Other Sites

Internet Society

Global Encryption Day Panel Highlights Encryption’s Role in Children’s Online Safety

In recent years, various organizations and policymakers around the world have argued that encryption harms children by creating a barrier for law enforcement agencies that seek to identify the distribution of child abuse material.

9to5Linux

QEMU 9.2 Brings AWS Nitro Enclave Emulation, Many RISC-V Improvements

Coming three months after QEMU 9.1, the QEMU 9.2 release is here to introduce a new “nitro-enclave” machine type for emulating an AWS Nitro Enclave environment and boot from an EIF (Enclave Image Format) file, and to implement a single entry floating-point exception queue for SPARC v7/v8 architectures.

GNOME 46.7 Improves Accessibility of Quick Settings’ Keyboard Backlight Toggle

GNOME 46.7 is here one and a half months after GNOME 46.6 to improve the accessibility of the keyboard backlight toggle in Quick Settings, default to GPUs with built-in panels connected as the primary GPU, and default to high thread instead of real-time priority for the Kernel Mode Setting (KMS) thread.

Raspberry Pi 500 Computer Launches with the Official Raspberry Pi Monitor

The Raspberry Pi 500 is the successor of the Raspberry Pi 400 model released four years ago, in November 2020 (yes, time does fly fast), which was based on the Raspberry Pi 4 Model B SBC with 4 GB RAM. The new model is based on the latest Raspberry Pi 5 SBC with 8GB RAM.

LinuxGizmos.com

(Updated) T-Deck Plus: An ESP32 Handheld Device with GPS and LoRa Support

At the core of the T-Deck Plus is the ESP32-S3FN16R8, a dual-core LX7 microprocessor that supports 2.4 GHz Wi-Fi and Bluetooth 5 LE connectivity. The device is equipped with 16MB of flash memory and 8MB of PSRAM. Additionally, the T-Deck Plus includes a Micro SD card slot, allowing for further expandable storage.

AAEON Introduces the UP Xtreme i14 Edge, Its First Meteor Lake-Powered Mini PC

AAEON has unveiled the UP Xtreme i14 Edge, a compact fanless Mini PC powered by Intel Core Ultra processors, Intel Arc graphics, and up to 64GB of LPDDR5 memory. Designed for tasks such as computer vision and AI-driven security, it offers significant improvements in memory, graphics, and display capabilities compared to its predecessor.

news

Security Leftovers

posted by Roy Schestowitz on Dec 10, 2024

LWN ☛ Security updates for Monday

Security updates have been issued by AlmaLinux (redis:7, ruby, ruby:2.5, and ruby:3.1), Debian (avahi, ceph, chromium, gsl, jinja2, php7.4, renderdoc, ruby-doorkeeper, and zabbix), Fedora (chromium, python3.11, and uv), Gentoo (Asterisk, Cacti, Chromium, Surveillance Giant Google Chrome, Abusive Monopolist Microsoft Edge. Opera, Dnsmasq, firefox, HashiCorp Consul, icinga2, OATH Toolkit, OpenJDK, PostgreSQL, R, Salt, Spidermonkey, and thunderbird), Mageia (kubernetes), Red Hat (grafana, grafana-pcp, osbuild-composer, and postgresql), SUSE (ansible-core, firefox, glib2, java-1_8_0-ibm, kernel-firmware, nanopb, netty, python310-django-ckeditor, python310-jupyter-ydoc, radare2, skopeo, and webkit2gtk3), and Ubuntu (tinyproxy).
Trail of Bits ☛ 35 more Semgrep rules: infrastructure, supply chain, and Ruby

We are publishing another set of custom Semgrep rules, bringing our total number of public rules to 115.
PCLinuxOS
- PCLOS Official ☛ PCLinuxOS Recent Updates
Devices/Embedded
- The Register UK ☛ OpenWrt supply chain attack scare prompts urgent upgrades
  
  Spooren wrote: "Due to the combination of the command injection in the 'openwrt/imagebuilder' image and the truncated SHA-256 hash included in the build request hash, an attacker can pollute the legitimate image by providing a package list that causes the hash collision."
- Security Week ☛ Critical OpenWrt Flaw Exposes Firmware Update Server to Exploitation
  
  The OpenWrt Project, an open-source initiative providing a Linux-based operating system for embedded devices, has pushed a critical patch to cover flaws that expose its firmware update server to malicious exploitation.
  
  The vulnerability, tracked as CVE-2024-54143, affects the OpenWrt sysupgrade server and exposes users to potential risks of installing compromised firmware images.
- LWN ☛ A vulnerability in the OpenWrt attended sysupgrade server
  
  The OpenWrt project has issued an
  
  advisory regarding a vulnerability found in its Attended Sysupgrade
  
  Server that could allow compromised packages to be installed on a router by
  
  an attacker. No official OpenWrt images were affected, and the
  
  vulnerability is not known to be exploited, but users who have installed
  
  images created with an instance of this server are recommended to
  
  reinstall.

Other Recent Tux Machines' Posts

QEMU 9.2 Brings AWS Nitro Enclave Emulation, Many RISC-V Improvements: QEMU 9.2 open-source machine emulator and virtualization software has been released today with various improvements, new features, and other changes.
It’s Official: Linux Kernel 6.12 Will Be LTS, Supported for “Multiple Years”: Renowned Linux kernel developer Greg Kroah-Hartman announced today that the Linux 6.12 kernel series has been officially marked as LTS (Long Term Support) on the kernel.org website.
Fedora Project Leader Matthew Miller: A change of hats!: I’ve been the Fedora Project Leader for more than ten years
Linux Mint Topped DistroWatch’s Rankings: Linux Mint climbs to the number one spot on DistroWatch, unseating MX Linux after five years of dominance in the popular ranking
GNOME 47.2 Officially Released with Various Bug Fixes and Improvements: The GNOME Project announced today the official availability of GNOME 47.2 as the second maintenance update to the latest GNOME 47 “Denver” desktop environment series with more bug fixes and improvements.
Latest COSMIC Desktop Alpha Adds New Options, VRR Support: Development on COSMIC, a new open-source desktop environment created by developers a Linux-based hardware company System76
Linux 6.13-rc2: Please do keep testing, and then we can all take it a bit easier over the holidays
Raspberry Pi 500: The Raspberry Pi 500 keyboard PC is now available with the guts of a Raspberry Pi 5 including a Broadcom BCM2712 quad-core Cortex-A76 SoC
Cinnamon Desktop 6.4 Released with New Look: A new version of the Cinnamon desktop environment has been tagged for release – a sure-fire sign that the Linux Mint 22.1 beta is on the way
GNU/Linux Leftovers: IBM, Debian, and more
today's howtos: Instructionals/Technical articles
Linux Mint 22.1 “Xia” Beta Is Now Available for Download with Cinnamon 6.4: The Linux Mint team has now published the ISO images of the beta release of the upcoming Linux Mint 22.1 release, which can be downloaded right now for public testing from the official mirrors.
AlmaLinux 10 Beta Offers Early Access to Key Upgrades: Get hands-on with AlmaLinux 10 Beta, featuring new x86_64_v2 support, top-tier toolsets
Linux, openSUSE ready for Everyday Users: Most people don’t give much thought to their operating system
OpenMandriva Lx 24.12 Released with COSMIC Desktop Spin, Linux Kernel 6.12 LTS: The OpenMandriva team released today OpenMandriva Lx 24.12 as the latest snapshot of the “ROME” rolling release series of this Mandriva Linux successor featuring the latest and greatest GNU/Linux technologies.
Programming Leftovers: Development picks
Security Leftovers: Security and Windows TCO
Kaidan 0.10.0: Too Much to Summarize!: Kaidan’s next release with so many features that we cannot summarize them in one sentence
Games: Steam Deck, RPCS3, and More: mostly from GamingOnLinux
Android Leftovers: These are the best smartwatches for Android [December 2024]
Debian-based Window Maker Live 12.8 comes with recompiled packages and GUI enhancements: Integrating Firefox and Thunderbird with GNOME components on top of the Window Maker window manager and a Debian core
Sovereign Tech Agency Injects €562K into Arch Linux: ALPM, Arch Linux's packaging ecosystem, received €562K funding to modernize package creation
What will the year 2025 bring for Linux PCs?: What's next for Linux in all its facets in the coming year
Why I Want to See an Official GNOME-Only OS: I've used Linux on and off for years. Most of that time I've used GNOME
Free and Open Source Software: This is free and open source software
Today in Techrights: Some of the latest articles
Canonical/Ubuntu Leftovers: Some news, buzz (hype), and more
Security Leftovers: several more good and bad pieces
Open Hardware/Modding: Turing Pi, Raspberry Pi, and Arduino: some hardware picks
How to Test Your Linux 3D Graphics Hardware, '90s Style: What Is glxgears?
today's leftovers: with focus on GNU/Linux
Open Hardware/Modding/3D Printing: makers and more
5 of the More Useful Note-taking Apps in Linux: we will look at some of the more useful note-taking apps in Linux that you can use to streamline your daily workflow
Security Leftovers: updates and patches
today's howtos: 7 howtos for now
GNUnet 0.23.0: We are pleased to announce the release of GNUnet 0.23.0
Red Hat Latest: From redhat.com
Fedora Engineering Steering Council (FESCo) Elections: who's running
Audiocasts/Shows: LINUX Unplugged, This Week in Linux, Late Night Linux, The Cybershow, The Law Bytes Podcast: 5 new episodes
today's howtos: Instructionals/Technical articles
Programming Leftovers: Development in R, Perl, Python
Android Leftovers: You Can Now Save Your Passport on Your Android Phone, But There's a Catch
MiniOS 4.0: Sleek Visual Updates and Streamlined Functionality: MiniOS 4.0 unveils a new Toolbox edition, enhanced visuals, better system tools, kernel updates, and support for NTFS, FAT32, and exFAT storage
Linux Mint 22.1 Beta ISOs now undergoing final testing: The Linux Mint team is testing the disc images of the upcoming version, which means it's not far away now
Windows TCO Leftovers: Windows costing too much
GPU Switching: A Multi-GPU Game Changer: Users of openSUSE can now rely on the built-in switcherooctl tool for GPU switching
VOIPAC iMX93 industrial development kit targets AI, HMI, and Edge Computing applications: The iMX93 Development Kit supports Linux built with Yocto Project 5.0 Scarthgap
The Shepherd 1.0.0 released!: Finally, twenty-one years after its inception (twenty-one!)
Manjaro 24.2 “Yonada” Released, Here’s What’s New: Powered by Linux kernel 6.12, Manjaro 24.2 "Yonada" is now available for download with GNOME 47, Plasma 6.2, and XFCE 4.18
Arduino Core for Zephyr beta released – Let’s give it a try!: Last July, Arduino announced plans to switch from the soon-to-be deprecated Arm Mbed to Zephyr RTOS
South Korean web giant Naver creates its own Linux distro: 'Navix' follows OpenELA rules, comes with ten years support, and is already used in production at scale
Winter Party [original]: we're celebrating 20.5 years of this site
Free and Open Source Software: This is free and open source software
Stable kernels: Linux 6.12.4, and Linux 6.6.64: All users of the 6.12 kernel series must upgrade
This Linux distribution surprised me with its minimalistic yet highly-functional operating system: If you're looking for a new operating system that is equally beautiful and functional
Games: Software Patents, Steam, and More: New/latest from GamingOnLinux
OBS Studio 31 Debuts With New NVIDIA Blur Features: The open-source broadcasting software OBS Studio
Today in Techrights: Some of the latest articles
GNOME 46.7 Improves Accessibility of Quick Settings’ Keyboard Backlight Toggle: The GNOME Project released today GNOME 46.7 as the seventh maintenance update to the GNOME 46 desktop environment series with various bug fixes, updated translations, and other changes.
Security Leftovers: only a few for now
GNU/Linux and BSD Leftovers: or today's leftovers
Web Related, FOSS Focus: WWW stories
Paul Wise's Debian/FLOSS Activities and Paulo Henrique de Lima Santana on MiniDebConf Toulouse 2024: Some Debian picks
Open Hardware/Modding: Seeed Studio, Raspberry Digital Signage 21.0, and More: some hardware picks
Programming Leftovers: Development related news
Audiocasts/Shows: GNU World Order, Linux Out Loud, and Open Source Security Podcast: 3 new episodes
today's howtos: mostly idroot
Raspberry Pi 500 Computer Launches with the Official Raspberry Pi Monitor: The Raspberry Pi Foundation announced today the launch of the Raspberry Pi 500 computer, powered by the Raspberry Pi 5 single-board computer, alongside the Raspberry Pi Monitor.
Android Leftovers: If Gboard is the best Android keyboard, why do I like this alternative so much
PostgreSQL: pgtt-rsl v2.0, pgBadger 13.0, Flyway Community Drift Check released: PostgreSQL news
Canonical Killing Off Ubuntu Forums and Moving to "Support and Help Section of Ubuntu Discourse": Abandoning Ubuntu community some more
6 Tips for Using Linux Without Touching the Command Line: When you read about Linux, you probably see a lot of talk about commands to use in the terminal
AAEON Introduces the UP Xtreme i14 Edge, Its First Meteor Lake-Powered Mini PC: The UP Xtreme i14 Edge is available as a computing kit with Ubuntu 24.04 preinstalled and validated under Ubuntu Pro
GNU/Linux and Free Software Leftovers: FOSS and more
CISA and Windows TCO: security picks
Programming Leftovers: coding related picks
Open Hardware/Modding: GNU-like Mobile Linux, Raspberry Pi Zero 2, Cheap FPGA PCIe Development, and More: Hardware picks
Best Free and Open Source Software: Only free and open source software is eligible for inclusion
Review: Oreon 9.3 / Lime R2: A lot of the characteristics which make up a good server operating system are also welcome features for a desktop system
New Videos and Audiocasts/Shows: Invidious and TLLTS
Turning 20.5 Tomorrow [original]: The pens or writers of Free software cannot be stopped. The attacks on them merely reaffirm the importance of they work they do.
Today in Techrights: Some of the latest articles

Tux Machines

Other Sites

Internet Society

Global Encryption Day Panel Highlights Encryption’s Role in Children’s Online Safety

9to5Linux

QEMU 9.2 Brings AWS Nitro Enclave Emulation, Many RISC-V Improvements

GNOME 46.7 Improves Accessibility of Quick Settings’ Keyboard Backlight Toggle

Raspberry Pi 500 Computer Launches with the Official Raspberry Pi Monitor

LinuxGizmos.com

(Updated) T-Deck Plus: An ESP32 Handheld Device with GPS and LoRa Support

AAEON Introduces the UP Xtreme i14 Edge, Its First Meteor Lake-Powered Mini PC

news

Security Leftovers

LWN ☛ Security updates for Monday

Trail of Bits ☛ 35 more Semgrep rules: infrastructure, supply chain, and Ruby

PCLinuxOS

PCLOS Official ☛ PCLinuxOS Recent Updates

Devices/Embedded

The Register UK ☛ OpenWrt supply chain attack scare prompts urgent upgrades

Security Week ☛ Critical OpenWrt Flaw Exposes Firmware Update Server to Exploitation

LWN ☛ A vulnerability in the OpenWrt attended sysupgrade server

Other Recent Tux Machines' Posts