GNUnet P2P Platform Release 0.16.0: 26.02.2022 The release of the GNUnet 0.16 framework, designed for building secure decentralized P2P networks, has been introduced. Networks created using GNUnet do not have a single point of failure and are able to guarantee the inviolability of users' private information, including eliminating possible abuse by intelligence agencies and administrators who have access to network nodes. GNUnet supports the creation of P2P networks over TCP, UDP, HTTP/HTTPS, Bluetooth and WLAN, and can work in F2F (Friend-to-friend) mode. NAT traversal is supported, including using UPnP and ICMP. A distributed hash table (DHT) can be used to address data placement. Tools are provided for deploying mesh networks. To selectively grant and revoke access rights, the reclaimID decentralized identity attribute exchange service uses GNS (GNU Name System) and attribute-based encryption ( Attribute-Based Encryption ). The system features low resource consumption and uses a multi-process architecture to provide isolation between components. Flexible tools are provided for logging and collecting statistics. To develop end applications, GNUnet provides an API for the C language and bindings for other programming languages. To simplify development, they propose using event loops and processes instead of threads. It includes a test library for automatically deploying experimental networks covering tens of thousands of peers. https://www.gnunet.org/en/news/2022-02-0.16.0.html

Release of SQLite 3.38 and sqlite-utils 3.24: 27.02.2022 SQLite 3.38, a lightweight DBMS designed as a plug-in library, has been published. The SQLite code is distributed in the public domain, i.e. can be used without restrictions and free of charge for any purpose. Financial support for SQLite developers is provided by a specially created consortium, which includes companies such as Adobe, Oracle, Mozilla, Bentley and Bloomberg. http://sqlite.org/

Release of MPlayer 1.5 media player: 28.02.2022 Three years after the last release, the MPlayer 1.5 multimedia player is out. It provides compatibility with the latest version of the FFmpeg 5.0 multimedia package. The project code is distributed under the GPLv2+ license. Changes in the new version come down to integrating the improvements added over the past three years to FFmpeg (the codebase is in sync with the FFmpeg master branch). A copy of the new FFmpeg is included in the base distribution of MPlayer, eliminating the need to install dependencies when building. http://mplayerhq.hu/design7/news.html

Coreboot 4.16 released: 28.02.2022 CoreBoot 4.16 project has been published, a free alternative to proprietary firmware and BIOS. The project code is distributed under the GPLv2 license. 170 developers took part in the creation of the new version, who prepared 1770 changes. https://blogs.coreboot.org/blog/2022/02/26/announcing-coreboot-4-16/

Canonical and Vodafone develop cloud smartphone technology using Anbox Cloud: 28.02.2022 Canonical has unveiled a project to create a cloud-based smartphone, developed jointly with the mobile operator Vodafone. The project is based on the use of the Anbox Cloud cloud service, which allows you to run applications and play games created for the Android platform without being tied to a specific system. Applications run in isolated containers on external servers using the open Anbox environment. The result of the execution is streamed to the client's system. Events from input devices, as well as information from the camera, GPS, and various sensors are transmitted to the server with minimal delays. In this case, a cloud smartphone does not mean a specific device, but any user devices on which you can recreate a mobile environment at any time. Because the Android platform runs on an external server that also does all the computing, the user's device needs only basic support for video decoding. For example, smart TVs, computers, wearable devices and portable equipment that can play videos, but whose performance and resources are not enough to perform a full-fledged Android environment, can be turned into a cloud smartphone. The first working prototype of the developed concept is planned to be demonstrated at the MWC 2022 exhibition, which will be held from February 28 to March 3 in Barcelona. It is noted that with the help of the proposed technology, enterprises will be able to reduce their costs of corporate mobile applications by reducing the cost of maintaining infrastructure and increasing flexibility through the organization of launching applications as needed (on-demand), as well as increasing privacy due to the fact that data after working with corporate programs does not remain on the employee's device. Telecom operators can create virtualized services based on the platform for customers of their 4G, LTE and 5G networks. The project can also be used to create game services that make available games that have high demands on the graphics subsystem and memory. https://ubuntu.com/blog/vodafone-cloud-smartphone-based-on-anbox-cloud

AlmaLinux distribution option available for PowerPC architecture: 28.02.2022 The AlmaLinux 8.5 distribution, previously released for x86_64 and ARM/ AArch64 systems, supports the PowerPC (ppc64l) architecture. Three versions of iso images are available for download: bootable (770 MB), minimal (1.8 GB) and full (9 GB). The distribution is fully binary compatible with Red Hat Enterprise Linux 8.5 and can be used as a transparent replacement for CentOS 8. The changes come down to rebranding, removing RHEL-specific packages such as redhat-*, insights-client and subscription-manager-migration*, creating a repository “devel” with additional packages and build dependencies. AlmaLinux distribution was founded by CloudLinux in response to the premature phasing out of support for CentOS 8 by Red Hat (it was decided to stop releasing updates for CentOS 8 at the end of 2021, and not in 2029, as users expected). The project is overseen by a separate non-profit organization, the AlmaLinux OS Foundation, which was created to develop in a neutral, community-driven environment using a governance model similar to the Fedora Project. The distribution kit is free for all categories of users. All developments of AlmaLinux are published under free licenses. In addition to AlmaLinux, VzLinux (prepared by Virtuozzo), Rocky Linux (developed by the community under the guidance of the founder of CentOS with the support of a specially created company Ctrl IQ), Oracle Linux and SUSE Liberty Linux are also positioned as alternatives to the classic CentOS 8 . In addition, Red Hat has made RHEL available free of charge to open source organizations and individual developer environments with up to 16 virtual or physical systems. https://repo.almalinux.org/almalinux/8.5/isos/ppc64le/

Armbian release 22.02: 01.03.2022 Armbian 22.02 was released, providing a compact system environment for various ARM-based single board computers, including various models of Raspberry Pi, Odroid, Orange Pi, Banana Pi, Helios64, pine64, Nanopi and Cubieboard based on Allwinner, Amlogic, Actionsemi processors , Freescale / NXP, Marvell Armada, Rockchip and Samsung Exynos. The Debian and Ubuntu package bases are used to form the builds, but the environment is completely rebuilt using its own build system with the inclusion of optimizations to reduce the size, increase performance and apply additional protection mechanisms. For example, the /var/log partition is mounted using zram and stored in RAM in compressed form, flushed to the drive once a day or at shutdown. The /tmp partition is mounted using tmpfs. The project supports more than 30 Linux kernel builds for various ARM and ARM64 platforms. https://www.armbian.com/newsflash/armbian-22-02-pig-release-announcement/

Release of Hyperbola 0.4: 03/01/2022 Two and a half years since the last release, the Hyperbola GNU/Linux-libre 0.4 project has been released, which is included in the Free Software Foundation 's list of completely free distributions. Hyperbola is based on stabilized slices of the Arch Linux package base, with some patches ported from Debian to improve stability and security. Hyperbola builds are generated for the i686 and x86_64 architectures (1.1 GB). The project is developed in accordance with the principle of KISS (Keep It Simple Stupid) and is aimed at providing users with a simple, lightweight, stable and secure environment. Unlike the Arch Linux rolling update model, Hyperbola uses a classic release model with a long update release cycle for already released versions. Sysvinit is used as an initialization system with porting of some of the Devuan and Parabola projects parts (Hyperbola developers are opponents of systemd). The distribution includes only free applications and comes with a Linux-Libre kernel stripped of non-free binary firmware elements. The project repository contains 5257 packages. To block the installation of non-free packages, blacklisting and blocking at dependency conflict level is used. Installing packages from the AUR is not supported. The release of Hyperbola 0.4 is positioned as a transition on the path to the previously announced migration to OpenBSD technologies. In the future, the focus will be on the HyperbolaBSD project, which provides for the creation of a distribution supplied under a copyleft license, but based on an alternative kernel and system environment forked from OpenBSD. Under the GPLv3 and LGPLv3 licenses, the HyperbolaBSD project will develop its own components aimed at replacing non-free or GPL-incompatible parts of the system. https://www.hyperbola.info/

Linux From Scratch 11.1 and Beyond Linux From Scratch 11.1 published: 02.03.2022 New editions of the Linux From Scratch 11.1 (LFS) and Beyond Linux From Scratch 11.1 (BLFS) manuals, as well as the LFS and BLFS editions with the systemd system manager, have been introduced. Linux From Scratch provides instructions for building a basic Linux system from scratch using only the source code for the required software. Beyond Linux From Scratch supplements the LFS instructions with information on building and configuring about 1000 software packages, covering applications ranging from databases and server systems to graphical shells and media players. Linux From Scratch 11.1 switched to glibc 2.35, Linux kernel 5.16.9, binutils 2.38, Automake 1.16.5, Bash 5.1.16, Coreutils 9.0, Openssl 3.0.1, Python 3.10.2, SysVinit 3.01, Systemd 250, Util -Linux 2.37.4. Errors in boot scripts have been fixed, editorial work has been done in explanatory materials throughout the book. About 800 programs have been updated in Beyond Linux From Scratch 11.1, including GNOME 41, KDE Plasma 5.24, KDE Gears 21.12, LibreOffice 7.3, Fmpeg 4.4.1, GIMP 2.10.30, Inkscape 1.1.2, Thunderbird 91.6.1, Firefox 91.6. 0, SeaMonkey 2.53.10, IceWM 2.9.5, Mesa 21.3.6, GTK 4.6.1, MariaDB 10.6.7, PostgreSQL 14.2, Postfix 3.7.0, BIND 9.18 etc. https://www.linuxfromscratch.org/lfs/view/11.1/ https://www.linuxfromscratch.org/blfs/view/11.1

SeaMonkey 2.53.11 Suite Released: 03/02/2022 The SeaMonkey 2.53.11 set of Internet applications has been released, which combines a web browser, an email client, a news feed aggregation system (RSS / Atom) and a WYSIWYG html page editor Composer within one product. The Chatzilla IRC client, the DOM Inspector web development toolkit, and the Lightning calendar scheduler are offered as preinstalled add-ons. The new release brings fixes and changes from the current Firefox codebase (SeaMonkey 2.53 is based on the Firefox 60.8 browser engine, porting security-related fixes and some improvements from current Firefox branches). https://www.seamonkey-project.org/

First beta release of Arti, a Rust implementation of Tor: 03/02/2022 The developers of the Tor anonymous network have released the first beta release (0.1.0) of the Arti project, a Tor client written in Rust. The project has the status of experimental development, lags behind the functionality of the main Tor client in C language and is not yet ready to fully replace it. A 1.0 release is planned for September with API, CLI and settings stabilization, which will be suitable for initial use by regular users. In the more distant future, when the Rust code reaches a level capable of completely replacing the C version, the developers intend to make Arti the main implementation of Tor and stop maintaining the C implementation. The reasons for rewriting Tor in Rust are the desire to achieve a higher level of code security through the use of a memory-safe language. According to the Tor developers, at least half of all vulnerabilities tracked by the project will be eliminated in the Rust implementation if the code does not use “unsafe” blocks. Rust will also allow you to achieve faster development speed than using C, due to the expressiveness of the language and strong guarantees that allow you not to waste time on double checks and writing unnecessary code. Of the changes in release 0.1.0, there is a basic stabilization of high-level APIs and bringing the library to readiness for experimental integration with other projects. Of the changes, the addition of an API for creating TorClient instances is mentioned, including the ability to build and initialize (bootstrap) in the background on first use. Also, a new high-level API for error handling has been added. Prior to the publication of release 1.0.0, the developers intend to provide Arti with full support for working as a Tor client providing access to the Internet (implementation of support for onion services has been postponed for the future). Including it is planned to achieve parity with the main implementation in the C language in areas such as network performance, CPU load and reliability, as well as to ensure support for all security-related features. https://blog.torproject.org/arti_010_released/

Release of Lakka 3.7: The release of Lakka 3.7 has been published, which allows you to turn computers, set-top boxes or single-board computers into a full-fledged game console for running retro games. The project is a modification of the LibreELEC distribution, originally designed to create home theaters. Lakka builds are generated for i386, x86_64 (Intel, NVIDIA or AMD GPUs), Raspberry Pi 1-4, Orange Pi, Cubieboard, Cubieboard2, Cubietruck, Banana Pi, Hummingboard, Cubox-i, Odroid C1/C1+/XU3/XU4 and etc. To install, just write the distribution to an SD card or USB drive, connect a gamepad and boot the system. Lakka is based on the RetroArch game console emulator, which emulates a wide range of devices and supports advanced features such as multiplayer games, state saving, image quality enhancement of older games with shaders, game rewind, hot plugging of gamepads, and video streaming. Emulated consoles include: Atari 2600/7800/Jaguar/Lynx, Game Boy, Mega Drive, NES, Nintendo 64/DS, PCEngine, PSP, Sega 32X/CD, SuperNES, etc. Gamepads from existing game consoles are supported, including Playstation 3, Dualshock 3, 8bitdo, Nintendo Switch, XBox 1 and XBox360. https://www.lakka.tv/articles/2022/03/01/lakka-3.7/

Oracle Unveils Solaris 11.4 CBE, Free Use Edition: 04.03.2022 Oracle has unveiled Solaris 11.4 CBE (Common Build Environment), a new free variant of the Solaris 11.4 operating system aimed at open source and personal use by developers. Unlike the previously offered major builds of Solaris 11.4, the license allows free use for testing, development and use in personal projects, the new edition is distinguished by the use of a continuous model for publishing new versions and is close to the Solaris 11.4 SRU (Support Repository Update) edition. The use of CBE will make it easier for those who wish to use Solaris, to use, free of charge to get up-to-date software and updates. In fact, CBE builds can be considered beta builds and are similar to Solaris 11.4 SRU pre-test builds, including newer software versions and cumulative bug fixes available at the time of the release (the CBE build does not include all the fixes offered in a similar SRU build release, because it is being built earlier, but unreleased fixes are cumulative and offered in the next release). To use CBE, they suggest to install a regular build of Oracle Solaris 11.4.0 , connect the pkg.oracle.com/solaris/release repository to IPS and update it to the CBE version by running the “pkg update” command. Separate iso images are not yet available, but they are promised to be published on the main Solaris download page. Like SRU releases, new CBE builds are expected to be published monthly. The Solaris public components code is available in a GitHub repository, and individual packages can be downloaded from pkg.oracle.com. https://blogs.oracle.com/solaris/post/announcing-the-first-oracle-solaris-114-cbe

First release of sdl12-compat, the SDL 1.2 compatibility layer running through SDL 2: 04.03.2022 The first release of the sdl12-compat compatibility layer has been published , providing an API compatible with SDL 1.2 binary and source but running on top of SDL 2. The project can act as a complete replacement for SDL 1.2 and is suitable for running legacy programs written for SDL 1.2 using modern features of the current SDL 2 branch. Including, sdl12-compat allows you to run applications with a non-native screen resolution without changing the actual screen resolution in the system and using OpenGL for rendering. https://github.com/libsdl-org/sdl12-compat/releases

Chrome OS 99 released: 03/05/2022 Chrome OS 99 is available, based on the Linux kernel, the upstart system manager, the ebuild / portage build toolkit, open components and the Chrome 99 web browser. The user environment of Chrome OS is limited to a web browser, and instead of standard programs, web applications are involved, however, Chrome OS includes a full multi-window interface, desktop and taskbar. The Chrome OS 99 build is available for most current Chromebook models. The source is distributed under the Apache 2.0 free license. In addition, testing of Chrome OS Flex continues, editions of Chrome OS for use on regular computers. Enthusiasts also made unofficial builds for regular computers with x86, x86_64 and ARM processors. https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-chrome-os.html

Budgie 10.6 desktop: 07.03.2022 Budgie 10.6 desktop is out, which was the first release since the decision to develop the project independently of the Solus distribution. The project is now curated by the independent organization Buddies Of Budgie. Budgie 10.6 continues to be based on GNOME technologies and its own implementation of the GNOME Shell, but the Budgie 11 branch is scheduled to migrate to the Enlightenment Foundation Library ( EFL ) set of libraries developed by the Enlightenment project. The project code is distributed under the GPLv2 license. You can use distributions like Ubuntu Budgie , Solus , GeckoLinux and EndeavourOS to get familiar with Budgie. Budgie uses the Budgie Window Manager (BWM) to manage windows, which is an extension of the core Mutter plugin. Budgie is based on a panel that is similar to the classic desktop panels. All panel elements are applets, which allows you to flexibly customize the composition, change the layout and replace the implementations of the main panel elements to your liking. Available applets include the classic application menu, task switcher, open windows list area, virtual desktop view, power management indicator, volume control applet, system status indicator, and clock. https://github.com/solus-project/budgie-desktop

First release of LWQt, a Wayland-based variant of the LXQt wrapper: 07.03.2022 Introducing the first release of LWQt, a variant of the LXQt 1.0 custom shell, converted to use the Wayland protocol instead of X11. Like LXQt, the LWQt project is presented as a lightweight, modular, and fast user environment that adheres to the methods of classic desktop organization. The project code is written in C++ using the Qt framework and distributed under the LGPL 2.1 license. https://www.reddit.com/r/linux/comments/t8aslk/lwqt_10013_released/

Fedora Linux 37 intends to stop building optional packages for the i686 architecture: 03/08/2022 Planned for implementation in Fedora Linux 37, is a mandate recommending that maintainers stop compiling packages for the i686 architecture if the need for such packages is questionable or would result in a noticeable waste of time or resources. The recommendation does not apply to packages used as dependencies in other packages or used in the “multilib” context to make 32-bit programs run in 64-bit environments. The change has not yet been reviewed by the FESCo (Fedora Engineering Steering Committee), which is responsible for the technical part of the development of the Fedora distribution. Recall that the formation of the main repositories and kernel packages for the i686 architecture in Fedora was discontinued back in 2019, leaving only multilib repositories for x86_64 environments, which are actively used in Wine and Steam to run 32-bit builds of Windows games. https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/FPWU6UGCYO5YHLLWCFKWWYYGJZYKUR2A/

xine 1.2.12 released: 10.03.2022 The release of xine-lib 1.2.12, a multi-platform library for playing video and audio files, as well as a set of related plugins, is out. The library can be used in a number of video players, including xine-ui, gxine and kaffeine. Xine supports multi-threaded operation, supports a large number of popular and little-known formats and codecs, and can process both local content and multimedia streams transmitted over the network. The modular architecture makes it easy to add functionality through plugins. There are 5 main classes of plugins: input plugins for receiving data (FS, DVD, CD, HTTP, etc.), output plugins (XVideo, OpenGL, SDL, Framebuffer, ASCII, OSS, ALSA, etc.), plugins for unpacking media containers (demuxers), plug-ins for decoding video and audio data, plug-ins for applying effects (echo cancellation, equalizer, etc.). https://sourceforge.net/projects/xine/files/xine-lib/1.2.12/README.txt/view

LibreELEC 10.0.2 released: 10.03.2022 LibreELEC 10.0.2 project, a fork of the OpenELEC home theater distribution , has been released. The user interface is based on the Kodi media center. Images have been prepared for download to work from a USB drive or SD card (32- and 64-bit x86, Raspberry Pi 4, various devices based on Rockchip and Amlogic chips). With LibreELEC, you can turn any computer into a media center that is as easy to use as a DVD player or set-top box. The main principle of the distribution is “everything just works”, to get a completely ready-to-use environment, you just need to download LibreELEC from a flash drive. The user does not need to take care of keeping the system up to date - the distribution kit uses a system for automatically downloading and installing updates, activated when connected to the internet. It is possible to expand the functionality of the distribution through a system of add-ons that are installed from a separate repository maintained by the project developers. The distribution does not use the package base of other distributions and is based on its own code. In addition to the regular features of Kodi, the distribution provides a number of additional features aimed at making your work as easy as possible. For example, a special configuration add-on is being developed that allows you to configure network connection settings, manage LCD screen settings, and enable or disable automatic installation of updates. It also provides features such as the use of a remote control (it is possible to control both via infrared and via Bluetooth), file sharing (built-in Samba server), built-in Transmission BitTorrent client, automatic search and connection of local and external drives. https://libreelec.tv/2022/03/09/libreelec-matrix-10-0-2/

Zorin OS 16.1 released: 11.03.2022 Zorin OS 16.1 is out, based on the Ubuntu 20.04. The target audience of the distribution is novice users who are accustomed to working in Windows. To control the appearance, the distribution offers a special configurator that allows you to give the desktop a look characteristic of various versions of Windows and macOS, and a selection of programs is included that are close to the programs that Windows users are used to. The Zorin Connect app (powered by KDE Connect) is included for desktop integration with a smartphone. In addition to the Ubuntu repositories, support for installing software from the Flathub and Snap Store is enabled by default. Boot iso image size is 2.8 GB (four builds are available - regular based on GNOME, “Lite” with Xfce, and their educational variants). The new version has updated versions of packages and user applications, including the release of LibreOffice 7.3. The transition to the Linux 5.13 kernel has been made with support for new hardware. Updated graphics stack (Mesa 21.2.6) and drivers for Intel, AMD and NVIDIA chips. Added support for 12 generation Intel Core processors, Sony PlayStation 5 DualSense game controller and Apple Magic Mouse 2. Improved support for wireless devices and printers. https://blog.zorin.com/2022/03/10/zorin-os-16-1-released-support-for-ukraine/

Elementary OS project drama: 12.03.2022 The further fate of the elementary OS distribution is in question due to the conflict between the founders of the project, who cannot divide the company that oversees the development and accumulates the incoming funds. The company was co-created by two founders, Cassidy Blaede and Daniela Foré, formerly Daniel Foré, who worked full-time on the project, receiving funds from donations to upload builds and provide technical support. Due to the decline in financial performance against the backdrop of the coronavirus pandemic, cash receipts decreased and the company was forced to cut employee salaries by 5%. In February, it was planned to hold a meeting to further cut the budget. First, they proposed to cut the salaries of the owners. Before the meeting, Cassidy Blade announced that he had accepted a job offer from another company. At the same time, he wished to keep his shares, remain among the owners of the company and continue to participate in decision-making. Daniela Fore did not agree with this position, since, in her opinion, those who directly develop it should manage the project. The co-owners discussed the possibility of dividing the company's assets, so that the company would remain entirely in the hands of Daniela, and Cassidy would receive half of the funds remaining in the account (26 thousand dollars) for his share. After starting to prepare documents for processing a deal to transfer a stake in the company, Daniela received a letter from a lawyer representing Cassidy, who proposed new conditions - a transfer of $30,000 now, $70,000 over 10 years and ownership of 5% of the shares. After pointing out that the agreements were completely different at the beginning, the lawyer explained that these were preliminary discussions and Cassidy did not give final consent to those conditions. The increase in the amount was explained by the desire to receive compensation in the event of a sale of the company in the future. Daniela refused to accept the new conditions and considered the actions taken as a betrayal by Cassidy. Daniela considers the initial agreements fair and is ready to take 26 thousand herself and leave, but she does not intend to take on obligations that may subsequently lead her into debt. Cassidy replied that he did not agree with the first terms, so he brought in a lawyer. Daniela pointed out that if it is not possible to agree on the transfer of management of the company to her hands, she is ready to leave the project and join another community. The fate of the project is now in question, since the situation cannot be resolved for about a month, and the money remaining in the company is spent, mainly on salary payments, and, probably, soon the co-owners will have nothing to share. https://lunduke.substack.com/p/elementary-os-is-imploding

Release of Blender 3.1: 12.03.2022 The Blender Foundation has published a release of the free 3D modeling package Blender 3.1, suitable for a variety of tasks related to 3D modeling, 3D graphics, game development, simulation, rendering, compositing, motion tracking, sculpting, animation creation and video editing. The code is distributed under the GPL license. Ready builds are generated for Linux, Windows and macOS. https://www.youtube.com/watch?v=BCi0QRM1ADY

TUF 1.0 is available, a framework for secure delivery of updates: 14.03.2022 The TUF 1.0 (The Update Framework) framework is out, providing a means to securely check for and download updates. The main goal of the project is to protect the client from typical attacks on repositories and infrastructure, including counteracting the promotion of bogus updates by attackers created after gaining access to keys to generate digital signatures or compromise the repository. The project is developed under the auspices of the Linux Foundation and is used to improve the security of update delivery in projects such as Docker, Fuchsia, Automotive Grade Linux, Bottlerocket and PyPI (inclusion of verification of downloads and metadata in PyPI is expectedsoon). The TUF reference implementation code is written in Python and distributed under the Apache 2.0 license. The project develops a series of libraries, file formats and utilities that can be easily integrated into existing application update systems, providing protection in case of compromise of keys on the side of software developers. To use TUF, it is enough to add the necessary metadata to the repository, and integrate the procedures provided in TUF for loading and verifying files into the client code. The TUF framework takes on the task of checking for an update, downloading the update, and verifying its integrity. The update installation system does not directly intersect with additional metadata, the verification and loading of which is handled by TUF. For integration with applications and update installation systems, a low-level API for accessing metadata and the implementation of a high-level client API ngclient, ready for integration with applications, are offered. https://github.com/theupdateframework/python-tuf/blob/v1.0.0/docs/1.0.0-ANNOUNCEMENT.md

First release of Offpunk console browser: 14.03.2022 The first stable release of the Offpunk console browser is available for download. In addition to opening Web pages, it works using the Gemini, Gopher and Spartan protocols, as well as reading news feeds in RSS and Atom formats. The program is written in Python and distributed under the BSD license. A key feature of Offpunk is the focus on viewing content offline. The browser allows you to subscribe to pages or mark them for later viewing, after which the page data is automatically cached and updated if necessary. Thus, with the help of Offpunk, you can maintain copies of sites and pages that are always available for local viewing and are kept up to date by performing periodic data synchronization. Synchronization options are configured by the user, for example, some content can be synchronized once a day, and some once a month. Management is carried out through a system of commands and keyboard shortcuts. There is a flexible system for maintaining multi-level bookmarks, subscriptions and archived content. For different MIME types, you can connect your own handlers. Parsing and displaying HTML pages is done using the BeautifulSoup4 and Readability libraries. Images can be converted to ASCII graphics using the chafa library . https://tildegit.org/ploum/AV-98-offline

Debian 12 package base freeze date determined: 15.03.2022 The Debian developers have published a plan to freeze the package base of the Debian 12 “Bookworm” release. Debian 12 is expected to be released in mid-2023. On January 12, 2023, the first stage of freezing the package database will begin, where the execution of “transitions” (updating packages that require adjustment of dependencies for other packages, which leads to the temporary removal of packages from Testing) will be stopped, as well as updating the build-essential packages will be stopped. On February 12, 2023, a soft freeze of the package base will take place, during which the acceptance of new source packages will be stopped and the possibility of re-enabling previously deleted packages will be closed. On March 12, 2023, a hard freeze will be applied before the release, during which the process of transferring key packages and packages without autopkgtests from unstable to testing will be completely stopped and the stage of intensive testing and fixing problems blocking the release will begin. The hard freeze stage is introduced for the first time and is considered as a necessary intermediate step before a full freeze, covering all packages. The time of complete freezing has not yet been precisely determined. https://lists.debian.org/debian-devel-announce/2022/03/msg00006.html

Red Hat tried to take away the WeMakeFedora.org domain under the guise of trademark infringement: 15.03.2022 Red Hat is suing Daniel Pocock for infringing the Fedora trademark on the WeMakeFedora.org domain name , which was critical of Fedora and Red Hat contributors . Representatives of Red Hat demanded that the rights to the domain be transferred to the company, as it violates the registered trademark, but the court sided with the defendant and ruled that the current owner retained the rights to the domain. The court held that, according to the information published on the WeMakeFedora.org website, the author's activity falls within the category of fair use of the trademark, since the name Fedora is used by the defendant to identify the subject matter of the site that publishes criticism of Red Hat. The site itself is non-commercial and its author is not trying to pass it off as the result of Red Hat activities or mislead users. Daniel Pocock was previously a Fedora and Debian maintainer and maintainer of a number of packages , but as a result of the conflict he got into a confrontation with the community, began to troll some participants and publish criticism , mainly against the imposition of a code of conduct, interference with the community and promotion of various initiatives conducted by activists of the movement for social justice. For example, Daniel tried to draw attention to the activities of Molly de Blanc, who, in his opinion, under the guise of promoting a code of conduct, was engaged in harassment of those who disagreed with her point of view and tried to manipulate the behavior of community members (Molly is the author of an open letter against Stallman) . For his caustic remarks, Daniel Pocock was banned from discussion platforms or excluded from the number of participants in projects such as Debian, Fedora, FSF Europe, Alpine Linux and FOSDEM, but continued to attack on his sites. Red Hat attempted to take over one of his sites under the guise of trademark infringement, but the court sided with Daniel. https://www.adrforum.com/DomainDecisions/1980642.htm

Debian maintainer leaves Debian, more drama: 16.03.2022 The team responsible for managing accounts in the Debian project has slashed Norbert Preining's status for inappropriate behavior on the debian-private closed mailing list (details of the conflict are yet to be disclosed). In response, Norbert made the decision to retire from Debian development and move into the Arch Linux community. Norbert has been involved in Debian development since 2005 and has maintained about 150 packages , mostly related to KDE and LaTeX. Apparently, the reason for the curtailment of rights was a conflict with Martina Ferrari , who maintains 37 packages, including the net-tools package and components of the Prometheus monitoring system. The manner of communication of Norbert, who did not restrain himself in expressions, was perceived by Martina as sexism and a violation of the code of conduct in the community. Perhaps the decision was also influenced by past disagreements with Lars Wirzenius, one of the first maintainers of Debian GNU/Linux, related to Norbert's disagreement with the policy of imposing political correctness and criticism of Sarah Sharp's actions. Norbert believes that the atmosphere in the project has become toxic, and the actions taken against him have become a reaction to expressing his opinion and calling things by their proper names, not following the general line of political correctness. Norbert also drew attention to double standards in the community - on the one hand, he is accused of bullying other project participants, and on the other hand, they unleash persecution against him, taking advantage of a privileged position in the management teams and not observing the community's own standards. https://www.preining.info/

Results of the legal proceedings related to the Neo4j project and the AGPL license: 17.03.2022 The U.S. Court of Appeals upheld an earlier district court decision in the Neo4j Inc. intellectual property infringement case against PureThink. The suit concerns infringement of the Neo4j trademark and the use of false statements in advertising when distributing a fork of the Neo4j DBMS. Initially, the Neo4j DBMS was developed as an open source project, supplied under the AGPLv3 license. Over time, the product was divided into a free Community edition and a commercial version of Neo4 EE, which continued to be supplied under the AGPL license. A few releases ago, Neo4j Inc changed the terms of delivery and made changes to the text of the AGPL for the Neo4 EE product, establishing additional “ Commons Clause ” conditions that restrict use in cloud services. The addition of the “Commons Clause” moved the product into the category of proprietary software. The text of the AGPLv3 license contains a clause that prohibits imposing additional restrictions that infringe on the rights provided by the license, and if additional restrictions are added to the license text, it allows using the software under the original license, removing the added restrictions. PureThink took advantage of this feature and, based on the Neo4 EE product code, translated to a modified AGPL license, began the development of a fork of ONgDB (Open Native Graph Database), supplied under a pure AGPLv3 license and positioned as a free and completely open version of Neo4 EE. The court sided with the developers of Neo4j and found PureThink's actions unacceptable, and the statements about the completely open nature of their product are false https://storage.courtlistener.com/recap/gov.uscourts.cand.335295/gov.uscourts.cand.335295.140.0.pdf

Release of Pale Moon Browser 30.0: 18.03.2022 Pale Moon 30.0, forked from the Firefox codebase to provide higher performance, preserve the classic interface, minimize memory consumption and provide additional customization options, is out. Pale Moon builds are generated for Windows and Linux (x86 and x86_64). The project code is distributed under the MPLv2 (Mozilla Public License). The project adheres to the classic layoout of the interface, without switching to the Australis interface integrated in Firefox 29, and with the provision of extensive customization options. Removed components include DRM, Social API, WebRTC, PDF viewer, Crash Reporter, statistics collection code, parental controls, and people with disabilities. Compared to Firefox, the browser retains support for XUL technology and retains the ability to use both full-fledged and lightweight themes. https://forum.palemoon.org/viewtopic.php?t=27956&p=224775

Vulnerability in OpenSSL and LibreSSL: 16.03.2022 Bugfix releases of the OpenSSL 3.0.2 and 1.1.1n cryptographic library are available. The update fixes a vulnerability (CVE-2022-0778) that can be used to make a denial of service (endless looping handler). To exploit the vulnerability, you need a specially designed certificate. The problem manifests itself in both server and client applications that can handle user-supplied certificates. The problem is caused by a bug in the BN_mod_sqrt() function that causes a loop when calculating the square root modulo other than a prime number. The function is used when parsing certificates with keys based on elliptic curves. Operation is reduced to substitution of incorrect parameters of the elliptic curve into the certificate. Since the problem occurs before the digital signature of the certificate is verified, an attack can be made by an unauthenticated user who is able to achieve transmission of a client or server certificate to applications using OpenSSL. The vulnerability also affects the LibreSSL library developed by the OpenBSD project, a fix - proposed in the corrective releases of LibreSSL 3.3.6, 3.4.3 and 3.5.1. Additionally, an analysis of the conditions for exploiting the vulnerability has been published (an example of a malicious certificate that causes a freeze has not yet been posted publicly). https://www.openssl.org/news/openssl-3.0-notes.html