These are the Talking Points for the Fedora 23 release. For information on how these talking points were chosen, see Talking Points SOP. They are intended to help Ambassadors quickly present an overview of highlighted features when talking about the release, and to help drive content for the release, etc.
The talking points are based in part on the Change Set for this release.
Overall Release Story
Fedora 23 Introduces New Security and Systems Management Features for Workstation, Server and Cloud.
- security: dnssec, better hardening, drop old crypto
- Workstation: firmware updates in Software
- Server: cockpit GUI for FreeIPA
- Cloud: MOTD, other?
Fedora 23 puts us back on track for six-month releases. The project is moving full steam ahead on the three editions (Cloud, Server, and Workstation), as well as continual improvements to the shared packages that make up the Fedora distribution.
Fedora-Wide Changes and Improvements
[Let's include shared changes and improvements here that are visible or have an impact on the day-to-day use of Fedora. A new kernel isn't that exiting to most users, but improvements - like "Acme Wi-Fi cards now work!" is.] For reference - ChangeSet
A preview of the next default wallpaper is available here, it's still a work in progress artwork.
Not a real improvement (GCC switched to 5.x.y with Fedora 22) but is appropriate to mention because users are now able to see compiled code improvements and use the newly added features.
Harden All Packages
Packages in Fedora will be more secure than in other distributions or packages provided by upstream. Therefore our users less likely become victims of attacks. Fedora will use more state-of-the-art security mechanisms to fulfill its first and features foundations.
Updating the Mono stack in Fedora from 2.10 to 4 It will have the ability to run cross-platform applications that require compatibility with Microsoft. Net Framework 4.5.
Disable SSL3 and RC4 by default
This change will disable by default the SSL 3.0 protocol and the RC4 cipher in components which use the system wide crypto policy. That is, gnutls and openssl libraries, and all the applications based on them. The shipped applications will support by default the known to be secure ciphers. Applications will still be able to enable the old ciphers and protocols for compatibility, but only after user override, or interaction.
Up-to-date and latest perl release will be delivered to Fedora users.
Default Local DNS Resolver
There are growing instances of discussions and debates about the need for a trusted DNSSEC validating local resolver running on 127.0.0.1:53. There are multiple reasons for having such a resolver, most importantly security and usability. Security and protection of user's privacy becomes paramount with the backdrop of the increasingly snooping governments and service providers world wide. With the trusted local DNS resolver running on 127.0.0.1:53, Fedora will not only provide greater security and usability to its users, but will also take an important step towards the secure by default computing future, wherein users do not have to worry about privacy, security and trust.
Fedora 23 Boost 1.59 Uplift
CHECK - seems it remains at 1.58 https://fedoraproject.org/wiki/Changes/F23Boost159#Benefit_to_Fedora
SELinux policy store migration
It includes a change of the location of the SELinux policy store, which defaults to /var/lib/selinux/; the implementation and the CIL language bring improvements to system.
Two Week Atomic
This change moves Atomic away from the main Fedora 6-month distribution release, and instead to separate releases every two weeks on a new web site, http://atomic.fedoraproject.org/
Unicode 8.0 support
By including this change users and developers of Fedora will get Unicode 8.0 support through core libraries.
XKB prefix icons are useful to distinguish XKB layouts when users switch IBus XKB engines. Some users requeste to support .XCompose file. IBus 1.5.11 will have the features of XKB prefix language icons on the panel in KDE 5 and support $HOME/.XCompose file in all desktops.
Numerous potential security vulnerabilities, including known cross-site scripting attacks, will be prevented by requiring all web applications to use upstream-maintained versions of jQuery. Traditionally, a copy of jQuery has been included with every web application that requires it. This change will migrate many of those applications to a shared system copy of jQuery.
Layered Docker Image Build Service
Fedora currently ships a Docker base image, but Docker supports a layering concept. There are some applications like Cockpit which we would like to ship as layered applications. This will help deliver Fedora-based containers inside the Docker ecosystem, and other applications that are part of the Fedora package collection as containers.
RPM MPI Requires Provides
Add dependency generators to encode the MPI compiler name in the provides string of a binary to distinguish otherwise identical provides between packages $foo, $foo-openmpi and $foo-mpich.
After logging in the running Cloud instance, the user should get the pending updates (including security) details as MOTD (message of the day). The users will get the details about any pending security updates in any cloud instance after logging in. This reminds will be noticed by any user who logs in to the instance
Cloud Systemd Networkd
Using systemd-networkd to configure network in Cloud base image we will be getting rid of difficult-to-maintain legacy network scripts, and having only one unified network system. As we already have systemd on the image, it will help us by not adding any extra package in the Cloud base image
Local Test Cloud
A small tool to download and boot cloud images locally providing a simple means for Fedora users and developers to easily learn about Cloud, test Fedora Cloud releases, locally test cloud application and lowers the barrier to get involved with Fedora cloud efforts
Containerized Server Roles
Enhance rolekit to be able to deploy Server Roles using the Nulecule Container Specification; Building applications inside of containers will allow us more flexibility in terms of upgrades (as the containers can remain intact between distribution upgrades). Furthermore, it will enable us to better integrate with Fedora Cloud and Fedora Atomic.
System Firmware Updates
This change is to add the ability to perform firmware updates on UEFI machines. This adds the ability to perform updates of system firmware, as well as some peripheral firmware, on machines supporting the UEFI Capsule Update mechanism and UEFI 2.5's "ESRT" feature. Right now this is generic support—the number of machines for which we actually have firmware updates available is very small, as the underlying technology is quite new—and it doesn't include any actual delivery mechanism for such firmware images. But if they're put at the right place for fwupd to notice them, and the system supports the right features, they'll show up as updates in gnome-software.
The new major version of the popular open source office suit brings a lot of new features and improvements: style previews in the sidebar, Word-compatible text highlighting, built-in image crop, UI for data bars in Calc, support for Time-Stamp Protocol in PDF export, support for Adobe Swatch Exchange color palettes, import of Apple Pages files, improved support for HiDPI screens, significantly improved support for MS Office formats.
Document Viewer (Evince)
The new version of Evince includes initial support for PDF multimedia using GStreamer. The support for annotations has also be greatly improved (highlight annotations, squiggly highlight annotations, a new toolbar to add annotations,...).
Update Sugar to the new upstream 0.106 stable feature release.
Make ibus-libzhuyin as the default Fedora 23 Traditional Chinese (Taiwan) input method.
io.js Technology Preview
An npm compatible platform originally based on Node.js™ that supports version 6 of the ECMAScript standard and additional features. Node.js developers can take advantage of new features in ECMAScript 6 and those developed by the io.js community
A Fedora Spin using the Cinnamon desktop environment, a Linux desktop which provides advanced innovative features and a traditional user experience. The desktop layout is similar to Gnome 2. The underlying technology is forked from Gnome Shell. The emphasis is put on making users feel at home and providing them with an easy to use and comfortable desktop experience.
Delayed until F24
A Fedora Spin providing a complete toolchain for both amateur and professional astronomers. The Astronomy Spin provides a complete scientific Python environment (2 and 3) as well as the AstrOmatic software. For observational astronomy, KStars provides a complete solution for astrophotography using the INDI library. In addition to an astronomical collection of packages the spin also adds a menu for astronomy to make work more comfortable. At the moment, there is no such distribution which offers a set of professional open-source tools for astronomers and astrophysicists and Fedora is very popular in astronomers' environment (that it is strongly linux-based).