Linux

54028 readers

1264 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 6 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz

108

Removal of Deepin Desktop from openSUSE due to Packaging Policy Violation (security.opensuse.org)

submitted 1 day ago by exu@feditown.com to c/linux@lemmy.ml

15 comments fedilink hide all child comments

cross-posted from: https://feditown.com/post/1318835

you are viewing a single comment's thread
view the rest of the comments

[–] eskuero@lemmy.fromshado.ws 33 points 1 day ago* (last edited 1 day ago) (2 children)

In January 2025, during routine reviews, we stumbled upon the deepin-feature-enable package, which was introduced on 2021-04-27 without consulting us or even informing us.

Damm

[–] Eyedust@lemmy.dbzer0.com 20 points 1 day ago (1 children)

That is quite a while, lol. To be fair though, there are an insane amount of lines in most packages. Quietly adding a brief line in a seemingly innocent features package is like hiding a needle in a haystack.

Its easy to overlook things when you have a pile of packages to review during every routine. Its especially true if they missed it the first time, since its easier to review changes in a package rather than go through the whole thing again.

[–] MonkeMischief@lemmy.today 6 points 15 hours ago (1 children)

A needle in a tumbleweed, if you will. :p

Yeah, it's crazy it was hiding this long but I see this as a win that they dealt with it so swiftly and show they take their package security seriously.

[–] Eyedust@lemmy.dbzer0.com 2 points 10 hours ago

Yeah, it really speaks volumes about the devs. It means that no matter how innocent the package may be or how long its been there, they still pick through it all multiple times to make sure their users are safe and happy.

But RIP Deepin users. Tbh though, I've been hanging around Linux forums a while and still have yet to see someone who actually daily drives Deepin, lol.

[–] thingsiplay@beehaw.org -1 points 1 day ago (1 children)

Why wasn't this catched by previous routine reviews?

[–] IrritableOcelot@beehaw.org 6 points 20 hours ago

It seems to me that the offending dialog would only be triggered if you did a full fresh install. During the previous iteration of the testing, they probably had a VM somewhere with it installed; since the underlying packages were already present, the dialog would never have popped up.