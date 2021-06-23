Security and Linux Foundation Leftovers
Security updates for Wednesday
Security updates have been issued by Debian (ceph), Fedora (buildah, containernetworking-plugins, and podman), openSUSE (chromium, kernel, php7, python-CairoSVG, python-Pillow, seamonkey, and transfig), Red Hat (microcode_ctl), SUSE (kernel and libcares2), and Ubuntu (c-ares).
Ian Wienand: Lyte Portable Projector Investigation
I recently picked up this portable projector for a reasonable price. It might also be called a "M5" projector, but I can not find one canonical source. In terms of projection, it performs as well as a 5cm cube could be expected to. They made a poor choice to eschew adding an external video input which severely limits the device's usefulness.
Wheeler: Funded open source security work at the Linux Foundation
David A. Wheeler lists some of the security-related projects he is overseeing at the Linux Foundation.
How SBOMs Strengthen the Software Supply Chain
The need to strengthen and secure the software supply chain has gained heightened awareness in recent months. The Biden administration, for example, issued an executive order that outlined security measures for critical software use and specifically mentioned open source provenance and the need for companies to provide a Software Bill of Materials (SBOM) as part of their efforts to improve software supply chain security.
In this article, we’ll explain what an SBOM is and point you to additional resources outlining best practices and other key information.
[..]
The transparency made possible by an SBOM, however, is not about dictating what is good or bad, says Friedman. “It is about allowing everyone to make the right, risk-based decisions... And, you can’t make good risk-based decisions unless you know what you have.”
As NTIA states, an “SBOM will not solve all software security problems, but will form a foundational data layer on which further security tools, practices, and assurances can be built.”
The Linux Foundation and Fintech Open Source Foundation Announce the Agenda for Open Source Strategy Forum London 2021, Oct 4-5
The Linux Foundation, the nonprofit organization enabling mass innovation through open source, and co-host Fintech Open Source Foundation (FINOS), a nonprofit whose mission is to accelerate adoption of open source software, standards and best practices in financial services, today announced the conference agenda for Open Source Strategy Forum London 2021 (OSSF). The event takes place October 4-5 in London, England. The schedule can be viewed here.
The event will gather experts from financial services, technology and open source who will come together for thought-provoking insights and conversations, providing unique opportunities to hear from and engage with those who are leveraging open source software to solve industry challenges. OSSF is the only conference dedicated to driving collaboration and innovation in financial services through open source.
Linux in Devices: Raspberry Pi, Geniatech, UP Xtreme, and WebOS on TVs
Games: Back 4 Blood, Parsec, Total War: ROME REMASTERED, and DXVK
Mozilla Thunderbird 91 Released as a Massive Update with Numerous New Features and Improvements
Thunderbird 91 comes a little over a year after the Thunderbird 78 series and brings a revamped account setup wizard with support for setting up signatures, encryption and CalDAV calendars, a new user interface for adding attachments, the ability to change the order of accounts in the UI, and the ability to redirect emails. This new Thunderbird release also allow you to encrypt your emails to BCC recipients, though these will be exposed in the list of keys. New keyboard shortcuts are now available to access the To, CC and BCC fields of the compose window, and Thunderbird now allows showing of empty CC and BCC rows in the compose window.
