secureblue's Avatar

secureblue

@secureblue.dev

A security-focused desktop and server linux operating system. https://secureblue.dev

141
Followers 1
Following 50
Posts 11.02.2025
Joined
Posts Following

Latest posts by secureblue @secureblue.dev

California recently passed, and Colorado and NY recently introduced, age verification legislation targeting OS providers that is so imprecisely written that it's unclear how to comply. If you live in one of those states, contact your state senator and rep asking them to oppose this legislation.

05.03.2026 17:35 πŸ‘ 10 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0
Preview
Release 145.0.7632.159-443143 Β· secureblue/Trivalent What's Changed chore(deps): bump github/codeql-action from 4.31.10 to 4.32.4 by @dependabot[bot] in #632 chore(deps): bump actions/download-artifact from 7.0.0 to 8.0.0 by @dependabot[bot] in #635...

Trivalent 145.0.7632.159-443143 released:

github.com/secureblue/T...

04.03.2026 07:20 πŸ‘ 4 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Release 145.0.7632.116-442971 Β· secureblue/Trivalent Upstream Changes https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_23.html Full Changelog: 145.0.7632.75-442755...145.0.7632.116-442971

Trivalent 145.0.7632.116 released:

github.com/secureblue/T...

24.02.2026 03:56 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Build architecture | secureblue Build architecture for secureblue

Check out the new article on secureblue.dev covering secureblue's build architecture, especially supply chain security mechanisms:

secureblue.dev/articles/bui...

21.02.2026 22:44 πŸ‘ 9 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Release 145.0.7632.109-442868 Β· secureblue/Trivalent What's Changed chore(deps): bump step-security/harden-runner from 2.14.1 to 2.14.2 by @dependabot[bot] in #626 chore: add debug conditions by @RKNF404 in #628 fix: right click crash due to SideByS...

Trivalent 145.0.7632.109-442868 released:

github.com/secureblue/T...

19.02.2026 19:08 πŸ‘ 5 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Release 145.0.7632.75-442755 Β· secureblue/Trivalent What's Changed feat: use source cache versioning by @RKNF404 in #624 Full Changelog: 145.0.7632.67-442735...145.0.7632.75-442755

Trivalent 145.0.7632.75-442755 released:

github.com/secureblue/T...

Google is aware that an exploit for CVE-2026-2441 exists in the wild.

14.02.2026 03:53 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
Release 145.0.7632.67-442736 Β· secureblue/Trivalent What's Changed fix(aarch64): pull Chromium patch to assume nightly rustc by @RoyalOughtness in #615 Upstream Changes https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-deskto...

Trivalent 145.0.7632.67-442736 released:

github.com/secureblue/T...

This release includes upstream security fixes for 11 CVEs. It also features a new quick action toolbar button for our dark mode toggle. You can add it to your toolbar via Settings > Appearance > Customize your toolbar.

13.02.2026 05:42 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Release v4.8.1 - Switch to Bazaar App Store Β· secureblue/secureblue v4.8.1 - Switch to Bazaar App Store All app stores (Gnome Software, Discover, Cosmic Stores) have been removed and replaced with Bazaar. Corresponding firmware update notifications provided by thos...

Release v4.8.1 is out, now with the Bazaar App Store. See the release notes for details: github.com/secureblue/s...

06.02.2026 05:01 πŸ‘ 7 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0
Preview
Release 144.0.7559.132-442539 Β· secureblue/Trivalent What's Changed fix: secureblue faq url by @RoyalOughtness in #595 feat: disable user feedback prompts by @RoyalOughtness in #596 chore(deps): bump step-security/harden-runner from 2.14.0 to 2.14.1...

Trivalent 144.0.7559.132-442539 released:

github.com/secureblue/T...

04.02.2026 16:56 πŸ‘ 3 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
HTTP 404 for repo keyring when updating Β· Issue #1416 Β· freedomofpress/dangerzone What happened? I got the following error when doing a system update: error: Updating rpm-md repo 'dangerzone': Failed to download gpg key for repo 'dangerzone': Status code: 404 for https://package...

Additional information for the previous post: github.com/freedomofpre...

01.02.2026 06:31 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

If you've installed dangerzone, you're likely having upgrade issues. Dangerzone abruptly moved their repo GPG key, which they will fix shortly. To unblock, you can simply ⁨run0edit /etc/yum.repos.d/dangerzone.repo⁩ and replace ⁨gpgkey⁩ with their new ⁨url: packages.freedom.press/yum-tools-pr...

01.02.2026 06:31 πŸ‘ 1 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Preview
Release 144.0.7559.109-442393 Β· secureblue/Trivalent What's Changed chore: update copyright statement by @RoyalOughtness in #585 chore(vanadium): update patches by @RKNF404 in #586 chore(deps): bump actions/checkout from 6.0.1 to 6.0.2 by @dependabo...

Trivalent 144.0.7559.109-442393 released:

github.com/secureblue/T...

28.01.2026 08:36 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

And yes, daily updates are pulled automatically and applied on reboot.

28.01.2026 08:31 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Updates have nothing to do with releases. Releases are symbolic. Builds are created and published daily.

28.01.2026 08:30 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Preview
Release v4.8 - Provenance, egress blocking, virtualization, and rechunking Β· secureblue/secureblue v4.8 - Provenance, egress blocking, virtualization, and rechunking Provenance Image upgrades now include automatic SLSA provenance verification. Provenance verification can also be done when manual...

Release v4.8 is out, containing a number of major improvements. See the release notes for details: github.com/secureblue/s...

23.01.2026 07:37 πŸ‘ 7 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Release 144.0.7559.96-442238 Β· secureblue/Trivalent What's Changed fix: remove quotes from generic name and comment in trivalent.desktop by @tpaau in #578 chore(deps): bump github/codeql-action from 4.31.9 to 4.31.10 by @dependabot[bot] in #582 Up...

Trivalent 144.0.7559.96-442238 released:

github.com/secureblue/T...

21.01.2026 06:08 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Release 144.0.7559.59-442111 Β· secureblue/Trivalent What's Changed feat: add comment and generic name for the desktop entry by @tpaau in #561 chore(port): update patches to 144 by @RKNF404 in #557 feat(gpusandbox): improve seccomp filter for GPU pr...

Trivalent 144.0.7559.59-442111 released:

github.com/secureblue/T...

15.01.2026 18:11 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Release 143.0.7499.192-441933 Β· secureblue/Trivalent What's Changed chore(deps): bump actions/download-artifact from 6.0.0 to 7.0.0 by @dependabot[bot] in #548 chore(deps): bump actions/upload-artifact from 5.0.0 to 6.0.0 by @dependabot[bot] in #549...

Trivalent 143.0.7499.192-441933 released:

github.com/secureblue/T...

07.01.2026 01:00 πŸ‘ 3 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Release 143.0.7499.169-441525 Β· secureblue/Trivalent What's Changed feat(ui): Translation support by @RKNF404 in #544 Upstream Changes https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_18.html Full Changelog: 143.0.749...

Trivalent 143.0.7499.169-441525 released:

github.com/secureblue/T...

19.12.2025 07:28 πŸ‘ 3 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Release 143.0.7499.146-441480 Β· secureblue/Trivalent What's Changed chore(deps): bump actions/checkout from 6.0.0 to 6.0.1 by @dependabot[bot] in #535 feat: exit immediately if run as root by @RoyalOughtness in #536 fix: avoid bwrap errors with ldpr...

Trivalent 143.0.7499.146-441480 released:

github.com/secureblue/T...

17.12.2025 04:36 πŸ‘ 3 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Release 143.0.7499.109-441349 Β· secureblue/Trivalent What's Changed feat: Create enable-partitionalloc-advanced-checks.patch by @RKNF404 in #527 chore(wrapper): various improvements Wrapper improvements by @RKNF404 in #528 docs: update selinux sente...

Trivalent 143.0.7499.109-441349 released:

github.com/secureblue/T...

Google is aware that an exploit for Bug 466192044 (no CVE issued yet) exists in the wild.

11.12.2025 04:30 πŸ‘ 4 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
Release 143.0.7499.40-441176 Β· secureblue/Trivalent What's Changed feat(theming): Classic theme by default by @RKNF404 in #519 fix(spec): properly check off version tag by @RKNF404 in #520 fix(conf): make ENABLE_VULKAN not persistent in the system ...

Trivalent 143.0.7499.40-441176 released:

github.com/secureblue/T...

03.12.2025 03:37 πŸ‘ 3 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
feat: support rechunking with build-chunked-oci by HastD Β· Pull Request #610 Β· blue-build/cli Add support for rechunking images with rpm-ostree compose build-chunked-oci. This is available in the CLI with the --build-chunked-oci option, with an optional --max-layers argument to specify the ...

Our images are now rechunked using build-chunked-oci, reducing daily update sizes by ~40%. We expect this reduction to grow as we make further optimizations. The initial update to a rechunked image will be substantially larger, but this is a one-time event.

For more info: github.com/blue-build/c...

02.12.2025 09:40 πŸ‘ 18 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
Install | secureblue Steps to install secureblue

This week we shipped ARM64 images for Beta testing. Please report any issues you encounter.

For installation instructions, consult secureblue.dev/install#arm64

29.11.2025 20:30 πŸ‘ 8 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
Preview
Release 142.0.7444.175-440855 Β· secureblue/Trivalent What's Changed chore: remove unnecessary patch by @RoyalOughtness in #511 fix(wrapper): flags variable handling by @RKNF404 in #515 Full Changelog: 142.0.7444.162-440723...142.0.7444.175-440855

Trivalent 142.0.7444.175-440855 released:

github.com/secureblue/T...
chromereleases.googleblog.com/2025/11/stab...

This release includes upstream security fixes for multiple CVEs, including CVE-2025-13223. Google is aware of an exploit for CVE-2025-13223 that exists in the wild.

18.11.2025 01:23 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Release 142.0.7444.162-440723 Β· secureblue/Trivalent What's Changed docs: Update the readme to reflect the new state of the NSS by @Collision4468 in #504 feat(ui): Move search suggestion by @RKNF404 in #510 feat(conf): Extra conf files support by @R...

Trivalent 142.0.7444.162-440723 released:

github.com/secureblue/T...
chromereleases.googleblog.com/2025/11/stab...

12.11.2025 06:29 πŸ‘ 3 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
Install | secureblue Steps to install secureblue

ISOs and Torrents for the F43-based secureblue images are now available! Please seed if you can:

secureblue.dev/install#iso
fosstorrents.com/distribution...

Many thanks to @fosstorrents.bsky.social for providing torrent hosting!

10.11.2025 05:50 πŸ‘ 3 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Making sure you're not a bot!

Yes, it was fixed in this release bodhi.fedoraproject.org/updates/FEDO...

10.11.2025 05:42 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Release 142.0.7444.134-440598 Β· secureblue/Trivalent What's Changed fix: disable ai mode omnibox entrypoint by @RoyalOughtness in #505 Full Changelog: 142.0.7444.134-440595...142.0.7444.134-440598

Trivalent 142.0.7444.134-440598 released:

github.com/secureblue/T...
chromereleases.googleblog.com/2025/11/stab...

06.11.2025 03:52 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Release v4.7 - Fedora 43 Β· secureblue/secureblue What's Changed chore(po): update PO files to reflect changes to audit script by @HastD in #1320 chore(audit): add Bazaar to "expected arbitrary permissions" list by @HastD in #1290 feat: don't ins...

Release v4.7 is out, based on Fedora 43. Thanks to everyone who helped test and fix issues. No action is needed to upgrade, you will get the new image automatically. github.com/secureblue/s...

05.11.2025 17:51 πŸ‘ 5 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0