Heya folks! We have a lot of items to share this week. Let’s start off with yet more CVE security fixes.
First up is curl, which had two CVE fixes this week, CVE-2023-38545 and CVE-2023-38546. These issues have a severity of HIGH. You can read this blog post for more information. Secondly, we have a security fix for libcue, a library for parsing and extracting data from CUE sheets. CVE-2023-43641 enables GNOME users to be exploited by downloading a malicious cue sheet from a webpage. See this article for more information. Both fixes were cherry-picked to Stable during the week. As always, please make sure you are fully updated!
@ReillyBrogan switched Solus to using systemd-resolved by default, following other distributions. This enables the use of a centralized DNS cache, improving compatibility with VPNs that push DNS servers via NetworkManager integration. The NCSD cache has been disabled, since it is superseded by systemd-resolved. Detailed information about these changes in Fedora can be found here and here. Due to positive feedback in testing, the BORE scheduler has also been enabled by default in this week’s kernel update.
We’ve made some changes to our Firefox package, in addition to updating it to 118.0.2:
- Launch in Wayland by default (does not affect Budgie or MATE)
- Switch to managing langpacks similar to Fedora
- This should hopefully fix issues with language preferences being reset after updates.
- If it does not fix the issue, then please let us know here.
- Use more shared system libraries instead of bundled ones
- Fix default browser detection
@ZachBacon has been hard at work updating our GNOME stack to 45.0. As always, the GNOME stack has taken a lot of work, but it is nearing completion. Keep an eye out for more information regarding this upgrade in Solus Soon:™:! It’s anticipated that this will land in Unstable over the weekend, which means that sync will be deferred next week for testing!
We’re almost halfway through Hacktoberfest already, and we have received and merged almost 60 pull requests adding homepages to packages! If you would like to help out, there’s still plenty of time left, and these tasks aren’t going away! If you’ve never done packaging before, check out our Help Center packaging articles to get started, and check out the issues labeled Good First Issue on our issue tracker.
Other changes this week:
Core system
- Linux-current 6.5.7 and linux-lts 5.15.135
- Pipewire v0.3.82
- Our glibc package had the way it did hwcaps changed to the newer method. Hwcaps are special libraries compiled for newer processors that are loaded on-demand for CPUs that support those instructions. This won’t have any user-facing impact but it does open up the update to a newer glibc!
- Network-manager saw an overhaul land this sync. It should now use the internal dhcp client rather than the deprecated ISC dhclient, let us know if you have any issues with this. It should also now integrate better with systemd for the network-online target.
- libicu 73.2 (Thanks Zach!)
- libwebkit-gtk 2.42.1 (Thanks Zach!)
- Libvirt now supports firewalld (optional) (Thanks Evan!)
- sqlite 3.43.2
- containerd 1.7.7
- curl 8.4.0 (Thanks Silke!)
- modem-manager 1.20.6 (Thanks Zach!)
- libblockdev 3.0.4!<
Codecs (All done by ReillyBrogan except for gstreamer)
Apps
Gaming
Theming/Fonts
Languages
That’s it for this week, folks! Keep a look-out for more news next week! And remember, there will be no sync next week.
