Principal

Lector de Feeds

MGASA-2024-0344 - Updated kernel-linus packages fix security vulnerabilities

Mageia Security - 2 Noviembre, 2024 - 17:56
Publication date: 02 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-52917 , CVE-2024-47670 , CVE-2024-47671 , CVE-2024-47672 , CVE-2024-47673 , CVE-2024-47675 , CVE-2024-47678 , CVE-2024-47679 , CVE-2024-47681 , CVE-2024-47682 , CVE-2024-47683 , CVE-2024-47684 , CVE-2024-47685 , CVE-2024-47686 , CVE-2024-47688 , CVE-2024-47689 , CVE-2024-47690 , CVE-2024-47691 , CVE-2024-47692 , CVE-2024-47693 , CVE-2024-47695 , CVE-2024-47696 , CVE-2024-47697 , CVE-2024-47698 , CVE-2024-47699 , CVE-2024-47700 , CVE-2024-47701 , CVE-2024-47704 , CVE-2024-47705 , CVE-2024-47706 , CVE-2024-47707 , CVE-2024-47709 , CVE-2024-47710 , CVE-2024-47712 , CVE-2024-47713 , CVE-2024-47714 , CVE-2024-47715 , CVE-2024-47716 , CVE-2024-47718 , CVE-2024-47719 , CVE-2024-47720 , CVE-2024-47722 , CVE-2024-47723 , CVE-2024-47725 , CVE-2024-47727 , CVE-2024-47728 , CVE-2024-47730 , CVE-2024-47731 , CVE-2024-47734 , CVE-2024-47735 , CVE-2024-47737 , CVE-2024-47738 , CVE-2024-47739 , CVE-2024-47740 , CVE-2024-47741 , CVE-2024-47742 , CVE-2024-47743 , CVE-2024-47744 , CVE-2024-47745 , CVE-2024-47747 , CVE-2024-47748 , CVE-2024-47749 , CVE-2024-47750 , CVE-2024-47751 , CVE-2024-47752 , CVE-2024-47753 , CVE-2024-47754 , CVE-2024-47755 , CVE-2024-47756 , CVE-2024-47757 , CVE-2024-49850 , CVE-2024-49851 , CVE-2024-49852 , CVE-2024-49853 , CVE-2024-49855 , CVE-2024-49856 , CVE-2024-49858 , CVE-2024-49859 , CVE-2024-49860 , CVE-2024-49861 , CVE-2024-49862 , CVE-2024-49863 , CVE-2024-49864 , CVE-2024-49866 , CVE-2024-49867 , CVE-2024-49868 , CVE-2024-49870 , CVE-2024-49871 , CVE-2024-49874 , CVE-2024-49875 , CVE-2024-49877 , CVE-2024-49878 , CVE-2024-49879 , CVE-2024-49881 , CVE-2024-49882 , CVE-2024-49883 , CVE-2024-49884 , CVE-2024-49886 , CVE-2024-49889 , CVE-2024-49890 , CVE-2024-49892 , CVE-2024-49894 , CVE-2024-49895 , CVE-2024-49896 , CVE-2024-49900 , CVE-2024-49901 , CVE-2024-49902 , CVE-2024-49903 , CVE-2024-49905 , CVE-2024-49907 , CVE-2024-49912 , CVE-2024-49913 , CVE-2024-49924 , CVE-2024-49925 , CVE-2024-49927 , CVE-2024-49929 , CVE-2024-49930 , CVE-2024-49931 , CVE-2024-49933 , CVE-2024-49935 , CVE-2024-49936 , CVE-2024-49937 , CVE-2024-49938 , CVE-2024-49939 , CVE-2024-49944 , CVE-2024-49946 , CVE-2024-49947 , CVE-2024-49948 , CVE-2024-49949 , CVE-2024-49950 , CVE-2024-49951 , CVE-2024-49952 , CVE-2024-49953 , CVE-2024-49954 , CVE-2024-49955 , CVE-2024-49957 , CVE-2024-49958 , CVE-2024-49959 , CVE-2024-49960 , CVE-2024-49961 , CVE-2024-49962 , CVE-2024-49963 , CVE-2024-49965 , CVE-2024-49966 , CVE-2024-49967 , CVE-2024-49969 , CVE-2024-49973 , CVE-2024-49975 , CVE-2024-49976 , CVE-2024-49977 , CVE-2024-49978 , CVE-2024-49980 , CVE-2024-49981 , CVE-2024-49982 , CVE-2024-49983 , CVE-2024-49985 , CVE-2024-49986 , CVE-2024-49987 , CVE-2024-49988 , CVE-2024-49989 , CVE-2024-49991 , CVE-2024-49992 , CVE-2024-49993 , CVE-2024-49995 , CVE-2024-49996 , CVE-2024-49997 , CVE-2024-50000 , CVE-2024-50001 , CVE-2024-50002 , CVE-2024-50003 , CVE-2024-50005 , CVE-2024-50006 , CVE-2024-50007 , CVE-2024-50008 , CVE-2024-50012 , CVE-2024-50013 , CVE-2024-50015 , CVE-2024-50016 , CVE-2024-50019 , CVE-2024-50022 , CVE-2024-50023 , CVE-2024-50024 , CVE-2024-50026 , CVE-2024-50029 , CVE-2024-50031 , CVE-2024-50032 , CVE-2024-50033 , CVE-2024-50035 , CVE-2024-50036 , CVE-2024-50038 , CVE-2024-50039 , CVE-2024-50040 , CVE-2024-50041 , CVE-2024-50044 , CVE-2024-50045 , CVE-2024-50046 , CVE-2024-50047 , CVE-2024-50048 , CVE-2024-50049 , CVE-2024-50055 , CVE-2024-50057 , CVE-2024-50058 , CVE-2024-50059 , CVE-2024-50060 , CVE-2024-50061 , CVE-2024-50062 , CVE-2024-50063 , CVE-2024-50064 , CVE-2024-50065 , CVE-2024-50066 Description Vanilla upstream kernel version 6.6.58 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links. References SRPMS 9/core
  • kernel-linus-6.6.58-2.mga9
Categorías: Actualizaciones de Seguridad

MGAA-2024-0222 - Updated mesa mesa packages fix bugs

Mageia Security - 2 Noviembre, 2024 - 17:56
Publication date: 02 Nov 2024
Type: bugfix
Affected Mageia releases : 9
Description This is the latest bugfix release for the mesa 24.2.x branch, that improves stability further. References SRPMS 9/core
  • mesa-24.2.5-1.mga9
9/tainted
  • mesa-24.2.5-1.mga9.tainted
Categorías: Actualizaciones de Seguridad

Auf Networkmanager wechseln-de

Wiki Mageia - 2 Noviembre, 2024 - 17:05

Reihenfolge der Anweisungen korrigiert (erst Pakete installieren bevor net_applet beenden)

← Older revision Revision as of 16:05, 2 November 2024 Line 14: Line 14:  Auf den {{prog-de|networkmanager}} zu wechseln ist sehr einfach: Auf den {{prog-de|networkmanager}} zu wechseln ist sehr einfach:    −Es wird empfohlen, den automatischen Start von {{prog-de|net_applet}} zu deaktivieren. Dies kann durch einen Rechtsklick und der anschließenden Auswahl von "Einstellungen" oder durch ausführen des folgenden Konsolenbefehls getan werden:+== Erforderliche Pakete installieren == −{{command-de|echo "AUTOSTART{{=}}FALSE" > ~/.net_applet}}  −Beenden Sie anschließend {{prog-de|net_applet}} über einen Rechtsklick oder anhand der Ausführung des Befehls {{command-de|killall net_applet|prompt=#}}      Installieren Sie den {{prog-de|networkmanager}} zusammen mit {{prog-de|networkmanager-applet}}, zum Beispiel mit dem Befehl: Installieren Sie den {{prog-de|networkmanager}} zusammen mit {{prog-de|networkmanager-applet}}, zum Beispiel mit dem Befehl: Line 26: Line 24:  Wenn Sie eine VPN-Verbindung über einen OpenVPN-Server konfigurieren möchten, muss zusätzlich das Paket {{prog-de|plasma-applet-nm-openvpn}} installiert werden: Wenn Sie eine VPN-Verbindung über einen OpenVPN-Server konfigurieren möchten, muss zusätzlich das Paket {{prog-de|plasma-applet-nm-openvpn}} installiert werden:  {{command-de|urpmi plasma-applet-nm-openvpn|prompt=#}} {{command-de|urpmi plasma-applet-nm-openvpn|prompt=#}}  +  +== Deaktivierung von net_applet und Aktivierung von networkmanager ==  +  +Es wird empfohlen, den automatischen Start von {{prog-de|net_applet}} zu deaktivieren. Dies kann durch einen Rechtsklick und der anschließenden Auswahl von "Einstellungen" oder durch ausführen des folgenden Konsolenbefehls getan werden:  +{{command-de|echo "AUTOSTART{{=}}FALSE" > ~/.net_applet}}  +Beenden Sie anschließend {{prog-de|net_applet}} über einen Rechtsklick oder anhand der Ausführung des Befehls {{command-de|killall net_applet|prompt=#}}     Abhängig von der Einrichtung des Systems, muss möglicherweise auch der zusätzliche Prozess {{prog-de|wpa_supplicant}} beendet werden, welcher eventuell im Hintergrund ausgeführt wird (da der {{prog-de|networkmanager}} einen eigenen {{prog-de|wpa_supplicant}} Prozess startet). Abhängig von der Einrichtung des Systems, muss möglicherweise auch der zusätzliche Prozess {{prog-de|wpa_supplicant}} beendet werden, welcher eventuell im Hintergrund ausgeführt wird (da der {{prog-de|networkmanager}} einen eigenen {{prog-de|wpa_supplicant}} Prozess startet). Sturmvogel
Categorías: Wiki de Mageia

Switching to networkmanager

Wiki Mageia - 2 Noviembre, 2024 - 17:02

fixed order of instructions (installing required packages before disabling net_applet

← Older revision Revision as of 16:02, 2 November 2024 Line 13: Line 13:  Switching to {{prog|networkmanager}} is quite easy: Switching to {{prog|networkmanager}} is quite easy:    −It is recommended to disable {{prog|net_applet}} autostart. This can be achieved via right-click -> Settings or by running+== Install required packages == −{{command|echo "AUTOSTART{{=}}FALSE" > ~/.net_applet}}  −   −Afterwards, exit {{prog|net_applet}} via right-click or by running  −{{command-de|killall net_applet|prompt=#}}      Install {{prog|networkmanager}} including {{prog|networkmanager-applet}}, for example via Install {{prog|networkmanager}} including {{prog|networkmanager-applet}}, for example via Line 27: Line 23:  and probably you need to install {{prog|plasma-applet-nm-openvpn}} if you want also to manage your VPN connection through OpenVPN : and probably you need to install {{prog|plasma-applet-nm-openvpn}} if you want also to manage your VPN connection through OpenVPN :  {{command|urpmi plasma-applet-nm-openvpn|prompt=#}} {{command|urpmi plasma-applet-nm-openvpn|prompt=#}}  +  +== Disable net_applet and enable networkmanger ==  +  +It is recommended to disable {{prog|net_applet}} autostart. This can be achieved via right-click -> Settings or by running  +{{command|echo "AUTOSTART{{=}}FALSE" > ~/.net_applet}}  +  +Afterwards, exit {{prog|net_applet}} via right-click or by running  +{{command-de|killall net_applet|prompt=#}}     Depending on your setup, you may need to kill an additional {{prog|wpa_supplicant}} process, which may still be running (as {{prog|networkmanager}} spawns its own {{prog|wpa_supplicant}} instance). Depending on your setup, you may need to kill an additional {{prog|wpa_supplicant}} process, which may still be running (as {{prog|networkmanager}} spawns its own {{prog|wpa_supplicant}} instance). Sturmvogel
Categorías: Wiki de Mageia

MADb

Wiki Mageia - 1 Noviembre, 2024 - 22:41

place a stub

New page

MADb is the Mageia Application Database, which can be found [https://madb.mageia.org here]

It was first written by stormi and agallou and later rewritten by papoteur.

'''THIS PAGE NEEDS TO BE WRITTEN''' Marja
Categorías: Wiki de Mageia

MGASA-2024-0343 - Updated buildah, podman, skopeo packages fix security vulnerabilities

Mageia Security - 1 Noviembre, 2024 - 18:26
Publication date: 01 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-1753 , CVE-2024-3727 , CVE-2023-45290 , CVE-2024-28180 , CVE-2024-28176 , CVE-2024-9341 , CVE-2024-6104 , CVE-2024-9407 Description A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time. (CVE-2024-1753) A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. (CVE-2024-3727) When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines. (CVE-2023-45290) Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). This vulnerability has been patched in versions 4.0.1, 3.0.3 and 2.6.3. (CVE-2024-28180) jose is JavaScript module for JSON Object Signing and Encryption, providing support for JSON Web Tokens (JWT), JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), JSON Web Key Set (JWKS), and more. A vulnerability has been identified in the JSON Web Encryption (JWE) decryption interfaces, specifically related to the support for decompressing plaintext after its decryption. Under certain conditions it is possible to have the user's environment consume unreasonable amount of CPU time or memory during JWE Decryption operations. This issue has been patched in versions 2.0.7 and 4.15.5. (CVE-2024-28176) A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system. (CVE-2024-9341) go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7. (CVE-2024-6104) A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories from the host into a container during the build process and, in some cases, modify the contents of those mounted files. Even if SELinux is used, this vulnerability can bypass its protection by allowing the source directory to be relabeled to give the container access to host files. (CVE-2024-9407) References SRPMS 9/core
  • buildah-1.37.4-1.mga9
  • podman-4.9.5-1.mga9
  • skopeo-1.16.1-1.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2024-0342 - Updated bind packages fix security vulnerabilities

Mageia Security - 1 Noviembre, 2024 - 18:26
Publication date: 01 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-0760 , CVE-2024-1737 , CVE-2024-1975 , CVE-2024-4076 Description A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. (CVE-2024-0760) Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. (CVE-2024-1737) If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests. (CVE-2024-1975) Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. (CVE-2024-4076) References SRPMS 9/core
  • bind-9.18.28-1.mga9
Categorías: Actualizaciones de Seguridad

MGAA-2024-0221 - Updated libmateweather packages fix bug

Mageia Security - 1 Noviembre, 2024 - 18:26
Publication date: 01 Nov 2024
Type: bugfix
Affected Mageia releases : 9
Description The weather applet fail to fetch weather parameters; this update fixes the issue. References SRPMS 9/core
  • libmateweather-1.26.3-1.mga9
Categorías: Actualizaciones de Seguridad

[dev] [DONE] Re: testers needed for bind security update in Mageia 9 - marja11@freedom.nl

Mageia Cauldron - 1 Noviembre, 2024 - 10:12

Adiós al viejo MADB y hola (casi) al nuevo

Blog de Mageia-ES - 31 Octubre, 2024 - 22:44

ACTUALIZACIÓN: Ahora es posible visitar el nuevo MADb en https://madb.mageialinux-online.org/ , tomará algo más de tiempo que https://madb.mageia.org/ nos lleve ahí.

Escrito por aguador.

En Mageia, MADb, (Mageia App Db/Base de datos de Aplicaciones Mageia), ha sido una herramienta esencial, en particular para el equipo QA (Control de Calidad). es el sitio al cual dirigirse por información de aplicaciones en nuestros repositorios, con enlaces a reportes de fallos, importancia de las actualizaciones, comparación de versiones y más. Se puede buscar por versiones de Mageia, arquitectura de CPU, el sitio ha sido clave no solo para desarrolladores y QA, también para muchos usuarios que han encontrado en el una alternativa a nuestro CCM o la línea de comandos para la búsqueda de paquetes para hacer “lo que sea”.

Pero, “Houston, tenemos un problema.” Al dirigirse a MADb (https://madb.mageia.org/) ¡será redirigido a la versión en inglés de este artículo!

MADb no fue afectado por el traslado de los servidores de Mageia que fue anunciado anteriormente en este blog (https://blog.mageia.org/es/2024/10/08/la-mayoria-de-nuestros-servidores-estaran-fuera-de-linea-debido-a-su-traslado/), ya que al haber sido desarrollado años atras por dos de nuestros contribuidores, se encontraba en un sitio diferente. Mageia se hizo cargo del servidor rentado hace unos meses. Desafortunadamente, el servidor falleció, y debido a que la tecnología tras la anterior versión de MADb es incompatible con las nuevas infraestructuras (en especial con versiones recientes de php), no pudo ser regresado tal cual estaba. Sin embargo, no todo está perdido.

En abril, papoteur había enviado su trabajo inicial de una nueva versión de MADb para su evaluación, y desde entonces ha recibido numerosas revisiones y mejoras. Pero aún permanece “oculta” pata la mayoría de los usuarios, hasta que todos, pero en particular papoteur, estén seguros de que no solamente es una interfaz sólida, sino que además es mejor que nunca.

Dado que MADb ha desempeñado tan vital papel en Control de Calidad, la versión en desarrollo está disponible solo para los miembros del equipo QA y otros revisores. Es justo que ellos tengan la primicia de su uso dado todo el trabajo que han realizado para asegurarse de que Mageia siga siendo una distro de calidad. El resto de nosotros solo necesitamos tener un poco más de paciencia.

Y no olvidemos que además del traslado exitoso de los servidores, los servicios que fueron afectados están funcionando nuevamente, esperen más buenas noticias sobre nuestros servidores próximamente. Además, la mayoría de los espejos de Mageia (hospedados en servidores externos que no están bajo nuestro control) están en buen estado.

Traducido por katnatek de la publicación original de marja

Categorías: Blogs Oficiales

[dev] testers needed for bind security update in Mageia 9 - marja11@freedom.nl

Mageia Cauldron - 31 Octubre, 2024 - 21:58

Out with the old MADb and (almost) in with the new

Blog de Mageia (English) - 31 Octubre, 2024 - 20:52

UPDATE: It is now possible to visit the new MADb here https://madb.mageialinux-online.org/. It will take a bit longer for https://madb.mageia.org/ to link to it.

Written by aguador.

In Mageia, MADb, the Mageia App Db, has been an essential tool, particularly for QA (Quality Assurance) testers. It is the goto site for information on applications in our repositories with links to bug reports, priorities for updates, version comparisons and more. Searchable by Mageia version and CPU architecture, the site has not only been key for developers and testers, but many users as well who have found it an alternative to searching with our MCC control center or the command line when looking for a package to do (“whatever”).

But, er, “Houston, we have a problem.” If I go to MADb (https://madb.mageia.org/) all I got was the error message below and now a redirect to this post!

MADb was not affected by the move of Mageia’s servers announced on this blog (https://blog.mageia.org/en/2024/10/08/most-of-our-servers-will-be-offline-because-they-are-relocating/) early this month because it was originally developed by two of our contributors many years ago, and running on a different server. Mageia.Org took over ownership of their rented server a few months ago. Unfortunately, that server passed away and since the technology behind the old MADb is not compatible with newer infrastructure (mostly newer php-version), we cannot bring it back as it was. However, not all was lost!

Back in April, papoteur had submitted his initial work on a new version of MADb for testing…and since then it has undergone numerous revisions and improvements. However, it still remains “under wraps” for most users (like the author of this post!) until everyone, above all papoteur, is satisfied that it is not only a solid db interface for users, but is even better than before.

Since MADb has played such a vital role in testing, the development version is available to the QA team and other testers. It is only fair that they get the first look and use given all the work they do to assure that Mageia remains a quality distro. The rest of us simply need a bit more patience.

Ah, and not to forget the servers, not only was the move successful, with the other services affected now back up and running smoothly, but we expect to announce more good news about our servers, soon. Apart from that, most Mageia mirrors are in a good shape (they are all hosted on external servers, which we do not control).

Categorías: Blogs Oficiales

MGAA-2024-0220 - Updated python-networkx packages makes python3-matplotlib optional requirement

Mageia Security - 31 Octubre, 2024 - 03:17
Publication date: 31 Oct 2024
Type: bugfix
Affected Mageia releases : 9
Description Installing python3-networkx pulls matplotlib, which requires python-qt5 and texlive, which increase the total size of packages to download. This update makes python3-matplotlib an optional requirement that can be avoided if you use --no-recommends with urpmi from command line.. References SRPMS 9/core
  • python-networkx-2.8.8-1.1.mga9
Categorías: Actualizaciones de Seguridad

MGAA-2024-0219 - Updated nextcloud-client to 3.13.4 branch

Mageia Security - 31 Octubre, 2024 - 03:17
Publication date: 31 Oct 2024
Type: bugfix
Affected Mageia releases : 9
Description Fix release kind detection by @ivaradi in #7034 docs: conf file option moveToTrash is no longer Linux specific by @backportbot in #7047 only add Encrypt context menu entry for top folder in settings dialog by @backportbot in #7063 add missing exception handling by @backportbot in #7081 do not ignore paths containing 2 "#" characters by @backportbot in #7087 Narrow down ReadWrite folder permission to owner by @backportbot in #7092 Fix building of client on macOS 10.13 and 10.14 by @backportbot in #7099 Bugfix/delete read only remnants folders by @backportbot in #7107 Bugfix/fix one rename issue by @backportbot in #7111 And more in the references. References SRPMS 9/core
  • nextcloud-client-3.13.4-1.mga9
Categorías: Actualizaciones de Seguridad

Brainstorming about how to get more active contributors

Wiki Mageia - 31 Octubre, 2024 - 02:42

Fix some typos

← Older revision Revision as of 01:42, 31 October 2024 Line 91: Line 91:     ===We need Perl (v5) gurus for some of our most important tools=== ===We need Perl (v5) gurus for some of our most important tools=== −Like for our tradional installer and MCC. They need better maintenance and new features.+Like for our traditional installer and MCC. They need better maintenance and new features.     ==About packaging== ==About packaging== −===Change to a state of the art, easy to use, powerfull and efficient build system===+===Change to a state of the art, easy to use, powerful and efficient build system===  Like https://openbuildservice.org/. Like https://openbuildservice.org/.     Everybody (who has a Mageia account) would be able to branch a package, apply fixes, update, test the build and submit the branched package via service request for review. The last few maintainers of Mageia can accept the service request, recommend changes or reject the request. This would ease the workload of the last few maintainers because they only would need to review the service request instead of doing all the packaging work alone. In this way, also packages without fixed maintainers would get updates and some attention. Everybody (who has a Mageia account) would be able to branch a package, apply fixes, update, test the build and submit the branched package via service request for review. The last few maintainers of Mageia can accept the service request, recommend changes or reject the request. This would ease the workload of the last few maintainers because they only would need to review the service request instead of doing all the packaging work alone. In this way, also packages without fixed maintainers would get updates and some attention.    −becoming like another distribution is a no go for me. It's only because we have specificities that we can attract people. Being like OPenSUSE or like Fedora, means contriubtors would always prefer the original distro rather than the copy. We should instead focus on our specificities and promote them.+Becoming like another distribution is a no go for me. It's only because we have specificities that we can attract people. Being like OpenSuSE or like Fedora, means contributors would always prefer the original distro rather than the copy. We should instead focus on our specificities and promote them.     ===Make it easier to become a packager=== ===Make it easier to become a packager=== Line 108: Line 108:     But that it would be nice if you manage to be there. But that it would be nice if you manage to be there. −In the forum someone reported that the idea of having to attend (every week and at a very unconvenient time), was enough to keep him from becoming a packager twice.+In the forum someone reported that the idea of having to attend (every week and at a very inconvenient time), was enough to keep him from becoming a packager twice.     ===Have small, self-organized packager groups=== ===Have small, self-organized packager groups=== −An idea for getting more packagers could be to let them self-organize in small groups of 2-3 people maximum, based on close, but complementary skills, to cooperate on building some package. One member of the group could help the other and viceversa.+An idea for getting more packagers could be to let them self-organize in small groups of 2-3 people maximum, based on close, but complementary skills, to cooperate on building some package. One member of the group could help the other and vice-versa.     ===Maintainership has growing costs=== ===Maintainership has growing costs=== −Beside personal life balance, developers or maintainers are actually not paid/rewarded so sometimes they could slowly fading or just slow down, as under certain circumstances the maintainership has growing costs (consider for instance following some upstream project having a release cycle of a month, if not weeks requiring continuosly updates), as might become almost a halftime or fulltime unpaid job.+Besides personal life balance, developers or maintainers are actually not paid/rewarded so sometimes they could slowly fading or just slow down, as under certain circumstances the maintainership has growing costs (consider for instance following some upstream project having a release cycle of a month, if not weeks requiring continuous updates), as might become almost a halftime or fulltime unpaid job.     ===The update to the new infra hardware should be pretty close.=== ===The update to the new infra hardware should be pretty close.=== Line 133: Line 133:  Current policies prefer moving libraries included in packages outside the upstream package. Current policies prefer moving libraries included in packages outside the upstream package.    −Although that makes it easier to adresse security concerns, it makes in harder to package an application, due to having to remove the internal library and link to the appropriate external version.  In some cases we have to be vigilent to ensure that the version required by the library remains available.+Although that makes it easier to adress security concerns, it makes in harder to package an application, due to having to remove the internal library and link to the appropriate external version.  In some cases we have to be vigilent to ensure that the version required by the library remains available.     So except in relatively simple cases, we could use the libraries included in the upstream package.  Of course that depends on the judgement of experienced packagers, and I'm not there yet. So except in relatively simple cases, we could use the libraries included in the upstream package.  Of course that depends on the judgement of experienced packagers, and I'm not there yet. Line 169: Line 169:     ===Make it easier to become a contributor=== ===Make it easier to become a contributor=== −In line with [https://wiki.mageia.org/en/Brainstorming_about_how_to_get_more_active_contributors#Make_it_easier_to_become_a_packager a previous item], but more general,is this idea:<br>+In line with [https://wiki.mageia.org/en/Brainstorming_about_how_to_get_more_active_contributors#Make_it_easier_to_become_a_packager a previous item], but more general, is this idea:<br>  A contributor will work on a project if he finds the tools he knows and if they are efficient. A contributor will work on a project if he finds the tools he knows and if they are efficient. −I think it might be useful to take stock of the onboarding process for new arrivals, and improve it. On the other hand, I'm not sure we take the time to step back and look at what's not working and improve it. I recognize that this requires teamwork.....+I think it might be useful to take stock of the on-boarding process for new arrivals, and improve it. On the other hand, I'm not sure we take the time to step back and look at what's not working and improve it. I recognize that this requires teamwork.....     ===Make more decisions=== ===Make more decisions=== Line 177: Line 177:  ===Work on the servers=== ===Work on the servers===  It is essential to improve speed and comfort for our developers. Perhaps we should reinforce the system team if it needs it, and call on new volunteers. It is essential to improve speed and comfort for our developers. Perhaps we should reinforce the system team if it needs it, and call on new volunteers. −===Use tools such as jira===+===Use tools such as Jira===  They might enable a simple kanban to know what to do and what to prioritize. Each team could have its own space to manage its actions. They might enable a simple kanban to know what to do and what to prioritize. Each team could have its own space to manage its actions.    Line 206: Line 206:  I just want to add my point of view: I just want to add my point of view:    −we left the field. We are not organized (meetings, elections) except great QA  +We left the field. We are not organized (meetings, elections) except great QA team which is rigorous. I'm impressed. We are not publishing our presences in all event (many thanks to DTux who subscribed us everywhere in France for years). We were rejected from FOSDEM once or twice, but we did not retry. From the french forum, I only know 2 peoples (thank you Guygoye and Spank) who regularly participate on local install-party regularly. −team which is rigoureous. I'm impressed.  −We are not publishing our presences in all event (many thanks to DTux who    −subscrib us everywhere in France for years).  −We were rejected from FOSDEM once or twice, but we did not retried.  −From the french forum, I only know 2 peoples (thank you Guygoye and Spank) who    −regularly participate on local install-party regularly.     −Don't questionnize too much, at work, with many IT developers, no one know  +Don't question too much, at work, with many IT developers, no one know Mageia. We are not on their radars; people don't know us. −Mageia. We are not on radars, people don't know us.      What I would do: What I would do: −- split atelier in two. Atelier keep producing artwork, and respond to any  +- split atelier in two. Atelier keep producing artwork, and respond to any design query. Having a dedicated Communication team, that subscribe M.Org to events, ask Atelier to produce XYZ goody and with their dedicated budget, buy and spread goodies. If I know someone from my city willing to spend one evening a week, I will ask a local to do an install party. −design query. Having a dedicated Communication team, that subscibe M.Org to    −events, ask Atelier to produce XYZ goody and with their dedicated budget, buy    −and spread goodies.  −If I know someone from my city willing to spend one evening a week, I will ask    −a local to do install party.      Good night everyone, work is calling me, Good night everyone, work is calling me, Line 234: Line 222:  New comment from Oct 28th: New comment from Oct 28th:    −Maybe you should really care about the ones that are really interested in contribute to Mageia. I literally got tired of trying to find a new mentor, few years ago Zezinho(who passed away) was mentoring me, and then I wrote in the list since I wanted to continue my path in becoming a packager. Got no response from users. So I guess delegate the labour of recluting people to this project might be a good start.+Maybe you should really care about the ones that are really interested in contributing to Mageia. I literally got tired of trying to find a new mentor, few years ago Zezinho(who passed away) was mentoring me, and then I wrote in the list since I wanted to continue my path in becoming a packager. Got no response from users. So I guess delegate the labour of recruiting people to this project might be a good start. Danf
Categorías: Wiki de Mageia

Re: [dev] Become a packager again - marja11@freedom.nl

Mageia Cauldron - 30 Octubre, 2024 - 17:05

Brainstorming about how to get more active contributors

Wiki Mageia - 30 Octubre, 2024 - 16:31

‎Also to be merged, possible extra replies in the forums: Adding new reply from that thread

← Older revision Revision as of 15:31, 30 October 2024 Line 231: Line 231:     Everything from before October 7 has been merged. Leaving this link here for easier checking. Everything from before October 7 has been merged. Leaving this link here for easier checking.  +  +New comment from Oct 28th:  +  +Maybe you should really care about the ones that are really interested in contribute to Mageia. I literally got tired of trying to find a new mentor, few years ago Zezinho(who passed away) was mentoring me, and then I wrote in the list since I wanted to continue my path in becoming a packager. Got no response from users. So I guess delegate the labour of recluting people to this project might be a good start. Marja
Categorías: Wiki de Mageia

Setup the graphical server

Wiki Mageia - 30 Octubre, 2024 - 10:20

‎Gamemode: hidden note to bug for update and info request

← Older revision Revision as of 09:20, 30 October 2024 (2 intermediate revisions by the same user not shown)Line 76: Line 76:  – The package amdgpupro-opencl-orca [https://advisories.mageia.org/MGAA-2023-0101.html/ (More information here!)] downloads AMD libraries for ie. Grenada XT, Carrizo and Polaris. – The package amdgpupro-opencl-orca [https://advisories.mageia.org/MGAA-2023-0101.html/ (More information here!)] downloads AMD libraries for ie. Grenada XT, Carrizo and Polaris.    −– The amdgpupro-opencl-pal package [https://advisories.mageia.org/MGAA-2023-0102.html (More information here!)] downloads AMD libraries for i.e. Banded Kestrel, Picasso and Vega.+– The package amdgpupro-opencl-pal [https://advisories.mageia.org/MGAA-2023-0102.html (More information here!)] downloads AMD libraries for i.e. Banded Kestrel, Picasso and Vega.     To install it you have two options: To install it you have two options: Line 221: Line 221:  '''For Intel''' '''For Intel'''    export VK_ICD_FILENAMES=/usr/share/vulkan/icd.d/intel_icd.x86_64.json   export VK_ICD_FILENAMES=/usr/share/vulkan/icd.d/intel_icd.x86_64.json  +  +<br>  +  +== Gamemode ==  +  +Installing the package gamemode, you can launch games and similar applications so they are executed under various speed optimisations.  +Sometimes it gives just a little boost (especially on Intel and Nvidia), sometimes huge (e.g. on Radeon 780M), and sometimes even negative (e.g. if  +you are running on batteries).  +  +Usage: {{cmd|gamemoderun <application>}}  +  +See: [https://github.com/FeralInteractive/gamemode Github]  +  +<!-- update and questions in https://bugs.mageia.org/show_bug.cgi?id=33696 -->     <br> <br> Morgano
Categorías: Wiki de Mageia

Mirror Contacts

Wiki Mageia - 29 Octubre, 2024 - 20:45

Add Distrib-Coffee

← Older revision Revision as of 19:45, 29 October 2024 Line 20: Line 20:  |- |-  | [https://mirror.accum.se/mirror/mageia/ https://mirror.accum.se/] || ACC || Umeå || ftp-adm || ftp-adm [AT] accum [DOT] se || 1st tier mirror | [https://mirror.accum.se/mirror/mageia/ https://mirror.accum.se/] || ACC || Umeå || ftp-adm || ftp-adm [AT] accum [DOT] se || 1st tier mirror  +|-  +| [https://distrib-coffee.ipsl.jussieu.fr/pub/linux/Mageia/ https://distrib-coffee.ipsl.jussieu.fr/] || Distrib Coffee || Paris || Olivier Thauvin || olivier [DOT] thauvin [AT] aerov [DOT] jussieu [DOT] fr || 1st tier mirror  |- |-  | [https://distro.ibiblio.org/mageia/ https://distro.ibiblio.org/] || Ibiblio ||  || Don Sizemore || dls [AT] ibiblio [DOT] org || 1st tier mirror | [https://distro.ibiblio.org/mageia/ https://distro.ibiblio.org/] || Ibiblio ||  || Don Sizemore || dls [AT] ibiblio [DOT] org || 1st tier mirror Marja
Categorías: Wiki de Mageia

Mirror Contacts

Wiki Mageia - 29 Octubre, 2024 - 20:45

Add Distrib-Coffee

← Older revision Revision as of 19:45, 29 October 2024 (7 intermediate revisions by the same user not shown)Line 17: Line 17:  {| class="wikitable" style="margin:auto" {| class="wikitable" style="margin:auto"  |+ Mirror sites |+ Mirror sites −! Mirror address !! Short name !! Contact !! E-mail address || Additional info+! Mirror address !! Short name !! Location !! Contact !! E-mail address || Additional info  |- |- −| https://distro.ibiblio.org/mageia/ || Ibiblio || Don Sizemore || dls [AT] ibiblio [DOT] org || 1st tier mirror+| [https://mirror.accum.se/mirror/mageia/ https://mirror.accum.se/] || ACC || Umeå || ftp-adm || ftp-adm [AT] accum [DOT] se || 1st tier mirror  |- |- −| https://mirror.math.princeton.edu/|| Princeton || Benjamin Rose || benrose [AT] math [DOT] princeton [DOT] edu || 1st tier mirror+| [https://distrib-coffee.ipsl.jussieu.fr/pub/linux/Mageia/ https://distrib-coffee.ipsl.jussieu.fr/] || Distrib Coffee || Paris || Olivier Thauvin || olivier [DOT] thauvin [AT] aerov [DOT] jussieu [DOT] fr || 1st tier mirror  |- |- −| https://ftp.snt.utwente.nl/ || Twente || ftpcom || ftpcom [AT] snt [DOT] utwente [DOT] nl ||+| [https://distro.ibiblio.org/mageia/ https://distro.ibiblio.org/] || Ibiblio ||  || Don Sizemore || dls [AT] ibiblio [DOT] org || 1st tier mirror  +|-  +| [http://ftp.nluug.nl/pub/os/Linux/distr/mageia/ https://ftp.nluug.nl/]|| NLUUG || Groningen || ftp-admin || ftp-admin [AT] nluug [DOT] nl ||  +|-  +| [https://mirror.math.princeton.edu/pub/mageia/ https://mirror.math.princeton.edu/]|| Princeton || Princeton || Benjamin Rose || benrose [AT] math [DOT] princeton [DOT] edu || 1st tier mirror  +|-  +| [https://ftp.snt.utwente.nl/pub/os/linux/mageia/ https://ftp.snt.utwente.nl/] || Twente || Twente ||ftpcom || ftpcom [AT] snt [DOT] utwente [DOT] nl ||  |} |} Marja
Categorías: Wiki de Mageia
Feed