Language Selection

English French German Italian Portuguese Spanish

SUSE

SUSE EOL and Tumbleweed

Filed under
SUSE

SUSE Security Breach (Again) and Tumbleweed Update

Filed under
SUSE
  • Several openSUSE services disabled due to a security breach

    We have been informed of a security breach of the MF authentication system used by several openSUSE services.

    As a result, the openSUSE services using this authentication method are immediately being set to read-only mode/preventing authentication.

    This includes the openSUSE OBS, wiki, and forums.

    The scope and impact of the breach is not yet fully clear. The disabling of authentication is to ensure the protection of our systems and user data while the situation is fully investigated.

  • Tumbleweed: Review of the weeks 2017/18 & 19

    In the last two weeks, a total of 6 snapshots had been released to the wild (0428, 0429, 0430, 0502, 0503, 0505): all those snapshots were mainly in Week 18 – while we were having some struggles this week due to the way the pattern packages are now laid out. The change was slightly more complex than anticipated and small issues crept in here and there. But the change is well worth the effort, as patterns are now smaller chunks with their own respective maintainer groups assigned. For example, the KDE Team has more, and especially more direct, control over their pattern. The same holds, of course, true for all other desktop related patterns: those now live in the respective desktop environment’s devel projects.

SUSE Leftovers: SUSE Academic Program, OBS, and Status Page

Filed under
SUSE
  • SUSE Academic Program Opens Door to Open Source for Students Globally
  • Release of new Image Templates Page

    What’s that? – You might ask. Just have a look yourself. Click on the newly added ‘New image’ link on the OBS front page.

  • Announcing openSUSE’s status page – status.opensuse.org

    Worried about downtimes and maintenance windows of openSUSE services that you missed because there was no information provided? Wink

    Now is your chance to get informed about any (un-)expected downtime of any openSUSE service!

    The openSUSE Heroes team is pleased to announce that status.opensuse.org is up and running as public status page, providing you with the latest updates about our infrastructure. We tried our best to get the page mobile friendly and easy to understand. Even RSS and Atom feeds are available. A big “thank you” to the team from Cachet, the open source status page system, for developing that great tool.

SUSE Leftovers

Filed under
SUSE
  • SUSE Unveils OpenStack Cloud Monitoring & Supports TrilioVault

    Today at the OpenStack Summit 2017 in Boston, MA, SUSE, aside from celebrating its 25th anniversary, announced its new open source software solution that makes it simple to monitor and manage the health and performance of enterprise OpenStack cloud environments and workloads, SUSE OpenStack Cloud Monitoring. In other SUSE related news, Trilio Data, announced that its TrilioVault is Ready Certified for SUSE OpenStack Cloud.

  • Students to Enhance Multiple Open Source Projects

    Five students will spend this summer putting their coding skills into practice for openSUSE and other projects during this year’s Google Summer of Code.

    The international program that matches mentors and students funded 1,315 student projects this year for 201 open source organizations, who will benefit from the active involvement from these new developers.

    “We are excited to be selected as a mentoring organization and to mentor these talented, young GSoC students,” said Christian Bruckmayer, one of the openSUSE mentors. “This year’s projects focus on enhancing the capabilities of our open source tools, so that the benefits are shared amongst the open-source ecosystem.”

Upcoming Conferences: ApacheCon and oSC17

Filed under
OSS
SUSE
  • 3 Developers Explain Why They Attend ApacheCon

    ApacheCon North America is right around the corner. Everyone is looking forward to this year’s event May 16-18 in Miami. There’s plenty new to see, hear, and do this year but that’s not the only attraction for developers.

    The annual conference of The Apache Software Foundation is where users and contributors meet face-to-face to collaborate on the next generation of cloud, Internet, and Big Data tech. The Apache community is huge and has upwards of 4500 committers. There is ample opportunity to meet MVPs and project heroes plus swap war stories with fellow developers in the trenches.

  • Excited about oSC17? Volunteer to experience another aspect of it!

    oSC17 is just around the corner, and if you want to be part of making it awesome you can now sign up to become a volunteer!

    Volunteers are invaluable to conferences, and they play a major role in creating a pleasant conference atmosphere for attendees.

openSUSE Tumbleweed Users Get GNOME 3.24.1, KDE Plasma 5.9.5 and Linux 4.10.13

Filed under
SUSE

openSUSE Project's Douglas DeMaio reports today on the latest updates and security fixes that landed in the software repositories of the openSUSE Tumbleweed rolling operating system.

Read more

GNOME 3.24.1, Plasma 5.9.5 Arrive in Tumbleweed

Filed under
SUSE

A total of seven openSUSE Tumbleweed snapshots were released since last week’s update, which brought several minor version updates and less than a handful of major version updates.

A change on the server that prepares the .diff emails that are generated caused a hiccup for the Tumbleweed announcer, so snapshots 20170428, 20170429, 20170430 and 20170502 were all listed in snapshots 20170503. The change to the server was to create a similar data comparison file to generate emails for Leap 42.3, so it could list packages that are changed during its rolling development process.

Read more

SUSE: Markus Rex and YaST

Filed under
SUSE

The great leap backward [otherwise behind paywall]

Filed under
SUSE

Sayre's law states: "In any dispute the intensity of feeling is inversely proportional to the value of the issues at stake". In that context, it is perhaps easy to understand why the discussion around the version number for the next major openSUSE Leap release has gone on for hundreds of sometimes vitriolic messages. While this change is controversial, the openSUSE board hopes that it will lead to more rational versioning in the long term — but the world has a way of interfering with such plans.

OpenSUSE Leap is an interesting hybrid distribution; its core packages come from the slow-and-stable SUSE Linux Enterprise (SLE) release, but those packages are replaced or supplemented by much newer software where desired. The current (and only) openSUSE Leap release was originally based on SLE 12 and openSUSE 13.1. The project had an immediate problem in that it needed to come up with a version number for this new distribution; in the end, it did what any of us would have done and chose 42. The current release is openSUSE Leap 42.2.

[...]

That said, this decision has set up another existential crisis for the future: what happens when the SLE 42 release comes out and openSUSE Leap is faced with reusing a version number — a deed seen as being even more foul than going backward? Brown shrugged off this problem, saying that, at the current release rate, SLE 42 isn't due for over 100 years. There should, he implied, be time for plenty of other flame wars before that one needs to heat up.

Brown's math is neglecting an important fact, though: SLE just skipped over two numbers, and might well be expected to do the same thing again in the next century. After all, 16 is a power of two, and all those zeroes might make some potential customers nervous. It's also the atomic number of sulfur; best to just skip it. Italians see 17 as an exceptionally ill-starred number. 18 is voting age in much of the world, and nobody has had luck with voting recently, so that one should be avoided too. 19 is suspiciously prime, but might yet prove acceptable pending further research. And so on; SLE 42 may come far sooner than anybody expects.

Read more

openSUSE Tumbleweed Users Get Linux Kernel 4.10.10, Updated Fonts, and More

Filed under
SUSE

openSUSE Project's Douglas DeMaio reports today, April 27, 2017, on the updates and improvements that landed in the software repositories during this week, brought by a total of four snapshots.

Read more

Syndicate content

More in Tux Machines

today's leftovers

  • CRI: The Second Boom of Container Runtimes
    Harry (Lei) Zhang, together with the CTO of HyperHQ, Xu Wang, will present “CRI: The Second Boom of Container Runtimes” at KubeCon + CloudNativeCon EU 2018, May 2-4 in Copenhagen, Denmark. The presentation will clarify about more about CRI, container runtimes, KataContainers and where they are going. Please join them if you are interested in learning more.
  • Meet Gloo, the ‘Function Gateway’ That Unifies Legacy APIs, Microservices, and Serverless
    Gloo, a single binary file written in Go, can be deployed as a Kubernetes pod, in a Docker container, and now also on Cloud Foundry. The setup also requires a copy of Envoy, though the installation process can be greatly simplified through additional software developed by the company, TheTool. The user then writes configuration objects to capture the workflow logic.
  • Why is the kernel community replacing iptables with BPF?

    The Linux kernel community recently announced bpfilter, which will replace the long-standing in-kernel implementation of iptables with high-performance network filtering powered by Linux BPF, all while guaranteeing a non-disruptive transition for Linux users.

  • The developer of Helium Rain gave an update on their sales, low overall sales but a high Linux percentage
    Helium Rain [Steam, Official Site], the gorgeous space sim from Deimos Games is really quite good so it's a shame they've seen such low overall sales. In total, they've had around 14,000€ (~$17,000) in sales which is not a lot for a game at all. The good news, is that out of the two thousand copies they say they've sold, a huge 14% of them have come from Linux. It's worth noting, that number has actually gone up since we last spoke to them, where they gave us a figure of 11% sales on Linux.
  • Want to try Wild Terra Online? We have another load of keys to give away (update: all gone)
    Wild Terra Online [Steam], the MMO from Juvty Worlds has a small but dedicated following, now is your chance to see if it's for you.
  • Arch Linux Finally Rolling Out Glibc 2.27
    Arch Linux is finally transitioning to glibc 2.27, which may make for a faster system. Glibc 2.27 was released at the start of February. This updated GNU C Library shipped with many performance optimizations particularly for Intel/x86_64 but also some ARM tuning and more. Glibc 2.27 also has memory protection keys support and other feature additions, but the performance potential has been most interesting to us.
  • Installed nvidia driver
  • Stephen Smoogen: Fedora Infrastructure Hackathon (day 1-5)
  • Design and Web team summary – 20 April 2018
    The team manages all web projects across Canonical. From www.ubuntu.com to the Juju GUI we help to bring beauty and consistency to all the web projects.
  • Costales: UbuCon Europe 2018 | 1 Week to go!!
    We'll have an awesome weekend of conferences (with 4 parallel talks), podcasts, stands, social events... Most of them are in English, but there will be in Spanish & Asturian too.
  • Tough, modular embedded PCs start at $875
    Advantech has launched two rugged, Linux-ready embedded DIN-rail computers with Intel Bay Trail SoCs and iDoor expansion: an “UNO-1372G-E” with 3x GbE ports and a smaller UNO-1372G-J with only 2x GbE, but with more serial and USB ports.

OSS Leftovers

  • IRS Website Crash Reminder of HealthCare.gov Debacle as OMB Pushes Open Source
    OMB is increasingly pushing agencies to adopt open source solutions, and in 2016 launched a pilot project requiring at least 20 percent of custom developed code to be released as open source – partly to strengthen and help maintain it by tapping a community of developers. OMB memo M-16-21 further asks agencies to make any code they develop available throughout the federal government in order to encourage its reuse. “Open source solutions give agencies access to a broad community of developers and the latest advancements in technology, which can help alleviate the issues of stagnated or out-dated systems while increasing flexibility as agency missions evolve over time,” says Henry Sowell, chief information security officer at Hortonworks Federal. “Enterprise open source also allows government agencies to reduce the risk of vendor lock-in and the vulnerabilities of un-supported software,” he adds.
  • Migrations: the sole scalable fix to tech debt.

    Migrations are both essential and frustratingly frequent as your codebase ages and your business grows: most tools and processes only support about one order of magnitude of growth before becoming ineffective, so rapid growth makes them a way of life. This isn't because they're bad processes or poor tools, quite the opposite: the fact that something stops working at significantly increased scale is a sign that it was designed appropriately to the previous constraints rather than being over designed.

  • Gui development is broken

    Why is this so hard? I just want low-level access to write a simple graphical interface in a somewhat obscure language.

OpenBSD and NetBSD

Security: Twitter and Facebook

  • Twitter banned Kaspersky Lab from advertising in Jan
     

    Twitter has banned advertising from Russian security vendor Kaspersky Lab since January, the head of the firm, Eugene Kaspersky, has disclosed.  

  • When you go to a security conference, and its mobile app leaks your data
     

    A mobile application built by a third party for the RSA security conference in San Francisco this week was found to have a few security issues of its own—including hard-coded security keys and passwords that allowed a researcher to extract the conference's attendee list. The conference organizers acknowledged the vulnerability on Twitter, but they say that only the first and last names of 114 attendees were exposed.

  • The Security Risks of Logging in With Facebook
     

    In a yet-to-be peer-reviewed study published on Freedom To Tinker, a site hosted by Princeton's Center for Information Technology Policy, three researchers document how third-party tracking scripts have the capability to scoop up information from Facebook's login API without users knowing. The tracking scripts documented by Steven Englehardt, Gunes Acar, and Arvind Narayanan represent a small slice of the invisible tracking ecosystem that follows users around the web largely without their knowledge.

  • Facebook Login data hijacked by hidden JavaScript trackers
     

    If you login to websites through Facebook, we've got some bad news: hidden trackers can suck up more of your data than you'd intended to give away, potentially opening it up to abuse.