Debian 5.0: Way to Go, Lenny!
The deal is closed: Debian 5.0, code-named Lenny, is officially available.
The long-anticipated Debian 5.0 is based on Kernel 2.6.26, while support for 2.4 was discontinued. Also put into retirement were Apache 1 and XMMS 1, which will be replaced by their successors. The newly supported architectures include Armel, whereas 32-bit SPARC V8 will also go away.
The new Debian-Installer clearly supports more hardware, such as some SATA RAID controllers, thanks to the current Kernel. Installation media can be changed during installation; Blueray is also available next to CD and DVD.
Upgrading from the most recent Debian 4.0r7 "Etch" uses distupgrade, where admins should proof the list of removed packages. The upgrade procedure in the Lenny release notes explicitly cautions in a "Prepare a safe environment" section to perform the distro upgrade "either locally from a textmode virtual console (or a directly connected serial terminal), or remotely via an ssh link." It recommends against upgrading using telnet or from an X session to avoid a newstart of the network services or X Server leading to a possibly half-upgraded, inaccessible system.
Caution also applies if using lilo as the bootloader in that Lenny generates initramfs images that are too large for lilo, in which case the standard grub bootloader is a better choice.
Lenny increased the number of software offerings from Debian 4.0 of almost 10,000 to 25,000. New ones include Nagios 3, MySQL 5.0.15 and PostgreSQL 8.3. The GCC version is 4.3 and the GLibc C library version is 2.7.
Equally interesting for server admins is that support ends for the EVMS LVM manager and was replaced by KVM kernel virtualization. Also, ryslog replaces the old kernel log daemon klogd/sysklogd.
Debian 5.0 is dedicated to the memory of developer Thiemo Seufer who died December 26 in a tragic car accident.
Lenny is available for download in a number of variants. Experienced admins with an excellent Internet connection should be happy with the CD/DVD images from mirror sites. However, the website recommends downloading via BitTorrent to take the load off the mirrors.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.
Should you trust an online service to store your online passwords?
New B+ board lets you build cool things without the complication of a powered USB hub.