ls -1TörténelemHUP adás-vételNépszerű témákNépszerű fórum témákHardverAjánlott böngésző Linux Weekly NewsLinux DevicesFreeBSD Project NewsOpenBSD Journal |
Linux Weekly News
LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
Webcím: http://lwn.net
Frissült: 10 másodperc Day: A New Approach to GNOME Application DesignGNOME design team member Allan Day writes about ideas in GNOME 3 application design on his blog. In the article, he looks at the use of maximized windows, views, primary toolbars, and more. The design team is documenting these ideas in a new version of the GNOME Human Interface Guidelines (HIG). "There are many other application design patterns that we've been working on, including application menus, a new grid view for displaying collections of content, in-app notifications, new models for dialogs, nice full screen controls and a sidebar list pattern. Together, these provide the opportunity to create applications that efficient, modern, elegant, and a pleasure to use."
Kategóriák: Linux
Welte: Some comments on the heated debate on SFC / Busybox / Linux GPL enforcementOver on his blog, Harald Welte comments on GPL enforcement in light of the Busybox/Toybox controversy. "In any kind of GPL enforcement, you of course not only want the complete corresponding source code to one program, but to all of the GPL/LGPL/AGPL or otherwise copyleft licensed programs contained in the product. We at gpl-violations.org have always been requesting the complete corresponding source code to all GPL licensed software during our communication with the infringing companies. This request was typically honored by everyone, without the need to apply any pressure onto it. After all, releasing only one bit of code causes the risk to get sued by somebody else who owns the other not-yet-compliant part of the code. [...] Now there have been rumors that SFC was not only requesting non-Busybox source code, but also making it a condition for the explicit re-instatement of the license on Busybox. Whether or not there was such a hard condition is subject to debate and there are different opinions on it. For those in the field of FOSS licensing, it has always known that there are different lines of thought with regard to the requirement to explicit reinstatement. We in Germany generally think that it is not required at all, and the existing preliminary injunctions at least implicitly acknowledge that as they enjoin companies from distributing a product as long as it is not in compliance with the license. In other (particularly the U.S.), it is generally assumed that explicit reinstatement is required."
Kategóriák: Linux
Friday's security updatesCentOS has updated C5: kernel (multiple vulnerabilities).
Fedora has updated F15: firefox (multiple vulnerabilities), F15: thunderbird (multiple vulnerabilities), F15: xulrunner (multiple vulnerabilities), F15: perl-gtk2-mozembed (multiple vulnerabilities), F15: gstreamer-plugins-bad-free (multiple vulnerabilities), F15: libvpx (multiple vulnerabilities), F15: gnome-python2-extras (multiple vulnerabilities), F15: thunderbird-lightning (multiple vulnerabilities), and F15: znc (denial of service). Ubuntu has updated openssl (multiple vulnerabilities) and php (multiple vulnerabilities). Kategóriák: Linux
Wayland and Weston 0.85.0 releasedThe first official releases of the Wayland display system, now split into
two pieces called "Wayland" and "Weston," are now
available. What's not immediately available is a lot of information about
what capabilities are in this release or how usable it is. "Wayland
is the protocol and IPC mechanism while Weston is the reference compositor
implementation. The 0.85 branch in both repositories is going to be
protocol and interface stable. We have a series of protocol changes on the
table before 1.0 but this branch marks a stable point before we jump into
that."
Kategóriák: Linux
The Chromium Blog on the future of JavaScriptThe Chromium Blog has an
overview of the new JavaScript features expected in a major revision of
the language next year. "A proxy simulates a JavaScript object or
function, and can customize just about any aspect of their behaviour that
you can imagine. This is a real power feature, that takes reflection to a
new level and can be used to implement various advanced abstractions and
interfaces."
Kategóriák: Linux
Jury rules that Eolas's "interactive web" patent is invalid (ars technica)Well, that was quick. The jury in a patent lawsuit against eight companies that use "interactive web" technologies has found the Eolas Technologies patent to be invalid, according to a report at ars technica. "[Tim] Berners-Lee took to Twitter to cheer the decision. 'Texas jury agreed Eolas 906 patent invalid,' he wrote. 'Good thing too!'
[...]
Companies that depend on the open Web hailed the verdict. 'We are pleased that the court found the patents invalid, as it affirms our assertion that the claims are without merit,' a Google spokesperson told Ars."
Kategóriák: Linux
Lima driver code for the Mali GPU releasedThe Lima driver project has released the code for its open source graphics driver supporting the Mali-200 and Mali-400 GPUs. "The aim of this driver is to finally bring all the advantages of open source software to ARM SoC graphics drivers. Currently, the sole availability of binary drivers is increasing development and maintenance overhead, while also reducing portability, compatibility and limiting choice. Anyone who has dealt with GPU support on ARM, be it for a linux with a GNU stack, or for an android, knows the pain of dealing with these binaries. Lima is going to solve this for you, but some time is needed still to get there." (Thanks to Paul Wise.)
Kategóriák: Linux
Security advisories for ThursdayCentOS has updated squirrelmail (C4; C5: multiple vulnerabilities) and mysql (C6: multiple unspecified vulnerabilities). Debian has updated icedove (multiple vulnerabilities) and cvs (remote code execution). Fedora has updated ettercap (F15; F16: insecure settings file), mysql (F16: multiple unspecified vulnerabilities), maniadrive (F16: PHP remote code execution), php (F16: remote code execution), php-eaccelerator (F16: remote code execution), and samba (F16: denial of service). Mandriva has updated wireshark (multiple vulnerabilities). openSUSE has updated firefox (multiple vulnerabilities), curl (authentication bypass), powerdns (denial of service), kernel (11.3; 11.4: multiple vulnerabilities), kvm (two vulnerabilities), tomcat6 (multiple vulnerabilities), apache2 (11.3; 11.4: multiple vulnerabilities), squid3 (denial of service), gnutls (denial of service), dovecot20 (certificate spoofing), xorg-x11-server (two vulnerabilities), ruby (multiple vulnerabilities), curl (multiple vulnerabilities), firefox (multiple vulnerabilities), nginx (code execution), lighttpd (denial of service), sysconfig (code execution), and opera (multiple vulnerabilities). Oracle has updated squirrelmail (OL4; OL5: multiple vulnerabilities) and mysql (OL6: multiple unspecified vulnerabilities). Red Hat has updated squirrelmail (RHEL 4&5: multiple vulnerabilities), libxml2 (RHEL 5.6: code execution), mysql (RHEL 6: multiple unspecified vulnerabilities), and kernel (RHEL 5: multiple vulnerabilities). Scientific Linux has updated squirrelmail (SL4&5: multiple vulnerabilities) and mysql (SL6: multiple unspecified vulnerabilities). SUSE has updated xulrunner (SLE 11 SP1: multiple vulnerabilities) and firefox (SLE 10 SP4: multiple vulnerabilities). Kategóriák: Linux
Trustwave admits issuing man-in-the-middle digital certificate (ComputerWorld)Here's a variant on the "untrustworthy SSL certificate authority" theme: this
ComputerWorld story describes how Trustwave issued a "subordinate root"
certificate to a private company. That allowed said company to stamp out
certificates for any domains it liked and conduct man-in-the-middle attacks
against SSL traffic from its internal network. "Trustwave defended
itself by saying that the issuing of subordinate roots to private
companies, so they can inspect the SSL-encrypted traffic that passes
through their networks, is a common practice in the industry."
Kategóriák: Linux
Patent troll claims ownership of interactive Web—and might win (ars technica)Ars technica is reporting on a patent trial taking place in ... you guessed it ... East Texas that could have quite an impact on the web as we know it. Eolas Technologies is suing eight companies including Google and Yahoo for $600 million in a series of four trials, the first of which (to determine the validity of the patents) could go to the jury today.
"Today, Doyle and his lawyers say he’s owed royalty payments for the use of a stunning array of modern Web technologies. Watching online video, having a "search suggestion" pop up in a search bar, or even rotating an image of a sweater you might want to buy on an online shopping site—all are said to infringe on the idea-space of Doyle and his company, Eolas Technologies."
Kategóriák: Linux
Btrfs: The Swiss army knife of storage (;login:)The February
2012 issue of ;login: has a
detailed overview of Btrfs [PDF] written by developer Josef Bacik.
"Btrfs’s snapshotting is simple to use and understand. The snapshots
will show up as normal directories under the snapshotted directory, and you
can cd into it and walk around like in a normal directory. By default, all
snapshots are writeable in Btrfs, but you can create read-only snapshots if
you so choose. Read-only snapshots are great if you are just going to
take a snapshot for a backup and then delete it once the backup
completes. Writeable snapshots are handy because you can do things such as
snapshot your file system before performing a system update; if the update
breaks your system, you can reboot into the snapshot and use it like your
normal file system."
Kategóriák: Linux
Kernel prepatch 3.3-rc3The 3.3-rc3 prepatch is out. "No big
surprises, which is just how I like it. About a third of the patches are in
ARM, but the bulk of that is due to the removal of the unused DMA map code
form the bcmring support. So no complaints."
Kategóriák: Linux
[$] LWN.net Weekly Edition for February 9, 2012The LWN.net Weekly Edition for February 9, 2012 is available.
Kategóriák: Linux
Intel's upcoming transactional memory featureHere is a
posting on the Intel software network describing the "transactional
synchronization extensions" feature to be found in the future "Haswell"
processor.
With transactional synchronization, the hardware can determine dynamically whether threads need to serialize through lock-protected critical sections, and perform serialization only when required. This lets the processor expose and exploit concurrency that would otherwise be hidden due to dynamically unnecessary synchronization. At the lowest level with Intel TSX, programmer-specified code regions (also referred to as transactional regions) are executed transactionally. If the transactional execution completes successfully, then all memory operations performed within the transactional region will appear to have occurred instantaneously when viewed from other logical processors. A processor makes architectural updates performed within the region visible to other logical processors only on a successful commit, a process referred to as an atomic commit. Needless to say, there should be interesting ways to use such a feature in the kernel if it works well, but other projects (PyPy, for example) have also expressed interest in transactional memory. Kategóriák: Linux
Wednesday's security updatesToday's update pile is gratifyingly small: Ubuntu has updated thunderbird (multiple vulnerabilities) and xulrunner (multiple vulnerabilities).
Kategóriák: Linux
[$] XBMC 11 "Eden"
XBMC, the open source media center, has
steadily grown from its humble origins as an X-Box only replacement
environment into the cross-platform, de facto playback front-end
for multimedia content. It merges the file-centric approach taken by
traditional video players with an add-on scripting environment that handles
remote web content. The project is currently finalizing its next major
release, version 11.0 (codenamed Eden), which includes updates
to the networking and video acceleration subsystems, broader hardware
support, and numerous changes to the APIs available to add-on developers.
Click below (subscribers only) for the full review. Kategóriák: Linux
Tratt: Fast Enough VMs in Fast Enough TimeLaurence Tratt, the designer of the Converge language, has written a
detailed introduction to RPython, the language used as the base of the
PyPy project. "However, in addition to outputting optimised C code,
RPython automatically creates a second representation of the user's
program. Assuming RPython has been used to write a VM for language L, one
gets not only a traditional interpreter, but also an optimising
Just-In-Time (JIT) compiler for free. In other words, when a program
written in L executes on an appropriately written RPython VM, hot loops
(i.e. those which are executed frequently) are automatically turned into
machine code and executed directly. This is RPython's unique selling point,
as I'll now explain."
Kategóriák: Linux
Upton: Raspberry Pi: Two things you thought you weren’t going to getLiz Upton reports
that Raspberry Pi boards will be available by the end of the month.
"There’s another big piece of news today. We’ve been leaning (gently
and charmingly) on Broadcom, who make BCM2835, the SoC at the heart of the
Raspberry Pi, to produce an abbreviated datasheet describing the ARM
peripherals in the chip. If you’re a casual user, this won’t be of much
interest to you, but if you’re wanting to port your own operating system or
just want to understand our Linux kernel sources, this is the document for
you." (Thanks to Paul Wise)
Kategóriák: Linux
Tuesday's security updatesCentOS has updated C5: openssl (multiple vulnerabilities).
Debian has updated php5 (remote code execution). Mandriva has updated glpi (information disclosure). Red Hat has updated condor (RHEL6 MRG; RHEL5 MRG: denial of service). SUSE has updated kernel (multiple vulnerabilities) and tomcat6 (multiple vulnerabilities). Ubuntu has updated OMAP kernel (denial of service/code execution). Kategóriák: Linux
Langley: Revocation checking and Chrome's CRLOn his blog, Adam Langley writes about plans for removing online certificate revocation checking in the Chrome/Chromium browser. Instead of OCSP and CRL checks, Google will be pushing lists of revoked certificates to the browser.
"While the benefits of online revocation checking are hard to find, the costs are clear: online revocation checks are slow and compromise privacy. The median time for a successful OCSP check is ~300ms and the mean is nearly a second. This delays page loading and discourages sites from using HTTPS. They are also a privacy concern because the CA learns the IP address of users and which sites they're visiting.
[...]
On this basis, we're currently planning on disabling online revocation checks in a future version of Chrome. (There is a class of higher-security certificate, called an EV certificate, where we haven't made a decision about what to do yet.)"
Kategóriák: Linux
|
KeresésNavigációBelépésÁllásajánlatokHWSWFriss blogbejegyzések
HUP napi hírlevélLegfrissebb HUP videókLegfrissebb HUP képekLegfrissebb HUP dokumentumokSzavazásAz általam leggyakrabban használt Firefox verziója: 10.x 68% 9.x 11% 8.x 1% 7.x 1% 6.x 0% 5.x 0% 4.x 0% 3.x 8% egyéb 10% Összes szavazat: 535
Új felhasználók
InformációKövess minket!Partnerünk |
Friss hozzászólások
2 perc 51 másodperc
3 perc 54 másodperc
6 perc 16 másodperc
10 perc 21 másodperc
13 perc 59 másodperc
15 perc 52 másodperc
16 perc 12 másodperc
16 perc 41 másodperc
25 perc 56 másodperc
22 perc 23 másodperc