[Testing Update] 2024-02-05 - Kernels, Toolchain, GNOME, Deepin, Firefox, Thunderbird

Announcements Testing Updates
2

Known issues and solutions

This is a wiki post; please edit as necessary.
Please, consider subscribing to the Testing Updates Announcements RSS feed

Please RTFT (Read This Fine Thread) first before reporting the same issues over and over again!

Note: Do not forget to review your .pacnew files:

:arrow_right: 2025-02-05

2025-01-15

Critical rsync security release 3.4.0

2025-01-16 - Robin Candau

We’d like to raise awareness about the rsync security release version 3.4.0-1 as described in our advisory ASA-202501-1.

An attacker only requires anonymous read access to a vulnerable rsync server, such as a public mirror, to execute arbitrary code on the machine the server is running on. Additionally, attackers can take control of an affected server and read/write arbitrary files of any connected client. Sensitive data can be extracted, such as OpenPGP and SSH keys, and malicious code can be executed by overwriting files such as ~/.bashrc or ~/.popt.

We highly advise anyone who runs an rsync daemon or client prior to version 3.4.0-1 to upgrade and reboot their systems immediately. As Arch Linux mirrors are mostly synchronized using rsync, we highly advise any mirror administrator to act immediately, even though the hosted package files themselves are cryptographically signed.

All infrastructure servers and mirrors maintained by Arch Linux have already been updated.

Arch Linux - News: Critical rsync security release 3.4.0

2024-12-11

Kernel 6.11 and 4.19 has been marked End Of Life (EOL) on kernel.org

2024-11-27

Partial Cinnamon 6.4 updates

Linux Mint is currently preparing Cinnamon 6.4. The Arch Maintainers went ahead and released some Cinnamon packages which got already tagged 6.4. However, it seems this will break your installation of your Cinnamon desktop. We will monitor the situation and might downgrade to 6.2 packages if needed, before we do a stable branch update. Your feedback regarding Cinnamon overall is highly appreciated.

Known issues so far:

What you can do:

  • Ignore all cinnamon updates when updating.
  • You can try the newly added cinnamon-git package to see if it improves the situation.
  • Update: The issues are resolved with cinnamon >= 6.4.0-1. If you manually installed cinnamon-git, you may now install cinnamon again.

2024-11-13

v86d has been dropped from Manjaro repositories and is no longer required for mhwd

Re: Unstable Update MHWD disussion

If pamac GUI options Enable AUR support and Check for updates are enabled, users should check the package list before agreeing to update and un-check AUR packages

2024-11-01

KVM default behavior change on module loading in kernel 6.12

In kernel 6.12, KVM initializes virtualization on module loading by default. This prevents VirtualBox VMs from starting. In order to avoid this, either add kvm.enable_virt_at_load=0 parameter into kernel command line or unload the corresponding kvm_XXX module. Initial support for 6.12 kernel series was added with Virtualbox 7.1.4.

More info about that in the Linux mailing list

Previous testing threads: