Empowering everyone to build reliable and efficient software.
The Rust Security Response WG was notified that Cargo did not respect the umask when extracting crate archives on UNIX-like systems. If the user downloaded a crate containing files writeable by any local user, another local user could exploit this to change the source code compiled and executed by the current user.
Empowering everyone to build reliable and efficient software.
The Rust Security Response WG was notified that Cargo did not respect the umask when extracting crate archives on UNIX-like systems. If the user downloaded a crate containing files writeable by any local user, another local user could exploit this to change the source code compiled and executed by the current user.
Does the certificate have a basic constraints extension with CA:TRUE set? Firefox doesn't allow that for certificates used as ‘end entity’ certificates. You'll want to re-generate the certificate without the extension.
Update on what happened across the GNOME project in the week from July 21 to July 28.
The complete changelog:
Improved migration experience for users switching to the ESR release. (bug 1845338)
Want to follow along with Rust development? Curious how you might get involved? Take a look!
Hello again from the Rust Leadership Council. In our first blog post, we laid out several immediate goals for the council and promised to report back on their progress. It has been about a month since our first update so we wanted to share how it's going and what we're working on now.
Update on what happened across the GNOME project in the week from July 15 to July 22.
I've been using Proton on Fedora and it's been pretty much seamless. Games will just work most of the time, but do check ProtonDB before purchase. I've not had much trouble running GOG games either, whether natively or through Bottles (a Wine frontend).
My CPU is older than yours (i5-4590), so that shouldn't be an obstacle as long as the games themselves don't require anything newer. Nvidia is a bad time in general, and while on most distros it will work most of the time there's no telling when it suddenly won't. You can make it work, but you'll sleep a bit better after you've switched to AMD.
so I can totally ditch chromium/electron
GNOME Web isn't Chromium-based and does support PWAs, so it might work for your usecase.
Someone I know recently switched from automatic bathroom lights to manual ones. Remembering to turn them on isn't an issue, but months later everyone still forgets to turn them off.
Empowering everyone to build reliable and efficient software.
The Rust team is happy to announce a new version of Rust, 1.71.0. Rust is a programming language empowering everyone to build reliable and efficient software.
What's in 1.71.0 stable ==========
- C-unwind ABI
- Debugger visualization attributes
- raw-dylib linking
- Upgrade to musl 1.2
- Const-initialized thread locals
Empowering everyone to build reliable and efficient software.
The Rust team is happy to announce a new version of Rust, 1.71.0. Rust is a programming language empowering everyone to build reliable and efficient software.
What's in 1.71.0 stable ==========
- C-unwind ABI
- Debugger visualization attributes
- raw-dylib linking
- Upgrade to musl 1.2
- Const-initialized thread locals
Empowering everyone to build reliable and efficient software.
The Rust team is happy to announce a new version of Rust, 1.71.0. Rust is a programming language empowering everyone to build reliable and efficient software.
What's in 1.71.0 stable ==========
- C-unwind ABI
- Debugger visualization attributes
- raw-dylib linking
- Upgrade to musl 1.2
- Const-initialized thread locals
And .box has been registered as a generic TLD now, so you could run into external .box domains.
They're not going to have open signups. It's government agencies only. Not that there's technically anything stopping Germans from joining the PR departments of our government agencies…
So what you're saying is that Twitter successfully kept out a bad actor.
It's a shame that most of the users they have left are also in that category, but hey, they seem to be working on it.
That's the real AI apocalypse:
- People outsourcing decisions to predictive text because they believe it thinks
- AI hallucinations becoming commonly accepted as truth, as generated articles bury actual knowledge in a flood of bull droppings
Bevy is a refreshingly simple data-driven game engine built in Rust. It is free and open-source forever!
Bevy is a refreshingly simple data-driven game engine built in Rust. It is free and open-source forever!
---
Since our last release a few months ago we've added a ton of new features, bug fixes, and quality of life tweaks, but here are some of the highlights:
- Screen Space Ambient Occlusion (SSAO): Increase scene render quality by simulating occlusion of "indirect" diffuse light
- Temporal Anti-Aliasing (TAA): A popular anti-aliasing technique that blends the current frame with past frames using motion vectors to smooth out artifacts
- Morph Targets: Animate vertex positions on meshes between predefined states. Great for things like character customization!
- Robust Constrast Adaptive Sharpening (RCAS): Intelligently sharpens renders, which pairs nicely with TAA
- WebGPU Support: Bevy can now render on the web faster and with more features using the modern WebGPU web API
- Improved Shader Imports: Bevy shaders now support granular imports and other new features
- Parallax Mapping: Materials now support an optional depth map, giving flat surfaces a feel of depth through parallaxing the material's textures
- Schedule-First ECS APIs: A simpler and more ergonomic ECS system scheduling API
- Immediate Mode Gizmo Rendering: Easily and efficiently render 2D and 3D shapes for debugging and editor scenarios
- ECS Audio APIs: A more intuitive and idiomatic way to play back audio
- UI Borders: UI nodes can now have configurable borders!
- Grid UI Layout: Bevy UI now supports CSS-style grid layout
- UI Performance Improvements: The UI batching algorithm was changed, yielding significant performance wins
You'll still have the people who are opposed to any telemetry at all, but I think that would do a lot to alleviate the concerns.
A poll like this is never going to be representative, unfortunately.
I'm using kbin Magazine Style Toggle to disable the custom styling on certain magazines, but I had to modify line 36 to make it work:
36c36
< let style = document.querySelector("head > style:nth-child(22)");
---
> let style = document.querySelector("head > style:nth-of-type(1)");
Is it likely then that Bottas' car stopped because it simply ran out of fuel? 0.09 litres seems very low.
As far as I know you can't set exceptions on mobile Firefox yet. It's rather annoying.
I hope I didn't accidentally pull you into this thread. I've heard the user experience of being mentioned in a /kbin post as a Mastodon user can be less than ideal.
On top of this not being at all final yet, there's nothing stopping you from just not having it enabled (nothing gets sent until you click through the privacy page with the toggle enabled). Could you explain why it's still such a big deal to you?
Fedora Project on Mastodon clarifies some things about the telemetry proposal
Yesterday a change proposal for Fedora 40 was made in Fedora Discussion. F40 Change Request: Privacy-preserving Telemetry for Fedora Workstation (System-Wide) https://discussion.fedoraproject.org/t/f40-change-request-privacy-preserving-telemetry-for-fedora-workstation-system-wide/85320 We understa...
Yesterday a change proposal for Fedora 40 was made in Fedora Discussion.
F40 Change Request: Privacy-preserving Telemetry for Fedora Workstation (System-Wide) https://discussion.fedoraproject.org/t/f40-change-request-privacy-preserving-telemetry-for-fedora-workstation-system-wide/85320
We understand that this is a controversial subject and want to take steps to clarify what is going on and how you can participate.
To quote from the proposal itself, “Keep in mind this Fedora change proposal is just that: a proposal. It must undergo community review and must be approved by the community-elected Fedora Engineering Steering Committee (FESCo) before it can be implemented, just like any other Fedora change proposal. We welcome community participation and fully expect this proposal may need to be modified significantly depending on Fedora community feedback.”
Change proposals are submitted by community members for community discussion. This is part of an intentional process so that all of us can see what is being proposed for the next releases of Fedora.
See here for more info on the change process: https://docs.fedoraproject.org/en-US/program\_management/changes\_policy/#\_change\_process
In addition, Project Leader https://fosstodon.org/@[email protected] is helping to triage the flow of the conversation in Discourse as it is prompting a lot of feedback. This is actually one of the first change proposals to be made in Discussion instead of a mailing list, and that has provided a new challenge 😅
See here for his notes on the conversation and how to engage: https://discussion.fedoraproject.org/t/f40-change-request-privacy-preserving-telemetry-for-fedora-workstation-system-wide/85320/319
In all, we’re grateful for the energy and passion the community has shown for this topic! We invite you to look at this and all change proposals coming down the pipeline. We do this in the open for a reason, and that’s to empower you to have a say in your distro.
To that end, let’s please keep the conversation surrounding this constructive. The best place to voice your thoughts and ask questions is in the original change proposal thread or its related threads linked at the top of the original (link below).
Our Four Foundations are important to us as guiding values in the project. Quoting our Friends foundation: “The Fedora community is made up of people from all walks of life, working together to advance free software. [...] Like any friends, we occasionally disagree on details, but we believe in finding an acceptable consensus to serve the interests of advancing free software.”
Update on what happened across the GNOME project in the week from June 30 to July 07.
It's not just the upstream for RHEL, it's also a pretty nice desktop operating system. So as a Fedora user I benefit very directly from Fedora working well. If you're not a Fedora user, then sure, there's probably something better that you could do to contribute to the distros you do use.
Invitation to the kernel v6.4 testing week for Fedora Linux July 9-16
These are all fine in the US, but in other countries not carrying proof of identity can get you into some trouble, as can refusing to talk to the police. Know your local laws.