Brief items
Security
Security quote of the week
Plans to "break up" big tech just creates a few more data silos and
effectively locks in some pre-selected (slightly smaller) giants, thanks to
network effects. What the Data Transfer Project does is flip the
equation. It makes it so that more competition can thrive without taking
away the network effects that make the internet so powerful. It's the most
interesting, and most compelling approach to generating actual competition
among internet services.
— Mike
Masnick on the Data Transfer
Project
I still hope that the project goes even further in knocking down silos and opening up for competition, but it's already quite encouraging. Of course, it got almost no attention at all because anti-trust is sexy, whereas companies opening themselves up to competition through technological means is apparently boring.
Kernel development
Kernel release status
The current development kernel is 5.3-rc3, released on August 4. Linus said: "Interesting. Last Sunday, rc2 was fairly large to match the biggish merge window, but this last week has actually been quite calm, and rc3 is actually smaller than usual, and smaller than rc2 was"
Stable updates: 5.2.6, 4.19.64, 4.14.136, 4.9.187, and 4.4.187 were released on August 4, followed by 5.2.7, 4.19.65, 4.14.137, 4.9.188, and 4.4.188 on August 6.
Distributions
Freedombone 4.0 released
Freedombone 4.0 is available. Freedombone is a distribution (based on Debian 10) focused on the hosting network services under one's own control on home servers. "There is no freedom without freedom of association. That is, having the ability to define who you are and what kind of community you want to live in. This release includes Community Networks as an initial step towards networks run by and for the people who use them." Support for the Wireguard VPN has been added, but the "Fediverse" applications (GNU Social, PostActiv, and Pleroma) have been removed as being too hard to manage.
Red Hat Enterprise Linux 7.7 released
Red Hat has announced the release of Red Hat Enterprise Linux 7.7. "Beyond new capabilities, Red Hat Enterprise Linux 7.7 also marks the transition of Red Hat Enterprise Linux 7 to Maintenance Phase I within the Red Hat Enterprise Linux 10-year lifecycle. Maintenance Phase I emphasizes maintaining infrastructure stability for production environments and enhancing the reliability of the operating system. Future minor releases of Red Hat Enterprise Linux 7 will now focus solely on retaining and improving this stability rather than net-new features."
Distribution quote of the week
Seeing that some people out there in the world have installed and are
using a package that I maintain in Debian makes me happy. I think we
shouldn't underestimate the pure psychological value of that, even if it's
hard to attribute specific meaning to the statistics.
— Russ Allbery
Development
FFmpeg 4.2 released
Version 4.2 of the FFmpeg multimedia framework is out. It features a long list of new filters and decoders, including a long-awaited AV1 decoder.The GNU C Library version 2.30 is now available
Version 2.30 of the GNU C Library (glibc) has been released. New features include Unicode 12.1.0 support; wrappers for the getdents64(), gettid(), and tgkill() system calls on Linux; addition of a bunch of POSIX-proposed pthreads calls; protections for memory allocation functions so that they cannot cause ptrdiff_t overflows; and more, such as fixes for two security problems:
CVE-2019-7309: x86-64 memcmp used signed Jcc instructions to check
size. For x86-64, memcmp on an object size larger than SSIZE_MAX
has undefined behavior. On x32, the size_t argument may be passed
in the lower 32 bits of the 64-bit RDX register with non-zero upper
32 bits. When it happened with the sign bit of RDX register set,
memcmp gave the wrong result since it treated the size argument as
zero. Reported by H.J. Lu.
CVE-2019-9169: Attempted case-insensitive regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read. Reported by Hongxu Chen.
GNOME and KDE to co-host the Linux App Summit in November
The GNOME and KDE projects are teaming up to host the Linux App Summit (LAS) that will be held in Barcelona, November 12-15. "LAS is the first collaborative event co-hosted by the two organizations since the Desktop Summit in 2009. Both organizations are eager to bring their communities together in building an application ecosystem that transcends individual distros and broadens the market for everyone involved. KDE and GNOME will no longer be taking a passive role in the free desktop sector. With the joint influence of the two desktop projects, LAS will shepherd the growth of the FOSS desktop by encouraging the creation of quality applications, seeking opportunities for compensation for FOSS developers, and fostering a vibrant market for the Linux operating system." The CfP is open until August 31.
Knoll: Technical vision for Qt 6
Lars Knoll describes the goals for the next major version of the Qt graphics toolkit. "Qt has been growing a lot over the last years, to the point where delivering a new version of it is a major undertaking. With Qt 6 there is an opportunity to restructure our product offering and have a smaller core product that contains the essential frameworks and tooling. We will use the market place to deliver our add-on frameworks and tools, not as a tightly coupled bundle with the core Qt product."
Miscellaneous
FSFE releases the REUSE 3.0 copyright/licensing specification
The Free Software Foundation Europe has an announcement about the release of the REUSE 3.0 specification. "The licensing of a software project is critical information. Developers set the terms under which others can reuse their software, from individuals to giant corporations. Authors want to make sure that others adhere to their chosen licenses; potential re-users have to know the license of third-party software before publication; and companies have to ensure license compliance in their products that often build on top of existing projects. The REUSE project, led by the Free Software Foundation Europe (FSFE), helps all of these parties."
Page editor: Jake Edge
Next page:
Announcements>>