Some highlights include:
A full list of packages added this time could be found here.
To learn about how to request new packages for addition into our community repository, please check out our "pakreq" guide. Or simply shout out requests with
#pakreq hashtag on our #aosc IRC channel, or on our Telegram group (joining information available on IRC).
Another batch of tarballs are now available for AOSC OS, available to users of the AMD64, ARMv7, ARMv8/AArch64, PowerPC 32/64-bit Big Endian ports. As usual, they contain the newest packages available for AOSC OS, along with some enhancements, changes, and additions:
rootuser is now locked down by default, but you may still enable the
rootuser by setting a password for
root, check out our new installation guide for more information.
Here below is the default look to the AOSC OS i3wm variant, powered by the i3 window manager, Conky, and i3blocks - a configuration based on Manjaro's i3 edition. This is our first i3wm distribution, so this release may still contain some inconsistency and shortcomings in design - tell us what you think!
Budgie, the "flagship" desktop environment of the Solus Project - this is their own take on the GNOME desktop experience.
Neofetch is now installed with every AOSC OS distribution to provide you with some basic system information - and a chance to show off your distro!
You might have noticed that tarballs for MIPS32 are not updated yet, this is because we are currently working on the Kernel port for MIPS32 - and it didn't happen in time for this wave of updates - we will be releasing updates for MIPS32, along with MIPS64, with full mainline Kernel support on Loongson 2E, 2F, and 3A devices - as they are currently our principle target platform for these two ports (having said that, our MIPS ports are still generic and not specific to Loongson/Godson systems).
Thanks for stopping by, and we wish you a good experience working with AOSC OS!
Please update your
curl+32 package to version
A recently released update to cURL has addressed a security vulnerability:
curl and libcurl support "OCSP stapling", also known as the TLS Certificate Status Request extension (using the
CURLOPT_SSL_VERIFYSTATU option). When telling curl to use this feature, it uses that TLS extension to ask for a fresh proof of the server's certificate's validity. If the server doesn't support the extension, or fails to provide said proof, curl is expected to return an error.
Due to a coding mistake, the code that checks for a test success or failure, ends up always thinking there's valid proof, even when there is none or if the server doesn't support the TLS extension in question. Contrary to how it used to function and contrary to how this feature is documented to work.
This could lead to users not detecting when a server's certificate goes invalid or otherwise be mislead that the server is in a better shape than it is in reality.
And was assigned CVE-2017-2629.
Please update your
util-linux package to version
A recently released update to Util-Linux has address a security vulnerability, assigned with CVE-2017-2616.
It is possible for any local user to send
SIGKILL to other processes with root privileges. To exploit this, the user must be able to perform su with a successful login.
SIGKILL can only be sent to processes which were executed after the su process. It is not possible to send
SIGKILL to processes which were already running.
Please update your
linux+kernel to versionf
A security vulnerability was disclosed for the Linux Kernel:
This is an announcement about
CVE-2017-6074  which is a double-free
vulnerability I found in the Linux kernel. It can be exploited to gain
kernel code execution from an unprivileged processes.
The oldest version that was checked is 2.6.18 (Sep 2006), which is vulnerable. However, the bug was introduced before that, probably in the first release with DCCP support (2.6.14, Oct 2005).
The kernel needs to be built with
CONFIG_IP_DCCP for the vulnerability
to be present. A lot of modern distributions enable this option by
And was assigned CVE-2017-6074.
Brutally simplified rolling Linux distribution.
Install AOSC OS on your Windows machine.
Localization improvements made by the community.
Learn about newest news and happenings in and around AOSC.
Our public clipboard service (or pastebin) that you can use for all your clippy needs.
Our WebMail service for AOSC developers and contributors.
Our community repository server, where AOSC OS installation medias, tarballs, packages, project documentation, etc. are stored.
Have a look at our chatter room!