Outils pour utilisateurs

Outils du site


issue182:actus

Ceci est une ancienne révision du document !


Table des matières

1

SIMH simulator license dispute: 05/21/2022 Mark Pizzolato, principal developer of the retrocomputer simulator SIMH, added a restriction to the license text regarding the ability to use future changes made to the sim_disk.c and scp.c files. The rest of the project files, as before, are distributed under the MIT license. The license change was a response to criticism of the AUTOSIZE feature added last year, which resulted in metadata being added to disk images of systems running in the emulator, which increased the image size by 512 bytes. Some users expressed dissatisfaction with this behavior and recommended saving metadata not in the image itself, which reflects the contents of the disk, but in a separate file. Since it was not possible to convince the author to change the default behavior, some derivative projects began to change the specified functionality through the application of additional patches. Mark Pizzolato solved the issue radically by adding a clause to the project license that prohibits the use of all new code that he will add to the sim_disk.c and scp.c files after changing the license text, in case of changing the behavior or default values related to the AUTOSIZE functionality. The sim_disk.c and scp.c code added before the license change is still available under the MIT license as before. This action was criticized by other project participants, as the change was made without taking into account the opinions of other developers and now SIMH as a whole can be perceived as a non-free project, which will interfere with its promotion and integration with other projects. Mark Pizzolato pointed out that the changes to the license only apply to the sim_disk.c and scp.c files developed by him personally. For those who are not happy with adding data to the image when it boots, he recommended mounting disk images in read-only mode or turning off the AUTOSIZE feature by adding the “SET NOAUTOSIZE” parameter to the ~/simh.ini configuration file. https://groups.io/g/simh/topic/new_license/91108560

Vulnerability in the Linux perf kernel subsystem: 21.05.2022 A vulnerability (CVE-2022-1729) has been identified in the Linux kernel that could allow a local user to gain root access to the system. The vulnerability is caused by a race condition in the perf subsystem, which can be used to initiate access to an already freed area of the kernel memory (use-after-free). The problem has been manifesting since the release of the 4.0-rc1 kernel. Exploitability has been confirmed for releases 5.4.193+. The fix is only available in the form of a patch so far. The danger of the vulnerability is mitigated by the fact that most distributions restrict access to perf to unprivileged users by default. As a security workaround, you can set the kernel.perf_event_paranoid sysctl parameter to 3. https://www.openwall.com/lists/oss-security/2022/05/20/2

HP has announced a laptop that comes with Pop!_OS: 21.05.2022 HP has announced the HP Dev One laptop , designed for application developers and shipped with the Linux distribution Pop!_OS. The laptop is based on an 8-core AMD Ryzen 7 PRO processor, equipped with a 14-inch (FHD) anti-glare screen, 16 GB of RAM and 1TB NVMe. The RRP is 1099 US dollars. The COSMIC desktop supplied in the Pop!_OS distribution is based on a modified GNOME Shell and includes a set of original add-ons for GNOME Shell, its own theme, its own set of icons, other fonts (Fira and Roboto Slab) and changed settings. Unlike GNOME, COSMIC continues to use a split view for navigating open windows and installed applications. For window manipulation, both the traditional mouse control mode, familiar to beginners, and the tiled window layout mode, which allows you to control the work using only the keyboard, are provided. https://hpdevone.com/

2

Ubuntu 22.10 will move to audio processing with PipeWire instead of PulseAudio: 21.05.2022 The Ubuntu 22.10 release development repository has moved to use the default PipeWire media server for audio processing. PulseAudio-related packages have been removed from the desktop and desktop-minimal packages, and for compatibility, instead of libraries for interacting with PulseAudio, a pipewire-pulse layer that runs on top of PipeWire has been added, which allows you to keep all existing PulseAudio clients working. Heather Ellsworth of Canonical has confirmed the decision to fully migrate to PipeWire in Ubuntu 22.10. In Ubuntu 22.04 both servers were used in the distribution - PipeWire was used to process video when recording screencasts and providing access to the screen, but the audio continued to be processed using PulseAudio. In Ubuntu 22.10, only PipeWire will remain. Two years ago, a similar change was already implemented in the Fedora 34 distribution, which made it possible to provide professional audio processing capabilities, get rid of fragmentation, and unify the audio infrastructure for different applications. PipeWire offers an advanced security model that allows you to manage access on a, per-device and per-stream basis, making it easy to stream audio and video from and to isolated containers. PipeWire can process any media streams and is able to mix and redirect not only audio streams, but also video streams, as well as manage video sources (video capture devices, web cameras, or screen content displayed by applications). PipeWire can also act as a low-latency audio server and provide functionality that combines the capabilities of PulseAudio and JACK , including the needs of professional audio processing systems that PulseAudio could not claim. https://discourse.ubuntu.com/t/pipewire-as-a-replacement-for-pulseaudio/28489/3

Lotus 1-2-3 ported to Linux: 22.05.2022 Tavis Ormandy , a security researcher at Google, ported a Lotus 1-2-3 spreadsheet, released in 1988, three years before Linux itself, to run on Linux. The port is based on the processing of executable files for UNIX, found in the archive with warez on one of the BBS. The work is interesting in that porting is done at the level of machine codes and dynamic linking without the use of emulators or virtual machines. The result is an executable file that can run on Linux without any extra layers. A toolkit for adapting publicly available Lotus 1-2-3 binaries to run on Linux is available on GitHub. During porting, adaptation to the Linux system call interface was made, calls were redirected to glibc, incompatible functions were replaced, and an alternative driver for output to the terminal was integrated. The license check bypass has also been added to his copy , but Tavis owns a boxed copy of Lotus 1-2-3 for MS-DOS and is legally entitled to use the product. The port is not Tavis' first attempt at running Lotus 1-2-3 on Linux, having previously provided a dedicated driver for DOSEMU to run a DOS version of Lotus 1-2-3 on modern terminals. The main question is why? XD https://lock.cmpxchg8b.com/linux123.html

KDE Plasma 5.25 desktop testing: 22.05.2022 The beta version of the Plasma 5.25 custom shell is available for testing. You can test the new release through a live build from the openSUSE project and a build from the KDE Neon Testing edition project . Packages for various distributions can be found on the link below. The release is expected on June 14th. https://kde.org/announcements/plasma/5/5.24.90/

3

DeepMind Opens Code for MuJoCo Physics Simulator: 23.05.2022 DeepMind has opened the source code for the MuJoCo (Multi-Joint dynamics with Contact) engine for simulating physical processes and switched the project to an open development model, which implies the possibility of participation in the development of community representatives. The project is seen as a platform for research and collaboration on new technologies related to the simulation of robots and complex mechanisms. The code is published under the Apache 2.0 license. Only Linux, Windows and macOS platforms are supported. MuJoCo is a library that implements an engine for simulating physical processes and modeling articulated structures interacting with the environment, which can be used in the development of robots, biomechanical devices and artificial intelligence systems, as well as in the creation of graphics, animation and computer games. The engine is written in C, does not use dynamic memory allocation, and is optimized for maximum performance. MuJoCo allows you to manipulate objects at a low level, while providing high precision and extensive modeling capabilities. Models are defined using the MJCF scene description language, which is based on XML and compiled using a special optimizing compiler. In addition to MJCF, the engine supports loading files in the universal URDF format (Unified Robot Description Format). MuJoCo also provides a GUI for interactive 3D visualization of the simulation process and rendering of the results using OpenGL. https://www.deepmind.com/blog/open-sourcing-mujoco

Alpine Linux 3.16: 24.05.2022 The release of Alpine Linux 3.16 is available, a minimalistic distribution built on the Musl system library and the BusyBox utility set. The distribution is distinguished by increased security requirements and is built with SSP (Stack Smashing Protection) protection. OpenRC is used as the initialization system, and its own apk package manager is used for package management. Alpine is used to build official Docker container images. Bootable iso images (x86_64, x86, armhf, aarch64, armv7, ppc64le, s390x) are prepared in five versions: standard (155 MB), unpatched kernel (168 MB), advanced (750 MB) and for virtual machines (49 MB). https://alpinelinux.org/posts/Alpine-3.16.0-released.html

nginx 1.22.0 released: 24.05.2022 After 13 months of development, a new stable branch of the high-performance HTTP server and multi-protocol proxy server nginx 1.22.0 was released, which incorporates the changes accumulated in the 1.21.x main branch. In the future, all changes in the 1.22 stable branch will be related to the elimination of serious bugs and vulnerabilities. The main branch of nginx 1.23 will soon be created, where the development of new features will continue. For ordinary users who do not have the task of ensuring compatibility with third-party modules, it is recommended they use the main branch, where the commercial Nginx Plus product are made every three months. According to Netcraft's April report, nginx is used on 20.08% of all active sites (20.15% a year ago, 19.56% two years ago), which corresponds to the second place in popularity in this category (Apache's share corresponds to 22.58% (25.38% a year ago), Cloudflare - 10.42% (8.51%), Google - 8.89% (10.09%) At the same time, when considering all sites, nginx retains its leadership and occupies 31.13% of the market (35.34% a year ago, 36.91% two years ago), while the share of Apache corresponds to 23.08% (25.98%), OpenResty (a platform based on nginx and LuaJIT) - 8.01% (6.55%), Cloudflare - 5.49%, Microsoft IIS - 4% (5.96%). http://nginx.org/#2022-05-24

4

Clonezilla Live 3.0.0 released: 24.05.2022 The new release of Clonezilla Live 3.0.0 is out, designed for fast disk cloning (only used blocks are copied). The tasks performed by the distribution are similar to the proprietary Norton Ghost product. The distribution iso image size is 356 MB (i686, amd64). The distribution is based on Debian GNU/Linux and uses the code of projects such as DRBL, Partition Image, ntfsclone, partclone, udpcast. Boot from CD/DVD, USB Flash and network (PXE) is possible. LVM2 and FS ext2, ext3, ext4, reiserfs, reiser4, xfs, jfs, btrfs, f2fs, nilfs2, FAT12, FAT16, FAT32, NTFS, HFS+, UFS, minix, VMFS3 and VMFS5 (VMWare ESX) are supported. There is a mode for mass cloning over the network, including with the transmission of traffic in multicast mode, which allows you to simultaneously clone the source disk to a large number of client machines. It is possible both to clone from one disk to another, and to create backup copies by saving a disk image to a file. Cloning at the level of entire disks or individual partitions is also possible. https://sourceforge.net/p/clonezilla/news/2022/05/stable-clonezilla-live-300-26-released/

Mir 2.8 display server released: 24.05.2022 The Mir 2.8 display server is out, the development continued by Canonical, despite the refusal to develop the Unity shell and the Ubuntu edition for smartphones. Mir remains in demand in Canonical projects and is now positioned as a solution for embedded devices and the Internet of Things (IoT). Mir can be used as a composite server for Wayland, which allows you to run any applications using Wayland (for example, built with GTK3/4, Qt5/6 or SDL2) in Mir-based environments. Installation packages are prepared for Ubuntu 20.04, 21.10 and 22.04 ( PPA ) and Fedora 33, 34, 35 and 36. The project code is distributed under the GPLv2 license. https://discourse.ubuntu.com/t/mir-release-2-8-0/28581

Roadmap for Budgie's user environment: 05/26/2022 Joshua Strobl, who recently retired from the Solus distribution and founded the independent organization Buddies Of Budgie, has released plans for further development of the Budgie desktop environment. The Budgie 10.x branch will continue to evolve towards providing generic, distro-independent components. Packages with Budgie Desktop , Budgie Control Center , Budgie Desktop View and Budgie Screensaver are offered for inclusion in the Fedora Linux repositories. In the future, they plan to prepare a separate edition (spin) of Fedora with a Budgie desktop, similar to the Ubuntu Budgie edition. The Budgie 11 branch will evolve towards separating the layer with the implementation of the main functionality of the desktop and the layer that provides visualization and information output. Such a separation will allow abstracting the code from specific graphical toolkits and libraries, as well as starting to experiment with other models for presenting information and connecting other output systems. As an example, it will be possible to start experimenting with the previously planned transition to the set of EFL (Enlightenment Foundation Library) libraries developed by the Enlightenment project. https://blog.buddiesofbudgie.org/state-of-the-budgie-may-2022/

5

Release of the anonymous network I2P 1.8.0 and the C++ client i2pd 2.42: 26.05.2022 Anonymous network I2P 1.8.0 and C++ client i2pd 2.42.0 have been released. I2P is a multi-layer anonymous distributed network operating on top of the regular Internet, actively using end-to-end encryption to guarantee anonymity and isolation. The network is built in P2P mode and is created thanks to the resources (bandwidth) provided by network users, which makes it possible to do without the use of centrally controlled servers (communications within the network are based on the use of encrypted one-way tunnels between the participant and peers). The new version of I2P offers an initial implementation of the “SSU2” UDP transport, which significantly improves performance and security. The introduction of SSU2 will completely update the cryptographic stack, get rid of the very slow ElGamal algorithm (ECIES-X25519-AEAD-Ratchet will be used for end-to-end encryption instead of ElGamal/AES+SessionTag), reduce overhead compared to SSU and improve the performance of mobile devices https://github.com/PurpleI2P/i2pd/releases/tag/2.42.0

AlmaLinux 9.0 distribution available: 05/26/2022 The AlmaLinux 9.0 distribution has been released, synchronized with the Red Hat Enterprise Linux 9 distribution and containing all the changes proposed to this branch. The AlmaLinux project became the first public distribution based on RHEL, releasing stable builds based on RHEL 9. Installation images are prepared for the x86_64, ARM64, ppc64le and s390x architectures in the form of boot (800 MB), minimum (1.5 GB) and full image ( 8 GB). Live builds with GNOME, KDE and Xfce will be created later, as well as images for Raspberry Pi boards, containers and cloud platforms. The distribution is fully binary compatible with Red Hat Enterprise Linux and can be used as a replacement for RHEL 9 and CentOS 9 Stream. Changes come down to rebranding, removal of RHEL-specific packages such as redhat-*, insights-client and subscription-manager-migration*. https://almalinux.org/blog/almalinux-9-now-available/

Ubuntu developers begin to solve problems with the slow Firefox snap: 27.05.2022 Canonical has begun addressing performance issues with the Firefox snap package that was offered by default in Ubuntu 22.04 instead of the regular deb package. The main user dissatisfaction is due to the very slow launch of Firefox. For example, on a Dell XPS 13 laptop, the first launch of Firefox after installation takes 7.6 seconds, on a Thinkpad X240 laptop it takes 15 seconds, and on a Raspberry Pi 400 board it takes 38 seconds and on my potato laptop it takes over a minute. Restarts are completed in 0.86, 1.39 and 8.11 seconds, respectively. https://ubuntu.com/blog/how-are-we-improving-firefox-snap-performance-part-1

6

A hardwired password revealed in Linuxfx: 27.05.2022 Members of the Kernel community have identified an unusually nonchalant attitude towards security in the Linuxfx distribution, which offers a build of Ubuntu with a Windows 11-styled KDE user environment. According to the project's website, the distribution has more than a million users and about 15,000 downloads this week. The distribution offers activation of additional paid features, which is done through the introduction of a license key in a special graphical application. A study of the license activation application (/usr/bin/windowsfx-register) showed that it includes a hardwired login and password for accessing an external MySQL DBMS, to which data about a new user is added. The detected credentials allow you to get full access to the database, including the “machines” table, which reflects information about all installations of the distribution, including user IP addresses. https://kernal.eu/posts/linuxfx/

Release of LXLE Focal: 05/28/2022 After more than two years since the last update, LXLE Focal is back on the menu, developed for use on legacy systems. The LXLE distribution builds on the legacy of Ubuntu MinimalCD and attempts to provide a lightweight solution that combines support for legacy hardware with a modern user environment. The need to create a separate branch, was due to the desire to include additional drivers for older systems and the processing of the user environment. The size of the bootable image is 1.8 GB. The composition of the new release is synchronized with Ubuntu 20.04.4 LTS branch (Ubuntu 18.04 was previously used). Default apps replaced: Arista replaced with HandBrake, Pinta with GIMP, Pluma with Mousepad, Seamonkey with LibreWolf, Abiword/Gnumeric with LibreOffice, Mirage with Viewnior, Linphone/Pidgin with uTox. Includes: App Grid Install Center, Blanket Sound Synthesizer, Bluetooth Configurator, Claws Mail Email Client, Liferea RSS Reader, GAdmin-Rsync Backup Utility, GAdmin-Samba File Sharing Setup, Osmo Scheduler, Interface for TLP GUI power optimization. To compress information in the swap partition, Zswap is used instead of Zram. They also added an interface for customizing pop-up notifications. https://lxle.net/articles/?post=lxle-focal-released

OpenMandriva rock n roll: 05/30/2022 A separate alternative build of the OpenMandriva distribution, supplied with the LXQt desktop environment, has begun (in the main build, KDE is offered by default). Two options are offered for download: Rock based on the stable release of OpenMandriva Lx 4.3 (1.6 GB, x86_64) and Rolling (1.7 GB, x86_64) based on an experimental continuously updated repository with fresh versions of programs used in the preparation of the next release. OpenMandriva uses its own build infrastructure, supplying the RPMv4 package manager and DNF package management tools (originally using RPMv5 and urpmi), building packages and the Linux kernel using the Clang compiler, using the Calamares installer, and using the PipeWire media server. The LXQt (Qt Lightweight Desktop Environment) environment is positioned as a lightweight, modular, fast and convenient continuation of the development of the Razor-qt and LXDE desktops, incorporating the best features of both shells. The LXQt interface continues to follow the classic desktop organization with a modern look and feel that enhances the user experience. https://forum.openmandriva.org/t/new-lxqt-isos-for-rock-rolling/4476

7

PowerDNS Recursor 4.7.0 Caching DNS Server Released: 05/30/2022 A release of the PowerDNS Recursor 4.7 caching DNS server is available , which is responsible for recursive name resolution. PowerDNS Recursor is built on the same codebase as PowerDNS Authoritative Server , but PowerDNS recursive and authoritative DNS servers are developed through different development cycles and released as separate products. The project code is distributed under the GPLv2 license. The server provides tools for remote statistics collection, supports instant restart, has a built-in engine for connecting handlers in the Lua language, fully supports DNSSEC, DNS64, RPZ (Response Policy Zones), allows you to connect blacklists. It is possible to write the resolving results as BIND zone files. To ensure high performance, modern connection multiplexing mechanisms in FreeBSD, Linux and Solaris (kqueue, epoll, /dev/poll) are used, as well as a high-performance DNS packet parser capable of processing tens of thousands of parallel requests. https://blog.powerdns.com/2022/05/30/powerdns-recursor-4-7-0-released/

Release of the NixOS 22.05 distribution using the Nix package manager: 05/31/2022 NixOS 22.05 is out, based on the Nix package manager and providing a number of proprietary developments that simplify system configuration and maintenance. For example, in NixOS, all system configuration occurs through a single system configuration file (configuration.nix), it provides the ability to quickly roll back the system to the previous version of the configuration, there is support for switching between different system states, installation of individual packages by individual users is supported, it is possible to use several versions at the same time one program, reproducible builds are provided. Full install image sizewith KDE 1.7 GB, GNOME - 2.2 GB, reduced console version - 820 MB. https://nixos.org/blog/announcements.html#22.05

Ubuntu 22.10 will replace GEdit with the new GNOME text editor: 05/31/2022 The Ubuntu 22.10 development repository has changed the default text editor. Instead of GEdit, users are offered a new text editor “ GNOME Text Editor ”, implemented using GTK 4 and the libadwaita library, which offers ready-made widgets and objects for building applications that comply with the new GNOME HIG (Human Interface Guidelines) and are capable of adaptively adapting to screens of any size. The previously offered GEdit editor will remain available for installation from the universe repository (a package in flatpak format can also be used). GNOME Text Editor is similar in functionality and interface to GEdit, the new editor also offers a set of basic text file editing features, syntax highlighting, a document mini-map, and a tabbed interface. Of the features, support for a dark theme and the ability to automatically save changes to protect against loss of work as a result of a crash stand out. In Ubuntu 22.04, the new editor can be tested by installing the gnome-text-editor package. The reason for the transition is: stricter compliance with GNOME style guidelines, transition to the new GNOME technology stack (GTK4 and libadwaita), full support for the dark theme, integration into the main composition of many popular features implemented in GEdit in the form of plugins (new editor does not support plugins). https://discourse.ubuntu.com/t/proposal-gnome-text-editor-as-default-text-editor/28286/2

8

NVIDIA proprietary driver release 515.48.07: 05/31/2022 NVIDIA has released a new branch of proprietary NVIDIA driver 515.48.07. The driver is available for Linux (ARM64, x86_64), FreeBSD (x86_64) and Solaris (x86_64). The 515.48.07 release was the first stable release since NVIDIA's disclosure of kernel-level components. The source code for the nvidia.ko, nvidia-drm.ko (Direct Rendering Manager), nvidia-modeset.ko and nvidia-uvm.ko (Unified Video Memory) kernel modules from NVIDIA 515.48.07, as well as the common components used in them, not tied to the operating system, published on GitHub. Firmware and user-space libraries such as the CUDA, OpenGL, and Vulkan stacks remain proprietary. https://forums.developer.nvidia.com/t/linux-solaris-and-freebsd-driver-515-48-07-production-branch-release/216112

ftables packet filter 1.0.3 released:\ 06/01/2022 The nftables 1.0.3 packet filter, unifying packet filtering interfaces for IPv4, IPv6, ARP and network bridges (aimed at replacing iptables, ip6table, arptables and ebtables) is available for download. Changes required for the nftables 1.0.3 release to work are included in the Linux 5.18 kernel . The nftables package includes packet filter components that run in user space, while the kernel level is provided by the nf_tables subsystem, which has been part of the Linux kernel since release 3.13. At the kernel level, only a generic protocol-independent interface is provided that provides basic functions for extracting data from packets, performing operations on data, and controlling flow. The filtering rules themselves and protocol-specific handlers are compiled into user-space bytecode, after which this bytecode is loaded into the kernel using the Netlink interface and executed in the kernel in a special virtual machine resembling BPF (Berkeley Packet Filters). This approach makes it possible to significantly reduce the size of the filtering code running at the kernel level and move all the functions of parsing the rules and the logic of working with protocols into user space. https://www.mail-archive.com/netfilter-announce@lists.netfilter.org/msg00242.html

Release of I2P 1.8.0 and the C++ client i2pd 2.42: 26.05.2022 Anonymous network I2P 1.8.0 and C++ client i2pd 2.42.0 have been released. I2P is a multi-layer anonymous distributed network operating on top of the regular Internet, actively using end-to-end encryption to guarantee anonymity and isolation. The network is built in P2P mode and is formed thanks to the resources (bandwidth) provided by network users, which makes it possible to do without the use of centrally controlled servers (communications within the network are based on the use of encrypted one-way tunnels between the participant and peers). On the I2P network, you can anonymously create websites and blogs, send instant messages and e-mail, exchange files, and organize P2P networks. To build and use anonymous networks for client-server (websites, chats) and P2P (file exchange, cryptocurrencies) applications, I2P clients are used. The basic I2P client is written in Java and can run on a wide range of platforms such as Windows, Linux, macOS, Solaris, etc. I2pd is an independent C++ implementation of the I2P client and is distributed under a modified BSD license. https://github.com/PurpleI2P/i2pd/releases/tag/2.42.0

9

Perl 7 will smoothly continue the development of Perl 5 without breaking backwards compatibility: 26.05.2022 The Perl Project Governing Body summarized the plans for the future development of the Perl 5 branch and the creation of the Perl 7 branch. During the discussions, the Governing Council agreed that it is unacceptable to break compatibility with code already written for Perl 5, except when breaking compatibility is necessary to fix vulnerabilities. The Council also concluded that the language should evolve and promote new features more intensively, while making it easier to access emerging innovations and encourage their adoption. Contrary to the original intention of allowing backward-compatibility-breaking changes to be included by default in the Perl 7 branch, the new plan is to gradually transition the Perl 5 branch to Perl 7 without breaking backward compatibility with existing code. The release of Perl 7.0 will not be conceptually different from the next branch of Perl 5.xx. When enough changes accumulate, the next release of Perl 5.x will be replaced by Perl 7.0, which will be a kind of state snapshot, but will remain fully backward compatible with Perl 5. In order to include breaking changes and tweaks, you will need to explicitly add the “use v7” pragma to the code “. That is, code with the “use v7” pragma can be interpreted as “modern Perl” in which language-breaking changes are available, and without - “conservative Perl”, which will remain fully backwards compatible with past releases. http://blogs.perl.org/users/psc/2022/05/what-happened-to-perl-7.html

Release of Steam OS 3.2: 05/27/2022 Valve has introduced an update to the Steam OS 3.2 operating system that comes with the Steam Deck game console. Steam OS 3 is based on Arch Linux, uses the Gamescope composite server based on the Wayland protocol to speed up the launch of games, comes with a read-only root file system, uses an atomic update mechanism, supports Flatpak packages, uses the PipeWire media server, and provides two interface modes (Steam shell and KDE Plasma desktop). Updates are only available for Steam Deck, but an unofficial build of holoiso is being developed by enthusiasts, adapted for installation on regular computers (Valve also promises to prepare builds for PC in the future). https://store.steampowered.com/news/app/1675200/view/3297210455204145216

A hardwired password for accessing the user base has been revealed in the Linuxfx distribution: 27.05.2022 Members of the Kernal community have identified an unusually nonchalant attitude towards security in the Linuxfx distribution, which offers a build of Ubuntu with a Windows 11-styled KDE user environment. According to the project's website, the distribution has more than a million users and about 15,000 downloads this week. The distribution offers activation of additional paid features, which is done through the introduction of a license key in a special graphical application. A study of the license activation application (/usr/bin/windowsfx-register) showed that it includes a hardwired login and password for accessing an external MySQL DBMS, to which data about a new user is added. The detected credentials allow you to get full access to the database, including the “machines” table, which reflects information about all installations of the distribution kit, including user IP addresses. Also available is the contents of the “fxkeys” table with the license keys and email addresses of all registered commercial users. It is noteworthy that, in contrast to the claims of a million users, there are only 20,000 records in the database. The application is written in Visual Basic and runs using the Gambas interpreter . The reaction of the distribution's developers deserves special attention. After the publication of information about security problems, they released an update in which they did not fix the problem itself, but only changed the database name, login and password, and also changed the logic for obtaining credentials and tried to deal with program tracing. Instead of credentials sewn into the application itself, the Linuxfx developers added the loading of database connection parameters from an external server using the curl utility. For protection after startup, a search and removal of all running “sudo”, “stapbp” and “*-bpfcc” processes in the system is implemented, apparently believing that in this way they can interfere with tracing programs. https://kernal.eu/posts/linuxfx/

10

Release of the Deepin 20.6: 06/01/2022 Deepin 20.6 was published, based on Debian 10, but developing its own Deepin Desktop Environment (DDE) and about 40 user applications, including DMusic music player, DMovie video player, DTalk messaging system, installer and Deepin installation center software center. The project was founded by a group of developers from China, but has been transformed into an international project. All code is distributed under the GPLv3 license. The size of the bootable iso image is 3 GB (amd64). https://www.deepin.org/en/2022/05/31/deepin-20-6-release/

Release of Nitrux 2.2 distribution with NX Desktop: 06/02/2022 The release of the distribution kit Nitrux 2.2.0 has been published , built on the Debian package base, KDE technologies and the OpenRC initialization system . The distribution develops its own desktop NX Desktop , which is an add-on for the KDE Plasma user environment, as well as the MauiKit user interface framework , on the basis of which a set of typical user applications is developed that can be used on both desktop systems and mobile devices. To install additional applications, the AppImages self-contained package system is being promoted. Full boot image sizeis 2.5 GB, and abbreviated with the JWM window manager is 1.4 GB. The developments of the project are distributed under free licenses. NX Desktop offers a different styling, its own implementation of the system tray, notification center and various plasmoids, such as a network connection configurator and a multimedia applet for volume control and media playback control. Among the applications created using the MauiKit framework , one can note the Index file manager (Dolphin can also be used), the Note text editor, the Station terminal emulator, the Clip music player, the VVave video player, the NX Software Center application control center and the Pix image viewer. https://nxos.org/changelog/release-announcement-nitrux-2-2-0/

Distrobox 1.3, a toolkit for nested distributions: 06/02/2022 Distrobox 1.3 toolkit has been released, allowing you to quickly install and run any Linux distribution in a container and ensure its integration with the main system. The project code is written in Shell and distributed under the GPLv3 license. The project is implemented as an add-on over the Docker or Podman, and is distinguished by the maximum simplification of work and setting up the integration of the running environment with the rest of the system. To create an environment with a different distribution, it is enough to issue a single distrobox-create command without thinking about the subtleties. After launch, Distrobox forwards the user's home directory to the container, configures access to the X11 and Wayland server to run from the container of graphical applications, allows you to connect external drives, adds sound output, implements integration at the level of SSH agent, D-Bus and udev. As a result, the user can work completely in another distribution without leaving the main system. Distrobox claims to be able to host 16 distributions, including Alpine, Manjaro, Gentoo, EndlessOS, NixOS, Void, Arch, SUSE, Ubuntu, Debian, RHEL, and Fedora. Any distribution kit for which there are images in the OCI format can be launched in the container . Among the main areas of application are experiments with atomically updated distributions such as Endless OS, Fedora Silverblue, OpenSUSE MicroOS and SteamOS3, the creation of separate isolated environments (for example, to run home configuration on a work laptop), access to more recent versions of applications from experimental branches of distributions. https://github.com/89luca89/distrobox/releases/tag/1.3.0

11

Armbian distribution release 22.05: 06/03/2022 The Armbian 22.05 Linux distribution has been released, providing a compact system environment for various ARM-based single board computers, including various models of Raspberry Pi, Odroid, Orange Pi, Banana Pi, Helios64, pine64, Nanopi and Cubieboard based on Allwinner, Amlogic, Actionsemi processors , Freescale / NXP, Marvell Armada, Rockchip, Radxa and Samsung Exynos. The Debian and Ubuntu package bases are used to form the builds, but the environment is completely rebuilt using its own build system with the inclusion of optimizations to reduce the size, increase performance and apply additional protection mechanisms. For example, the /var/log partition is mounted using zram and stored in RAM in compressed form, flushed to the drive once a day or at shutdown. The /tmp partition is mounted using tmpfs. The project supports more than 30 Linux kernel builds for various ARM and ARM64 platforms. https://www.armbian.com/newsflash/armbian-22-05/

Linux ported for Apple iPad tablets on A7 and A8 chips: 06/03/2022 Enthusiasts were able to successfully boot the Linux 5.18 kernel on Apple iPad tablets based on A7 and A8 ARM chips. Work is currently limited to adapting Linux for iPad Air, iPad Air 2 and some iPad mini devices, but there are no fundamental problems for applying the code to other devices based on Apple A7 and A8 chips, such as iPhone 5S and HomePod, released in 2013- 2014. For newer devices, builds from the Sandcastle project can be used. The Checkm8 vulnerability is used to unlock the bootloader and bypass firmware verification (Jailbreak). In its current form, development is still at an early stage, in which kernel loading is supported, graphics acceleration, network functions and sound work, but USB and Bluetooth do not work yet. The next goal of the project is to provide a bootable user environment based on the postmarketOS distribution built on Alpine Linux, the Musl standard C library and the BusyBox utility set. https://twitter.com/konradybcio/status/1532106368936706051

Qt6 packages prepared for Debian 11: 06/11/2022 The maintainer of packages for the Qt framework on Debian announced packages of the Qt6 branch for Debian 11. The set included 29 packages with various Qt 6.2.4 components and a package with the libassimp library with support for 3D model formats. The packages are available for installation via the backports system (the bullseye-backports repository ). Qt6 was not originally planned for Debian 11 due to lack of resources, but Qt6 was eventually made available to the Debian stable branch. It is noted that the preparation of packages was a personal initiative of the maintainer, but The Qt Company also expressed a desire to promote the project. https://perezmeyer.com.ar/blog/2022/06/10/qt6-in-debian-bullseye/

12

Release of the MidnightBSD 2.2: 06/11/2022 The MidnightBSD 2.2 desktop operating system was released , based on FreeBSD with elements ported from DragonFly BSD, OpenBSD and NetBSD. The base desktop environment is based on GNUstep, but users have the option to install WindowMaker, GNOME, Xfce, or Lumina. A 774 MB installation image ( x86 , amd64 ) has been prepared for download . Unlike other desktop builds of FreeBSD, MidnightBSD was originally developed as a fork of FreeBSD 6.1-beta, which was synchronized with the FreeBSD 7 codebase in 2011 and subsequently incorporated many features from the FreeBSD 9-12 branches. For package management, MidnightBSD uses the mport system, which uses a SQLite database to store indexes and metadata. Installing, removing and searching for packages is done using a single mport command https://www.midnightbsd.org/notes/

Cinnamon 5.4 desktop environment released: 11.06.2022 After 6 months of development, Cinnamon 5.4 is out, within which the community of developers of the Linux Mint distribution is developing a fork of the GNOME Shell, the Nautilus file manager and the Mutter window manager, aimed at providing an environment in the classic GNOME 2 style with support for successful interaction elements from the GNOME Shell. Cinnamon is based on GNOME components, but these components are shipped as a periodically synchronized fork with no external dependencies to GNOME. The new release of Cinnamon will be offered in the Linux Mint 21 distribution, scheduled for release in July. https://github.com/linuxmint/Cinnamon/releases/tag/5.4.0

Release of EasyOS 4.0, a custom distribution from the creator of Puppy Linux: 11.06.2022 Barry Kauler, founder of the Puppy Linux project, has published an experimental EasyOS 4.0 distribution that combines Puppy Linux technologies with containerized isolation to run system components. The distribution is managed through a set of graphical configurators developed by the project itself. The size of the boot image is 773 MB. https://bkhome.org/news/202206/easyos-dunfell-series-version-40-released.html

13

Bottlerocket 1.8 is available: 12.06.2022 Bottlerocket 1.8.0 has been published, developed with the participation of Amazon to effectively and safely run isolated containers. The toolkit and control components of the distribution are written in Rust and distributed under the MIT and Apache 2.0 licenses. It supports running Bottlerocket on Amazon ECS, VMware, and AWS EKS Kubernetes clusters, as well as creating custom builds and editions that allow for different orchestration and runtime tools for containers. The distribution provides an atomically and automatically updated indivisible system image that includes the Linux kernel and a minimal system environment that includes only the components needed to run containers. The environment uses the systemd system manager, the Glibc library, the Buildroot build tool, the GRUB bootloader, the wicked network configurator , the containerd isolated container runtime , the Kubernetes container orchestration platform, the aws-iam-authenticator, and the Amazon ECS agent. The container orchestration tools come in a separate management container that is enabled by default and managed through the API and AWS SSM Agent. The base image lacks a command shell, SSH server, and interpreted languages ​​(for example, no Python or Perl) - admin and debugging tools are moved to a separate service container , which is disabled by default. https://github.com/bottlerocket-os/bottlerocket/releases/tag/v1.8.0

Alpha testing of PHP 8.2 has begun: 06/12/2022 The first alpha release of the new branch of the PHP 8.2 programming language is available. The final release is scheduled for November 24th. The main innovations already available for testing or planned for implementation in PHP 8.2, for instance: Separate types “false” and “null” have been added, which can take only one valid value and are used, for example, to return the function with an error termination indicator or an empty value. Previously, “false” and “null” could only be used in conjunction with other types (for example, “string|false”), but now they can be used separately. There is also the ability to substitute variable values ​​into strings using the expressions “${var}” and ${(var)} has been deprecated. Support for the commonly used ”{$var}“ and “$var” substitutions has been retained. Deprecated* - partially supported callables that can be called via “call_user_func($callable)”, but do not support calling in the form “$callable()” https://stitcher.io/blog/new-in-php-82

Youth competitions on Linux will be held: 13.06.2022 On June 20, the 3rd annual children's and youth competitions in Linux - ” CacTUX 2022 “ will start. As part of the competition, participants will have to move from MS Windows to Linux, keeping all documents, install programs, configure the environment, and configure the local network. Registration is open from 13 to 22 June 2022 inclusive. The competition will be held from June 20 to July 4 in two stages: qualifying (testing) and final (practical task). There are 2 nominations: “Just for Fun” (in absentia) and “Teen Hacker” (in absentia), and 3 age groups: 10-13 years old, 14-15 years old, 16-17 years old. Working distributions: Calculate Linux, Simply Linux and OpenWRT. https://cactux.ru/

14

The K-9 Mail project will become the basis of Thunderbird for Android: 13.06.2022 The Thunderbird and K-9 Mail development teams have announced a project merger. The K-9 Mail email client will be renamed “Thunderbird for Android” and will be shipped under a new brand. The Thunderbird project has long considered creating a version for mobile devices, but during the discussions it came to the conclusion that it makes no sense to split forces and do double work when you can join forces with an already existing close open source project. For the clunky K-9 Mail, joining Thunderbird is beneficial in terms of additional resources, expanding the user base, and speeding up development. The decision to merge was driven by similar goals and visions from both projects of what a modern mobile email application should be. Both projects are also privacy-conscious, adhere to open standards, and are developed using an open development process. Before the first release with a new name, K-9 Mail plans to bring the look and functionality closer to the look and feel of the desktop version of Thunderbird. Of the plans to expand the functionality of K-9 Mail , it is noted the implementation of an auto-configuration system for accounts like in Thunderbird, improved management of mail folders, integration of support for message filters, and the implementation of synchronization between the mobile and desktop versions of Thunderbird. https://blog.thunderbird.net/2022/06/revealed-thunderbird-on-android-plans-k9/

The browser-linux - Linux distribution to run in a web browser: 14.06.2022 Browser-linux is proposed for launching a Linux console environment in a web browser. The project can be used to quickly get started with Linux without having to run virtual machines or boot from external media. A stripped-down Linux environment is built using the Buildroot toolkit. To execute the resulting assembly in the browser, the v86 emulator is used, which translates the native code into the WebAssembly. For storage, the localForage library is used , which works on top of the IndexedDB API. The user is given the opportunity to save the state of the environment at any time and then restore the work from the saved position. The output is generated in a terminal window implemented using the xterm.js library. udhcpc is used to configure network communication . https://github.com/Darin755/browser-linux

Oracle Linux 9 Preview: 14.06.2022 Oracle has introduced a preliminary release of Oracle Linux 9, based on Red Hat Enterprise Linux 9 and fully binary compatible with it. For downloading without restrictions, an installation iso image is offered, 8 GB in size, prepared for x86_64 and ARM64 architectures (aarch64). For Oracle Linux 9 , unlimited and free access to the yum repository with binary package updates with bug fixes (errata) and security issues is open. Separately maintained repositories with sets of Application Stream and CodeReady Builder packages are also prepared for download. In addition to the RHEL kernel package (based on the 5.14 kernel), Oracle Linux offers its own Unbreakable Enterprise Kernel 7, based on the Linux 5.15 kernel and optimized for industrial software and Oracle hardware. The source code for the kernel, including a breakdown into individual patches, is available in the public Oracle Git repository. The Unbreakable Enterprise Kernel is installed by default, positioned as an alternative to the regular RHEL kernel package and provides a number of advanced features such as DTrace integration and improved Btrfs support. Apart from the additional kernel, Oracle Linux 9 and RHEL 9 releases are identical in functionality . https://blogs.oracle.com/linux/post/oracle-linux-9-developer-preview-now-available-for-download

15

KDE Plasma 5.25 user environment: 14.06.2022 The KDE Plasma 5.25 custom shell release is available, built using the KDE Frameworks 5 and the Qt 5 library using OpenGL/OpenGL ES for faster rendering. You can evaluate the work of the new version through a Live build from the openSUSE project and a build from the KDE Neon User Edition project. Packages for various distributions can be found on this page; https://community.kde.org/Plasma/Packages https://kde.org/ru/announcements/plasma/5/5.25.0/

FreeCAD 0.20: 14.06.2022 After more than a year of development, the release of the open parametric 3D modeling system FreeCAD 0.20 has been published, which is distinguished by flexible customization and functionality enhancements through the connection of add-ons. The interface is built using the Qt library. Add-ons can be created in Python. It supports saving and loading models in various formats, including STEP, IGES and STL. The FreeCAD code is distributed under the LGPLv2 license, and Open CASCADE is used as the modeling engine. Binaries will soon be prepared for Linux (AppImage), macOS and Windows. https://github.com/FreeCAD/FreeCAD/releases/tag/0.20

EuroLinux 9.0: 06/15/2022 EuroLinux 9.0 has been published, prepared by rebuilding the source of Red Hat Enterprise Linux 9.0 packages and fully binary compatible with it. Installation images have been prepared for download, 6.5 GB (appstream) and 1.4 GB in size. The distribution is similar in functionality and added innovations to RHEL 9.0. EuroLinux builds are distributed both for a paid subscription and free. The paid and free subscription builds are identical, build at the same time, include the full set of system features, and allow you to receive updates. The difference between a paid subscription comes down to the provision of technical support services, access to errata files and the ability to use additional packages, including tools for load balancing, high availability and creating reliable storage. https://en.euro-linux.com/blog/eurolinux-9-0-released/

16

Ubuntu Core 22 monolithic distribution available: 15.06.2022 Canonical has published the release of Ubuntu Core 22, a compact version of the Ubuntu distribution adapted for use in Internet of Things (IoT) devices, containers, consumer and industrial equipment. Ubuntu Core comes in the form of an indivisible, monolithic base system image that does not use deb packages. Ubuntu Core 22 images, which are in sync with the Ubuntu 22.04 package base, are prepared for x86_64, ARMv7, and ARMv8 systems. The release follow-up time is 10 years. Ubuntu Core serves as the basis for running additional components and applications, which are packaged as self-contained add-ons in the snap format. Ubuntu Core components, including the base system, Linux kernel, and system add-ons, are also provided in snap format and managed by the snapd toolkit. Snappy technology makes it possible to form an image of the system as a whole, without splitting into separate packages. https://ubuntu.com/blog/canonical-ubuntu-core-22-is-now-available-optimised-for-iot-and-embedded-devices

GIMP 2.10.32 graphics editor released: 06/15/2022 GIMP 2.10.32 release has been published. Flatpak packages are available for installation (the snap package is not ready yet). The release mainly includes bug fixes. All feature building efforts are focused on preparing the GIMP 3 branch, which is in pre-release testing . https://www.gimp.org/news/2022/06/14/gimp-2-10-32-released/

Cambalache 0.10, a tool for developing GTK interfaces: 16.06.2022 Cambalache 0.10.0 project is available, which develops a rapid interface development tool for GTK 3 and GTK 4 using the MVC paradigm and the philosophy of paramount importance of the data model. Unlike Glade, Cambalache provides support for maintaining multiple user interfaces in one project. The code is written in Python and is licensed under the LGPLv2.1 license. A flatpak package is available for installation. Cambalache does not depend on GtkBuilder and GObject, but provides a data model that conforms to the GObject type system. The data model can import and export multiple interfaces at once, supports GtkBuilder objects, properties, and signals, provides a rollback stack (Undo / Redo) and the ability to compress command history. The cambalache-db utility is provided to generate a data model from gir files, and the db-codegen utility is provided to generate GObject classes from data model tables. The interface can be generated based on GTK 3 and GTK 4, depending on the version defined in the project. To provide support for different GTK branches, the workspace is formed using the Broadway backend, which allows you to draw the output of the GTK library in a web browser window. The main Cambalache process provides a WebKit-based WebView wrapper that uses Broadway to broadcast the output from the Merengue process, which is directly responsible for rendering the user-created interface. https://blogs.gnome.org/xjuan/2022/06/15/cambalache-0-10-0-is-out/

issue182/actus.1656483593.txt.gz · Dernière modification : 2022/06/29 08:19 de d52fr