Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Tuesday, 15 Oct 19 - Tux Machines is a community-driven public service/news site which has been around for over a decade and a half and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Ubuntu 19.10 (Eoan Ermine) Enters Final Freeze Ahead of October 17th Release Rianne Schestowitz 15/10/2019 - 4:21pm
Story KDE neon 5.17 Rianne Schestowitz 15/10/2019 - 4:17pm
Story 7 Linux Applications You Should Start Using Right Now Roy Schestowitz 15/10/2019 - 3:40pm
Story Firefox’s New WebSocket Inspector Rianne Schestowitz 15/10/2019 - 3:30pm
Story Windows 10 vs. Linux OpenGL/Vulkan Driver Performance With Intel Icelake Iris Plus Graphics Rianne Schestowitz 15/10/2019 - 3:28pm
Story Coffee Lake embedded PC has six USB 3.0 ports and GbE with BMC Rianne Schestowitz 1 15/10/2019 - 3:27pm
Story Android Leftovers Rianne Schestowitz 15/10/2019 - 3:17pm
Story Today in Techrights Roy Schestowitz 15/10/2019 - 3:08pm
Story Linux Kernel 5.2 Reached End of Life, Users Urged to Upgrade to Linux Kernel 5.3 Rianne Schestowitz 15/10/2019 - 2:57pm
Story Meet the Villupuram group of engineers educating students about free and open software Rianne Schestowitz 15/10/2019 - 2:55pm

Debian and Ubuntu Patch Critical Sudo Security Vulnerability, Update Now

Filed under
Security
Debian
Ubuntu

Discovered by Joe Vennix, the security vulnerability (CVE-2019-14287) could be exploited by an attacker to execute arbitrary commands as the root user (system administrator) because sudo incorrectly handled certain user IDs when it was configured to allow users to run commands as an arbitrary user through the ALL keyword in a Runas specification.

"Joe Vennix discovered that sudo, a program designed to provide limited super user privileges to specific users, when configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, allows to run commands as root by specifying the user ID- -1 or 4294967295," reads Debian's security advisory.

Read more

State of Calibre in Debian

Filed under
Debian

To counter some recent FUD spread about Calibre in general and Calibre in Debian in particular, here a concise explanation of the current state.

Many might have read my previous post on Calibre as a moratorium, but that was not my intention. Development of Calibre in Debian is continuing, despite the current stall.

Since it seems to be unclear what the current blockers are, there are two orthogonal problems regarding recent Calibre in Debian: One is the update to version 4 and the switch to qtwebengine, one is the purge of Python 2 from Debian.

Read more

How GNOME uses Git

Filed under
GNOME

“What’s your GitLab?” is one of the first questions I was asked on my first day working for the GNOME Foundation—the nonprofit that supports GNOME projects, including the desktop environment, GTK, and GStreamer. The person was referring to my username on GNOME’s GitLab instance. In my time with GNOME, I’ve been asked for my GitLab a lot.

We use GitLab for basically everything. In a typical day, I get several issues and reference bug reports, and I occasionally need to modify a file. I don’t do this in the capacity of being a developer or a sysadmin. I’m involved with the Engagement and Inclusion & Diversity (I&D) teams. I write newsletters for Friends of GNOME and interview contributors to the project. I work on sponsorships for GNOME events. I don’t write code, and I use GitLab every day.

Read more

NordPy: An Open-Source Linux Client for NordVPN

Filed under
Linux
OSS

NordVPN is a personal VPN software with the main focus on protecting user privacy and granting them access to regionally restricted content. It features a strong encryption protocol with a no-log policy and works with north of 5700 servers in at least 60 countries. It is available for Linux, Windows, macOS, AndroidTV, Android, iOS and NAS platforms. It can also be manually set up on WiFi routers.

NordVPN is one of the most recommended VPN services and while it continues to receive positive reviews from customers, developers are beginning to dedicate some time to it and this is how NordPy has come to be.

NordPy is an open-source GUI client for Linux users who like NordVPN and it inherits all the features in the official NordVPN applications. Its feature list includes connection to OpenVPN or NetworkManager-OpenVPN via TCP and UDP, no DNS leak when using OpenVPN,

Read more

Announcing Rustup 1.20.0

Filed under
Development
Moz/FF

The rustup working group is happy to announce the release of rustup version 1.20.0. Rustup is the recommended tool to install Rust, a programming language that is empowering everyone to build reliable and efficient software.

Read more

Also Mozilla: Karl Dubost: This is not a remote work

Software and Games Leftovers

Filed under
Software
Gaming
  • Rudimentary KBibTeX client using Kirigami2

    KBibTeX is a bibliography editor (BibTeX and somewhat BibLaTex) used in conjunction with LaTeX and friends. Based on this code base, a SailfishOS client called ‘BibSearch’ exists which allows to search for bibliographic data in various online sources (IEEE Xplore, Google Scholar, ACM Digital Library, …). BibSearch's code makes use of KBibTeX's C++ code, has its user interface implemented in SailfishOS's Silica QML, and provides just two C++ files on its own to glue together everything.

  • Unoon, a tool to monitor network connections from my system

    I always wanted to have a tool to monitor the network connections from my laptop/desktop. I wanted to have alerts for random processes making network connections, and a way to block those (if I want to).

    Such a tool can provide peace of mind in a few cases. A reverse shell is one the big one, just in case if I manage to open any random malware (read downloads) on my regular Linux system, I want to be notified about the connections it will make. The same goes for trying out any new application. I prefer to use Qubes OS based VMs testing random binaries and applications, and it is also my daily driver. But, the search for a proper tool continued for some time.

    [...]

    A few weeks back, on a Sunday late night, I was demoing the very initial version of the tool to Saptak. While we were talking about the tool, suddenly, an entry popped up in the UI /usr/bin/ssh, to a random host. A little bit of search showed that the IP belongs to an EC2 instance. For the next 40 minutes, we both were trying to debug to find out what happened and if the system was already compromised or not. Luckily I was talking about something else before, and to demo something (we totally forgot that topic), I was running Wireshark on the system. From there, we figured that the IP belongs to github.com. It took some more time to figure out that one of my VS Code extension was updating the git, and was using ssh. This is when I understood that I need to show the real domain names on the UI than random IP addresses.

  • Godlike village sim 'Rise to Ruins' has officially left Early Access with a huge upgrade

    Rise to Ruins (formerly Retro-Pixel Castles) is a great blend of genres, pulling in inspiration from the likes of Black and White, Rimworld, and Dwarf Fortress to make something entirely unique.

    After being in Early Access for nearly five years, this is a huge milestone for Raymond Doerr of SixtyGig Games. It's another title I've followed along closely all these years, after personally purchasing it back in 2015 and it's really delightful to play. The Linux support has been in good shape for a long time too, no noteworthy issues.

  • Stranger Things have entered Rocket League for the Haunted Hallows event

    As a big fan of both Stranger Things (the TV series) and Rocket League, I approve of the little crossover they're currently doing for the new Halloween event the Haunted Hallows.

    Running from now until November 11 at 6PM UTC, the Farmstead Arena has been given a bit of a makeover to be a bit more spooky. Complete with a freaky creature called the Mind Flayer watching over the arena. During the event you can once again earn Candy Corn to redeem for new themed in-game items. I'm quite a big fan of the animated spider decal, looks awesome.

16 Places To Buy A Linux Laptop With Linux Preloaded

Filed under
GNU
Linux
Hardware

Are you looking for Linux laptops? Do you want a Linux system without having to pay a Microsoft tax? The hardest part of using Linux is to find out the correct hardware. Hardware compatibility and drivers can be a big issue. But where one can find Linux desktops or Laptop for sale? Here are sixteen places to buy a preinstalled Linux Desktop and Laptop.

Read more

The OpenStack Train keeps chugging on

Filed under
OSS

SUSE, formerly a Platinum member of the OpenStack Foundation, may have left the open-source, Infrastructure-as-a-Service (IaaS) OpenStack cloud, but the project is going to move forward with the forthcoming 20th release of OpenStack: Train.

That's because while SUSE may no longer find OpenStack profitable, others are finding it works well for them and for their customers. "OpenStack is the market's leading choice of open-source infrastructure for containers, VMs and bare metal in private cloud," said Mark Collier, COO of the OpenStack Foundation in a statement.

Read more

Events: Akademy, Gnome-shell Hackfest, LibreOffice Conference, .NEXT Copenhagen and GStreamer Conference

Filed under
OSS
  • Akademy 2019 Talks Videos

    We now have the Akademy 2019 videos ready for you to enjoy, see the previous summary of talks on the dot for some inspiration on what to watch. The talk schedule has the full list

    We had keynotes on Developers Italia and the New Guidelines: Let the Open Source Revolution Start! by Leonardo Favario and Towards Qt 6 by Lars Knoll

    We also got updates on KDE Community's goals

  • Gnome-shell Hackfest 2019 – Day 1

    There’s a decent number of attendants from multiple parties (Red Hat, Canonical, Endless, Purism, …). We all brought various items and future plans for discussion, and have a number of merge requests in various states to go through. Some exciting keywords are Graphene, YUV, mixed DPI, Xwayland-on-demand, …

    But that is not all! Our finest designers also got together here, and I overheard they are discussing usability of the lock screen between other topics.

    [...]

    This event wouldn’t have been possible without the Revspace hackerspace people and specially our host Hans de Goede. They kindly provided the venue and necessary material, I am deeply thankful for that.

  • LibreOffice Conference 2019: Meet the Engineering Steering Committee

    Who makes the big technical decisions in the LibreOffice project? In this video from our recent LibreOffice Conference in Spain, the Engineering Steering Committee (ESC) introduces itself and provides an update on the latest updates...

  • Hello from Nutanix .NEXT Copenhagen

    Nutanix is, of course, a fast growing software company that works with many of the same Independent Hardware Vendors (IHVs) as SUSE to deliver solutions in the Hyperconverged Infrastructure (HCI) space. Nutanix pioneered the HCI market and they position themselves as a key element to making it easier than ever before to design, build, and manage datacenter IT. They were originally a single source for turnkey HCI infrastructure, leveraging a close partnership with SuperMicro. They’ve since branched out become more hardware agnostic, supporting a variety of specialized HCI hardware from other vendors, including IBM, Lenovo, Dell, HPE, and Fujitsu.

  • GStreamer Conference 2019: Full Schedule, Talks Abstracts and Speakers Biographies now available

    The GStreamer Conference team is pleased to announce that the full conference schedule including talk abstracts and speaker biographies is now available for this year's lineup of talks and speakers, covering again an exciting range of topics!

    The GStreamer Conference 2019 will take place on 31 October - 1 November 2019 in Lyon, France just after the Embedded Linux Conference Europe (ELCE).

Release of PyPy 7.2

Filed under
Development

  • PyPy v7.2 released

    As always, this release is 100% compatible with the previous one and fixed several issues and bugs raised by the growing community of PyPy users. We strongly recommend updating. Many of the fixes are the direct result of end-user bug reports, so please continue reporting issues as they crop up.

  • PyPy 7.2 released

    Version 7.2 of PyPy, an implementation of the Python language, is out.

  • PyPy 7.2 Released With Full 64-bit AArch64 Support, PyPy 3.6 Beyond Beta

    PyPy 7.2 is out today as a big update for this alternative Python implementation that currently provides interpreters for compatibility with Python 2.7 and Python 3.6.

    In cooperation with Arm and Crossbar.io, PyPy developers have been working on complete 64-bit ARM (AArch64) support and this summer they achieved getting the PyPy JIT running on 64-bit ARM. PyPy 7.2 is the first release with this 64-bit ARM support now in good standing.

today's leftovers

Filed under
Misc
  • Intel Firmware Binaries Land For AX200/AX201 Bluetooth Linux Support

    With devices beginning to hit store shelves using the new Intel WiFi 6 AX200 series chipsets, the firmware binaries have landed in linux-firmware.git for rounding out support for these latest WiFi/Bluetooth adapters.

    For a few kernel releases now since earlier this year these new Intel wireless chipsets have been supported by the mainline kernel but the firmware hasn't been part of the de facto linux-firmware.git tree that houses the various firmware binaries for different hardware component support under Linux.

  • Improving distfile mirror structure

    The Gentoo distfile mirror network is essential in distributing sources to our users. It offloads upstream download locations, improves throughput and reliability, guarantees distfile persistency.

    The current structure of distfile mirrors dates back to 2002. It might have worked well back when we mirrored around 2500 files but it proved not to scale well. Today, mirrors hold almost 70 000 files, and this number has been causing problems for mirror admins.

  • LibreOffice 6.2.7 packages available for Slackware 14.2

    There was a recent update in my repository of LibreOffice packages, but that libreoffice-6.3.2 was just for slackware-current.

    There’s a recent release in the LibreOffice 6.2 stable series as well (ok… five weeks ago, not that recent…), and so I decided to use my build box’s free weekend to come up with packages for LibreOffice 6.2.7.
    This release has a security improvement over previous versions, in that it will popup a warning to the user if a document tries to run an embedded script (similar to existing warning mechanism for embedded macros).

Graphics and Standards

Filed under
Graphics/Benchmarks
Web
Legal
  • SHADERed 1.2.3 Released With Support For 3D Textures & Audio Shaders

    SHADERed is the open-source, cross-platform project for creating and testing HLSL/GLSL shaders. While a version number of 1.2.3 may not seem like a big update, some notable additions can be found within this new SHADERed release.

  • Vulkan 1.1.125 Released With SPIR-V 1.4 Support

    Succeeding Vulkan 1.1.124 one week later is now Vulkan 1.1.125 with a lone new extension.

    Vulkan 1.1.125 has its usual clarifications and corrections to this graphics API specification. Meanwhile the new extension introduced in the overnight v1.1.125 release is VK_KHR_spirv_1_4.

  • Making Movies Accessible for Everyone

    For the first time, people who are deaf or hard of hearing will be able to enjoy the Nairobi leg of the Human Rights Watch Film Festival, opening on October 15.

New Videos: A Look at Xubuntu 19.10 and Crunchbang++ 10

Filed under
GNU
Linux

Debian and Ubuntu Leftovers

Filed under
Debian
Ubuntu
  • Ritesh Raj Sarraf: Bpfcc New Release

    bpfcc version 0.11.0 has been uploaded to Debian Unstable and should be accessible in the repositories by now. After the 0.8.0 release, this has been the next one uploaded to Debian.

  • Utkarsh Gupta: Joining Debian LTS!

    Back during the good days of DebConf19, I finally got a chance to meet Holger! As amazing and inspiring a person he is, it was an absolute pleasure meeting him and also, I got a chance to talk about Debian LTS in more detail.

    [...]

    I had almost no idea what to do next, so the next month I stayed silent, observing the workflow as people kept committing and announcing updates.
    And finally in September, I started triaging and fixing the CVEs for Jessie and Stretch (mostly the former).
    Thanks to Abhijith who explained the basics of what DLA is and how do we go about fixing bugs and then announcing them.
    With that, I could fix a couple of CVEs and thanks to Holger (again) for reviewing and sponsoring the uploads! Big Grin

  • Ubucon Europe 2019 in local media

    News from the new Ubuntu distribution, the exploration of the several platforms and many “how to”, rule the 4-days agenda where the open source and open technologies are in the air.

    The Olga Cadaval Cultural centre in Sintra, is the main stage of a busy agenda filled with several talks and more technical sessions, but at Ubucon Europe there’s also room for networking and cultural visits, a curious fusion between spaces full of history, like the Pena Palace or the Quinta da Regaleira, and one of the youngest “players” in the world of software.

    For 4 days, the international Ubuntu Community gathers in Sintra for an event open to everyone, where the open source principles and open technology are dominating. The Ubucon Europe Conference begun Thursday, October 10th, and extends until Sunday, October 13th, keeping an open doors policy to everyone who wants to

    Afterall, what is the importance of Ubucon? The number of participants, which should be around 150, doesn’t tell the whole story of what you can learn during these days, as the SAPO TEK had the opportunity to check this morning.

    Organised by the Ubuntu Portugal Community, with the National Association for Open Software, the Ubuntu Europe Federation and the Sintra Municipality, the conference brings to Portugal some of the biggest open source specialists and shows that Ubuntu is indeed alive, even if not yet known by most people, and still far from the “world domain” aspired by some.

Devices/Embedded: Win Enterprises and Raspberry Pi 4

Filed under
Hardware
  • Win Enterprises unveils Atom-based LAN gateway and compact SBC

    Win Enterprises unveiled a fanless “PL-82000” networking gateway with 6x GbE and 2x SFP ports based on an Atom C3000. It also launched a Raspberry Pi sized “MB-5000” SBC that runs Ubuntu or Win 10 on Intel Apollo Lake.

    We tend to forget Win Enterprises because as its name suggests, the company typically sticks to Windows-supported products. Yet, they have increasingly produced barebones products without listed OS support, such as the new PL-82000 networking appliance, as well as Linux supported systems such as the MB-5000 SBC announced back in June. (In 2017, we covered an Intel Bay Trail based MB-80580 SBC and Win IoT-380 Gateway with Linux support.)

  • Raspberry Pi 4 PCI Express: It actually works! USB3, SATA… GPUs?

    Recently, Tomasz Mloduchowski posted a popular article on his blog detailing the steps he undertook to get access to the hidden PCIe interface of Raspberry Pi 4: the first Raspberry Pi to include PCIe in its design. After seeing his post, and realizing I was meaning to go buy a Raspberry Pi 4, it just seemed natural to try and replicate his results in the hope of taking it a bit further. I am known for Raspberry Pi Butchery, after all.

  • Raspberry Pi 4 B+ - PCI Express

    Why did I do it? Because I wanted to see if it can be done. Because Raspberry Pi 4 might be the cheapest device that is PCIe capable after a relatively minor modification (if I didn't lift the capacitors when desoldering the VL805, this is literally 12 soldering points). That, in turn, can be quite handy for developing own PCIe cores for various FPGA based experiments.

    I'm sharing it to allow people to learn from this - and to dispel the myth that PCIe is somehow out of reach of hobbyists due to some concerns over signal integrity or complexities. Stay tuned for more Pi4/PCIe experimentation!

OSS: Odoo, WordPress, MongoDB vs. MySQL

Filed under
OSS
  • What's New in Odoo 13?

    Fast, Simple and Effective Business Management- this is the motto of Odoo, the leading open source ERP of the globe. And this is what makes Odoo the prominent and most favorite choice among business enterprises. With the release of Odoo 13, the open-source ERP has become all more fit and robust to meet the diversified needs of businesses. With Odoo 13 users can go along with better designs and customizations.
    With each version release, Odoo makes it a point to bring in major and minor improvements in the application, alongside a set of new features for improving the user interface and functionality of the user. The users worth 3.4 million is the evidence of Odoo being the finest application for business management.

  • Becoming Better Digital Citizens Through Open Source

    The WordPress Project is on a mission to democratize publishing. As WordPress empowers more people to participate in the digital space, we have the opportunity to make sure that everyone can participate safely and responsibly. Today marks the start of Digital Citizenship Week. We are going to share how open source can be used as a tool for learners (regardless of age) to practice and model the essential parts of being a good digital citizen.

    [...]

    Digital Citizenship is for all age groups. Anyone who uses the internet on a computer, mobile device or a TV is a digital citizen. You don’t have to be tech-savvy already, maybe you are taking your first steps with technology. Digital Citizenship Week is a chance to reflect together on our impact on the digital world. It can help us to make our consumption more considered and our interaction friendlier. It enables us to make a positive difference to those around us.

    All of us can strive (or learn) to become better digital citizens. It can be affected by the access those teaching have had to digital skills and good practice. Adult education classes and community tech hubs play a part in basic tech skill development. Unfortunately, these are not always accessible to those in less populated geographic locations. 

    Open source communities like WordPress already make a difference in encouraging the principles of digital citizenship, from sharing tech skills to improving security knowledge. They give people an opportunity to learn alongside their peers and many of the resources are available regardless of location, resources, or skills.

  • MongoDB vs. MySQL: How to choose

    During the dot-com bubble in the 1990s, one common software stack for web applications was LAMP, which originally stood for Linux (OS), Apache (web server), MySQL (relational database), and PHP (server programming language). MySQL was the preferred database mostly because it was free open source and had good read performance, which fit well with “Web 2.0” apps that dynamically generated sites from the database.

    Later the MEAN stack, which stood for MongoDB (document database), Express (web server), AngularJS (front-end framework), and Node.js (back-end JavaScript runtime), came to prominence. The MEAN stack was attractive, among other reasons, because the only language you needed to know was JavaScript. It also needed less RAM than an equivalent LAMP stack.

Syndicate content

More in Tux Machines

today's howtos

Android Leftovers

Proprietary Software Security and FOSS Patches

  • Compromised AWS API Key Allowed Access to Imperva Customer Data

    Imperva has shared more information on how [attackers] managed to obtain information on Cloud Web Application Firewall (WAF) customers, and revealed that the incident involved a compromised administrative API key.

  • Oil Refiner Reports Major IT Incident in Finland

    It’s not yet clear whether the cause is a malfunction or a cyber attack, according to spokeswoman Susanna Sieppi. The issue is under investigation, and it’s too early to estimate when the systems will be fixed, she said by phone.

  • WordPress 5.2.4 Security Release

    WordPress 5.2.4 is now available! This security release fixes 6 security issues. WordPress versions 5.2.3 and earlier are affected by these bugs, which are fixed in version 5.2.4. Updated versions of WordPress 5.1 and earlier are also available for any users who have not yet updated to 5.2.

  • Ubuntu Releases Patch for Major ‘sudo’ Security Exploit

    Canonical has issued an urgent security fix to the ‘sudo’ package in the Ubuntu archives following the discovery of a major security flaw. A critical fix has rolled out to all users of Ubuntu 16.04 LTS, 18.04 LTS, 19.04 and 19.10 (and one assumes Ubuntu 14.04 ESR too) — just run a sudo apt upgrade to install it. But what about the flaw inquisition? Well, if you’re yet to hear about it I appreciate meditative disconnect from social media. The oft toxic waste pools of chatter were with wet with alarm — some manufactured, the rest well weighted — over CVE-2019-14287 when it was announced yesterday, October 14.

  • Security updates for Tuesday

    Security updates have been issued by Debian (sudo and xtrlock), openSUSE (sudo), Red Hat (Single Sign-On), Slackware (sudo), SUSE (binutils, dhcp, ffmpeg, kernel, kubernetes-salt, sudo, and tcpdump), and Ubuntu (sudo).

Android Leftovers