Tux Machines

Do you waddle the waddle?

Other Sites


Ubuntu Touch OTA-24 Released for Ubuntu Phone Users, Here’s What’s New

Ubuntu Touch OTA-24 is here almost five months after Ubuntu Touch OTA-23 and while it’s still based on the Ubuntu 16.04 (Xenial Xerus) upstream repositories, it introduces further improvements to increase the overall stability and reliability of the mobile OS.

TUXEDO Stellaris 17 and Polaris 15 Linux Gaming Laptops Get High-End NVIDIA GPUs

If you’re in the market for a new gaming laptop, the TUXEDO Stellaris 17 and Polaris 15 Gen4 are now available for pre-order with the NVIDIA GeForce RTX 3060 graphics card and AMD Ryzen 7 6800H processor for the TUXEDO Polaris 15 model, as well as the NVIDIA GeForce RTX 3070 Ti or 3080 Ti graphics cards and AMD Ryzen 9 6900HX processor for the TUXEDO Stellaris 17 variant.

LibreOffice 7.4.3 Open-Source Office Suite Released with 100 Bug Fixes, Download Now

LibreOffice 7.4.3 is here six weeks after the LibreOffice 7.4.2 point release and includes a total of 100 bug fixes that improve document interoperability and the reliability of the LibreOffice 7.4 office suite series. For more details on these bug fixes, check out the RC1 and RC2 changelogs.

Qt Creator 9 Released with Experimental Squish Support, C++ and QML Improvements

Qt Creator 9 is here about four months after Qt Creator 8 and introduces experimental Squish support through a new plugin that lets you open existing Squish test suites, create new test suites and test cases, record test cases, run test suites or cases and view the results in the Squish output using Squish Runner and Server.

Ubuntu 23.04 (Lunar Lobster) Daily Builds Are Now Available for Download

Ubuntu 23.04‘s six-month-long development cycle kicked off at the end of October 2022 with the toolchain upload. Now, early adopters and application developers can download the daily build ISOs, which appeared earlier today on the official servers.


T-Mobile launches IoT Kit supporting 4G LTE, Wi-Fi and BLE

T-Mobile recently launched their first developer kit designed to speed up the development of IoT applications that require “transmitting small amounts of data over long periods of time.” The DevEdge is powered by a Cortex-M4 processor, wireless connectivity, diverse sensors and it runs on a Zephyr-based SDK.

Banana Pi introduces SenaryTech SN3680 based SBC

Banana Pi’s new SBC board features the SenaryTech SN3680 SoC which combines a quad-core CPU, 6.75 TOPS NPU and a GE9920 GPU. The BPI-M6 also provides 4Kp60 display support, 1x GbE port, and optional wireless connectivity.

Ryzen Embedded 3000 based fanless PC equipped with up to 6x LAN ports

SolidRun recently unveiled an industrial-grade PC built around the AMD Ryzen Embedded V3000 processor. The Bedrock PC comes with up to 4x 2.5GbE LAN ports, 2x 10GbE LAN ports, 3x M.2 2280 sockets and optional wireless connectivity.

OpenSSH 9.1 released (UPDATED)

posted by Roy Schestowitz on Oct 04, 2022,
updated Oct 05, 2022

OpenSSH 9.1 has just been released. It will be available from the
mirrors listed at https://www.openssh.com/ shortly.

OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested snapshots or donated to the project. More information on donations may be found at: https://www.openssh.com/donations.html
Changes since OpenSSH 9.0 =========================
This release is focused on bug fixing.
Security ========
This release contains fixes for three minor memory safety problems. None are believed to be exploitable, but we report most memory safety problems as potential security vulnerabilities out of caution.
* ssh-keyscan(1): fix a one-byte overflow in SSH- banner processing. Reported by Qualys
* ssh-keygen(1): double free() in error path of file hashing step in signing/verify code; GHPR333
* ssh-keysign(8): double-free in error path introduced in openssh-8.9
Potentially-incompatible changes --------------------------------
* The portable OpenSSH project now signs commits and release tags using git's recent SSH signature support. The list of developer signing keys is included in the repository as .git_allowed_signers and is cross-signed using the PGP key that is still used to sign release artifacts: https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc
* ssh(1), sshd(8): SetEnv directives in ssh_config and sshd_config are now first-match-wins to match other directives. Previously if an environment variable was multiply specified the last set value would have been used. bz3438
* ssh-keygen(8): ssh-keygen -A (generate all default host key types) will no longer generate DSA keys, as these are insecure and have not been used by default for some years.
New features ------------
* ssh(1), sshd(8): add a RequiredRSASize directive to set a minimum RSA key length. Keys below this length will be ignored for user authentication and for host authentication in sshd(8).
ssh(1) will terminate a connection if the server offers an RSA key that falls below this limit, as the SSH protocol does not include the ability to retry a failed key exchange.
* sftp-server(8): add a "users-groups-by-id@openssh.com" extension request that allows the client to obtain user/group names that correspond to a set of uids/gids.
* sftp(1): use "users-groups-by-id@openssh.com" sftp-server extension (when available) to fill in user/group names for directory listings.
* sftp-server(8): support the "home-directory" extension request defined in draft-ietf-secsh-filexfer-extensions-00. This overlaps a bit with the existing "expand-path@openssh.com", but some other clients support it.
* ssh-keygen(1), sshd(8): allow certificate validity intervals, sshsig verification times and authorized_keys expiry-time options to accept dates in the UTC time zone in addition to the default of interpreting them in the system time zone. YYYYMMDD and YYMMDDHHMM[SS] dates/times will be interpreted as UTC if suffixed with a 'Z' character.
Also allow certificate validity intervals to be specified in raw seconds-since-epoch as hex value, e.g. -V 0x1234:0x4567890. This is intended for use by regress tests and other tools that call ssh-keygen as part of a CA workflow. bz3468
* sftp(1): allow arguments to the sftp -D option, e.g. sftp -D "/usr/libexec/sftp-server -el debug3"
* ssh-keygen(1): allow the existing -U (use agent) flag to work with "-Y sign" operations, where it will be interpreted to require that the private keys is hosted in an agent; bz3429
Bugfixes --------
* ssh-keygen(1): implement the "verify-required" certificate option. This was already documented when support for user-verified FIDO keys was added, but the ssh-keygen(1) code was missing.
* ssh-agent(1): hook up the restrict_websafe command-line flag; previously the flag was accepted but never actually used.
* sftp(1): improve filename tab completions: never try to complete names to non-existent commands, and better match the completion type (local or remote filename) against the argument position being completed.
* ssh-keygen(1), ssh(1), ssh-agent(1): several fixes to FIDO key handling, especially relating to keys that request user-verification. These should reduce the number of unnecessary PIN prompts for keys that support intrinsic user verification. GHPR302, GHPR329
* ssh-keygen(1): when enrolling a FIDO resident key, check if a credential with matching application and user ID strings already exists and, if so, prompt the user for confirmation before overwriting the credential. GHPR329
* sshd(8): improve logging of errors when opening authorized_keys files. bz2042
* ssh(1): avoid multiplexing operations that could cause SIGPIPE from causing the client to exit early. bz3454
* ssh_config(5), sshd_config(5): clarify that the RekeyLimit directive applies to both transmitted and received data. GHPR328
* ssh-keygen(1): avoid double fclose() in error path.
* sshd(8): log an error if pipe() fails while accepting a connection. bz3447
* ssh(1), ssh-keygen(1): fix possible NULL deref when built without FIDO support. bz3443
* ssh-keyscan(1): add missing *-sk types to ssh-keyscan manpage. GHPR294.
* sshd(8): ensure that authentication passwords are cleared from memory in error paths. GHPR286
* ssh(1), ssh-agent(1): avoid possibility of notifier code executing kill(-1). GHPR286
* ssh_config(5): note that the ProxyJump directive also accepts the same tokens as ProxyCommand. GHPR305.
* scp(1): do not not ftruncate(3) files early when in sftp mode. The previous behaviour of unconditionally truncating the destination file would cause "scp ~/foo localhost:foo" and the reverse "scp localhost:foo ~/foo" to delete all the contents of their destination. bz3431
* ssh-keygen(1): improve error message when 'ssh-keygen -Y sign' is unable to load a private key; bz3429
* sftp(1), scp(1): when performing operations that glob(3) a remote path, ensure that the implicit working directory used to construct that path escapes glob(3) characters. This prevents glob characters from being processed in places they shouldn't, e.g. "cd /tmp/a*/", "get *.txt" should have the get operation treat the path "/tmp/a*" literally and not attempt to expand it.
* ssh(1), sshd(8): be stricter in which characters will be accepted in specifying a mask length; allow only 0-9. GHPR278
* ssh-keygen(1): avoid printing hash algorithm twice when dumping a KRL
* ssh(1), sshd(8): continue running local I/O for open channels during SSH transport rekeying. This should make ~-escapes work in the client (e.g. to exit) if the connection happened to have stalled during a rekey event.
* ssh(1), sshd(8): avoid potential poll() spin during rekeying
* Further hardening for sshbuf internals: disallow "reparenting" a hierarchical sshbuf and zero the entire buffer if reallocation fails. GHPR287
Portability -----------
* ssh(1), ssh-keygen(1), sshd(8): automatically enable the built-in FIDO security key support if libfido2 is found and usable, unless --without-security-key-builtin was requested.
* ssh(1), ssh-keygen(1), sshd(8): many fixes to make the WinHello FIDO device usable on Cygwin. The windows://hello FIDO device will be automatically used by default on this platform unless requested otherwise, or when probing resident FIDO credentials (an operation not currently supported by WinHello).
* Portable OpenSSH: remove workarounds for obsolete and unsupported versions of OpenSSL libcrypto. In particular, this release removes fallback support for OpenSSL that lacks AES-CTR or AES-GCM.
Those AES cipher modes were added to OpenSSL prior to the minimum version currently supported by OpenSSH, so this is not expected to impact any currently supported configurations.
* sshd(8): fix SANDBOX_SECCOMP_FILTER_DEBUG on current Linux/glibc
* All: resync and clean up internal CSPRNG code.
* scp(1), sftp(1), sftp-server(8): avoid linking these programs with unnecessary libraries. They are no longer linked against libz and libcrypto. This may be of benefit to space constrained systems using any of those components in isolation.
* sshd(8): add AUDIT_ARCH_PPC to supported seccomp sandbox architectures.
* configure: remove special casing of crypt(). configure will no longer search for crypt() in libcrypto, as it was removed from there years ago. configure will now only search libc and libcrypt.
* configure: refuse to use OpenSSL 3.0.4 due to potential RCE in its RSA implementation (CVE-2022-2274) on x86_64.
* All: request 1.1x API compatibility for OpenSSL >=3.x; GHPR#322
* ssh(1), ssh-keygen(1), sshd(8): fix a number of missing includes required by the XMSS code on some platforms.
* sshd(8): cache timezone data in capsicum sandbox.
Checksums: ==========
- SHA1 (openssh-9.1.tar.gz) = 3ae2d6a3a695d92778c4c4567dcd6ad481092f6c - SHA256 (openssh-9.1.tar.gz) = QKfVArlcItV+e8V1Th85TL5//5d/AvOUhYOeHMDEGuE=
- SHA1 (openssh-9.1p1.tar.gz) = 15545440268967511d3194ebf20bcd0c7ff3fcc9 - SHA256 (openssh-9.1p1.tar.gz) = GfhQCcfj4jeH8CNvuxV4OSq01L+fjsX+a8HNfov90og=
Please note that the SHA256 signatures are base64 encoded and not hexadecimal (which is the default for most checksum tools). The PGP key used to sign the releases is available from the mirror sites: https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc
Reporting Bugs: ===============
- Please read https://www.openssh.com/report.html Security bugs should be reported directly to openssh@openssh.com


A couple of reference pages:

Other Recent Tux Machines' Posts

PipeWire, Flatpak, YaST packages update in Tumbleweed (UPDATED)
This week saw the continuous release of openSUSE Tumbleweed snapshots reach 42
Fedora: Wayland in Blender and (Community Platform Engineering (CPE) Weekly Update
Fedora reports
Games: SC Controller in SparkyLinux, Pixel Wheels 0.24.0, and Linux on Nintendo Wii
Gaming stories
Programming Leftovers
Coding-related links
Gemini Articles of Interest
Gemini protocol posts and pages from the past few days
today's howtos
4 more howtos
EasyOS Dunfell-series version 4.5.2 released
This is another bug-fix release for version 4.5
What Linux distributions to recommend to computer scientists
To have great and enough documentation, a distribution like Fedora or a non-LTS Ubuntu version is not what I recommend
Videos: News, Ubuntu Terminal Ads, and Qtile "Extras" Gives You Even More Customization Options
3 new videos
Pop OS Review: Reasons why its an all-rounder Linux distro
Few reasons why System76’s Pop OS is the best all-rounder Ubuntu-based Linux distribution
lnav: Advanced Log File Viewer for Linux Desktops and Servers
lnav can unzip all the compressed log files on the fly and merge them together for a nice display
Panorama photo stitcher - Hugin 2022 in Beta Now
Hugin, the popular free and open-source panorama photo stitcher application, now is in beta stage for the upcoming 2022 version.
today's howtos
5 more howtos for the day
10 Best Windows Alternative OS: Which One is Best for You?
There are many other operating systems that are faster and more useful than Windows
Android Leftovers
Google and other OEMs have yet to patch a critical Android security flaw
Free Software Leftovers
4 final links
Devices Leftovers
4 more stories
Programming Leftovers
Coding, with R, perl, Python..
FUD and Proprietary Software
4 stories
Open and Linux-centric Hardware: Arduino, Raspberry Pi, and More
Lots in this category toay
today's howtos
afternoon howtos
WineHQ - Wine Announcement - The Wine development release 7.22 is now available.
Binary packages for various distributions will be available
Android Leftovers
These Samsung devices are set to get the latest Android features
This week in KDE: Humongous UI improvements
This week we have a lot of large and impactful user interface improvements across multiple apps and Plasma
Games: Euro Truck Simulator, Heroic Games Launcher, and Creator Day
3 posts by Liam Dawe
today's howtos
morning howtos
Kick-off for EU database of public domain works and digital access to scientific works
EU Parliament approved the funding of two pilot projects in the field of free knowledge
Open source is a hard requirement for reproducibility
And I’m not only talking about the code you typed for your research paper/report/analysis. I’m talking about the whole ecosystem that you used to type your code.
Maui 2.2.1 Release - MauiKit
Today, we bring you a new special report on the Maui Project’s progress.
Today in Techrights
Latest posts in Techrights
Software: WriteFreely, LibreOffice, and More
Assorted posts about software
Programming Leftovers
Cairo, GoReleaser, and more
Open Hardware/Modding: Raspberry Pi, Jetson Nano, Arduino
Open-ended projects
Security Leftovers
Patches, tips, and DRM
Shows and Videos: Python, Going Linux, Zorin OS 16.2 Core, and More
4 new ones
today's howtos
4 howtos
Linux 5.10.156, 5.4.225, 4.19.267, 4.14.300, and 4.9.334
Stable releases
Violence, sexism, racist harassment and physical abuse at FOSDEM, DebConf, FrOSCon, Debian, OSI
FOSDEM organization is getting under way and volunteers have already started receiving anonymous threats and insults
This Week in GNOME: #71 Increased Circle
Update on what happened across the GNOME project in the week from November 18 to November 25
Android Leftovers
How to Develop Android Apps in Linux
Free Software Leftovers
FSF and more
Programming Leftovers
Coding links
today's howtos
half a dozen howtos, mostly from howtoforge
Open Hardware/Modding: Arduino, Raspberry Pi, and More
Several projects and products
89 operating systems
curl has manged to reach its ten billion installations.
Germany Bans Proprietary Microsoft Spyware, Other Privacy News
3 links
How to Develop Android Apps in Linux
Here you will find everything you need to know about building, publishing, and releasing an app on Android
4 Must-Have Extensions for a More Complete GNOME Experience
These extensions are a must if you're looking to personalize GNOME to suit your preferences.
Red Hat and Fedora Leftovers
Most, but not all, are fluff today
Ubuntu Touch OTA-24 Released for Ubuntu Phone Users, Here’s What’s New
The UBports Foundation announced today the release of the OTA-24 software update for its Ubuntu Touch mobile operating system for supported Ubuntu Phone devices.
Ubuntu Touch OTA-24 Release
Today we are happy to announce the release of Ubuntu Touch OTA-24, the very latest update to the system
Videos: Blur My Shell (GNOME), SlowCat, and More
5 new videos
Excellent News! Midori Browser to Integrate its Own Open Source Engine for a Strong Comeback
Midori web browser is active (in beta) and available as a free and open-source offering.
Uruk GNU/Linux 3.0
A 100% free simple distro that fulfills our desires
First Look at the Upcoming Fedora Web-Based Installer (UPDATED)
Fedora announced the first public preview of the new web-based Anaconda Installer, significantly simplifying the installation process
Let’s Go: Ubuntu 23.04 Daily Builds Available to Download (UPDATED)
Development is officially underway on Ubuntu 23.04 ‘Lunar Lobster’, the next interim release of Ubuntu
today's leftovers
Ubuntu, SUSE, and Krita
Games: Isonzo, Steam Deck, Europa Universalis IV, More
Articles from Liam Dawe
GNU and KDE Fundraising (UPDATED)
Ahead of Buy Nothing Day
today's howtos
many afternoon howtos
Android Leftovers
AIoTBOX-3568GK industrial control box offers six USB ports, RS232, RS485, CAN Bus, LVDS, and more
Rnote: An Open-Source Drawing App for Notes and Annotation
Rnote allows you to take notes, draw, and annotate documents. Sounds like you need it? Let us explore more
TUXEDO Stellaris 17 and Polaris 15 Linux Gaming Laptops Get High-End NVIDIA GPUs
TUXEDO Computers announced today the 4th generation of its TUXEDO Stellaris 17 and TUXEDO Polaris 15 Linux-powered gaming laptops with updated components up to AMD Ryzen 9 CPUs and NVIDIA RTX 3080 Ti GPUs.
Android Leftovers
Why Samsung makes the only Android tablets worth buying
Today in Techrights
Latest posts in Techrights
today's leftovers
Games and programming links
Gemini Articles of Interest
Gemini protocol posts and pages from the past few days
7 Best Mastodon Server Instances to Join by the Twitter Emigrants
Leaving Twitter after Elon Musk’s takeover? Well, you are not alone.
LibreOffice 7.4.3 Open-Source Office Suite Released with 100 Bug Fixes, Download Now
The Document Foundation announced today LibreOffice 7.4.3 as the third maintenance update to the latest LibreOffice 7.4 “Community” open-source, free, and cross-platform office suite.
today's howtos
many howtos
EU anti-trust action against Microsoft likely over bundling apps: report
Reuters reported that the European Commission, the executive arm of the EU, had been looking into the Slack complaint since October last year
Best Extensions for GNOME Top Bar
Use these GNOME top bar extensions to transform your GNOME desktop’s top bar from mundane to extraordinary.
Concurrency, Parallelism, I/O Scheduling, Thread Pooling, and Work-Stealing
Around 15 years ago I worked on some interesting pieces of software which are unfortunately still not part of my daily toolbox in GNOME and GTK programming
Recent AudioTube improvements
Since the last post about AudioTube, a lot has happened
Best Free and Open Source Screen-readers
A screen-reader is a computer application designed to provide spoken feedback to a blind or visually impaired person
Videos and Shows: Rsync, Twitter, Linux in the Ham Shack, and Linux Action News
4 new ones