Tech News Digest - 2025-03-19

Dallas SpohnDallas Spohn
4 min read

Apply directly to the eyes

[$] A look at /e/OS on tablet hardware

Category: Linux
Tags: General
Published: Wed, 19 Mar 2025 14:59:10 +0000
TL;DR: Here is a 2-sentence summary:

/eOS is a privacy-centric, open-source mobile operating system primarily designed for smartphones, with limited support for tablets. Murena, a company selling devices with /eOS preinstalled, has now announced official support for tablets starting with the Pixel tablet, offering a user experience similar to mainstream alternatives.

/e⁠/⁠OS is a privacy-centric, open-source mobile operating system that has primarily been targeted at mobile phones, with only a few community supported images available for tablet devices. In December, Murena—a company that sells devices with /⁠e⁠/⁠OS preinstalled—announced that /⁠e⁠/⁠OS now officially supports tablets as well, starting with the Pixel tablet. The user experience is close enough to mainstream alternatives to make it attractive, but there are some under-the-hood problems that may give users pause.

[Read more](https://lwn.net/Articles/1006557/)

Supply Chain Attacks on Linux distributions (Fenrisk)

Category: Linux
Tags: General
Published: Wed, 19 Mar 2025 14:48:47 +0000
TL;DR: Here is a 2-sentence summary:

A security company called Fenrisk has revealed that they successfully identified vulnerabilities in the Pagure (Fedora's package definition repository) and Open Build Service (openSUSE's compilation and packaging toolchain). If exploited, these vulnerabilities could have allowed malicious actors to compromise all packages for Fedora and openSUSE, affecting millions of Linux servers and desktops.
A security company called Fenrisk has posted an overview of a pair of claimed successful supply-chain attacks on the Fedora and openSUSE distributions.

We successfully identified vulnerabilities in the Pagure, the Git forge used by Fedora to store their package definitions. We also compromised Open Build Service, the all-in-one toolchain used and developed by the openSUSE project for compilation and packaging.

Their exploitation by malicious actors would have led to the compromise of all the packages of the distributions Fedora and openSUSE, as well as their downstream distributions, impacting millions of Linux servers and desktops.

[Read more](https://lwn.net/Articles/1014741/)

Security updates for Wednesday

Category: Linux
Tags: Linux
Published: Wed, 19 Mar 2025 13:26:02 +0000
TL;DR: Here is a 2-sentence summary:

Multiple Linux distributions have issued security updates to address vulnerabilities, including Debian, Fedora, Red Hat, SUSE, and Ubuntu. The updates affect various packages such as tzdata, expat, tigervnc, kernel, thunderbird, webkit2gtk3, dcmtk, restrictedpython, and uriparser.
Security updates have been issued by Debian (tzdata), Fedora (expat and tigervnc), Red Hat (kernel, kernel-rt, thunderbird, and webkit2gtk3), SUSE (dcmtk), and Ubuntu (restrictedpython and uriparser).
Read more

[$] Oxidizing Ubuntu: adopting Rust utilities by default

Category: Linux
Tags: General
Published: Tue, 18 Mar 2025 16:49:29 +0000
TL;DR: Here is a 2-sentence summary:

The Ubuntu project plans to replace many traditional GNU utilities with Rust-based implementations, and has released a command-line utility called "oxidizr" to help users test and provide feedback on the new utilities. The goal is to enable or disable the Rust-based utilities ahead of a possible switch for Ubuntu 25.10, an interim release scheduled for October 2025.

If all goes according to plan, the Ubuntu project will soon be replacing many of the traditional GNU utilities with implementations written in Rust, such as those created by the uutils project, which we covered in February. Wholesale replacement of core utilities at the heart of a Linux distribution is no small matter, which is why Canonical's VP of engineering, Jon Seager, has released oxidizr. It is a command-line utility that helps users easily enable or disable the Rust-based utilities to test their suitability. Seager is calling for help with testing and for users to provide feedback with their experiences ahead of a possible switch for Ubuntu 25.10, an interim release scheduled for October 2025. So far, responses from the Ubuntu community seem positive if slightly skeptical of such a major change.

[Read more](https://lwn.net/Articles/1014002/)

Security updates for Tuesday

Category: Linux
Tags: General
Published: Tue, 18 Mar 2025 13:32:10 +0000
TL;DR: Here is a 2-sentence summary:

Multiple Linux distributions have issued security updates to address vulnerabilities in various packages. The affected distributions include Debian, Fedora, Mageia, Red Hat, SUSE, and Ubuntu, with fixes released for packages such as freetype, rails, mosquitto, python-django4.2, libarchive, and others.
Security updates have been issued by Debian (freetype and rails), Fedora (mosquitto and python-django4.2), Mageia (libarchive, libreoffice, php, and quictls), Red Hat (webkit2gtk3), SUSE (erlang, nethack, python312, and wpa_supplicant), and Ubuntu (freetype and plantuml).
Read more

0
Subscribe to my newsletter

Read articles from Dallas Spohn directly inside your inbox. Subscribe to the newsletter, and don't miss out.

tech newsAILinuxansibleautomation

Written by

Dallas Spohn
Dallas Spohn

Dallas, a seasoned professional with a diverse background, transitions seamlessly between roles as a systems admin turned developer, technical writer, and curriculum developer at Red Hat. With a knack for unraveling complex concepts, he crafts engaging materials primarily in DocBook, guiding enthusiasts through the intricacies of Red Hat's certification courses. In his earlier days, Dallas's passion for Anime led him to contribute to Anime News Network, channeling his creativity and expertise into captivating content. His contributions extended beyond writing as he interviewed prominent figures in the Anime industry, offering insights into their creative processes and visions. Beyond his professional pursuits, he's a devoted husband and father, cherishing moments with his loved ones. Dallas's journey in the tech industry spans various roles, from a security developer at NTT Security to an operations architect overseeing Linux servers for commercial transcoding. His tenure at esteemed institutions like Goldman Sachs and Lockheed Martin has honed his skills as a systems engineer, instilling in him a deep-rooted understanding of complex systems. An avid FPV pilot, Dallas finds exhilaration in soaring through the skies with his drones, often contemplating the lessons learned from his aerial adventures. His diverse experiences, including serving as a naval submariner aboard the USS Alexandria and pursuing higher education in England, enrich his perspective and fuel his thirst for knowledge.