Privcy mail projects
Tuesday, 21 April 2015
Wednesday, 8 April 2015
OiOS Hipster project new release 2015.03.30
Hipster 2015.03.30 is here
We released our last snapshot ISO almost half a year ago. I believe, you want something new. You'll get it. New ISOs were just uploaded to dlc server. Let's see what has changed.
First
of all, most evident changes were made in desktop area. We've updated
Xorg server and libraries, which allowed us to incorporate some
important security fixes from Oracle x-s12-clone and Debian Xorg. Also
we've moved much more closely to Gnome 2.32. Most packages were updated
to this level, excluding packages which either have a lot of specific
patches (like gdm) or just dropped some significant functionality (like
cheese, which dropped HAL support in version 2.32). Not everything has
gone smoothly. We had to drop trusted desktop support during update. I
believe nobody seriously used it under OI. The most annoying thing is
that updated Xorg and Intel driver require some DRM updates, which are
still not ready. So, if you have Intel video card, either pkg freeze
X-incorporation and xorg, or use vesa driver.
Links:
http://dlc.openindiana.org/isos/hipster/OI-hipster-gui-20150330.iso
http://dlc.openindiana.org/isos/hipster/OI-hipster-gui-20150330.usb
http://dlc.openindiana.org/isos/hipster/OI-hipster-text-20150330.iso
http://dlc.openindiana.org/isos/hipster/OI-hipster-text-20150330.usb
http://dlc.openindiana.org/torrents/OI-hipster-gui-20150330.iso.torrent
http://dlc.openindiana.org/torrents/OI-hipster-gui-20150330.usb.torrent
http://dlc.openindiana.org/torrents/OI-hipster-text-20150330.iso.torrent
http://dlc.openindiana.org/torrents/OI-hipster-text-20150330.usb.torrent
General system changes
Links:
http://dlc.openindiana.org/isos/hipster/OI-hipster-gui-20150330.iso
http://dlc.openindiana.org/isos/hipster/OI-hipster-gui-20150330.usb
http://dlc.openindiana.org/isos/hipster/OI-hipster-text-20150330.iso
http://dlc.openindiana.org/isos/hipster/OI-hipster-text-20150330.usb
http://dlc.openindiana.org/torrents/OI-hipster-gui-20150330.iso.torrent
http://dlc.openindiana.org/torrents/OI-hipster-gui-20150330.usb.torrent
http://dlc.openindiana.org/torrents/OI-hipster-text-20150330.iso.torrent
http://dlc.openindiana.org/torrents/OI-hipster-text-20150330.usb.torrent
General system changes
All Sun Studio-compiled C++ libraries were removed from the system. The libraries were published in their current form to http://dlc.openindiana.org/c++-libs/,
so you can grub necessary libraries and LD_PRELOAD them or use in
alternative path if necessary. All X/g++/Y packages are renamed to X/Y
and moved from /usr/g++ to /usr. We continue delivering
system/library/c++/sunpro for the foreseeable future.
Text
installer was changed to install OI on EFI-labeled disk by default.
Note, in this case the entire disk is erased. If you want to install OI
on MBR-labeled disk, choose partitioned install.
Desktop software and libraries
- A lot of desktop libraries were updated
- Glib2 is updated to 2.43.4
- GTK2 is updated to 2.24.27
- pango is updated to 1.36.8
- cairo is updated to 1.14.2
- libdrm is updated to 2.4.59
- libX11 is updated to 1.6.2, xcb support is enabled in libX11
- xf86-video-ati driver updated to 6.4.16
- nvidia proprietary driver was updated to 340.76
- Mesa is updated to 10.5.1
- Xserver is updated to 1.12.4 with the latest available video/input Xorg drivers. This requires updating xorg drivers and modules. OI-shipped modules will be updated automatically, but if you use VirtualBox, you'll have to update your guest additions to at least 4.3.22 version.
- Enlightenment 0.19.3 is added as alternative desktop environment
- fontconfig was updated to 2.11.1
- libid3tag and libmtp were imported from SFE, gmtp is added
- rdesktop is updated to 1.8.3
- transmission is updated to 2.52
- XScreensaver is updated to 5.32
- gnome-commander is updated to 1.4.5
- QT 4.8.6 is added
- emacs is updated to 24.3
- Input Method Selector was added from upstream input-method gate. Bug in svc:/application/desktop-cache/input-method-cache:default service preventing correct input methods functioning in recent OI was fixed. In fact, gtk input modules cache was moved from /etc/(amd64/)gtk-2.0/gtk.immodules to /usr/lib/(amd64/)gtk-2.0/2.10.0/immodules.cache and service has to regenerate these cache files in new locations . So, after update you can safely remove /etc/(amd64/)gtk-2.0/gtk.immodules.
Development tools
- Subversion is updated to 1.7.19
- SQLite is updated to 3.8.8.3
- Python 3.4 is updated to 3.4.3
- Binutils are updated to 2.25
- OpenBLAS 0.2.13 is added
- Mercurial is updated to 3.3
- Ruby 1.9.3 is added
- Ruby 1.8 is marked obsolete, all OI software is switched to Ruby 1.9.3
- Ruby 2.2.1 is added
- Curl is updated to 7.39
- libncurses.so links are moved to /usr/lib(/amd64)
- gawk is updated to 4.0.2, this fixes issues with pkgsrc bootstrap
- MPICH is updated to 3.1.3
- Sun Studio indent in /usr/bin was replaced by GNU indent. Old one is preserved in /opt/sunstudio12.1/prod/bin/indent
Server software
- A lot of packages were updated, including apache 2.4, php 5.4, php 5.5, postgresql 9.3, samba 3.6, mariadb 5.5
- PostgreSQL 9.4 is added
- PostgreSQL 8.4 is marked obsolete
- ISC dhcp server is updated to 4.2.7
- BIND DNS server is updated to 9.9.6-P2
- rsyslog is updated to 7.4.10
- NTP is updated to 4.2.8p1
As always, we are proud to deliver to you latest illumos-gate bits.
There's also a lot of security fixes and small bug fixes.
Sunday, 11 January 2015
Hipster Project graphics concepts 2015
Bscuk wallpapers to install user>share>GDM
wiki.openindiana.org/oi/Contributing+to+hipstero
Tuesday, 6 January 2015
OiOS Hipster Project
OiOS Openindiana Hipster Concepts 2015
Are you a talented enterprise professional developer looking to make a difference in enterprise 2015 ?
Why not join the Hipster project and contribute to this really interesting project ? Is your company developing software which maybe be useful to this project ? Is your company interested in sponsoring wallpapers or theme combinations ?
Visit the project page to get started on a new direction ?
Live and installable development iso available
wiki.openindiana.org/oi/Contributing+to+hipstero
Wednesday, 22 October 2014
Startpage search engine The POODLE SSLv3 Threat
Startpage have announced an advisory claiming that Because StartPage does not support SSL v3, you are safe from POODLE when visiting StartPage.com.Readers may conclude that resetting all search engine home pages to Startpage will be an added measure to protect against Poodle.
https://support.startpage.com/index.php?/Knowledgebase/Article/View/980/0/the-poodle-sslv3-threat
see also https://unixpackages.com/
https://support.startpage.com/index.php?/Knowledgebase/Article/View/980/0/the-poodle-sslv3-threat
see also https://unixpackages.com/
Thursday, 16 October 2014
SSL heartbeat and poodle flaws in Firer Fox browsers security commentry
Firer Fox has released an add on for users of sslv3 to help secure their machines.Its easy and comes by way of add on this is the statement.Newer releases will incorporate security upgrades.
SSLv3 is now insecure, and is soon going to be disabled by default.
https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/
In the meantime, you can use this extension to turn off SSLv3 in your copy of Firefox. When you install the add-on, it will set the minimum TLS version to TLS 1.0 (disabling SSLv3). If you want to change that setting later, like if you really need to access an SSLv3 site, just go to Tools / Add-ons and click the "Preferences" button next to the add-on. That will give you a drop-down menu to select the minimum TLS version you want to allow.
As of version 0.2, this add-on should work with all Mozilla products, including Firefox, Firefox for Android, Thunderbird, and Seamonkey.
SSLv3 is now insecure, and is soon going to be disabled by default.
https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/
In the meantime, you can use this extension to turn off SSLv3 in your copy of Firefox. When you install the add-on, it will set the minimum TLS version to TLS 1.0 (disabling SSLv3). If you want to change that setting later, like if you really need to access an SSLv3 site, just go to Tools / Add-ons and click the "Preferences" button next to the add-on. That will give you a drop-down menu to select the minimum TLS version you want to allow.
As of version 0.2, this add-on should work with all Mozilla products, including Firefox, Firefox for Android, Thunderbird, and Seamonkey.
Friday, 10 October 2014
OiOS Openindiana SSL Heartbleed bug security comment
OiOS Openindiana Open SSL has released a beta release of patched SSL
| 25-Sep-2014: | Beta 3 of OpenSSL 1.0.2 is now available, please test it now | https://www.openssl.org/ |
OiOS Openindiana Bash Security Comment
'The Register' recently announced A bug discovered in the widely used Bash command interpreter poses a
critical security risk to OS X MACs,Unix and Linux systems – and, thanks to their
ubiquity, the internet at large.
It lands countless websites, servers, PCs, OS X Macs, various home routers, and more, in danger of hijacking by hackers.It puts Apache web servers, in particular, at risk of compromise: CGI scripts that use or invoke Bash in any way – including any child processes spawned by the scripts – are vulnerable to remote-code injection. OpenSSH and some DHCP clients are also affected on machines that use Bash.
The National Vulnerability Database detailed the following issues
It lands countless websites, servers, PCs, OS X Macs, various home routers, and more, in danger of hijacking by hackers.It puts Apache web servers, in particular, at risk of compromise: CGI scripts that use or invoke Bash in any way – including any child processes spawned by the scripts – are vulnerable to remote-code injection. OpenSSH and some DHCP clients are also affected on machines that use Bash.
The National Vulnerability Database detailed the following issues
- CVE-2014-6278
- Summary: GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.Published: 9/30/2014 6:55:04 AMCVSS Severity: 10.0 HIGH
Referenceshttp://www.opencsw.org/packages/CSWbash/http://tiswww.case.edu/php/chet/bash/bashtop.htmlhttp://www.theregister.co.uk/2014/09/24/bash_shell_vuln/http://web.nvd.nist.gov/view/vuln/search-results?query=bash&search_type=all&cves=on
http://www.openssh.com/
http://www.isc.org/downloads/software-support-policy/security-advisory/
Consensus opinion on new media at this time: where the system is exposed to such risk (you are using bash shell) update bash to the latest version,download the patched updates when they become available.Mitigate risk with internal,external operational audit and risk assessment.http://ftp.gnu.org/gnu/bash/bash-4.3-patches/
Using Apache servers
http://security.stackexchange.com/questions/68146/how-do-i-secure-apache-against-the-bash-shellshock-vulnerability
Blogs and websiteshttp://www.symantec.com/connect/blogs/shellshock-all-you-need-know-about-bash-bug-vulnerabilityhttp://tools.cisco.com/security/center/viewAlert.x?alertId=35845
Sunday, 28 September 2014
OiOS Hipster development project review for developers
OiOS Hipster development project review for developers
http://pt.slideshare.net/alexanderpyhalov/sito-oi2014-33612278
Latest News
2014-10-08 - Hipster Oct 2014 development ISO released
Congratulations are in order - hipster 20141008 is now available! Please see the hipster development pages for details.Friday, 12 September 2014
Ultra wide screen monitors on oios
lg has released a new ultra wide screen monitor with the aim of greater productivity.This ultra wide format 2560x1080 is effectively two screens in one allowing two documents or more to be displayed instantaneously.OiOS powered by Nividia GT430 mac4lin icons,BSCUK wallpaper
Saturday, 2 August 2014
Oios (openindiana) system features for the Enterprise Server and Desktop
Friday, 1 August 2014
OiOS openindiana development releases of Apache OpenOffice 4.0.1
OiOS (openindiana) is pleased to announce a development release of Apache OpenOffice 4.0.1 (desktop/office/openoffice) package which will be available in OpenIndiana /hipster repository.
A special thanks to Apostolos Syropoulos and Alstersdair Lumsden for their work on this project.
A special thanks to Apostolos Syropoulos and Alstersdair Lumsden for their work on this project.
Friday, 20 June 2014
OiOS Openindiana and Syncthing
Syncthing is currently been developed by the open source community as an alternative to dropbox. It claims to respect your data integrity and privacy by inbuild architecture.Developers might like to visit the project at http://syncthing.net/.
latest update news to openindiana OIOS
2014-06-18 - Hipster 2014.1 development update released
Congratulations are in order - hipster 2014.1 is now available! Please see the hipster development pages for details. Enjoy!2014-02-14 - Hipster Feb 2014 development ISO released
Congratulations are in order - hipster 2014.02 is now available! Please see the hipster development pages for details. Enjoy!2014-01-18 - oi_151a9 (prestable9) released
Congratulations are in order - oi_151a9 is now available! Please see the oi_151a_prestable9 Release Notes for details. Enjoy!Monday, 12 May 2014
Wednesday, 7 May 2014
Subscribe to:
Comments (Atom)