Welcome to Gentoo, a highly flexible, source-based Linux distribution.
The SKS keyserver network has been a victim of certificate poisoning attack lately. The OpenPGP verification used for repository syncing is protected against the attack. However, our users can be affected when using GnuPG directly. In this post, we would like to shortly summarize what the attack is, what we did to protect Gentoo against it and what can you do to protect your system.
The Gentoo Foundation has partnered with Nitrokey to equip all Gentoo developers with free Nitrokey Pro 2 devices. Gentoo developers will use the Nitrokey devices to store cryptographic keys for signing of git commits and software packages, GnuPG keys, and SSH accounts.
| Michał Górny | Verifying Gentoo election results via Votrify |
| Thomas Raschbacher | Autoclicker for Linux |
| Michał Górny | SKS poisoning, keys.openpgp.org / Hagrid and other non-solutions |
| Marek Szuba | Case label for Pocket Science Lab V5 |
| Yury German | Gentoo Blogs Update |
| GLSA 201906-01 | Exim: Remote command execution | high |
| GLSA 201904-25 | QEMU: Multiple vulnerabilities | normal |
| GLSA 201904-24 | Ming: Multiple vulnerabilities | normal |
| GLSA 201904-23 | GLib: Multiple vulnerabilities | normal |
| GLSA 201904-22 | OpenDKIM: Root privilege escalation | normal |
| app-portage/no-distcc-env | package.env files to disable distcc on a per-package basis |
| app-misc/rtlamr | software defined radio receiver for utility smart meters |
| dev-ruby/jbuilder | Create JSON structures via a Builder-style DSL |
| dev-ruby/jbuilder | Create JSON structures via a Builder-style DSL |
| dev-scheme/jscheme | A Scheme dialect with a simple Java interface called Javadot notation |
| Microarchitectural Data Sampling (MDS) aka ZombieLoad | started by Whissi |
| Ext4/zh-cn | started by 空空 |
| Gigabyte GA-MA770-UD3 | started by Ant P. |
| Blas-lapack-switch | started by Lumin |
| USE flag/ja | started by Toku |
