Alpine Linux has recently announced the release of Alpine Linux 3.19.1, a maintenance release of the 3.19 series. This release includes a range of bug fixes and security updates, specifically addressing several vulnerabilities in OpenSSL.

The following OpenSSL security vulnerabilities have been fixed in this release:

• CVE-2023-6129
• CVE-2023-6237
• CVE-2024-0727

To delve deeper into the details and changes made, the complete list of modifications can be found in the git log for version 3.19.1.

In addition to Alpine Linux 3.19.1, older stable versions of Alpine Linux, including 3.16.9, 3.17.7, and 3.18.6, have also been released to address the identified OpenSSL vulnerabilities.

In the latest monthly update for openSUSE Tumbleweed in January 2024, the distribution unveils a new format to better communicate major changes, improvements, and key issues. This update is now recommended by contributors involved in openSUSE’s marketing efforts.

Kernel and Hardware Support

The Linux Kernel receives updates to versions 6.6.7, 6.6.9, 6.6.10, 6.6.11, and 6.7.1, addressing memory management and security vulnerabilities. Notable enhancements include PCI updates for Zhaoxin Root Ports, contributing to improved compatibility and performance for Zhaoxin’s CPUs and motherboards.

Browser and Graphics Updates

Mozilla Firefox is updated to version 121.0 and 121.0.1, resolving issues such as hanging when loading sites with column-based layouts. The KDE Frameworks update to version 5.114.0 brings significant improvements, including fixes in Extra CMake Modules, holiday additions for Kenya, and adjustments for AVIF in KImageFormats.

The Mesa update to version 23.3.3 introduces a new Vulkan driver for NVIDIA hardware (NVK) in the experimental phase. This marks a step forward in support for NVIDIA GPUs, accompanied by enhancements in graphics performance and compatibility for Asahi and RADV.

System Management and PHP Enhancements

Systemd sees updates to version 254.8, focusing on the cautious resolution of reported bugs and ensuring stability in device management systems. PHP is updated from version 8.2.14 to 8.2.15, bringing fixes for SSA integrity verification, improvements in CLI built-in web server timeouts, and resolving issues with stream wrapper registration.

Multimedia and Networking

GStreamer is updated to version 1.22.8, addressing vulnerabilities in the AV1 video codec parser and making improvements in reverse playback and seeking in qtdemux. Samba sees updates to version 4.19.4, resolving issues related to the machine account password, improving documentation generation, and addressing critical vulnerabilities and bugs.

Security and Bug Fixes

The update includes critical security patches across various packages, with notable improvements in Firefox, systemd, Samba, and PHP. Multiple Common Vulnerabilities and Exposures (CVEs) are addressed in packages like xorg-x11-server, xwayland, gnutls, java-11-openjdk, and samba, enhancing overall security and stability.

The Incus team has announced the release of Incus 0.5, the first release of 2024. This release brings several improvements to the Incus CLI, new virtual machine features, additional options for handling cluster evacuations and host shutdowns, and various bugfixes and performance improvements.

Highlights of the release include:

Ansible, Terraform/OpenTofu, and Packer
Incus now has support for Ansible, Terraform/OpenTofu, and Packer. This means that users can now find a connection plugin for Incus in Ansible, an official provider for Terraform and OpenTofu, and a Packer plugin for Incus.

Linux distribution packages Additional packages for Incus are now available for Arch Linux, Debian (testing/unstable), Ubuntu (noble), and Void Linux. Detailed installation instructions can be found in the Incus documentation.

Translations
The Incus team has spent time cleaning up translations and setting up Weblate for Incus. This makes it easier than ever for users to log into Weblate and translate the Incus CLI into their language.

New features
Some of the new features introduced in Incus 0.5 include:

• New incus file create command: This command allows users to create empty files, symlinks, and directories without transferring an existing local directory tree.
• New incus snapshot show command: This command allows users to view the configuration data included in an Incus instance snapshot.
• More shell completion options: Incus is transitioning to a more dynamic way of handling shell completion, and users can now retrieve initial shell completion profiles for Bash, Fish, PowerShell, and Zsh.
• Support for multiple VM agent binaries: Incus now supports providing multiple agent binaries to virtual machines, which is useful for handling multiple operating systems and architectures.
• Support for virtio-blk as a disk io.bus: After adding NVME support in Incus 0.2, Incus now offers virtio-blk as a disk I/O bus option in virtual machines.
• Support for USB network device pass-through in VMs: Incus now detects when the parent network device of a virtual machine is connected over the USB bus and converts it into a USB device pass-through.
• New cluster evacuation options: Two new cluster evacuation options, force-stop and stateful-stop, have been added to Incus. These options can be selected on a per-instance basis and provide different ways to handle the evacuation of instances in a cluster.
• Ability to configure the host instance shutdown action: Users can now configure the action to be taken when the host instance shuts down. The options include stop, force-stop, and stateful-stop.
• Ability to start instances as part of creation: Instances can now be started as part of the creation request, saving an API call and making it easier for users scripting the Incus API.
• Configurable Loki instance name: Incus now allows users to provide a cluster name to be used as the Loki event source instance, making it easier to filter events from multiple clusters using the same Loki instance.
• Extended HEAD support on files: The HEAD method on the Incus instance file API now returns the file size, allowing for the display of file sizes in addition to names and types.
• Use of /run/incus for runtime data: Incus now stores runtime data in /run/incus, keeping /var/log/incus only for actual log files.

For the complete list of changes in Incus 0.5, refer to the changelog.

To try Incus for yourself, visit the Incus documentation for installation instructions and more information.

The Waveshare PCIe To M.2 adapter is an affordable PCIe to M.2 HAT+ module designed specifically for the Raspberry Pi 5.

It supports PCIe Gen2 and Gen3 SSDs and is compatible with standard SSD sizes of 2230/2242. The adapter features status indicator LEDs, a power monitoring chip, an EEPROM, and a cooling fan vent to manage temperatures during heavy use. This adapter is not the first of its kind for the Raspberry Pi 5, as other options like the PineBerry Pi’s HatDrive and the Pimoroni NVMe Base have been previously explored. The Waveshare PCIe To M.2 adapter shares a similar form factor with Waveshare’s PoE HAT(F), which uses the new HAT+ standard to provide 24W of power to the Raspberry Pi 5.

The adapter’s specifications include compatibility with Raspberry Pi 5 SBC, M.2 SSD interface compatibility, a compact form factor, status indicator LEDs, an EEPROM, and a power monitoring chip.

The package includes the PCIe To M.2 HAT, a double-row 20-pin header, a 16-pin cable, and a set of standoffs for mounting. The product dimensions are 65.00 x 56.50 mm.

The Waveshare PCIe To M.2 adapter is available for purchase for $8.99 on the company’s online store, and it’s also availble on other online stores.

Source: CNX Software – Embedded Systems News.

Armbian, a popular Linux distribution for single-board computers (SBCs), has recently released a comprehensive update to enhance the user experience. The latest updates include improvements to the Armbian Build Framework, kernel upgrades, merging of Rockchip kernel families, and device-specific updates.

The Armbian Build Framework now includes official Github Action scripts, making it easier for users to re-compile images for their hardware. These scripts allow users to choose different configurations with or without customization. The framework can be accessed through the GitHub Marketplace.

Kernel upgrades have been completed for the current kernel selection, with the default upcoming kernel on most platforms now based on the most recent LTS kernel base 6.6.y. Additionally, EDGE kernels are already distributed with the latest 6.7.y.

Efforts are also underway to merge disassociated Rockchip kernel families, which will streamline maintenance and provide a more cohesive user experience.

In terms of device-specific updates, LicheePi 4A now has current kernel support, although it is still a work in progress (WIP). The old 32-bit Marvell kernel has also been successfully updated, ensuring that the popular NAS, Helios4, will continue to receive updates and maintainer support.

Several bug fixes and improvements have been made, including fixing a significant bug that affected network speed on RockPi S, applying numerous patches to address issues with display, wireless, Bluetooth, and DVFS on H616/H618 Zero2 and Zero3 series, and changing the default CPU governor to schedutil to optimize performance and responsiveness.

Waveshare has released the PoE HAT(F), an 802.3af/at-compliant 24W Power-over-Ethernet (PoE) board designed for the Raspberry Pi 5. This HAT also includes a cooling solution for the SBC, featuring an embedded fan, a heatsink, and two thermal pads.

The Waveshare PoE HAT(F) features the following specifications:

• Connection: 40-pin Raspberry Pi GPIO header and 4-pin PoE header
• PoE (Power Over Ethernet):
  • IEEE 802.3af/at compliant
  • Input voltage: 37V-57V DC input
  • Output:
    • 2-pin header: 12V/2A max
    • GPIO header: 5V/4.5A max
• Fully isolated switched-mode power supply (SMPS)
• MP8759GD buck converter chip
• Cooling: Fan, metal heatsink, and thermal pads for heat dissipation
• Dimensions: 70 x 56.5 mm

The Waveshare PoE Hat(F) is currently available for purchase on Amazon, AliExpress, and on Waveshare’s online store.

Source: CNX Software – Embedded Systems News.