Four openSUSE Tumbleweed snapshots have been released since last Thursday.
Only two packages came in the most recent 20201124 snapshot. Email client mutt had a version bump from 1.14.7 to 2.0.2; the new major release was not because of the magnitude of features but because a few changes are backward incompatible. There were some important changes highlighted like when using
attach-file to browse and add multiple attachments to an email;
quit can be used to exit after tagging the files. For the full list, read the release notes. The release also fixed a Common Vulnerabilities and Exposures that ensures the IMAP connection is closed after a connection error to avoid sending credentials over an unencrypted connection. The other package in the snapshot was the Ruby static code analyzer rubygem-rubocop. The updated 1.3.1 version offers multiple new features and fixes like reading the required_ruby_version from gemspec file if it exists.
The 20201123 snapshot had several GNU package updates like an update to GNU Compiler Collection 10, which Included a fix for a memcpy miscompilation on aarch64. GNU binary tool binutils cleaned up the specfile in the 2.35.1 version and general-purpose parser generator bison 3.7.4 now defines YYBISON macro as an integer. The ipset 7.9 update enabled memory accounting for ipset allocations and the Passlib password hashing library for Python, python-passlib 1.7.4, added optional dependencies for web framework Django and apache2-utils. Bar code reader package zbar 0.23.1 changed defaults to autodetect Python and GTK versions. Several YaST packages were updated like yast2-network 4.3.28, which provided a fix for the detecting of connection configuration changes, and yast2-firstboot 4.3.8, which removed a duplicated lan client from the firstboot control file and modified the firstboot_dhcp_setup client using the installation dhcp setup client directly.
Snapshot 20201121 highlights the CVE hunting the Mozilla Thunderbird project did in version 78.5.0. The email client closed out more than a dozen CVEs like single-word search queries that were broadcast to local networks (CVE-2020-26966) and the software keyboards that may have remembered typed passwords (CVE-2020-26965). Privacy guard gpg2 2.2.24 fixed the encrypt+sign hash algo preference selection for Elliptic Curve Digital Signature Algorithm, which is needed for keys created from existing smartcard based keys. Support exporting secret keys was made to the cryptography support program gpgme 1.15.0. Sudo now logs when a user-specified command-line option is rejected by a sudoers rule in sudo 1.9.3p1 and ucode-intel 20201118 removed TGL/06-8c-01/80 due to functional issues with some original equipment manufacturer platforms.
The snapshot released a week ago on Thursday was a release many were waiting for with GNOME 3.38. Snapshot 20201119 updated GNOME users to the new Orbis release that highlights the main functionality of the desktop and provides first time users a nice welcome to GNOME with the GNOME tour welcome app. The release provides better screen recording infrastructure in GNOME Shell, made improvements to take advantage of multimedia processing package PipeWire and kernel APIs to reduce resource consumption and improve responsiveness. KDE Frameworks 5.76.0 arrived in the snapshot as well made improvements to Plasma’s Breeze Icons; Plasma Frameworks locked the header colors of Breeze Dark and Breeze Light themes and remove unnecessary anchors in the ComboBox.contentItem. Kirigami package improved the look of the FormLayout on mobile and fixed the menus in contextualActions. The 2.66.3 glib2 package fixed sending large D-Bus messages. Tools for accessing the process power of the Linux Kernel gained Alder Lake, Rocket Lake and Sapphire Rapid support in the update to cpupower 5.10. Other notable packages to that updated in the snapshot were gtksourceview4 4.8.0, pango 1.48.0, libsoup 2.72.0 and vala 0.50.1.