Post Syndicated from jzb original https://lwn.net/Articles/999910/

Version
8 of the Ubuntu-based elementary OS has been released. This
release includes a rewritten Dock, new window-management features,
improvements in the installation and initial setup procedures for
visually impaired users, as well as a new Secure Session mode:

In the Secure Session, apps will be more restricted and will require
your consent for access to system features. When an app wants to
listen in the background for your keystrokes, take a screenshot,
record the screen, or even pick up the color from a single pixel, you
will be asked first to make sure that it’s okay. The Secure Session
also comes with other modern features like support for Mixed DPI
modes—A hotly requested feature for folks using a HiDPI notebook or
tablet with a LoDPI external display—and improved support for
multi-touch gestures on touch screens and tablets.

Post Syndicated from jzb original https://lwn.net/Articles/999897/

Security updates have been issued by Debian (mpg123 and php8.2), Fedora (libsndfile, mingw-glib2, mingw-libsoup, mingw-python3, and qbittorrent), Oracle (pam:1.5.1 and perl-App-cpanminus), Red Hat (firefox, thunderbird, and webkit2gtk3), Slackware (mozilla), SUSE (firefox, rclone, tomcat, tomcat10, and xen), and Ubuntu (gh, libsoup2.4, libsoup3, pygments, TinyGLTF, and twisted).

Post Syndicated from jzb original https://lwn.net/Articles/998778/

Arch Linux is popular as a base
for other Linux distributions; examples of Arch-derivatives include EndeavourOS, Manjaro, Parabola, and SteamOS.
There’s one small problem: the control files used to describe how to build
packages for Arch Linux have no stated license. That creates a bit of
uncertainty about the rights and responsibilities for the downstream
derivatives. So far, that doesn’t seem to have been a problem, nor has
it stopped other projects from assuming that reuse is
allowed. However, the Arch project is looking to add some clarity by
explicitly assigning a liberal license to its package
sources. Currently the project is in the process of reaching out to
contributors to see if they have any objections.

Post Syndicated from jzb original https://lwn.net/Articles/999767/

Mozilla has announced
the release of Firefox 133.0. Notable in this release is the addition
of a new anti-tracking feature, Bounce Tracking Protection, which
detects trackers based on redirect
behavior and automatically purges their cookies and site data to
thwart tracking. The release also includes various
security fixes and more.

Post Syndicated from jzb original https://lwn.net/Articles/998153/

The most common piece of advice given to users who ask about
running their own mail server is don’t. Setting up
and securing a mail server in 2024 is not for the faint of heart, nor
for anyone without copious spare time. Spammers want to flood inboxes
with ads for questionable supplements, attackers want to abuse servers
to send spam (or worse), and getting the big providers to accept mail
from small servers is a constant uphill battle. Michael W. Lucas,
however, encourages users to thumb their nose at the “Email
Empire“, and declare email independence. His self-published book,
Run Your Own Mail
Server, provides a manual (and manifesto) for users who are
interested in the challenge.

Post Syndicated from jzb original https://lwn.net/Articles/998615/

The FreeBSD Foundation has announced
the release of a security
audit report conducted by security firm Synacktiv. The audit uncovered
a number of vulnerabilities:

Most of these vulnerabilities have been addressed through official FreeBSD
Project security advisories, which offer detailed information
about each vulnerability, its impact, and the measures implemented to
improve the security of FreeBSD systems. […]

The audit uncovered 27 vulnerabilities and issues within various
FreeBSD subsystems. 7 issues were not exploitable and were robustness
or code quality improvements rather than immediate security concerns.

Post Syndicated from jzb original https://lwn.net/Articles/997559/

The Fedora Project is set to welcome a second desktop edition to its
lineup after months (or years, depending when one starts the clock)
of discussions. The project recently decided to allow a new working group to
move forward with a KDE Plasma Desktop edition that will sit
alongside the existing GNOME-based Fedora Workstation
edition. This puts KDE on a more equal footing within the project,
which, it is hoped, will bring more contributors and users interested
in KDE to adopt Fedora as their Linux distribution of choice.

Post Syndicated from jzb original https://lwn.net/Articles/998215/

The Python Package Index (PyPI) has announced
that it has finalized support for PEP 740 (“Index support
for digital attestations”). Trail of Bits, which performed
much of the development work for the implementation, has an in-depth
blog post about the work and its adoption, as well as what is left
undone:

One thing is notably missing from all of this work:
downstream verification. […]

This isn’t an acceptable end state (cryptographic attestations have
defensive properties only insofar as they’re actually
verified), so we’re looking into ways to bring
verification to individual installing clients. In particular, we’re
currently working on a plugin architecture
for pip that will enable users to load
verification logic directly into their pip install
flows.

Post Syndicated from jzb original https://lwn.net/Articles/998044/

Security updates have been issued by AlmaLinux (expat), Fedora (chromium and golang-github-nvidia-container-toolkit), Mageia (curl, expat, mpg123, networkmanager-libreswan, openssl, php-tcpdf, qbittorrent, and x11-server, x11-server-xwayland, and tigervnc), Red Hat (kernel and libsoup), Slackware (mozilla), SUSE (firefox, kernel, python-PyPDF2, and xen), and Ubuntu (dotnet9, ghostscript, linux-aws, linux-oem-6.8, and pydantic).

Post Syndicated from jzb original https://lwn.net/Articles/997927/

Garrett LeSage has written an in-depth article
for Fedora Magazine about a new web-based user interface (UI) for Fedora’s
Anaconda
installer, planned to ship with Fedora 42. The article looks at
the rationale for moving from GTK 3 to a web-based UI, provides a
number of screenshots and demo screencasts, as well as instructions on
trying out the new installer with Fedora Rawhide.

Post Syndicated from jzb original https://lwn.net/Articles/995915/

Fedora Linux, as a rule, handles version upgrades reasonably
well. However, there are times when users may want to do a fresh
installation rather than an upgrade but preserve existing
users and data under /home. This is a scenario that the
Fedora installer, currently, does not address. Users can maintain a
separate /home partition, of course, but the installer does
not incorporate existing users into the new install—that is an
exercise left to the user to handle. One solution might be to use systemd-homed, a systemd
service for managing users and home directories. However, a discussion
proposing the use systemd-homed as part of Fedora installation
uncovered some hurdles, such as trying to blend its approach to
managing users with tools that centralize user management.

Post Syndicated from jzb original https://lwn.net/Articles/997182/

Security updates have been issued by AlmaLinux (libtiff), Debian (context, libheif, and thunderbird), Fedora (php-tcpdf, syncthing, and thunderbird), Gentoo (EditorConfig core C library, Flatpak, Neat VNC, and Ubiquiti UniFi), Oracle (bcc, bpftrace, grafana-pcp, haproxy, kernel, krb5, libtiff, python-gevent, python3.11-urllib3, python3.12-urllib3, and xmlrpc-c), Red Hat (python3.11-urllib3), SUSE (audacity, curl, govulncheck-vulndb, gradle, htmldoc, libgsf, python310, and qbittorrent), and Ubuntu (linux-aws-5.4, linux-oracle-5.4, mpg123, and python-werkzeug).

Post Syndicated from jzb original https://lwn.net/Articles/997034/

Version
2.1.0 of the LXQt
lightweight Qt desktop environment has been released. The highlight of
this release is support for multiple Wayland compositors:

Through its new component lxqt-wayland-session, LXQt 2.1.0
supports 7 Wayland sessions (with Labwc, KWin, Wayfire, Hyprland,
Sway, River and Niri), has two Wayland back-ends in
lxqt-panel (one for kwin_wayland and the other
general), and will add more later. All LXQt components that are not
limited to X11 — i.e., most components — work fine on Wayland. […]

Of course, the X11 session will be supported
indefinitely. Wayland is optional and rather experimental.

Post Syndicated from jzb original https://lwn.net/Articles/996356/

Members of the Open Source
Initiative (OSI) board sat down for a 45-minute “Ask Me Anything”
(AMA) session at All Things
Open in Raleigh, NC on October 29. Though the floor was open to
any topic the audience might want to ask of the OSI board. Many of the
questions were focused on the Open Source
AI Definition (OSAID), which was announced the day
before. The new definition has been somewhat controversial,
and the board spent a lot of time addressing concerns about it during
the session, as well as questions on open washing, and a need for more
education about open source in general.

Post Syndicated from jzb original https://lwn.net/Articles/996585/

The Rust blog has an update
on its progress on some of its project
goals. One of the project’s flagship
goals is to resolve
the biggest blockers to Linux building on stable Rust:

Finally, we have been finding an increasing number of stabilization
requests at the compiler level, and so @wesleywiser and @davidtwco
from the compiler team have started attending meetings to create a
faster response. One of the results of that collaboration is RFC #3716,
authored by Alice Ryhl, which proposes a method to manage compiler
flags that modify the target ABI. Our previous approach has been to
create distinct targets for each combination of flags, but the number
of flags needed by the kernel make that impractical. Authoring the RFC
revealed more such flags than previously recognized, including those
that modify LLVM behavior.

Post Syndicated from jzb original https://lwn.net/Articles/996337/

Timothée Ravier has written a
blog post about changes in the Fedora Atomic
Desktops for Fedora Linux 41. Some of the notable new
features for Atomic Desktops include bootloader updates enabled by
default for UEFI systems, first steps towards using bootable containers,
and more.

Post Syndicated from jzb original https://lwn.net/Articles/996332/

The Raspberry Pi project has announced
a new version of Raspberry Pi OS. It includes a number of
significant changes, the most notable of which is that the Raspberry
Pi Desktop now uses Wayland by default for all Pi models using the
labwc compositor:

For most of this year, we have been working on porting labwc to the
Raspberry Pi Desktop. This has very much been a collaborative process
with the developers of both labwc and wlroots: both have helped us
immensely with their support as we contribute features and
optimisations needed for our desktop.

This release also features Linux 6.6.51, improved touchscreen support, a new
screen configuration tool called raindrop, and more. See the
release
notes for a full list of changes.

Post Syndicated from jzb original https://lwn.net/Articles/996326/

The first stable release of the Thunderbird mail client for Android is now available:

Just over two years ago, we announced
our plans to bring Thunderbird to Android by taking K-9 Mail under
our wing. The journey took a little
longer than we had originally anticipated and there was a lot to
learn along the way, but the wait is finally over! For all of you who
have ever asked “when is Thunderbird for Android coming out?”, the
answer is – today!

It is immediately available on the Google
Play Store, via GitHub
Releases, or from the Thunderbird web site, and
it will be “coming soon” to the F-Droid repository for FOSS Android
applications. See the release
notes for detailed information about Thunderbird 8.0 for
Android.

Post Syndicated from jzb original https://lwn.net/Articles/996310/

Security updates have been issued by AlmaLinux (buildah), Debian (python-git, texlive-bin, and xorg-server), Mageia (chromium-browser-stable), Red Hat (kernel), SUSE (Botan, go1.22-openssl, go1.23-openssl, grafana, libgsf, pcp, pgadmin4, python310-pytest-html, python313, xorg-x11-server, and xwayland), and Ubuntu (nano, python-urllib3, and xorg-server, xwayland).

Post Syndicated from jzb original https://lwn.net/Articles/996214/

Fedora Linux 41 has been
released. See the “what’s new” pages for Fedora
Workstation and Fedora
KDE, to learn more about the latest in those editions. There is
also a new Fedora
Miracle Window Manager Spin that offers the Miracle tiling window manager for
Wayland.