NOTE: pacman v7 is currently in [libre-testing]; but it will be promoted to libre soon
from arch:
With the release of [version 7.0.0] pacman has added support for
downloading packages as a separate user with dropped privileges.
For users with local repos however this might imply that the download
user does not have access to the files in question, which can be fixed
by assigning the files and folder to the alpm group and ensuring the
executable bit (+x) is set on the folders in question.
$ chown :alpm -R /path/to/local/repo
Remember to [merge the .pacnew] files to apply the new default.
Pacman also introduced [a change] to improve checksum stability for
git repos that utilize .gitattributes files. This might require a
one-time checksum change for PKGBUILDs that use git sources.
from arch:
After upgrading to openssh-9.8p1, the existing SSH daemon will be unable to accept new connections.
When upgrading remote hosts, please make sure to restart the sshd service
using systemctl try-restart sshd right after upgrading.
We are evaluating the possibility to automatically apply a restart of the sshd service on upgrade in a future release of the openssh-9.8p1 package.
NOTICE FOR EVERYONE:
You may see the following error message from pacman:
error: config file /etc/pacman.d/*.conf could not be read: No such file or directory
If you do, that is because you have modified your pacman.conf file in the past; but you forgot to reconcile the latest .pacnew replacement. Remember that it is upon each user to notice any new .pacnew replacement files for any configuration files that you have modified, each time pacman does an upgrade, and to merge the changes into your existing config files. Pacman will not do that automatically, to avoid clobbering ...
From: "Arch Linux: Recent news updates: David Runge" arch-announce@lists.archlinux.org
TL;DR: Upgrade your systems and container images now!
As many of you may have already read 1, the upstream release tarballs for xz in version 5.6.0 and 5.6.1 contain malicious code which adds a backdoor.
This vulnerability is tracked in the Arch Linux security tracker 2.
The xz packages prior to version 5.6.1-2 (specifically 5.6.0-1 and 5.6.1-1) contain this backdoor.
We strongly advise against using affected release artifacts and instead downloading what is currently available as latest version!
Upgrading the ...
When upgrading from budgie-desktop 10.7.2-5 to 10.7.2-6, the package mutter43 must be replaced with magpie-wm, which currently depends on mutter. As mutter43 conflicts with mutter, manual intervention is required to complete the upgrade.
First remove mutter43, then immediately perform the upgrade. Do not relog or
reboot between these steps.
pacman -Rdd mutter43
pacman -Syu
