NEWS

Read hard, get it all caught up :-D

Things are (actually) going on around the community (surprise!), you may find latest news and happenings in and around the community, and of course, latest information for you to better enjoy AOSC OS.

Most good programmers do programming not because they expect to get paid or get adulation by the public, but because it is fun to program. – Linus Torvalds

ALL NEWS

  • AOSCC 2017 Now Up for Sign Up!JUNE 14, 2017

    After several months of hard work by our community members, we have finally settled on a venue and a date for this year’s AOSCC, so…

    Welcome to our 4th annual community gathering in Guangzhou, from July 14th to 16th!

    AOSCC 2017’s venue is generously sponsored by the Guangdong University of Technology on their campus location at the H.E.M.C. (Higher Education Mega Center; 大学城). The gathering will take place in Experiment Building 4, Room 304(实验四号楼 304 实验室), here are some maps to the location…

    • Google Maps
    • Gaode Maps

    While we are still preparing for other documentations and details for the event, here’s the information we are able to produce so far…


    Already made up your mind? Just sign up here! There’s no need to provide your full name (though recommended) - it is required for all participants to sign up here so we could keep track on the amount of people coming, as this could be limited due to our venue.

    We could say at present that we could hold 50 at our venue, but this could go up if it ended up going above this amount.


    Again, please sign up here.

  • AOSA-2017-0042: Update FirefoxJUNE 14, 2017

  • zh_CN Localization Guide 1.5.4JUNE 14, 2017

    Just a quick announcement that version 1.5.4 of our zh_CN (Simplified Chinese, China) Localization Guide is released.

    This revision of the guide introduced a new section discussing the translation of Desktop Entry files (.desktop) files, more details could be found on the actual released document, zh_CN L10n Guide, version 1.5.4.


    If you have any suggestions for future revisions or found any errors in our documentation, please report it here.

  • AOSA-2017-0041: Update IrssiJUNE 10, 2017

    Please update your irssi package to version 1.0.3 (PowerPC 32/64-bit big endian users: please move away from AOSC OS for the summer as we are unable to provide package update until September, see our last post for more information).

    A new version of Irssi IRC/Web Chat Client has recently been released to address two security vulnerabilities:

    CVE-2017-9468, CVE-2017-9469.

    Relevant documentation:

  • Core 4.2.2: Fin.JUNE 7, 2017

    With the release of Core 4.2.2, we have reached the end of the “Series 4” of AOSC OS Core.

    This point release updated Linux API Headers to version 4.11.3 in order to retain compatibility of the new Chromium/Google Chrome 59 browser - which contains a great deal of security updates/fixes. With July closing in, we are getting ready to unveil the collection of features and updates coming in Core “E” - our fifth Core release series - coming this summer.

    With the hint “E” - yes, we are about to start a call-for-codename for this new series of AOSC OS Core releases, we will vote for the next codename on the first day of AOSCC 2017 - details coming in the following week or so.

    Just a short announcement to tell you what’s up with the new version - and moreover, to thank you for using AOSC OS and staying supportive of our development effort.


    Core 4.2.2 is now available for amd64 users, this update will come for armel (ARMv7) and arm64 (ARMv8, AArch64) users in the coming week.

    For mipsel (MIPS-II), mips64el (MIPS64r2), powerpc (PowerPC 32-bit), ppc64 (PowerPC 64-bit, big endian) users however… Please don’t wait around, as none of these architectures will support the Chromium browser family, we have elected to skip this release. Core “E” will come in time, however, so look out for that!


    Lastly, as we have no PowerPC device available for development at the moment, we have decided to suspend all updates - and that includes security updates - for both PowerPC architectures.

    We do apologise for the inconvenience and we would further recommend that you move away from AOSC OS for this summer, in our hope to keep you safe from cyberattacks and existing bugs.


    — Mingcong Bai

  • AOSA-2017-0040: Update to Chromium and Google ChromeJUNE 7, 2017

    Please update your google-chrome (amd64 only) and chromium packages to version 59.0.3071.86.

    A recently released version of Chromium and Google Chrome has addressed a series of security vulnerabilities, assigned with the following CVE IDs:

    CVE-2017-5070, CVE-2017-5071, CVE-2017-5072, CVE-2017-5073, CVE-2017-5074, CVE-2017-5075, CVE-2017-5076, CVE-2017-5077, CVE-2017-5078, CVE-2017-5079, CVE-2017-5080, CVE-2017-5081, CVE-2017-5082, CVE-2017-5083, CVE-2017-5085, CVE-2017-5086.

    Relevant documentation:

  • AOSA-2017-0039: Update SudoMAY 31, 2017

    Please update your sudo package to version 1.8.20p1.

    A recently released version of Sudo has addressed a security vulnerability titled “Potential overwrite of arbitrary files on Linux”:

    “On Linux systems, sudo parses the /proc/[pid]/stat file to determine the device number of the process’s tty (field 7). The fields in the file are space-delimited, but it is possible for the command name (field 2) to include spaces, which sudo does not account for. A user with sudo privileges can cause sudo to use a device number of the user’s choosing by creating a symbolic link from the sudo binary to a name that contains a space, followed by a number.”

    This vulnerability has been assigned CVE-2017-100036.

    Relevant documentation:

  • Cinnamon 3.4 Now Available!MAY 5, 2017

    Just a quick notice that Cinnamon 3.4 is now available in our community repository (along with the new Slick Greeter)! Here’s a screenshot…

    cinnamon-3.4


    For more information on changes introduced with Cinnamon 3.4 please refer to this Linux Mint blog post.

  • AOSA-2017-0038: Update WeeChatMAY 5, 2017

    Please update your weechat package to version 1.7.1.

    A recently announced version of WeeChat has addressed the following security vulnerability:

    CVE-2017-8073.

    Relevant documentation:

  • Updates to Our Community Infrastructure!APRIL 29, 2017

    With the hard work of our community infrastructure contributors, there are now two more services available for our community members:

    • AOSC OS Packages: A catalog of packages available for AOSC OS.
    • Mailing Lists: Community mailing lists for discussions, advisories, and announcements.

    AOSC OS Packages

    Thanks to Dingyuan Wang (gumblex) for creating this website.

    It should not take much explanation for our Packages site - as mentioned above, it is a catalog of AOSC OS packages - and you could now search for a particular package available to AOSC OS (or to find out if it’s available yet), check on update status, and compare versions of a given package available to all our AOSC OS ports.

    Dingyuan Wang also mentioned that there will be a function where AOSC OS users could file package requests on the same website, making it easier for users and developers to check on request status.

    Mailing Lists

    Thanks to Sijie Bu (butangmucat) for making this service available.

    Currently there are four mailing lists available, each dedicated to different functions…

    • announcements@lists.aosc.io: for community events and project-related announcements; broadcast only, read-only to subscribers.
    • discussions@lists.aosc.io: for development discussions, questions, and suggestions; open to users and developers, subscription required.
    • mirrors@lists.aosc.io: announcements on maintenance and status of our mirrors; broadcast only, read-only to subscribers.
    • security@lists.aosc.io: bulletin for security updates, CVEs, etc; broadcast only, read-only to subscribers.

    If you have any questions, concerns, or suggestions to our community services and infrastructure, please pop a mail to our discussions mailing list