4.13.2
Screen-scraping library
Software Releases (old posts, page 62)
4.13.1
Screen-scraping library
Glibc 2.41 corrupting Discord installation
We plan to move glibc and its friends to stable later today, Feb 3. After installing the update, the Discord client will show a red warning that the installation is corrupt.
This issue has been fixed in the Discord canary build. If you rely on audio connectivity, please use the canary build, login via browser or the flatpak version until the fix hits the stable Discord release.
There have been no reports that (written) chat connectivity is affected.
UPDATE: The issue has been fixed in Discord 0.0.84-1.
Seeking Support After Equinix Metal Sunsets
Seeking Support After Equinix Metal Sunsets
4.13.0
Screen-scraping library
Alpine Linux joins Open Collective
Alpine Linux joins Open Collective
6.1.1
iCalendar parser/generator
2.8.1 released
ERYpTION (1):
[82a2b196] Updated Danish translation using Weblate Fordas (1):
[30330d78] Updated Spanish translation using Weblate Jonas Kalderstam (1):
[7824c6f1] Changed memory caching of images to be max 50MB instead of 25% of RAM Matth78 (1):
[a0223640] Updated French translation using Weblate NostrDev (2):
[bb16f879] Nostr Mention in Readme [05dd5b0e] removing example VfBFan (1):
[e2fd0870] Updated German translation using Weblate Yuki Kishimoto (1):
[d02e9d2a] Bump org.rust-nostr:nostr-sdk to 0.38.3 eevan78 (1):
The Debian Project mourns the loss of Steve Langasek (vorlon)
The Debian Project is sad to announce the loss of Steve Langasek
(vorlon), who passed away on Wednesday, January 1 2025. He was 45.
Critical rsync security release 3.4.0
We'd like to raise awareness about the rsync security release version 3.4.0-1 as described in our advisory ASA-202501-1.
An attacker only requires anonymous read access to a vulnerable rsync server, such as a public mirror, to execute arbitrary code on the machine the server is running on.
Additionally, attackers can take control of an affected server and read/write arbitrary files of any connected client.
Sensitive data can be extracted, such as OpenPGP and SSH keys, and malicious code can be executed by overwriting files such as ~/.bashrc or ~/.popt.
We highly advise anyone who runs an rsync daemon or client prior to version 3.4.0-1 to upgrade and reboot their systems immediately.
As Arch Linux mirrors are mostly synchronized using rsync, we highly advise any mirror administrator to act immediately, even though the hosted package files themselves are cryptographically signed.
All infrastructure servers and mirrors maintained by Arch Linux have already been updated.