The Free Software Foundation (FSF) has announced that Geoffrey Knauth has been elected president, and free software activist and developer Odile Bénassy has been appointed to the board of directors. Knauth is replacing Richard Stallman who resigned last year. In Knauth’s statement, he said: “The FSF board chose me at this moment as a servant leader to help the community focus on our shared dedication to protect and grow software that respects our freedoms. It is also important to protect and grow the diverse membership of the community.”
Security updates have been issued by CentOS (firefox, java-1.8.0-openjdk, java-11-openjdk, libvncserver, postgresql-jdbc, and thunderbird), Debian (firejail and gupnp), Fedora (cutter-re, postgresql-jdbc, radare2, and webkit2gtk3), openSUSE (chromium, firefox, kernel, and python-rtslib-fb), Oracle (container-tools:ol8, kernel, and nss and nspr), Red Hat (Red Hat OpenShift Jaeger 1.17.6 container images, Red Hat OpenShift Service Mesh, and Red Hat OpenShift Service Mesh 3scale-istio-adapter-rhel8-container), Scientific Linux (thunderbird), and SUSE (firefox, kernel, postgresql10 and postgresql12, python-ipaddress, and xen).
PHP 8.0 is on the horizon, and the project has imposed a feature-freeze for the release. There’s one exception to the feature-freeze, though: the new attributes syntax. An attribute is syntactical metadata for PHP code, identical to what is called an “annotation” in other languages. Even though attributes have been voted on multiple times by the community, major contributor and creator of XDebug Derick Rethans threw a wrench into the works days before the feature-freeze by challenging the current syntax. The ensuing discussion lead to the fourth attributes proposal for the year, with a special feature-freeze exception being made by release manager Sara Golemon. This exception gives Rethans one more opportunity to convince the community to change how attributes work up to the Beta 3 release, scheduled for September 3.
Our look at running a CNC milling machine
using open-source software led me to another tool worth looking at: FreeCAD. I wasn’t previously familiar with
the program, so I decided to check it out. In this article I will walk
through my experiences with using FreeCAD for the first time to do a variety
of CNC-related tasks I normally would have used a commercial product for. I
had varying degrees of success in my endeavors, but in the end came away with
a positive opinion.
The X.Org project has announced two security advisories that impact Xserver and libX11. The first advisory for X server is regarding uninitialized memory in AllocatePixmap() that could lead to address space layout randomization bypass. The second, impacting libX11, is a heap corruption caused by integer overflows and signed/unsigned comparisons.
Security updates have been issued by Debian (grub2 and mercurial), Fedora (chromium, firefox, and freerdp), Oracle (firefox and kernel), Red Hat (firefox), Scientific Linux (firefox, grub2, and kernel), and SUSE (ghostscript and targetcli-fb).
Last year Sienci Labs finished its Kickstarter campaign for the open-source LongMill Benchtop CNC Router — its second successful open-source CNC machine Kickstarter campaign. CNC routers allow users to mill things (like parts) from raw materials (like a block of aluminum) based on a 3D-model. The LongMill is a significant improvement over the original sold-out Mill One and makes professional-quality machining based entirely on open-source technology a reality. As an owner of a LongMill, I will walk through the various open-source technologies that make this tool a cornerstone of my home workshop.
Arduino devices are a favorite among do-it-yourself (DIY) enthusiasts to create, among other things, Internet of Things (IoT) devices. We have previously covered the Espressif ESP8266 family of devices that can be programmed using the Arduino SDK, but the Arduino project itself also provides WiFi-enabled devices such as the Arduino MKR WiFi 1010 board. Recently, the Arduino Security Team raised the problem of security shortcomings of IoT devices in a post, and how the Arduino project is working to make improvements. We will take the opportunity to share some interesting things from that, and also look at the overall state of TLS support in the Arduino and Espressif SDK projects.
Mycroft is a free and open-source software project aimed at providing voice-assistant technology, licensed under the Apache 2.0 license. It is an interesting alternative to closed-source commercial offerings such as Amazon Alexa, Google Home, or Apple Siri. Use of voice assistants has become common among consumers, but the privacy concerns surrounding them are far-reaching. There have been multiple instances of law enforcement’s interest in the data these devices produce for use against their owners. Mycroft claims to offer a privacy-respecting, open-source alternative, giving users a choice on how much of their personal data is shared and with whom.
The PHP project has released PHP 8 Alpha 3, the final alpha release according to the 8.0 release schedule. Feature freeze for the 8.0 release is scheduled for August 4, making this release the last one before features for the latest version of PHP are finalized. PHP 8.0 is scheduled to be released for general availability on November 26.
TechRepublic reports that the Linux Foundation has announced the Linux Foundation Public Health initiative (LFPH). Using projects based on the Google Apple Exposure Notification system, the initiative’s goal according to LFPH general manager Dan Kohn is “building a global community of leading technology and consulting companies, public health authorities, epidemiologists, and other public health specialists, privacy and security experts, and individual developers.” With this announcement is the launch of two open-source projects: COVID Shield and COVID Green.
For years, Windows PHP users have enjoyed builds provided directly by Microsoft. The company has contributed to the PHP project in many ways, with the binaries made available on windows.php.net being the most visible. Recently Microsoft Project Manager Dale Hirt announced that, beginning with PHP 8.0, Microsoft support for PHP on Windows would end.
The Linux Mint project has made good on previous threats to actively prevent Ubuntu Snap packages from being installed through the APT package-management system without the user’s consent. This move is the result of “major worries” from Linux Mint on Snap’s impact with regard to user choice and software freedom. Ubuntu’s parent company, Canonical, seems open to finding a solution to satisfy the popular distribution’s concerns — but it too has interests to consider.
The Home Assistant project has released version 0.112 of the open-source home automation hub we have previously covered, which is the eighth release of the project this year. While previous releases have largely focused on new integrations and enhancements to the front-end interface, in this release the focus has shifted more toward improving the performance of the database. It is important to be aware that there are significant database changes and multiple potential backward compatibility breaks to understand before attempting an upgrade to take advantage of the improvements.
Earlier this year, Netflix developed and released a new Apache-licensed project named Dispatch. It is designed to coordinate the response to and the resolution of security-related incidents, but the project aims for more than just that. Rather, it hopes to be valuable for any type of one-off incident that needs coordination across an organization, such as a service outage.
The PHP project has released the first alpha of PHP 8, which is slated for general availability in November 2020. This initial test release includes many new features such as just-in-time (JIT) compilation, new constructs like Attributes, and more. One of twelve planned releases before the general availability release, it represents a feature set that is still subject to change.