Weekly Status Report: 2019-12-08

Hello all!

We have had some time to work on package issues this week, in addition to our fervent work on Horizon.

Horizon

It is now possible to save HorizonScripts from the Horizon Wizard UI to disk. This completes the writeout flow for the Runtime Environment, and allows the Installation Environment work to continue. The Installation Environment Commit flow was completed, including tickmarks for each phase of the Executor.

The SHA-512 crypt(3) code from the musl libc has been added to Horizon; the Wizard UI uses this to encrypt passphrases for the root account and any user accounts added.

gcompat (libucontext)

Khem Raj (khem) submitted a patch to ensure proper building of libucontext in OpenEmbedded.

Packaging

A. Wilcox (awilfox@) updated the musl libc to 1.2.0 alpha1, and is working closely with Rich Felker (dalias) to gain true 64-bit time support on 32-bit systems. This will allow 32-bit computers to use dates after the year 2038.

Gavin Howard (gdh) updated his bc calculator to version 2.4.0.

Kiyoshi Aman (aerdan@) added the Gleam programming language, added the Perl Net::DBus pod, and updated various packages including XFCE. He also added the Bitlbee instant messaging software.

Laurent Bercot (skarnet@) fixed a few issues in the Skaware software set.

Luis Ressel (aranea@) updated WireGuard VPN to its latest version, and deprecated the notmuch package.

Samuel Holland (smaeul@) updated Rust to 1.38.0. Additionally, this release now allows us to use our previous Rust packages to build the next newer version.

Comments (1)

  1. Name

    Reply

    Forgive me for (1) not being a cryptography expert and (2) not having examined the crypt(3) function, but from a simple reading, it sounds like this simply calculates SHA-512 hashes from passwords. Why would this be a good way to store passwords? I found the argumentation on https://codahale.com/how-to-safely-store-a-password/ against doing so convincing, although nowadays the recommendation “bcrypt” from the article might be replaced with “scrypt” or something mentioned in the https://en.wikipedia.org/wiki/Password_Hashing_Competition article.

Leave a comment

Your email address will not be published. Required fields are marked *