SuSE, openSUSE Archive

The openSUSE team has decided to remove the Deepin Desktop Environment from openSUSE, after the project’s packager for openSUSE was found to have added workaround specifically to bypass various security requirements openSUSE has in place for RPM packages. Recently we noticed a policy violation in the packaging of the Deepin desktop environment in openSUSE. To get around security review requirements, our Deepin community packager implemented a workaround which bypasses the regular RPM packaging mechanisms to install restricted assets. As a result of this violation, and in the light of the difficult history we have with Deepin code reviews, we will be removing the Deepin Desktop packages from openSUSE distributions for the time being. ↫ Matthias Gerstner Matthias Gerstner goes into great detail to lay out every single time the openSUSE team found massive, glaring security issues in Deepin, and the complete lack of adequate responses from the Deepin upstream team over the past 8 or so years. It’s absolutely shocking to see how utterly lax the Deepin developers have been regarding the security of their desktop environment and its dependencies, and the openSUSE team could really only come to one harsh conclusion: Deepin has no security culture whatsoever, and it’s extremely likely that every corner of the Deepin code is riddled with very serious security issues. As such, despite the relatively large number of Deepin users on openSUSE, the team has decided to remove Deepin from openSUSE entirely, instead pointing users to a third-party repository if they desire to keep using Deepin. I think this is the best possible option in this situation, but it’s not exactly ideal. After reading this entire saga, however, I don’t think anyone who cares about security should be using Deepin. Of course, I doubt this will be the end of the story. What about all the other Linux distributions out there? The security issues in Deepin itself are most likely also present in Debian, Fedora, and other distributions who have the Deepin Desktop Environment in their repositories, but what about the workaround to bypass packaging security practices? Does that exist elsewhere as well? I think we’re about to find out.

The SUSE security team restricts the installation of system wide D-Bus services and Polkit policies in openSUSE distributions and derived SUSE products. Any package that ships these features needs to be reviewed by us first, before it can be added to production repositories. In November, openSUSE KDE packagers approached us with a long list of KDE components for an upcoming KDE6 major release. The packages needed adjusted D-Bus and Polkit whitelistings due to renamed interfaces or other breaking changes. Looking into this many components at once was a unique experience that also led to new insights, which will be discussed in this article. For readers that are new to D-Bus and/or Polkit, the following sections offer a summary to get a better idea about these systems. ↫ Matthias Gerstner You don’t get these kinds of in-depth looks at how a major new release like KDE 6 gets implemented in a popular distribution like openSUSE. What’s especially crazy is that this only really covers D-Bus and Polkit, and those are just two of the countless aspects of openSUSE affected by KDE 6.

Today SUSE, the company behind Rancher, NeuVector, and SUSE Linux Enterprise (SLE) and a global leader in enterprise open source solutions, announced it is forking publicly available Red Hat Enterprise Linux (RHEL) and will develop and maintain a RHEL-compatible distribution available to all without restrictions. Over the next few years, SUSE plans to invest more than $10 million into this project.   The spicy bit here is that the CEO of SUSE, Dirk-Peter van Leeuwen, worked at Red Hat for 18 years before joining SUSE. Excellent.

Open-source infrastructure and application delivery vendor Suse — the company behind one of the oldest Linux distributions — today announced that it is once again an independent company. The company today finalized its $2.5 billion acquisition by growth investor EQT from Micro Focus, which itself had acquired it back in 2014. I only remember using SUSE well over 15 years ago, and lost track of it after Ubuntu came onto the scene. Good news, though – I prefer open source companies to be independent. It seems to fit their nature better.

The openSUSE project released openSUSE 13.2 on Tuesday. The latest version of the big, green distro ships with updated desktop software, including KDE 4.14 and GNOME 3.14. The new release also features new artwork, a streamlined installer and faster YaST modules. Perhaps most importantly, openSUSE ships with the advanced Btrfs file system by default and will automatically take snapshots of the operating system whenever configuration changes are made. This allows administrators to roll back disruptive changes quickly and without using backups.Further details of the new openSUSE release can be found in the project's release announcement and in the release notes.

The openSUSE community has elected its new board of directors, who will take office in January 2013. Welcome to Raymond Wooninck and Robert Schweikert, who will have a lot of work ahead of them as the board helps navigate openSUSE through some choppy waters. openSUSE remains one of the most popular Linux distros around, but their delayed release of 12.2 in September has led the team to spend the last six months reworking their development process, and both new members are planning to prioritize improvement of openSUSE's communication strategies as well.

And another popular Linux distribution pushes a new release out the door. This time around, it's openSUSE, as they just released version 12.1. Other than the usual latest and greatest version of all the open source desktops and associated tools, there's a few other interesting tidbits in this release as well.

The first major effect of Attachmate buying Novell (and thus, SUSE) has come into, uh, effect. Novell, of course, is the birth place of Mono, the open source implementation of Microsoft's .NET framework. Reports indicate Mono developers have been fired as part of the streamlining process, but according to Attachmate's CEO, they weren't fired because of Mono.

When you install OpenSUSE, one of the first things you may wish to do is to install new applications or support for restricted media playback. To do this, you'll need to configure your repositories. This blog post explains how it's done.

openSUSE 11.4 is out and is not only the first major linux distro to ship LibreOffice, Firefox 4 and Scribus 1.4 in a release but also brings new cool stuff like Tumbleweed. The community delivers unique technologies around it like SUSE Studio and OBS. Read more about openSUSE 11.4 in the extensive Product Highlights and see screenshots here.

"In a message to the opensuse-project mailing list, openSUSE developer Greg Kroah-Hartman announced a new project openSUSE Tumbleweed. openSUSE Tumbleweed will provide a rolling release for those openSUSE users who wishes to have a rolling release. It will essentially be a repo containing the latest stable versions of the applications."

"Attachmate says that Novell's openSUSE project will continue to operate as it always has. With Attachmate shelling out $2.2bn acquire Novell, SUSE Linux customers and contributors to the openSUSE project are understandably nervous about what Attachmate is planning for the community development that underpins SUSE Linux."

Long time fans of openSUSE Linux and its commercial big brother, Novell's SUSE Linux Enterprise Desktop, will find a lot to like in this latest update.

The last time OpenSUSE users enjoyed a stable release was in November 2009 making today's release of OpenSUSE 11.3 a pretty big deal. This is the first release in the new eight month release schedule for OpenSUSE. Here are some screenshots of the OpenSUSE 11.3 install, KDE and GNOME desktops, and details about some of the popular new features in this release. Full Story