Language Selection

English French German Italian Portuguese Spanish

DW Latest Releases

Syndicate content DistroWatch
Latest distribution releases
Updated: 3 hours 10 min ago

02/21 Elastix 9.8.0

3 hours 10 min ago

02/23 PCLinuxOS 2019.02-test

3 hours 10 min ago

02/19 BackBox 5.3

3 hours 10 min ago

02/19 Clear 27900

3 hours 10 min ago

02/20 openSUSE 15.1-beta

3 hours 10 min ago

02/19 NomadBSD 1.2-RC2

3 hours 10 min ago

02/21 PBXware 5.2.2

3 hours 10 min ago

02/20 Manjaro 18.0.3 "Cinnamon"

3 hours 10 min ago

02/22 Mageia 7-beta2

3 hours 10 min ago

02/21 KDE neon 20190221

3 hours 10 min ago

02/18 Kali 2019.1

Saturday 23rd of February 2019 01:58:04 AM

02/18 Slax 9.8.0

Thursday 21st of February 2019 11:58:02 PM

02/16 Debian 9.8.0

Thursday 21st of February 2019 10:58:02 AM

02/15 ArcoLinux 19.02.4

Thursday 21st of February 2019 10:58:02 AM

02/16 Voyager 18.04.2

Thursday 21st of February 2019 10:58:02 AM

02/14 Xubuntu 18.04.2

Wednesday 20th of February 2019 09:58:08 PM

02/15 Archman 2019.02 "KDE"

Wednesday 20th of February 2019 09:58:08 PM

02/14 Ubuntu Kylin 18.04.2

Tuesday 19th of February 2019 07:58:02 PM

02/14 Ubuntu MATE 18.04.2

Tuesday 19th of February 2019 06:58:03 AM

More in Tux Machines

Servers: Red Hat, Kubernetes, OpenShift, WriteFreely and WordPress

  • Taking System Monitoring to the Next Level: an Interview with Scalyr CEO Steve Newman [Ed: Linux Journal back to the pre-PIA days of promoting proprietary software?]
  • Time zone data (tzdata): 2018 data format changes and Red Hat Enterprise Linux
    Red Hat Enterprise Linux (RHEL) needs time zone information in order for all applications in the operating system to correctly print local time. The GNU C Library (glibc) makes use of the tzdata package in order to make APIs such as strftime() work correctly, while applications such as /usr/bin/date make use of this information to print the local date. The tzdata package contains the data files documenting both current and historic transitions for various time zones around the world. This data represents changes required by local government bodies or by time zone boundary changes, as well as changes to UTC offsets and daylight saving time (DST).
  • Upcoming Silicon Valley OpenShift Commons Gathering, March 11 on Operating at Scale with Speakers Google, Facebook, Uber, Red Hat and Rook
    The OpenShift Commons Gathering brings together experts from all over the world to discuss the container technologies, operators, the operator framework, best practices for cloud-native application developers and the open source software projects that underpin the OpenShift ecosystem to help take us all to the next level in cloud-native computing. This next gathering will feature 400+ developers, project leads, cloud architects, DevOps professionals, sysadmins, and cloud-native practitioners coming together to explore the next steps in making container technologies successful and secure at scale.
  • 7 Key Considerations for Kubernetes in Production
    Today Enterprise IT does not question the value of containerized applications anymore. Given the move to adopting DevOps and cloud native architectures, it is critical to leverage container capabilities in order to enable digital transformation. Google’s Kubernetes (K8s), an open source container orchestration system, has become the de facto standard — and the key enabler — for cloud native applications, and the way they are architected, composed, deployed, and managed. Enterprises are using Kubernetes to create modern architectures composed of microservices and serverless functions which scale seamlessly. However, two years of working with Kubernetes for enterprise applications, and large-scale production deployments have taught us valuable real-world lessons about the challenges of Kubernetes in the enterprise, and what it REALLY takes in order to make it ready for prime time and enable organizations to safely bet on Kubernetes to power mission-critical enterprise application. Large and complex enterprises that have invested in container-based applications often struggle to realize the value of Kubernetes and container technology, due to operational or Day-two management challenges. In this post, we share seven fundamental capabilities large enterprises need to instrument around their Kubernetes investments in order to be able to effectively implement it and utilize it to drive their business.
  • Kubernetes job interview questions: How to prepare
    As Kubernetes adoption grows, so does the need for IT pros with the skills and experience needed to run it in production. “There’s a strong correlation between the popularity of Kubernetes and the demand for engineers who have in-depth knowledge of the system,” says Leo Shemesh, CTO at Jackpocket. Signs suggest that demand for Kubernetes skills is pointing skyward. That creates a tricky proposition for IT executives and hiring managers. Don’t worry, we’re not here to moan and groan about another skills shortage. Actually, Shemesh notes that it’s relatively easy for IT pros to begin learning about Kubernetes, thanks to a wealth of articles and other resources available online, a vibrant open source community, and the commercial platforms and services that sit on top of the Kubernetes project. It’s also relatively simple to start running a single-node cluster on a local machine with Minikube, a good option for getting your hands messy.
  • OpenShift platform seen as biggest IBM gain from Red Hat acquisition

    IBM's acquisition of open source company Red Hat means that Big Blue is betting that the future of cloud computing is hybrid and it has made the purchase to cover its flanks in this area, the technology analyst firm Gartner says.

  • Four Startup Engineering Killers

    Startup engineering is different from any other type of software engineering. It demands short- and medium-term productivity, relative to the “right way” of building systems. It values people who are able to iterate quickly and are comfortable with hacky code. It rewards pragmatism in technology choices versus picking the most hyped — or most stable — technology.

  • Phoronix Test Suite 8.6.1 Released For Open-Source, Cross-Platform Benchmarking
    Phoronix Test Suite 8.6.1 is now available as a minor update over Phoronix Test Suite 8.6-Spydeberg that shipped at the start of February.
  • WriteFreely: Start a blog, build a community
    As more of our lives move online, we become dependent on large services with millions (or billions) of users to communicate with each other. Although we tend to notice problems only when these platforms change a policy, erect a paywall, or suffer a data breach, we can often feel how these mass-broadcast platforms don't always have our best interests in mind and often don't "connect" us in the ways they purport to. However, over the past few years, we've also seen a renaissance of small, close-knit online communities. New protocols for building federated social networks, like ActivityPub, are seeing more use, popularized by open source platforms like Mastodon. People still gather on forums to discuss their interests with like-minded people. And even on the large, centralized services, many people use "group" features to have more intimate conversations than they would by sending their latest status update to a wide swath of unrelated people. In the blogging world, we've also seen platforms like Medium and Tumblr become more popular, partially because of the networks they offer. With these large platforms, each blog is no longer an "island," but part of a huge community. Yet, like any other closed-source, centralized service, if they make a change that doesn't benefit their users, we're forced to find another platform. That's why I built WriteFreely.
  • WordPress 5.1 Improves Security With Site Health Mechanism
    WordPress 5.1 became generally available on Feb. 21, providing users of the popular open-source blogging and content management system (CMS) with updates to improve site operations and site health. WordPress is one of the most widely deployed CMS technologies, powering over 30 percent of all websites on the internet. The new WordPress release follows the open-source project's tradition of naming releases after famous Jazz musicians by code-naming the 5.1 release Betty, after jazz vocalist Betty Carter. Among the key new features in the release is a check to warn users if they are running older, unsupported versions of the PHP programming language that is needed to operate WordPress. "Following WordPress 5.0 — a major release which introduced the new block editor — 5.1 focuses on polish, in particular by improving the overall performance of the editor," WordPress founder Matt Mullenweg wrote in a blog post. "In addition, this release paves the way for a better, faster, and more secure WordPress with some essential tools for site administrators and developers."

Linus Torvalds on World Domination (x86 Servers)

  • Linus Torvalds pulls pin, tosses in grenade: x86 won, forget about Arm in server CPUs, says Linux kernel supremo
    Linux kernel king Linus Torvalds this week dismissed cross-platform efforts to support his contention that Arm-compatible processors will never dominate the server market. Responding to interest in Arm's announcement of its data center-oriented Neoverse N1 and E1 CPU cores on Wednesday, and a jibe about his affinity for native x86 development, Torvalds almost abandoned his commitment to civil discourse while doing his best to dampen enthusiasm for a world of heterogeneous hardware harmony. "Some people think that 'the cloud' means that the instruction set doesn't matter," Torvalds said in a forum post. "Develop at home, deploy in the cloud. That's bullshit. If you develop on x86, then you're going to want to deploy on x86, because you'll be able to run what you test 'at home' (and by 'at home' I don't mean literally in your home, but in your work environment)."
  • Linus on why x86 won for servers
    Responding to a forum post on upcoming ARM server offerings, Linus Torvalds makes a compelling case for why Linux and x86 completely overwhelmed commercial Unix and RISC...
  • ARM announces Ares
    I can pretty much guarantee that as long as everybody does cross-development, the platform won't be all that stable. Or successful. Some people think that "the cloud" means that the instruction set doesn't matter. Develop at home, deploy in the cloud. That's bullshit. If you develop on x86, then you're going to want to deploy on x86, because you'll be able to run what you test "at home" (and by "at home" I don't mean literally in your home, but in your work environment). Which means that you'll happily pay a bit more for x86 cloud hosting, simply because it matches what you can test on your own local setup, and the errors you get will translate better. This is true even if what you mostly do is something ostensibly cross-platform like just run perl scripts or whatever. Simply because you'll want to have as similar an environment as possible, Which in turn means that cloud providers will end up making more money from their x86 side, which means that they'll prioritize it, and any ARM offerings will be secondary and probably relegated to the mindless dregs (maybe front-end, maybe just static html, that kind of stuff). Guys, do you really not understand why x86 took over the server market?

Redis Licence/Licensing Getting Weirder, Swim Openwashing

  • Redis Labs drops Commons Clause for a new license
    Redis Labs is dropping its Commons Clause license in favor of its new "available-source" license: Redis Source Available License (RSAL). This is not an open-source license. Redis Labs had used Commons Clause on top of the open-source Apache License to protect its rights to modules added to its 3-Clause-BSD-licensed Redis, the popular open-source in-memory data structure store. But, as Manish Gupta, Redis Labs' CMO, explained, "It didn't work. Confusion reigned over whether or not the modules were open source. They're not open-source." So, although it hadn't wanted to create a new license, that's what Redis Labs ended up doing. RSAL covers some Redis Modules, which run on top of open-source Redis. The current modules covered by RSAL are: RedisSearch, RedisGraph, RedisJSON, RedisML, and RedisBloom. Redis remains under the BSD license.
  • Redis Labs changes its open-source license — again
    Redis Labs, fresh off its latest funding round, today announced a change to how it licenses its Redis Modules. This may not sound like a big deal, but in the world of open-source projects, licensing is currently a big issue. That’s because organizations like Redis, MongoDB, Confluent and others have recently introduced new licenses that make it harder for their competitors to take their products and sell them as rebranded services without contributing back to the community (and most of these companies point directly at AWS as the main offender here). “Some cloud providers have repeatedly taken advantage of successful opensource projects, without significant contributions to their communities,” the Redis Labs team writes today. “They repackage software that was not developed by them into competitive, proprietary service offerings and use their business leverage to reap substantial revenues from these open source projects.”
  • Redis Labs Changing Its Licensing for Redis Modules Again, Raspberry Pi Rolling Out the Linux 4.19 Kernel, Windows Subsystem for Linux Updates Coming, Facebook Removing Its Spyware Onavo VPN from the Google Store and openSUSE Leap 15.1 Beta Pizza Party
    Redis Labs has changed its licensing for Redis Modules again. According to TechCrunch, the new license is called the Redis Source Available license, and as with the previous Commons Clause license, applies only to certain Redis Modules created by Redis Labs. With this license, "Users can still get the code, modify it and integrate it into their applications—but that application can't be a database product, caching engine, stream processing engine, search engine, indexing engine or ML/DL/AI serving engine." The TechCrunch post notes that by definition, an open-source license can't enforce limitations, so this new license technically isn't open source. It is, however, similar to other "permissive open-source licenses", which "shouldn't really affect most developers who use the company's modules".
  • Swim Open Sources Its Machine Learning Platform for Edge Computing [Ed: "Taking the "open core" route" means proprietary software or 'free' bait, so this headline is a tad misleading to say the least]
    Taking the "open core" route, the startup wants the open source community to take its platform in more directions than it's been able to so far.

GNU/Linux Security Leftovers

  • Major 9.8 vulnerability affects multiple Linux kernels— CVE-2019-8912 (af_alg_release())
    Our assessment is that the cause is this commit, the introduction of a "sockfs_setattr()" function. This function neglects to null-out values in a structure, making their values usable after exiting from the function (a so-called ‘use-after-free’ error).
  • Linux use-after-free vulnerability found in Linux 2.6 through 4.20.11
    Last week, a Huawei engineer reported a vulnerability present in the early Linux 2.6 kernels through version 4.20.11. The Kernel Address Sanitizer (KASAN) that detects dynamic memory errors within the Linux kernel code was used to uncover the use-after-free vulnerability which was present since early Linux versions. The use-after-free issue was found in the networking subsystem’s sockfs code and could lead to arbitrary code execution as a result.
  • Taking Care of Your Personal Online Security (For Paranoids)
    So, use Linux, and preferably coreboot or Libreboot (open source BIOS). You can buy hardware based on the recommendations of well-known and respected (still a bit paranoid) cypherpunk Richard Stallman.
  • Why do PAM projects fail? Tales from the trenches
    Privileged accounts hold the keys to highly sensitive company information and once these credentials are targeted, they can easily lead to a breach of a company’s most valuable assets; from databases to social media and unstructured data. Most enterprises have implemented some form of Privileged Access Management (PAM), but many find these initiatives fail to live up to expectations. Below are some common reasons why a PAM project might fail to meet the initial expectations; coupled with practical insights on how to prevent it from becoming a dud.
  • Sailfish OS: Security and Data Privacy
    Mobile World Congress is back again! Like every single year during the Jolla journey, we are excited to take part in this event. We have had great experiences in the past MWC’s, our main drivers for attending are the current and relevant topics discussed during the congress. One of this year’s core themes is Digital Trust; “Digital trust analyses the growing responsibilities required to create the right balance with consumers, governments and regulators.” It makes us happy that these topics are being discussed, especially since several scandals have recently affected trust in digital solutions. At Jolla we work constantly towards providing a secure and transparent solution. Our value towards our customer’s privacy is reflected in our values and actions. Back in May of 2018 our CEO Sami Pienimäki wrote a blog post on the GDPR laws passed within the European Union and stated the cornerstones on how Jolla views data privacy. This stand on privacy is not rocket science – the core idea is to respect our customers’ privacy and allow them to be in control of their data.
  • Security updates for Friday
  • Which is More Secure: Windows, Linux, or macOS? [Ed: security is not an OS feature but a separate product, insists company that sells "security" as a proprietar ysoftware product]