Hírolvasó

OpenBSD 7.5 has been released. The list of changes and improvements is, as usual, long; it includes the pinsyscalls() functionality covered here in January.

The Eclipse Foundation, the organization behind the Eclipse IDE and many other software projects, announced a collaboration between several different open-source-software foundations to create a specification describing secure software development best practices. This work is motivated by the European Union's Cyber Resilience Act (CRA).

The leading open source communities and foundations have for years developed and practised secure software development processes. These are processes that have often defined or set industry best practices around things such as coordinated disclosure, peer review, and release processes. These processes have been documented by each of these communities, albeit sometimes using different terminology and approaches. We hypothesise that the cybersecurity process technical documentation that already exists amongst the open source communities can provide a useful starting point for developing the cybersecurity processes required for regulatory compliance.

(Thanks to Martin Michlmayr.)

Version 7.0 of the FFmpeg audio/video toolkit is out. "The most noteworthy changes for most users are a native VVC decoder (currently experimental, until more fuzzing is done), IAMF support, or a multi-threaded ffmpeg CLI tool". There's also the usual list of new formats and codecs, and a few deprecated features have been removed.

Security updates have been issued by Debian (cockpit), Mageia (python-pygments), Red Hat (nodejs), Slackware (httpd and nghttp2), SUSE (avahi, gradle, gradle-bootstrap, and squid), and Ubuntu (xorg-server, xwayland).

A dél-koreai gyártó visszavette vezető helyét az Apple-től a globális okostelefon-piacon.

A videóplatform vezetője szerint ha tényleg felhasználták a Sorához a YouTube-ra feltöltött videókat, az komoly problémát jelenthet.

A villanyautók után a háztartási robotok területén remél újabb nagy lehetőséget a cupertinói cég.

A természeti katasztrófák egyre kevésbé érik felkészületlenül a chipgyártókat.

Németország legészakibb szövetségi tartománya elkezdi az átállást a kormányzati gépeken.

Devin bejelentése kapcsán megnéztük mennyit fejlődtek az IT-ban használt AI toolok az elmúlt egy évben.

Every six months, spring and fall, a new OpenBSD release emerges on the web and familiar download mirrors.

The OpenBSD project has released OpenBSD 7.5, the project's 56th release, with numerous improvements and support for 14 hardware platforms.

Notable enhancements and new features include

• clang(1)/llvm updated to version 16 [see earlier report]
• malloc(3) leak detection now supports backtraces [see earlier report]
• syscall(2) has been removed [see earlier report]
• TSO for em(4) [see earlier report]
• KMS for Apple silicon machines
• pinsyscalls(2) and related work [see earlier report]
• Soft updates (softdep) support removed [see earlier report]
• New wi-fi driver qwx(4) [see earlier report]
• New code for SIGILL faults to help identify misbranches [see earlier report]
• New wi-fi driver mwx(4) [see earlier report]
• IPv6 support in ppp(4) [see earlier report]
• Improved auto-index in httpd(8) [see commit]
• Updated versions of LibreSSL (version 3.9.0). OpenSSH (version 9.7), OpenSMTPD (version 7.5), rpki-client and more

All this along with added support for various new hardware, numerous performance improvements and of course security enhancements.

See the OpenBSD 7.5 release page for a more detailed list, or the daily changelog for even more day to day detail.

As usual, the Installation Guide details how to get the system up and running with a fresh install, while those who already run earlier releases should follow the Upgrade Guide, in most cases using sysupgrade(8) to upgrade their systems.

In addition to the base system, the new release comes with a number of prebuilt packages. The number of binary packages available for the more popular architectures are:

amd64: 12309
aarch64: 12145
i386: 10830
sparc64: 9432

Thanks to the developers for all the great work!

And to all OpenBSD users: Happy hacking!

The 6.8.4 and 6.6.25 stable kernels have been released. They both contain 11 reversions of workqueue patches.

V8, the JavaScript engine used in Chrome, announced that its memory sandbox is no longer experimental.

Chrome 123 could therefore be considered to be a sort of "beta" release for the sandbox. This blog post uses this opportunity to discuss the motivation behind the sandbox, show how it prevents memory corruption in V8 from spreading within the host process, and ultimately explain why it is a necessary step towards memory safety.

Among the numerous approaches to funding the development and advancement of open-source software, corporate sponsorship in the form of donations to umbrella organizations is perhaps the most visible. At SCALE21x in Pasadena, California, Duane O'Brien presented a slice of his recent research into the landscape of such sponsorship arrangements, with an overview of the identifiable trends of the past ten years and some initial insights he hopes are valuable for sponsors and community members alike.

Version 6.0 LTS of the Incus container management system has been released. "This is a major milestone for Incus as it marks our first release with extended support, suitable for use in production environments where monthly feature releases aren't suitable." Changes include swap limits for containers, a new shell completion mechanism, support for the creation of VLAN interfaces, improved live migration, and more.

Security updates have been issued by CentOS (firefox and thunderbird), Debian (chromium and gtkwave), Fedora (micropython), Slackware (xorg), SUSE (util-linux and xen), and Ubuntu (firefox).

A szolgáltató megszünteti az új ügyfelek számára a 2012 óta létező RED és GO tarifacsomagok értékesítését.

Hallucinációt azért bőven tartalmaznak még a képsorok.

De a reklámoktól ez sem szabadítaná meg a netezőket.

A Yahoo Newsba olvadhat be az Artifact alá fejlesztett technológia.