Development Release: FreeBSD 11.0-RC1

The first release candidate for the upcoming FreeBSD 11.0 is ready for testing: “The first RC build of the 11.0-RELEASE release cycle is now available. A summary of changes since BETA4 includes: a NULL pointer dereference in IPSEC has been fixed; support for SSH protocol 1 has been….

Ubuntu Touch Mobile OS to Be Soon Rebased on Ubuntu 16.04 LTS, Not Yakkety Yak

One of our readers was asking us last week if we have any news on when Ubuntu Touch will switch to a newer version of Ubuntu? The official answer came a few days ago from Canonical’s Łukasz Zemczak, who reveals the fact that the Ubuntu mobile OS will soon be rebased on Ubuntu 16.04 LTS (Xenial Xerus).

It appears that this is not the first time the Ubuntu Touch developers have been asked by Ubuntu Phone and Ubuntu Tablet users what’s the state of operating system’s baseline, which right now is still using the packages from the now deprecated Ubuntu 15.04 (Vivid Vervet) release.

“There is no real touch development work happening on yakkety – more also because our touch images are still using upstart,” says Łukasz Zemczak. “There are no plans for us switching to yakkety so we any yakkety-based images are most likely to be broken. We recommend using our vivid (stable, rc, rc-proposed) channels for any touch-related development for now.”

So there you have it, Ubuntu To… (read more)

Lubuntu Linux Team Is Ready to Begin the Migration Process to the LXQt Desktop

Today, August 12, 2016, Lubuntu Linux maintainer Simon Quigley announced something that many of you have expected for so long, the migration of the lightweight Ubuntu flavor to the modern LXQt desktop environment.

LXQt is a variant of the old-school LXDE (Lightweight X11 Desktop Environment) user interface for GNU/Linux operating systems based on the latest Qt technologies, not GTK+ like LXDE currently is. Some say that LXQt will replace LXDE at some point in time, so it’s better for distributions that use LXDE to move to LXQt as soon as possible.

“The Lubuntu team is ready to begin the migration process to LXQt, and one of the first parts of the migration is getting an image to move to. We have prepared the lubuntu-qt-desktop metapackage and we are ready for an image,” says Simon Quigley on behalf of the Lubuntu team.

Lubuntu 16.10 (Yakket… (read more)

Ardour 5.0 Open Source DAW Officially Released with Tabbed User Interface

Currently one of the best cross-platform, open-source and freely distributed DAW (Digital Audio Workstation) software, Ardour, received today, August 12, 2016, a major milestone that introduced a multitude of new features and countless improvements.

Yes, that’s right, we’re talking about Ardour 5.0, which has been in development for the past six months since the release of version 4.7 announced back in February. It sounds strange to jump straight to the 5.0 milestone from 4.7, but looking at the huge release notes, we can’t blame the development team, who worked hard on the new features.

“This is a major release focused on substantial changes to the GUI and major new features related to mixing, plugin use, tempo maps, scripting and more,” reads the announcement. “Ardour 5.0 can be parallel-installed with older versions of the program, and does not use the same preference files. It will load sessions from Ardour 2, 3 an… (read more)

Calibre 2.64 eBook Library Manager Lets You Customize Comments-Like Columns

Today, August 12, 2016, Calibre developer Kovid Goyal proudly announced the release of a new maintenance update for the popular, open-source and cross-platform Calibre ebook library management software.

Calibre 2.64 is now the latest and most advanced version of the application designed for book lovers who prefer to use digital e-book readers to store their books in various file formats, as well as convert and organize ebooks from a format to another, if it’s supported by Calibre, of course.

Release highlights include the ability to append text to the end of a marked text when using either of the search or replace function modes on the marked text, better shutdown on GNU/Linux and Mac OS X systems if a terminate or interrupt UNIX signal is received, and the implementation of a new “Short text” column type.

“More generally, you can now customize Comments-like columns, controlling how their headings are displayed in t… (read more)

Linux 4.9 Will Be the Next LTS Kernel Branch, Says Greg Kroah-Hartman

Just a few moments ago, renowned Linux kernel developer and maintainer Greg Kroah-Hartman had the great pleasure of announcing that the next LTS (Long-Term Support) kernel branch will be Linux 4.9.

The development cycle of a new Linux kernel branch doesn’t take more than a month and a half or a maximum of two months, depending if the respective series will receive seven or eight Release Candidate (RC) milestones, but LTS releases are picked by veteran kernel developers from time to time when older ones reach end of life (EOL).

Currently, the Linux kernel developers are working hard on bringing new features and improvements to the next major series, Linux 4.8, which received its first Release Candidate build last Sunday, August 7. Linux kernel … (read more)

What’s new on Drupal.org? – July 2016

Read our Roadmap to understand how this work falls into priorities set by the Drupal Association with direction and collaboration from the Board and community.

The Drupal Association engineering team has been continuing to refine our focus for the next 12 months. In July, we worked through the details of setting new priorities for our work, after the organizational changes earlier this summer.

As part of this prioritization process, we’ve set up a technical advisory committee: a collaboration between a few members of the staff, a representative from the board, and two members from the community. This committee will help us refine the roadmap for Drupal.org for the short term—while the Association is focused on fiscal health and sustainability—and will provide strategic vision for the long term, as our fiscal stability improves.

As a result of these changes, you’ll begin to see our updates in this blog series evolve. Expect a greater focus on:

  • The adoption journey for users evaluating Drupal.
  • Systematic improvements to make maintenance of critical Drupal.org services less labor intensive and more affordable.
  • Community initiatives, where we’re working together with community contributors who want to help us improve Drupal.org.

So without further ado, let’s talk about what we did in July.

Drupal.org updates

User Menu

We’ve moved the user activity links (Login/Register, My Dashboard, My Account, etc.) to a user menu in the top navigation. This change is live on www.Drupal.org and all of the sub-sites that use the Bluecheese theme. The immediate effects of this change are a better look and feel and more vertical space for content on every page. But these weren’t the primary motivation. The larger reason for making this change is that it’s the first incremental step towards upcoming editorial changes on Drupal.org.

More incremental changes will follow in August, including accessibility improvements to this new user menu and a new search icon to replace the embedded search box in the header.

Better Packaging Behavior

One of the basic features of Drupal.org’s project hosting is packaging the code committed to our git repositories and providing tar.gz and zip files of releases. The packaging process, while generally reliable, has had its share of infrequent but persistent quirks and race conditions. In July, we fixed several aspects of packaging to eliminate race conditions and reduce the need for human intervention if it runs off the rails. The changes we made were:

Taken together, these changes have made packaging faster, more efficient, and less prone to race conditions that require staff time to fix.

Supporting Drupal 8.2

Drupal 8.2 is coming soon, scheduled for release on October 5th. The beta period for this point release began on August 3rd, and so towards the end of July we spent some time supporting the Core developers who were trying to get their features ready for inclusion in the beta period. In particular, we updated PhantomJS to version 2.1.1 in our DrupalCI containers, to allow Core developers to test javascript interactions for file uploads—part of the new quick edit features targetted for this point release.

Deprecated unstable releases

In July, we also deprecated the use of the “unstable” release tag for projects hosted on Drupal.org. Per our naming conventions, the unstable tag was intended to represent a release without a stable codebase, api, or database schema. However, this definition is largely redundant with the alpha tag and/or simply using dev releases. Beyond that, “unstable” is not a standard tag in semver, and is thus not supported by tools that rely on the semver standard, such as Composer. Existing releases tagged “unsable” on Drupal.org weren’t affected by this change, but no future releases with this tag will be packaged.

Drupal.org Composer repositories beta period continues

We’re still observing how the community uses the Drupal.org Composer repositories, and collecting feedback and issues as we move towards designating the service stable. We encourage you to begin transitioning your Composer-based workflows to use Drupal.org’s Composer façade. Package names are stable, and downtimes will be planned and announced. For more information on how to use Drupal.org’s Composer repositories, read our documentation.

Sustaining support and maintenance

Outage follow-ups

A raid array failure in our data center resulted in a brief outage in July. Fortunately, we were able to mitigate the issue and restore service until the affected array could be replaced. The rebuilt array increased our redundancy to avoid future outages when we experience multiple disk failures.

Backups

We also updated our backup process, and are now using a combination of Borg and rsync.net. The combination of borg for data deduplication and encryption and rsync.net’s resilient cloud platform gives us an efficient and economical solution for backup and selective restoration.

Community initiative updates

These are initiatives to improve Drupal.org, driven by members of the community in collaboration with Drupal Association staff for architecture, review and deployment.

Documentation migration

Migration into the new documentation content types that began in June continues. The first sections of documentation being migrated are the Drupal.org docs and the Understanding Drupal guide. More volunteers to help migrate documentation are welcome!

if you are interested in helping, or sign up as a maintainer for some of the new documentation guides.

———

As always, we’d like to say thanks to all the volunteers who work with us, and to the Drupal Association Supporters, who made it possible for us to work on these projects.

If you would like to support our work as an individual or an organization, consider becoming a member of the Drupal Association.

Follow us on Twitter for regular updates: @drupal_org, @drupal_infra

What’s new on Drupal.org? – July 2016

Read our Roadmap to understand how this work falls into priorities set by the Drupal Association with direction and collaboration from the Board and community.

The Drupal Association engineering team has been continuing to refine our focus for the next 12 months. In July, we worked through the details of setting new priorities for our work, after the organizational changes earlier this summer.

As part of this prioritization process, we’ve set up a technical advisory committee: a collaboration between a few members of the staff, a representative from the board, and two members from the community. This committee will help us refine the roadmap for Drupal.org for the short term—while the Association is focused on fiscal health and sustainability—and will provide strategic vision for the long term, as our fiscal stability improves.

As a result of these changes, you’ll begin to see our updates in this blog series evolve. Expect a greater focus on:

  • The adoption journey for users evaluating Drupal.
  • Systematic improvements to make maintenance of critical Drupal.org services less labor intensive and more affordable.
  • Community initiatives, where we’re working together with community contributors who want to help us improve Drupal.org.

So without further ado, let’s talk about what we did in July.

Drupal.org updates

User Menu

We’ve moved the user activity links (Login/Register, My Dashboard, My Account, etc.) to a user menu in the top navigation. This change is live on www.Drupal.org and all of the sub-sites that use the Bluecheese theme. The immediate effects of this change are a better look and feel and more vertical space for content on every page. But these weren’t the primary motivation. The larger reason for making this change is that it’s the first incremental step towards upcoming editorial changes on Drupal.org.

More incremental changes will follow in August, including accessibility improvements to this new user menu and a new search icon to replace the embedded search box in the header.

Better Packaging Behavior

One of the basic features of Drupal.org’s project hosting is packaging the code committed to our git repositories and providing tar.gz and zip files of releases. The packaging process, while generally reliable, has had its share of infrequent but persistent quirks and race conditions. In July, we fixed several aspects of packaging to eliminate race conditions and reduce the need for human intervention if it runs off the rails. The changes we made were:

Taken together, these changes have made packaging faster, more efficient, and less prone to race conditions that require staff time to fix.

Supporting Drupal 8.2

Drupal 8.2 is coming soon, scheduled for release on October 5th. The beta period for this point release began on August 3rd, and so towards the end of July we spent some time supporting the Core developers who were trying to get their features ready for inclusion in the beta period. In particular, we updated PhantomJS to version 2.1.1 in our DrupalCI containers, to allow Core developers to test javascript interactions for file uploads—part of the new quick edit features targetted for this point release.

Deprecated unstable releases

In July, we also deprecated the use of the “unstable” release tag for projects hosted on Drupal.org. Per our naming conventions, the unstable tag was intended to represent a release without a stable codebase, api, or database schema. However, this definition is largely redundant with the alpha tag and/or simply using dev releases. Beyond that, “unstable” is not a standard tag in semver, and is thus not supported by tools that rely on the semver standard, such as Composer. Existing releases tagged “unsable” on Drupal.org weren’t affected by this change, but no future releases with this tag will be packaged.

Drupal.org Composer repositories beta period continues

We’re still observing how the community uses the Drupal.org Composer repositories, and collecting feedback and issues as we move towards designating the service stable. We encourage you to begin transitioning your Composer-based workflows to use Drupal.org’s Composer façade. Package names are stable, and downtimes will be planned and announced. For more information on how to use Drupal.org’s Composer repositories, read our documentation.

Sustaining support and maintenance

Outage follow-ups

A raid array failure in our data center resulted in a brief outage in July. Fortunately, we were able to mitigate the issue and restore service until the affected array could be replaced. The rebuilt array increased our redundancy to avoid future outages when we experience multiple disk failures.

Backups

We also updated our backup process, and are now using a combination of Borg and rsync.net. The combination of borg for data deduplication and encryption and rsync.net’s resilient cloud platform gives us an efficient and economical solution for backup and selective restoration.

Community initiative updates

These are initiatives to improve Drupal.org, driven by members of the community in collaboration with Drupal Association staff for architecture, review and deployment.

Documentation migration

Migration into the new documentation content types that began in June continues. The first sections of documentation being migrated are the Drupal.org docs and the Understanding Drupal guide. More volunteers to help migrate documentation are welcome!

if you are interested in helping, or sign up as a maintainer for some of the new documentation guides.

———

As always, we’d like to say thanks to all the volunteers who work with us, and to the Drupal Association Supporters, who made it possible for us to work on these projects.

If you would like to support our work as an individual or an organization, consider becoming a member of the Drupal Association.

Follow us on Twitter for regular updates: @drupal_org, @drupal_infra

Distribution Release: SELKS 3.0

Eric Leblond has announced the availability of SELKS 3.0. The SELKS distribution is a network security operating system based on Debian. The latest stable release offers a number of performance improvements and package upgrades. “The main change in SELKS 3.0 is the switch to the latest generation of….

Three Weeks Until QtCon!

QtCon

From 1 to 4 September 2016 the communities of KDE, Qt, FSFE, VideoLAN and KDAB join forces in Berlin for QtCon. The program consists of a mix of Qt trainings on day 1, unconference sessions, lightning talks and more than 150 in-depths talks on technical and community topics on days 2 to 4. Track topics range from KDE‘s Latest and Greatest, Testing and Continuous Integration and QtQuick to Free Software policies and politics, Community and Beyond code. Check out the program.

The main conference days will take place at the bcc. The KDE community part of the conference with BoFs and hacking will happen at the Technical University of Berlin from 5 to 8 September.

If you haven’t registered yet, do it now!

Attendance for QtCon (but not for the Training day) is generally free for community members if you register in advance. However, we’re asking for a donation during the registration process that will help to cover parts of the organization costs (venue, catering which includes lunch and so on) not covered by our sponsors. There’s a recommended amount, but any contribution will be welcome. Thank you for your support.

Also, please be aware that you will have to pay a full fee of 200 Euro if you register on the day, so make sure to register through the website now.

Looking forward to seeing you in Berlin!

Dot Categories:

Three Weeks Until QtCon!

QtCon

From 1 to 4 September 2016 the communities of KDE, Qt, FSFE, VideoLAN and KDAB join forces in Berlin for QtCon. The program consists of a mix of Qt trainings on day 1, unconference sessions, lightning talks and more than 150 in-depths talks on technical and community topics on days 2 to 4. Track topics range from KDE‘s Latest and Greatest, Testing and Continuous Integration and QtQuick to Free Software policies and politics, Community and Beyond code. Check out the program.

The main conference days will take place at the bcc. The KDE community part of the conference with BoFs and hacking will happen at the Technical University of Berlin from 5 to 8 September.

If you haven’t registered yet, do it now!

Attendance for QtCon (but not for the Training day) is generally free for community members if you register in advance. However, we’re asking for a donation during the registration process that will help to cover parts of the organization costs (venue, catering which includes lunch and so on) not covered by our sponsors. There’s a recommended amount, but any contribution will be welcome. Thank you for your support.

Also, please be aware that you will have to pay a full fee of 200 Euro if you register on the day, so make sure to register through the website now.

Looking forward to seeing you in Berlin!

Dot Categories:

Linux bug leaves USA Today, other top sites vulnerable to serious hijacking attacks





Computer scientists have discovered a serious Internet vulnerability that allows attackers to terminate connections between virtually any two parties and, if the connections aren’t encrypted, inject malicious code or content into the parties’ communications.
The vulnerability resides in the design and implementation of RFC 5961, a relatively new Internet standard that’s intended to prevent certain classes of hacking attacks. In fact, the protocol is designed in a way that it can easily open Internet users to so-called blind off-path attacks, in which hackers anywhere on the Internet can detect when any two parties are communicating over an active transmission control protocol connection. Attackers can go on to exploit the flaw to shut down the connection, inject malicious code or content into unencrypted data streams, and possibly degrade privacy guarantees provided by the Tor anonymity network.

Source: http://arstechnica.com/security/2016/08/linux-bug-leaves-usa-today-other-top-sites-vulnerable-to-serious-hijacking-attacks/
Submitted by: Arnfried Walbrecht

Red Hat Announces the Release of Red Hat Enterprise Linux Atomic Host 7.2.6

Red Hat, through Scott McCarty, is happy to announce the general availability of Red Hat Enterprise Linux Atomic Host 7.2.6, a maintenance update that adds many performance improvements to most of the included components.

As for those behind with their Red Hat Enterprise Linux Atomic Host reading, we’ll take this opportunity to inform them that Red Hat’s Atomic Host offering for the commercial Red Hat Enterprise Linux (RHEL) operating system is a specially crafted version of the OS that has a small footprint and is designed to run containerized workloads.

“For the past two years, Red Hat has been promoting the concept of super-privileged containers (SPCs) to handle the ‘tools and agents’ use case,” says Scott McCarty. “We still believe this is an ideal approach for solving these use cases in a containerized environment. That said, there are plenty of situation… (read more)

Cross-Compilation Support Coming Soon to Flatpak Universal Binary Packages

GNOME and Flatpak developer Bastien Nocera reported the other day on his personal blog on an upcoming feature that’s about to be implemented in the next release of the Flatpak universal binary format.

The GUADEC conference for GNOME developers is taking place these days in Karlsruhe, Germany, between August 12 and 14, and it looks like Mr. Nocera was supposed to give a lightning talk about what would be coming to Flatpak later in the year, as well as to run a contest related to his presentation, whose prize was a piece of hardware.

“Unfortunately, I didn’t get a chance to finish the work that I set out to do, encountering a couple of bugs that set me back,” said Bastien Nocera in the blog announcement. “Hopefully, this will get resolved post-GUADEC, so you can expect some announcements later on in the year.”

Introducing Flatpak cross-compilation support

It appears … (read more)

ExLight Linux Is Now Based on Ubuntu 16.04.1 LTS and Debian GNU/Linux 8.5

GNU/Linux developer Arne Exton informs us about the availability of a new build of his very popular ExLight Linux Live DVD operating system based on the latest Ubuntu and Debian technologies.

ExLight Linux Build 160810 is here to rebase the entire OS to the recently released Ubuntu 16.04.1 LTS (Xenial Xerus) operating system, as well as to upgrade the default desktop environment to Enlightenment 0.20.99.0 from 0.19.12 and move to a kernel from the Linux 4.6 series, specially optimized by Arne Exton to support more hardware.

“ExLight Linux Live DVD has been downloaded about 2000 times per week in the last two months. I have therefore made a new upgraded version of ExLight today (160810). I have also created a new special WordPress site for ExLight,” says Arne Exton in the blog announcement.

Now powered by Linux kernel 4.6.5

Probably the most exciting new feature of … (read more)

BTS | The Beach 2016

What better way to convey our excitement for the beach event than by actually going to one?

BTS | The Beach 2016

What better way to convey our excitement for the beach event than by actually going to one?

TCP Flaw Opens Linux Systems to Hijackers


A flaw in the RFC 5961 specification the Internet Engineering Task Force developed to protect TCP against blind in-window attacks could threaten Android smartphones, as well as every Linux computer on the planet. The flaw is described in a paper a team of researchers presented at the 25th Usenix Security Symposium, ongoing in Austin, Texas, through Friday. The researchers are affiliated with the University of California at Riverside and the United States Army Research Laboratory.

Arch Linux Is Now Officially Powered by Linux Kernel 4.7, Update Your Systems

After a few weeks from its official release, it finally happened, Linux kernel 4.7 has just landed in the stable software repositories of the popular, lightweight and highly customizable Arch Linux operating system.

Linux kernel 4.7 is the most stable and advanced kernel branch, and only a few GNU/Linux distributions have adopted since its launch on July 24, 2016. It’s still marked as “mainline” not “stable” or “longterm” on the kernel.org website, which means that it didn’t receive a maintenance update at the moment of writing this article.

As for its new features, Linux kernel 4.7 comes with an updated AMDGPU graphics driver with support for AMD Radeon RX 480 GPUs, LoadPin, a brand new security module that ensures all modules loaded by the kernel originate from the same filesystem, and support for upgrading firmware using the EFI “Capsule” mechanism.

Linux kernel 4.7 also marks the sync_file fencing mechanism used in the Android mobile operating system as stable… (read more)

Annual Report 2015

Annual_Report_2016-08-07-page001The Document Foundation (TDF) is proud to announce its 2015 Annual Report, which can be downloaded from the following link: http://tdf.io/report2015 (3.6 MB PDF). The version with HD images can be downloaded from http://tdf.io/report2015hq (22.1 MB PDF).

TDF Annual Report starts with a Review of 2015, with highlights about TDF and LibreOffice, and a summary of financials and budget.

Community, Projects & Events covers the LibreOffice Conference 2015 in Aahrus, Certification, Website and QA, Hackfests in Brussels, Gran Canaria, Cambridge, Hamburg, Terni and Madrid, Native-Language Projects, Infrastructure, Documentation, Marketing and Design.

Software, Development & Code reports about the activities of the Engineering Steering Committee, LibreOffice Development, Google Summer of Code, and the Document Liberation Project.

The last section focuses on People, starting with Top Contributors, followed by TDF Staff, the Board of Directors and the Membership Committee, the Board of Trustees, or the body of TDF Members, and the Advisory Board.

To allow the widest distribution of the document, this is released with a CC BY 3.0 DE License, unless otherwise noted, to TDF Members and free software advocates worldwide.