Dear Tumbleweed users and hackers,

My punishment for taking Fridays off is having to write a weekly review that spans again over two weeks. I know, many of you rely on those reviews to know what is coming their way and doing this only bi-weekly is definitively now what I am striving for. After all, you deserve to be informed about the things happening in Tumbleweed. During the last two weeks, we have published 9 snapshots (0921, 0922, 0925, 0926, 0927, 0929, 1001, 1003, and 1005 – with the latest one being still being hot – and important in plus.

The most relevant changes in these snapshots are:

  • Linux kernel 6.5.4
  • Poppler 23.09.0
  • dbus 1.14.10
  • Node.JS 20.7.0
  • XWayland 23.2.1
  • UDisks 2.10.0
  • LibreOffice 7.6.1.2
  • Mesa 23.1.8, 23.2.0, and 23.2.1
  • GPG 2.4.0
  • Mozilla Firefox 118.0.1
  • GStreamer 1.22.6
  • openSSL 3.1.3
  • systemd 254.5
  • glibc CVE-2023-4911, aka Looney Tunables
  • Samba 4.19.0

The glibc fix is part of Snapshot 1005, but due to its importance and reach was already published in the Tumbleweed update channel yesterday evening.

The staging projects are currently testing these changes:

  • binutils 2.41
  • Linux kernel 6.5.6
  • Shadow 4.14.1
  • zypper 1.14.65 / libzypp 17.31.21: changes around transfiletrigger handlers; openQA seems not yet happy with the result
  • LibreOffice 7.6.2