Language Selection

English French German Italian Portuguese Spanish


Security: KPTI, Kaspersky, FUD, and Yet More Promises From WPA

Filed under
  • KPTI Support For 64-bit ARM Getting Buttoned Up Ahead Of Linux 4.16

    Kernel Page Table Isolation (KPTI) landed at the start of the year for x86/x86_64 systems for fending off the much talked about CPU attacks while the AMD64 / 64-bit ARM code is still a work-in-progress but looks like it will be squared away for the upcoming Linux 4.16 kernel cycle.

    There is this Git branch and the base work for those wishing to track the last minute alterations. There is currently the latest KPTI page table isolation patches for ARM64 and does include a return trampoline, a new HARDEN_BRANCH_PREDICTOR Kconfig switch, branch predictor hardening for Falkor and Cortex-A CPUs, and other security hardening improvements.

  • 'Very high level of confidence' Russia used Kaspersky software for devastating NSA leaks

    Three months after U.S. officials asserted that Russian intelligence used popular antivirus company Kaspersky to steal U.S. classified information, there are indications that the alleged espionage is related to a public campaign of highly damaging NSA leaks by a mysterious group called the Shadow Brokers.

    “That’s a Russian intelligence operation,” a former senior intelligence official, who requested anonymity to speak bluntly, told Yahoo Finance. “They’ve gotten a lot noisier than they used to be.”

  • FOSS Community Struggles to Patch Against Spectre, Meltdown Flaws [Ed: Unlike what? The proprietary software 'community'? Microsoft is bricking Windows-running PCs.]

    Many in the open source community worked feverishly this week to respond to heightened fears that software updates to fix the Spectre and Meltdown vulnerabilities would put millions of computers at risk of slowdowns or even total disability.

  • WPA3 – The Promise of Security

More Intel Catastrophes and Bricking of PCs Due to Intel's UEFI

Filed under

Intel is Full of Holes

Filed under
  • A Security Issue in Intel’s Active Management Technology (AMT)
  • Backdoor In 30 Seconds: New Major AMT Security Flaw Is Here To Haunt Intel Laptops
  • Meltdown and Spectre FAQ: Crapification at Scale

    Yesterday, Yves posted a “primers on Meltdown and Spectre”, which included several explanations of the two bugs from different viewpoints; if you feel you don’t have a handle on them, please review it. Today, I want to give an overview of the two bugs. I will dig into the details of these two bugs in the form of a FAQ, and then I’ll open a discussion of the larger business and political economy issues raised in the form of a MetaFAQ. First, I should make one point: Meltdown is a bug; Specture is a class of bugs (or, if you prefer, a strategy).


    What Are The Costs of the Meltdown and Spectre Bugs?

    A few billions.

  • Fixing Chipmageddon Will Slow Down Older Computers

    Microsoft has come out and said it: cures for the pervasive chip flaws Meltdown and Spectre are likely to dent the performance of your PC if it’s a few years old.

  • Intel needs to come clean about Meltdown and Spectre

    Intel hasn’t had the best of times recently. Meltdown and Spectre security flaws have helped reveal fundamental issues with processor designs over the past 20 years, and the software updates to protect PCs will have performance impacts. Even as I write this, it’s still not clear to anyone exactly how bad these performance impacts will be for older desktop systems, or how significant they’ll be to server-based cloud platforms. It’s all a bit of a mess, and Intel hasn’t helped with its lack of transparency. It’s time for Intel to stop hiding behind cleverly worded statements.

  • Intel details performance hit for Meltdown fix on affected processors
  • Keeping Spectre secret

    When Graz University of Technology researcher Michael Schwarz first reached out to Intel, he thought he was about to ruin the company’s day. He had found a problem with their chips, together with his colleagues Daniel Gruss, Moritz Lipp, and Stefan Mangard. The vulnerability was both profound and immediately exploitable. His team finished the exploit on December 3rd, a Sunday afternoon. Realizing the gravity of what they’d found, they emailed Intel immediately.

  • Intel's telling some customers to avoid its fix for the Spectre and Meltdown attacks — because of a big bug
  • Everything running smoothly at the plant? *Whips out mobile phone* Wait. Nooo...

    The security of mobile apps that tie in with Supervisory Control and Data Acquisition (SCADA) systems has deteriorated over the last two-and-a-half years, according to new research.

    A team of boffins from IOActive and IoT security startup Embedi said they had discovered 147 vulnerabilities in 34 of the most popular Android mobile apps for SCADA systems.

    Mobile applications are increasingly being used in conjunction with SCADA systems. The researchers warned these apps are "riddled with vulnerabilities that could have dire consequences on SCADA systems that operate industrial control systems".

Security: Updates, AMD, Intel, IBM/Power, Blender 3D, CES and More

Filed under
  • Security updates for Friday
  • AMD processors: Not as safe as you might have thought

    In a posting. Mark Papermaster, AMD's CTO, admitted Google Project Zero (GPZ) Variant 1 (Bounds Check Bypass or Spectre) is applicable to AMD processors. But, Papermaster wrote, "We believe this threat can be contained with an operating system (OS) patch and we have been working with OS providers to address this issue."


  • AMD CPUs Are Potentially Vulnerable To Spectre / Variant 2

    Last week in light of the Spectre disclosure. AMD believed they were at "near zero risk" to Variant Two / Branch Target Injection. But now the company confirmed last night that's not the case: they are at least potentially vulnerable.

  • AMD Confirms Its Chips Are Affected By Spectre Flaw, Starts Pushing Security Patches
  • Intel Releases Linux CPU Microcodes To fix Meltdown & Spectre Bugs

    On January 8th Intel released new Linux Processor microcode data files that can be used to mitigate the Spectre and and Meltdown vulnerabilities in Intel CPUs. Using microcode files, an operating system can fix known bugs in Intel CPU without having to perform a BIOS update on the computer.

  • Power Systems And The Spectre And Meltdown Threats

    Speculative execution is something that has been part of modern processors for well over a decade, and while it is hard to quantify how much of a performance benefit this collection of techniques have delivered, it is obviously significant enough that all CPUs, including IBM Power and System z chips, have them. And that, as the new Spectre and Meltdown security holes that were announced by Google on January 3 show, turns out to be a big problem.

    Without getting too deep into the technical details, there are many different ways to implement speculative execution, which is used to keep the many instruction pipelines and layers of cache in a processor busy doing what is hoped will be useful work. So much of what a computer does is an IF-THEN-ELSE kind of branch, and being able to pre-calculate the answers to multiple possible branches in an instruction stream is more efficient than following each path independently and calculating the answers in series. The speculative part of the execution involves using statistics to analyze patterns in data and instructions underneath an application and guessing which branches and data will be needed. If you guess right a lot of the time, then the CPU does a lot more work than it might otherwise. There are no modern processors (except for the PowerPC A2 chips used in the BlueGene/Q supercomputers from IBM) that we can find that don’t have speculative execution in some form or another, and there is no easy way to quantify how much of a performance boost it gives.

  • Blender 3D open source platform plagued with arbitrary code vulnerabilities

    Cisco Talos researchers identified multiple unpatched vulnerabilities in the Blender Open Source 3D creation suite that could allow an attacker to run arbitrary code.

  • Technologies That Secure the Home, WiFi and More Debut at CES 2018
  • What is the Future of Wi-Fi?
  • Spectre and Meltdown Attacks Against Microprocessors

    This is bad, but expect it more and more. Several trends are converging in a way that makes our current system of patching security vulnerabilities harder to implement.

  • Four Tips for a More Secure Website

    Security is a hot topic in web development with great reason. Every few months a major website is cracked and millions of user records are leaked. Many times the cause of a breach is from a simple vulnerability that has been overlooked. Here are a few tips to give you a quick overview of standard techniques for making your websites more secure. Note: I do not guarantee a secure website if you follow these suggestions, there are many facets to security that I don’t even touch in this article. This write-up is for increasing awareness about techniques used to correct some common vulnerabilities that appear in web applications.

  • What is DevSecOps? Developing more secure applications

    The simple premise of DevSecOps is that everyone in the software development life cycle is responsible for security, in essence bringing operations and development together with security functions. DevSecOps aims to embed security in every part of the development process. It is about trying to automate core security tasks by embedding security controls and processes early in the DevOps workflow (rather than being bolted on at the end). For example, this could be the case when migrating to microservices, building out a CI/CD pipeline, compliance automation or simply testing cloud infrastructure.

Security: Intel, Cisco, Apple, FBI

Filed under
  • How Much Slower Will My PC Become After Meltdown And Spectre Patches?
  • Intel's Microcode Update for Spectre Exploit Is Now Available in Ubuntu's Repos

    Canonical announced a few moments ago that Intel's latest microcode update for the Spectre security vulnerability is now available from the software repositories of all supported Ubuntu Linux releases.

    After releasing earlier this week new kernel updates to mitigate the Meltdown and Spectre security exploits that put billions of devices at risk of attacks by allowing a local, unprivileged attacker to obtain sensitive information from kernel memory, Canonical now released the updated microcode from Intel for supported Intel CPUs.

  • Cisco can now sniff out malware inside encrypted traffic

    Cisco has switched on latent features in its recent routers and switches, plus a cloud service, that together make it possible to detect the fingerprints of malware in encrypted traffic.

    Switchzilla has not made a dent in transport layer security (TLS) to make this possible. Instead, as we reported in July 2016, Cisco researchers found that malware leaves recognisable traces even in encrypted traffic. The company announced its intention to productise that research last year and this week exited trials to make the service – now known as Encrypted Traffic Analytics (ETA) - available to purchasers of its 4000 Series Integrated Service Routers, the 1000-series Aggregation Services Router and the model 1000V Cloud Services Router 1000V.

    Those devices can’t do the job alone: users need to sign up for Cisco’s StealthWatch service and let traffic from their kit flow to a cloud-based analytics service that inspects traffic and uses self-improving machine learning algorithms to spot dodgy traffic.

  • MacOS High Sierra security bug lets you unlock App Store System Preferences with any random password

    According to the bug report, users can simply open System Preferences, go to App Store settings and check the padlock icon. If it is unlocked, lock it and then try unlocking it using your username and any password.

  • Intel tells select customers not to use its bug fixes

    Processor giant Intel has told some of its customers that the microcode patches it issued to fix the Meltdown and Spectre flaws in its products are buggy and that they should not install them.

  • Canonical reissues Meltdown and Spectre patches for Ubuntu after borkage
  • A Step in the Right Direction: House Passes the Cyber Vulnerability Disclosure Reporting Act

    The House of Representatives passed the “Cyber Vulnerability Disclosure Reporting Act” this week. While the bill is quite limited in scope, EFF applauds its goals and supports its passage in the Senate.

    H.R. 3202 is a short and simple bill, sponsored by Rep. Sheila Jackson Lee (D-TX), that would require the Department of Homeland Security to submit a report to Congress outlining how the government deals with disclosing vulnerabilities. Specifically, the mandated report would comprise two parts. First, a “description of the policies and procedures developed [by DHS] for coordinating cyber vulnerability disclosures,” or in other words, how the government reports flaws in computer hardware and software to the developers. And second, a possibly classified “annex” containing descriptions of specific instances where these policies were used to disclose vulnerabilities in the previous year, leading to mitigation of the vulnerabilities by private actors.

    Perhaps the best thing about this short bill is that it is intended to provide some evidence for the government’s long-standing claims that it discloses a large number of vulnerabilities. To date, such evidence has been exceedingly sparse; for instance, Apple received its first ever vulnerability report from the U.S. government in 2016. Assuming the report and annex work as intended, the public’s confidence in the government’s ability to “play defense” may actually increase.

  • FBI Says Device Encryption Is 'Evil' And A Threat To Public Safety

    The FBI continues its anti-encryption push. It's now expanded past Director Christopher Wray to include statements by other FBI personnel. Not that Chris Wray isn't taking every opportunity he can to portray personal security as a threat to the security of the American public. He still is. But he's no longer the only FBI employee willing to speak up on the issue.

    Wray expanded his anti-encryption rhetoric last week at a cybersecurity conference in New York. In short, encryption is inherently dangerous. And the FBI boss will apparently continue to complain about encryption without offering any solutions.

  • Canonical Says It'll Release New Ubuntu Kernels to Further Mitigate Spectre Bugs

    Canonical's Dean Henrichsmeyer published today an update on the Ubuntu patches for the Meltdown and Spectre security vulnerabilities and what they plan on doing next to mitigate these critical bugs.

    By now, most of you have probably updated your Ubuntu Linux computers to the new kernel versions Canonical released earlier this week, as well as the new Nvidia proprietary graphics driver and Firefox web browser, both including patches to mitigate the Meltdown and Spectre exploits affecting billions of devices powered by modern processors from Intel, AMD, and ARM.

Meltdown Patches and Problems

Filed under
  • [Ubuntu] Meltdown and Spectre Status Update

    On Tuesday, January 9, 2018 we released Ubuntu kernel updates for mitigation of CVE-2017-5754 (aka Meltdown / Variant 3) for the x86-64 architecture.

  • Lubuntu 17.10.1 (Artful Aardvark) released!

    Lubuntu 17.10.1 has been released to fix a major problem affecting many Lenovo laptops that causes the computer to have BIOS problems after installing. You can find more details about this problem here.

    Please note that the Meltdown and Spectre vulnerabilities have not been fixed in this ISO, so we advise that if you install this ISO, update directly after.

    This release is no different in terms of features from the 17.10 release, and is comparable to an LTS point release in that all updates since the 17.10 release have been rolled into this ISO. You can find the initial announcement here.

  • Check Linux for Spectre or Meltdown vulnerability

    Devices running Linux are affected by Spectre and Meltdown vulnerabilities as much as their Windows counterparts.

    Development teams work on updated kernels for the various distributions, and users need to update browsers and other software to protect data against potential attacks.

    We talked about identifying whether your Windows PC or web browser is vulnerable already. A recently published script does the same for Linux systems. You may use it to check whether your Linux distribution is vulnerable.

  • Meltdown Patch Is Causing Problems for Some Ubuntu Linux Users

    Many Ubuntu Linux users who installed the latest kernel updates to fix the Meltdown CPU vulnerability found themselves stuck in a boot loop and had to revert back to a previous version.

    The problem affected mostly Ubuntu 16.04 (Xenial Xerus), which is a long-term support (LTS) release. Soon after the 4.4.0-108 kernel update was released to fix the Meltdown vulnerability, users flooded the Ubuntu Forums and bug tracker to report booting problems.

  • Meltdown Update Kernel doesnt boot
  • Major Linux distros have Meltdown patches, but that's only part of the fix

    The Intel Meltdown security problem is the pain that just keeps hurting. Still, there is some good news. Ubuntu and Debian Linux have patched their distributions. The bad news? It's becoming clearer than ever that fixing Meltdown causes significant performance problems. Worst still, many older servers and appliances are running insecure, unpatchable Linux distributions.

Red Hat on Microservices and Security

Filed under
Red Hat
  • The State of Microservices

    During the fall of 2017, we conducted a microservices survey with our Red Hat JBoss Middleware and Red Hat OpenShift customers. From this, we were able to discover how these customers are using microservices to their advantage, what they see as some of the major benefits, what challenges exist and how to overcome them and how microservices can give respondents a competitive advantage. While these statistics are based off of a specific group of Red Hat customers, these findings give a good sense of the overall attitude toward microservices adoption and implementation. Read on to learn more about these findings.

  • What OpenShift Online and Dedicated customers should know about Meltdown and Spectre

    This past week, the technology world became aware of three significant security threats that could be used to allow cybercriminals to steal valuable data from an affected computer system. Together, these three bugs are commonly known as “Spectre” and “Meltdown” – a technical discussion of these vulnerabilities can be found here, and a non-technical explanation of the key facts is here.

  • Security updates for Thursday
  • Intel Releases Linux CPU Microcodes for Processors Going Back Two Decades

Security: Meltdown, Spectre, Apple, CoffeeMiner, EMC, VMware and More

Filed under
  • NSA Didn't Know of Meltdown, Spectre, Trump Cyber Czar Says

    The National Security Agency didn't know about the Meltdown or Spectre flaws, White House cybersecurity coordinator Rob Joyce said at the International Conference on Cyber Security at Fordham University Law School here today (Jan. 11).

  • spectre and the end of langsec

    Like many I was profoundly saddened by this analysis. I want to believe in constructive correctness, in math and in proofs. And so with the rise of functional programming, I thought that this historical slide from reason towards observation was just that, historical, and that the "safe" languages had a compelling value that would be evident eventually: that "another world is possible".

    In particular I found solace in "langsec", an approach to assessing and ensuring system security in terms of constructively correct programs. One obvious application is parsing of untrusted input, and indeed the website appears to emphasize this domain as one in which a programming languages approach can be fruitful. It is, after all, a truth universally acknowledged, that a program with good use of data types, will be free from many common bugs. So far so good, and so far so successful.

    The basis of language security is starting from a programming language with a well-defined, easy-to-understand semantics. From there you can prove (formally or informally) interesting security properties about particular programs. For example, if a program has a secret k, but some untrusted subcomponent C of it should not have access to k, one can prove if k can or cannot leak to C. This approach is taken, for example, by Google's Caja compiler to isolate components from each other, even when they run in the context of the same web page.

    But the Spectre and Meltdown attacks have seriously set back this endeavor. One manifestation of the Spectre vulnerability is that code running in a process can now read the entirety of its address space, bypassing invariants of the language in which it is written, even if it is written in a "safe" language. This is currently being used by JavaScript programs to exfiltrate passwords from a browser's password manager, or bitcoin wallets.

  • Is Apple Even Paying Attention To macOS Security Anymore?

    A new Mac security flaw lets you type literally any username and password in order to unlock the Mac App Store panel in System Preferences. It’s probably not a big deal practically speaking—the panel is unlocked by default—but the fact that this issue exists at all is a worrying reminder that Apple isn’t prioritizing security like they used to.

  • Ubuntu Linux Unbootable After Users Install Meltdown And Spectre Patches
  • Ubuntu Update For Meltdown And Spectre Chip Flaws Leaves Some PCs Unbootable

    Sometimes the cure is worse than the disease. Just ask the affected users of older AMD systems who had their PCs bricked after downloading and installing a Windows update that was supposed to protect them from Meltdown and Spectre. It is not just Windows users who are suffering, either. Some Ubuntu Xenial 16.04 users also report that the latest update for their OS has rendered their system unable to boot.

  • How CoffeeMiner Attack Hacks Public Wi-Fi And Uses Your PC For Mining Cryptocurrency

    After a series of ransomware attacks capturing the headlines past year, crypto mining malware and cryptojacking attacks came into the play. Just last month, a Starbucks customer found that the infected Wi-Fi hotspot was trying to mine Monero digital coins. It was a new kind of threat associated with using public hotspots, which are often labeled unsafe and users are advised to use VPN services for extra privacy.

  • Prosecutors say Mac spyware stole millions of user images over 13 years

    An indictment filed Wednesday in federal court in Ohio may answer some of those questions. It alleges Fruitfly was the creation of an Ohio man who used it for more than 13 years to steal millions of images from infected computers as he took detailed notes of what he observed.

  • EMC, VMware security bugs throw gasoline on cloud security fire

    While everyone was screaming about Meltdown and Spectre, another urgent security fix was already in progress for many corporate data centers and cloud providers who use products from Dell's EMC and VMware units. A trio of critical, newly reported vulnerabilities in EMC and VMware backup and recovery tools—EMC Avamar, EMC NetWorker, EMC Integrated Data Protection Appliance, and vSphere Data Protection—could allow an attacker to gain root access to the systems or to specific files, or inject malicious files into the server's file system. These problems can only be fixed with upgrades. While the EMC vulnerabilities were announced late last year, VMware only became aware of its vulnerability last week.

  • Malware based on open source Kotlin language discovered lurking in Google Play [Ed: This has nothing to do with "open source". They don't say "proprietary" when the framework is.]

    Basically, it's pretty typical of the malware that crops up in dodgy apps that have wormed their way past the digital bouncers on the Play Store.

  • How to increase Linux security by disabling USB support

    This may sound like a crazy way of enhancing security on a server, but if you can get away with it—as in you don't need any USB devices such as keyboards, mice, external drives—disabling USB support can be an added means of ensuring malicious files do not find their way onto your servers. Obviously, this will only work for headless machines, so you better make certain you can SSH into those servers, otherwise, you'll find yourself in trouble trying to input anything via keyboard or mouse.

OPNsense® 18.1 Release Candidate 1

Filed under

For more than 3 years now, OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, HardenedBSD security, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing.

We humbly present to you the sum of another major iteration of the OPNsense firewall. Over the second half of 2017 well over 500 changes have made it into this first release candidate. Most notably, the firewall NAT rules have been reworked to be more flexible and usable via plugins, which is going to pave the way for subsequent API works on the core firewall functionality. For more details please find the attached list of changes below.

Meltdown and Spectre patches are currently being worked on in FreeBSD[1], but there is no reliable timeline. We will keep you up to date through the usual channels as more news become available. Hang in there!

Read more

Ubuntu 17.04 EoL and Patches

Filed under
Syndicate content

More in Tux Machines

Fedora: Release Party, Fedora Diversity, Critical Firefox Fix

Microsoft Openwashing and Revisionism

  • Microsoft joins effort to cure open source license noncompliance [Ed: Pushing Microsoft lies under the false pretenses that Microsoft plays along with the GPL (it violates, smears and undermines it)]
  • Microsoft joins group working to 'cure' open-source licensing issues [Ed: Mary Jo Foley uses this initiative to whitewash Microsoft after it repeatedly violated the GPL and attacked it publicly, behind the scenes etc. And watch the image she uses: a lie.]
    It's kind of amazing that just over a decade ago, Microsoft was threatening Linux vendors by claiming free and open-source software infringed on 235 of Microsoft's patents. In 2007, Microsoft was very openly and publicly anti-GPLv3, claiming it was an attempt "to tear down the bridge between proprietary and open source technology that Microsoft has worked to build with the industry and customers."
  • Today's channel rundown - 19 March 2018
    The six have committed to extending additional rights "to cure open source license noncompliance". The announcement was made by Red Hat, which says the move will lead to greater cooperation with distributors of open source software to correct errors. In a statement, Red Hat referenced widely used open source software licenses, GNU General Public License (GPL) and GNU Lesser General Public License, which cover software projects including the Linux kernel. GPL version 3 offers distributors of the code an opportunity to correct errors and mistakes in license compliance.
  • Tails Security Update, Companies Team Up to Cure Open Source License Noncompliance, LG Expanding webOS and More
    According to a Red Hat press release this morning: "six additional companies have joined efforts to promote greater predictability in open source licensing. These marquee technology companies—CA Technologies, Cisco, HPE, Microsoft, SAP, and SUSE—have committed to extending additional rights to cure open source license noncompliance. This will lead to greater cooperation with distributors of open source software to correct errors and increased participation in open source software development."

GNOME: New Flow, GNOME 3.28, New Shotwell

  • GitLab + Flatpak – GNOME’s full flow
    In this post I will explain how GitLab, CI, Flatpak and GNOME apps come together into a (imho) dream-come-true full flow for GNOME, a proposal to be implemented by all GNOME apps.
  • GNOME 3.28 released & coming to Fedora 28
    Last week, The GNOME project announced the release of GNOME 3.28. This major release of the GNOME desktop is the default desktop environment in the upcoming release of Fedora 28 Workstation. 3.28 includes a wide range of enhancements, including updates to Files (nautilus), Contacts, Calendar, Clocks and the on-screen keyboard. Additionally, the new application Usage is added to “make it easy to diagnose and resolve performance and capacity issues”
  • Shotwell Photo Manager Just Got a Big Performance Boost
    A new version of the Shotwell photo manager and editor is available to download. Shotwell 0.28 “Braunschweig” arrives half a year later than originally planned but hasn’t shirked on improvements or bug fixes during the wait. In all some 60 bugs have been closed since the Shotwell 0.27 release last year...

Graphics: Mesa/Mali, Wayland 1.15 Beta, and Mesa 17.3.7 RC2

  • Reverse-Engineering of ARM Mali "Midgard" Now Has A Working NIR Shader Compiler
    Earlier this year work on the "Chai" open-source Mali T700 GPU driver resumed with an aim to get a working Mesa driver for this "Midgard" graphics architecture. There's still a long battle ahead, but their NIR shader compiler is beginning to work. Alyssa Rosenzweig remains the main developer working on this Chai driver effort but with using some remnants done by Luc and Connor during the Lima driver days. Her focus lately has been on assembler and shader support for this reverse-engineered driver for ARM Mali graphics.
  • Wayland 1.15 Beta Released With Weston 4.0 Beta
    The beta releases are available today of Wayland 1.15 and the Weston 4.0 reference compositor. Wayland 1.15 is another relatively modest cycle. Wayland 1.15 pulls in libwayland-egl where as before that library was part of Mesa, making some semantics of Wayland more clear in the documentation, improvements to wayland-scanner, and some minor API additions.
  • Mesa 17.3.7 RC2 Issued With Even More Patches
    Last week the release candidate of Mesa 17.3.7 was issued with more than 50 patches queued. That count grew more over the weekend resulting in an additional release candidate. Mesa point releases tend to get just one RC and a few days of testing before going gold, but on top of the 50 patches last week another handful of patches were since proposed and queued up for this increasingly large point release. The very latest patches include a RADV Vulkan driver fix by Feral Interactive, and several other RADV and Intel Vulkan fixes.