The 4MLinux team announced release of 4MLinux 17.0, latest stable release of independently evolved, lightweight GNU/Linux distribution. 4Ms in 4MLinux stands for Maintenance, Multimedia, Miniserver and Mystery.

From release announcement:
The status of the 4MLinux 17.0 series has been changed to STABLE. Create your documents with LibreOffice and share them using DropBox 3.18.1, surf the Internet with Firefox 46.0 and Chromium 50.0.2661.75, stay in touch with your friends via Skype and Thunderbird 45.0, enjoy your music collection with Audacious 3.7.2 and aTunes 3.1.2, watch your favorite videos with MPlayer SVN-r37590 and VLC 2.2.2, play games with Xorg 1.18.1/Mesa 11.1.1 support enabled. You can also setup the 4MLinux LAMP Server (Linux 4.4.1, Apache 2.4.20, MariaDB 10.1.13, and PHP 5.6.20). Perl 5.22.1 and Python 2.7.11 are also available.
For more information, see original release announcement and updated package list in 4MLinux blog.

The IPFire team announced availability of IPFire 2.19 - Core update 102, latest update pack for IPFire 2.19, an open source firewall distribution that can be easily customized as a firewall, or a proxy server or a gateway.

IPFire 2.19 core update 102 comes just 2 days after release of core update 101. Even though there was only two day gap between two update packs, the team has made several bug fixes in OpenSSL library and hence it is recommended to install this update pack as early as possible.

Following are changes made in IPFire 2.10 Core update 102.
  • Memory corruption in the ASN.1 encoder (CVE-2016-2108)
  • Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
  • EVP_EncodeUpdate overflow (CVE-2016-2105)
  • EVP_EncryptUpdate overflow (CVE-2016-2106)
  • ASN.1 BIO excessive memory allocation (CVE-2016-2109)
  • EBCDIC overread (CVE-2016-2176)
  • OpenSSH is updated to version 7.2p2 and will be restarted during the update.
See original release announcement in IPFire blog.

Neptune OS team announced availability of Neptune OS 4.5.1, latest stable update of Debian stable based GNU/Linux distribution which features updated versions of Linux Kernel and other software packages.

Neptune OS 4.5.1 is an update to Neptune OS 4.5 released at the beginning of this year. This release is updated with all packages available till 3rd May 2016.

Following are some notable changes in this release of Neptune OS.
  • Neptune OS can now boot from USB 3.0 ports. Earlier there was a bug which was preventing the same.
  • KDE SC is updated to version 4.1.16
  • Plasma 5 version is updated to Plasma 5.6.2
  • KDE Frameworks 5.21
See original release announcement in Neptune OS blog.
The Simplicity Linux team announced release of Simplicity Linux 16.04, latest stable release of Puppy based, lightweight, user friendly GNU/Linux distribution. This release of Simplicity Linux is delayed a little bit due to unexpected hardware failures on production machine.

Similar to recent release of Simplicity, this release also based on LXPup and features LXDE as desktop environment. Simplicity mini and desktop editions comes with Linux Kernel 4.0.4 and the bleeding edition X comes with Linux Kernel 4.4.5.

As with our previous releases, Mini (Previously Simplicity Linux Netbook Edition) is our heavily cut down version. It comes with Flash preinstalled, the latest version of Firefox, and web versions of Spotify, Dropbox, Gmail, Google Docs and many other applications. Desktop is our fully featured distribution, based on the same base as Mini but rather than web based applications; it comes loaded with Flash, Firefox, Thunderbird, LibreOffice, GIMP, and Mplayer.
For more information, see original release announcement published by Simplicity Linux team.

Download Simplicity Linux 16.04

VideoLAN has announced availability of VLC 2.2.3, latest update in worlds most popular open source media players 2.2.x series. This release announcement is applicable for all platforms including windows, GNU/Linux and OS X. VLC media player is well known for it's ability to support wide range of media formats.

Following are notable highlights of VLC Media Player 2.2.3:
  • Notable number of improvements, like green lines in the Windows video output and resuming where you left off.
  • It also improves our codec support by adding new formats and providing faster decompression.
  • More than 30 fixes for issues reported for 2.2.2.
  • You can finally open more than 15 elements from the Windows' Explorer.
See original release announcement published by VideoLAN team.
IPFire project announced availability of IPFire 2.19 - Core update 101, latest update for distributions current stable branch. IPFire is an open source firewall distribution that is designed to be modular and highly customizable to match with requirements of a wide range of users.

As usual, new update pack of IPFire 2.19 is also coming with several bug fixes. These bug fixes includes cross site scripting vulnerability fix and fix for remote code execution vulnerability in IPFire web interface.

Yann Cam, an independent security researcher, discovered to vulnerabilities in the IPFire Web User interface that could be used in some circumstances. In the ipinfo.cgi file, a cross-site scripting attack could be executed on logged in users and in two more CGI files (proxy.cgi and chpasswd.cgi), a remote code execution vulnerability was found which allowed attackers to use the aforementioned cross-site scripting attack to execute shell commands as an unprivileged user on the IPFire system.

These attacks are only possible to perform on an admin’s computer and only in that instance when the administrator is logged in to the web user interface. Of course we recommend to install this update as soon as possible to close these vulnerabilities.
For more information, see original release announcement published by IPFire team.
Kodi Media Center team has warned users to be careful while choosing unofficial add-ons. A few incidents were reported, where newly installed add-ons removed existing add-ons without user permission or knowledge. Even though Kodi team is not mentioning add-on developers explicitly, they wants users to be aware of this situation.

Though Kodi team is not guaranteeing 100% safety in using addons from official repository, it is comparatively much safer.

Since v10.0  which was the first version with an add-on repository, we as team have always checked the contents of each add-on and what it’s intentions are before it was added. This is done with the intention to prevent unwanted things happening when installing certain add-ons and upholding a certain quality standard. To give a better understanding on what this entails I will provide a short walk through of this process before these add-ons are added to our official repo. First of all a third-party developer writes a certain add-on and decides if he wants to make it available for public testing first for initial user feedback, or directly send it to us depending how confident he/she is about the functionality. We urge every developer to first read our repository rules before sending the add-on for review as that might already make it clear it will never be considered.

For more information, see official blog post published by Kodi team.

The Apricity OS team announced release of Apricity OS 04.2016 Beta and RC1 together. Apricity OS 04.2016 RC1 is first most stable release candidate of this Arch based distribution.

This month, a lot of effort has gone into improving the development workflow and making a distinction between stable, tested features and untested features. The apricity-core repository has split into three seperate repositories: the standard, unsigned apricity-core repo, a new signed apricity-core repo, and a signed apricity-core-dev repository for developers. All three repos are now being built twice a week. On the github side of things, almost all repositories have moved onto a new branching model. Repositories on this branching model have at least two branches: dev, and master. Feature branches are merged into dev when they are more-or-less finished. Master is considered the stable branch, and dev, as its name suggests, is for development. New features should be built on seperate feature-* branches, releases will be developed on release-* branches, and hotfixes for production code will be built on hotfix-* branches.
For complete release announcement, see Apricity OS blog.

Download Apricity OS 04.2016 RC1

Download Apricity OS 04.2016 Beta