# Tech News Digest - 2025-03-19 > Apply directly to the eyes ## \[$\] A look at /e/OS on tablet hardware **Category:** Linux **Tags:** General **Published:** Wed, 19 Mar 2025 14:59:10 +0000 **TL;DR:** Here is a 2-sentence summary: /eOS is a privacy-centric, open-source mobile operating system primarily designed for smartphones, with limited support for tablets. Murena, a company selling devices with /eOS preinstalled, has now announced official support for tablets starting with the Pixel tablet, offering a user experience similar to mainstream alternatives. [/e⁠/⁠OS](https://e.foundation/e-os/) is a privacy-centric, open-source mobile operating system that has primarily been targeted at mobile phones, with only a few community supported images available for tablet devices. In December, [Murena](https://murena.com/)—a company that sells devices with /⁠e⁠/⁠OS preinstalled—[announced](https://murena.com/finally-here-the-long-awaited-murena-pixel-tablet-is-now-on-pre-sale/) that /⁠e⁠/⁠OS now officially supports tablets as well, starting with the Pixel tablet. The user experience is close enough to mainstream alternatives to make it attractive, but there are some under-the-hood problems that may give users pause. \[Read more\]([https://lwn.net/Articles/1006557/](https://lwn.net/Articles/1006557/)) ## Supply Chain Attacks on Linux distributions (Fenrisk) **Category:** Linux **Tags:** General **Published:** Wed, 19 Mar 2025 14:48:47 +0000 **TL;DR:** Here is a 2-sentence summary: A security company called Fenrisk has revealed that they successfully identified vulnerabilities in the Pagure (Fedora's package definition repository) and Open Build Service (openSUSE's compilation and packaging toolchain). If exploited, these vulnerabilities could have allowed malicious actors to compromise all packages for Fedora and openSUSE, affecting millions of Linux servers and desktops. A security company called Fenrisk has posted [an overview](https://fenrisk.com/supply-chain-attacks) of a pair of claimed successful supply-chain attacks on the Fedora and openSUSE distributions. > We successfully identified vulnerabilities in the Pagure, the Git forge used by Fedora to store their package definitions. We also compromised Open Build Service, the all-in-one toolchain used and developed by the openSUSE project for compilation and packaging. > > Their exploitation by malicious actors would have led to the compromise of all the packages of the distributions Fedora and openSUSE, as well as their downstream distributions, impacting millions of Linux servers and desktops. \[Read more\]([https://lwn.net/Articles/1014741/](https://lwn.net/Articles/1014741/)) ## Security updates for Wednesday **Category:** Linux **Tags:** Linux **Published:** Wed, 19 Mar 2025 13:26:02 +0000 **TL;DR:** Here is a 2-sentence summary: Multiple Linux distributions have issued security updates to address vulnerabilities, including Debian, Fedora, Red Hat, SUSE, and Ubuntu. The updates affect various packages such as tzdata, expat, tigervnc, kernel, thunderbird, webkit2gtk3, dcmtk, restrictedpython, and uriparser. Security updates have been issued by **Debian** (tzdata), **Fedora** (expat and tigervnc), **Red Hat** (kernel, kernel-rt, thunderbird, and webkit2gtk3), **SUSE** (dcmtk), and **Ubuntu** (restrictedpython and uriparser). [Read more](https://lwn.net/Articles/1014722/) ## \[$\] Oxidizing Ubuntu: adopting Rust utilities by default **Category:** Linux **Tags:** General **Published:** Tue, 18 Mar 2025 16:49:29 +0000 **TL;DR:** Here is a 2-sentence summary: The Ubuntu project plans to replace many traditional GNU utilities with Rust-based implementations, and has released a command-line utility called "oxidizr" to help users test and provide feedback on the new utilities. The goal is to enable or disable the Rust-based utilities ahead of a possible switch for Ubuntu 25.10, an interim release scheduled for October 2025. If all goes according to plan, the Ubuntu project will soon be replacing many of the traditional GNU utilities with implementations written in Rust, such as those created by the [uutils](https://uutils.github.io/) project, which we [covered](https://lwn.net/Articles/1007907/) in February. Wholesale replacement of core utilities at the heart of a Linux distribution is no small matter, which is why Canonical's VP of engineering, Jon Seager, has released [oxidizr](https://github.com/jnsgruk/oxidizr?tab=readme-ov-file#oxidizr). It is a command-line utility that helps users easily enable or disable the Rust-based utilities to test their suitability. Seager is calling for help with testing and for users to provide feedback with their experiences ahead of a possible switch for Ubuntu 25.10, an [interim release](https://ubuntu.com/about/release-cycle) scheduled for October 2025. So far, responses from the Ubuntu community seem positive if slightly skeptical of such a major change. \[Read more\]([https://lwn.net/Articles/1014002/](https://lwn.net/Articles/1014002/)) ## Security updates for Tuesday **Category:** Linux **Tags:** General **Published:** Tue, 18 Mar 2025 13:32:10 +0000 **TL;DR:** Here is a 2-sentence summary: Multiple Linux distributions have issued security updates to address vulnerabilities in various packages. The affected distributions include Debian, Fedora, Mageia, Red Hat, SUSE, and Ubuntu, with fixes released for packages such as freetype, rails, mosquitto, python-django4.2, libarchive, and others. Security updates have been issued by **Debian** (freetype and rails), **Fedora** (mosquitto and python-django4.2), **Mageia** (libarchive, libreoffice, php, and quictls), **Red Hat** (webkit2gtk3), **SUSE** (erlang, nethack, python312, and wpa\_supplicant), and **Ubuntu** (freetype and plantuml). [Read more](https://lwn.net/Articles/1014543/)