Full Circle Magazine FR

NsCDE 2.2 Released: July 25 The NsCDE 2.2 (Not so Common Desktop Environment) project, who develop a CDE (Common Desktop Environment) desktop environment, adapted for use on modern Unix-like systems and Linux, has been published. The environment is based on the FVWM window manager with the theme of design, applications, patches and superstructures for recreating the original CDE desktop. The project code is distributed under the GPLv3 license. The add-in is written in Python and Shell. Installation packages are available for Fedora, openSUSE, Debian and Ubuntu. The goal of the project is to provide a comfortable environment for fans of retro desktops, supporting modern technology and not causing discomfort due to the lack of functionality. The user-styled CDE applications, design generators for Xt, Xaw, Motif, GTK2, GTK3, and Qt5 have been prepared to stylize the design of most programs using the X11. NsCDE allows you to link the design of CDE and modern technologies, such as font routing using XFT, Unicode, dynamic and functional menus, virtual desktops, applets, desktop wallpapers, design/pictogram themes, etc. https://github.com/NsCDE/NsCDE/releases/tag/2.2

D-Installer 0.4 for SUSE: July 25 The developers of the YaST installer, used in openSUSE and SUSE Linux, published an update of the experimental installer D-Installer 0.4, which supports the management of the installation through a web interface. Installation images were prepared to familiarize themselves with the capabilities of D-Installer and provide tools for installing the continuously updated edition of openSUSE Tumbleweed, as well as releases Leap 15.4 and Leap Micro 5.2. D-Installer means separating the user interface from the internal components of the YaST and providing the possibility of using various frontends. YaST libraries continue to be used to install equipment, hardware checks, disk breakdowns and other functions required for installation, YaST libraries, on top of which an interlayer abstracts access to libraries through the unified D-Bus interface. The new version of D-Installer implements a multiprocess architecture, which, thanks to the interface, the interaction with the user is no longer blocked during the execution of other processes in the installer, such as reading metadata from the repository and installing packages. They introduced three internal stages of installation: start the installer, setup of installation parameters and the installation itself. Also, work is being done on the creation of a minimalistic system image that launches the installer. The main idea in the layout of the installer components in the form of a container and the use of a special initrd-death Iguana loading to start the container. At the moment, YaST modules have already been adapted for work from the container to customize time zones, keyboard, language, firewall, printing system, DNS, program management, repositories, users and groups. https://yast.opensuse.org/blog/2022-07-19/yast-report-2022-5

Fedora intends to ban the supply of software distributed under the CC0 license: July 25 Richard Fontana, one of the authors of the GPLv3 license, working as an open-source and patent consultant at Red Hat, has announced plans to amend the Fedora project rules prohibiting the inclusion of software in the repository supplied under the Creative Commons CC0 license. The CC0 license implies the author's waiver of its rights and distribution as a public domain, which allows you to distribute, modify and copy the Software without any conditions. The reason for the ban is CC0's uncertainty about software patents. The CC0 license text contains a clause that clearly indicates that the license does not affect the patent rights and trademark rights that may be used in the application. The possibility of influence through patents is considered a potential threat, so licenses that do not explicitly provide the possibility of using patents or waive patents are considered as not classified as in the category of open and free (FOSS). The ability to place contents in repositories under the CC0 license not related to the code will be left. For packages with code already placed in the Fedora repositories supplied under the CC0 license, they will make an exception and allow delivery to continue. The inclusion of new packages with a code supplied under the CC0 license will be prohibited. https://lists.fedoraproject.org/archives/list/legal@lists.fedoraproject.org/thread/RRYM3CLYJYW64VSQIXY6IF3TCDZGS6LM/

Release of CDE 2.5.0: July 26 The classic industrial desktop environment CDE 2.5.0 (Common Desktop Environment) has been released. CDE was developed in the early 1990s by the joint efforts of Sun Microsystems, HP, IBM, DEC, SCO, Fujitsu and Hitachi, and for many years acted as the regular graphics environment of Solaris, HP-UX, IBM AIX, Digital UNIX and UnixWare. In 2012, CDE 2.1 was opened by the LOP Group consortium under the LGPL license. The CDE source code includes an XDMCP-compatible input manager, user session manager, window manager, CDE FrontPanel panel, desktop manager, interprocess interface, desktop tools, tools for shell and Ci application development, components for third-party integration. To build it, you need to have a library of elements of the Motif interface, which has been translated into the category of free projects following the CDE. https://sourceforge.net/p/cdesktopenv/mailman/message/37684830/

Debian sued the domain debian.community, which published a critique of the project: July 25 The Debian project, the non-profit organization SPI (Software in the Public Interest) and Debian.ch, representing Debian in Switzerland, won the proceedings at the World Intellectual Property Organization (WIPO) related to the debian.community domain, which ran a blog critical of the project and its participants, and also brought to the public confidential discussions from the debian-private mailing list. Unlike the failure of a similar proceeding initiated by Red Hat about the WeMakeFedora.org domain, the claims related to debian.community were found to be justified and the transfer of rights to the debian.community domain to the Debian.community project was resolved. The decommissioning of the Debian trademark is a formal motive for the transfer of the domain. The author of the site debian.community announced that he registered for the continuation of the publication of the new site - “suicide.fyi,” which will continue to publish criticism of Debian. https://suicide.fyi/debian/urgent-domain-stolen-use-new-url-asap-new-debian-private-leaks/

Latte Dock announced the termination of the project: July 26 Michael Vourlakos has announced the termination in the development of the Latte Dock project, an alternative dock for KDE. The reason is the lack of free time and the loss of interest in further work on the project. Michael planned to leave the project and transfer it to other hands after the release of 0.11, but eventually decided to leave earlier. It is not yet clear whether anyone can pick up the development - Michael made an overwhelming number of changes. The list of changes notes the activity of several more people, but their contribution is minimal and limited to individual corrections. The Latte panel was founded as a result of the merger two panels - Now Dock and Candil Dock. As a result of the merger, an attempt was made to have a panel, working separately from Plasma Shell, with the original Now Dock design of the interface and the use of only KDE and Plasma libraries without third-party dependencies. The panel is based on the KDE Framework and Qt library, supports integration with the KDE Plasma desktop and implements the effect of parabolic macOS pictograms or the Plank panel. The project code is distributed under the GPLv2 license. https://psifidotos.blogspot.com/2022/07/latte-dock-farewell.html

OpenMandriva starts testing the OpenMandriva Lx ROME rolling: July 27 The developers of the OpenMandriva project presented a preliminary release of a new version of the OpenMandriva Lx ROME distribution, which uses a model of continuous delivery of updates (rolling-release). The proposed edition allows you to access new versions of packages developed for the OpenMandriva Lx 5.0 branch. For download, an iso-image of 2.6 GB with a KDE desktop with a KDE desktop, supported the download in Live mode, prepared for download. In the new versions of the packages in the OpenMandriva Lx ROME build, there is - the kernel 5.18.12 (assembled with Clang), Python 3.11, Java 20, KDE Frameworks 5.96.0, Plasma Desktop 5.25.3 and KDE Gear 22.04.2. Reorganization of the file system structure - all executable files and libraries from the root directories are transferred to the /usr section (categols /bin, /sbin and /lib* are designed as symbolic links to the corresponding directories inside /usr). Support for installation on partitions with BTRFS and XFS FS has been resumed. In addition to the default file manager dnf4 as alternatives, dnf5 and zypper are offered. https://www.openmandriva.org/en/news/article/openmandriva-lx-rome-rolling-technical-preview

Updating ClamAV 0.103.7, 0.104.4 and 0.105.1: July 27 Cisco has released new versions of the free antivirus package ClamAV 0.105.1, 0.104.4 and 0.103.7. The project came to the hands of Cisco in 2013 after the acquisition of Sourcefire, which develops ClamAV and Snort. The project code is distributed under the GPLv2 license. The 0.104.4 release will be the last update in the 0.104 branch, and 0.103 will be classified as LTS and will be accompanied until September 2023. There is a long list of changes on the website. https://blog.clamav.net/2022/07/clamav-01037-01041-and-01051-patch.html

Fedora Linux 37 plans to stop supporting robotics, games etc: July 27 Ben Cotton, Fedora Program Manager at Red Hat, announced his intention to stop the creation of alternative live distributions - Robotics Spin (applications and simulators for robot developers), Games Spin (with a selection of games) and Security Spin (with a set of security check tools), due to the termination of the communication of accompanying or unwillingness. If there are those who wish to take the support of these spins in their own hands, their delivery will be continued (currently, applicants have already been found ready to continue the support of the Security and Games editions). https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/YXENHLWNVIAOYQQ746KZYRIXYQW6E2FA/

Vulnerability in Samba: July 28 The corrective releases of Samba 4.16.4, 4.15.9 and 4.14.14 with the elimination of 5 vulnerabilities have been published. The release of package updates in distributions can be traced on: Debian, Ubuntu, Gentoo, RHEL, SUSE, Arch, FreeBSD. The most dangerous vulnerability (CVE-2022-32744) allows Active Directory domain users to change the password of any user, including the administrator password and get full control of the domain. The problem is because KDC accepts kpasswd requests encrypted with any known key. An attacker with access to the domain can send a fictitious request for a new password on behalf of another user, encrypting it with his key, and KDC will process it without verifying the compliance of the account key. Other than the sending of fictitious requests, it can be used to send dummy requests keys of domain controllers working in read mode only (RODC), which do not have the authority to change passwords. As a bypass method of protection, you can disable support for the kpasswd protocol by adding a string “kpasswd port” to smb.conf. https://www.samba.org/samba/latest_news.html#4.16.4

Ventoy 1.0.79: July 28 The release of Ventoy 1.0.79 tools, designed to create boot USB devices, including multiple operating systems, is out. It allows you to download the OS from unchanged ISO, WIM, IMG, VHD and EFI images, without requiring unpacking the image or reformatting the device. For example, it is enough to simply copy to USB Flash with the Ventoy downloader, a set of iso-images and Ventoy will provide the ability to load the operating systems inside. At any time, you can replace or add new iso-images simply by copying new files, which is convenient for testing and previewing various distributions and operating systems. The project code is written in C and distributed under the GPLv3 license. Ventoy supports downloads on systems with BIOS, IA32 UEFI, x86_64 UEFI, ARM64 UEFI, UEFI Secure Boot and MIPS64EL UEFI with tables of MBR or GPT partitions. It also supports the download of various options - Windows, WinPE, Linux, BSD, ChromeOS, as well as images of virtual machines in Vmware and Xen. The developers tested Ventoy with more than 940 iso-atures, including various versions of Windows and Windows Server, several hundred Linux distributions (there are declared to check 90% of the distributions presented on distrowatch.com), more than a dozen BSD systems (FreeBSD, DragonFly BSD, pfSense, FreeNAS, etc.). In addition to USB-drives, Ventoy's USB bootloader can be installed on a local drive, SSD, NVMe, SD card and other types of drives that use FAT32, exFAT, NTFS, UDF, XFS or Ext2/3/4 file systems. There is an automated installation mode of the operating system in one file on a portable media with the ability to add your files to the created environment (for example, to create images from Windows or Linux-distributes that do not support Live mode). The new version added support for the Fedora CoreOS. The boot image of Super-UEFIinSecureBoot-Disk, used to run unsigned efi programs and operating systems in UEFI Secure Boot mode, is returned to version 3.3. The number of supported iso-image has been brought to 940. Problems with the kickstart mode in distributions based on RHEL have been solved. https://github.com/ventoy/Ventoy/releases/tag/v1.0.79

Release of OPNsense 22.7: July 28 The release of OPNsense 22.7, which is an offshoot of the pfSense project, created to form a fully open distribution that could have functionality at the level of commercial solutions for deploying firewalls and network gateways, is out. Unlike pfSense, the project is positioned as not controlled by one company, developed with the direct participation of the community and with a fully transparent development process, as well as providing the ability to use any of its developments in third-party products, including commercial products. The original code of the distribution components, as well as the tools used for assembly, are distributed under the BSD license. The builds are prepared in the form of LiveCD and a system image for Flash drives (347 MB). The distribution provides means of creating fault-tolerant configurations based on the use of the CARP protocol and allow you to run in addition to the main firewall, a spare node, which will be automatically synchronized at the configuration level and will take on the load in case of failure of the primary node. For the administrator, a modern and simple interface is offered to configure the firewall, built using the bootstrap web-framework. https://forum.opnsense.org/index.php?topic=29507.0

Release of FreeRDP 2.8.0: July 29 A new release of the FreeRDP 2.8.0 project has been released, offering free implementation of the remote access protocol to the RDP Desktop Protocol, developed on the basis of Microsoft specifications. The project provides a library to integrate RDP support into third-party applications and a client that can be used for remote connection to the Windows desktop. The project code is distributed under the Apache 2.0 license. https://github.com/FreeRDP/FreeRDP/releases/tag/2.8.0

Release paperless-ngx 1.8.0: July 30 A new release of Paperless-ngx, a web application for document management that converts paper documents into electronic, available for full-text search, downloading and storage online is available. The code is written in Python using the Django framework and distributed under the GPLv3 license. Demo's at demo.paperless-ngx.com (login/palog - demo/demo) is available to familiarize yourself with the capabilities of the system. Paperless-ngx is an offshoot of the paperless-ng project, which, in turn, branched off the original paperlsess project (forks were created to continue development after the completion of the support of past developers). After downloading the scanned document in any available way (by FTP, via the web interface, through the Android application, by e-mail via IMAP), the program performs optical text recognition (OCR), using the Tesseract engine, then tagging (including automatic using machine learning), full-text search, as well as downloading a version of the document in PDF/A format or in one of the office packages available. https://github.com/paperless-ngx/paperless-ngx/

4MLinux 40.0: July 31 The release of 4MLinux 40.0, a minimalistic user distribution that is not derived from other projects and uses a graphical environment based on JWM, is out. 4MLinux can be used not only as a Live environment to play media files and other user tasks, but also as a system for recovery after failures and a platform for running LAMP servers (Linux, Apache, MariaDB and PHP). Two iso-image (1.1 GB, x86_64) with a graphical environment and a selection of programs for server systems has been prepared for download. https://4mlinux-releases.blogspot.com/2022/07/4mlinux-400-stable-released.html

Linux Mint 21: July 31 The release of Linux Mint 21, which has been transferred to the Ubuntu 22.04 LTS package database, is out. The distribution is fully compatible with Ubuntu, but is significantly different from the approach to the layout of the user interface and the selection of default applications. Linux Mint developers provide a desktop environment that meets the classic canons of desktop layouts, which is more familiar to users who do not accept new methods of building the GNOME 3 interface. DVDs based on MATE 1.26 (2 GB), Cinnamon 5.4 (2 GB) and Xfce 4.16 (2 GB) are available for download. The Linux Mint 21 is included in the long-term releases (LTS), which will be updated until 2027. https://blog.linuxmint.com/?p=4358

Release of Q4OS 4.10: Aug 1 The release of Q4OS 4.10, based on Debian and supplied with KDE Plasma and Trinity desktops, has been published. The distribution is positioned as lightweight and offering a classic desktop design. It includes several proprietary applications, including 'Desktop profiler' for quick installation of thematic software sets, 'Setup utility' to install third-party applications, 'Welcome Screen' to simplify the initial configuration, scripts for installing alternative environments LXQT, Xfce and LXDE. The bootable image size is 1.2 GB (x86_64, i386). The new release synchronized the package base with Debian 11.4. Desktop Trinity has been updated until the release of 14.0.12. https://www.q4os.org/blog.html

Release of Ubuntu Sway Remix 22.04 LTS: 08/08/2022 Ubuntu Sway Remix 22.04 LTS, that provides a pre-configured and ready-to-use desktop based on the mosaic composite manager Sway, is available for download. The distribution is an unofficial edition of Ubuntu 22.04 LTS, created with an eye on both experienced users of GNU/Linux and beginners who want to try the environment of mosaic window managers without the need for their long setup. For download, builds for amd64 and Raspberry Pi 3/4 are available. The distribution environment is built on Sway - a composite manager using the Wayland protocol and fully compatible with the mosaic window manager i3, as well as the Waybar panel, PCManFM-GTK3 file manager, and utilities from the NWG-Shell project, such as the Azote desktop wallpaper manager, full-screen nwg-drawer application menu, and the nwamp screen content on the screen is displayed on the nwg, the GTK theme setting manager, the morsator and nwg-look fonts and the Autotiling script, which automatically composes the open applications window in the manner of dynamic mosaic window managers. https://github.com/Ubuntu-Sway/Ubuntu-Sway-Remix

Release of nftables 1.0.5: 08/10/2022 The new nftables 1.0.5, unifying packet filter interfaces for IPv4, IPv6, ARP and network bridges (targeted to replace iptables, ip6table, arptables and ebtables), is out. At the same time, the accompanying libnftnl 1.2.3 library was published, providing a low-level API for interaction with the nf_tables subsystem. The nftables package includes packet filter components that work in the user's space, while at the kernel level is provided by the nf_tables subsystem, which is part of the Linux kernel starting from release 3.13. At the kernel level, only a common interface is provided, independent of a specific protocol and providing basic functions to extract data from packets, perform data operations and flow control. Directly filtering rules and protocol-specific handlers are compiled into the bytecode in the user's space, after which the bytecode is loaded into the kernel using the Netlink interface and executed in the kernel in a special virtual machine reminiscent of BPF (Berkeley Packet Filters). This approach allows you to significantly reduce the size of the filter code, working at the core level and carry all the functions of parsing rules and logic of working with protocols into the user's space https://www.mail-archive.com/netfilter-announce@lists.netfilter.org/msg00246.html

Google has expanded the program to stimulate the detection of vulnerabilities in the Linux kernel 08/10/2022 Google has announced an expansion of the initiative to pay cash rewards for identifying vulnerabilities in the Linux kernel. The maximum amount of payment for the new vulnerability and the creation of a working exploit on its basis increased from 91 to 133 thousand dollars. In addition to the previously used kCTF (Kubernetes Capture the Flag) for hacking attempts, new environments were proposed: based on the last stable branch of the usual Linux kernel and on a branch of the core, which includes additional patches to block the typical methods of operation of exploits. For the creation of exploits that hit an environment with a fresh stable branch of the core, an additional reward of $21 thousand is paid. Hacking the environment with expanded protection measures, you can be paid another $21 thousand dollars. The proposed expanded protection measures are able to block 9 of the 10 vulnerabilities received last year and 10 of the 13 exploits applying for remuneration. https://security.googleblog.com/2022/08/making-linux-kernel-exploit-cooking.html

The Linux kernel reveals exploited vulnerabilities in POSIX CPU timer, cls_route and nf_tables 08/11/2022 The Linux kernel revealed several vulnerabilities caused by accessing already freed areas of memory and allowing a local user to increase their privileges in a system. For all the problems under consideration, working prototypes of exploits have been created, which will be published a week after the publication of information on vulnerabilities. Patches with troubleshooting were sent to Linux kernel developers. CVE-2022-2588 , CVE-2022-2586 , CVE-2022-2585. https://www.openwall.com/lists/oss-security/2022/08/09/6

Open-based Heroes of Might and Magic 2 - fheroes2 - 0.9.18 08/08/2022 A new release of fheroes2 0.9.18, which recreates the engine of Heroes of Might and Magic II from scratch is available. The project code is written in C++ and distributed under the GPLv2 license. To start the game, it requires files with the original game resources that can be obtained, for example, from the demo version of Heroes of Might and Magic II or from the original game. Highlight is that the diplomatic option now works as in the original. https://github.com/ihhub/fheroes2/releases/tag/0.9.18

SQUIP - an attack on AMD processors that leads to data leakage through third-party channels 08/12/2022 A group of researchers from the Graz Technical University (Austria), formerly known for the development of MDS, NetSpectre, Throwhammer and ZombieLoad attacks, revealed information about a new method of attack on third-party channels (CVE-2021-46778) on the queue of the AMD processor planner, used to plan the execution of instructions in different executive units of the CPU. The attack, called SQUIP, allows you to determine the data used in the calculations in another process or virtual machine or organize a hidden communication channel between processes or virtual machines, allowing you to exchange data bypassing the system access demarcation mechanisms. In the experiment, the researchers were able to fully recreate the closed 4096-bit RSA key used to create digital signatures using the mklogbedTLS 3.0 cryptographic library, in which the Montgomery algorithm is used for the construction of a number to the modulumization. To determine the key, it was necessary to perform 50,500 traces. The total time of the attack took 38 minutes. Search options are demonstrated, providing leakage between different processes and virtual machines controlled by the KVM hypervisor. It is also shown that the method can be used to make hidden data transfer between virtual machines at a speed of 0.89 Mbit/s and between processes at a speed of 2.70 Mbit/s at an error level of less than 0.8%. https://stefangast.eu/papers/squip.pdf

Release of GNU Binutils 2.39: 08/13/2022 A new release of the set of GNU Binutils 2.39 system utilities has been published, which includes programs such as GNU linker, GNU assembler, nm, objdump, strings, strip. This release contains numerous bug fixes, and also the following new features: * The ELF linker will now generate a warning message if the stack is made executable. Similarly it will warn if the output binary contains a segment with all three of the read, write and execute permission bits set. These warnings are intended to help developers identify programs which might be vulnerable to attack via these executable memory regions. The warnings are enabled by default but can be disabled via a command line option. It is also possible to build a linker with the warnings disabled, should that be necessary. * The ELF linker now supports a –package-metadata option that allows embedding a JSON payload in accordance to the Package Metadata specification. * In linker scripts it is now possible to use TYPE=<type> in an output section description to set the section type value. * The objdump program now supports coloured/colored syntax highlighting of its disassembler output for some architectures. (Currently: AVR, RiscV, s390, x86, x86_64). * The nm program now supports a –no-weak/-W option to make it ignore weak symbols. * The readelf and objdump programs now support a -wE option to prevent them from attempting to access debuginfod servers when following links. * The objcopy program's –weaken, –weaken-symbol, and –weaken-symbols options now works with unique symbols as well. https://www.mail-archive.com/info-gnu@gnu.org/msg03078.html

Release of Toybox 0.8.8: 08/13/2022 The set of system utilities, Toybox 0.8.8, as well as BusyBox, designed as a single executable and optimized for the minimum consumption of system resources, is out. The project is being developed by the former BusyBox maininer and is distributed under the BSD license. Toybox is used for most of Android's command line tools in all currently supported Android versions, and is also used to build Android on Linux and macOS. All of the tools are tested on Linux, and many of them also work on BSD and macOS. Toybox is lagging behind BusyBox, but 306 base commands (227 are fully and partially completed) of the 378 planned. https://github.com/landley/toybox/releases/tag/0.8.8

Deepin Linux 23 preview 15/08/2022 Deepin is the top Linux distribution from China, devoted to providing a beautiful, easy-to-use, safe, and reliable operating system for global users. (Global Ranking) Deepin V23 Preview is a staged version of deepin V23, which includes three main features: brand-new repositories, atomic updates, and a self-developed package format. Please note that it cannot be upgraded from deepin 20 directly at present. Linglong is a new package format developed by deepin, aiming at solving various compatibility problems caused by complex dependencies of traditional package formats under Linux, and reducing the security risks caused by decentralized control of permissions. It is available to any Linux distribution, supports incremental updates of applications, managing, distributing, and sandboxing apps, which not only improves ease of use, but also greatly protects user privacy. https://www.deepin.org/en/linux-system-distribution-deepin-23-preview-released/

Valve has released Proton 7.0-4: 16/08/2022 Valve has published the release of the Proton 7.0-4 project, which is based on the code base of the Wine project and is aimed at ensuring the launch of game applications created for Windows and presented in the Steam catalog. The project is distributed under the BSD license. Proton allows you to directly run in the Steam Linux client gaming applications supplied for Windows only. The package includes the implementation of DirectX 9/10/11 (based on the DXVK package) and DirectX 12 (based on vkd3d-proton), running through the broadcast of DirectX calls in the Vulkan API, provides improved support for game controllers and the ability to use the full-screen mode regardless of the screen resolutions supported in games. The esync“esync” (Eventfd Synchronization) and “futex/fsync” and “futex/fsync” mechanisms are supported to increase the performance of multithreaded games. https://github.com/ValveSoftware/Proton/releases/tag/proton-7.0-4

Release of LibreOffice 7.4: 18/08/2022 The Document Foundation has released the LibreOffice 7.4 office package. Ready-made installation packages are prepared for various Linux, Windows and macOS distributions. 147 developers participated in the production, of which 95 are volunteers. 72% of the changes were made by the employees of the three companies that oversee the project - Collabora, Red Hat and Allotropia, and 28% of the changes were added by independent enthusiasts. The release of LibreOffice 7.4 is equipped with the “Community” label, will be supported by enthusiasts and is not aimed at application at enterprises. LibreOffice Community is available for free for free to everyone, including corporate users. For enterprises in need of additional service, products of the LibreOffice Enterprise family are separately developing, for which partner companies will be provided with full support, the ability to receive long-term updates (LTS) and additional functions such as SLA (Service Level Agreements). https://blog.documentfoundation.org/blog/2022/08/18/libreoffice-7-4-community/

Release of KDE Gear 22.08: 19/08/2022 The August summary update of the applications (22.08) developed by the KDE project is presented. Recall that the summary set of KDE applications from April 2021 is published under the name KDE Gear, instead of KDE Apps and KDE Applications. In total, 233 programs, libraries and plugins have been published as part of the update. Information about the availability of Live-assemblies with new releases of applications can be obtained on this page, https://community.kde.org/Plasma/LiveImages https://kde.org/announcements/gear/22.08.0/

Janet Jackson ruining older harware: 19/08/2022 MITRE assigned the video with the song Janet Jackson “Rhythm Nation” the vulnerability identifier of CVE-2022-38392 due to the disruption of the normal operation of some old laptops during its playback. This composition can lead to an emergency shutdown of the system due to failures in the hard disk associated with the reproduction of certain resonance frequencies. It is noted that the frequency in the clip coincides with the fluctuations occurring in disks rotating at 5400 rpm, which leads to a sharp increase in the amplitude of their oscillations. Information about the problem was shared by a Microsoft employee, who told a story from the weekdays of the support service of Windows XP about: How to deal with the complaints of users of one of the major manufacturers who revealed that “Rhythm Nation” leads to disruptions of individual models of drives based on hard magnetic disks used in the laptops produced by this manufacturer. The problem was solved by the manufacturer through the addition of a special filter to the sound system that does not allow unwanted frequencies during sound playback. But such a workaround did not provide full protection, for example, the case mentioned where the failure was repeated not on the device on which the clip was played, but on a nearby laptop. The problem was also recorded on laptops from other manufacturers sold around 2005. Information about the effect has been disclosed since it has already lost its relevance and the problem does not manifest in modern hard drives. https://devblogs.microsoft.com/oldnewthing/20220816-00/?p=106994

Release of Krita 5.1: 20/08/2022 Krita 5.1.0, designed for artists and illustrators, is out. The editor supports multi-layer image processing, provides tools to work with different color models and has a large set of tools for digital painting, sketches and texture formation. Self-contained images in the AppImage format for Linux, experimental APK packages for ChromeOS and Android, as well as binary builds for macOS and Windows are available for installation. The project is written in C++ using the Qt library and distributed under the GPLv3 license. https://krita.org/en/item/krita-5-1-0-released/

Desktop release Budgie 10.6.3: 22/08/2022 The organization 'Buddies of Budgie', which oversees the development of the project after it separation from the Solus distribution, introduced a release Budgie 10.6.3 desktop. Budgie 10.6.x continues to develop a classic code base based on GNOME technology and its own GNOME shell implementation. In the future, they expect to start the development of the Budgie 11, a branch in which they plan to separate the functionality of the desktop from the layer that provides visualization and output of information, which will allow you to abstract from specific graphic libraries, and implement full support for the Wayland protocol. The project code is distributed under the GPLv2 license. https://blog.buddiesofbudgie.org/budgie-10-6-3-released/

Release of Celluloid 0.24: 20/08/2022 Celluloid 0.24 (formerly GNOME MPV) video player, that provides a graphical interface based on the GTK library for the MPV console video player, is out. Celluloid is used in Linux Mint and Ubuntu MATE as a default video player. https://github.com/celluloid-player/celluloid/releases/tag/v0.24