| DistroWatch Weekly
|DistroWatch Weekly, Issue 555, 21 April 2014
Welcome to this year's 16th issue of DistroWatch Weekly! Security is a process which requires a great deal of attention to many aspects of an operating system. When security is a concern we need to consider privacy, anonymity, code quality and software configurations. This week we take a look at many different security tools, practices and security-focused distributions. We start with Robolinux, a distribution which attempts to provide a secure environment for former Windows users who still need to run Windows-only applications. In our news section we discuss Debian's policy on security certificates and a project which is helping people run communication infrastructure within their own homes. We will also talk about a tool journalists are using to keep their communications private and a utility the PC-BSD project is working on to help users keep up with security updates. Finally, we report on the OpenBSD's efforts to audit the widely used OpenSSL cryptography library. This past week saw the release of Ubuntu, one of the community's most popular Linux distributions, along with the release of many community distributions based on Ubuntu. Read on below to learn more about these releases and find out which community flavour we will be reviewing next week. In our Questions and Answers column this week we discuss software patents and multimedia support and why different distributions ship with varying degrees of multimedia support. As usual, we cover the distribution releases from the past week and look ahead to exciting developments to come. We wish you all a terrific week and happy reading!
- Reviews: First look at Robolinux 7.4.2
- News: Ubuntu release and stats, Debian drops CAcert certificates and extends Squeeze support, Tails receives praise in the press, OpenBSD audits OpenSSL library, PC-BSD and Porteus updates
- Questions and Answers: Multimedia support and patents
- Released last week: Ubuntu 14.04, Ultimate Edition 4.0, Tiny Core Linux 5.3
- New additions: KaOS
- New distributions: AlbatrOS, Albatross-X, AnitaOS, CoreOS, Serbian GNU/Linux
- Reader comments
|Feature Story (by Jesse Smith)
First look at Robolinux 7.4.2
Robolinux is a Debian-based distribution which ships with the GNOME 3 desktop software. The project's website places strong emphases on user-friendliness and the idea that people should be able to easily migrate from Windows to Robolinux. The distribution's website makes a number of remarkable claims, such as: "Now you have a secure modern looking PC with sparkling cool 3D eye candy graphics that boots up in seconds, runs much faster, and never slows down or freezes up. If you want to run Windows XP or 7 inside Robolinux, simply download the free Robolinux Virtual Machine installers." Personally, I raised my eyebrows at the idea of any desktop operating system running without ever freezing, but the promise of fast, reliable software (provided by the project's Debian base) combined with free tools to make transitions between operating systems easier certainly sounded nice. Robolinux comes in both 32-bit and 64-bit x86 builds. The download image for the distribution's latest release is approximately 1.8 GB in size.
Booting from the Robolinux media brings up a menu where we are asked if we wold like to launch the distribution's system installer or try running a live desktop environment from the installation media. Taking the live desktop option brings us to the GNOME 3 desktop which is running in Classic mode. The desktop environment is themed to look like OS X with an application menu at the top of the screen. Colourful quick-launch buttons and the task switcher sit at the bottom of the display. There are Icons on the desktop which open links to the project's documentation and the project's contact web page. There is also an icon for accessing a Windows virtual machine installer, but we will get to that later. Looking through the application menu I found several entries for installers. Some of these installers were for installing third-party hardware drivers, others for installing software from repositories, but I did not find the Robolinux system installer. To access the system installer I rebooted and selected the installation option from the boot menu.
Robolinux 7.4.2 - browsing the web with Robolinux's default browser
(full image size: 318kB, screen resolution 1280x1024 pixels)
Robolinux uses Debian's graphical system installer. The software walks us through the process of selecting our preferred language from a list, choosing our location/country and a keyboard layout. Next we are asked to assign a hostname to our computer and create a regular user account. Robolinux appears to not use a separate root/administrator account and, instead, gets the user to perform administrative actions using the sudo command. The system installer gets us to select our time zone from a list of locations and then we are brought to the partitioning screen. We have the option of manually carving up our hard disk or taking a guided option. I went with the guided partitioning tool and found it created two partitions for me, a system partition formatted with the ext4 file system and a swap partition. The final screen of the installer asks us if we would like to install the GRUB boot loader. When the installer finishes its tasks it automatically reboots the machine, bringing us to a graphical login screen.
Robolinux uses GNOME 3's Classic interface as its default desktop. It is possible to switch from the Classic mode to GNOME Shell via an option on the login screen. The distribution ships with GNOME 3.4 which is starting to show its age a bit, but I found the classic interface to be quite functional. Earlier I mentioned that there is an icon on the desktop for downloading Windows virtual machine installers. Launching this icon brings us to a page on Robolinux's website where we are asked to donate $2 to use the project's virtual machine technology. Reading through the documentation for the supplied virtual machine technology it seems as through the offered download just provides a script which helps us set up a virtual machine. We can then install Microsoft Windows into this virtual machine, assuming we have installation media for the Windows operating system. The documentation provides steps for setting up the virtual machine and I couldn't help noticing that the steps seem more roundabout and numerous than the steps required to install an operating system in VirtualBox. This is especially interesting to me since Robolinux ships with a copy of VirtualBox in the default installation.
Robolinux 7.4.2 - running various desktop applications
(full image size: 297kB, screen resolution 1280x1024 pixels)
After using Robolinux for a while I noticed there hadn't been any notification of software updates. I went into the application menu and launched the distribution's update manager. The update manager is a small, graphical application that lists available updates and allows us to mark which items we want to download. Only one update was available the day I installed Robolinux and it downloaded and applied cleanly.
Robolinux comes with plenty of useful software, including Firefox and Google's Chrome web browsers. The distribution ships with the Transmission bittorrent client, the Empathy messaging software, the LibreOffice productivity suite and the Evolution e-mail client. We are provided with a document viewer, the VLC multimedia player, the Totem media player and the Rhythmbox audio player. An iPod manager is included along with the Brasero disc burning software and an audio CD ripping application. The GNU Image Manipulation Program is included in the application menu along with the Inkscape drawing application and the Shotwell photo manager. Robolinux comes with a handful of small games, an archive manager, virtual calculator and a text editor.
The distribution includes a text-to-speech screen reader and administrative tools for managing the network and printers. By default, Robolinux uses Network Manager to help us get on-line. The application menu is further populated with links for downloading third-party device drivers. Digging further I found Robolinux ships with the Flash player plugin, Java and the GNU Compiler Collection. Codecs are included for playing most multimedia formats. I found the Totem multimedia player would play anything I threw at it, but the version of the VLC media player which is provided would play audio files only. For some reason attempting to play video files in VLC would cause the application to lock up. In the background Robolinux runs on the Linux kernel, version 3.2.
Robolinux 7.4.2 - managing software packages
(full image size: 217kB, screen resolution 1280x1024 pixels)
Should we require additional software, Robolinux provides us with two graphical package managers. The first is labeled Add/Remove Software and this application offers a simple interface. Down the left side of the application's window we see categories of software. Over on the right side we see a list of packages available in the selected category. Software packages can be marked for installation or removal by clicking a checkbox next to the package's name. We can also search for items by name. I found the interface of Add/Remove Software a bit sluggish, but otherwise the software worked well for me. The second graphical package manager is Synaptic. While Synaptic does not have a pretty interface, it is fast. Synaptic also allows us to browse categories of software, and add or remove packages by checking a box next to the software's name.
Shortly after installing Robolinux I noticed that many of the software packages I was searching for (and knew to be in Debian's repositories) were not showing up in search results. Using Synaptic, I checked the list of software repositories being used. Most packages were apparently being pulled from Debian, with some third-party repositories providing copies of VirtualBox and the Chrome web browser. I found that some Debian repositories were not being used and attempted to add them through Synaptic. The changes did not stick and I eventually dropped to the command line in order to manually edit the package manager's list of software sources. Once all of Debian's repositories were enabled I was able to find the software I wanted.
I tried running Robolinux in two environments, a physical desktop machine and in a virtual machine provided by VirtualBox. I found Robolinux ran smoothly inside VirtualBox. The distribution booted fairly quickly, ran smoothly and the GNOME Classic desktop was responsive. The distribution required about 155MB of memory to sign into the default desktop environment. When I attempted to run Robolinux on my physical desktop I found the distribution would not complete its boot process. This left me to experiment with Robolinux entirely within the virtual environment.
Robolinux is one of those distributions which regularly provides me with pleasant surprises and unfortunate disappointments. For instance, the project's website says the virtual machine technology it offers is free of charge. However, this is misleading as the website insists on a donation in order to download the software. It is also not clear from the provided documentation what the advantages Robolinux's virtual machine technology offers over the free technology provided in the default installation. Perhaps Robolinux does offer something better than VirtualBox and snapshots, but I feel the documentation doesn't make those advantages clear. Robolinux also disappointed me by not enabling the full range of Debian repositories, leaving me to tinker with the configuration manually. I feel that, given the project's focus on user friendliness, this is an unfortunate oversight.
On the other hand, there were aspects of the distribution I greatly appreciated. One was the great collection of default software. Robolinux comes with many great applications, ranging from productivity software to web browsing to virtual machines and accessibility tools. I think many users will find everything they need in the default collection of applications. I was also pleasantly surprised by the look and feel of the default desktop environment. Personally, I do not like the OS X desktop interface, I find it awkward and restricting. I also typically do not like to use GNOME 3 for the same reasons. However, GNOME running in Classic mode with an OS X theme somehow managed to give me a smooth experience. I was pleasantly surprised to find the interface was fast to respond, uncluttered and not nearly as annoying dynamic as other Linux-based OS X themes I have tried in the past. I will admit to being a configuration junkie and would have liked to have had more options, but the default look and behaviour of the Robolinux desktop was quite good and I suspect it will be pleasantly familiar to former OS X users.
There were aspects of Robolinux which were not good or bad, but in hindsight feel odd. For example, the project's website talks a good deal about running Windows software and being a safe alternative to Windows. I assumed the distribution would be targeting people coming from Windows, but the default user interface is themed to look and act like OS X. Also, there are plenty of virtual machines and short-cuts to help users set up Windows in a virtual machine and, again, the documentation talks about Robolinux being a safe operating system where Windows application can be run. However, Robolinux does not ship with WINE, which seems like an oversight considering the target audience. All in all, I'm not sure if I can recommend Robolinux or not. The distribution has some good strengths, a solid base and useful software. I even liked the interface, to my surprise. However, the distribution's strengths and weaknesses do not seem to line up with the project's stated goals.
* * * * *
Hardware used in this review
My physical test equipment for this review was a desktop HP Pavilon p6 Series with the following specifications:
- Processor: Dual-core 2.8 GHz AMD A4-3420 APU
- Storage: 500 GB Hitachi hard drive
- Memory: 6 GB of RAM
- Networking: Realtek RTL8111 wired network card
- Display: AMD Radeon HD 6410D video card
|Miscellaneous News (by Jesse Smith and Ladislav Bodnar)
Ubuntu release and stats, Debian drops CAcert certificates and extends Squeeze support, Tails receives praise in the press, OpenBSD audits OpenSSL library, PC-BSD and Porteus updates
This past week saw the release of Ubuntu and the many community editions which draw from the Ubuntu software repositories. Despite the many controversies which have surrounded Ubuntu over the past few years, it remains a widely-used distribution, both on desktop and server machines. The latest Ubuntu release is a long-term support (LTS) offering, meaning it will receive security updates for the next five years. Community projects will, likewise, enjoy extended support for three to five years. Last week we mentioned our intention to review Ubuntu's main edition along with one community edition and opened the selection of which community distribution would be reviewed to a vote. In total, 70 people e-mailed in votes and nearly half the entries (after duplicate votes by people spamming the system were removed) were for Xubuntu. The Xubuntu project received 34 votes, followed by Lubuntu with 12 and Kubuntu with 11. Six people wrote in support for Ubuntu GNOME. Ubuntu Kylin, Ubuntu Server and Mythbuntu each received one vote. The Zorin OS distribution also received a vote, despite not being an official Ubuntu community edition. As a result of these votes, in the coming weeks we will be featuring reviews of Ubuntu and Xubuntu.
The Ubuntu release day always draws an enormous crowd to this website, but last Thursday was exceptionally busy, breaking many all-time records around here. The main page of DistroWatch received a total of 191,527 visits (an all-time high) of which 63,793 came from unique IP addresses. The Ubuntu page itself got 10,519 visits from unique IP addresses, also an all-time record for an individual distribution page. This was rather surprising considering that the official Ubuntu 14.04 announcement was made unusually late in the day, about 7 hours before midnight GMT (although the Ubuntu page had been updated for 14.04 a lot earlier - at around 04:00 GMT). The overall number of visits on the Ubuntu page on Thursday, Friday and Saturday came to 21,551 page hits from unique IP addresses - also an all-time record. For comparison, the equivalent number for the Ubuntu 13.10 release was only 14,913. Of the official Ubuntu derivatives the second most popular in terms of page views over the three days was Lubuntu (8,383), followed by Ubuntu GNOME (7,748), Xubuntu (6,919), Kubuntu (6,020), Ubuntu Studio (3,686), Ubuntu Kylin (3,641) and Mythbuntu (2,512).
* * * * *
One of the big issues when dealing with security is knowing who to trust. On the Internet it can be difficult to know to whom we are talking. This leads to a form of authentication called certificates which, hopefully, links people together in an unbroken chain of trust. At the root of these certificates of trust are certificate authorities , organizations which act as third-parties who help confirm the identity of a certificate holder. Because of their important position in the process of verifying a person's or organization's identity, the security processes of a certificate authority are very important. The Debian distribution recently made the decision to stop supporting certificates signed by CAcert, an organization which offers free certificates and supplies its source code under an open source license. Concerns were raised in a bug report as to whether CAcert maintains proper security practices and Debian has decided to stop distributing their root certificate. The move to drop CAcert's certificate was met with much debate over which certificate authorities should be trusted and why. Daniel Kahn Gillmor, in particular, raised an interesting concern, stating: "Some of these CAs are simply "too big to fail" right now; CAcert is not, so they're getting called out for their lack of security, whereas we simply can't afford to drop the other CAs because users would complain about not being able to reach their favorite websites. This tension results in further concentration of business among the "too big to fail" CAs (since they're the only ones who can issue acceptable certs, which ironically results in them being even less accountable to relying parties in the future. This is not a good long-term dynamic."
It has been rumoured for a while, but last week it became official - the current "oldstable" version of Debian GNU/Linux (version 6.0 "Squeeze") will receive extra security support lasting until February 2016. This will effectively make Squeeze a long-term support release, as it will have received a total of five years of security support (instead of planned three). From the announcement: "This is an advance notice that regular security support for Debian GNU/Linux 6.0 (code name "Squeeze") will be terminated on the 31st of May. However, we're happy to announce that security support for Squeeze is going to be extended until February 2016, i.e. five years after the initial release. This effort is driven by various interested parties / companies which require longer security support. See the "LTS" section of for the initial announcement. The details are currently being sorted out and a more detailed announcement will be made soon." This is excellent news for those system administrators who are responsible for large farms of Debian servers. Any upgrade process, no matter how well tested and reliable, is always a time-consuming affair which few sysadmins look forward to. Luckily for them, the Debian security team has been listening to their concerns and has responded with great news.
FreedomBox is a community project which attempts to put together all the pieces a home user would need to easily host their own server. The idea behind FreedomBox is to allow people to create their own infrastructure for hosting web content and Internet-based communication, removing reliance on third-party service providers. One of the goals of FreedomBox is to allow users to gather and assemble all the required FreedomBox components from within an existing Debian installation. That goal has nearly been reached, "Today, the last of the packages currently used by the project to created the system images were accepted into Debian Unstable. It was the freedombox-setup package, which is used to configure the images during build and on the first boot. Now all one need to get going is the build code from the freedom-maker git repository and packages from Debian. And once the freedombox-setup package enters testing, we can build everything directly from Debian." With this move the project is one step closer to making it easy for home users to install the FreedomBox software on inexpensive consumer hardware.
* * * * *
It is not often we hear of Linux being mentioned in the mainstream media and it is very rare indeed when we hear talk of specialty distributions. It is a pleasant surprise to see the Tails security-oriented distribution being discussed on the Freedom of the Press website. Tails, a Debian-based project that focuses on privacy and security, was applauded for its role in helping journalists work privately and communicate with sources securely. One journalist, Barton Gellman, was quoted praising the Tails distribution, saying: "Privacy and encryption work, but it's too easy to make a mistake that exposes you. Tails puts the essential tools in one place, with a design that makes it hard to screw them up." The article points out the Tails project has limited finances and invites people to donate to Tails in order to help preserve freedom of speech and freedom of the press.
* * * * *
Keeping an operating system and its many packages up to date with security patches can be a daunting and confusing task. In few places are the challenges more apparent than in operating systems such as PC-BSD, where multiple package formats and installation vectors are supported. PC-BSD users often have the base operating system, packages, source ports and PBI bundles all installed at the same time. Luckily, the PC-BSD project is moving forward with a unified upgrade solution which helps users keep all aspects of their system up to date. "Update Center is moving forward, and has received some fine-tuning this week to help bring it into PC-BSD as the one-stop utility for managing updates. We'd like to add a special thanks to the author Yuri for primary design and layout for the update center. Ken will also be working to help smooth out GUI design elements and help with integrating it fully into PC-BSD."
* * * * *
In the wake of the Heartbleed bug, a vulnerability in the OpenSSL cryptography library, developers of the OpenBSD operating system have decided to audit and improve OpenSSL's code. A post on Undeadly reports: "The denizens of lobste.rs (and no doubt you, eagle-eyed reader!) have made note of the ongoing rototilling of the OpenSSL code in OpenBSD, and Joshua Stein has chimed in with a quick breakdown of the action thus far." The post goes on to list aspects of the OpenSSL code which are being examined or changed. FreeBSD developer, Poul-Henning Kamp, has also weighed in on OpenSSL and has some comments on why security is so difficult: "No one was ever truly in charge of OpenSSL, it just sort of became the default landfill for prototypes of cryptographic inventions, and since it had everything cryptographic under the sun (somewhere , if you could find out how to use it), it also became the default source of cryptographic functionality. I'm sure more than one person has thought "Nobody ever got fired for using OpenSSL". And that is why everybody is panicking on the Internet as I write this."
* * * * *
Last week several readers have alerted us to the fact that the website of Porteus, an excellent Slackware-based distribution with a choice of several lightweight desktop environments, has gone AWOL (absent without official leave). Although the brief note on the website was alarming, it turned out that the problem was simply the result of bandwidth limitation. A few days later a post by the website's administrator explained the unfortunate event that made the project (including its repositories) inaccessible: "As some of you have noticed porteus.org went down yesterday. We got plenty of emails and messages from people asking what happened (some were even funny like 'is Porteus dead?'). The answer is: 'we had some troubles but were able to overcome them after some heated discussion. Overall - we are back and stronger.' What actually happened? Here is the whole story: Porteus is a non profit organization which has not generate any direct income so far. Our funds come only from donations and DuckDuckGo search engine. Maintaining a distro means expenses - we have to pay for the server, domain and SSL certificate. ... Everything was nice and dandy till Porteus grew in popularity: 3.0 release almost killed our server. The situation became awkward when Porteus (which is hosted for free) started affecting the clients who pay money to get served."
|Questions and Answers (by Jesse Smith)
Multimedia support and patents
Playing-with-media asks: Why are Debian and Slackware able to ship with MP3 support while Ubuntu, CentOS and openSUSE are not? Are they governed by the same patent laws?
DistroWatch answers: In many cases the various distributions may not, in fact, be governed by the same patent laws. Software patents are not valid in most parts of the world and, therefore, developers in most nations have little concern for whether an algorithm is patented. Software patents are legal and enforced in the United States of America and, I believe, Japan, but are generally seen as invalid in the rest of the world.
Some organizations may consider themselves to be at higher legal risk than others and this can affect their stance on patents. For instance, Red Hat Enterprise Linux, CentOS and Fedora all have close ties to Red Hat. Red Hat is a company which makes money from its Linux-based business. Since Red Hat is also based in the USA this makes Red Hat a fairly inviting legal target if they violate USA patent law. Likewise, the openSUSE website points out the distribution does not ship packages if the "software violates laws concerning software distribution in jurisdictions where Novell conducts business." On the other hand, Debian and Slackware (despite their many members and users) are small projects from a financial perspective and not likely to be brought to court as a lawsuit would unlikely be profitable for the holder of any software patents. (Yes, that's the kind of twisted world we are living in!)
Some organizations try to shift responsibility to the end-user with regards to whether it is legal for them to download and use patented software. The Ubuntu distribution, for example, asks users at install time whether they would like to include mp3 support in the distribution. The Linux Mint project features multiple editions, some which ship with software covered by patents and others which do not include patent-encumbered software. This approach gives projects some wiggle room with regards to patents while providing the user with the option to include multimedia support right from the start.
|Released Last Week
Lightweight Portable Security 1.5.1
An updated version of Lightweight Portable Security (LPS), a privacy-oriented Linux live CD developed in the USA by Software Protection Initiative, is now available for download: "Version 1.5.1 of LPS is now available. Changes: fixed DNSCrypt feature; fixed printing; added power management controls; added support for Express Card CCID smartcard readers; updated encryption wizard to 3.4.1; updated Firefox to 24.4.0 ESR; updated Adobe Flash Player to 188.8.131.520; updated OpenSSH to 6.6p1; updated Firefox extension NoScript to version 184.108.40.206; updated Thunderbird to 24.4.0 (Deluxe edition only); Linux Kernel version 3.10.35." See the complete changelog for information about all the recent additions and software upgrades.
Slackel 6.0 "Live Openbox"
Dimitris Tzemos has announced the release of Slackel 6.0 "Live Openbox" edition, a live variant of the project's lightweight Linux distribution based on Slackware's "Current" branch: "Slackel Live 6.0 Openbox includes the latest 3.10.30 kernel and the latest updates from Slackware's 'Current' tree. Slackel is based on Slackware Linux and Salix. The graphical session is powered by the lightweight and minimal Openbox window manager which is comprised of a single, transparent panel located on the bottom edge of the screen. From this bottom taskbar, users can easily and quickly access the main menu, launch applications, interact with running programs and the system tray area, as well as switch between virtual workspaces. Default applications include the Exaile audio player, ISO Master CD/DVD image creator and editor, Whaaw! media player...." Continue to the release announcement for full details.
Rocks Cluster Distribution 6.1.1
Philip Papadopoulos has announced the release of Rocks Cluster Distribution 6.1.1, a CentOS-based distribution for building real and virtual clusters: "The latest update of Rocks, code name 'Sand Boa', is now released. Sand Boa is a 64-bit only release and is based upon CentOS 6.5. The Rocks-supplied OS rolls have all updates applied as of April 14, 2014. This includes updates for the OpenSSL Heartbleed vulnerability. Support for ZFS has been updated to version 0.6.2. Condor is now the HTCondor roll is at release 8.0.6. Also included is a new roll called fingerprint that dynamically determines dependencies of compiled code on both Rocks and non-Rocks systems. Enhancements and bug fixes: rocks add host verifies hostname is not an appliance name; fix reverse path filtering on centos 6.x...." See the release announcement and release notes for more details.
IPFire 2.13 Core 76
Michael Tremer has announced the release of IPFire 2.13 Core 76, a new build of the specialist firewall distribution that fixes a security issue in strongSwan: "This is the official release announcement for IPFire 2.13 – Core Update 76. It comes with a security fix for the strongSwan package which is responsible for IPsec VPN connections. The vulnerability has got the number CVE-2014-2338. It was possible to bypass the authentication and therefore to overtake a VPN connection whilst the original peers are rekeying. IKEv1 connections are not vulnerable, but IKEv2. Please update as soon as possible. I would also like to draw your attention towards the upcoming release of IPFire 2.15. The first release candidate has been released a couple of weeks ago and we are searching for testers to find any last-minute bugs." Here is the brief release announcement.
DEFT Linux 8.1
Stefano Fratepietro has announced the release of DEFT Linux 8, a Lubuntu-based distribution and live DVD with a large collection of open-source utilities for digital forensics and penetration testing: "During the third national conference DEFTCON we presented DEFT 8.1. What's new? file manager - we implemented the disk mount status - if the disk is mounted in read-only mode the eject button is green, if it's read-write mode (a further confirmation will be required before going in this mode) the eject button is orange; full support for BitLocker encrypted disks; The Sleuth Kit 4.1.3, Digital Forensics Framework 1.3; full support for Android and iOS 7.1 logical acquisitions; JD GUI; Skype Extractor 0.1.8.8,; Maltego 3.4 Tungsten; a new version of the OSINT browser; Fixed a bug in sources.list; full update of the deft packages and DART 2 software and tools." Here is the brief release announcement.
Version 14.04 of Ubuntu, a popular Linux distribution with a highly customised user interface called Unity, has been released. This is a version with long-term (5 years) of security support and a convenient upgrade path from the previous release with long-term support features (version 12.04). From the press release: "Canonical announces the latest Ubuntu release, 14.04 LTS desktop will be available for download from the 17th April 2014. The long-term support (LTS) release is supported and maintained by Canonical for five years, making it the most stable, reliable, secure and cost-effective desktop for long-term, large scale deployments within enterprise and public sector organisations today." Read the comprehensive release notes for a detailed description of new features and known issues.
Ubuntu 14.04 - a distribution that will be supported for five years
(full image size: 1,022kB, screen resolution 1280x1024 pixels)
Mario Behling has announced the release of Lubuntu 14.04, a lightweight variant of Ubuntu that provides the minimalist LXDE desktop and a selection of light applications: "Julien Lavergne has released Lubuntu 14.04. Features: based on the lightweight LXDE desktop environment; PCManFM, a fast and lightweight files manager using GIO/GVFS; Openbox, a fast and extensible default window manager of LXDE; LightDM, a simple GTK+ greeter; Firefox, the famous web browser; based on Ubuntu 14.04 LTS. Improvements since Lubuntu 13.10: LTS Support (3 years); new PCManFM (version 1.2.0) with a lot of new features (folder settings, dual-pane view, menu editing); new LXSession default applications with a new user interface; an update of the artwork (new icons, theme update)." See the release announcement and release notes for more information.
Ubuntu Kylin 14.04
Ubuntu Kylin is an official flavour of Ubuntu developed specially for users in China and, unlike other official variants, generously promoted on the Ubuntu website. What's new in version 14.04? "In this final release, the Linux kernel is upgraded to 3.13 and Unity is upgraded to 7.2. Specifically designed for efficient Chinese input, 14.04 LTS uses the Sogou Input Method, a typing tool that provides intelligent predictive search and auto-completion. Sogou, combined with the Kingsoft WPS office suite, makes Ubuntu Kylin 14.04 LTS even faster and easier to use when creating documents and browsing the web. The new release also includes Kingsoft Kuaipan, the cloud file synchronising application, which offers a maximum of 2 TB personal cloud storage." Read the release announcement (in Chinese) and the release notes (in English, with screenshots) for further information.
Ubuntu Kylin 14.04 - an Ubuntu built for the Chinese market
(full image size: 569kB, screen resolution 1280x1024 pixels)
Edubuntu 14.04, the latest version of an official Ubuntu variant designed primarily for educational and non-profit environments, has been released: "The Edubuntu development team announces today the release of Edubuntu 14.04 LTS. As the second long-term support release of the Edubuntu, this version will be supported for 5 years, until April 2019. The Edubuntu development team will also provide 'point releases' in sync with Ubuntu to offer new installation media containing all the latest bug fixes and hardware enablement stacks. As usual, Edubuntu inherits most of the changes that occur in Ubuntu. Additionally, this release brings you: Epoptes 0.5.7, an update to the popular classroom management software suite; new major version of LTSP (5.5.x), including numerous bug fixes, speed improvement, lowering bandwidth requirements and improving fat client support." See the release announcement for more details.
Jonathan Riddell has announced the release of Kubuntu 14.04, a new version of the desktop Linux distribution shipping with the shiny new KDE 4.13.0: "Welcome to Kubuntu 14.04 LTS, a brand new long-term supported version with the latest KDE software to enjoy. Long-term support means that bug fixes and security updates will be added for the next 5 years, so you can be safe to use it until 2019. New releases of important KDE software will also be available from the Kubuntu Updates and Kubuntu Backports PPAs. Software highlights: the KDE Applications and Platform 4.13 release introduces a greatly improved semantic search as well as stabilization and improvements in key applications like Okular; Mozilla Firefox 28 as default web browser; Muon Suite 2.2 brings additional improvements to our Software Center applications...." Read the rest of the release announcement for a full list of features and screenshots.
Ubuntu GNOME 14.04
Ali Jawad has announced the release of Ubuntu GNOME 14.04, the latest update of this official Ubuntu flavour featuring the vanilla GNOME 3.10 desktop: "The Ubuntu GNOME team is proud and happy to announce the release of Ubuntu GNOME 14.04 LTS. Ubuntu GNOME is an official flavour of Ubuntu, featuring the GNOME desktop environment. Ubuntu GNOME is a mostly pure GNOME desktop experience built from the Ubuntu repositories. This is our very first long-term support (LTS) version. Features: Most of GNOME 3.10 is now included, the few missing bits of 3.10 are available in PPA; with GNOME 3.10 comes enhanced support for online accounts, and some general optimization of the user interface; a set of 10 new high-quality wallpapers are included; GNOME Classic session is included...." Read the brief release announcement and visit the detailed release notes for further information and screenshots.
Ubuntu GNOME 14.04 - the project's first LTS version
(full image size: 1,814kB, screen resolution 1280x1024 pixels)
KaOS is a desktop Linux distribution which was originally inspired by Arch Linux, but which is independently built and maintained using a rolling-release development model. It features the latest KDE desktop, the Calligra office suite and many popular KDE/Qt applications. A new version celebrating the project's first anniversary was released yesterday: "Many might not know, but it is one year to this date the website went live, the repositories came online, the forum was activated for what has since become the KaOS distribution. A nice way of celebrating this anniversary is with a new ISO image featuring the major new release, KDE 4.13.0. KDE 4.13 features a move to Baloo which poses a major improvement in semantic search for KDE. Other changes affected Kate, Okular, Marble and Palapelli. The artwork has had quite some changes too since the last release." Read the rest of the release announcement for further information.
Pasi Lallinaho has announced the release of Xubuntu 14.04, a desktop distribution shipping with the latest development build of the Xfce desktop, version 4.11: "The Xubuntu team is pleased to announce the immediate release of Xubuntu 14.04. Xubuntu 14.04 is an LTS (long-term support) release and will be supported for 3 years. The highlights of this release include: Light Locker replaces XScreenSaver for screen locking, a settings GUI is included; the panel layout is updated, it now uses Whisker Menu by default; Mugshot is included to allow editing personal preferences; MenuLibre for menu editing with full Xfce support replaces Alacarte; a community wallpapers package which includes work from the five winners of the wallpaper contest; GTK+ Theme Config to customize desktop theme colors; updated artwork, including various enhancements to themes as well as a new default wallpaper." Here is the release announcement with known issues and acknowledgements.
Xubuntu 14.04 - now using the Whisker menu
(full image size: 358kB, screen resolution 1280x1024 pixels)
Ubuntu Studio 14.04
Kaj Ailomaa has announced the release of Ubuntu Studio 14.04, a customised variant of Ubuntu with a range of multimedia and content creation programs for audio, graphics, video, photography and publishing: "We're happy to announce our latest LTS release. Ubuntu Studio 14.04 will be supported for three years. Since it's just out, you may experience some problems. Read about them under known issues. Short list of new features: the installer has a new plugin which allows you to choose which packages to install out of our workflows - audio, video, graphics, photography and publishing, so you no longer need to install all the packages; Linux low-latency code is now merged with Linux generic, so it's better streamlined and follows all Linux generic changes more exactly; EFI support." Read the full release announcement for a rather long list of known issues and suggested solutions.
Thomas Mashos has announced the availability of Mythbuntu 14.04, the new stable version of an Ubuntu-derived distribution that makes it simple to set up a standalone MythTV system: "After some last-minute critical fixes and ISO respins by the release team, the Mythbuntu team is proud to announce that we have released Mythbuntu 14.04 LTS. This is the Mythbuntu team's second LTS release and will be supported until shortly after the 16.04 release. With this release, we are providing mirroring on sponsored mirrors and torrents. It is very important to note that this release is only compatible with MythTV 0.27 systems. The MythTV component of previous Mythbuntu releases can be upgraded to a compatible MythTV version by using the Mythbuntu repository. Highlights: a recent snapshot of the MythTV 0.27 release is included; Mythbuntu theme fixes." Here is the release announcement with a brief list of known issues.
Simplicity Linux 14.4
David Purse has announced the release of Simplicity Linux 14.4, the new stable release of the project's Puppy-based distributions for desktops and netbooks: "Simplicity Linux 14.4 is now available for download. It is based on the excellent Slacko Puppy 5.6.5, and uses LXDE as a desktop environment. There are three different versions this release cycle: Netbook, Desktop and X. Netbook 14.4 is designed to be fast and light, for people who just want an OS, a browser, and not much else. It comes with Chrome as the default browser and on the fully customisable dock you can also access MPlayer for playing media files. Desktop 14.4 is designed to be a more heavyweight Linux. It also uses the LXDE desktop environment, and comes preinstalled with Dropbox, Chrome, Skype, LibreOffice, Thunderbird, and a more refined audio mixer. All these applications are available from the dock, making access easy." Read the rest of the release announcement for more information.
Soren Jacobsen has announced the release of NetBSD 6.1.4, the latest stable version of NetBSD incorporating all the recent security and bug fixes, including a fix to OpenSSL's "heartbleed" vulnerability. Simultaneously, the 6.0 branch was updated to version 6.0.5. From the release announcement: "The NetBSD Project is pleased to announce NetBSD 6.1.4, the fourth security and bug-fix update of the NetBSD 6.1 release branch, and NetBSD 6.0.5, the fifth security and bug-fix update of the NetBSD 6.0 release branch. They represent a selected subset of fixes deemed important for security or stability reasons, and if you are running a prior release of either branch, we strongly suggest that you update to one of these releases." Important security fixes include: "posix_spawn unbounded kernel memory allocation; OpenSSL information disclosure." Read the release notes for a full list of changes.
Tiny Core Linux 5.3
Version 5.3 of Tiny Core Linux, the latest stable build of the fast and minimalist (less than 15 MB) desktop Linux distribution built from scratch, has been released and is now available for download: "Team Tiny Core is pleased to announce the release of Tiny Core Linux 5.3: Changelog: BusyBox - updated nosuid to 1.22.1, added ntpd, corrected dc failure, modified wget timeout to 10s; tce-load - don't show an error when extension contains multiple modules; tc-config - change owner /tmp/tce/optional to support tftplist (thanks to Gerald Clark); tce-load - use sudo when unmounting meta-extensions; added full path to sudo commands; tc-config - introduce ntpserver boot option; switch getTime.sh to ntpd; replace aliases with functions in useBusyBox." Here is the brief release announcement.
Ultimate Edition 4.0
Ultimate Edition 4.0, another new release of the Ubuntu-based distribution (this time in MATE and GNOME variants), comes just two weeks after version 3.9: "Once again I am not going to make a big deal out of this release. It is very nice and works very well; however, it is based on the Ubuntu 13.10 'Saucy Salamander' branch and has very limited support time left. Our efforts once Ultimate Edition 4.1 is released is undivided concentration on Ultimate Edition 4.2 and Ultimate Edition 4.3, a long-term supported (LTS) release, previously released as a beta. Repostorm is honing Mate 1.8 to perfection with each line of code I write, the base of what will be in Ultimate Edition 4.2 Lite. A lot of catchup is going on in the persuit to perfection as I am hoping to present you in the release of Ultimate Edition 4.2." Here is the brief release announcement.
* * * * *
Development, unannounced and minor bug-fix releases
|Upcoming Releases and Announcements
Summary of expected upcoming releases
New distributions added to database|
* * * * *
New distributions added to waiting list
- AlbatrOS. AlbatrOS is a Linux-based live CD, developped by the team of the LinuxConsole Project, which is primarily designed to turn old and semi-old computers into game console centres.
- Albatross-X. Albatross-X is a 32-bit Linux-based desktop operating system featuring the Xfce graphical desktop environment.
- AnitaOS. AnitaOS is a Puppy-based distribution designed to be run on older computers.
- CoreOS. CoreOS is a minimal server operating system based on the Linux kernel and designed to be run in clusters.
- Serbian GNU/Linux. Serbian GNU/Linux is a desktop distribution which combines the KDE desktop with a Debian base. The website and distribution are presented in the Serbian language.
* * * * *
DistroWatch database summary
* * * * *
This concludes this week's issue of DistroWatch Weekly. The next instalment will be published on Monday, 28 April 2014. To contact the authors please send email to:
- Jesse Smith (feedback, questions and suggestions: distribution reviews, questions and answers, tips and tricks)
- Ladislav Bodnar (feedback, questions, suggestions and corrections: news, donations, distribution submissions, comments)
- Bruce Patterson (feedback and suggestions: podcast edition)
If you've enjoyed this week's issue of DistroWatch Weekly, please consider sending us a tip.
(Tips this week: 0, value: US$0.00)
|Linux Foundation Training
|• Issue 746 (2018-01-15): deepin 15.5, openSUSE's YaST improvements, new Ubuntu 17.10 media, details on Spectre and Meltdown bugs|
|• Issue 745 (2018-01-08): GhostBSD 11.1, Linspire and Freespire return, wide-spread CPU bugs patched, adding AppImage launchers to the application menu|
|• Issue 744 (2018-01-01): MX Linux 17, Ubuntu pulls media over BIOS bug, PureOS gets endorsed by the FSF, openSUSE plays with kernel boot splash screens|
|• Issue 743 (2017-12-18): Daphile 17.09, tools for rescuing files, Fedora Modular Server delayed, Sparky adds ARM support, Slax to better support wireless networking|
|• Issue 742 (2017-12-11): heads 0.3.1, improvements coming to Tails, Void tutorials, Ubuntu phasing out Python 2, manipulating images from the command line|
|• Issue 741 (2017-12-04): Pop!_OS 17.10, openSUSE Tumbleweed snapshots, installing Q4OS on a Windows partition, using the at command|
|• Issue 740 (2017-11-27): Artix Linux, Unity spin of Ubuntu, Nitrux swaps Snaps for AppImage, getting better battery life on Linux|
|• Issue 739 (2017-11-20): Fedora 27, cross-distro software ports, Ubuntu on Samsung phones, Red Hat supports ARM, Parabola continues 32-bit support|
|• Issue 738 (2017-11-13): SparkyLinux 5.1, rumours about spyware, Slax considers init software, Arch drops 32-bit packages, overview of LineageOS|
|• Issue 737 (2017-11-06): BeeFree OS 18.1.2, quick tips to fix common problems, Slax returning, Solus plans MATE and software management improvements|
|• Issue 736 (2017-10-30): Ubuntu 17.10, "what if" security questions, Linux Mint to support Flatpak, NetBSD kernel memory protection|
|• Issue 735 (2017-10-23): ArchLabs Minimo, building software with Ravenports, WPA security patch, Parabola creates OpenRC spin|
|• Issue 734 (2017-10-16): Star 1.0.1, running the Linux-libre kernel, Ubuntu MATE experiments with snaps, Debian releases new install media, Purism reaches funding goal|
|• Issue 733 (2017-10-09): KaOS 2017.09, 32-bit prematurely obsoleted, Qubes security features, IPFire updates Apache|
|• Issue 732 (2017-10-02): ClonOS, reducing Snap package size, Ubuntu dropping 32-bit Desktop, partitioning disks for ZFS|
|• Issue 731 (2017-09-25): BackSlash Linux Olaf, W3C adding DRM to web standards, Wayland support arrives in Mir, Debian experimenting with AppArmor|
|• Issue 730 (2017-09-18): Mageia 6, running a completely free OS, HAMMER2 file system in DragonFly BSD's installer, Manjaro to ship pre-installed on laptops|
|• Issue 729 (2017-09-11): Parabola GNU/Linux-libre, running Plex Media Server on a Raspberry Pi, Tails feature roadmap, a cross-platform ports build system|
|• Issue 728 (2017-09-04): Nitrux 1.0.2, SUSE creates new community repository, remote desktop tools for GNOME on Wayland, using Void source packages|
|• Issue 727 (2017-08-28): Cucumber Linux 1.0, using Flatpak vs Snap, GNOME previews Settings panel, SUSE reaffirms commitment to Btrfs|
|• Issue 726 (2017-08-21): Redcore Linux 1706, Solus adds Snap support, KaOS getting hardened kernel, rolling releases and BSD|
|• Issue 725 (2017-08-14): openSUSE 42.3, Debian considers Flatpak for backports, changes coming to Ubuntu 17.10, the state of gaming on Linux|
|• Issue 724 (2017-08-07): SwagArch 2017.06, Myths about Unity, Mir and Ubuntu Touch, Manjaro OpenRC becomes its own distro, Debian debates future of live ISOs|
|• Issue 723 (2017-07-31): UBOS 11, transferring packages between systems, Ubuntu MATE's HUD, GNUstep releases first update in seven years|
|• Issue 722 (2017-07-24): Calculate Linux 17.6, logging sudo usage, Remix OS discontinued, interview with Chris Lamb, Debian 9.1 released|
|• Issue 721 (2017-07-17): Fedora 26, finding source based distributions, installing DragonFly BSD using Orca, Yunit packages ported to Ubuntu 16.04|
|• Issue 720 (2017-07-10): Peppermint OS 8, gathering system information with osquery, new features coming to openSUSE, Tails fixes networking bug|
|• Issue 719 (2017-07-03): Manjaro 17.0.2, tracking ISO files, Ubuntu MATE unveils new features, Qubes tests Admin API, Fedora's Atomic Host gets new life cycle|
|• Issue 718 (2017-06-26): Debian 9, support for older hardware, Debian updates live media, Ubuntu's new networking tool, openSUSE gains MP3 support|
|• Issue 717 (2017-06-19): SharkLinux, combining commands in the shell, Debian 9 flavours released, OpenBSD improving kernel security, UBports releases first OTA update|
|• Issue 716 (2017-06-12): Slackel 7.0, Ubuntu working with GNOME on HiDPI, openSUSE 42.3 using rolling development model, exploring kernel blobs|
|• Issue 715 (2017-06-05): Devuan 1.0.0, answering questions on systemd, Linux Mint plans 18.2 beta, Yunit/Unity 8 ported to Debian|
|• Issue 714 (2017-05-29): Void, enabling Wake-on-LAN, Solus packages KDE, Debian 9 release date, Ubuntu automated bug reports|
|• Issue 713 (2017-05-22): ROSA Fresh R9, Fedora's new networking features, FreeBSD's Quarterly Report, UBports opens app store, Parsix to shut down, SELinux overview|
|• Issue 712 (2017-05-15): NixOS 17.03, Alpha Litebook running elementary OS, Canonical considers going public, Solus improves Bluetooth support|
|• Issue 711 (2017-05-08): 4MLinux 21.0, checking file system fragmentation, new Mint and Haiku features, pfSense roadmap, OpenBSD offers first syspatch updates|
|• Issue 710 (2017-05-01): TrueOS 2017-02-22, Debian ported to RISC-V, Halium to unify mobile GNU/Linux, Anbox runs Android apps on GNU/Linux, using ZFS on the root file system|
|• Issue 709 (2017-04-24): Ubuntu 17.04, Korora testing new software manager, Ubuntu migrates to Wayland, running Nix package manager on alternative distributions|
|• Issue 708 (2017-04-17): Maui Linux 17.03, Snaps run on Fedora, Void adopts Flatpak, running Android apps on GNU/Linux, Debian elects Project Leader|
|• Issue 707 (2017-04-10): PCLinuxOS 2017.03, Canonical stops Unity development, OpenBSD on a Raspberry Pi, setting up a VPN for privacy|
|• Issue 706 (2017-04-03): Super Grub2 Disk, Snap packages of deepin applications, Subgraph OS routes network traffic for one application, announcements from Linux Mint|
|• Issue 705 (2017-03-27): Minimal Linux Live, sharing control of the operating system, new KaOS features, Uplos32 provides 32-bit fork of PCLinuxOS|
|• Issue 704 (2017-03-20): ToarusOS 1.0.4, Linux Mint's security record, Debian starts Project Leader election, Ubuntu 12.04 reaches end-of-life|
|• Issue 703 (2017-03-13): SolydXK 201701, CloudReady, Solus announces new features, KDE Connect sends text messages from desktop, openSUSE's YaST module for Let's Encrypt|
|• Issue 702 (2017-03-06): Fatdog64 Linux, elementary OS bundled with new netbook, Haiku announces new features, security and the size of a distro's development team|
|• Issue 701 (2017-02-27): OBRevenge 2017.02, Mageia 6 delays, NetBSD reproducible builds, questions about swap space, trying to steam video on a Raspberry Pi|
|• Issue 700 (2017-02-20): RaspBSD, Debian replaces Icedove with Thunderbird, Fedora's licensing guidlines, tips for switching shells, finding battery charge, getting IP address and killing processes|
|• Issue 699 (2017-02-13): Clear Linux, GhostBSD network utility ported to FreeBSD, Ubuntu coming to Fairphone, elementary OS crowd funding an app store|
|• Issue 698 (2017-02-06): Solus 2017.01.01, comparing containers with portable applicatins, Tails dropping 32-bit support, Debian Stretch enters freeze|
|• Issue 697 (2017-01-30): Subgraph OS 2016.12.30, running Ubuntu on an Android phone, Arch Linux phasing out 32-bit support, Linux Mint testing updated LMDE media|
|• Issue 696 (2017-01-23): GoboLinux 016, remotely running desktop applications, Solus adopting Flatpak, KDE neon using Calamares, TrueOS tests OpenRC|
|• Issue 695 (2017-01-16): Zorin OS 12, Peppermint team fixes installer bug, Debian refreshes Jessie media, Ubuntu improves low graphics mode, Exciting things coming in 2017|
|• Full list of all issues|
|Random Distribution |
Bridge Linux is an Arch Linux-based set of distributions and live CD/DVD images designed for desktop deployment. It comes in four separate editions with a choice of GNOME, KDE, LXDE or Xfce desktops. Unlike Arch, Bridge Linux boots directly into one of the available graphical desktop environments and it provides a pre-installed set of common applications (with more available from Arch Linux repositories).