Lector de Feeds

Publication date: 09 Nov 2024
Type: bugfix
Affected Mageia releases : 9
Description Kmetronome (Drumstick Metronome) crashes as soon as the Play button is clicked. This update fixes the issue. References

• https://bugs.mageia.org/show_bug.cgi?id=33188

SRPMS 9/core

• drumstick-2.7.2-1.1.mga9
• kmetronome-1.3.1-1.1.mga9

← Older revision Revision as of 03:41, 9 November 2024 Line 1: Line 1:  +  +{{Multi language banner|[[User:Zeldas7777|english]] ;}}  +</noinclude><includeonly>{|style="margin-bottom: 1em; border-radius:0.2em; background-color: #2397D410; border: 0.25em solid #2397D4FF; width: auto; min-width: 32%; min-height: auto"  +|-  +|style="width: 50px;"|[[Image:{{{img|Drakconf_multiflag.png}}}|center|46px]]  +|style="solid #2397D4FF; text-align:left; vertical-align:top;"|<span style="color: #262F45; font-weight:bold;">{{{title|Secure boot clarification}}}</span><br /><span style="color: green; white-space:pre-line; line-height: 100%;"><span style="color: green; text-transform: capitalize">{{{1|{{{msg}}}}}}</span>  +|}</includeonly>  <h2 style="font-size:xx-large">'''Secure boot clarification'''</h2> <h2 style="font-size:xx-large">'''Secure boot clarification'''</h2>    Line 4: Line 11:     <p style="text-indent:15px"> <p style="text-indent:15px"> −Secure boot was created to ensure the protection of the operating system (OS). The Linux community went into panic mode when secure boot was recently upgraded. This wiki entry will hopefully bring some clarity to the confusion caused by the secure boot upgrade and its impact on Linux. The process of enabling secure boot is to ensure the OS is secure from rootkits, keyloggers, and malware. In general, the idea behind secure boot is to protect the end user from any threats to security and/or privacy. The secure boot feature disables the OS immediately upon detection of a threat.  +Secure boot was created to ensure the protection of the operating system (OS). The Linux community did not like the secure boot upgrade. The end user would have to disable secure boot then install Linux. The reason was because the computers did not have the TPM Linux distribution signatures installed in the computer before manufacturing the computers. The Linux distribution developers would have to sign the bootloader, kernel, and drivers. This also created the need for more documentation for computers without Linux distribution signatures to successfully install Linux distribution. This wiki entry will hopefully bring some clarity from users in the Linux community on the secure boot upgrade, and it's impact on Linux. The purpose of enabling secure boot is to ensure the OS is secure from rootkits, keyloggers, and malware. The secure boot is for protecting the end user from any threats to security and/or privacy. The secure boot feature disables the OS immediately upon detection of invalid signatures.    </p> </p>    Line 10: Line 17:     <p style="text-indent:15px"> <p style="text-indent:15px"> −This document does not apply to your computer if it was manufactured before 2009. If your computer was manufactured in 2009 or later, it may have a Trusted Platform Module (TPM) chip, which means this document could apply to your personal computer (PC). Personal computers with TPM chip version 1.0 started to appear in 2009. This chip was soon upgraded to TPM version 1.1 in 2011. The next major update to TPM chips was version 2.0, which came out in 2014. This has been considered the new standard since 2016. The TPM helps ensure the boot processes of your PC cannot be corrupted. If you would like to learn more about TPM, please check out the reference links below.+This document does not apply to your computer if it was manufactured before 2009. If your computer was manufactured in 2009 or later, You may have a Trusted Platform Module (TPM) chip. This wiki can apply to your personal computer (PC). Personal computers with TPM chip version 1.0 started to appear in 2009. This chip was soon upgraded to TPM version 1.1 in 2011. The next major update to TPM chips was version 2.0, which came out in 2014. This has been considered the new standard since 2016. The TPM chip does ensure the boot processes of your PC cannot be modified without your knowledge. If you would like to learn more about TPM, please check out the reference links below.  </p> </p>    Line 20: Line 27:     <p style="text-indent:15px"> <p style="text-indent:15px"> −Years ago, several root vulnerabilities in PC BIOS were exposed that allowed the booting OS to be compromised. Initially, only the bootloader was protected. This left the OS kernel and hardware drivers exposed. Eventually, even more vulnerabilities to the system were discovered making it hard to keep OS secure and protected from exploits. It was clear that he time had come to improve secure boot with an emphasis on making the process even more secure. This led to the need for more space to enable the storing of information for the upgraded secure boot in PC BIOS. This new requirement created the need  to allow communication between the OS, secure boot, and system BIOS. The solution was to implement Unified Extensible Firmware Interface (UEFI). This would allow the OS to receive information and update the firmware as needed. The introduction of UEFI also provided the option to enable secure boot, which verifies the security of the of the booting operating system at the same time.+ There has been several root vulnerabilities found in PC BIOS that were exposed that allowed the booting OS to be compromised. This left the OS kernel and hardware drivers exposed. Eventually, even more vulnerabilities to the system were discovered making it hard to keep OS secure and protected from exploits. It was clear that the time had come to improve upon the Unified Extensible Firmware Interface (UEFI) with emphasis on making the process even more secure. UEFI decided to implement the secure boot mode in the BIOS using the TPM chip. This would allow authentication of the OS from signed bootloader, kernel, and drivers.  </p> </p>    Line 26: Line 33:     <p style="text-indent:15px"> <p style="text-indent:15px"> −Secure boot mode is designed to authenticate the OS from a list of authorized operating systems in TPM module 2.0 where space has been made to include more key signatures. By default, if a key is in the "blocked" list, it will halt the computer instantly indicating that an invalid key has been detected. Secure boot mode operation is meant to validate two areas and watch one area of the OS. If any of these areas fails authentication, the system will halt instantly. This design creates a strict lockdown in the event that the bootloader, kernel, or its drivers are compromised with invalid signatures. Invalid signatures are either corrupt or missing. This presents a challenge during the development of an OS but is necessary to maintain OS security.+Secure boot mode is designed to authenticate the OS from a list of authorized operating systems in the TPM chip. By default, if a signature is in the "blocked" list, The computer will stop booting indicating that an invalid signature has been detected. Secure boot mode operation is meant to validate two areas and watch one area of the OS. If any of these areas fails authentication, the system will stop booting. This design creates a secure boot environment. If the bootloader, kernel, or its drivers are modified the signature is marked invalid. The Invalid signatures are also installed when firmware updates the UEFI firmware. Any OS without a valid signature is also blocked. This presents a challenge during the development of an OS but is necessary to maintain OS security.  </p> </p>     <h3>The secure mode operation while booting</h3> <h3>The secure mode operation while booting</h3>    −Secure mode has a secure 0 tolerance with absolutely no in-between scenarios: the system is either secure or compromised. Here is how the process works.+Secure mode authenticates the system from the installed signatures. Here is how the process works.  # Validate bootloader and proceed if validated. # Validate bootloader and proceed if validated.  # Validate kernel and proceed if validated. # Validate kernel and proceed if validated. −# Validate every hardware driver while booting and halt if a signature is missing or invalid. Otherwise proceed.+# Validate every hardware driver while booting and stop if a signature is missing or invalid. Otherwise proceed.     If everything is successful, the OS will boot as expected. If everything is successful, the OS will boot as expected. Line 41: Line 48:     <p style="text-indent:15px"> <p style="text-indent:15px"> −CPU board manufacturers are required to follow government laws. This means that no company can be biased and that all OS vendors share equal rights. All manufactures have a standard to follow that is strictly monitored. We have a few types of CPU boards on the market that must comply with personal data security. Here are the following types of CPU boards that allow secure boot to be disabled and those that do not allow it.+CPU board manufacturers are required to follow fair trade laws This means that no company can be biased and that all OS vendors share equal rights. All manufactures have a standard to follow that is strictly monitored. We have a few types of CPU boards on the market that must comply with personal data security. Here are the following types of CPU boards that allow secure boot to be disabled, those that do not allow it, or made optional for custom manufactured computers.     # Personal end user home computers: these can have secure boot disabled. # Personal end user home computers: these can have secure boot disabled. −# Business to Government computers: in order to enable data security, these cannot have secure boot mode disabled.+# Business to Government computers: in order to maintain data security, these cannot have secure boot mode disabled. −# Custom manufactured computers specifically made for a company: these allow the option to "disable secure boot" at the request of the business customer.+# Custom manufactured computers specifically made for a company: these allow the option to "disable secure boot options" at the request of the business customer.  </p> </p>     <p style="text-indent:15px"> <p style="text-indent:15px"> −The documentation for the UEFI firmware is required to be made available to all OS vendors. This documentation shall have all commands required for UEFI firmware updates. The currently installed OS enables the updating of the firmware. If you have a dual-boot or multi-boot system, then each OS shares ownership rights.+The documentation for the UEFI firmware is required to be made available to all OS vendors. This documentation shall have all commands required for UEFI firmware updates. The currently installed OS owns the updating of the firmware. If you have a dual-boot or multi-boot system, then each OS shares ownership rights.  </p> </p>    Line 57: Line 64:  The requirements to successfully enable secure boot mode on an OS are: The requirements to successfully enable secure boot mode on an OS are:    −# Extended validation certificate from a signed Certificate Authority (CA) certificate signing request (CSR) and private key. You would generate this and submit to your choice of secure certificate provider. This would be meant for code signing. The EV cert must come from the domain or organization that requests it to be verified.+# Extended validation certificate from a signed Certificate Authority (CA) certificate signing request (CSR), private key, and public key. You would generate this and submit to your choice of secure certificate provider. This would be meant for code signing. The EV cert must come from the domain or organization that requests it to be verified. −# Tools developed to be used in order to sign the returned certificate. Remember that you should have all three items: a certificate, a private key (must have a strong password and be kept secure), and a public key.+# Tools developed to be used in order to use the signed certificate returned by SSL provider. Remember that you should have both the valid signed certificate, a private key (must have a strong password and be kept secure), and a public key. −# The tool must be able to install the cert and public key on computer.+# The OS must be able to install the certificate and public key on computer.  # The boot image, kernel, and drivers must be signed using the certificate. # The boot image, kernel, and drivers must be signed using the certificate. −# Must have a TPM 1.0 or later chip.+# Must have a TPM chip.    </p> </p>    Zeldas7777

Publication date: 08 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-47220 Description An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1rn" inside of a "POST /user HTTP/1.1rn" request. (CVE-2024-47220) References

• https://bugs.mageia.org/show_bug.cgi?id=33617
• https://ubuntu.com/security/notices/USN-7057-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47220

SRPMS 9/core

• ruby-webrick-1.7.0-3.mga9

Publication date: 08 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-37891 Description When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to accidentally configure the Proxy-Authorization header even though it won't have any effect as the request is not using a forwarding proxy or a tunneling proxy. In those cases, urllib3 doesn't treat the Proxy-Authorization HTTP header as one carrying authentication material and thus doesn't strip the header on cross-origin redirects. Because this is a highly unlikely scenario, we believe the severity of this vulnerability is low for almost all users. Out of an abundance of caution urllib3 will automatically strip the Proxy-Authorization header during cross-origin redirects to avoid the small chance that users are doing this on accident. Users should use urllib3's proxy support or disable automatic redirects to achieve safe processing of the Proxy-Authorization header, but we still decided to strip the header by default in order to further protect users who aren't using the correct approach. References

• https://bugs.mageia.org/show_bug.cgi?id=33716
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37891

SRPMS 9/core

• python-urllib3-1.26.20-1.mga9

← Older revision Revision as of 20:30, 8 November 2024 Line 171: Line 171:  '''Bei Intel''' '''Bei Intel'''    export VK_ICD_FILENAMES=/usr/share/vulkan/icd.d/intel_icd.x86_64.json   export VK_ICD_FILENAMES=/usr/share/vulkan/icd.d/intel_icd.x86_64.json  +  +== Gamemode ==  +Durch Installation des Pakets {{cmd|gamemode}} können Spiele und ähnliche Anwendungen mit verschiedenen Geschwindigkeitsoptimierungen, gestartet werden.  +Manchmal erhält man nur einen kleinen Geschwindigkeitsvorteil (vor allem bei Intel und Nvidia), manchmal einen großen (zum Beispiel bei Radeon 780M) und manchmal auch negatives (zum Beispiel wenn das System im Batteriemodus betrieben wird)  +  +Verwendung: {{cmd|gamemoderun <anwendung>}}  +  +Siehe: [https://github.com/FeralInteractive/gamemode Github]     == Hybride Grafikkarten == == Hybride Grafikkarten == Psyca

Mageia does not support secure boot. Check the documentation, forum and mailing lists...

← Older revision Revision as of 18:20, 8 November 2024 Line 4: Line 4:     <p style="text-indent:15px"> <p style="text-indent:15px"> −Secure boot was created to ensure the protection of the operating system (OS). We have allowed the installation and use of Mageia with secure boot enabled for years. The Linux community went into panic mode when secure boot was recently upgraded. This wiki entry will hopefully bring some clarity to the confusion caused by the secure boot upgrade and its impact on Linux. The process of enabling secure boot is to ensure the OS is secure from rootkits, keyloggers, and malware. In general, the idea behind secure boot is to protect the end user from any threats to security and/or privacy. The secure boot feature disables the OS immediately upon detection of a threat.  +Secure boot was created to ensure the protection of the operating system (OS). The Linux community went into panic mode when secure boot was recently upgraded. This wiki entry will hopefully bring some clarity to the confusion caused by the secure boot upgrade and its impact on Linux. The process of enabling secure boot is to ensure the OS is secure from rootkits, keyloggers, and malware. In general, the idea behind secure boot is to protect the end user from any threats to security and/or privacy. The secure boot feature disables the OS immediately upon detection of a threat.    </p> </p>    Sturmvogel

Show changes Beeba5000

← Older revision Revision as of 12:57, 8 November 2024 Line 3: Line 3:     {{Multi_language_banner-de|[[Spiegelserver Liste-de|Deutsch]] ; [[Mirror_List|English]] ; [[Liste des miroirs-fr|français]] ; [[Spiegelserverlijst-nl|Nederlands]] ; [[Yansı Listesi|Turkisk]] ;}} {{Multi_language_banner-de|[[Spiegelserver Liste-de|Deutsch]] ; [[Mirror_List|English]] ; [[Liste des miroirs-fr|français]] ; [[Spiegelserverlijst-nl|Nederlands]] ; [[Yansı Listesi|Turkisk]] ;}} −Du findest eine Liste von Mageia Spiegelserver unter dem folgenden Link:+Sie finden eine Liste von Mageia Spiegelserver unter dem folgenden Link:     [https://mirrors.mageia.org/ mirrors.mageia.org] [https://mirrors.mageia.org/ mirrors.mageia.org] Psyca

‎Installation

← Older revision Revision as of 12:55, 8 November 2024 Line 24: Line 24:     == Installation == == Installation == −=== Scriptpmethode ===+=== Mageia Werkzeuge ===  ''' ''####  Dies ist die empfohlene Methode.  ####'' ''' ''' ''####  Dies ist die empfohlene Methode.  ####'' '''     ''( Mageia 9 )'' ''( Mageia 9 )''    −Um zwischen PulseAudio und PipeWire ''in beide Richtungen'' vollständig zu wechseln können Sie das pa-switcher Werkzeug verwenden, welches unter [https://bugs.mageia.org/attachment.cgi?id=13717 als Paket zum herunterladen] , aus {{bug|31507}}, zur Verfügung steht.+Verwenden Sie zum Wechseln zwischen PulseAudio und PipeWire ''in beide Richtungen'' die Anwendung ''draksound''.     Beachten Sie: Jackaudio ist optional und wird nicht benötigt. Beachten Sie: Jackaudio ist optional und wird nicht benötigt. Psyca

← Older revision Revision as of 12:53, 8 November 2024 Line 56: Line 56:     Wenn Sie die Mirrorlist verwenden wollen: Wenn Sie die Mirrorlist verwenden wollen: −{{command-de|urpmi.addmedia --distrib --mirrorlist <nowiki>'http://mirrors.mageia.org/api/mageia.cauldron.i686.list'</nowiki>|prompt=#}}+{{command-de|urpmi.addmedia --distrib --mirrorlist <nowiki>'https://mirrors.mageia.org/api/mageia.cauldron.i686.list'</nowiki>|prompt=#}}  oder: oder: −{{command-de|urpmi.addmedia --distrib --mirrorlist <nowiki>'http://mirrors.mageia.org/api/mageia.cauldron.x86_64.list'</nowiki>|prompt=#}}+{{command-de|urpmi.addmedia --distrib --mirrorlist <nowiki>'https://mirrors.mageia.org/api/mageia.cauldron.x86_64.list'</nowiki>|prompt=#}}     Wenn Sie einen spezifischen Spiegelserver verwenden wollen (Folgende URL ist ein Beispiel für einen Tier 1 Spiegelserver): Wenn Sie einen spezifischen Spiegelserver verwenden wollen (Folgende URL ist ein Beispiel für einen Tier 1 Spiegelserver): Line 82: Line 82:     Falls Sie ein x86_64 System verwenden und Sie auch die 32-Bit Paketquellen aktivieren wollen, führen Sie folgenden Befehl aus: Falls Sie ein x86_64 System verwenden und Sie auch die 32-Bit Paketquellen aktivieren wollen, führen Sie folgenden Befehl aus: −{{command-de|dnf config-manager --set-enabled cauldron-i586|prompt=#}}+{{command-de|dnf config-manager --set-enabled cauldron-i686|prompt=#}}     Falls Sie die nonfree und tainted Quellen einbinden möchten (Ersetzen Sie "{arch}" mit Ihrer gewünschten Architektur "x86_64" oder "i586" und "{section}" mit "nonfree" oder "tainted"): Falls Sie die nonfree und tainted Quellen einbinden möchten (Ersetzen Sie "{arch}" mit Ihrer gewünschten Architektur "x86_64" oder "i586" und "{section}" mit "nonfree" oder "tainted"): Psyca

← Older revision Revision as of 12:52, 8 November 2024 (One intermediate revision by the same user not shown)Line 6: Line 6:     [https://mirrors.mageia.org/ mirrors.mageia.org] [https://mirrors.mageia.org/ mirrors.mageia.org]  +  +Dort können Sie auch sehen, von welchem anderen Spiegelserver jeder einzelne Spiegelserver synchronisiert.     Der Status jedes Spiegelservers kann unter folgender Seite angeschaut werden: Der Status jedes Spiegelservers kann unter folgender Seite angeschaut werden:     [https://mirrors.mageia.org/status mirrors.mageia.org/status] [https://mirrors.mageia.org/status mirrors.mageia.org/status]  +  +Wenn alle Spiegelserver rot angezeigt werden besteht ein Problem auf Seiten von Mageia.  +Falls Ihr bevorzugter Spiegelserver rot angezeigt wird, während andere grün angezeigt werden, dann hat Ihr bevorzugter Spiegelserver ein Problem. Es gibt zwei Gründe:  +* Der Server, von welchem Ihr Spiegelserver synchronisiert, ist rot  +** Falls dies nicht innerhalb einer überschaubaren Zeit behoben wird, kontaktieren Sie Ihren bevorzugten Spiegelserverbetreiber und empfehlen Sie diesem von einem anderen Spiegelserver zu synchronisieren.  +* Der Server, von welchem Ihr Spiegelserver synchronisiert, ist grün  +** Dann besteht das Problem bei Ihrem bevorzugten Spiegelserver. Bitte kontaktieren Sie den Serverbetreiber um sicher zu gehen, dass diese davon Kenntnis haben.  +  +Wir haben angefangen Kontaktdaten unter [[Mirror Contacts]] zu sammeln. Psyca

← Older revision Revision as of 12:44, 8 November 2024 Line 22: Line 22:  * [ircs://irc.libera.chat:6697/#mageia-council #mageia-council] * [ircs://irc.libera.chat:6697/#mageia-council #mageia-council]  * [ircs://irc.libera.chat:6697/#mageia-meeting #mageia-meeting] * [ircs://irc.libera.chat:6697/#mageia-meeting #mageia-meeting]  +* [ircs://irc.libera.chat:6697/#mageia-next #mageia-next] (Chat um alles was der strahlenden Zukunft von Mageia hilft)     * Der #mageia-social-Kanal, den wir auf Freenode für den allgemeinen Chat und den Aufbau der Mageia-Community hatten, wurde zu [ircs://irc.libera.chat:6697/#mageia-chat #mageia-chat] auf Liberachat. * Der #mageia-social-Kanal, den wir auf Freenode für den allgemeinen Chat und den Aufbau der Mageia-Community hatten, wurde zu [ircs://irc.libera.chat:6697/#mageia-chat #mageia-chat] auf Liberachat. Psyca

‎Mitglieder

← Older revision Revision as of 12:41, 8 November 2024 Line 12: Line 12:     * David Walser <luigiwalser@yahoo.com> * David Walser <luigiwalser@yahoo.com>  +* Nicolas Salguero (ns80) <ns80 AT mageia DOT org     == Richtlinien == == Richtlinien == Psyca

← Older revision Revision as of 01:51, 8 November 2024 Line 1: Line 1: −<h2 style="font-size:xx-large">'''Secure boot'''</h2>+<h2 style="font-size:xx-large">'''Secure boot clarification'''</h2>     <h3>Overview</h3> <h3>Overview</h3> Line 6: Line 6:  The secure boot has been created to ensure the OS is protected. We have been using secure boot enabled for years. Then when secure boot was upgraded the Linux community went into panic mode. There are a lot of confusion because of this update that will be made clear. The process of the secure boot is for ensuring the OS is secure from rootkits, keyloggers, and malware. In general protecting the end user of any possibility of compromise of security and privacy. The secure boot feature is to disable the OS immediately on detection.   The secure boot has been created to ensure the OS is protected. We have been using secure boot enabled for years. Then when secure boot was upgraded the Linux community went into panic mode. There are a lot of confusion because of this update that will be made clear. The process of the secure boot is for ensuring the OS is secure from rootkits, keyloggers, and malware. In general protecting the end user of any possibility of compromise of security and privacy. The secure boot feature is to disable the OS immediately on detection.    </p> </p>  +  +<h3>Who this applies to</h3>  +  +<p style="text-indent:15px">  +If your computer was manufactured before 2009 then this documentation does not apply to your specific computer. If your computer was manufactured in 2009 or later you may have a TPM chip and this documentation applies to your specific computer. They started producing computers with the TPM 1.0 version chip in 2009. The chip was shortly updated to TPM version 1.1 in 2011. The next major update TPM version 2.0 came in 2014. This has become the new standard in 2016. The trusted platform module helps with making sure your boot processes have not been tampered with. If you would like to learn more about TPM checkout the Reference links below.  +</p>  +  +Reference links:<br>  +Intel - https://www.intel.com/content/www/us/en/business/enterprise-computers/resources/trusted-platform-module.html<br>  +Wikipedia - https://en.wikipedia.org/wiki/Trusted_Platform_Module<br>     <h3>Why secure boot mode option was created</h3> <h3>Why secure boot mode option was created</h3> Line 37: Line 47:  # Custom manufactured computers specifically made for a company - These can optionally at the request of the company can have the option to "disable secure boot" enabled or disabled # Custom manufactured computers specifically made for a company - These can optionally at the request of the company can have the option to "disable secure boot" enabled or disabled  </p> </p>  +  <p style="text-indent:15px"> <p style="text-indent:15px">  The documentation for the UEFI firmware is required to be available for all OS vendors. This documentation shall have all the commands required for the UEFI firmware updates. The currently installed OS is the owner of updating the firmware. If you have a dual boot or multi boot system then all OS's share ownership rights. The documentation for the UEFI firmware is required to be available for all OS vendors. This documentation shall have all the commands required for the UEFI firmware updates. The currently installed OS is the owner of updating the firmware. If you have a dual boot or multi boot system then all OS's share ownership rights.  +</p>    −  −</p>   <h3>The requirement to enable secure boot</h3> <h3>The requirement to enable secure boot</h3>    Line 51: Line 61:  # The tool must be able to install the cert and public key on computer. # The tool must be able to install the cert and public key on computer.  # The boot image, kernel, and drivers must be signed using the certificate. # The boot image, kernel, and drivers must be signed using the certificate.  +# Must have TPM 1.0 or later chip.  </p> </p>    Line 59: Line 70:  Uefi Information - https://uefi.org/sites/default/files/resources/UEFI_Secure_Boot_in_Modern_Computer_Security_Solutions_2013.pdf Uefi Information - https://uefi.org/sites/default/files/resources/UEFI_Secure_Boot_in_Modern_Computer_Security_Solutions_2013.pdf    −Microsoft KEK expiring because the certificate is expiring on 10/19/2026. This means their will be another secure boot upgrade coming for current and new computers.+Microsoft KEK expiring because the certificate is expiring on 10/19/2026. This means there will be another secure boot upgrade coming for current and new computers.  Here is the link to the PDF document. Here is the link to the PDF document.    Line 74: Line 85:  https://forums.mageia.org/en/search.php?keywords=secure+boot&fid%5B0%5D=7 https://forums.mageia.org/en/search.php?keywords=secure+boot&fid%5B0%5D=7     +<h3>Common issues with TPM</h3>  +<p style="text-indent:15px">  +Dual or multi boot is harder to work with when you want to boot Windows and Linux. This can be even harder for Windows, Linux, and another OS. If the Linux distro does not support secure boot enabled and you have the TPM on computer. You would have to enable legacy mode and disable secure boot. This is the only way to dual or multi boot with Windows. This will slow down the boot process and disable all bios protection. This will also disable any hardware improved features until OS has booted. Remember if you need this kind of environment then you will have to reinstall Windows and other OS's you wish to dual or multi boot. This method is not recommend as this will open a security risk of having malware infecting or modifying your computer and is not secure.  +</p>     <h3>Clarification conclusion</h3> <h3>Clarification conclusion</h3>    −This document was created to clarify any confusion about the updated secure boot mode function.+This document was created to help make any confusion about the updated secure boot mode function clear. I hope you learned the importance of the secure boot and why we need it. We need to maintain stable and secure distributions for all users. I will be creating a how to and linking it to this document when I am finished.  +      </p> </p> Zeldas7777

Publication date: 07 Nov 2024
Type: bugfix
Affected Mageia releases : 9
Description This bug addresses a newer wireplumber that was missed in a previous pipewire update. After the previous update (pipewire-0.3.85-6) sometimes it could happen that some Bluetooth audio device was not correctly connected. This version update should fix the problem, among other fixes. The pipewire-media-session package, which is the other (older) companion media session manager, has also been rebuilt against the latest pipewire (0.3.85-6 aka 1.0.9) and includes an upstream patch to fix a potential DBusMessage memory leak. References

• https://bugs.mageia.org/show_bug.cgi?id=33698

SRPMS 9/core

• wireplumber-0.5.6-1.mga9
• pipewire-media-session-0.4.2-1.1.mga9