March 25, 2021

Trending Topics This Week

Here is what people are talking about this week in the world of free and open source software:

• WARNING: A New Android Zero-Day Vulnerability Is Under Active Attack.
• Once the Big Tech Battler, Open Source Is Now Big Tech's Battleground.
• Open-Source Supercomputer Code WarpX Presents Path for Shrinking Particle Accelerators.

Key Security, Maintenance, and Features Releases
 

Security Updates

OpenSSH 8.5
OpenSSH 8.5 was released on 2021-03-03. It is available from the
mirrors listed at https://www.openssh.com/.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
https://www.openssh.com/donations.html
 

Non-Security Updates

Eclipse 3-2021
Eclipse release notes are broken down into sections found here.

Narayana 5.11.0.Final
[JBTM-3213] - Ensure the LRA module is configurable
[JBTM-3294] - Include a custom HTTP LRA version header on REST calls made by our implementation
[JBTM-3297] - Move LRA failure records to another part of the store
[JBTM-3309] - Investigate using MicroProfile JSON Web Token to secure interaction with an LRA coordinator

ISC Bind 9.16.13
Zone journal (.jnl) files created by versions of named prior to 9.16.12 were no longer compatible; this could cause problems when upgrading if journal files were not synchronized first. This has been corrected: older journal files can now be read when starting up. When an old-style journal file is detected, it is updated to the new format immediately after loading.
Note that journals created by the current version of named are not usable by versions prior to 9.16.12. Before downgrading to a prior release, users are advised to ensure that all dynamic zones have been synchronized using rndc sync -clean.
A journal file’s format can be changed manually by running named-journalprint -d (downgrade) or named-journalprint -u (upgrade). Note that this must not be done while named is running. [GL #2505]
named crashed when it was allowed to serve stale answers and stale-answer-client-timeout was triggered without any (stale) data available in the cache to answer the query. [GL #2503]

OpenLDAP 2.4.58
Fixed slapd validity checks for issuerAndThisUpdateCheck (ITS#9454)
Fixed slapd to alloc new conn struct after freeing old one (ITS#9458)
Fixed slapd syncrepl to check all contextCSNs (ITS#9282)
Fixed slapd-bdb lockdetect config (ITS#9449)
 

Rancher vs. OpenShift: Platform and Feature Comparison

With a rapidly expanding selection of container technologies and platforms, picking the right one can be a challenge. In this blog, we compare Rancher vs. OpenShift — two popular options for managing Kubernetes clusters.