated to 1.7.13 (@ReillyBrogan)
runc was updated to 1.1.12 (@ReillyBrogan)
An issue where Avahi and systemd-resolved would both try to listen on the same port for mdns was resolved by disabling it on the systemd-resolved side (@ermo)

Language updates

openjdk-11 was update to 11.0.22 (@ReillyBrogan)
openjdk-11 had webkit support enabled for the included OpenJFX runtime. This runtime has also now been split out to the openjfx-11 package, if you need this, please install the new package to continue using it (@ReillyBrogan)
openjdk-17 was updated to 17.0.10 (@ReillyBrogan)
php was updated to 8.2.15 (@ReillyBrogan)

Other desktop updates

Budgie Desktop has been updated to the latest 10.9 series this week! 10.9 includes a completely redesigned Bluetooth applet, early porting efforts towards Wayland, and adopting a fork of gnome-session named budgie-session for session management. If you haven't yet, be sure to check out their blog posts for 10.9 and 10.9.1. Additionally, if you haven't seen their earlier blog post, check out the State of the Budgie 2023!

Work progresses steadily on Plasma 6. KDE Frameworks 6 was updated to the latest RC2 this week by @ReillyBrogan. While very few Solus packages currently use KF6, keeping those packages up-to-date is important for the Plasma 6 efforts. It also enables developers to develop applications using KF6. KDE Gear for Plasma 6 has also been updated to RC2.

For Plasma 5, Akonadi was modified to fix its AppArmor rules and to use Sqlite as the default backend instead of MariaDB (MySQL). This change only affects new installations of Akonadi. If you would like to switch the backend configuration for an existing installation, see here. Note: Because you are changing the backend storage, existing stored contacts and events will be lost! Once you have switched over to the Sqlite backend, feel free to remove the mariadb-server package if you otherwise don't need it.

Note that if you were previously having the issue where Akonadi was not starting up, you may need to run sudo systemctl reload apparmor after updating in order for the updated AppArmor rules to be imported by the kernel.

bibata-cursors was updated to 2.0.6 (@algent)
Brave was updated to 1.62.156 (@algent)
budgie-desktop-branding was updated to include missing defaults that had been removed (@EbonJaeger)
burn-my-windows was updated to v40 (@ReillyBrogan)
CoreCtrl was updated to 1.3.9 (@ermo)
colord was updated to 1.4.7 (@ReillyBrogan)
Discord was updated to 0.0.42 (@joebonrichie)
Element was updated to 1.11.57 (@silkeh)
font-iosevka-ttf was updated to 28.0.6 (@nazar)
gpxsee was updated to 13.15 (@nazar)
kitty was updated to 0.32.1 (@nazar)
korla-icon-theme was updated to 1.6.0 (@algent)
Fixed a crash with Krita and gmic (@ReillyBrogan)
libei was updated to 1.2.0 (@ReillyBrogan)
libinput was updated to 1.25.0 (@ReillyBrogan)
nextcloud-client was updated to 3.11.1 (@silkeh)
Opera was updated to 106.0.4998.70 (@Harvey)
qpwgraph was updated to 0.6.2 (@ReillyBrogan)
sardi-icons was updated to 23.12.07, and icons for XFCE were enabled (@algent)
tailscale was updated to 1.58.2 (@nazar)
Telegram was updated to 4.14.12 (@ReillyBrogan)
texstudio was updated to 4.7.2 (@algent)
Vivaldi (stable) was updated to 6.5.3206.59 (@Harvey)
Vivaldi (snapshot) was updated to 6.6.3256.4 (@Harvey)
VSCode was updated to 1.86.0. Wayland is now enabled by default when running in a Wayland session. To disable this, you can set the VSCODE_NO_WAYLAND environmental variable before launching VSCode. (@ReillyBrogan)
Davmail had support for handling Office365 login windows enabled by switching it to depend on the new openjfx-11 package (@ReillyBrogan)
xdg-utils was updated to 1.2.0 (@ReillyBrogan)
yubikey-manager was updated to 5.3.0 (@joebonrichie)

That’s all for this week, folks! We'll be here same time, same place next week for another roundup of the news!

mbevks

EbonJaeger So it has been two weeks since I updated, so it might be the prior update. I was out of town. The bug I am seeing is with the workspace switcher that's on my panel. When I have an open program in a different workspace, I used to be able to click on it and I'd go to that workspace. Now I have to click in the whitespace in the switcher but not the icon. Clicking on the icon does nothing.

Edit: One more bug found. Alt + tab normally lets me cycle through my programs. It still works but once I get to the last program open, it stops cycling. So if I have three programs open and hold alt and press tab once, it highlights the 2nd program. If I hit tab again, it highlights the 3rd program. If I hit tab again, it stays on that last program. However, if I hit alt + shift + tab it'll cycle backwards through the programs and keep cycling.

Edit: Looks like the bugs were already known and a fix is ready. I am catching up with my RSS and read this: https://buddiesofbudgie.org/blog/budgie-10-9-1-released.

ReillyBrogan

First

brent

up late for me. updated & rebooted. all good. burn-my-windows just skirted passed my eyeballs and made me laugh🙂 whatever it is.

Harvey

Not just for plasma:

Sebastian

It's a GNOME shell Extension and basically does what it says

brent

@Sebastian @Harvey
great videos.
when you want to close a window in style with dramatic effect I'd have to call that an aesthetic flourish and totally badsa**.

ReillyBrogan

@elusian I'm not sure what your github username is or I would have pinged you there, but your issue requesting webkit support in openjfx has been resolved. See the release note above.

elusian

ReillyBrogan Thank you!

(The username is the same)

Harvey

vscode fix for issue under wayland cherry-picked.

johano

The Workspace switcher applet is not switching workspace and activating applications when the icons are clicked. Otherwise, workspaces seem to be behaving normally.

For example, clicking the terminal icon or the gedit icon below has no effect

Tried removing, then re-adding the applet, and refreshing the panel.

Edit: See this has already been reported by @mbevks above!

EbonJaeger

Can one of you please create an issue at the Budgie tracker? Thanks.

johano

EbonJaeger,

I've given it a shot here.

Axios

This update cause my screen go black with colored lines and if I move mouse it stops.
does it when it feels like it.
If lucky it just flashes black for a second without getting hung up.
Note Horizontal lines

ReillyBrogan

Axios If you switch back to the previous kernel is it better?

Axios

ReillyBrogan Not sure thats the issue after switching kernels back and forth
get same mixed results. Just seems be unstable dont know when its going happen sometimes no issue at
all.
Will investigate further.

Axios

ReillyBrogan The previous update I had to create 2 X files to get my video
working properly and it was till this update that everything went south again.
And so did I..lol
Long story short deleted the modesetting file but kept the 20-intel.conf and its been working
without issue. (So far at least)
Appeared as a problem but really a fix I guess in my books. (Just didnt appear what it really was)

I think alot of this stuff is just this skylake platform only one I got that uses it.

If I go back and run the previous kernel with my 2 file fixes everything still runs fine So appears
Kernel related. (If I disable one those files video goes bad)

Thanx again

presianbg

OMG! The new bluetooth applet is a gem!
Thank you so much for all the sweat, blood and tears keeping Solus state-of-the-art distro!

Zenurik

After VSCode changed to Wayland it doesn't work with KDE's global menu anymore. I was able to bring it back by using the VSCODE_NO_WAYLAND=1 envvar, but will it work natively anytime soon?

ReillyBrogan

Zenurik I'd check the upstream VSCode issue tracker to see if there's an issue for it, and if not create one. All that we've done on the Solus side is add a wrapper script to launch VSCode with the right electron arguments to launch in Wayland native mode, if that native mode has issues then the VSCode devs need to resolve them.