Hírolvasó

In July, Let's Encrypt announced it was ending support "as soon as possible" for the Online Certificate Status Protocol (OCSP) in favor of Certificate Revocation Lists (CRLs) due to privacy concerns. The organization has now announced that it has set a timeline, and will be turning off its OCSP responders on August 6, 2025. There is additional action required for Let's Encrypt users who use the OCSP Must Staple Extension:

As of January 30, 2025, issuance requests that include the OCSP Must Staple extension will fail, unless the requesting account has previously issued a certificate containing the OCSP Must Staple extension.

As of May 7, all issuance requests that include the OCSP Must Staple extension will fail, including renewals. Please change your ACME client configuration to not request the extension.

System76 has announced the fourth alpha release of its Rust-based COSMIC desktop. New features in this version include the ability to set default applications, region and language settings, a new Accessibility applet, as well as support for variable refresh rate (VRR) in the cosmic-comp compositor and the display settings tool. See the blog post for a full list of fixes and performance improvements. LWN covered the first alpha release in August.

It has long been said that naming things is one of the hard things to do in computer science. That may be so, but it pales in comparison to the challenge of handling usernames properly in applications. This is especially true when multiple applications are involved, and they are all supposed to agree on what characters are, and are not, allowed. The Debian project is facing that problem right now, as two user-creation utilities disagreed about which names are allowable. A plan is in place to sort this out before the release of Debian 13 ("trixie") sometime next year.

Mozilla would appear to have concluded that the solution to its problems is an extensive rebranding effort:

We teamed up with global branding powerhouse Jones Knowles Ritchie (JKR) to revamp our brand and revitalize our intentions across our entire ecosystem. At the heart of this transformation is making sure people know Mozilla for its broader impact, as well as Firefox. Our new brand strategy and expression embody our role as a leader in digital rights and innovation, putting people over profits through privacy-preserving products, open-source developer tools, and community-building efforts.

Greg Kroah-Hartman has released the 6.12.2, 6.11.11, and 4.19.325 stable kernels. Note that both 6.11.11 and 4.19.325 are the last kernels in those series, "please move off to a newer kernel version". In the 4.19.325 release notice, he has a rather longer-than-usual message, including: As a "fun" proof that this one is finished (and that any company saying they care about it really should have their statements validated with facts), I looked at the "unfixed" CVEs from this kernel release. Currently it is a list 983 CVEs long, too long to list here.

You can verify it yourself by cloning the vulns.git repo at git.kernel.org and running: ./scripts/strak v4.19.325 Note, this does NOT count the hardware CVEs which kernel.org does not track, and many are sill unfixed in this kernel branch.

Security updates have been issued by Fedora (thunderbird, tuned, and webkitgtk), Mageia (python-aiohttp and qemu), Oracle (container-tools:ol8, firefox, java-1.8.0-openjdk, java-11-openjdk, kernel, kernel:4.18.0, krb5, pam, postgresql:16, python-tornado, python3:3.6.8, thunderbird, tigervnc, tuned, and webkit2gtk3), Red Hat (bzip2, postgresql, postgresql:13, postgresql:15, postgresql:16, python-tornado, and ruby:3.1), Slackware (python3), SUSE (postgresql, postgresql16, postgresql17, postgresql13, postgresql14, postgresql15, python-python-multipart, and python3), and Ubuntu (python-django and recutils).

Modernebb iOS lesz a csevegő működésének feltétele.

"Ez az elektromos autó hibásodik meg a legtöbbször" trey 2024. 12. 05., cs – 13:47

Ennyi alkalommal támadják naponta a Microsoft-felhasználókat, a cég legfrissebb kiberbiztonsági riportja mégis optimista.

Ilyen az, amikor a Temu-ról rendelsz autót ... trey 2024. 12. 05., cs – 13:23

Több, katonai és ipari célokra használt ritkaföldfém exportjának korlátozását jelentette be Kína, miután az USA nemrég ismét a kínai félvezetőipart hátrányosan érintő intézkedéseket hozott.

Elemzők ugyanakkor valamivel óvatosabbak az új csúcsmodell kilátásaival kapcsolatban.

"Az Ügyfélkapu megszüntetésének elhalasztását kérik a magyar könyvelők" trey 2024. 12. 05., cs – 12:47

Ismét rekordot döntött a Bitcoin trey 2024. 12. 05., cs – 12:00

Rendkívül gyorsan sikerült elérni a heti 300 millió aktív felhasználót.

A versenyhatóság rábólintott a Three UK és a Vodafone egyesülésére, bizonyos feltételekkel.

Megint eljött az idő! trey 2024. 12. 05., cs – 08:27

The LWN.net Weekly Edition for December 5, 2024 is available.

Fedora Project Leader Matthew Miller reports that the project's search to replace Pagure as its git forge is almost complete, with the Fedora Council strongly in favor of Forgejo:

The Council, currently, has a clear preference for Forgejo. This is a big decision and we don't want it to feel rushed. Therefore, we're opening this up one last time to everyone's comments. After two weeks, we'll take our formal vote — and then get on with the work!

LWN looked at Forgejo in February.

Linus Walleij writes about a pair of security features for 32-bit Arm systems; these landed in 6.10, but, he says, have now stabilized to the point that distributors may want to enable them.

PAN is an abbreviation for the somewhat grammatically incorrect Privileged Access Never. [...]

For modern ARM32 systems with large memories configured to use LPAE nothing like PAN was available: this version of the MMU simply did not implement a PAN option.

As of the patch originally developed by Catalin Marinas, we deploy a scheme that will use the fact that LPAE has two separate translation table base registers (TTBR:s): one for userspace (TTBR0) and one for kernelspace (TTBR1).