secureblue's Avatar

secureblue

@secureblue.dev.bsky.social

A security-focused desktop and server linux operating system. https://secureblue.dev

74 Followers  |  1 Following  |  13 Posts  |  Joined: 11.02.2025  |  1.5184

Latest posts by secureblue.dev on Bluesky

Preview
Release 141.0.7390.76-440020 Β· secureblue/Trivalent What's Changed chore: Revert "chore(build): switch back to github large runners unti… by @RoyalOughtness in #440 fix(supplychain): set subject correctly for provenance generation by @RoyalOughtnes...

Trivalent 141.0.7390.76-440020 released:

github.com/secureblue/T...
chromereleases.googleblog.com/2025/10/stab...

10.10.2025 08:37 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Release 141.0.7390.65-439968 Β· secureblue/Trivalent What's Changed fix(arm): update rust clanglib patch by @RoyalOughtness in #424 chore: add initial changelog by @RoyalOughtness in #426 chore(build): remove dep on sysroot by @RKNF404 in #427 chore...

Trivalent 141.0.7390.65-439968 released:

github.com/secureblue/T...
chromereleases.googleblog.com/2025/10/stab...

07.10.2025 23:16 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Release 141.0.7390.54-439843 Β· secureblue/Trivalent What's Changed feat: enable drumbrake by default by @RKNF404 in #411 chore: adjust wording on DrumBrake flag by @RKNF404 in #412 chore: 141 port by @RKNF404 in #413 chore: pull 141 patches from Va...

Trivalent 141.0.7390.54-439843 released:

github.com/secureblue/T...
chromereleases.googleblog.com/2025/09/stab...

02.10.2025 04:53 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Release 140.0.7339.207-439665 Β· secureblue/Trivalent What's Changed feat: add functional drumbrake toggle & enable drumbrake build option by @RKNF404 in #408 Full Changelog: 140.0.7339.185-439535...140.0.7339.207-439665

Trivalent 140.0.7339.207-439665 released:

This release includes a toggle in flags to enable DrumBrake. The toggle is disabled by default due to its experimental state. If the toggle is flipped on, it enables JIT-less WASM.

github.com/secureblue/T...
chromereleases.googleblog.com/2025/09/stab...

23.09.2025 23:14 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Release 140.0.7339.185-439535 Β· secureblue/Trivalent What's Changed fix: build hardening typo by @RoyalOughtness in #403 build: disable shadow_call_stack for aarch64 by @RoyalOughtness in #404 chore: hide ui popup text by @RKNF404 in #405 chore: hid...

Trivalent 140.0.7339.185-439535 released:

github.com/secureblue/T...
chromereleases.googleblog.com/2025/09/stab...

This release includes upstream security fixes for several CVEs, including CVE-2025-10585. Google is aware of an exploit for CVE-2025-10585 that exists in the wild.

17.09.2025 23:21 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Release 140.0.7339.127-439381 Β· secureblue/Trivalent What's Changed chore: re-enable audio sandbox by @RKNF404 in #393 fix: FTBFS patch by @RoyalOughtness in #394 chore: remove fedora patches from updater by @RKNF404 in #395 fix: search selection sc...

Trivalent 140.0.7339.127-439381 released:

github.com/secureblue/T...
chromereleases.googleblog.com/2025/09/stab...

10.09.2025 20:59 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Release v4.6.1 - Polish and QOL release Β· secureblue/secureblue What's Changed fix: add LD_PRELOAD=libhardened_malloc.so to /etc/profile.d by @HastD in #1168 fix: missing timer preset by @RoyalOughtness in #1165 chore(deps): bump aquasecurity/trivy-action from...

secureblue v4.6.1 has been released:

github.com/secureblue/s...

π‘…π‘’π‘šπ‘–π‘›π‘‘π‘’π‘Ÿ: π‘Ÿπ‘’π‘™π‘’π‘Žπ‘ π‘’π‘  π‘Žπ‘Ÿπ‘’ π‘ π‘¦π‘šπ‘π‘œπ‘™π‘–π‘. 𝐡𝑒𝑖𝑙𝑑𝑠 π‘Žπ‘Ÿπ‘’ π‘π‘Ÿπ‘’π‘Žπ‘‘π‘’π‘‘ π‘Žπ‘›π‘‘ π‘π‘’π‘π‘™π‘–π‘ β„Žπ‘’π‘‘ π‘–π‘šπ‘šπ‘’π‘‘π‘–π‘Žπ‘‘π‘’π‘™π‘¦ π‘Žπ‘“π‘‘π‘’π‘Ÿ 𝑛𝑒𝑀 π‘π‘œπ‘šπ‘šπ‘–π‘‘π‘  π‘Žπ‘Ÿπ‘’ π‘šπ‘’π‘Ÿπ‘”π‘’π‘‘.

05.09.2025 23:11 β€” πŸ‘ 9    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Release 140.0.7339.80-439219 Β· secureblue/Trivalent What's Changed chore: remove PATH hacks by @RKNF404 in #371 ci: add separate x86 and aarch64 builds by @RoyalOughtness in #372 fix: missing gn variable by @RKNF404 in #373 chore: ensure nodejs is ...

Trivalent 140.0.7339.80-439219 released:

github.com/secureblue/T...
chromereleases.googleblog.com/2025/09/stab...

03.09.2025 06:35 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Release 139.0.7258.154-439061 Β· secureblue/Trivalent What's Changed chore: add Vanadium patch to fix CFI crash by @RKNF404 in #368 chore: System toolchain by @RKNF404 in #370 Full Changelog: 139.0.7258.138-438928...139.0.7258.154-439061

Trivalent 139.0.7258.154-439061 released:

github.com/secureblue/T...
chromereleases.googleblog.com/2025/08/stab...

26.08.2025 23:02 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Release 139.0.7258.138-438928 Β· secureblue/Trivalent What's Changed chore(deps): bump zizmorcore/zizmor-action from 0.1.1 to 0.1.2 by @dependabot[bot] in #353 chore: use autoninja instead of calling ninja directly by @RKNF404 in #357 docs: add refer...

Trivalent 139.0.7258.138-438928 released:

github.com/secureblue/T...
chromereleases.googleblog.com/2025/08/stab...

20.08.2025 21:27 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
Release 139.0.7258.127-438758 Β· secureblue/Trivalent What's Changed chore(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in #347 chore(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by @dependabot[bot] in #343 chore(...

Trivalent 139.0.7258.127-438758 released:

github.com/secureblue/T...
chromereleases.googleblog.com/2025/08/stab...

12.08.2025 23:11 β€” πŸ‘ 6    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Discord has very good configurable server-side filtering and dramatically better mod tools. Matrix heavily enables abuse through federation and doesn't even support restricting inline media. Matrix also lacks channels within rooms so communities like ours rely on moderation bots.

11.08.2025 22:05 β€” πŸ‘ 16    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
UKIs and composefs support for Bootable Containers - DevConf.CZ 2025
YouTube video by DevConf UKIs and composefs support for Bootable Containers - DevConf.CZ 2025

This talk by @siosm.bsky.social covers the important work being done to enable verification for bootc images like ours. youtu.be/D7HqckeHlx8

"Using composefs and fs-verity, we can link a UKI to a complete read only filesystem tree, guaranteeing that every byte of every file is verified on load."

11.08.2025 01:00 β€” πŸ‘ 4    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

You can expect posts here to cover news, updates, and future plans. Critical information relating to releases will continue to be provided at Github Releases: secureblue.dev/faq#releases

11.08.2025 00:48 β€” πŸ‘ 11    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0

@secureblue.dev is following 1 prominent accounts