Debian 10 "Buster" RC2 to be Available

Release candidate has a lot of changes and updates and community should expect final release on 6th of July
28 June 2019   669

The second release candidate for the major update of Debian 10 "Buster" was released. Currently, there are 75 critical errors blocking the release (two weeks ago there were 98, and a month and a half 132). Testing branch was transferred to a state of complete freezing from making changes (an exception is made only for emergency interventions). The final release of Debian 10 is expected July 6th.

Compared with the previous test release installer presents the following changes:

  • A section called "Unlocking LUKS devices from GRUB" has been added to cryptsetup, which points to a guide for setting up an unlock partition at the GRUB level;
  • Verification keys for Buster release added to debian-archive-keyring;
  • Working image was prepar that fits 16 GB USB Flash. The package selection process is optimized to fit a multi-arch firmware into a 700 megabyte image, from which the i686 PAE core is excluded;
  • A package hasged-udeb has been added to solve problems with insufficient entropy quality of a pseudo-random number generator;
  • Dark theme was renamed to high contrast (Accessible high contrast);
  • support for verified boot (UEFI Secure Boot) is included for the amd64 architecture. To ensure the operation of Secure Boot, the Shim loader, digitally signed by Microsoft (shim-signed), is used in conjunction with the certification of the kernel and the grub loader (grub-efi-amd64-signed) with the project’s own certificate (shim acts as an interlayer for use by the distribution kit keys). The shim-signed and grub-efi-ARCH-signed packages are included in the build dependencies for amd64, i386 and arm64. The loader and grub, certified by a working certificate, are included in the EFI images for amd64, i386 and arm64;
  • support for downloadable (netboot) images for SD cards was added;
  • u-boot images for a64-olinuxino, orangepi_zero_plus2 and teres_i boards was added.
  • support for NanoPi NEO2 and Marvell 8040 MACCHIATOBin was added;
  • All drivers have been added to the kernel-image package to support hardware-based pseudo-random number generators, and all keyboard drivers have been added to the input-modules package.

Get more info at official email.

Suricata 5.0 to be Available

Suricata is a cybersecurity solution, an intrusion detection system and intrusion prevention system with opened source code
16 October 2019   115

OISF (Open Information Security Foundation) has published the release of Suricata 5.0, a network intrusion detection and prevention system that provides inspection tools for various types of traffic. In Suricata configurations, it is permissible to use the signature database developed by the Snort project, as well as the Emerging Threats and Emerging Threats Pro rule sets. The source code for the project is distributed under the GPLv2 license.

Some of the major changes:

  • New log parsing and logging modules for RDP, SNMP and SIP protocols written in Rust are introduced;
  • In addition to support for the JA3 TLS client authentication method that appeared in the previous release, support for the JA3S method is added, which allows to determine which software is used to establish the connection based on the connection negotiation features and parameters that are set (for example, it allows you to determine the use of Tor and other typical applications);
  • An experimental ability to compare with a selection from large data sets has been added, implemented using the new dataset and datarep operations. For example, the feature is applicable for searching masks in large blacklists with millions of entries;

Get more info at official website.