You might have already noticed by looking at the Downloads page that we have expanded our line-up of releases (again). The winter distribution updates is a major update to our AOSC OS releases, and it packs a lot more than just software updates:
*-basecollections (for lack of a good name). They are now built from a minimal system release (a "stub" variant, for our own convenience) every time, instead of being "refreshed" by doing a system update on the old one (a more detailed
*-basedescription/explanation is on the way).
Also, GTK+ based desktop variants are now released with a brand new look, incorporating the elegance of the Arc GTK+ theme, and the simplicity of the Flat-Remix icon theme. As seen in this screenshot of our new GNOME release below.
Now, looking ahead, there are several things to do between now and our next distribution update - and some changes to our distribution update schedule: we are currently planning to shift the distribution update to a set, seasonal schedule (with the exception of BuildKit and important security updates) - instead of this random and fire-at-will mess we currently have... More on that in a later news post.
Also, from the next update on, we will no longer set the default password for
root with the default distribution. Enabling
root user with a default password is quite a bad idea, as some users may forget to disable or reset the password of the
root user, potentially making the system defenseless on a open network.
But for now, please enjoy (or much rather, please, try our) AOSC OS!
(*) PowerPC ports are big endian only, and are only tested on PowerPC-based Macintosh computers with G3 or newer processors.
Shortly after the release of Allwinner AOSC OS images, the image for Raspberry Pi 2/3 is now available as well. The image is based on the "Base" variant of AOSC OS releases and they can now be obtained in the respective section in the Download page.
Note that currently the image is based on ARMv7 (therefore 32-bit) userspace, as the official kernel that Raspberry Pi supplies (BSP) is ARMv6/ARMv7 only. We will be releasing separate images for Raspberry Pi 3 soon, as mainline Kernel support will land for this particular board.
Before then, do a fast SD card burn/dd...
# dd if=imagefile of=/dev/sdX bs=4M status=progress
imagefile is the
.img file you would obtain after extracting from the
.img.xz you would download, and
sdX is the device file of your SD card)
And enjoy AOSC OS on your Pi!
Our ARM/SunXi guru Icenowy Zheng has just released a big batch of system images for ARMv7-based Allwinner boards and tablets. The images are based on the "Base" variant of AOSC OS releases and they can now be obtained in the respective section in the Download page.
Icenowy Zheng's Orange Pi One runnning on mainline kernel, and of course, AOSC OS.
And here below is a full list of devices supported by these images, in case you got lost:
Please update your
httpd package to version
A 0-day vulnerability was recently announced by Apache, "Server memory can be exhausted and service denied when HTTP/2 is used". And a CVE was consequently assigned for this vulnerability:
Please update your
google-chrome package to version
A new version of Chromium (and Google Chrome consequently) was released to fix the following security vulnerabilities:
CVE-2016-5203, CVE-2016-5204, CVE-2016-5205, CVE-2016-5206, CVE-2016-5207, CVE-2016-5208, CVE-2016-5209, CVE-2016-5210, CVE-2016-5211, CVE-2016-5212, CVE-2016-5213, CVE-2016-5214, CVE-2016-5215, CVE-2016-5216, CVE-2016-5217, CVE-2016-5218, CVE-2016-5219, CVE-2016-5220, CVE-2016-5221, CVE-2016-5222, CVE-2016-5223, CVE-2016-5224, CVE-2016-5225, CVE-2016-5226, CVE-2016-9650, CVE-2016-9651, CVE-2016-9652.
(And that means "a lot of them", please update soon!)
Our mirror at USTC is down, due to recurring hard disk array failures.
That said, you might need to change your APT source lists to install and update packages normally. Use
apt-gen-list -l to see your options (avoid
10-ustc for now), and
apt-gen-list -e "repo1 repo2 repo3" to enable new mirrors to use.
We will post another notice when USTC's mirror has resolved this issue.
This security advisory suggests the following updates to your system:
firefoxpackage to version
50.0.2; if you are using PowerPC 64-bit port (
ppc64, big endian), please update to version
thunderbirdpackage to version
palemoonpackage to version
Recently, a 0-day software vulnerability was disclosed for various Mozilla-based software packages:
CVE-2016-9079 (Reserved but not issued).
Core 4.1 was released just now as a major feature update to the Core 4.0 series. Core 4.1 contains:
And most notably, GCC now comes with Go language support, and now you may switch between the Google and the GNU implementation. Many changes were also put into a new Glibc update, like the Unicode 9.0 update. Also, we have disabled any non-Unicode locale by default to save some time and disk space when updating Glibc (you can still enable them by editing
Some details were changed in the AOSC OS base definition package (aosc-aaa) as well,
/etc/os-release now includes a new field for
BUILD_ID, as exposed in GNOME as follows:
A full changelog for Core 4.1 is available here.
Note: This version of Core contains security update for Glibc, for AOSA-2016-0030, therefore it it strongly suggested for you to update if you are using ARMv7 (
armel) port of AOSC OS!
Please update your
glibc package to version
2.24-2, especially if you are using ARMv7 (
A fix was recently committed to Glibc's Git master to fix the following vulnerability:
And the vulnerability states:
"The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent attackers to cause a denial of service (hang), as demonstrated by applications compiled using gccgo, related to backtrace generation."
Please update your
libtiff package to version
A new version of LibTIFF was recently announced to fix the following security vulnerabilities:
And the following MSVR (Microsoft Vulnerability Research) indexes:
MSVR 35105, MSVR 35094, MSVR 35095, MSVR 35092, MSVR 35103, MSVR 35100, MSVR 35093, MSVR 35096, MSVR 35097, MSVR 35098.