slack_justyb - Slashdot User

Submission + - FLTK 1.4 released (fltk.org)

Submitted by slack_justyb on Tuesday November 19, 2024 @09:50PM

slack_justyb writes: The Fast Light Toolkit releases version 1.4.0 of the venerable though sometimes looking a bit dated toolkit from the 90s. New in this version is better CMake support, HiDPI support, and initial support for Wayland on Linux and Wayland on FreeBSD. Programs compiled and linked to this library launch using Wayland if it is available at runtime and fall back to X11 if not.

Submission + - Fedora 41 to retire Python 2.7 (fedoraproject.org)

Submitted by slack_justyb on Wednesday July 03, 2024 @01:50AM

slack_justyb writes: After sixteen years since the introduction of Python 3, the Fedora project announces that Python 2.7, the last of the Python 2 series will be retired. From the announcement on the Fedora changes page:

The python2.7 package will be retired without replacement from Fedora Linux 41. There will be no Python 2 in Fedora 41+ other than PyPy. Packages requiring python2.7 on runtime or buildtime will have to deal with the retirement or be retired as well.
This also comes with the announcement that GIMP 3 will be coming to Fedora 41 to remove any last Python 2 dependencies. GIMP 2 was originally released on March 23, 2004.
GIMP will be updated to GIMP 3 with Python 3 support. Python 2 dependencies of GIMP will be retired.
Python 2's end of life was originally 2015, but was extended to 2020. The Python maintainers close with:
The Python maintainers will no longer regularly backport security fixes to Python 2.7 in RHEL, due to the the end of maintenance of RHEL 7 and the retirement of the Python 2.7 application stream in RHEL 8. We provided this obsolete package for 5 years beyond its retirement date and will continue to provide it until Fedora 40 goes end of life. Enough has been enough.

Submission + - Systemd 256.1 Maintenance Release Fixes Home Directory Deletion Bug (debugpointnews.com) 1

Submitted by slack_justyb on Thursday June 20, 2024 @05:26PM

slack_justyb writes: A critical issue has been discovered in the Systemd system manager version 256 that caused the deletion of the contents of the /home partition when executing the “systemd-tmpfiles –purge” command. This command, added in Systemd 256, was intended to delete all files and directories created through settings in tmpfiles.d. However, due to a misleading name, it appeared that the deletion only affected temporary files, while in reality, it also removed non-existent data directories. The bug was initially dismissed by a Systemd developer, who suggested that users should have read the documentation before running the command. However, it was later acknowledged that the documentation was outdated and did not accurately reflect the behavior of the systemd-tmpfiles utility.

After much discussion, the program's operation was found to be flawed and this update was issued for anyone who upgraded to the newest release. No distros are known to be using this release at this time. The maintenance release of systemd is considered a critical fix and users are urged to update to the latest version as soon as possible.

Submission + - Richard Stallman Reveals He has Cancer at GNU 40 year anniversary conference (itsfoss.com)

Submitted by slack_justyb on Friday September 29, 2023 @10:26AM

slack_justyb writes: Richard Stallman revealed his diagnosis of lymphoma at the GNU Hacker's Meeting in Biel, Switzerland yesterday. He did not share much about his health condition but did indicate that it is "manageable" and that he expects to be around for many more years ahead.

Submission + - Red Hat Enterprised Linux sources will be available to paying customers only (redhat.com)

Submitted by slack_justyb on Thursday June 22, 2023 @06:46PM

slack_justyb writes: CentOS Stream will now be the sole repository for public RHEL-related source code releases. For Red Hat customers and partners, source code will remain available via the Red Hat Customer Portal.

Was written today on the RedHat blog. This move will take the sources usually hosted at git.centos.org and move it to the RH Customer Portal only. CentOS Stream was recently moved upstream RHEL, meaning patches and changes will hit CentOS Stream before actually hitting RHEL. This move will make it difficult for other distributions such as Alma Linux, Rocky Linux, and Oracle LInux to provide assured binary compatibility as their only source now will be ahead of what RHEL is actually using.

Submission + - Fedora 38 to prohibit byte swapped Xorg and Xwayland clients (fedoraproject.org)

Submitted by slack_justyb on Thursday December 22, 2022 @02:25PM

slack_justyb writes: A rather exotic feature in Xorg and Xwayland is being purposed to have the default value turned off going forward in Fedora 38 due to its use in attacks (CVE-2014-8095, CVE-2014-8099, CVE-2014-8103. . . to name a few). The feature allows servers running on one endianess to byte-swap to allow clients of a different endianess to connect to it. This was more common in the 1980s when X servers ran on big-endian and clients would connect who were little-endian.

The Xorg and Xwayland implementation of this feature has gone largely untested, the number of Fedora users that use it are virtually zero, and considering the number of attack vectors this has presented historically, setting the default to deny clients that require this seems the better way to do.

This change will be to the xorg-x11-server and xorg-x11-server-Xwayland packages and those needing the feature turned back will need to add "AllowSwappedClients" "on" to their xorg.conf.d file in the "ServerFlags" section. Xwayland users will need to pass the +byteswappedclients flag, however, the compositor will need to be able to handle this flag which at this time GNOME does not.

Submission + - Xfce 4.18 is Released (debugpoint.com)

Submitted by slack_justyb on Thursday December 15, 2022 @10:10AM

slack_justyb writes: After two years of development Xfce 4.18 is now live!

Several new features are available in each package. Thunar the default file manager for Xfce now includes a image preview sidebar, an editable toolbar that let's you reorder toolbar icons, file highlights, recursive search, and expanded undo/redo support.

Several new desktop settings that allow you to further configure the layout of the desktop are included. Additionally in this release for the desktop are, adaptive vsync support with GLX, and more enhancements for working with Wayland (though it may take a few more releases until everything works completely under Wayland).

You can find out more about the new release from the official tour here.

Submission + - Linus Torvalds: Rust will go into Linux 6.1 (zdnet.com)

Submitted by slack_justyb on Monday September 19, 2022 @03:38PM

slack_justyb writes: As previously indicated on Slashdot. Rust was slated to be coming to the Linux Kernel sometime in the 6.x version. Well wonder no longer on which version of kernel 6.x will have the first bits of Rust officially in the kernel, as Linus has confirmed that 6.1 will be the first with the new NVMe kernel drivers being in Rust.

The first version non-production ready code for the NVMe Rust based kernel drivers were already producing performance comparable to C code. So the final drivers to hit 6.1 are already looking promising. It also helped Rust's case that, thanks to the ground-breaking work of Linux kernel and Rust developer Miguel Ojeda, Rust on Linux has gotten much more mature. Kernel maintainers were convinced it is time to move forward with Rust in Linux. In short, they agreed that Rust on Linux was ready for work.

Submission + - Thunderbird 102 Released with hints of major UI change in v114. (thunderbird.net) 1

Submitted by slack_justyb on Friday July 01, 2022 @01:02PM

slack_justyb writes: Thunderbird 102 was released with some new UI improvements and new features.

There has been a change in the icons, the layout of the address book has been upgraded to feature a more modern UI, and a new UI feature known as the spaces toolbar to get around Thunderbird.

New features include an updated import and export wizard, a UI for editing the email header settings, and Matrix client support within Thunderbird, which is a messaging system using HTTPS that is similar to Discord if you've used that.

Finally, the Thunderbird Twitter account released the first screenshot of the new UI that is being targeted for the 114 release.

For those wondering what the Thunderbird team has done and is doing, you can always head over to the planning section of the developer site. The roadmap are things they're working on the current release and the backlog are the things they are working towards.

Submission + - Linus Torvalds, cautiously optimistic about Rust in Linux kernel's next release (zdnet.com)

Submitted by slack_justyb on Tuesday June 28, 2022 @12:04AM

slack_justyb writes: For over three decades, Linux has been written in the C programming language. Indeed, Linux is C's most outstanding accomplishment. But the last few years have seen a growing momentum to make the Rust programming language Linux's second Linux language. At the recent Open Source Summit in Austin, Texas, Linux creator Linus Torvald said he could see Rust making it into the Linux kernel as soon as the next major release.

"I'd like to see the Rust infrastructure merging to be started in the next release, but we'll see." Linux said after the summit. "I won't force it, and it's not like it's going to be doing anything really meaningful at that point — it would basically be the starting point. So, no promises."

Rust lends itself more easily to writing secure software. Samartha Chandrashekar, an AWS product manager, said it "helps ensure thread safety and prevent memory-related errors, such as buffer overflows that can lead to security vulnerabilities." Many other developers agree with Chandrashekar. Torvalds also agrees and likes that Rust is more memory-safe. "There are real technical reasons like memory safety and why Rust is good to get in the kernel."

"They're not proposing a rewrite of the Linux kernel into Rust; they are focused only on moving toward a world where new code may be written in Rust." Linux developer Nelson Elhage indicated. The three areas of potential concern for Rust support are making use of the existing APIs in the kernel, architecture support, and dealing with application binary interface (ABI) compatibility between Rust and C.

Submission + - IBM announces IBM i version 7.5 (itjungle.com) 3

Submitted by slack_justyb on Tuesday May 03, 2022 @06:12PM

slack_justyb writes: IBM announces IBM i (some you of you may know it under the old name of AS/400) 7.5 the first new release in three years since the 7.4 release. One of the big headlines with the IBM i 7.5 announcement is Merlin which stands for the Modernization Engine for Lifecycle Integration. Merlin provides a lightweight, browser-based development environment for creating new applications or modernizing existing RPG-based application. It’s an alternative to Rational Developer for i (RDi) based on Eclipse, which many developers seem to hate.

Developed in partnership with ARCAD Software, Merlin comes pre-loaded with tools like Git and Jenkins for DevOps-style code management, as well as an RPG code-converter. It runs in a Linux-based Red Hat OpenShift container running on the Power platform. While it’s not technically tied to IBM i version 7.5 or 7.4 TR6, Merlin represents an important change in how IBM is packaging and delivering capabilities for IBM i shops, as well as a recognition that IBM should take a more active role in helping users modernize their codebases

IBM is now enabling customers to buy subscriptions to IBM i for periods of one to five years. Allowing customers to use operating expenditure (Opex) budget lines instead of the dreaded capital expenditure (CapEx) accounting code for subscriptions. IBM is focusing on lower-end IBM i environments at the moment, so the subscription is limited to four-core P05 machines at this time. As part of this shift to software subscriptions, IBM is rethinking how it bundles ancillary products that are often used with IBM i, 11 packages are being moved into the core OS entitlement.

With the Db2 product, IBM i is now receiving Boolean data types with support for this new type in RPG and JSON environments. Larger Indexes, the previous limit was 1.6TB indexes, that has now been increased to 16TB. And Db2 is now fully compliant with SQL:2016 the most recent publication of the SQL standard, beating Oracle to the punch on full support of the standard. And finally, QSYS2-based functions for using HTTP requests to publish or consume Web services, including the use of embedded SQL in REST services. These are enhanced versions of the functions that were seen in 7.3/7.4 where IBM removed the requirement for a JVM to use SQL to consume web services. The Db2 Mirror product has received several updates to increase performance since it's release in 7.4 and those performance enhancements will be present in 7.4. Nodes in the cluster that are marked read-only will provided faster access to data for data analytics and ETL operations. Additionally, the Db2 Mirror product will now support mixed releases. No longer must all nodes be running the same release of IBM i. Nodes running 7.4 TR6 and 7.5 will happily co-exist.

There are several security updates. The OS originally provided the ability to store passwords as 256-bit SHA1, a new option to use or convert to 512-bit SHA2 will be present. Additionally, the login screen for the green screen will be changed to simply indicate that a login failure has occurred, no longer will the be an indication of if the user id or password was wrong. The *PUBLIC Authority has been changed, no longer is *CHANGE permissions enough, one must have *USE authority instead. This should not change how any shop's permissions work, but it will make security audits easier. Finally, the Digital Certificate Manager (DCM) has also been enhanced. Several of the processes have been automated if you so wish, this will hopefully encourage admins to roll out object signing on the system since the manual process made such a task left for only the things needing absolute security. This last change will also be coming to 7.4 TR6.

Finally, there are a few other small changes. The two year format is officially getting bumped. No longer will two digit date mean 1940 to 2039, instead the date is being increased to 1970 to 2069. This has been something that's been indicated as coming soon for some time, that day is finally here. The C/C++ compiler now has built-in functions for atomic memory access. The ASYNCBRING parameter on the Save Object (SAV) preforms much faster now. IFS restore now has progress messages. SNMPv3 enhancements, TCP SACK support, enhanced Tivoli Directory Server for i (the built in LDAP server), and various improvements for DNS, FTP, and SMTP functions. There are also several hardware enhancements for POWER 9 machines, such as support for PCIe4 NVMEe disks and more.

TR6 for 7.4 is scheduled for release on May 24th. 7.5 has not had it's release date indicated, but is expected to be released sometime this year.

Submission + - Chrome's "Topics" advertising system is here, whether you want it or not (arstechnica.com)

Submitted by slack_justyb on Thursday March 31, 2022 @05:51PM

slack_justyb writes: After the failure of the Chrome user-tracking system that was called FLoC, Google's latest try at topic tracking to replace the 3rd party cookie (that Chrome is the only browser to still support) is FLEDGE and the most recent drop of Canary has this on full display for users and privacy advocates to dive deeper into. This recent release shows Google's hand that it views user tracking as a mandatory part of Internet usage, especially given this system's eye rolling name of "Privacy Sandbox" and the tightness in the coupling of this new API to the browser directly.

The new API will allow the browser itself to build what it believes to be things that you are interested in, based on broad topics that Google creates. New topics and methods for how you are placed into those topics will be added to the browser's database and indexing software via updates from Google. The main point to take away here though is that the topic database is built using your CPU's time. At this time, opting out of the browser building this interest database is possible thus saving you a few cycles from being used for that purpose. In the future there may be not way to stop the browser from using cycles to build the database, the only means may be to just constantly remove all interest from your personal database. At this time there does not seem to be anyway to completely turn off the underlying API. A website that expects this API, will always succeed in "some sort of response" so long as you are using Chrome. The response may be that you are interested in nothing, but a response none-the-less. Of course, sending a response of "interested in nothing" would more than likely require someone constantly and timely clearing out the interest database, especially if at some later time the option to turn off the building of the database is removed.

With 82% of Google's empire based on ad revenue this latest development in Chrome shows that Google is not keen on any moves to threaten their main money maker. Google continues to argue that it is mandatory that it builds a user tracking and advertising system into Chrome, and the company says it won't block third-party cookies until it accomplishes that, no matter what the final solution may ultimately be. The upshot, if it can be called that, of the FLEDGE API over FLoC, is that abuse of FLEDGE looks to yield less valuable results. And attempting to use the API alone to pick out an individual user via fingerprinting or other methods employed elsewhere seems to be rather difficult to do, but only time will tell if that remains true or just Google idealizing this new API.

Submission + - System76-Scheduler Is A New Pop!_OS Rust Effort To Improve Desktop Responsivenes (phoronix.com)

Submitted by slack_justyb on Thursday February 03, 2022 @11:25PM

slack_justyb writes: Quietly making its v1.0 debut yesterday was system76-scheduler as a Rust-written daemon aiming to improve Linux desktop responsiveness and catering to their Pop!_OS distribution

The daemon will work with the kernel's CFS scheduler to give priority to components that System76 deems important for it's distro. Out of the box the scheduler will assign priority to the X.Org Server and desktop window managers / compositors, while pushing compilers and other background tasks lower. However, the scheduler will be configurable via Rusty Object Notation (RON) files found in /etc/system76-scheduler/assignments/ and /usr/share/system76-scheduler/assignments/. Over on the github page for the project, the team indicates that they are indeed making a trade off from the default CFS to benefit Desktop configurations over the typical load a server might see.

Submission + - Anonymous: We've leaked disk images stolen from far-right-friendly web host Epik (theregister.com)

Submitted by slack_justyb on Thursday September 30, 2021 @10:26AM

slack_justyb writes: As previously reported the web host Epik was hacked by a group identifying themselves with the group Anonymous. However, in the most recent leaks from this group the scale of data that was stolen is becoming apparent, and signs point to a wholesale theft of data with no stone left unturned.

We're told the dump is a 70GB archive of files and “several bootable disk images of assorted systems” that represent Epik's server infrastructure. Journalist Steve Monacelli, who broke the news of the first data release, said the latest leak expands to 300GB. "This leak appears to be fully bootable disk images of Epik servers, including a wide range of passwords and API tokens," he added.
WhiskeyNeon, a Texas-based hacker and cybersecurity expert who reviewed the file structure of the leak, told the Daily Dot how the disk images represented Epik’s entire server infrastructure. “Files are one thing, but a virtual machine disk image allows you to boot up the company’s entire server on your own,” he said. “We usually see breaches with database dumps, documents, configuration files, etc. In this case, we are talking about the entire server image, with all the programs and files required to host the application it is serving.”
Daily Dot brings some word on Epik CEO Rob Monster response to the latest news:
Epik CEO Rob Monster, who did not respond to requests for comment from the Daily Dot, would go on to hold a more than four hour long live video conference online to address the initial hack. The meeting would see Monster break out into prayer numerous times, make attempts to vanquish demons, and warn viewers that their hard drives could burst into flames due to “curses” placed on the hacked data.

Submission + - Unity files patent for ECS with potiental to affect multiple OSS ECS (twitter.com) 1

Submitted by slack_justyb on Tuesday September 07, 2021 @05:37PM

slack_justyb writes: Unity has filed patent with the USPTO to patent

Method and apparatuses to improve the performance of a video game engine using an Entity Component System (ECS)

ECS methods are something that some other open source game engines already use. One example Bevy for Rust. With some already commenting on the ramifications of this patent application and indicating that this could be a massive overstep by Unity to attempt to patent something already used by other lesser known game engines.

Slashdot Top Deals