An anonymous reader writes: The Debian Project just released Debian 8.5, which adds 65 security updates to the stable release. They're also releasing the final update to Debian 7 (codenamed 'wheezy'), which includes "all other security updates released during the lifetime of 'wheezy' that have not previously been part of a point release."

They're emphasizing that each of the new updates "does not constitute a new version...but only updates some of the packages included. There is no need to throw away old...CDs or DVDs but only to update via an up-to-date Debian mirror after an installation to cause any out of date packages to be updated."

A new shell "combines the Python language with features of Bash Unix and the fish and zsh shells," according to InfoWorld. An anonymous reader writes: Pronounced "conch," but spelled Xonsh, it runs on Linux, Windows, and Mac OS X systems, bringing Python libraries to the command line -- for example, the ability to use regular expressions when globbing files. "The first thing you'll notice about Xonsh is that it's really meant to be used as a general-purpose shell," the lead developer explained in a presentation at PyCon. "But on the other hand, it really is Python, so you can do things like add two numbers together."

They're describing it as "a Python-ish, BASHwards-looking shell language and command prompt...a superset of Python 3.4+ with additional support for the best parts of shells that you are used to, such as Bash, zsh, fish, and IPython...the superglue that bonds Python to a command-line interface and other shells."

Marius Nestor, reporting for Softpedia (condensed): Linux kernel 4.6.1 is already here, only two weeks after the official launch of the Linux 4.6 kernel series. For those not in the loop, Linux 4.6 branch is the latest and most advanced kernel branch available right now for GNU/Linux operating systems, but it looks like its adoption is a little slow at the moment. "I'm announcing the release of the 4.6.1 kernel. All users of the 4.6 kernel series must upgrade," says Greg Kroah-Hartman. "The updated 4.6.y git tree can be browsed at the normal kernel.org git web browser."
Some users are apparently facing boot failure issue on the latest version. An anonymous tipster tells Slashdot: Several folks on the web have reported a regression in the latest Linux kernels, starting with 4.6.1 and including the 4.7 beta that prevents booting and drops to busybox, at least the one supplied by the Ubuntu PPA. The boot sequence ends with "address family not supported by protocol: error getting socket" and then, "error initializing udev control socket" (screenshot here).

New submitter nautsch writes: systemd changed a default value in logind.conf to "yes", which will kill all your processes, when you log out... There is already a bug-report over at debian: Debian bug tracker.
The new change means "user sessions will be properly cleaned up after," according to the changelog, "but additional steps are necessary to allow intentionally long-running processes to survive logout. To effectively allow users to run long-term tasks even if they are logged out, lingering must be enabled for them."

New submitter fisted writes: The NetBSD Project is pleased to announce NetBSD 7.0.1, the first security/bugfix update of the NetBSD 7.0 release branch. It represents a selected subset of fixes deemed important for security or stability reasons... For more details, please see the release notes at netbsd.org/releases. Complete source and binaries for NetBSD are available for download at many sites around the world. A list of download sites providing FTP, AnonCVS, SUP, and other services may be found at netbsd.org/mirrors/ This release addresses three security advisories, and includes six more security fixes -- all courtesy of a non-profit organization with no commercial backing.

An anonymous reader writes: CentOS team is pleased to announce the immediate availability of CentOS Linux 6.8 and install media for i386 and x86_64 Architectures. Release Notes for 6.8 are available here. Softpedia writes: "CentOS Linux 6.8 arrives today with major changes, among which we can mention the latest Linux 2.6.32 kernel release from upstream with support for storing up to 300TB of data on XFS filesystems. The VPN endpoint solution implemented in the NetworkManager network connection manager utility is now provided on the libreswan library instead of the Openswan IPsec implementation used in previous release of the OS, and it looks like the SSLv2 protocol has been disabled by default for the SSSD (System Security Services Daemon), which also comes with support for smart cards now." In addition, the new release comes with updated applications, including the LibreOffice 4.3.7 office suite and Squid 3.4 caching and forwarding web proxy, many of which are supporting the Transport Layer Security (TLS) 1.2 protocol, including Git, YUM, Postfix, OpenLDAP, stunnel, and vsftpd. The dmidecode open-source tool now supports SMBIOS 3.0.0, you can now pull kickstart files from HTTPS (Secure HTTP) sources, the NTDp (Network Time Protocol daemon) package has an alternative solution as chrony, SSLv3 has been disabled by default, and there's improved support for Hyper-V.

An anonymous reader shares an Ars Technica report: The Raspberry Pi 3 is not hurting for operating system choices. The tiny ARM computer is supported by several Linux distributions and even has a version of Windows 10 IoT core available. Now, it looks like the Pi is about to get official support for one of the most popular operating systems out there: Android. In Google's Android Open Source Project (AOSP) repository, a new device tree recently popped up for the Raspberry Pi 3. The AOSP device tree contains mostly Nexus devices with the occasional "generic" entry or developer board tossed into the mix. It's rare to see a non-Google device in AOSP, so it seems Google has taken quite a shine to the tiny computer. With officially supported source code, it should be much easier for hackers to get Android up and running on the Pi 3. And once that's done, you should be able to sideload more than 1.5 million apps onto the Pi to make the device do whatever you want.

An anonymous reader writes: Open Source advocate Jack Wallen is a writer for Linux.com and Tech Republic. He predicts that both Windows and OS X will be Open Source within 5 years, writing that "neither Microsoft nor Apple make serious money from operating systems any longer" (with both companies giving away major OS upgrades), but argues that smaller software companies still see close-sourced code as a profit center. So yesterday Wallen wrote a surprising column urging Linux fans to begin considering closed-source software.

"That doesn't mean, in any way, you are giving up on the idea of freedom. What it means is that the best tool for the job is the one you should be using...be that open, closed, or somewhere in between. Should you close your mind to close sourced tools, you could miss out on some seriously amazing applications. On top of that (and this is something I've harped on for decades), the more you use closed source applications on open source environments, the more will be made available."
I'd be curious to hear how many Slashdot readers agree with Mr. Wallen...

An anonymous reader writes: Tavis Ormandy of Google's Project Zero team has discovered a vulnerability in Symantec Antivirus Engine. The said engine is vulnerable to a buffer overflow when parsing malformed portable-executable (PE) header files, reports ZDNet. "Such malformed PE files can be received through incoming email, downloading of a document or application, or by visiting a malicious web site," Symantec said. "No user interaction is required to trigger the parsing of the malformed file." For Linux, OS X, and other Unix-like systems, the exploit results in a remote heap overflow as root in the Symantec or Norton process, Ormandy said in the Project Zero issue tracker. "On Windows, this results in kernel memory corruption, as the scan engine is loaded into the kernel (wtf!!!), making this a remote ring0 memory corruption vulnerability -- this is about as bad as it can possibly get," he said.The vulnerability, if exploited, results in kernel memory corruption without user action and instant blue-screening on Windows.

An anonymous coward writes: Just like clockwork, the Linux 4.6 kernel was officially released today. Details on the kernel changes for Linux 4.6 can be found via Phoronix and KernelNewbies.org. NVIDIA GeForce GTX 900 Maxwell support and Dell XPS 13 Skylake support are among the many hardware changes for 4.6. For Linux 4.7 there are already several new features to look forward to from new DRM display drivers to a new CPU scaling governor expected.
prisoninmate also writes: Linus Torvalds announced the final release of the anticipated Linux 4.6 kernel, which, after seven Release Candidate builds introduces features like "the OrangeFS distributed file system, support for the USB 3.1 SuperSpeed Plus (SSP) protocol, offering transfer speeds of up to 10Gbps, improvements to the reliability of the Out Of Memory task killer, as well as support for Intel Memory protection keys," [according to Softpedia].

"Moreover, Linux kernel 4.6 ships with Kernel Connection Multiplexor, a new component designed for accelerating application layer protocols, 802.1AE MAC-level encryption (MACsec) support, online inode checker for the OCFS2 file system, support for the BATMAN V protocol, and support for the pNFS SCSI layout."

prisoninmate quotes a report from Softpedia: It took the Debian developers many years to finally be able to ship a working version of ZFS for Linux on Debian GNU/Linux. For those not in the known, ZFS on Linux is the official OpenZFS implementation for Linux, which promises to offer native ZFS filesystem support for any Linux kernel-based operating system, currently supporting Arch Linux, Ubuntu, Fedora, Gentoo, Red Hat Enterprise Linux, CentOS, openSUSE, and now Debian. And it looks like their ZFS for Linux implementation borrows a lot of patches from Ubuntu, at least according to the changelog for zfs-linux 0.6.5.6-2, the version that is now available in the unstable channel for Debian users to install and test.

An anonymous reader writes: The Raspberry Pi 3 was launched with built-in chip for Bluetooth and Wi-Fi support, however, software support for Bluetooth was lacking until now. The drivers were there, but today's update to the Raspbian Linux distribution adds much-needed GUI tools to help you establish Bluetooth connections. Another cool addition is a new backup tool. There are other improvements as well including the mouse settings, and the ability to empty the wastebasket through right-clicking as seen below (yes, seriously). There is even a new shutdown dialog, something even casual users should notice.Official blog post here.

sfcrazy writes: Greg Kroah-Hartmant, the Linux superstar, delivered a keynote at CoreOS Fest where he gave some impressive details on how massive is the Linux project. Kroah-Hartman said the latest release (4.5) made two months ago contains over 21 million lines of code. More impressive than the amount of code, and what truly makes Linux the world's largest software project is the fact that last year around 4,000 developers and at least 440 different companies that contributed to the kernel. Kroah-Hartman said, "It's the largest software development project ever, in the history of computing -- by the number of people using it, developing it, and now using it, and the number of companies involved. It's a huge number of people."

A month ahead of its final release, Fedora Project on Tuesday released Fedora 24 beta for users and enthusiasts to try. An anonymous reader writes: The workstation version -- the one most home users will target -- offers GNOME 3.20 preview as a desktop environment. The GNOME environment has improved leaps and bounds over the years, becoming one of the best UIs of any operating system. Wayland is available as preview, but not default. The display server protocol is still poised to replace X, but it will not yet be ready for Fedora 24. The team explains that it should be ready for 'future versions'. Whether that means version 25 is something that remains to be seen."We're pleased to announce that Fedora 24, the latest version of the Fedora operating system, is now available in beta. The Fedora Project is a global community that works together to lead the advancement of free and open source software. As part of the community's mission the project delivers three editions, each one a free, Linux-based operating system tailored to meet specific use cases: Fedora 24 Cloud Beta, Fedora 24 Server Beta, and Fedora 24 Workstation Beta," said Matthew Miller, Fedora Project Leader.

An anonymous reader shares DistroWatch's report that the Debian distribution will soon be dropping support for older, 32-bit processors.
The Debian project supports a wide range of hardware architectures, including 32-bit x86 CPUs. Changes are happening in Debian's development branches which will make older versions of the 32-bit architecture obsolete. Ben Hutchings provides the details:

"Last year it was decided to increase the minimum CPU features for the i386 architecture to 686-class in the Stretch release cycle. This means dropping support for 586-class and hybrid 586/686 processors. (Support for 486-class processors was dropped, somewhat accidentally, in Squeeze.) This was implemented in the Linux kernel packages starting with Linux 4.3, which was uploaded to Unstable in December last year. In case you missed that change, GCC for i386 has recently been changed to target 686-class processors and is generating code that will crash on other processors. Any such systems still running Testing or Unstable will need to be switched to run Stable (Jessie)." Hutching's announcement includes a list of processors which will no longer be supported after Debian "Jessie".

An anonymous reader quotes this report from Distrowatch: Linux Mint 18 will no longer provide separate, codec-free installation media for OEM and magazine distribution. Instead, the distribution will ship without multimedia support while making it easy for users to acquire media codecs during the initial installation of the operating system. "OEM installation disks and NoCodec images will no longer be released. Instead, similar to other distributions, images will ship without codecs and will support both traditional and OEM installations. This will reduce our release cycle to 4 separate events and the production and testing of 12 ISO images. Multimedia codecs can be installed easily: From the welcome screen, by clicking on "Multimedia Codecs", or from the main menu, by clicking on "Menu"->"Sound and Video"->"Install Multimedia Codecs", or during the installation process, by clicking a checkbox option." Additional information on the upcoming release of Linux Mint 18 can be found in the project's monthly newsletter.
Softpedia points out that they're using Ubuntu 16.04 LTS as the package base, meaning "more hardware devices and components are now supported."

prisoninmate writes: Today is the last day of the Ubuntu Online Summit 2016, and the Ubuntu developers discussed the future of the Ubuntu Desktop for Ubuntu 16.10 (Yakkety Yak) and beyond. It looks like Snaps (Snappy) and Unity 8 with Mir are slowly conquering the Ubuntu Desktop, at least according to Canonical's Will Cooke, Ubuntu Desktop Manager. Work has already begun on pushing these new and modern technologies to the Ubuntu Desktop, as Ubuntu 16.04 LTS has just received support for installing Snaps from the Ubuntu Snappy Store. Canonical's Will Cooke has mentioned the fact that the Unity 7 desktop enters its twilight years, which means that it gets fewer features and it's being reduced to only critical and OEM work. This is because Unity 8 desktop is getting all the attention now, and it will become the default desktop session somewhere after Ubuntu 16.10 (Yakkety Yak).

An anonymous reader writes: Google Search competitor DuckDuckGo announced it will be giving away a total of $225,000 to support nine open source projects, each project will receive $25,000. DuckDuckGo said it performed 3 billion searches in 2015. It differs from many other search engines as it offers private, anonymous internet search. It doesn't gather information about you to sell ads to marketeers, like Google. Instead, it shows generic ads as it's part of the Microsoft/Bing/Yahoo ad network. It also has revenue-sharing agreements with certain companies in the Linux Open Source worlds, and makes money from select affiliate links. The $225,000 DuckDuckGo is giving away is chump change compared to the $100 million Google gives away in grants ever year. However, for the select projects, it should still be very beneficial. Last year, DuckDuckGo gave away a total of $125,000 to open source projects, so it's nice to see them donate an extra $100,000 to a good cause.

Mark Shuttleworth, founder of Canonical and Ubuntu Foundation, gave an interview to eWeek this week ahead of Ubuntu Online Summit (UOS). In the wide-ranging interview, Shuttleworth teased some features that we could expect in Ubuntu 16.10, and also talked about security and privacy. From the report: One thing that Ubuntu Linux users will also continue to rely on is the strong principled stance that Shuttleworth has on encryption. With the rapid growth of the Linux Foundation's Let's Encrypt free Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate platform this year, Shuttleworth noted that it's a good idea to consider how that might work in an integrated way with Ubuntu. Overall, he said, the move to encryption as a universal expectation is really important. "We don't do encryption to hide things; we do encryption so we can choose what to share," Shuttleworth said. "That's a profound choice we should all be able to make." Shuttleworth emphasized that on the encryption debate, Canonical and Ubuntu are crystal clear. "We will never backdoor Ubuntu; we will never weaken encryption," he said.

Joey-Elijah Sneddon, reporting for OMGUbuntu: You can expect to see a larger Ubuntu desktop installation image by the time the Yakkety Yak yips out. Developers are currently debating the exact size limits that official flavours will adhere to, with some favouring a 2GB hard limit while others are looking to go full-DVD size at 4.7GB+. Canonical's Steven Langasek explains the plans for Ubuntu 16.10 Yakkety Yak: "I've finally gone ahead and bumped the limit on Ubuntu desktop images to 2GB for a minimally-sized USB stick; this gives us a new limit that I think we will care about, while also leaving us headroom so we're not constantly fighting it back down to the line." The Ubuntu ISO is supposed to be around the 1GB mark but has creeped past this in recent releases. The current Ubuntu 16.04 LTS desktop .iso is 1.4GB.