Security Projects - Page 7.75
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
If you spent the early days of June fighting kernel panics in Ubuntu 20.04, you were not alone – and we now know why.
A "sched/fair" change for Linux 5.20 aims to enhance the efficiency when searching for an idle CPU under heavy system load. The change led by Intel should improve the kernel's efficiency when the system is overloaded but as with most low-level tuning does run the risk of regressions.
Last month Microsoft issued the first production release of CBL-Mariner 2.0, its in-house Linux distribution used for powering services from Microsoft Azure to WSL use-cases and more. CBL-Mariner 2.0 this weekend saw a rather large monthly update with a number of fixes, package updates, and new additions to this "Common Base Linux" platform.
Rust, the fast-growing systems programming language, may be merged into the Linux kernel next year, or “maybe the next release,” according to Linux creator Linus Torvalds.
There has been an interesting development in this month’s Linux Mint news segment regarding the future of the backup utility Timeshift which has become a core part of the distro in recent years. It turns out that Tony George, the developer behind the project doesn’t have time to work on Timeshift any longer and has agreed for the Mint team to take over. As part of the plans, Timeshift will now become a XApp, a suite of apps developed by the Mint team.
The Google Open Source Maintenance Crew will support under-resourced critical open-source products to fix security issues.
The financial services company's prototype system based on CNCF's software supply chain security guidelines joins OpenSSF's $150 million open source standards campaign.
The Open Source Software Security Foundation (OpenSSF), a project of the Linux Foundation, has come up with a 10-point plan to improve the safety of the software supply chain, costed at $147.9M over two years, though it relies in part on developers changing their behaviour to take more account of security issues.
The Google and OpenSSF Package Analysis project aims to reduce security risks created by developers' crazy package-updating schedules.
After a short delay, Linus Torvalds has announced the latest version of the Linux kernel, version 5.17, which adds major security enhancements.
The Open Source Security Foundation (OpenSSF) on Tuesday announced that 19 more organizations have joined the initiative, showing commitment towards identifying and addressing vulnerabilities in open source software. OpenSSF now has a total of 60 members.
GitHub has announced that their Advisory Database for security data is now open to contributions from experts. The full contents of the Advisory Database have already been published to encourage collaboration.
The Linux Foundation and OpenSSF Alpha-Omega Project, backed by Microsoft and Google, aims to improve the security of 10,000 open-source projects through a human-centered approach to open-source software security.
Following a meeting with government and industry leaders at the White House, OpenSSF is excited to announce the Alpha-Omega Project to improve the security posture of open source software (OSS) through direct engagement of software security experts and automated security testing.
Along with the broader industry trend of transitioning security-sensitive code to memory-safe languages like Rust, there has been an effort to write a Rust-based replacement to GNU Coreutils. For nearly a year that Rust Coreutils has been able to run a basic Debian system while more recently they have been increasing their level of GNU Coreutils compatibility and in some cases now even outperforming the upstream project.
The Linux Vendor Firmware Service (LVFS) with Fwupd for firmware updating on Linux could soon be making it easier to transition older, end-of-life devices off official firmware packages and onto the likes of open-source Coreboot for capable aging PC hardware. This not only would make the system run on more free software but would extend the life of the hardware with firmware updates where the vendor has ceased their support.
Way back in August Intel posted a set of Linux kernel patches for supporting "unaccepted memory" by the Linux kernel in preparation for next-generation Xeon processors and speeding up the boot time for guest virtual machines making use of Intel's Trust Domain Extensions (TDX) security feature. Unaccepted memory support hasn't yet made it to the mainline kernel but now a second iteration of the patches have been posted.
Cleaning off decades of code mess isn't for the faint of heart, but leading Linux kernel developer Ingo Molnar is giving it the old college try in the Linux kernel. The result will make it easier and quicker than ever to make improvements, patches, and add features to Linux.
Intel is bringing a feature upgrade to Linux that will make Windows users jealous. "The upcoming “pfr_update” driver is set to be introduced in Linux kernel 5.17. Sources say it appears to be designed for system firmware updates in cases of critical bugs or security issues, allowing server administrators to patch their hardware without downtime."