» 2008 » June

Article posted on Jun 28

Finnix 92.0 Released

Posted by Ryan Finnie on June 28, 2008, 9:59 pm

Finnix is a small, self-contained, bootable Linux CD distribution for system administrators, based on Debian testing. Today marks the release of version 92.0 for the x86/AMD64, PowerPC, and UML/Xen platforms.

Finnix 92.0 includes updated software (including a fix for the Debian OpenSSL security vulnerability), a Linux 2.6.25 kernel, and a new, graphical boot menu.

Home page: http://www.finnix.org/
Download: http://www.finnix.org/Download
Release notes: http://www.finnix.org/Finnix_92.0_release_notes

Leave Comment
Posted in Announcements, Finnix

Article posted on Jun 14

Finnix 92.0 coming soon

Posted by Ryan Finnie on June 14, 2008, 5:01 pm

Finnix 92.0 will be released soon. It will have a new 2.6.25 kernel, updated software, and, most visibly, a new boot menu.

There have been suggestions for a new boot menu for awhile now. I liked the idea in theory, but there were various problems with most implementations (no graphics; graphics, but no fallback to text mode; no easy way to add boot options, such as toram, testcd, etc; no way to default to 64-bit boot options). Debian's recent announcement of debian-installer for lenny beta 2 introduced a new installer boot menu system based on bootmenu.c32, which looked very nice and solved most of the problems I mentioned. However, no default 64-bit option on multi-arch CDs, which the announcement mentioned and lamented.

I used Debian's configs as a base for a Finnix test. The results were very nice, and I was ready to do as Debian did and accept that the improvements were worth the loss of 64-bit autodetection. However, an acquaintance encouraged me to look into it ("Sounds like it's time for some OPEN SOURCE MAGIC"), and within a few hours, I had a working patch.

The debian-installer guys loved it and had the patch applied within an hour, and as well, it will be in Finnix 92.0. Here's a development screenshot:

Leave Comment
Posted in Development, Finnix

Article posted on Jun 2

Finnix and Debian’s OpenSSL Vulnerability

Posted by Ryan Finnie on June 2, 2008, 1:05 am

All versions of Finnix from 89.0 to 91.1 (inclusive) contain the Debian OpenSSL predictable RNG vulnerability. The fix will be included with the next scheduled (approximately quarterly) release of Finnix in the next few weeks. In the meantime, if you use any OpenSSL-related programs (openssl itself, ssh, openvpn, etc) on Finnix, be sure to do the following as soon as you boot Finnix:

apt-get update && apt-get install libssl0.9.8

Finnix does not include any pre-generated keys, but any keys generated on Finnix with a vulnerable OpenSSL will be vulnerable.

Leave Comment
Posted in Finnix

Finnix

Finnix on Identi.ca

fo0bar: !Finnix has become quite popular in China in the last day. About 5000 downloads in the last few hours.
fo0bar: This !Finnix release has been unusually quiet. Usually the Internet becomes a release announcement echo chamber in the first 24 hours.
fo0bar: !Finnix 102 released! http://blog.finnix.org/2011/07/23/finnix-102-released/
finnix: Hello! Please join the !Finnix group on Identica, http://blog.finnix.org/ for blog updates, and http://www.finnix.org/ to download. Thanks!
fo0bar: !Finnix 101 released, fueled by eggnog and tinsel: http://blog.finnix.org/2010/12/25/finnix-101-released/