• Open Source Watch
  • Posts
  • Rocky Linux offers code security patches and info in real-time.

Rocky Linux offers code security patches and info in real-time.

Security is a big deal, and Rocky Enterprise Software Foundation is offering its software chain and components to its users.

Last year, with the Rocky Enterprise Software Foundation (RESF)'s release of Rocky Linux 9, CentOS and Rocky Linux co-founder Gregory Kurtzer also released a completely cloud-native Linux distribution build stack called Peridot. Then, Kurtzer said, "anyone can create, build, enhance, and manage Rocky Linux, or other distros for that matter. Now, CIQ engineers have also released the Rocky Linux 9 errata subsystem as an open-source project, which is fully integrated with Peridot.

What that means is you can now build and enhance your own take on Rocky Linux, the Red Hat Enterprise Linux (RHEL) clone with full access to the latest bug fixes, security patches, and feature enhancements. RESF will continue to maintain the project, providing users with more granular control over their systems.

This errata is crucial in managing supply chain security. It provides a clear view of the latest bug fixes, Common Vulnerabilities and Exposures (CVEs), functionality enhancements, and more, in real time. 

Instead of using the old-school  Network File System (NFS) for storage, Periot relies  on object storage. This makes the maintenance and publishing of repository states more efficient and reliable. The system's CVE indexer and errata mirroring tool provide a comprehensive view of software updates, while its cloud-native repository manager, yumrepofs, streamlines the management of Rocky Linux packages. RESF will also provide full API access to this data. Thus, further increasing the Rocky software supply chain's transparency and security. 

“We believe that transparency and reporting of security within the software supply chain should be freely available,” said Kurtzer in a statement. “For this reason, we have released not only the front-end but also the backend indexers, so others can collaborate to further the shared need for software supply chain management and security.”

Other noteworthy Linux and open-source stories: