The latest version of the cloud native application proxy, Traefik, has been released. Version v2.10.5 brings several bug fixes and documentation updates to improve the functionality and user experience of the proxy.

Bug fixes in this release include:

• Move origin fields capture to service level
• Fix preflight response status in access logs
• Update go-acme/lego to v4.14.0
• Update go-acme/lego to v4.13.3
• Update quic-go to v0.37.5
• Update quic-go to v0.39.0
• Update quic-go to v0.37.6
• Update quic-go to v0.38.0
• Update quic-go to v0.38.1
• Ignore ErrKeyNotFound error for the KV provider
• Adjust forward auth to avoid connection leak
• Improve CNAME flattening to avoid unnecessary error logging
• Allow X-Forwarded-For delete operation
• Update x/net and grpc/grpc-go
• Add missing accessControlAllowOriginListRegex to middleware view
• Fix false positive in URL anonymization

Documentation updates in this release include:

• Change Arvancloud URL
• Correct minor typo in crd-acme docs
• Remove healthcheck interval configuration warning
• Docs describe the missing db parameter in Redis provider
• Doc fix accessControlAllowHeaders examples
• Updates business callout in the documentation

These bug fixes and documentation updates contribute to a smoother and more efficient experience for users of Traefik. The latest version can be downloaded from the official Traefik GitHub repository.

PICMG has announced the release of the COM-HPC 1.2 specification, which includes the new COM-HPC Mini form factor. This form factor, about the size of a credit card at 90x75mm, provides access to high-speed interfaces such as PCIe Gen5, USB4, and 10GbE.

The COM-HPC Mini form factor is a smaller version of the COM-HPC standard, designed for applications like autonomous mobile robots, drones, and mobile 5G test and measurement equipment. It offers a compact solution for edge computing.

The COM-HPC 1.2 “Mini” modules come with a single 400-pin connector and various interfaces, including storage with 2x SATA ports (shared with PCIe lanes), display with 1x eDP and 2x DDI, networking with 2x 10 Gbps NBASE-T Ethernet ports, USB with 8x SuperSpeed lanes for USB4/ThunderBolt or USB 3.2, 8x USB 2.0, PCIe with 16x PCIe lanes supporting PCIe 4.0 or PCIe 5.0, and miscellaneous features such as boot SPI and eSPI, UART, CAN, Audio, FUSA, and power management signals.

The COM-HPC Mini modules support cameras via an FFC connector with a MIPI CSI interface. The input voltage ranges from 8V to 20V DC, and the modules can handle up to 107W of input power. The dimensions of the modules are 95 x 70 x 15 mm.

While the COM-HPC 1.2 specification has been released and is available for download, it comes at a cost of 750 Euros. The information provided above is based on a press release, as access to the specification is required to obtain further details.

It is unclear when companies like congatec or ADLINK will release actual COM-HPC Mini modules. However, PICMG plans to release a “COM-HPC 1.2 Carrier Design Guide” in early 2024, suggesting that announcements may be expected later in the first half of 2024.

Source: CNX Software – Embedded Systems News.

This year, Raspberry Pi has released a new version of their operating system called Bookworm. While the overall Debian release, on which Raspberry Pi OS is based, doesn’t bring many changes, Bookworm introduces some major architectural updates to the Raspberry Pi Desktop.

One of the significant changes in Bookworm is the transition from using X11 to Wayland as the display system. Wayland offers improved performance by combining the functions of the display server and window manager into a single application. This consolidation also enhances security by isolating applications from each other at the compositor level.

To support Wayland, Raspberry Pi OS now uses a compositor called Wayfire, which works better as a Wayland compositor on Raspberry Pi than the previous Mutter window manager. However, Wayland is currently only the default mode on Raspberry Pi 4 and 5, with older platforms still using the X11 display server and Openbox window manager. The performance of Wayfire on these older platforms is being optimized for a future switch to Wayland.

Another significant update in Bookworm is the replacement of PulseAudio with PipeWire as the audio system. PipeWire builds upon the features of PulseAudio and provides better support for audio accompanying video, reduced latency, improved management of Bluetooth audio devices, and enhanced operation in the secure Wayland environment.

Networking in Raspberry Pi OS has also been updated with the adoption of NetworkManager as the default network controller. NetworkManager offers additional functionality, such as connecting to hidden wireless networks, virtual private networks (VPNs), and using a Raspberry Pi as a wireless hotspot. The networking plugin on the taskbar retains a familiar appearance but now includes an “Advanced Options” item to access the new features provided by NetworkManager.

The extensive changes introduced in Bookworm have necessitated updates to the Raspberry Pi OS documentation. The documentation team has been working diligently to ensure that the documentation reflects the new state of the operating system. If users come across any outdated documentation, they are encouraged to raise an issue on the documentation repository.

While Bookworm brings many improvements, there are a few features and programs that are currently missing or incompatible with the new version. Overscan compensation for displays, the system tray for application icons, and traditional remote desktop access have either been temporarily removed or replaced with alternative mechanisms. Additionally, certain programs like the SenseHAT Emulator, BlueJ and Greenfoot Java IDEs, and Sonic Pi are incompatible with Bookworm and have been removed until they are updated.

The changes in Bookworm align Raspberry Pi OS with the practices of other Linux distributions, as many have already adopted Wayland, PipeWire, and NetworkManager. These updates provide a solid foundation for future development and ensure compatibility with the broader Linux ecosystem.

While Wayland and PipeWire have been extensively tested, there may still be specific usage scenarios where issues can arise. To address this, the Advanced Settings menu in raspi-config allows users to revert to the old X11/Openbox display system and PulseAudio if necessary.

To install Bookworm, it is recommended to re-image the SD card with a clean image rather than attempting to upgrade from a previous version. Raspberry Pi Imager can be used to create an SD card with Bookworm, or users can download a Bookworm image from the Raspberry Pi website and flash it onto their SD card using their preferred tool.

Overall, Bookworm brings significant updates to the Raspberry Pi OS, including the transition to Wayland, the adoption of PipeWire for audio, and the use of NetworkManager for networking. These changes improve performance, security, and functionality, aligning Raspberry Pi OS with industry standards and providing a solid platform for future development.

Source: News - Raspberry Pi.

Curl 8.4 has been released with a focus on addressing a major security vulnerability. Following the recent announcement that Curl was preparing for one of its worst security flaws in a long time, the latest version of Curl aims to fix this issue and provide additional security improvements.

In addition to the “high” level security fix, Curl 8.4 also resolves a “low” security issue. Alongside these security updates, the release includes bug fixes and feature enhancements for the widely-used downloading library and curl command-line utility.

The main security issue addressed in Curl 8.4 is CVE-2023-38545. This vulnerability involves a heap-based buffer overflow in the SOCKS5 proxy handshake. When Curl is requested to pass the hostname to the SOCKS5 proxy for address resolution, a maximum length of 255 bytes is allowed. However, due to a bug, if the hostname exceeds this length, the buffer can be overwritten into the heap. This issue requires a slow SOCKS5 handshake and a client using a hostname longer than the download buffer to be triggered.

The other security issue resolved in this release pertains to cookie injection without a file.

On the feature side, Curl 8.4 introduces support for IPFS (InterPlanetary File System) protocols via HTTP gateways. Additionally, support for legacy MinGW.org toolchains has been dropped in this release.

For more information on all the changes in Curl 8.4, you can visit the official curl.se website.

Source: Phoronix.

The winners of the Prusa Enclosure Modifications contest have been announced, showcasing the innovative and creative ideas of the community. The first-place winner is Lars, who designed an automated heating and ventilation system for the enclosure. This system allows for quick temperature adjustments, especially during colder months. The second-place winner, Kevin Barker, created an interior storage shelf that maximizes space and features a unique hexagon design. In third place is MW, who designed a hinged lid with a gas spring for easy access to the enclosure. Bram Elema received an honorable mention for their well-crafted and functional (Un)original Prusa Drybox. The community’s top picks include multicolor mesh side boxes, an original Prusa spool holder, xRivets for the enclosure, Prusa enclosure covers, and an original Prusa enclosure slider lock latch. Congratulations to all the winners and participants of the contest!

Source: Prusa3D.

k0s has released version v1.28.2+k0s.0. This all-inclusive Kubernetes distribution is designed for building Kubernetes clusters and comes packaged as a single binary for easy use. It can be used in various environments, including cloud, IoT gateways, Edge, and Bare metal deployments, thanks to its simple design, flexible deployment options, and modest system requirements.

The latest release, 1.28.2, includes several updates and improvements. Some of the highlights include:

• Kubernetes 1.28.2: The release builds with Kubernetes 1.28.2, and all the Kubernetes components are updated to the same version.
• Enhanced autopilot: The autopilot now allows the cluster to follow a specific update channel on an update server, making it easier to stay up-to-date with patch updates.
• SBOM generation: The release now generates a full signed SBOM (Software Bill of Materials) for each release, providing greater transparency and security.
• Extended OS testing matrix: The OS testing matrix now covers 22 OS and version combinations, including Alpine, CentOS, Debian, Fedora, Fedora CoreOS, Flatcar, Oracle, RHEL, Rocky, and Ubuntu.
• Updated component versions: Various components have been updated, including ContainerD, RunC, Etcd, Kine, Konnectivity, Kube-router, Calico, and CoreDNS.

For a detailed list of changes, you can refer to the release notes. This release also includes contributions from new contributors who made their first contribution to the project.

Overall, this release of k0s brings important updates and improvements, making it a reliable choice for building Kubernetes clusters in various environments.