Gerrit code review tool taken offline after suspected admin account compromise

Development
Security

Gerrit has been taken offline after malicious activity was flagged on the open source code collaboration platform.

The web-based Git code review service was disabled two hours after project maintainers were alerted to a suspected security breach on Tuesday morning (October 20).

“We believe an admin account in Gerrit was compromised allowing an attacker to escalate privileges within Gerrit,” said Clark Boylan in a service announcement issued later that day.
“Around 02:00 UTC October 20 suspicious review activity was noticed, and we were made aware of it shortly afterwards.

“The involved account was disabled and removed from privileged Gerrit groups. After further investigation we decided that we needed to stop the service, this happened at about 04:00 UTC.”

Sailfish OS now lets you share your Mobile Linux device

Use Multi-account sign-on on your Mobile Linux device. Jolla has Introduced this feature as part of its latest Sailfish OS 3.4 Pallas-Yllästunturi release software update. Having the ability to share a mobile device amongst your family or co-workers can be very useful. This is something that mobile manufacturers such as Motorola have been doing on their smartphones and Samsung on their tablets for a while now. What I mean by sharing is that everyone can have their own Independent accounts set up on the device - once logged in they have access to their OWN emails, social media accounts, pictures, etc. It's THEIR device. Read more

Setup KOrganizer with Operation Tulip Online Calendar

Anyone using Kubuntu will see KOrganizer the best desktop calendar and anyone knows internet knows NextCloud technology a complete solution to live online. Now we find Operation Tulip a generous online service for data storage and calendar based on that technology. This tutorial explains how to synchronize your desktop and your online calendar the easy way. KOrganizer is a complete desktop calendar similar to Mac's or Windows' built-in Calendar application. It works with multiple accounts and supports the popular iCalendar format. It supports colors and categories and is able to work offline. It is developed by KDE. NextCloud is latest computing technology in the field of online storage developed from the earlier one named OwnCloud. Any company or organization with enough capacity can make their own Google Online Services such as office suite, storage, mail, calendar, video call, and more simply by installing this on their server. NextCloud is Free Software. It is founded by vice president of KDE. Read more

Audiocasts/Shows: Ubuntu Podcast, ZaReason Review and BSD Now

  • Ubuntu Podcast S13E31 – Cheers with water

    This week we’ve been upgrading computers and Ebaying stuff. We discuss the Windows Calculator coming to Linux, Microsoft Edge browser coming to Linux, Ubuntu Community Council elections and LibreOffice office getting Yaru icons. We also round up our picks from the general tech news.

  • Review - The Verix 9100 Linux Laptop from ZaReason

    Time for another laptop review! This time I have the Verix 9100 in the studio sent over from ZaReason, an awesome local Linux laptop vendor that has some great hardware available.

  • BSD Now #373: Kyle Evans Interview

    We have an interview with Kyle Evans for you this week. We talk about his grep project, lua and flua in base, as well as bectl, being on the core team and a whole lot of other stuff.

openSUSE Jump will likely land in openSUSE Leap 15.3

During the openSUSE + LibreOffice Virtual Conference, there were 2 presentations on what’s next for openSUSE Leap. These presentations also touched on Closing the Leap Gap. This is a project which tries to resolve / minimize the differences in packages between openSUSE Leap and SUSE Linux Enterprise (SLE), by unifying the code base and the development process. More details on this project can be found here. On the 20th October, there was a Go-No Go decision to be made. This decision is documented here. The outcome is also described in the Engineering Meeting Minutes that can be found here. There was a Conditional No Go given on the proposal to create an in-between release called openSUSE Leap 15.2.1. That means that the Jump and Leap unification will most likely happen in Leap 15.3. I think that this is a reasonable decision, which provides a better timeline for the openSUSE and SUSE teams to work out all of the outstanding issues. Read more

