Frameworks, PostgreSQL, Vim Update in Tumbleweed (UPDATED)
The trend this week is like Tumbleweed on cruise control just rolling out snapshot after snapshot.
Among the updated packages in snapshot 20220816, postgresql14 14.5 made a splash with fixing a Common Vulnerability and Exposure; with CVE-2022-2625, the extensions use of CREATE OR REPLACE or CREATE IF NOT EXISTS are not being adhered to according to the documented rules and attacker can run arbitrary code as the victim role, which may be a superuser. PostgreSQL is blocking this attack in the core server, so there is no need to modify individual extension scripts. Moving on to a more lighter subject, the snapshot provided an update of filesystem utility xfsprogs 5.19.0. The newer version update provides more autoconf modernization and fixes a memory leak. It’s counterpart, xfsdump 3.1.10, fixed bind mount handling that was corrupting dumps and removed Data Management Application Programming Interface support. Xfce users can now have window capture in HiDPI mode thanks to an update of xfce4-screenshooter 1.9.11.
UPDATE
More from Dominique Leuenberger today.
-
openSUSE Tumbleweed – Review of the week 2022/33
Nothing is stopping Tumbleweed – it’s still full steam ahead with 7 snapshots released in one week, which means daily snapshots without interruptions—trying to get a new streak record? let’s see! So far we’re at 14 days of release without a gap. So far, the highest streak was 18 if I’m not mistaken (2021/1116-1203). In any case, these are just nice stats, but the quality of the snapshots has always been more important to us than the number of snapshots. And I’m convinced the Tumbleweed users to see this the same way.