Microsoft Joins the OpenChain Project, Google Open-Sources ClusterFuzz, New Android Vulnerability, FSF Gives the Vikings D8 Mainboard and Workstation Its "Respect Your Freedom" Endorsement, and Fedora Is Redesigning Its Logo

News briefs for February 8, 2019.

Microsoft has joined the OpenChain Project, "which builds trust in open source by making open source license compliance simpler and more consistent". Uber, Google and Facebook joined it last month. According to the announcement, "By joining OpenChain, Microsoft will help create best practices and define standards for open source software compliance, so that its customers have even greater choice and opportunity to bridge Microsoft and other technologies together in heterogeneous environments."

Google today announced it is open-sourcing ClusterFuzz and making it available for anyone to use. Fuzzing is "an automated method for detecting bugs in software that works by feeding unexpected inputs to a target program", and it's "effective at finding memory corruption bugs". ClusterFuzz is "a fuzzing infrastructure running on over 25,000 cores" was written to aid in the Chrome development process. You can check it out at the ClusterFuzz GitHub repository.

A security vulnerability discovered in Android gives attackers access to your phone if you open a .png file. ZDNet reports that "All it takes to trigger the bug is for attackers to send a crafted, malicious Portable Network Graphic (.PNG) file to a victim's device. Should the user open the file, the exploit is triggered." This bug affects Android versions 7.0–9.0.

The Free Software Foundation has certified new hardware with its "Respect Your Freedom" endorsement: the Vikings D8 mainboard and D8 workstation. According to Phoronix, "The Vikings D8 is a re-branded ASUS KCMA-D8 but flashed with Libreboot+Coreboot to free the hardware down to the BIOS." In addition, "the D8 Workstation also ships with the FSF-approved Trisquel operating system that is free of any Linux binary blobs and proprietary software." See also the FSF post on the Respects Your Freedom certification.

Fedora is redesigning its logo due to issues with its current logo, including "the lack of a single colour variant", "the logo not working well on dark backgrounds", "confusion with other well-known brands, and the use of a proprietary font." See this article by Máirín Duffy for more on the history of the Fedora logo and other details on the change, and also see this post to join the discussion on the new options.

Jill Franklin is an editorial professional with more than 17 years experience in technical and scientific publishing, both print and digital. As Executive Editor of Linux Journal, she wrangles writers, develops content, manages projects, meets deadlines and makes sentences sparkle. She also was Managing Editor for TUX and Embedded Linux Journal, and the book Linux in the Workplace. Before entering the Linux and open-source realm, she was Managing Editor of several scientific and scholarly journals, including Veterinary Pathology, The Journal of Mammalogy, Toxicologic Pathology and The Journal of Scientific Exploration. In a previous life, she taught English literature and composition, managed a bookstore and tended bar. When she’s not bugging writers about deadlines or editing copy, she throws pots, gardens and reads. You can contact Jill via e-mail, ljeditor@linuxjournal.com.

Load Disqus comments

Storix backup and disaster recovery

 

Corporate Patron

Pulseway Logo

Limited Time Offer

September Cover

 

Celebrating 25 years of Linux Journal! Download our special April 2019 issue for FREE.