Industry leader AAEON has expanded its RISC computing product portfolio with the release of the SRG-IMX8PL and PICO-IMX8PL, a Mini PC and 2.5" PICO-ITX board, respectively. Both products are powered by the NXP i.MX 8M Plus platform, featuring a quad-core Arm Cortex -A53 processor with a Neural Processing Unit (NPU) operating at up to 2.3 TOPS.

Built to provide cost-efficient IoT Gateway solutions in rugged environments, the SRG-IMX8PL and PICO-IMX8PL both offer wide temperature ranges of -40°C to 80°C with the use of a fanless heatsink, a 9 V to 36 V power input range. The SRG-IMX8PL Mini PC also features enhanced shock, drop, and vibration resistance. Dual LAN ports with IEEE 1588 and TSN capabilities, alongside Wi-Fi and 4G module support via M.2 2230 E-Key and full-size mini card, provide each device with broad connectivity options for industrial IoT use. Additionally, both the PICO-IMX8PL and SRG-IMX8PL support a wide range of operating systems, including Debian 11, Android 13, Windows 10 IoT, and Yocto, as well as data communication protocols such as Modbus, MQTT, and OPC Unified Architecture (OPC UA).

In a interesting discovery that sent a series of shockwaves through the Linux community, Andres Freund, Principal Software Engineer at Microsoft, located a malicious backdoor in the widely used compression tool called "xz Utils." The backdoor, introduced in versions 5.6.0 and 5.6.1 of the utility, can break the robust encryption provided by the Secure Shell (SSH) protocol, allowing unauthorized access to affected systems. What Andres Freund found is that the latest version of xz Utils is taking 0.5 seconds in SSH on his system, while the older system with the older version took 0.1 seconds for simple processing, prompting the user to investigate and later send a widespread act for caution. While there are no confirmed reports of the backdoored versions being incorporated into production releases of major Linux distributions, the incident has raised serious concerns among users and developers alike.

Red Hat and Debian, two of the most well-known Linux distribution developers, have reported that their recently published beta releases, including Fedora 40, Fedora Rawhide, and Debian testing, unstable, and experimental distributions, used at least one of the affected versions of xz Utils. According to Red Hat officials, the first signs of the backdoor were introduced in a February 23 update, which added obfuscated (unreadable) code to xz Utils. A subsequent update the following day introduced functions for deobfuscating the code and injecting it into code libraries during the utility's update process. The malicious code has been cleverly hidden only in the tarballs, which target upstream releases of Linux distributions.

Chinese company Sipeed has introduced the Lichee Pocket 4A, one of the first handheld gaming devices based on the RISC-V open-source instruction set architecture (ISA). Sipeed positions the device as a retro gaming platform capable of running simple titles via software rendering or GPU acceleration. At its core is Alibaba's T-Head TH1520 processor featuring four 2.50 GHz Xuantie C910 RISC-V general-purpose CPU cores and an unnamed Imagination GPU. The chip was originally aimed at laptop designs. Memory options include 8 GB or 16 GB LPDDR4X RAM and 32 GB or 128 GB of storage. The Lichee Pocket 4A has a 7-inch 1280x800 LCD touchscreen, Wi-Fi/Bluetooth connectivity, and an array of wired ports like USB and Ethernet. It weighs under 500 grams. The device can run Android or Linux distributions like Debian, Ubuntu, and others.

As an early RISC-V gaming entrant, performance expectations should be modest—the focus is retro gaming and small indie titles, not modern AAA games. Specific gaming capabilities remain to be fully tested. However, the release helps showcase RISC-V's potential for consumer electronics and competitive positioning against proprietary ISAs like ARM. Pricing is still undefined, but another Sipeed handheld console retails for around $250 currently. Reception from enthusiasts and developers will demonstrate whether there's a viable market for RISC-V gaming devices. Success could encourage additional hardware experimentation efforts across emerging open architectures. With a 6000 mAh battery, battery life should be decent. Other specifications can be seen in the table below, and the pre-order link is here.

GIGABYTE Technology, Giga Computing, a subsidiary of GIGABYTE and an industry leader in high-performance servers, server motherboards, and workstations, today announced four new GIGABYTE R-series servers for AmpereOne Family of processors for cloud-native computing where high compute density per rack and power-efficiency matter.

For cloud-native computing, hyperscalers or cloud service providers (CSPs) rely on predictable high-performance, scalable infrastructure, and power efficient nodes. GIGABYTE servers running the AmpereOne Family platform achieve those expectations, but this is not the first time GIGABYTE has worked with Ampere Computing. The partnership first started in 2020 with the launch of the Ampere Altra platform. And this new family of AmpereOne processors will not supersede the Altra platform, rather it is an extension of what Arm architecture is capable of by Ampere Computing. For instance, the CPU core count goes beyond 128 cores in Altra to 136-192 cores in AmpereOne for new levels of performance and VM density. On top of that, the private L2 cache per core has doubled and there is support for DDR5 memory and PCIe Gen 5.

After 1 year, 9 months, and 28 days of development, the Debian project is proud to present its new stable version 12 (code name bookworm). bookworm will be supported for the next 5 years thanks to the combined work of the Debian Security team and the Debian Long Term Support team.

Following the 2022 General Resolution about non-free firmware, we have introduced a new archive area making it possible to separate non-free firmware from the other non-free packages:

• non-free-firmware
• Most non-free firmware packages have been moved from non-free to non-free-firmware. This separation makes it possible to build a variety of official installation images.

Debian 12 bookworm ships with several desktop environments, such as:

• Gnome 43,
• KDE Plasma 5.27,
• LXDE 11,
• LXQt 1.2.0,
• MATE 1.26,
• Xfce 4.18

AMD's upcoming Radeon RX 7800 XT has made an appearance online, having been tested in Geekbench. The entire system appears to be some kind of internal test system at AMD, as it's listed as "Advanced Micro Devices X670_E7" on Geekbench. The system consists of an AMD Ryzen 9 7950X CPU paired with what should be 64 GB of RAM and oddly enough running Debian Linux. It's also entirely possible that this is a fake submission, which makes somewhat sense considering the weak performance. The Radeon RX 7800 XT was tested using the Vulkan test in Geekbench and you can find the numbers below.

Overall, the card scored 113,819 points in the Vulkan test, which is close to what an AMD Radeon RX 6700 XT scores on an older Ryzen 7 5700X system with 32 GB of RAM, so not too much should be read into the performance figures here. However, this gives us the first indication that AMD is readying its RX 7800 XT GPUs—assuming it's a real submission—which may or may not be announced at Computex later this month. However, there have been rumours that the RX 7800 XT has been pushed back, with the lower-end cards launching first, but we don't have long until we find out at least.

A press release (dated April 27) states: "We plan to release Debian 12.0 "Bookworm" on June 10. If you want to celebrate it, please consider attending a Debian release party, or hosting your own! See wiki.debian.org/ReleasePartyBookworm for more information. The release process typically takes the whole day and the release isn't done until the early hours of Sunday UTC."

Full Freeze Date
With the release date set, it's time to announce the Full Freeze date: Wednesday May 24. This means that from that moment on, every package requires a manual unblock by the release team if it needs to migrate to bookworm. Please note that, as with all freezes, the newrules apply for all packages that haven't migrated to testing yet (not only for uploads after the freeze). For all uploads, please review the Freeze Policy once again to make sure you know what is appropriate at this phase of the release.