Dear Tumbleweed users and hackers,

The winter holiday period is upon us, and the number of requests submitted to Factory is getting lower (I even managed to have an empty review queue for a couple of minutes yesterday). But small snapshots never stopped Tumbleweed – and it kept on rolling, again with 7 snapshots released during this week (1216…1222)

The most relevant changes included are:

  • Pipewire 0.3.63
  • sqlite3: CVE-2022-46908: relying on –safe for execution of untrusted CLI scripts
  • systems: CVE-2022-4415
  • XFCE 4.18 (update in progress, not the entire stack is there yet, please be patient)
  • Node.JS 19.3.0
  • Mozilla Firefox 108.0.1
  • NetworkManager 1.40.8
  • Linux kernel 6.1.0
  • Bash 5.2.15

As a lot of people are already enjoying some time off, a few resources are missing to fix the fallout in the staging projects, which means the list stays, to a large degree, the same as last week:

  • Util-linux 2.38.0 (Snapshot 1223+)
  • Boost 1.81.0: breaks libetonyek and LibreOffice
  • Ruby 3.2 (currently RC) is being tested to become the default ruby version (switch would happen when ruby 3.2 sees a final release)
  • Switch to openSSL 3: tracked in Staging:N, main failures are nodejs18, nodejs19, OpenSSH, mariadb
  • Python pytest 7.2.0