Here’s a re-cap of our 4th AOSCC, in Guangzhou. Similar to last year, our annual gathering lasted 3 days. Numerous of our community developers shared their review of community development, and presented the path forward for our community in the coming year. Though Day 3 was disorganised as ever (LOL), it could be safely assumed that virtually everybody was having great fun attending this year’s community gathering.
Without getting ahead of ourselves, here’s a very quick re-cap, as promised:
Several community matters are determined, as usual, on Day 1:
Finally, several things could be expected from AOSC OS:
Unfortunately we were unable to provide live coverage of our gathering due to networking constraints in the venue, we are currently going through our video recording and uploading to our community YouTube channel.
Details regarding next year’s AOSCC in Wuhan will be posted later this year, and towards summer next year.
AOSCC 2017 (the 4th intallment) will kick off tomorrow at 10 A.M. UTC+8 in Guangzhou! Please do not hesitate to join us at this three-day gathering (with over 50 sign-ups so far!) where we discuss, share, and have fun. If you haven’t signed up yet, it’s not too late, the signup will not close until the end of Day 3 - if you could still make it!
Please sign up here. Again, no need to provide your real name here, we are using this form purely for statistics purposes.
For those who are coming tomorrow, please make sure that you enter from the North-East Gate at Guangdong University of Technology at H.E.M.C. Maps to the gate could be found below, there will be people from the Electronic Engineering Club and AOSC leading the way tomorrow!
This year’s AOSCC is imminent. In about three day’s time (July 14th to 16th), community developers and friends will gather in Guangzhou to discuss the past year and plan for the next. This will be followed by free talks in which community members shares their experience with working for F/OSS projects and skills with using them.
We are happy to announce that our AOSCC schedule is now final! As usual, AOSCC 2017 will be a three-day event…
For detailed schedules in multiple languages, please check out the links below…
Please do stay the whole way though, as we will be voting for the meet-up location next year, codename for AOSC OS Core 5; not to mention lucky dips on Day 1 and Day 2, thanks to our sponsors (listed below).
What would happen on Day 3 then, you might be wondering? The last day of AOSCC will be a day of workshop, here’s a list of topics/activities we have planned, everyone’s free to join us to learn and practice some new skills!
AOSCC 2017 will not be possible without the generous sponsorship of our friends…
Again, a big thank you for your help!
In this special issue of Dev. Updates, we are presenting to you a new, monthly, and function defined update pattern for AOSC OS. With this change to update pattern, AOSC OS will be updated in a scheduled fashion, where:
With that said, with July, you will not be receiving updates to your AOSC OS installation on a irregular basis (usually we aimed for a batch per week, but updates could had happened on a daily basis as well… essentially it was never planned or guaranteed), instead, we are expecting to ship the July wave of updates by around 28th - for all architectures/ports. But as aforementioned, security and important bugfix updates will be pushed as soon as they become available.
What if I can wait though, you asked… Well, by our schedule, we are expected to finish all update packages by Day 20, and tests finished by Day 25 of each month (February could be a mess but we will see). That said, by Day 20 of each month, updates will be pushed to our testing repositories, details coming in the following weeks leading up to AOSCC. However, if you do mean serious business when using AOSC OS, you might want to steer clear of that - as packages could be overwritten without any version change, making it hard sometimes to manage your updates - not to mention all the potential bugs you may run into, as we haven’t tested them yet when pushing all these fresh updates to the testing repositories.
It should also be noted that general version or feature updates of all AOSC OS packages are collected and scheduled on the first day of each month, meaning that if a package has a new version to be released on July 2nd, it will be pushed with the August wave of updates - could be sad for some of you cutting-edge users, but we have our reasons not to go full Arch Linux, and here are our reasons…
Firstly, with the introduction of multiple ports and noarch/data packages, updates across different AOSC OS ports could be asynchronous, meaning that some data packages - which is shared among all ports - could be unsuitable for one or more of the ports, as newer data packages could be unsuitable for older application/binary packages, and vice-versa. This was heavily exhibited in the past 6 months with our developers struggling to find time.
Secondly, quality is king, while it’s “cool” as a distribution to be able to push a new GNOME release set the week it’s got released, the price could be steep as it might come with all manners of issue - introduced with upstream code or general oversight of our packagers - making it hard for work to be carried out on AOSC OS when a big batch of updates come untested.
And lastly, this gives our developers more time (which is not in abundance as most of us are college students) to “improve” our packages, and not just updating them when an update is available - that is a general waste of time for us, and not exactly productive when it comes to improve user experience of AOSC OS. With more time on hand for handling updates and packaging, this could lead to a quality improvement, in general, to AOSC OS.
So that’s all we have for now, a quick heads up for our fellow AOSC OS users. Please enjoy the summer.
Unless the security update come in a form of a major update, which could potentially break its dependees. In which case you will be notified while we figure out a way to handle this issue. ↩︎
This means that if with a month’s update, the package simply stopped working (which is unlikely given that we will be doing tests on them), or a date-sensitive application ceased to function - for example,
youtube-dl, which relies constantly on newest protocols/routines to grab videos off websites. In that case, upon request, we will update the package(s) and make it (them) available as soon as possible. ↩︎
Please update your
systemd package to version
A security vulnerability was recently discovered in
systemd-resolved (DNS resolve configuration daemon) that…
Certain sizes passed to dns_packet_new can cause it to allocate a buffer that’s too small. A page-aligned number - sizeof(DnsPacket) + sizeof(iphdr) + sizeof(udphdr) will do this - so, on x86 this will be a page-aligned number - 80. Eg, calling dns_packet_new with a size of 4016 on x86 will result in an allocation of 4096 bytes, but 108 bytes of this are for the DnsPacket struct.
A malicious DNS server can exploit this by responding with a specially crafted TCP payload to trick systemd-resolved in to allocating a buffer that’s too small, and subsequently write arbitrary data beyond the end of it.
This security vulnerability was assigned CVE-2017-9445.
Brutally simplified rolling Linux distribution.
Install AOSC OS on your Windows machine.
Localization improvements made by the community.
A catalog of packages available for AOSC OS.
Our community repository server, where AOSC OS installation medias, tarballs, packages, project documentation, etc. are stored.
Take a look at current mirror synchronization and availability information.
Community mailing lists for discussions, advisories, and announcements.
Get in touch with the community.
Learn about newest news and happenings in and around AOSC.
Our WebMail service for AOSC developers and contributors.
Our public clipboard service (or pastebin) that you can use for all your clippy needs.