Bonum Certa Men Certa

Links 16/06/2022: PostgreSQL 14.4 Released and GNU Health Hospital Management 4.0.4

  • GNU/Linux

    • Desktop/Laptop

      • XDAThe different ways to run Linux on the MacBook Pro 13 (2022)

        Alongside the all-new MacBook Air, Apple debuted a refresh to the MacBook Pro 13 at WWDC. Unlike the MacBook Air, the newest MacBook Pro 13 doesn’t get an updated design, it merely gets some juiced-up internals. And that means the brand-new Apple M2 chip.

        It’s the first MacBook Pro to get the M2 inside and as it’s also the most affordable MacBook Pro, it’s an attractive proposition for various use cases. And that includes development.

        Developers will often want to be able to run Linux on their Mac either natively or virtualized. The good news is that it’s perfectly possible to run Linux on the MacBook Pro 13 (2022), but with caveats.

    • Server

    • Audiocasts/Shows

      • VideoEnterprise Linux Security Episode 32 - MySQL for Everyone! - Invidious

        Are you a fan of MySQL? What if we told you that there's an infinite supply of it online, right out in the open?! It's literally as bad as it sounds! In this episode, Jay and Joao discuss how over 3.6 million MySQL instances are publicly available, as well as other forms of unintended public access.

      • Jupiter BroadcastingLinux Action News 245

        We get the details behind Thunderbird acquiring K-9 Mail, share the best new features of Plasma 5.25, check-in on Ubuntu's RISC-V development status, and discuss Photoshop coming to Linux via the web.

      • The BSD Now PodcastBSD Now 459: NetBSD Kernel benchmark

        Evaluating FreeBSD CURRENT for Production Use, Time Machine-like Backups on OpenBSD, FreeBSD on the Graviton 3, Compiling the NetBSD kernel as a benchmark, Network Management with the OpenBSD Packet Filter Toolset from BSDCan 2022, Hardware Detection & Diagnostics for New FreeBSD Users, and more

    • Kernel Space

      • LWNPer-file OOM badness []

        The kernel tries hard to keep memory available for its present and future needs. Should that effort fail, though, the tool of last resort is the dreaded out-of-memory (OOM) killer, which is tasked with killing processes on the system to free their memory and alleviate the problem. The results of invoking the OOM killer are never going to be good, but they can be distinctly worse if the wrong processes are chosen for an untimely end. As one might expect, the effort to properly choose the right processes is an ongoing effort. Most recently, Christian König has proposed a new mechanism to address a blind spot in the OOM killer's deliberations.

        When the system runs out of memory, the OOM killer's job is to try to resolve the problem while causing the least possible amount of collateral damage; a number of heuristics have been applied to the victim-choosing logic toward that end. One obvious rule is that it is generally better to kill fewer processes than many, and the way to do that is to select the processes that are currently consuming the most memory. Often, a single out-of-control process is responsible for the problem in the first place; if that process can be identified and killed, the system can get back into a more stable condition.

      • LWNWhat constitutes disclosure of a kernel vulnerability? []

        Opinions differ on the best way to disclose security vulnerabilities, but there is a general consensus in our community that vulnerabilities should, indeed, be made public at some point. What happens between the discovery of a vulnerability and its disclosure can be more controversial. A recent discussion on the handling of kernel vulnerabilities has led to change in the policies of the linux-distros mailing list — all based on the question of what constitutes "disclosure".

        There are two mailing lists that are commonly used for the discussion of vulnerabilities in the Linux community; they are not limited to kernel problems. The first of these, linux-distros, is a closed list that is used to coordinate the response to non-public security bugs. The second, oss-security, is a public list which is used for, among other things, the public disclosure of vulnerabilities. Both are administered by Alexander "Solar Designer" Peslyak.

        There is a long list of policies that apply to postings on linux-distros, including one that requires the public disclosure of all vulnerabilities reported there within a relatively short period of time. That rule is there to ensure that companies don't sit on vulnerability reports indefinitely, no matter how embarrassing they are. Another list policy, though, says that vulnerabilities that are already public have no place on linux-distros; all discussion of public vulnerabilities belongs on oss-security instead. The implementation of these policies has often proved to be tricky, especially when dealing with kernel vulnerabilities; see this 2021 article for a recent example.

      • LWN5.19 Merge window, part 2 []

        The 5.19 merge window was closed with the 5.19-rc1 release on June 5 after the addition of 13,124 non-merge changesets to the mainline kernel. That makes this merge window another busy one, essentially matching the 13,204 changesets seen for 5.18. The approximately 8,500 changesets merged since our first 5.19 merge-window summary contain quite a bit of new functionality; read on for a summary of the most interesting changes that were pulled during the second half of this merge window.

      • LWNMaintainers don't scale []

        In something of a grab-bag session, Josef Bacik led a discussion about various challenges that Linux kernel maintainers face, some of which lead to burnout. The session was originally going to be led by Darrick Wong, but he was unable to come to LSFMM, so Bacik gathered some of Wong's concerns and combined them with his own in a joint storage and filesystem session at the 2022 Linux Storage, Filesystem, Memory-management and BPF Summit (LSFMM). As part of the discussion, Bacik presented his view on what the role of a kernel maintainer should be, which seemed to resonate with those present.

      • LWNBest practices for fstests []

        As a followup to a session on testing challenges earlier in the day, Josef Bacik led a discussion on best practices for testing in a combined storage and filesystem session at the 2022 Linux Storage, Filesystem, Memory-management and BPF Summit (LSFMM). There are a number of ways that developers can collaborate on improving the testing landscape using fstests and blktests, starting with gathering and sharing information about which tests are expected to pass and fail. That information depends on a lot of different factors, including kernel version and configuration, fstest options, and more.

      • LWNioctl() forever? []

        In a combined storage and filesystem session at the 2022 Linux Storage, Filesystem, Memory-management and BPF Summit (LSFMM), Luis Chamberlain and James Bottomley led a discussion about the use of ioctl() as a mechanism for configuration. There are plenty of downsides to the use of ioctl() commands, and alternatives exist, but in general kernel developers have chosen to continue using this multiplexing system call. While there is interest in changing things, at least in some quarters, the discussion did not seem to indicate major changes on the horizon.

      • LWNLinux 5.18.5
      • LWNLinux 5.15.48
      • LWNLinux 5.10.123
      • LWNLinux 5.4.199
      • LWNLinux 4.19.248
      • LWNLinux 4.14.284
      • LWNLinux 4.9.319
    • Graphics Stack

      • V3DV Vulkan 1.2 status – Developer Log

        A quick update on my latest activities around V3DV: I’ve been focusing on getting the driver ready for Vulkan 1.2 conformance, which mostly involved fixing a few CTS tests of the kind that would only fail occasionally, these are always fun :). I think we have fixed all the issues now and we are ready to submit conformance to Khronos, my colleague Alejandro Piñeiro is now working on that.

    • Applications

      • Re: using Vim and Emacs

        In the first words, I'm happy that Matto is mentioned in [smolZINE - Issue 28] and he is publishing on the Geminispace. We were mailing about one article on his Gopherhole, and as I saw then, he had been publishing only there, and on the Web.

        Backing to the main topic, after my [Enlightenment in Emacs] I'm still using Vim and Emacs at the same time. I've organized it by some use cases. I'm using Emacs for Gophersphere, with Elpher for reading, and as an editor for writing. I've choosen Emacs for writing because it has superior text alignment functions, as I've written in [Emacs and Gopher].

      • Re: using Vim and Emacs

        It isn't a problem to do all tasks in Emacs, but the rest things I'm writing in Vim. Sometimes Vim can be better to do some things, for example, it has a better auto-completion function. In Emacs, there isn't a built-in function like Vim's CTRL+N dialog. Some corresponding functions, like for eg. spelling, are still handier in Vim for me. Separating modes in Vim are cool on the one hand and not on the other. Sometimes is more natural to just write text, as in Emacs.

      • Linux Links11 Best Free Linux Synthesizers (Updated 2022)

         A software synthesizer, also known as a softsynth, is computer software which creates digital audio. Computer software that generates music is not a recent arrival. However, with processors that offer multiple cores and faster clock speeds, software synthesizers can complete tasks that previously needed dedicated hardware. The advantage, of course, of software synthesizers is that they are less expensive than dedicated hardware, and simpler to integrate with other types of music software.

        Synthesizers are often controlled with a piano-style keyboard. Several other forms of controller have been developed to mimic guitars, organs, stringed and wind instruments. A real analog synthesizer has a lot of knobs and switches which give immediate access to all important parameters of the generated sound.

      • The syslog-ng Insider 2022-06: 3.37; hardware; Apache; disk-buffer; - Blog - syslog-ng Community - syslog-ng Community

        This is the 102nd issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news.

    • Instructionals/Technical

      • Tips On UNIXHow To Install Wireshark 3.6.6 On Ubuntu / AlmaLinux / Fedora Systems. | Tips On UNIX

        This tutorial will be helpful for beginners to download and install Wireshark 3.6.6 on Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Linux Mint 20.3, AlmaLinux 9, and Fedora 36

        Wireshark is an open-source network protocol analyzer. It can capture and decode packets on a network and can be used to identify and analyze network traffic.

        Wireshark can be used to monitor traffic on a local network, or on a remote network over the Internet.

      • Using and Managing Kubernetes DaemonSets  - Container Journal

        Kubernetes (also known as K8s) is a portable, open source, extensible platform to manage containerized workloads and services. It provides both automation and declarative configuration. You can cluster multiple nodes and Kubernetes helps you efficiently and easily manage them. It’s an ideal platform, as Kubernetes clusters can span hosts across public, on-premises, hybrid or private clouds.

        Additionally, Kubernetes offers many features and deployment options to run containers. One of these resources is DaemonSet. In this article, we’ll be discussing the function of DaemonSets, one of Kubernetes’ central resources.

      • Install OTRS Ticketting System on Debian 11 -

        Welcome to our tutorial on how to install OTRS ticketting system on Debian 11. OTRS, an acronym for Open Source Ticket Request System, is a flexible ticket request and process management system for customer services, Helpdesk, and IT services.

        OTRS ships with a comprehensive list of features that you can check them on the OTRS feature list page.

      • CitizixHow to install and Configure Jenkins in Ubuntu 22.04

        In this guide we are going to learn how to install and set up Jenkins in Ubuntu 22.04 server.

        Jenkins is an open source automation server which enables developers around the world to reliably build, test, and deploy their software. It is a popular open source automation tool to perform continuous integration and build automation. Jenkins allows to execute a predefined list of steps, e.g. to compile golang source code to build build binary file. The trigger for this execution can be time or event based.

      • TechRepublicHow to install the latest version of Nextcloud on Ubuntu Server 22.04 | TechRepublic

        For those that aren’t in the know, Nextcloud is a cloud-based suite of tools that includes things like document and file management, calendar, chat (video and audio), email, forms and contacts. In fact, for those interested, Nextcloud could easily become a drop-in replacement for the likes of either Google Workspace or Microsoft 365. I’ve been using Nextcloud since its early days and I am confident that just about anyone can benefit from this platform.

      • Red HatLearn about OpenShift command-line tools | Red Hat Developer

        Red Hat OpenShift simplifies application deployment, the management and monitoring of Kubernetes clusters, and other developer tasks. The OpenShift tools, both command-line interface (CLI) and graphical user interface (GUI), cover many crucial deployment tasks. This article focuses on the oc and odo CLI commands, but touches on the GUIs as well.

      • ID RootHow To Install Elasticsearch on Ubuntu 22.04 LTS - idroot

        In this tutorial, we will show you how to install Elasticsearch on Ubuntu 22.04 LTS. For those of you who didn’t know, Elasticsearch is a powerful scalable real-time distributed search and data analysis. Elasticsearch is well-liked and popular amongst sysadmins and developers as it is a mighty search engine based on the Lucene library. The search engine works very quickly, can be used to search large amounts of data (big data), and supports distributed architectures for high availability.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Elasticsearch on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

      • TecMintHow to Limit Network Bandwidth in NGINX Web Server

        Previously, in our NGINX traffic management and security controls series, we have discussed how to limit the number of connections the same client can make to your web resources, using client identification parameters such as IP address. We also covered how to limit the rate of requests (limit the rate at which a client can make requests) for your web resources.

        To ensure that your application usage bandwidth is not expended by a single client, you need to control the upload and download speeds per client. This is a common NGINX security control against DoS (Denial of Service) attacks from malicious users who are just trying to abuse site performance.

        In this third part of the series, we will explain how to limit network bandwidth in the NGINX web server.

      • Red Hat OfficialHow to configure Network File System on Linux | Enable Sysadmin

        NFS is one of the easiest and most transparent ways to handle shared storage within an organization. Learn how to configure it on Red Hat Enterprise Linux.

      • CitizixHow to create an AWS EC2 Instance with Pulumi using Golang

        Pulumi is an open source infrastructure as code tool for creating, deploying, and managing cloud infrastructure. Pulumi works with traditional infrastructures like VMs, networks, and databases, in addition to modern architectures, including containers, Kubernetes clusters, and serverless functions.

        It leverages existing programming languages—TypeScript, JavaScript, Python, Go, . NET, Java, and markup languages like YAML—and their native ecosystem to interact with cloud resources through the Pulumi SDK. Pulumi let’s you build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of familiar programming languages and tools.

      • Trend OceansHow to Install TeamViewer in Ubuntu 22.04 or Debian-Based Distro's - TREND OCEANS

        Before AnyDesk, TeamViewer was one of the most popular multi-platform remote access and remote control software between computers.

        TeamViewer is proprietary software and is not included in the Ubuntu repository, but you can still install it on your system by grabbing the deb file from the official TeamViewer website.

        Today, you will learn how to install TeamViewer on Ubuntu or any Debian-based distributions from a deb file using both CLI and GUI methods.

      • H2S MediaInstall Hestia web control panel on Debian 11 Bullseye - Linux Shout

        Want to manage the command line web server using GUI? Then here are the steps to install the Hestia open-source control panel on Debian 11 Bullseye.

        Hestia is an open-source control panel for Web serves running on Linux operating systems. It is based on another open-source project called the Vesta Control panel, which is also free to download and use either from the official website or GitHub page.

        The users who want to create, configure and handle Apache or Nginx web servers with PHP-FPM but via a Graphical user interface can install the HestiaCP in just a few commands. Apart from the web servers, it also offers a DNS server, Multiple PHP versions; MariaDB or PostgreSQL databases; POP/IMAP/SMTP mail services with Anti-Virus, and Firewall with brute-force attack detection.

    • Games

      • Boiling SteamNew Steam Games with Native Linux Clients - 2022-06-16 Edition - Boiling Steam

        Between 2022-06-09 and 2022-06-16 there were 19 New Steam games released with Native Linux clients. For reference, during the same time, there were 250 games released for Windows on Steam, so the Linux versions represent about 7.6 % of total released titles. Here’s a quick pick of the most interesting ones...

      • Boiling Steam3400 Games Now On The Steam Deck with Eiyuden Chronicle: Rising as Verified - Boiling Steam

        We are still observing a relatively low rate of addition of verified/playable games for the Steam Deck – this week most additions were made on 2 days. Nevertheless we are now more than 3400 games validated (3417 games to be precise at the time of publication) on the Steam Deck – in two categories...

      • 9to5LinuxTotal War: WARHAMMER III Is Out Now on Linux, Ported by Feral Interactive

         Developed by Creative Assembly and published by SEGA, Total War: WARHAMMER III is the third installment and the cataclysmic conclusion of the Total War: WARHAMMER video game series. The game is set in Games Workshop’s Warhammer Fantasy universe of colossal proportions.

        The game was announced on February 17, 2022, but it was only released for macOS and Microsoft Windows platforms, But now, thanks to Feral Interactive, you can now play the video game on your Linux-powered computer too.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • The Register UKNot a GNOME fan, and like the look of Windows? Try KDE Plasma or Cinnamon
          Right after the latest release of the KDE Frameworks comes the Plasma Desktop 5.25 plus the default desktop for the forthcoming Linux Mint 23.

          KDE Plasma 5.25 is the latest version of the oldest FOSS desktop around, with new and improved features that will particularly benefit trackpad and touchscreen users and people with convertible laptops.

          It appears right after version 5.95 of the KDE Frameworks, but to be honest, this won't be especially visible unless you're a developer. The KDE organization itself describes the Frameworks as "a set of 83 add-on libraries for programming with Qt."

  • Distributions and Operating Systems

    • BSD

      • OpenBSD - Part 2

        Today I've continued my journey into the OpenBSD realm. This post documents what I achieved today. Firstly, I found out that file(1) exists, I somehow never found out about it, and that it is hardened on OpenBSD to not execute any code, which is awesome!

        I spent time today understanding the boot process and more of rc.conf, and by tomorrow I hope I can write my own start up scripts for custom services, it seems easy as they're shell scripts. I tested around single user mode, and other nice features.

    • SUSE/OpenSUSE

      • BCI test tutorial - openQA bites

        Base Container Images (BCI) are a SUSE offer for a variety of container images suitable for building custom applications atop of the SUSE Linux Enterprise (SLE). They are a suitable building platform for different container applications and are available for free without subscription. In this blog post I’m covering how we test BCI before they are released and how you can run individual tests on them.

      • An update from ALP Quality Engineering - openSUSE News

        Building our products in an open and transparent way allows us to rethink the way how we test.

        Jose Lausuch from our ALP Quality Engineering was invited to the Community Workgroup weekly meeting to speak about current plans of Quality Engineering for ALP.

        Jose mentioned that the QE Workgroup would like to start testing existing ALP images with the existing MicroOS test suite. The effort is coordinated in poo#112409.

    • Fedora Family / IBM

      • Red Hat OfficialHardening Virtio for emerging security usecases

        Traditionally, when looking at a virtio device and its corresponding virtio driver, we assume the device is trusted by the driver. We do, however, need to protect the virtio device from a possible malicious virtio driver.

        The logic behind this approach is that the virtio driver is a "smart" software element which could contain malicious software logic while the virtio device is a "dumb" element capable of doing only what it’s asked to do. Another reason for this logic is that we traditionally focus on protecting the host from the workload running on it containing the virtio driver (be it a virtual machine (VM) or a container) or protecting workloads from each other.

        Emerging hardware frameworks and security frameworks are turning things around by shifting the focus to protecting the virtio driver from the virtio device. One reason for this change is emerging smart NIC technologies that contain virtio devices that are transformed from "dumb" elements to sophisticated elements that are also capable of running malicious software.

      • OpenSource.comUsing habits to practice open organization principles |

        Habits are a long-term interest of mine. Several years ago, I gave a presentation on habits, both good and bad, and how to expand on good habits and change bad ones. Just recently, I read the habits-focused book Smart Thinking by Art Markman. You might ask what this has to do with open organization principles. There is a connection, and I'll explain it in this two-part article on managing habits.

        In this first article, I talk about habits, how they work, and—most important—how you can start to change them. In the second article, I review Markman's thoughts as presented in his book.

      • Enterprisers ProjectQ&A: 3 digital transformation questions and answers about boosting team productivity

        Even after two years of rapid technology adoption, it’s rare to find a company that has a clear and accurate understanding of how each individual employee uses technology at work – and what they need from those tools.

        In this interview, Stanley Huang, Moxo's Chief Technology Officer, shares what organizations need to focus on in the years to come. He offers tips for CIOs and CTOs to help unburden employees and increase productivity through technology in the workplace.

      • Red HatHow to convert a web application to Software-as-a-Service [Ed: Application you do not control. Someone else controls it remotely.]

        Software-as-a-Service (SaaS) offers a compelling opportunity for developers who create software originally intended to run at web scale. Having a single code base that runs a variety of enterprise-level business applications reduces the labor that goes into creating and maintaining the software that supports it all. The promise of "one code base to rule them all" makes developing SaaS platforms a value proposition that's hard to ignore—as long as the development team has the expertise to make their ideas real. You need to know a thing or two about creating SaaS platforms. They are a bit of a different beast than single-purpose web applications.

        There are two ways to create a SaaS platform. One is the "greenfield" approach: Build a SaaS platform from scratch. The other way is to transform an existing web application into a SaaS platform.

        This article takes a look at the second way. I describe how to transform an existing web application into a SaaS platform with the help of a concrete, yet fictitious, business named Clyde's Clarinets. The goal of the article is to describe how to transform Clyde's Clarinets into a SaaS platform named Instrument Resellers.

    • Canonical/Ubuntu Family

      • Its FOSSUbuntu Core 22 is Here for IoT and Edge Devices
        Ubuntu Core 22 is a containerized Ubuntu 22.04 LTS variant optimized for embedded and IoT devices.

        It should be a wonderful offering for developers looking to make use of Canonical’s latest operating system for edge devices.

      • Ubuntu Core 22 goes GA: Thanks for the... Internet of Shrimp?

        Canonicals’ open source operating system (OS) for edge and Internet of Things devices, Ubuntu Core 22 , is now generally available as the company eyes market opportunities for the fully containerised OS at the heart of a growing ecosystem of embedded industrial, telecommunications, automotive and robotics devices.

      • CNX SoftwareUbuntu Core 22 released for IoT devices and embedded systems
        Canonical has just released Ubuntu Core 22, a containerized variant of Ubuntu 22.04 LTS, optimized for IoT devices and embedded systems and supporting Ubuntu’s new real-time kernel.

        In Ubuntu Core, everything is a snap, including the kernel, OS, and applications both to improve security to sandbox each package and to enable updates of specific packages from the IoT App Store over-the-air (OTA). If something goes wrong during the update, the system will automatically roll back to the previous version, so the device cannot be bricked. The Snap system also minimizes network traffic through delta updates.

      • DebugPointVoyager Live: Ubuntu LTS Spin with Immersive Experience [Review]

        A review of Voyager Linux which is a Ubuntu LTS spin that brings stunning UI for various flavours with themes, Conky and utilities.

    • Devices/Embedded

      • Linux GizmosMultipurpose I/O module based on Raspberry Pi RP2040 silicon

        Italian based Sfera Labs released the Iono RP D16 which is an I/O module driven by the RP2040 MCU suitable for industrial and commercial applications. This robust module provides sixteen digital 24V I/I lines and it’s CE, FCC and IC compliant.

        Similar to the recent Exo Sense RP also by Sfera Labs, the Iono RP D16 is built around the RP2040 chip which provides two ARM Cortex-M0+ processors (up to 133MHz), 264KB on-chip SRAM and rich I/Os.

    • Mobile Systems/Mobile Applications

  • Free, Libre, and Open Source Software

    • Apache BlogThe Apache Software Foundation Announces Apache® Dorisâ„¢ as a Top-Level Project : The Apache Software Foundation Blog

      The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® Doris™ as a Top-Level Project (TLP).

      Apache Doris is a modern, easy-to-use MPP (massively parallel processing) analytical database system that provides sub-second queries and efficient real-time data analysis. The project was originally developed at Baidu as "Palo", was open-sourced in 2017, and entered the Apache Incubator in July 2018.

      "We are very proud that Doris graduated from the Apache Incubator —it is an important milestone," said Mingyu Chen, Vice President of Apache Doris. "Under the guidance of our incubator mentors, we learned how to successfully develop our project and community the Apache Way. We have achieved great growth during the incubation process."

    • Web Browsers

      • Mozilla

        • UbuntuHow are we improving Firefox Snap performance? Part 2 | Ubuntu

          The Firefox snap offers a number of benefits to daily users of Ubuntu as well as a range of other Linux distributions. It improves security, delivers cross-release compatibility and shortens the time for improvements from Mozilla to get into the hands of users.

          Currently, this approach has trade-offs when it comes to performance, most notably in Firefox’s first launch after a system reboot. This series tracks our progress in improving startup times to ensure we are delivering the best user experience possible.

    • SaaS/Back End/Databases

      • PostgreSQLPostgreSQL: PostgreSQL 14.4 Released!

        The PostgreSQL Global Development Group has released PostgreSQL 14.4 to fix an issue that could cause silent data corruption when using the CREATE INDEX CONCURRENTLY or REINDEX CONCURRENTLY commands. Please see the following section for information on how to detect and correct silent data corruption in your indexes.

        This release also fixes over 15 bugs since PostgreSQL 14.3 was released in May. For the full list of changes, please review the release notes.

        This release is only for PostgreSQL 14. The PostgreSQL Global Development Group will make a scheduled update release on August 11, 2022 for all supported versions of PostgreSQL (10 - 14).

    • GNU Projects

      • GNUGNU Health - News: GNU Health Hospital Management 4.0.4 patchset released [Savannah]

        We provide "patchsets" to stable releases. Patchsets allow applying bug fixes and updates on production systems. Always try to keep your production system up-to-date with the latest patches. Patches and Patchsets maximize uptime for production systems, and keep your system updated, without the need to do a whole installation.

      • TalerGNU Taler Scalability

        Anonymity loves company. Hence, to provide the best possible anonymity to GNU Taler users, the scalability of individual installations of a Taler payment service matters. While our design scales nicely on paper, NGI Fed4Fire+ enabled us to evaluate the transaction rates that could be achieved with the actual implementation.

    • Programming/Development

  • Leftovers

    • 2022/0616/0830 — dull grey morning

      A light misty rain and a very dull overcast sky as I went out for my morning walk, up through the park as usual. Much the same sounds as usual, birds in the trees and bushes can be heard, but few seen. No sound of the illegal rooster today, perhaps its not light enough for him yet, perhaps he has become chicken soup

    • 2022/0610/1400 — lunchtime butcherbird
    • Proprietary

    • Security

      • LWNSecurity updates for Thursday []

        Security updates have been issued by Fedora (containerd, golang-github-containerd-cni, golang-github-containernetworking-cni, golang-x-sys, kernel, and qt5-qtbase), Oracle (kernel, kernel-container, microcode_ctl, subversion:1.14, and xz), Red Hat (.NET 6.0, .NET Core 3.1, cups, and xz), Scientific Linux (xz), SUSE (caddy, chromium, librecad, libredwg, varnish, and webkit2gtk3), and Ubuntu (bluez).

      • MakeTech EasierMicrosoft Office Update Remedies Chinese Hack Vulnerability [Ed: Microsoft once again using xenophobia to distract from its own misconduct; Microsoft wants you to think its back or bug doors have an ethnicity, nationality]

        Microsoft Office users are encouraged to update the software as soon as possible to protect their systems from a Chinese hack vulnerability. While Microsoft has known about the threat since late last month, it only initially offered workarounds.

      • Bruce SchneierAttacking the Performance of Machine Learning Systems - Schneier on Security

        Attackers were able to degrade the performance so much, and force the system to waste so many cycles, that some hardware would shut down due to overheating. Definitely a “novel threat vector.”

      • USCERTCISA Requests Public Comment on CISA’s TIC 3.0 Cloud Use Case

        CISA has released Trusted Internet Connections (TIC) 3.0 Cloud Use Case for public comment. TIC is a federal cybersecurity initiative intended to secure federal data, networks, and boundaries while providing visibility into agency traffic, including cloud communications.

      • CISACisco Releases Security Updates for Multiple Products | CISA
    • Defence/Aggression

      • Atlantic CouncilRenewed Belarus military buildup is a sign of Lukashenka’s desperation

        With war raging in Ukraine’s east and south, there are mounting concerns that the threat to the country’s north and west, including the capital Kyiv, could soon return.

        Alyaksandr Lukashenka said on June 10 that Belarus may be forced to enter the war to fight for the west of Ukraine so that it is “not chopped off” by NATO. The Belarusian dictator’s remarks came as Minsk was reinforcing its electronic warfare capabilities along the Ukrainian border, according to a Facebook post by the Ukrainian General Staff. “Combat engineering tasks are being performed to reinforce checkpoints and deploy additional electronic warfare equipment in the areas near the border between Belarus and Ukraine,” the General Staff wrote.

        Additionally, Belarus has been conducting military exercises in the area and Lukashenka has announced the creation of an operational command for troops on the border with Ukraine. Russia has recently deployed nuclear-capable Iskander missiles, Pantsir-S1 anti-aircraft gun systems, and S-400 anti-aircraft missile systems near the frontier. Alongside these developments, Lukashenka has announced the purchase of S-400s and Iskanders from Russia. The Belarusian autocrat has also ordered the creation of a “people’s militia.”

    • Environment

      • Energy

        • Would 1950s Living Standards Save Us?

          We're consuming way too much energy. By now people should start understanding that "shifting over to green power" is kind of a joke. So far the world hasn't really started transitioning at any meaningful scale. Yes, new solar and wind plants are built every day.

    • Finance

    • Freedom of Information / Freedom of the Press

      • CPJBelarusian journalists Yauhen Yerchak and Dzmitry Suslau sentenced to 15 days each in detention

        Belarus authorities should immediately release journalists Yauhen Yerchak and Dzmitry Suslau, drop all charges against them, and allow the press to work freely, the Committee to Protect Journalists said Wednesday.

      • JURISTBelarus dispatch: how a sports journalist became a political prisoner

        Belarusian law students enrolled at European Humanities University are filing reports with JURIST on current circumstances in Belarus under the constitutionally-disputed presidency of Alexander Lukashenka. For privacy and security reasons, we are withholding the name of the correspondent filing this report. The text has only been lightly edited to respect the author’s voice.

      • Scoop News GroupBelarusian hacktivist group releases purported Belarusian wiretapped audio of Russian embassy

        A Belarusian hacktivist group on Tuesday released what it says is wiretapped audio of foreign embassies, consulates and other calls in Belarus gathered surreptitiously by the Belarusian Ministry of Internal Affairs.

        Announced in the Belarusian Cyber Partisans’ Telegram channel late morning U.S. time Tuesday, the first release is a four-and-a-half minute long video posted to YouTube containing what the group says is audio of recordings captured from the Russian embassy and the Russian consulate sometime between 2020 and 2021.

        The group said it is not publishing conversations in full and hiding some data about call participants “out of respect for the personal conversations of people who are not connected with the dictatorship in Belarus,” according to a Google translation of the message.

        An email sent to the Russian foreign ministry with a request for comment was not returned. The Belarus embassy in the U.S. did not immediately respond to a request for comment.

    • Monopolies

Recent Techrights' Posts

Curation and Preservation Work
The winter is coming soon and this means our anniversary is near
Microsoft GitHub Exposé — In the Alex Graveley Case, His Lawyer, Rick Cofer, Appears to Have Bribed the DA to Keep Graveley (and Others) Out of Prison
Is this how one gets out of prison? Hire the person who bribes the DA?
Richard Stallman's Public Talk in GNU's 40th Anniversary Ceremony
Out now
Objections to binutils CoC
LXO response to proposed Code of Conduct
Conde Nast (Reddit), Which Endlessly Defamed Richard Stallman and Had Paid Salaries to Microsoft-Connected Pedophiles, Says You Must Be Over 18 to See 'Stallman Was Right'
Does this get in the way of their Bill Gates-sponsored "Bill Gates says" programme/schedule?
Techrights Was Right About the Chaff Bots (They Failed to Live up to Their Promise)
Those who have been paying attention to news of substance rather than fashionable "tech trends" probably know that GNU/Linux grew a lot this year
Selling Out to Microsoft Makes You Dead Beef
If all goes as well as we've envisioned, Microsoft will get smaller and smaller
Mobile Phones Aren't Your Friend or a Gateway to Truly Social Life
Newer should not always seem more seductive, as novelty is by default questionable and debatable
Links 29/09/2023: Disinformation and Monopolies
Links for the day
iFixit Requests DMCA Exemption…To Figure Out How To Repair McDonald’s Ice Cream Machines
Reprinted with permission from Ryan Farmer
Jim Zemlin Thinks the World's Largest Software Company Has 200 Staff, Many of Whom Not Technical at All
biggest ego in the world
Links 29/09/2023: Linux Foundation Boasting, QLite FDW 2.4.0 Released
Links for the day
Red Hat Does Not Understand Community and It's Publicly Promoting Microsoft's Gartner is basically lioning a firm that has long been attacking GNU/Linux in the private and public sectors at the behest of Microsoft
A 'Code of Conduct' Typically Promoted by Criminal Corporations to Protect Crimes From Scrutiny
We saw this in action last week
Techrights Extends Wishes of Good Health to Richard M. Stallman
Richard Stallman has cancer Still Going, Some Good News From Canada
a blow to software patents in Canada
The Debian Project Leader said the main thing Debian lacked was more contributors
The Debian Project Leader said the main thing Debian lacked was more contributors
IRC Proceedings: Thursday, September 28, 2023
IRC logs for Thursday, September 28, 2023
Links 28/09/2023: Openwashing and Patent Spam as 'News'
Links for the day
Links 28/09/2023: Preparing Red Hat Enterprise Linux 8.9 and 9.3 Beta
Links for the day
We Need to Liberate the Client Side and Userspace Too
Lots of work remains to be done
Recent IRC Logs (Since Site Upgrade)
better late than never
Techrights Videos Will be Back Soon
We want do publish video without any of the underlying complexity and this means changing some code
Microsoft is Faking Its Financial Performance, Buying Companies Helps Perpetuate the Big Lies (or Pass the Debt Around)
Our guess is that Microsoft will keep pretending to be huge, even as the market share of Windows (and other things) continues to decrease
Techrights Will Tell the Story (Until Next Year!) of How Since 2022 It Has Been Under a Coordinated Attack by a Horde of Vandals and Nutcases
People like these belong in handcuffs and behind bars (sometimes they are) and our readers still deserve to know the full story. It's a cautionary tale for other groups and sites
Why It Became Essential to Split GNU/Linux Stories from the Rest
These sites aren't babies anymore. In terms of age, they're already adults.
Losses and Gains in an Age of Oligarchy - A Techrights Perspective
If you don't even try to fix something, there's not even a chance it'll get fixed
Google (and the Likes Of It) Will Cause Catastrophic Information Loss Rather Than Organise the World's Information
Informational and cultural losses due to technological plunder
Links 28/09/2023: GNOME 45 Release Party, 'Smart' Homes Orphaned
Links for the day
Security Leftovers
Xen, breaches, and more
GNOME Console Won’t Support Color Palettes or Profiles; Will Support Esperanto
Reprinted with permission from Ryan Farmer
Let's Hope GNU Makes it to 100
Can GNU still be in active use in 2083? Maybe.
GNU is 40, Linux is Just 32
Today it's exactly 40 years since Richard Stallman sent a message regarding GNU
GNU/Linux and Free Software News Mostly in Tux Machines Now
We've split the coverage
Links 27/09/2023: GNOME Raves and Firefox 118
Links for the day
Links 27/09/2023: 3G Phase-Out, Monopolies, and Exit of Rupert Murdoch
Links for the day
IBM Took a Man’s Voice, Pitting Him Against His Own Work, While Companies Profit from Low-Effort Garbage Generated by Bots and “Self-Service”
Reprinted with permission from Ryan Farmer