Ceci est une ancienne révision du document !
1
Google tests Fuchsia OS: 03/02/2020 Google has made changes to indicate the transition of the Fuchsia operating system to the stage of final internal testing “ dogfooding ”, which implies the use of the product in the daily activities of employees, before bringing it to ordinary users. At this stage, the product is in a state that has already passed basic testing by special quality assessment teams. Before delivering the product to the masses, they additionally conduct a final check on their employees who are not involved in the development. https://9to5google.com/2020/02/28/fuchsia-friday-dogfood/
Google teste Fuchsia OS
Google a fait des modifications pour indiquer que le système d'exploitation Fuchsia est maintenant au stade des tests finaux interne, alias « dogfooding », ce qui implique l'utilisation du produit dans les activités quotidiennes des employés avant de le donner aux utilisateurs ordinaires. À ce stade, le produit a déjà réussi des tests de base faits par des équipes spéciales d'évaluation de la qualité. De plus, avant de livrer le produit aux foules, ils font une dernière vérification auprès de leurs employés qui n'étaient pas engagés dans le développement.
https://9to5google.com/2020/02/28/fuchsia-friday-dogfood/
Apache CouchDB 3.0 Document Management: 03/02/2020 A distributed document-oriented database Apache CouchDB 3.0 (a NoSQL-system), was released. The source code for the project is distributed under the Apache 2.0 license. The Couch Replication Protocol lets your data flow seamlessly between server clusters to mobile phones and web browsers, enabling a compelling offline-first user-experience while maintaining high performance and strong reliability. CouchDB comes with a developer-friendly query language, and optionally MapReduce for simple, efficient, and comprehensive data retrieval. https://9to5google.com/2020/02/28/fuchsia-friday-dogfood/
Gestion de documents CouchDB 3.0 d'Apache
Une base de données distribuée et orientée documents, Apache CouchDB 3.0 (un système No SQL), vient de sortir. Le code source du projet est distribué sous licence Appache 2.0.
Le Couch Replication Protocol laisse vos données circuler sans heurts entre des grappes de serveurs vers des téléphones mobiles et des navigateurs Web, ce qui permet une expérience utilisateur hors ligne convaincante tout en maintenant de hautes performances et une fiabilité forte. CouchDB est livré avec un langage de requête que les développeurs trouveront convivial, et, en option, MapReduce pour une récupération de données qui soit simple, efficace et compréhensive.
https://9to5google.com/2020/02/28/fuchsia-friday-dogfood/
Chrome OS 80 release 03.03.2020 Chrome OS 80 operating system based on the Linux kernel, upstart system manager, ebuild / portage assembly tools, open components, and the Chrome 80 web browser has been released . The user environment of Chrome OS is limited to a web browser, and instead of standard programs, web applications. However, Chrome OS includes a full multi-window interface, a desktop and a taskbar. Chrome OS 80 builds are available for most current Chromebooks. Enthusiasts builds are available for regular computers with x86, x86_64 and ARM processors. Source code distributed licensed under Apache 2.0. Initially, the release was scheduled for February 11, but was postponed. https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-chrome-os.html
Publication de Chrome OS 80
Le système d'exploitation Chrome OS 80, basé sur le noyau Linux, le gestionnaire de système upstart, des outils ebuild/assembleur de portage, des composants open et le navigateur Web Chrome 80 a été publié. L'environnement utilisateur de Chrome OS se limite à un navigateur Web et des applications Web à la place de programmes standards. Cependant, Chrome OS comprend une interface multi-fenêtre complète, un bureau et une barre de tâches. Les compilations de Chrome OS 80 sont disponibles pour la plupart des Chromebooks actuels. Des compilations pour les enthousiastes sont disponibles pour des ordinateurs normaux avec des processeurs x86, x86_64 et ARM. Le code source est distribué sous licence Apache 2.0.
Au départ, la publication devait avoir lieu le 11 février, mais a été reporté.
https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-chrome-os.html
Mass revocation of Let's Encrypt certificates: 03.03.2020 The community-based Let's Encrypt Certification Authority, a non-profit certification center that provides certificates for everyone, has warned of the upcoming revocation of many previously issued TLS / SSL certificates. Of the 116 million Let's Encrypt certificates currently in force, a little more than 3 million (2.6%) will be revoked, of which approximately 1 million are duplicates tied to one domain (the error mainly affected very frequently updated certificates, so there are many duplicates). The review is scheduled for the fourth of March, (the exact time has not yet been determined) https://community.letsencrypt.org/t/revoking-certain-certificates-on-march-4/114864
Révocation en masse des certificats Let's Encrypt
Basée dans la communauté, la Let's Encrypt Certification Authority, un centre de certification à but non lucratif qui fournit des certificats pour tous, a mise en garde contre la révocation proche de beaucoup des certificats TLS/SSL délivré précédemment. Des 116 millions de certificats Let's Encrypt actuellement valides, un peut plus de 3 millions (2,6 %) seront révoqués, dont environ 1 million sont des doubles liés à un domaine (l'erreur concernait principalement des certificats mis à jour fréquemment et il y a donc beaucoup de doubles). L'examen doit avoir lieu le 4 mars, mais l'heure exacte n'est pas encore fixée).
https://community.letsencrypt.org/t/revoking-certain-certificates-on-march-4/114864
2
DragonFly BSD 5.8 Operating System Release: 03.03.2020 The release of DragonFlyBSD 5.8 , a hybrid kernel operating system created in 2003 for the alternative development of the FreeBSD 4.x branch, is available. Among the features of DragonFly BSD are the distributed versioned HAMMER file system , support for loading “virtual” system cores as user processes, the ability to cache FS data and metadata on SSD drives, contextual variant symbolic links, the ability to freeze processes while maintaining their state on drive, a hybrid kernel using lightweight threads (LWKT). http://lists.dragonflybsd.org/pipermail/users/2020-March/358432.html
Publication du système d'exploitation DragonFly BSD 5.8
La publication de DragonFly BSD, un système d'exploitation avec un noyau hybride, créé en 2003 pour le développement alternatif de la branche 4.x de FreeBSD, est disponible. Parmi les caractéristiques de DragonFly BSD sont la version distribuée du système de fichiers HAMMER, le support du chargement de cœurs « virtuels » du système en tant que des processus utilisateur, la capacité de mettre des données et des méta-données en cache sur des disques SSD, des variantes contextuelles de liens symboliques, la capacité de geler des processus tout en maintenant leur état sur le disque et un noyau hybride qui utilise des fils légers (LWKT).
http://lists.dragonflybsd.org/pipermail/users/2020-March/358432.html
Nginx 1.17.9 and njs 0.3.9 release: 03/04/2020 The main branch of nginx 1.17.9 has been updated, in which the development of new features continues (in the parallel supported stable branch 1.16, only changes related to the elimination of serious bugs and vulnerabilities are considered). Additionally, there was a release of njs 0.3.9, the JavaScript interpreter for the nginx web server . The njs interpreter implements ECMAScript standards and allows you to extend nginx's query processing capabilities using scripts in the configuration. Scripts can be used in the configuration file to determine the extended logic for processing requests, forming a configuration, dynamically generating a response, modifying a request / response, or quickly creating stubs to solve problems in web applications. http://mailman.nginx.org/pipermail/nginx-announce/2020/000265.html
Sortie de Nginx 1.17.9 et njs 0.3.9
La branche principale de nginx 1.17.9 est mise à jour et le développement de nouvelles fonctionnalités continue, alors que, dans la branche 1.16 parallèle, stable et supportée, uniquement des modifications visant l'élimination de bugs et vulnérabilités sérieux sont prises en compte.
De plus, njs 0.3.9, l'interpréteur JavaScript pour le serveur Web nginx, est sortie. L'interpréteur njs implémente les standards EXMAScript et vous permet d'étendre les capacités de nginx de traiter des requêtes avec l'utilisation de scripts dans la configuration. Les scripts peuvent être utilisés dans le fichier de configuration pour déterminer la logique étendue des requêtes de traitement, la formation d'une configuration, la génération dynamique d'une réponse, la modification d'une requête/réponse, ou la création rapide de « stubs » pour résoudre des problèmes dans des applications Web
http://mailman.nginx.org/pipermail/nginx-announce/2020/000265.html
Samba Release 4.12.0: 03/04/2020 The release of Samba 4.12.0, the continued development branch of Samba 4, with a full-fledged implementation of a domain controller and Active Directory service, compatible with the implementation of Windows 2000 and capable of servicing all versions of Windows-clients supported by Microsoft, including Windows 10 is out. Samba 4 is a multifunctional server product , which also provides the implementation of a file server, print service, and authentication server (winbind). https://lists.samba.org/archive/samba-announce/2020/000514.html
Publication de Samba 4.12.0
La publication de Samba 4.12.0, la branche de développement poursuivie de Samba 4, avec l'implémentation complète d'un contrôleur de domaine et d'un service Active Directory, compatible avec l'implémentation de Windows 2000 et pouvant fonctionner avec toutes les versions des clients Windows supportés par Microsoft, y compris Windows 10, est sortie. Samba 4 est un produit serveur multi-fonctionnel, qui fournit aussi l'implémentation d'un serveur de fichiers, un service d'impression et un serveur d'authentification (winbind).
https://lists.samba.org/archive/samba-announce/2020/000514.html
New version of curl 7.69: 03/05/2020 A new version of curl, 7.69.0 , which provides the ability to flexibly generate a request by setting parameters such as cookie, user_agent, referer and any other headers, is out. cURL supports HTTP, HTTPS, HTTP / 2.0, SMTP, IMAP, POP3, Telnet, FTP, LDAP, RTSP, RTMP and other network protocols. At the same time, an update was released in parallel to the libcurl library, which provides an API for using all curl functions in programs in languages such as C, Perl, PHP, Python. The release adds a new backend to support the SSH protocol, made using the wolfSSH library . The backend allows you to transfer data using SFTP with minimal overhead, which makes it possible to use it in tiny-curl collections for embedded systems. SCP is not yet supported in the added backend (use the old libssh backend for SCP ). https://curl.haxx.se/mail/archive-2020-03/0004.html
Nouvelle version de curl, la 7.69
Une nouvelle version de curl, la 7.69.0, qui fournit la capacité de générer une requête de façon flexible en réglant des paramètres comme cookie, user_agent, referer et n'importe quel autre en-tête, est sortie. cURL supporte HTTP, HTTPS, HTTP/2.0, SMTP, IMAP; POP3, Telnet, FTP, LDAP, RTSP, RTMP et autre protocoles réseau. En même temps, et en parallèle à la bibliothèque libcurl, qui fournit un API pour l'utilisation de toutes les fonctions curl dans des programmes en langages comme C, Perl, PHP, Python, une mise à jour fut publiée.
Cette publication ajoute un nouveau backend, créé avec la bibliothèque wolfSSH, pour prendre en charge le protocole SSH. Le backend vous permet de transférer des données avec SFTP avec une utilisation minimale des ressources, ce qui rend possible son utilisation dans des collections tiny-curl pour des systèmes embarqués. SCP n'est pas encore pris en charge dans le backend ajouté (il faut utiliser le vieux backend libssh pour SCP).
3
Apache NetBeans 11.3 IDE Release: 03/05/2020 The Apache Software Foundation Organization has released their new IDE, NetBeans 11.3 . This is the fifth release by the Apache Foundation after the transfer of NetBeans code by Oracle. The first release after the project was transferred from the incubator to primary Apache projects. The release contains support for the Java SE, Java EE, PHP, JavaScript, and Groovy programming languages. The expected integration of C / C ++ language support from version 11.3 of the code base provided by Oracle has been postponed to the next release. Everything related to the development of projects in C and C ++ are ready, but the code is not yet integrated. Before built-in support, plug-ins are available., The release of Apache NetBeans 12, which will be accompanied as part of an extended support cycle (LTS) is planned for April 2020. https://blogs.apache.org/netbeans/entry/announce-apache-netbeans-11-3
Publication de l'IDE Apache NetBeans 11.3
L'Apache Software Foundation Organization a publié leur nouvelle IDE (environnement de développement intégré), NetBeans 11.3. Il s'agit de la cinquième publication fait par l'Apache Foundation depuis le transfert du code NetBeans par Oracle et la première publication depuis que le projet a été transféré de l'incubateur vers les projets primaires d'Apache. Cette version comprend le support pour les langages de programmation Java SE, Java EE, PHP, JavaScript, et Groovy.
L'intégration attendue du support du langage C/C++ venant de la version 11.3 du code fourni par Oracle est différée à la prochaine publication. Tout ce qui se rapport au développement de projets en C et C++ est prêt, mais le code n'est pas encore intégré, mais des greffons sont disponibles. La publication de NetBeans 12 d'Apache, qui sera accompagné comme par d'un cycle à support à long terme (LTS) est prévue en avril 2020.
https://blogs.apache.org/netbeans/entry/announce-apache-netbeans-11-3
Intel Chipset Vulnerability to Extract Platform Root Key: 03/05/2020 Researchers from Positive Technologies identified a vulnerability ( CVE-2019-0090 ), which allows physical extraction of the platform root key (Chipset key), which is used as the “root of trust” for authenticating various components of the platform, including TPM (Trusted Platform Module) firmware ) and UEFI. The vulnerability is caused by a bug in the hardware and in the Intel CSME (Converged Security and Manageability Engine) firmware, which is located in the boot ROM. This does not allow fixing of the problem in already used devices. Due to the presence of a window during the restart of Intel CSME (for example, when waking up from sleep mode), manipulating the DMA, you can write data to Intel CSME static memory and change the already initialized Intel CSME memory page tables to intercept execution, extract the platform key and receive control over the generation of encryption keys for Intel CSME modules. Details of exploitation of the vulnerability are planned to be published later. In addition to extracting the key, the error also allows code execution at the zero privilege level of the Intel CSME. The problem affects most Intel chipsets released in the last five years, but in the 10th generation of processors (Ice Point) the problem no longer appears. Intel became aware of the problem about a year ago and in May 2019 firmware updates were released that, although they cannot change the vulnerable code in the ROM, they are trying to block possible vectors at the level of individual Intel CSME modules. https://www.ptsecurity.com/ru-ru/about/news/neustranimaya-uyazvimost-v-chipsetah-intel-ugrozhaet-rabochim-stanciyam-i-pravoobladatelyam/
Une vulnérabilité de la puce Intel permet l'extraction de la clé de la racine sur la plateforme
Des chercheurs chez Positive Technologies ont identifié une vulnérabilité (CVE-2019-00990), qui permet l'extraction physique de la clé de la racine de la plateforme (la clé de la puce), utilisée comme la « racine de confiance » pour l'authentification de divers composants de la plateforme, y compris le firmware appelé TPM (Trusted Platform Module) et l'UEFI.
La vulnérabilité est causée par un bug dans le matériel et dans le firmware CSME (Converged Security and Manageability Engine) Intel, dont l'emplacement est dans la ROM du boot. Cela ne permet pas la correction du problème dans des dispositifs qui ont déjà était utilisés. En raison de la présence d'une fenêtre pendant le redémarrage du CSME Intel (par exemple, lors de la sortie de veille), qui manipule le DMA (Direct Memory Access), vous pouvez écrire des données à la mémoire statique du CSME Intel et modifier les tables des pages de mémoire CSME Intel déjà initialisées pour intercepter l'exécution, extraire la clé de la plateforme et recevoir le contrôle de la génération de clés de chiffrement pour le modules CDME Intel. On prévoit de publier les détails de l'exploitation de la vulnérabilité plus tard.
Outre l'extraction de la clé, l'erreur permet aussi l'exécution de code au niveau de privilège zéro du CSME Intel. Le problème affecte la plupart des puces Intel sorties au cours des cinq dernières années, mais le problème n'apparaît plus dans la 10ème génération de processeurs (Ice Point). Intel a pris connaissance du problème il y a environ un an et a publié des mises à jour du firmware en mai 2019 ; bien qu'elles ne puissent pas changé le code vulnérable dans la ROM, elles essaient de bloquer des vecteurs possibles au niveau des modules CSME Intel individuels.
PowerDNS Recursor 4.3 and KnotDNS 2.9.3 release: 03/05/2020 The caching DNS server, PowerDNS Recursor v4.3, has been released. PowerDNS Recursor is built on the same code base as the PowerDNS Authoritative Server, but the recursive and authoritative PowerDNS DNS servers are developed as part of different development cycles and released as separate products. The project code is distributed under the GPLv2 license. The server provides tools for remote statistics collection, supports instant restart, has a built-in engine for connecting handlers in the Lua language. It fully supports DNSSEC, DNS64, RPZ (Response Policy Zones) and allows you to connect blacklists. It is possible to record the results of resolving in the form of BIND zone files. To ensure high performance, modern connection multiplexing mechanisms in FreeBSD, Linux and Solaris (kqueue, epoll, / dev / poll) are used, as well as a high-performance parser for DNS packets that can handle tens of thousands of parallel requests. https://blog.powerdns.com/2020/03/03/powerdns-recursor-4-3-0-released/
Publication de PowerDNS Recursor 4.3 et de KnotDNS 2.9.3
Le serveur DNS antémémoire, PowerDNS Recursor v4.3 a été publié. PowerDNS Recursor est construit sur la même base de code que le PowerDNS Authoritative Server, mais les serveurs DNS PowerDNS, qui sont récursifs et authoritatifs, sont développés dans le cadre de différents cycles de développement et publiés comme produits distincts. Le code du projet est distribué sous licence GPLv2.
Le serveur fournit des outils pour la collection de statistiques à distances, supporte le redémarrage instantané e comporte un moteur intégré pour la connection des gestionnaires dans le langage Lua. Il prend en charge les DNSSEC, DNS64, RPZ (Response Policy Zones) complètement et vous permet de connecter des listes noires. On peut enregistrer les résultats des résolutions sous forme des fichiers BIND zone. Pour assurer une performance éléevée, des méchanismes de connection moderne de multiplexage dans FreeBSD, Linux et Solaris (kqueue, epoll, /dev/poll) sont utilisés ainsi qu'un analyseur très performant des paquets DNS qui peut traiter des dizaines de milliers de requêtes parallèles.
https://blog.powerdns.com/2020/03/03/powerdns-recursor-4-3-0-released/
4
Sandcastle project prepares Linux and Android builds for installation on iPhone 7: 03/06/2020 Project Sandcastle published a build for Linux and Android. The project is suitable for installation on the iPhone 7 and 7+ . The project also provides limited support for iPod Touch 7G and porting to various iPhone 6, 8, X, 11 and iPod Touch 6G models is ongoing. The software still has a way to go. https://projectsandcastle.org/
La projet Sandcastle prépare des builds Linux et Android pour installation sur l'iPhone 7
La projet Sandcastle a publié un build pour Linux et Android, qui convient à l'installation sur l'iPhone 7 et 7+. Le projet fournit également un support limité de l'iPod Touch 7G et le portage à divers modèles d'iphone 6, 8, X, 11 et l'iPod Touch 6G est en cours. Le logiciel n'est pas prêt d'être terminé.
https://projectsandcastle.org/
An error in BIND 9.16 that disrupts the processing of TCP connections: 03/06/2020 In the BIND 9.16.0 branch published two weeks ago, a serious error was revealed exhausting the limit on the number of TCP connections. In BIND 9.16, a new network subsystem was proposed, which was transferred to the asynchronous request processing mechanism based on the libuv library. Due to an error in this subsystem, the counter of active TCP connections does not decrease under certain conditions, which leads to an increasing discrepancy between its value and the actual number of connections. After some time, the counter value may reach the set limit on the number of client connections and new TCP requests will cease to be accepted (UDP requests will continue to be processed). Basically, the problem manifests itself on servers that accept TCP connections from clients on several network interfaces at once. BIND 9.16 has not yet been released, but a patch has been published to fix the error . As a temporary solution, you can set the limit on the number of connections (option tcp-clients) to a very large value. In addition to BIND 9.16, the problem affects the experimental branch 9.15, starting with the release of 9.15.6, but this branch was originally used only for development and is not focused on production servers. https://www.mail-archive.com/bind-announce@lists.isc.org/msg00567.html
Une erreur dans BIND 9.16 perturbe le traitement de connections TCP
Dans la branche 9.16.0 de BIND publiée il y a deux semaines, une erreur grave s'est manifesté par lequel la limite sur le nombre de connections TCP est atteinte. Dans BIND 9.16 un nouveau sous-système réseau a été proposé et fut transféré au mécanisme de traitement des requêtes asynchrones basé sur la bibliothèque libuv. Suite à une erreur dans ce sous-système, le compteur des connections TCP actives ne diminue pas sous certaines conditions, ce qui entraîne un écart croissant entre sa valeur et le véritable nombre de connections. Après quelques temps, la valeur du compteur peut atteindre la limite fixée sur le nombre de connections client et de nouvelles requêtes TCP ne seont plus acceptées (les requêtes UDP seront toujours traitées).
Essentiellement, le problème se manifeste sur des serveurs qui acceptent des connections TCP de clients sur plusieurs interfaces réseau à la fois. BIND 9.16 n'est pas encore publié, mais un correctif est sorti pour corriger l'erreur. Comme solution temporaire, vous pouvez fixer la limite sur le nombre de connections (option tcp-clients) à une valeur très élevée. Outre BIND 9.16, le problème concerne la 9.15, une branche expérimentale, à partir de la version 9.15.6, mais cette branche n'était utilisée à l'origine que pour le développent et ne se concentre pas sur des serveurs de production.
https://www.mail-archive.com/bind-announce@lists.isc.org/msg00567.html
GNU Coreutils 8.32 Basic System Utility Launch: 03/06/2020 After a year of development , a stable version of the GNU Coreutils 8.32 set of basic system utilities is available. It includes programs such as sort, cat, chmod, chown, chroot, cp, date, dd, echo, hostname, id, ln, ls, etc. d. http://savannah.gnu.org/forum/forum.php?forum_id=9693
L'utilitaire système de base GNU Coreutils 8.32 est sorti
Après une année de développement, une version stable de l'ensemble d'utilitaires système de base GNU Coreutils 8.32 est disponible. Il comprend des programmes comme sort, cat, chmod, chown, chroot, cp, date, dd, echo, hostname, id, ln, ls, etc. d.
http://savannah.gnu.org/forum/forum.php?forum_id=9693
Second release of Glimpse, fork of the GIMP graphics editor: 03/06/2020 The second release of the Glimpse graphics editor has been published. Builds are available for Windows and Linux (so far only in the Flatpak format , but Snap will be available too ). Other than correcting errors from the previous release, the addition of new themes for interface design and icons was touted. There were improved translations for non-English-speaking users, removal of the word “gimp”, adding settings for choosing a language on the Windows platform, and removing unnecessary “fun” brushes . The proposed release of Glimpse is based on GIMP 2.10.12, with rebranding, renaming directories and cleaning the user interface. The external dependencies are BABL 0.1.68, GEGL 0.4.16 and MyPaint 1.3.0. https://glimpse-editor.org/posts/glimpse-0-1-2-release-notes/
Deuxième publication de Glimpse, une branche de l'éditeur des graphiques GIMP
La deuxième version de l'éditeur de graphiques Glimpse est sortie. Des compilations sont disponibles pour Windows et Linux (jusqu'ici seulement dans le format Glatpak, mais Snap sera disponible aussi). À part la correction d'erreurs dans la version précédente, l'ajout de nouveaux thèmes et icônes pour l'interface a été vanté. Il y avait des traductions améliorées pour des utilisateurs qui ne parlent pas anglais, la suppression du mot « gimp », l'ajout de paramètres pour le choix d'un langage sur la plateforme Windows et l'enlèvement de brosses « amusantes » inutiles.
La version de Glimpse proposée est basée sur GIMP 2.10.12 avec la création d'une nouvelle image, le changement de nom de répertoires et le nettoyage de l'interface utilisateur. Les dépendances externes sont BABL 0.1.68, GEGL 0.4.16 et MyPaint 1.3.0.
https://glimpse-editor.org/posts/glimpse-0-1-2-release-notes/
5
Development of DNF 5 package manager and PackageKit replacement started: 03/06/2020 Daniel Mach of Red Hat announced the start of the development on the DNF 5 package manager, which will port Python-implemented DNF logic to the C ++ libdnf library. They plan to begin testing DNF 5 in June during the development of Fedora 33, in October 2020. They plan to add it to the Rawhide repository, and replace DNF 4 with it in February 2021. Maintenance of the DNF 4 branch will continue, as it is used in Red Hat Enterprise Linux 8. The project has reached a state in which it is almost impossible to continue the development of code without compromising compatibility at the API / ABI level. This is mainly due to the loss of relevance of PackageKit and the inability to develop libdnf without changing the “libhif” API. At the same time, despite the intention to change the API, maintaining backward compatibility at command line interface level and API is prioritised. https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/NWSURJRGZAIIMNZJT244DHDPOG2PBQXZ/
Systemd 245 available with portable home directories: 03/06/2020 After three months of development , the release of the systemd 245 system manager is announced. In the new release, new components systemd-homed and systemd-repart are added. Support for portable user profiles in JSON format is included, the ability to define namespaces in systemd-journald is provided and support for the “pidfd” mechanism is added. The project website has been completely redone, where most of the available documentation has been collected and a new logo has been proposed. https://lists.freedesktop.org/archives/systemd-devel/2020-March/044119.html
Vulnerability in pppd and lwIP allowing remote code execution with root privileges: 03/07/2020 A vulnerability was identified in the pppd package ( CVE-2020-8597 ), which allowed it to execute its code by sending specially crafted authentication requests to systems using PPP (Point-to-Point Protocol) or PPPoE (PPP over Ethernet). These protocols are usually used by providers to establish connections via Ethernet or DSL, and are also used in some VPNs (for example, pptpd and openfortivpn ). The issue affects pppd versions 2.4.2 through 2.4.8 inclusive and is fixed in the form of a patch . The vulnerability also affects the lwIP stack , but EAP support is not enabled in the default configuration in lwIP. https://www.kb.cert.org/vuls/id/782301/
Min 1.13 web browser published: 03/07/2020 Min 1.13 is out, offering a minimalistic interface, built around the manipulation of the address bar. The browser was created using the Electron platform, which allows you to create stand-alone applications based on the Chromium engine and the Node.js. platform. The Min interface is written in JavaScript, CSS and HTML. The code is licensed under Apache 2.0. Builds are available for Linux, macOS and Windows. The browser has a built-in ad blocking system ( EasyList ) and a code for tracking visitors, it is also possible to disable the downloading of images and scripts. https://github.com/minbrowser/min/releases/tag/v1.13.0
6
Two attacks on the cache channel prediction mechanism in AMD processors: 03/07/2020 A team of researchers from Graz University of Technology (Austria), conducted a study of AMD-specific hardware optimizations and developed two new third-party channel attack methods that manipulate data leaks during channel prediction in the level one cache of AMD processors. Methods can be used to reduce ASLR protection, restore keys in vulnerable AES implementations, and increase Specter attack efficiency. Problems were identified in the implementation of the channel predictor mechanism (way predictor) in the data cache of the first level of the CPU (L1D), which is used to predict which channel of the cache reflects a specific memory address. The optimization used in AMD processors is based on the verification of μ tags (μTag). μTag is calculated by applying a specific hash function to the virtual address. During operation, the channel prediction mechanism uses μTag to determine the cache channel from the table. Thus, μTag allows the processor to limit itself to accessing only a specific channel, without enumerating all the options, which significantly reduces CPU power consumption. https://mlq.me/download/takeaway.pdf
APT 2.0 Package Manager Released: 03/08/2020 The release of the package management tool APT 2.0 (Advanced Package Tool), developed by the Debian project, is available. APT is also used in some distributions based on the rpm package manager, such as PCLinuxOS and ALT Linux. The new branch has incorporated the changes in the development of the experimental branch 1.9.x. In the near future, the new release will be integrated into the Debian Unstable branch and into the Ubuntu package base (experimental branch 1.9 was used in Ubuntu 19.10). https://blog.jak-linux.org/2020/03/07/apt-2.0/
Zorin OS 15.2 distribution release: 03/09/2020 Zorin OS 15.2 Linux, a distribution based on the Ubuntu 18.04.4 base is out . The distribution's target audience is novice users who are used to working in Windows. To control the design, the distribution offers a special configurator that allows you to mimic different versions of Windows, and the software selection includes programs that are close to the programs that Windows users are used to. The bootable iso-image is 2.3 GB in size (two desktop environments are available - the usual one based on GNOME and “Lite” with Xfce). https://zoringroup.com/blog/2020/03/05/zorin-os-15-2-is-released-harder-better-faster-stronger/
Vulnerability in Timeshift that could elevate its privileges in the system: 03/09/2020 A vulnerability has been identified in the Timeshift application ( CVE-2020-10174 ), allowing a local user to execute code with root privileges. Timeshift is a backup system that uses rsync with hard links or Btrfs snapshots to implement functionality similar to System Restore on Windows and Time Machine on macOS. The program is included in the repositories of many distributions and is used by default in PCLinuxOS and Linux Mint. The vulnerability is fixed in Timeshift 20.03 release . https://www.openwall.com/lists/oss-security/2020/03/06/3
7
Merger of FreeNAS and TrueNAS Projects Announced: 03/09/2020 IXsystems announced the unification of its products for the rapid deployment of network storage (NAS, Network-Attached Storage). The free FreeNAS distribution will be merged with the TrueNAS commercial project , expanding the capabilities of FreeNAS for enterprises and comes pre-installed on storage systems manufactured by iXsystems. The combination will speed up development and shorten the release cycle to 6 months, strengthen quality control, synchronize development with FreeBSD to provide more rapid support for new equipment, simplify documentation, unify sites, simplify migration between commercial and free distributions, accelerate the transition to OpenZFS 2.0 to base “ZFS on Linux”. https://www.ixsystems.com/blog/freenas-truenas-unification/
4MLinux 32.0 distribution release: 03/10/2020 4MLinux 32.0, a minimalist custom distribution that is not an offshoot of other projects and uses a graphical environment based on JWM, is ready. 4MLinux can be used not only as a live environment for playing multimedia files and solving user problems, but also as a recovery system and a platform for launching LAMP servers (Linux, Apache, MariaDB and PHP). The size of the iso-image is only 830 MB (i686, x86_64). The new release implements support for decoding video in the AV1 format (via dav1d from FFmpeg). The PCManFM file manager provides the ability to create thumbnails for videos and documents in PS and PDF formats. Editors included: SciTE, GNU nano and mg (MicroGnuEmacs). As a downloadable add-on, Vim is available (with gVim). Lots of updated packages in this release. https://4mlinux-releases.blogspot.com/2020/03/4mlinux-320-stable-released.html
The release of the console screen saver neofetch 7.0.0: 03/10/2020 Neofetch 7.0.0 utility is available. By default, the program displays the logo of the operating system, which can be replaced with an arbitrary picture (for terminals that support image display) or an ASCII picture. The utility supports about 150 operating systems, from Linux and Windows to Minix, AIX and Haiku. The program is written in Bash and distributed under the MIT license. The new version adds support for: Proxmox VE, BlackArch, Neptune, Obarun, Drauger OS, macOS Catalina, ArchStrike, Cucumber Linux, EuroLinux, Cleanjaro, Septor Linux, Carbs Linux, EndeavourOS and T2. They also added support for the Regolith desktop . The release includes a selection of compact logos. https://github.com/dylanaraps/neofetch/releases/tag/7.0.0
PostgreSQL Anonymizer 0.6, an extension for anonymizing data in a DBMS: 03/10/2020 A new release of the PostgreSQL Anonymizer project is available, which solves the problem of hiding or replacing confidential data. Data can be hidden on the fly based on specially defined rules and lists. The code is distributed under the PostgreSQL license. For example, using the add-on in question, you can provide access to the database to third parties, such as, third-party business intelligence services, automatically denying them access to phone numbers and credit cards, or using more sophisticated methods, such as changing customer and company names to fictitious information. In addition to performing anonymization when connecting directly to the DBMS, there is a mode for creating anonymized SQL dumps https://www.postgresql.org/about/news/2017/
8
Release of Hobbits 0.21, a visualizer for reverse engineering binary files: 03/10/2020 Hobbits 0.21 project is out , a graphical interface for the analysis, processing and visualization of binary data in reverse engineering. The code is written in C ++ using the Qt library and is distributed under the MIT license. Parsing, processing and visualization are connected via plugins, which can be selected depending on the type of data being analyzed. Plugins are available for the classic hexadecimal display, binary and ASCII representations, bitwise and byte-by-bit rasterization (each pixel is associated with a bit or byte) and character rasterization. For data analysis, plugins are offered for searching and navigating data, highlighting standard templates and headers, defining blocks based on regular expressions. https://github.com/Mahlet-Inc/hobbits/releases/tag/v0.21.0
More Intel Woes with LVI: 03/11/2020 There is a new class of attacks LVI ( Load the Value Injection, the CVE-2020-0551 ) speculative execution in the CPU, which can be used for the diversion of keys and sensitive data from the Intel SGX enclave and other processes. The new attack class is based on manipulations with the same microarchitectural structures as in the MDS (Microarchitectural Data Sampling), Specter, and Meltdown attacks . At the same time, new attacks are not blocked by existing methods of protection against Meltdown, Specter, MDS and other similar attacks. Effective LVI protection requires hardware changes to the CPU. Software mitigations, by adding the LFENCE instruction by the compiler after each load operation from memory and replacing the RET instruction with POP, LFENCE and JMP, is just too much overhead - according to researchers, full software protection will lead to between 2-19 times performance degradation. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00334.html
WebKitGTK 2.28.0 browser engine and Epiphany 3.36 web browser release: 03/11/2020 The release of the new stable branch of WebKitGTK 2.28.0, is out. WebKitGTK allows you to use all the features of WebKit through a GNOME-oriented programming interface based on GObject . It can be used to integrate web-content processing tools into any application, from specialized HTML / CSS parsers, to create full-featured web browsers. Well-known projects using WebKitGTK are Midori and the standard GNOME browser (Epiphany) . https://webkitgtk.org/2020/03/10/webkitgtk2.28.0-released.html
SDL 2.0.12 Multimedia Library Release: 03/11/2020 The release of the SDL 2.0.12 library (Simple DirectMedia Layer), aimed at simplifying the writing of games and multimedia applications, has been announced . The SDL library provides tools such as hardware-accelerated 2D and 3D graphics output, input processing, audio playback, 3D output via OpenGL / OpenGL ES, and many other related operations. The library is written in C and distributed under the zlib license. To use the SDL features in projects in various programming languages, binders are provided. https://discourse.libsdl.org/t/sdl-2-0-12-released/27318
9
GNOME 3.36 User Environment Release: 03/11/2020 After six months of development GNOME 3.36 DE is out . Compared with the previous release, about 24 thousand changes were made, in which 780 developers took part. To quickly evaluate the capabilities of GNOME 3.36, specialized live builds based on openSUSE and Ubuntu have been released . https://www.mail-archive.com/devel-announce-list@gnome.org/msg00999.html
Valve releases Proton 5.0-4, a package for running Windows games on Linux: 03/11/2020 Valve has published the release of the Proton 5.0-4 project , which is based off the Wine project and is aimed at ensuring that games created for Windows, launch on Linux. Project developments are distributed under the BSD license. Proton allows you to directly run games that are only available for Windows on your Linux client. The package includes an implementation of DirectX 9/10/11 (based on the DXVK package ) and DirectX 12 (based on vkd3d ). The Vulkan API, provides improved support for game controllers and the ability to use full-screen mode regardless of games screen resolutions. To increase the performance of multi-threaded games, the “ esync ” (Eventfd Synchronization) and “ futex / fsync ” mechanisms are supported . https://github.com/ValveSoftware/Proton/releases/tag/proton-5.0-4
Debian 8 will be supported for more than 5 years: 03/11/2020 The LTS Team, responsible for generating updates for the Debian LTS branches , announced the possibility of receiving updates for the Debian 8 “Jessie” after the completion of the regular five-year maintenance cycle. Originally they planned to stop supporting the Debian 8 LTS branch in July 2020, but Freexian expressed its readiness to release updates on its own with the elimination of package vulnerabilities as part of the Extended LTS program . Additional support will cover a limited set of packages and apply only to the amd64 and i386 architectures (possibly arm). Support will not cover packages such as the Linux 3.16 kernel (the 4.9 kernel backported from Debian 9 “Stretch” will be offered), openjdk-7 (openjdk-8 will be offered) and tomcat7 (maintenance will last until March 2021). Updates will be distributed through an external repository maintained by Freexian. Access will be free for all, and the range of supported packages will depend on the total number of sponsors and packages that interest them. https://raphaelhertzog.com/2020/03/11/keeping-debian-8-jessie-alive-for-longer-than-5-years/
Mozilla will help in updating the KaiOS platform (fork of Firefox OS): 03/12/2020 Mozilla and KaiOS Technologies announced a collaboration aimed at updating the browser engine used in the KaiOS mobile platform. KaiOS continues to develop the Firefox OS mobile platform and is currently used on approximately 120 million devices sold in more than 100 countries. The problem is that KaiOS continues to use an outdated browser engine, corresponding to Firefox 48, that ceased 2016. This engine is outdated, does not support many current web-technologies and does not provide proper security. The purpose of cooperation with Mozilla is to transfer KaiOS to the new Gecko engine and keep it up to date, including regular publication of patches to eliminate vulnerabilities. Work also involves optimizing the performance of the platform and related services and applications. All changes and improvements will be published under the free MPL (Mozilla Public License). https://www.kaiostech.com/press/kaios-technologies-and-mozilla-partner-to-enable-a-healthy-mobile-internet-for-everyone/
10
Genode Project Releases Sculpt 20.02 General Purpose OS: 03/12/2020 The developers of the open microkernel operating system Genode OS Framework have released the Sculpt operating system yesterday. As part of the Sculpt project, Genode-based technology is developing a general-purpose operating system that can be used by ordinary users to perform everyday tasks. The source code for the project is distributed under the AGPLv3 license. A 26 MB LiveUSB image is offered for download. It supports systems with Intel processors and graphics with the VT-d and VT-x extensions enabled. In this new release you will find a file manager working in graphical mode, the processing of an interactive interface for administration (the system settings editor), support for virtual desktops, and optimization of the performance of the virtual machine monitor (based on VirtualBox). Updated utilities for monitoring system performance, Unix runtime, and GUI components. The release also includes enhancements introduced in the February Genode platform update, such as support for 64-bit i.MX ARM processors and porting of the sound driver from OpenBSD 6.6. https://github.com/genodelabs/genode
Tails 4.4 and Tor Browser 9.0.6 release: 03/12/2020 The release of the specialized Tails 4.4 distribution (The Amnesic Incognito Live System), based on Debian and designed to provide anonymous access to the internet, is out. All connections except traffic through the Tor network are blocked by default with a packet filter. Encryption is used to store user data in the “save user data mode” between restarts. The new version of Tor Browser has been updated to release 9.0.6 (at the time of writing the news has not yet been officially announced), synchronized with the Firefox 68.6.0 ESR code base. Also updated are: the Linux kernel 5.4.19, Thunderbird 68.5.0, cURL 7.64.0, evince 3.30.2, Pillow 5.4.1, WebKitGTK 2.26.4, virtualbox 6.1.4. Also adding missing firmware for wireless cards based on Realtek RTL8822BE / RTL8822CE chips. Addition: Tor Browser 9.0.6 based on Firefox 68.6.0, which also updated NoScript 11.0.15 that stops loading built-in CSS external Fonts in Safe Mode. The developers also warned of a remaining uncorrected error, which made it possible to launch JavaScript code in the “Safest” protection mode. The problem has not yet been resolved, so for those for whom the blocking of JavaScript execution is important, it is recommended, for a while, in about: config to completely block the use of JavaScript in the browser by changing the javascript.enabled parameter in about: config. https://tails.boum.org/news/version_4.4/index.en.html
Debian 11 package base freeze scheduled for next year: 03/12/2020 Debian developers have published a plan to freeze the Debian 11 “Bullseye” release. A Debian 11 release is expected in mid-2021. On January 12, 2021, the first stage of freezing the package base will begin, within which the transitions will be stopped (updating packages that require dependency corrections for other packages, which will temporarily remove packages from Testing), as well as stopping updating packages needed for assembly ( build-essential ). On February 12, 2021, a soft freezing of the package base will take place, at which the reception of new source packages will be stopped and the ability to re-enable previously deleted packages will be closed. On March 12, 2021, a hard freeze will be applied before release, in which the process of transferring key packages and packages without autopkg tests from unstable to testing will be completely stopped and the stage of intensive testing and bug fixing, blocking release will begin. Hard freezing is introduced for the first time and is considered as a necessary intermediate stage before complete freezing, covering all packages. The time of complete freezing is not yet determined. https://lists.debian.org/debian-devel-announce/2020/03/msg00002.html
GCC 9.3 Compiler Suite Update: 03/12/2020 A bug fix release of the GCC 9.3 compiler suite is available, with a lot of work done to fix errors, regressive changes and compatibility issues. Compared to GCC 9.2 , GCC 9.3 has 157 fixes, mainly related to resolving regressive changes. https://www.mail-archive.com/info-gnu@gnu.org/msg02716.html
11
ALT p9 starter kits quarterly update: 03/13/2020 The fourth round of starter kits is available on the Ninth Alt platform, made for i586, x86_64, aarch64 and arm architectures. Releases for MIPS architecture are proposed in versions for the Russian Tavolga and BFK3 systems on the Baikal-T1 CPU’s. Owners of Elbrus VK based on 4C and 8C / 1C + processors also have access to a number of starter kits. Starter kits are suitable for starting work with a stable repository for users who prefer to install their own list of application packages to configure their systems. Images include a basic system, one for desktop environments or a set of specialized applications. https://getalt.org/ru/starterkits/
NGINX Unit 1.16.0 Application Server Release: 03/13/2020 The NGINX Unit 1.16 application server was released, to ensure the launch of web applications in various programming languages (Python, PHP, Perl, Ruby, Go, JavaScript / Node.js and Java). Under the control of the NGINX Unit, several applications in different programming languages can be run simultaneously, the launch parameters can be changed dynamically without the need to edit configuration files and restart. The code is written in C and distributed under the Apache 2.0 license. If you want to know more, read the initial release notes. http://unit.nginx.org/
Rust 1.42 is out: 03/13/2020 Rust 1.42 system programming language , based on the Mozilla project, is released. The language is focused on safe work with memory, provides automatic memory management and provides means to achieve high concurrency of tasks, without having to use a garbage collector and runtime. Automatic memory management in Rust saves the developer from manipulating pointers and protects against problems arising from low-level work with memory, such as accessing a memory area after it was freed, dereferencing null pointers, going out of buffer boundaries, etc. To distribute libraries, ensure assembly, and manage project dependencies, a Cargo package manager is developed that allows you to get the libraries you need for the program in one click. Check out crates.io for more cargo cartes. https://blog.rust-lang.org/2020/03/12/Rust-1.42.html
Red Hat Enterprise Linux Vulnerability Report for 2019: 03/13/2020 Red Hat has published a report for vulnerabilities identified in Red Hat products during 2019. Over the year, 1313 vulnerabilities were fixed in Red Hat products and services (3.2% more than in 2018), 27 of them were critical problems. In total, the Red Hat security service in 2019 examined 2714 vulnerabilities covering all possible problems, including open programs that are not part of RHEL or do not appear in RHEL. Updates to eliminate 98% of critical issues were released within a week, after public information about the vulnerability became known. The largest number of vulnerabilities were fixed in the Linux kernel and packages with browser components. https://www.redhat.com/en/blog/reviewing-vulnerabilities-2019-annual-red-hat-product-security-risk-report
12
LoadLibrary, a layer for loading Windows DLLs in Linux applications: 03/13/2020 Thavis Ormandy, security researcher at Google, is developing a project, LoadLibrary, aimed at porting collected Windows DLL-libraries for use in applications in Linux. The project provides an interlayer library with which you can load a DLL file in PE / COFF format and call the functions defined in it. The PE / COFF loader is based on the ndiswrapper code. The project code is distributed under the GPLv2 license. LoadLibrary takes over the functions of loading the library into memory and importing existing characters, providing the Linux application with a dlopen-style API. Pluggable code can be debugged using gdb, ASAN and Valgrind. You can adjust the executable code at runtime by connecting hooks and applying patches (runtime patching). The aim of the project is to organize scalable and efficient distributed fuzzy testing of DLLs in a Linux-based environment. In Windows, conducting fuzzing and coverage testing does not allow for proper performance and often requires launching a separate virtualized instance of Windows, especially when trying to analyze sophisticated products, such as antivirus software, covering work at the kernel level and user space. With the help of LoadLibrary, Google researchers are searching for vulnerabilities in video codecs, antivirus scanners, data decompression libraries, image decoders, etc. https://github.com/taviso/loadlibrary
Wine 5.4 and Wine Staging 5.4 Release: 03/14/2020 A pilot release of the open implementation of WinAPI - Wine 5.4 is available. Since the release of version 5.3 , 34 error reports have been closed and 373 changes made. At the same time, the release of the Wine Staging 5.4 project is available, including incomplete or risky patches that are not yet suitable for adoption in the main Wine branch. Compared to Wine, Wine Staging provides 855 additional patches. The new release synchronizes with the Wine 5.4 codebase. https://www.winehq.org/announce/5.4
LibreELEC 9.2.1 Home Cinema Distribution Update: 03/14/2020 LibreELEC 9.2.1 project, a fork distribution of OpenELEC home theater, has been published. The user interface is based on the Kodi media center. Images for a USB drive or SD card (32-bit and 64-bit x86, Raspberry Pi 1/2/3/4, various devices based on Rockchip and Amlogic chips) are available for download . In the new version, a section for configuring VPN WireGuard is added to the configurator, and support for working on Raspberry Pi 4 boards is improved (performance and output quality are improved in 1080p and 4K modes). https://libreelec.tv/2020/03/libreelec-leia-9-2-1/
Vulnerability in Bluez Bluetooth Stack: 03/14/2020 The vulnerability could potentially allow an attacker to gain access to the system. Due to incorrect access control in the implementation of HID and HOGP Bluetooth profiles, the vulnerability allows denial of service or elevation of privileges when connecting a malicious Bluetooth device without going through the process of binding the device to the host. A malicious Bluetooth device without passing the pairing procedure can impersonate another HID device (keyboard, mouse, game controllers, etc.) or hidden data substitution into the input subsystem. According to Intel, the problem is in releases of Bluez up to and including v5.52. It is unclear whether the issue affects v5.53, as it has not been publicly announced , but has been available through Git and in the archive since February. Patches for fixing both vulnerabilities were proposed on March 10, and release 5.53 was posted on February 15. Some distro’s have not yet been updated ( Debian , Ubuntu , SUSE , RHEL , Arch , Fedora ). https://www.openwall.com/lists/oss-security/2020/03/12/4
13
Open source software Foundation announced the annual award for contribution to the development of free software: 03/15/2020 At the LibrePlanet 2020 conference, which was held online this year due to the coronavirus pandemic, a virtual awards ceremony was held to announce the winners of the annual Free Software Awards 2019. It was established by the Free Software Foundation (FSF) and awarded to people who made the most significant contribution in the development of free software, as well as socially significant free projects. Commemorative records and letters handed out at the ceremony were mailed to the winners (FSF prize does not imply a monetary reward). Prize for the promotion and development of free software was Jim Meiring, for GNU Coreutils, which includes utilities such as sort, cat, chmod, chown, chroot, cp, date, dd, echo, hostname, id, ln, ls, etc. Jim is also one of the main developers of autotools and the creator of Gnulib , who has done a great job of unifying the type code typical for GNU projects. https://www.fsf.org/news/lets-encrypt-jim-meyering-and-clarissa-lima-borges-receive-fsfs-2019-free-software-awards
Geary 3.36 Email Client Released: 03/15/2020 The Geary 3.36 email client, aimed at the GNOME environment is out. Initially, the project was founded by the Yorba Foundation, which created the popular Shotwell photo manager, but later development went into the hands of the GNOME community. The code is written in Vala and is distributed under the LGPL license. The goal of the project development is to create a product rich in capabilities, but at the same time extremely easy to use and consuming minimal resources. The mail client is designed both for stand-alone use and for working in conjunction with web-based email services such as Gmail and Yahoo! Mail. A SQLite database is used to store the message database; a full-text index is created to search the message database. To work with IMAP, a new library based on GObject was used, for working in asynchronous mode. https://www.mail-archive.com/gnome-announce-list@gnome.org/msg11638.html
Linux kernel 5.7 will accelerate complex list matching in NetFilter 03/16/2020 The developers of the filtering and modification subsystem for Netfilter have published a set of patches that significantly speed up the processing of large nftablest, which require checking the combination of subnets, network ports, protocol and MAC addresses. Patches have already been accepted to the nf-next branch, which will be proposed for inclusion in the Linux 5.7 kernel. The most noticeable acceleration was achieved through the use of AVX2 instructions, so far. Optimizations were introduced into the nft_set_pipapo module (PIle PAcket POlicies),for things like IP and network port ranges (nft_set_rbtree and nft_set_hash manipulate interval mapping and direct reflection of values). Vectorized with 256-bit AVX2 instructions, the version of pipapo on a system with an AMD Epyc 7402 processor, showed a performance increase of 420% when parsing 30 thousand records that included port-protocol bundles. The growth in comparing the bundles from the subnet and the port number when parsing 1000 entries was 87% for IPv4 and 128% for IPv6. https://marc.info/?l=netfilter-devel&m=158359998327736&w=2
The Redox OS project introduces the pkgar package manager written in Rust 03/16/2020 As part of this project, a new package format is being developed, a library with package management functions and a command line tool for creating and extracting a cryptographically verified collection of files. The pkgar code is written in Rust and is distributed under the MIT license. The pkgar format does not claim to be universal and is optimized specifically for the Redox operating system. The package manager supports verification of the source by digital signature and integrity control. https://github.com/redox-os/pkgar
14
Postfix 3.5.0 mail server release 03/16/2020 After a year of development, a new stable Postfix mail server branch, 3.5.0, was released . At the same time, they announced the termination of support for the Postfix 3.1 branch , released in early 2016. Postfix is one of the rare projects combining high security, reliability and performance at the same time, which is achieved thanks to a well-thought-out architecture and a rather strict policy for code design and audit of patches. The project code is distributed under the EPL 2.0 (Eclipse Public license) and IPL 1.0 (IBM Public License) licenses https://www.mail-archive.com/postfix-announce@postfix.org/msg00063.html
Second alpha release of the Debian 11 Bullseye installer 03/16/2020 The second alpha release of the installer for Debian's next major release, “Bullseye,” is available for testing. The final release is expected in mid-2021. We don’t usually cover alpha releases, but there seems to be a lot of interest. https://lists.debian.org/debian-devel-announce/2020/03/msg00005.html
NsCDE, CDE-style retro environment with state-of-the-art technology: 03/17/2020 The NsCDE (Not so Common Desktop Environment) project, a retro-style CDE interface adapted for use on modern Unix-like systems and Linux is available for download. The environment is based on the FVWM window manager with themes, applications, patches and add-ons to recreate the original CDE desktop. The project code is distributed under the GPLv3 license. Add-ins are written in Python and Shell. The aim of the project is to provide a comfortable and convenient environment for lovers of retro-styling, supporting modern technology without loss of functionality. To give CDE-style user applications that are being launched, the proper skins, generators for Xt, Xaw, Motif, GTK2, GTK3, Qt4, and Qt5 are available, allowing you to style most applications using X11 with a retro interface. NsCDE allows you to combine CDE design and modern technologies, such as font rasterization using XFT, Unicode, dynamic and functional menus, virtual desktops, applets, desktop wallpapers, themes / icons, etc. https://github.com/NsCDE/NsCDE
Fedora plans to upgrade RPM from BerkeleyDB to SQLite: 03/17/2020 Fedora Linux developers intend to migrate the RPM package database (rpmdb) from BerkeleyDB to SQLite. The main reason for the rip-and-replace is the use of an unmaintained version of Berkeley DB 5.x in rpmdb, which has not been updated for several years. The reason it has not been upgraded to a newer release is because of a license change in v6.x (RPM is supplied under GPLv2, and AGPL is incompatible with GPLv2). On Fedora 34, BerkeleyDB support will be read-only. https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/YYOEZO2FO2E2T6KO25434EBDTIOWK5OM/
15
OpenSilver Project develops Open Silverlight: 03/17/2020 The OpenSilver project is aimed at creating an open implementation of the Silverlight platform. As is the case with Adobe Flash, Silverlight development was halted in favor of the use of standard Web-based technologies. At one time, the open implementation of Silverlight - Moonlight was developed on Mono, but its development was stopped due to the lack of demand for technology by users. (Indeed, why ask why again?) The OpenSilver project made another attempt to revive Silverlight technology, which allows you to create interactive web-applications using C #, XAML and .NET. One of the main objectives of the project is to extend the life of existing Silverlight-applications in the event of termination of platform support and termination of browser support for plug-ins. However, proponents of .NET technology and C # can also use OpenSilver to create new programs. https://opensilver.net/announcements/introducing-opensilver.aspx
Fedora 32 Beta: 03/17/2020 Testing of the beta version of the Fedora 32 distribution has begun. The beta release signalled the transition to the final stage of testing, in which only critical errors are allowed. The release is scheduled for late April. The release covers Fedora Workstation, Fedora Server, Fedora Silverblue, and Live cd’s. Desktop spins for environmentslike KDE Plasma 5, Xfce, MATE, Cinnamon, LXDE and LXQt. Builds are available for x86_64, ARM (Raspberry Pi 2 and 3), ARM64 (AArch64) and Power. https://fedoramagazine.org/announcing-the-release-of-fedora-32-beta/
Java SE 14 released: 03/18/2020 After six months of development, Oracle released Java SE 14 (Java Platform, Standard Edition 14), which uses the OpenJDK open source project as its reference implementation. Java SE 14 maintains backward compatibility with previous releases of the Java platform; all previously written Java projects will work without changes when launched under the new version. Ready-to-install Java SE 14 builds (JDK, JRE, and Server JRE) are available for Linux (x86_64), Windows, and macOS. The Java 14 reference implementation developed as part of the OpenJDK project is fully open under the GPLv2 license with GNU ClassPath exceptions that allow dynamic linking to commercial products. http://mail.openjdk.java.net/pipermail/announce/2020-March/000282.htm