Finnix 126 now available for download as a super-light Linux distro under 500 MB in size
Quoting: Finnix 126 now available for download as a super-light Linux distro under 500 MB in size —
Nearly 25 years old now, the Debian-based Finnix is one of the oldest Linux distros designed to run entirely from a bootable CD. Its target audience consists of power users and professionals who need a reliable and fast tool for tasks such as network monitoring, system recovery, and OS installation. With a size of less than 500 MB, the latest release, which is Finnix 126, can run from bootable CDs or DVDs, USB drives, and hard drives. This distro can also be started remotely(PXE).
Although most of the changes are not visible, it is worth mentioning that Finnix 126 lands as the first release to pack additional "supply chain" assurances. According to Ryan Finnie, the distro's developer since the beginning, Finnix 126 "was built on a public CI platform (GitHub Actions), with the ISO (.disk/build_info) pointing to the URL of the build run which lists a SHA256 checksum of the ISO and links to the exact commit used to build it" and also takes advantage of the new attestation functionality provided by GitHub.
Finnix 126 comes with libc6-i386, is built using version 6.8 of the Linux kernel (Debian 6.8.12-1, in this particular case), 0 kernel command line option (same function as the 0 (locale-config) utility, but before shell prompts, during early boot), upstream Debian package updates, as well as multiple minor fixes and improvements. In addition to these, Finnix 126 is also safe from the OpenSSH CVE-2024-6387 vulnerability as it comes with the Debian 9.7p1-7 fixed version.
Update
Original also:
-
Finnix 126 released
This is the first Finnix release to contain additional “supply chain” assurances. The release was built on a public CI platform (GitHub Actions), with the ISO (.disk/build_info) pointing to the URL of the build run which lists a SHA256 checksum of the ISO and links to the exact commit used to build it. Additionally, the build provides an attestation of the build artifacts through GitHub’s new attestation functionality.
Note that this release was made a few days after the OpenSSH CVE-2024-6387 vulnerability announcement, and to be clear, Finnix 126 does include a fixed version (Debian 9.7p1-7).