A statement from the project said secure boot was now fully supported for amd64, i386 and arm64 architectures and should work out of the box on most secure boot-enabled machines.
More than 91% of the source packages included will build bit-for-bit identical binary packages.
"This is an important verification feature which protects users against malicious attempts to tamper with compilers and build networks," the statement, put out by Debian press team member Donald Norwood, said.
|
|
Debian is known for its support of different architecture and this time 10 are supported: 64-bit PC/Intel EM64T/x86-64 (amd64), 32-bit PC/Intel IA-32 (i386), 64-bit little-endian Motorola/IBM PowerPC (ppc64el), 64-bit IBM S/390 (s390x), for ARM, armel and armhf for older and more recent 32-bit hardware, plus arm64 for the 64-bit "AArch64" architecture, and for MIPS, mips (big-endian) and mipsel (little-endian) architectures for 32-bit hardware and mips64el architecture for 64-bit little-endian hardware.
There are a number of live images so that people can try out the distribution without installing it.
Linux distributions are well known for the choice they offer in graphical environments, and Debian offers the choice of Cinnamon 3.8, GNOME 3.30, KDE Plasma 5.14, LXDE 0.99.2, LXQt 0.14, MATE 1.20 and Xfce 4.12.
The release uses the Wayland display server instead of Xorg by default. However Xorg is also installed and users can opt to use it if they so wish.
The default framework used for network filtering is nftables. But the older iptables is also present and can be chosen through the "alternatives" system.
"For those in security-sensitive environments AppArmor, a mandatory access control framework for restricting programs' capabilities, is installed and enabled by default," Norwood said.
"Furthermore, all methods provided by APT (except cdrom, gpgv, and rsh) can optionally make use of "seccomp-BPF" sandboxing. The https method for APT is included in the apt package and does not need to be installed separately."
The last release, Stretch, was in June 2017.
Contacted for his comments, Debian Project Leader Sam Hartman said: "Watching the Debian release process is a humbling experience. Ultimately it comes down to teams of consummate professionals all around the world working in parallel to provide our users and the free software community with the best release ever.
"Yes, we have automated testing and tooling, but ultimately Debian is a community of people and we want to stand behind our work. So on release day, the Debian community gathers all around the world to perform last-minute testing and put together the final errata for the release.
"Meanwhile our publicity and Web teams work to help our users understand what we're getting. We take our stable releases very seriously, but we also take the opportunity to have fun and to welcome the next generation of contributors to the process. The pride shown on release day is at the core of Debian's quality."
