[Stable Security Update] 2020-04-04 - Firefox 74.0.1

Hello community,

here is another Stable/Security Update.

firefox-header

Mozilla Firefox 74 aims for more security. The headline change in Firefox 74 is the use of DNS over HTTPS by default for users in the USA.

  • A privacy-minded feature, DNS over HTTPS encrypts all DNS requests made in Firefox 74 (requests which are normally done ‘in the open’). This helps prevent people snooping on internet traffic from discerning detail about the requests being made.
  • Firefox 74 defaults to Cloudflare as the DNS resolver but users are able switch to NextDNS through the Preferences > Network Settings dialog.
  • On the subject of privacy, Firefox 74 also (apparently) makes a dedicated Facebook Container available. Like other ‘containers’ the browser offers fwiw — this aim is to insulate and isolate web activity from pervasive online trackers, in this instance Facebook.
  • Finally, be aware that Firefox 74 disables TLS 1.0 and TLS 1.1. Sites which do not support TLS 1.2 will error out when loaded in the browser.
  • Fixes some security issues

For more details on this release and its particulars you can pore over the Firefox 74.0 release notes, and dive in to the developer change-log on the Moz Dev blog for additional insight.

If you like following latest Plasma development you may also like to check out our current version of manjaro-kde-dev, which we build on a regular basis against kde-git master packages. Also check out our current 19.0.2 ISOs and give us the needed feedback. You might also want to give our latest spin with NX-Desktop a try ...

As always we appreciate your input and feedback for the updates.


Upstream notice

Arch updated their default compression to zstd. We adopted to the same standard. More and more packages will have the zst extension from now on. If you get for what ever reason an error with ZSTD not supported as archive format you can do this:

wget https://pkgbuild.com/~eschwartz/repo/x86_64-extracted/pacman-static
chmod +x pacman-static
sudo ./pacman-static -Syyu

Our current supported kernels

  • linux316 3.16.82
  • linux44 4.4.217
  • linux49 4.9.217
  • linux414 4.14.174
  • linux419 4.19.113
  • linux54 5.4.28
  • linux55 5.5.13
  • linux56 5.6-rc7
  • linux419-rt 4.19.106_rt45
  • linux54-rt 5.4.26_rt17

Package Changes (Mon Mar 30 08:09:04 CEST 2020)

  • stable extra x86_64: 97 new and 0 removed package(s)

A detailed list of all package changes of our last update can be reviewed here.

  • No issue, everything went smoothly
  • Yes there was an issue. I was able to resolve it myself.(Please post your solution)
  • Yes i am currently experiencing an issue due to the update. (Please post about it)

0 voters

Check if your mirror has already synced:

8 Likes

Known issues and solutions

This is a wiki post; please edit as necessary.
Please, consider subscribing to the Stable Updates Announcements RSS feed

Thinkpad T460 (Intel Wireless 8260) bluetooth problems
If you have a Thinkpad T460 with kernel 5.5, Intel Wireless 8260 and experience trouble with bluetooth, just reboot several times.


Older issues

Reminder for Gnome users: How to upgrade within TTY?

In order to upgrade from Gnome 3.34 to Gnome 3.36, Manjaro devs strongly recommend to upgrade within TTY and not within a graphical session. Read the announcement above for the instructions on how to do the upgrade as recommended. For a more comprehensive guide on this subject, please read the following article in the FAQ: How do I do a system upgrade "within a tty"?.

error: failed to commit transaction (conflicting files)

If you get

error: failed to commit transaction (conflicting files)
hplip: /usr/share/hplip/base/__pycache__/__init__.cpython-38.pyc exists in filesystem

Make sure your mirrors are synced and that you have manjaro-system-20200324-4 or newer installed:

$ sudo pacman -S manjaro-system

Sound issues

If you're having sound issues (e.g. on Firefox, hardware keys, panel slider), try disabling User Themes, restarting and then enabling again.


firewalld>=0.8.1-2 update requires manual intervention

(From arch linux post)
The firewalld package prior to version 0.8.1-2 was missing the compiled python modules. This has been fixed in 0.8.1-2, so the upgrade will need to overwrite the untracked pyc files created. If you get errors like these

firewalld: /usr/lib/python3.8/site-packages/firewall/__pycache__/__init__.cpython-38.pyc exists in filesystem
firewalld: /usr/lib/python3.8/site-packages/firewall/__pycache__/client.cpython-38.pyc exists in filesystem
firewalld: /usr/lib/python3.8/site-packages/firewall/__pycache__/dbus_utils.cpython-38.pyc exists in filesystem
...many more...

when updating, use

pacman -Syu --overwrite /usr/lib/python3.8/site-packages/firewall/\*

to perform the upgrade.

(2020-02-14) Can't boot into a graphical session anymore

[Stable Update] 2020-02-10 - Kernels, KDE Apps, Gnome Settings

We deeply apologize for the inconvenience this error may have caused.

Even if your graphical session is broken, you should still be able to access a TTY session with CTRL+ALT+F3 (and other similar key combinations), where you can then run sudo pacman -Syyu.

several flatpaks have issues to get a secure connection

This is a known bug and related to p11-kit update to 0.23.19. With 0.23.20-1 that issue is fixed. Please update to that version as soon our mirrors synced.

wpa_supplicant update broke Wifi for Broadcom

By enabling new features in revision 4 of v2.9 by Arch a connection with a Broadcom Wifi card was not possible anymore. This is a known bug. Either try to downgrade to revision 3 or upgrade to revision 5.

sudo pacman -U https://archive.archlinux.org/packages/w/wpa_supplicant/wpa_supplicant-2%3A2.9-3-x86_64.pkg.tar.xz
sudo pacman -U https://archive.archlinux.org/packages/w/wpa_supplicant/wpa_supplicant-2%3A2.9-5-x86_64.pkg.tar.zst

(From Arch Linux) rsync compatibility

(2020-01-15, by Christian Hesse)
(This is relevant on Manjaro, as Manjaro imports rsync package directly from Arch Linux.)

Our rsync package was shipped with bundled zlib to provide compatibility with the old-style --compress option up to version 3.1.0. Version 3.1.1 was released on 2014-06-22 and is shipped by all major distributions now.

So we decided to finally drop the bundled library and ship a package with system zlib . This also fixes security issues, actual ones and in future. Go and blame those running old versions if you encounter errors with rsync 3.1.3-3 .

Source: https://www.archlinux.org/news/rsync-compatibility/

Weird font glitches (see screenshots below).

If you have weird glitches like below...

Screenshots

Screenshot%20from%202020-01-16%2023-59-49
string3
strings%20mismatch
post%20transaction%20hooks

... have you tried turning it off and on again?

More seriously, so far, people that reported to have such issue noticed that the problem goes away at next boot.


Installing xorgproto (2019.2-2) breaks dependency of a package

If you run into an issue because of xorgproto please DON'T follow the Arch suggestion as Manjaro uses the xorgproto-transfer package to make this automatic. If you have an issue, please report and wait for an update from us!

Orphaned khotkeys

There is some discussion of whether this is a true orphan, or an upstream packaging error, or merely a difference in philosophy about dependencies:

$ pacman -Qdt
khotkeys 5.18.3-1

Regardless, do not blindly remove this orphan.

1 Like

They delayed that.

Editor’s Update: March 23, 10:43am PDT – We have re-enabled TLS 1.0 and 1.1 in Firefox 74 and 75 Beta to better enable access to sites sharing critical and important information during this time.

2 Likes

After reboot, Desktop was black (like with the last one or two updates) so I had to change to single color and back to image to get my background image back.
Yakuake now only takes 40% of its old width.
Pamac does not start anymore: pamac: error while loading shared libraries: /usr/lib/libpamac.so: file too short

That sounds weird. Try reinstalling pamac-common

$ sudo pacman -Syu pamac-common
1 Like

That did it, thank you!

Regarding Yakuake the width is still at 80% which seems to be the default, but the window is significantly smaller than before - perhaps there is something wrong with HiDpi on KDE.

@philm, could you please push the the new teamspeak3 to stable? According to the changelog it fixes daily crashes I've been seeing since almost two weeks. Having to wait for the next regular stable update batch would be annoying.

You can always download the package from https://www.archlinux.org/packages/community/x86_64/teamspeak3/download/

Then run sudo pacman -U /home/daniel/Desktop/teamspeak3-3.5.2-1-x86_64.pkg.tar.zst

Don't do this always since it may cause issues, but in this specific instance it's fine

Does anyone know how much this affect of Firefox DNS requests from Europe? As far as I know Cloudflare is located in the USA.

... DNS over HTTPS ... Cloudflare ... is located in the USA ...

Thats right.
In my Fritz!Box I use: DNS over TLS
Server: fdns2.dismail.de and fdns2.dismail.de
(B.t.w.: all Krauts use Fritz!Box)

Rumors and fairy tales.

2 Likes

Hi!! I was just notified of the update of this package.

[2020-04-05T16:13:34+0200] [ALPM] upgraded gnome-shell-extension-arc-menu (1:44+Stable-2 -> 1:45+Stable-2)

It is right?

Thanks for Manjaro!

Stable-Staging on Wednesday ?

B.t.w.: all Krauts use Fritz!Box

Fake Olds, thanks dog. :grinning:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Forum kindly sponsored by