An update of Calamares to release 3.2.11, which fixes CVE-2019-13178, a race condition when LUKS full disk encryption is enabled, between the time when the LUKS encryption keyfile is created and when secure permissions are set. (The Calamares 3.2.11 release also fixes the related CVE-2019-13179, but that security issue does not affect Fedora.)
In addition, since the previously packaged version was Calamares 3.2.8, this update includes all changes from Calamares 3.2.9:
- branding now supports
os-release variables in the strings section, which allows re-using (at runtime) information set in
/etc/os-release. This requires KDE Frameworks 5.58. upstream issue #1150 (This feature is now used in the version of
default branding packaged here. However, the packages still default to the
auto branding, which recovers more information from
/etc/os-release at RPM installation time.)
- branding allows the use of FreeDesktop.org icon names for the productLogo and productIcon keys. If a file is named there, then the file is used, and otherwise the icon is looked up in the current theme. upstream issue #1160
- welcome allows a custom image path or icon name to be set for the language-selection drop-down (instead of the international standard one).
- bug fixes.
and from Calamares 3.2.10:
- A crash when no finished page (or rather, no page at all) is configured after the last exec section of the sequence has been solved. The finished page can be left out (but then you don’t get the restart-now functionality). upstream issue #1168
- The slideshow which is run during installation now has API versions. API version 1 (the default) runs as before, where the slideshow is loaded when the installation starts. API version 2 loads the slideshow on Calamares startup, thus improving responsiveness. Documentation in
src/branding/README.md. upstream issue #1152
- The example slideshow now uses API version 2. (The packaged one currently still uses API version 1 though.)
- partition Now has its own setting for requiredStorage, duplicating the same setting in the welcome module. This is useful for configurations where no welcome module is used, but a minimum size must be checked anyway. upstream issue #1169
Please login to add feedback.