+ 

+ === GCC 9

+ 

+ The GNU compiler suite has been update to version 9.0.1. See the

+ http://gcc.gnu.org/gcc-9/changes.html[upstream documentation] for user

+ visible changes. Packages in Fedora have been rebuilt with the new

+ version of the compiler.

+ 

+ === Boost 1.69

+ 

+ Boost has been upgraded to version 1.69. Apart from a number of bug

+ fixes and improvements to existing libraries, compared to Fedora 29,

+ this brings:

+ 

+ * A new library: https://www.boost.org/libs/yap/[Boost.YAP].

+ * A new header-only component: https://www.boost.org/libs/safe_numerics/[Boost.Safe Numerics].

+ * The removal of the Boost.Signals library, replaced by the header-only https://www.boost.org/doc/libs/1_69_0/libs/signals2/[Boost.Signals2] component.

+ 

+ == Haskell GHC 8.4 and Stackage LTS 12

+ 

+ The Fedora Haskell packages have been updated to ghc-8.4.4 and

+ Stackage LTS 12 versions, with focus on performance, stability,

+ consolidation, and numerous cleanups throughout the compiler:

+ 

+ - Further refinement of TypeInType, including significant improvements in error messages.

+ - Improvements in code generation resulting in noticable performance improvements in some types of programs.

+ - Core library improvements, including phase 2 of the Semigroup/Monoid proposal.

+ - Many improvements to instance deriving.

+ - The resolution of nearly 300 other tickets for the 8.4.1 major release, and further bugfixes in the subsequent stable minor version releases.

+ == Build flags for user extension modules are reverted to upstream defaults

+ 

+ When extension modules are built, the `distutils` module provides a

+ set of compilation and link flags to ensure that modules are compiled

+ in a way which is compatible with Python executable itself. When

+ building modules in Fedora, the same set of flags was used for modules

+ which are part of the distribution (i.e. part of an RPM package) and

+ for modules compiled by users *using* Fedora. Those flags included

+ custom GCC plugins and additional linker options to "harden" the code

+ and add `annobin` annotations, which is appropriate for the

+ distribution, but unexpected and unnecessary for user code. A distinct

+ and smaller set of flags is now provided for extension modules

+ compiled by users.

+ 

+ 

+ == Nautilus extensions now use Python 3

+ 

+ As part of the general move to Python 3, extensions for the file

+ browser and graphical shell Nautilus are now executed using Python 3,

+ and extensions compatible only with Python 2 are no longer supported.

+ Extensions packaged in the distribution have been updated for Python 3

+ compatiblity. Users who have installed their own extensions should

+ check that they are compatible with Python 3 or remove them.

+ 

+ == Updated software

+ 

+ Please note that this only lists a small subset of all upgraded

+ packages where there's a significant change.

+ 

+ === Vagrant 2.2

+ 

+ Vagrant 2.2 is new major release, that includes many features,

+ improvements, and and bug fixes. Using qemu:///session instead of

+ qemu:///system allows Vagrant to run unprivileged.

+ 

+ === Bash 5.0

+ 

+ The default shell `bash` has been updated to version 5.0. This release

+ fixes several outstanding bugs in bash 4.4 and introduces several new

+ features. The most significant bug fixes are an overhaul of how

+ nameref variables resolve and a number of potential out-of-bounds

+ memory errors discovered via fuzzing.

+ 

+ === Fish 3.0

+ 

+ This update for one of the alternative shells contains many new

+ features and some backwards incompatible changes. See

+ https://fedoraproject.org/wiki/Changes/Fish_3.0#Upgrade.2Fcompatibility_impact[the documentation]

+ for details.

+ 

+ == Deprecations and removals

+ 

+ === Deprecation of BerkleyDB support in OpenLDAP server

+ 

+ In the **next** Fedora version (31) package `openldap-servers` will no

+ longer ship with support for `back-bdb` or `back-hdb`. Users should

+ migrate data to use `back-mdb` instead, which is fully supported,

+ developed, and encouraged as the replacement by OpenLDAP upstream.

+ 

+ === Deprecation of old Apache Java packages

+ 

+ Apache Jakarta ORO,

+ Apache Jakarta Commons Regexp,

+ Apache Jakarta Commons HttpClient,

+ and Apache Avalon packages

+ are intended to be eventually removed from Fedora,

+ but are kept in Fedora for some additional, indeterminate time for

+ various reasons including maintaining backwards compatibility. They are

+ now considered deprecated and no new code should use them.

+ 

+ === Deprecation of Sonatype OSS Parent

+ 

+ This package is obsolete software.

+ `sonatype-oss-parent` packages are intended to be eventually

+ removed from Fedora, but are kept in Fedora for some additional,

+ indeterminate time due to relatively large number of packages still

+ depending on Sonatype OSS Parent. They are now considered deprecated

+ and no new code should use them.

+ 

+ === Deprecation of Apache Maven 2.x

+ 

+ The last upstream release of Apache Maven 2.x was in November 2009,

+ more than 9 years ago. Upstream declares that this version of Maven

+ has reached its end of life, is no longer supported and that security

+ vulnerability reports will not be addressed. It is still packaged

+ in Fedora, but is deprecated and will be removed in one of the next

+ releases.

+ 

+ === Removal of unsafe functions from `libcrypt`

+ 

+ The POSIX standard mandates the presence of certain encryption and

+ hashing functions (`encrypt`, `encrypt_r`, `setkey`, `setkey_r`,

+ `fcrypt`) that rely on the DES encryption algorithm which today is

+ widely considered insecure and insufficient for applications which

+ require sane data encryption. Library headers have been changed so

+ that it is not possible to compile code using those functions.

+ 

+ The version of the `libxcrypt` package included with Fedora 30 now

+ ships the `libcrypt.so.2` library that omits those legacy functions.

+ 

+ For backwards compatibility, the `libxcrypt-compat` package which

+ contains `libcrypt.so.1` is provided. If you are using a third-party

+ application that links against those functions, or that is linked

+ against glibc's libcrypt, you may need to install the

+ `libxcrypt-compat` package manually.

+ 

+ In addition, those legacy functions have been replaced by stub

+ implementations which immediately return an error when invoked. This

+ means that it is still possible to execute binaries compiled to use

+ those functions, but they cannot actually use those unsafe encryption

+ algorithms silently.

+ 

+ == Removal of MongoDB

+ 

+ The MongoDB database upstream has switched to a new license for new

+ releases. Fedora has determined that the Server Side Public Licensev1

+ (SSPL) is not a Free Software License. We could still provide the old

+ versions, but no updates or even bugfixes backported from the new

+ versions. MongoDB was dropped from Fedora.

+ 

+ == Improved installation of localization packages

+ 

+ In the past, installation of localization packages (l10n) to provide

+ fonts and translations for a language was done using comps

+ groups. This has been replaced by "rich dependencies" in individual

+ langpack packages. For example, installing `langpacks-ja` pulls in

+ some CJK fonts and two input method plugins, but only if the packages

+ for those input methods are installed. The new mechanism is more

+ flexible and easier to maintain.

+ 

+ == NFS server is configured with `/etc/nfs.conf` instead of `/etc/sysconfig/nfs`

+ 

+ Since the beginning `/etc/sysconfig/nfs` has been used to configure

+ the NFS server daemons by specifying extra command-line arguments with

+ which the daemon executable should be invoked. This mechanism has been

+ replaced by the configuration file `/etc/nfs.conf`. Each of the

+ services that compose the NFS server stack reads this file on its own

+ and uses the relevant parts and `/etc/sysconfig/nfs` is not read

+ anymore.

+ 

+ On upgrades, automatic conversion from `/etc/sysconfig/nfs` to

+ `/etc/nfs.conf` is performed by the `nfs-convert.service` systemd

+ service.