LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Monday, June 24th, 2019

    Time Event
    3:32p
    Security updates for Monday
    Security updates have been issued by Debian (jackson-databind, libvirt, pdns, and vim), Fedora (evince, firefox, gjs, libxslt, mozjs60, and poppler), openSUSE (dbus-1, firefox, ImageMagick, netpbm, openssh, and thunderbird), Oracle (libssh2, libvirt, and python), Scientific Linux (python), SUSE (compat-openssl098 , dbus-1 , evince , exempi , firefox , glib2 , gstreamer-0_10-plugins-base , gstreamer-plugins-base , java-1_8_0-ibm , libssh2_org , libvirt , netpbm , samba , SDL2 , sqlite3 , thunderbird , and wireshark ), and Ubuntu (web2py).
    4:39p
    Two years of postmarketOS
    PostmarketOS is an Alpine Linux based operating system for mobile
    devices. The postmarketOS blog takes a look
    at the project after two years of development. "Wouldn't it be great if you could take any obsolete smartphone from the past ten years and replace its outdated and insecure software with a maintained, modular free software stack? How about then using it as a Raspberry Pi-like device for your next tinkering project? With some constraints, postmarketOS makes this possible today for 139 booting devices. Every single package in the whole OS can be updated, with the only exceptions being the vendor's Linux kernel and firmware blobs (if you plan on using them). In a few cases, it is even possible to switch out the discontinued vendor kernel forks with the upstream kernel releases straight from Linus Torvalds."
    7:14p
    Canonical backtracks on i386 packages
    Canonical has let
    it be known     that minds have been changed about removing all 32-bit x86
    support from the Ubuntu distribution. "Thanks to the huge amount of feedback this weekend from gamers, Ubuntu Studio, and the WINE community, we will change our plan and build selected 32-bit i386 packages for Ubuntu 19.10 and 20.04 LTS.

    We will put in place a community process to determine which 32-bit packages are needed to support legacy software, and can add to that list post-release if we miss something that is needed.    "
    8:41p
    [$] Lockdown as a security module
    Technologies like UEFI secure boot are intended to guarantee that a
    locked-down system is running the software intended by its owner (for a
    definition of "owner" as "whoever holds the signing key recognized by the
    firmware"). That guarantee is hard to uphold, though, if a program run on
    the system in question is able to modify the running kernel somehow. Thus,
    proponents of secure-boot technologies have been trying for years to
    provide the ability to lock
    down many types of kernel functionality on secure systems. The latest
    attempt posted by Matthew Garrett, at an eyebrow-raising version 34,
    tries to address previous concerns by putting lockdown under the control of
    a Linux security module (LSM).

    << Previous Day 2019/06/24
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org