Security Leftovers Security updates for Wednesday [LWN.net] Security updates have been issued by Fedora (xen), Mageia (x11-server), SUSE (chromium, kernel, pcre, pcre2, squid, and xorg-x11-server), and Ubuntu (gnupg, gnupg2, uriparser, xorg-server, xorg-server-hwe-16.04, and xorg-server, xorg-server-hwe-18.04, xwayland).

Reproducible Builds in June 2022 — reproducible-builds.org Welcome to the June 2022 report from the Reproducible Builds project. In these reports, we outline the most important things that we have been up to over the past month. As a quick recap, whilst anyone may inspect the source code of free software for malicious flaws, almost all software is distributed to end users as pre-compiled binaries.

QSB-083: Retbleed: Arbitrary speculative code execution with return instructions (XSA-407) We have just published Qubes Security Bulletin (QSB) 083: Retbleed: Arbitrary speculative code execution with return instructions (XSA-407). The text of this QSB is reproduced below. This QSB and its accompanying signatures will always be available in the Qubes Security Pack (qubes-secpack).

XSAs released on 2022-07-12 | Qubes OS The Xen Project has released one or more Xen Security Advisories (XSAs). The security of Qubes OS is affected. Therefore, user action is required.

Linux Foundation Openwashing and FUD Open Mainframe Project Announces Schedule for the 3rd Annual Open Mainframe Summit on September 21-21 in Philadelphia, PA [Ed: IBM mainframes are proprietary, but 'Linux' Foundation gets paid to lies to you about it (openwashing). The lies are products and service.] The Open Mainframe Project, an open source initiative that enables collaboration across the mainframe community to develop shared tool sets and resources, announces the schedule for the 3rd annual Open Mainframe Summit, which will be in-person in Philadelphia, PA, and streaming online for global attendees. This year’s theme focuses on security, which is top of mind for every company that uses mainframes.

SODA Foundation Announces 2022 Data & Storage Trends Survey [Ed: Nothing to do with Linux, nothing to do with research (just spam and marketing)] To address evolving Data and Storage needs throughout the industry, SODA Foundation, in partnership with Linux Foundation Research, is once again conducting a survey to provide insights into challenges, gaps, and trends for data and storage in the era of cloud native, edge, AI, and 5G. The results will serve to guide the SODA Foundation technical direction and ecosystem.

Jamie Thomas: What is the OpenSSF [Ed: Linux Foundation now works for/with Microsoft shills like Shimel; this is a catastrophe] Jamie Thomas is the General Manager, Systems Strategy and Development at IBM and is also the OpenSSF Board chair. She sat down with Alan Shimel of TechStrong TV during OpenSSF Day in Austin to share about OpenSSF and how the open source community is rallying together to increase the resilience of open source software.

FDC3 2.0 Drives Desktop Interoperability Across the Financial Services Ecosystem - Linux Foundation [Ed: This is not a community, it's not "Open Source", it's a carte of banksters diluting the "Linux" brand so that Zemlin and his cohorts can steal a lot of money (monetising an attack on brands we built)] The Fintech Open Source Foundation (FINOS), the financial services umbrella of the Linux Foundation, announced today during its Open Source in Finance Forum (OSFF) London the launch of FDC3 2.0. FDC3 supports efficient, streamlined desktop interoperability between financial institutions with enhanced connectivity capabilities.