The only underlying change from the last version - besides all up-to-date packaging - is that I've separated the bluestar installer functionality off into bslx-specifically named modules. This way, I can maintain them without changing the calamares code base.
Tails 6.5, released on July 15, 2024, includes several enhancements and fixes. Installation with Tails Cloner is now 30 seconds faster, and the Tor Browser has been updated to version 13.5.1 with improved letterboxing. The Debian base is updated to version 12.6. Issues addressed include the first-use preparation problem affecting legacy BIOS boot and Persistent Storage creation, language settings in the Tor Browser when initiated from Tor Connection, and connectivity issues with mobile broadband, LTE, and PPPoE DSL. Known issues include the inability to connect using default Tor bridges, with recommendations to connect without bridges or configure a custom bridge if needed. Automatic upgrades are available from Tails 6.0 or later, with manual upgrade options for any issues.
Qubes 4.2.2 includes a fix for #8332: File-copy qrexec service is overly restrictive. As explained in the issue comments, we introduced a change in Qubes 4.2.0 that caused inter-qube file-copy/move actions to reject filenames containing, e.g., non-Latin characters and certain symbols. The rationale for this change was to mitigate the security risks associated with unusual unicode characters and invalid encoding in filenames, which some software might handle in an unsafe manner and which might cause confusion for users. Such a change represents a trade-off between security and usability. After the change went live, we received several user reports indicating more severe usability problems than we had anticipated. Moreover, these problems were prompting users to resort to dangerous workarounds (such as packing files into an archive format prior to copying) that carry far more risk than the original risk posed by the unrestricted filenames. In addition, we realized that this was a backward-incompatible change that should not have been introduced in a minor release in the first place. Therefore, we have decided, for the time being, to restore the original (pre-4.2) behavior by introducing a new allow-all-names argument for the qubes.Filecopy service. By default, qvm-copy and similar tools will use this less restrictive service (qubes.Filecopy +allow-all-names) whenever they detect any files that would be have been blocked by the more restrictive service (qubes.Filecopy +). If no such files are detected, they will use the more restrictive service.
This release adds the various installation options - basic, desktop, deskpro, developer - as it did before. It now also performs software updates on the installation. Going forward, you may not see any graphical differences for a time while I restore much of the underlying logic from what I had added to the older installer. The next graphical change you'll see will most likely be the restoration of the plasma look-and-feel selection screen, and possibly a change to how jrunner works - I see no reason why there shouldn't be an option for auto-close on a successful job so y'all can just let the install do its thing and be done when you get back to it. At the moment, the jrunner screen requires the user to close the window on success.
The 6.1 release includes several updates and fixes, including a new version of the yff audio, video, and image converter, and updates to the Chromium browser and Linux kernel. Key changes are the introduction of yff on July 13, 2024, the compilation of Linux kernel 6.6.39 on the same day, removal of the gtk4 dependency on July 11, 2024, recompiled Claws Mail with SASL support on July 10, 2024, and the compilation of Chromium 126.0.6478.126 in OE on July 9, 2024.
The latest release includes significant updates and improvements. Kicksecure has been updated, and the default connection is now to the public Tor network, eliminating the Anon Connection Wizard popup at first boot. The Whonix-Firewall has been ported from iptables to nftables with enhanced code quality. Progress has been made towards IPv6 support, the Whonix-Host Operating System Live ISO, and Whonix-Host Installer, as well as Bisq 2 support. Both Tor and the Tor Browser have been updated. In Qubes-Whonix, there has been an improved transition from pulseaudio to pipewire for audio support, and a switch to using Qubes UpdatesProxy tinyproxy with socks instead of transparent torification. For KVM, Whonix-Gateway RAM has been increased to 1280 MB and Whonix-Workstation RAM to 2048 MB, aligning it with VirtualBox for easier maintenance. KVM image building and signing is now handled by Patrick.
The CachyOS July 2024 release introduces several key updates and enhancements. A new Zen4 optimized repository is now available for Zen4 and Zen5 CPUs, providing improved performance with additional instruction sets. The CachyOS Hardware Detection tool (chwd) now supports AMD ROCm GPUs and configures Nvidia hardware more effectively. New debug packages for the linux-cachyos and sched-ext kernels, AMD CPB Boost feature support, and improved power profiles are also included. A GUI for the Kernel Manager has been added, and the Cutefish desktop environment has been removed due to lack of maintenance. New mirrors in China and Austria have been added to improve accessibility. The update also includes various bug fixes and package updates, and a new ISO is available for download. Existing users are advised to update their systems using 'sudo pacman -Syu'.
Snal Linux 1.33, an update based on Arch Linux, was released on July 13, 2024. This version supports the x86_64 architecture and includes Linux kernel 6.9.9 and Firefox 128.0. Users can download it from SourceForge. Key package updates include alsa-lib 1.2.12-1, gcc 14.1.1, and docker 1:27.0.3-1. The SHA256 checksum for the download is 2aa4f3eb4481603b6ff74079cf96964f0e700c56b1a9c2554dd3743d94fd02d3.
New features: Connections management page: adds interface for managing active network connections tracked by conntrack. MultiWAN add sticky option in rules: introduces sticky option in MultiWAN rules for connection persistence. Great enhancements on LDAP remote database authentication: improves authentication flexibility for Active Directories and other LDAP configurations. DPI signatures for community subscriptions: provides updated DPI signatures for both community and enterprise subscriptions. Expose admin users: adds functionality to convert local users to admin and revoke admin access. Repository access add a subscription authentication proxy: enables access to subscription repository channel after system_key verification.
Dragonfish benefits from OpenZFS, Linux, SAMBA improvements, and some TrueNAS optimizations. The performance changes may not be obvious for smaller systems, but larger systems need software performance that scales with core and drive count. Dragonfish has significant improvements in IOPS (virtualization and databases), bandwidth (video and backup), and File Metadata (directory listings). 50% more IOPS: IOPS (Input/Outputs Per Second) is a classic storage metric for transactional workloads like virtual desktops and databases. On the same platform and pool configuration (a TrueNAS M50 with 20 SSDs in 4x 5wZ1) we see 50% higher IOPS with Dragonfish when compared to TrueNAS 13.0.