Linux Weekly News

Tartalom átvétel
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Frissült: 21 perc 50 másodperc

Justin Miller on how Mapbox runs like an open source project (Opensource.com)

h, 2014-07-14 21:01
Opensource.com has been running a series of interviews with OSCON speakers. In this article Justin Miller, a developer at Mapbox, talks with Michael Harrison.

[Michael] Mapbox is "running a business like you would run an open source project." Can you elaborate on what that means?

[Justin] This is the meat of my talk, but basically, the organization is flat and open. People join in on projects based on interest and available time, or start their own projects based on an idea and the ability to convince a couple coworkers that it's a worthwhile effort. If you have an idea for improvement, talk is cheap and putting in the code to demonstrate its potential is preferred. It's a very exciting way to choose direction and participation and lets everyone engage based on their interests and skill set. And nearly everything we write, anything that's easily reusable by someone else, is completely open source.

Kategóriák: Linux

Security advisories for Monday

h, 2014-07-14 18:32

Fedora has updated claws-mail (F20: code execution), claws-mail-plugins (F20: code execution), docker-io (F20; F19: privilege escalation), openstack-nova (F20: privilege escalation), and pnp4nagios (F20; F19: cross-site scripting).

openSUSE has updated python (13.1, 12.3: missing boundary check).

Slackware has updated php (multiple vulnerabilities).

Kategóriák: Linux

Kernel prepatch 3.16-rc5

h, 2014-07-14 15:56
Linus has sent out the 3.16-rc5 prepatch. "Things are looking normal, and as usual, I _wish_ there was a bit less churn going on since it's getting fairly late in the rc cycle, but honestly, it's not like there is anything that really raises any eyebrows here."
Kategóriák: Linux

First Release of LibreSSL Portable Available

p, 2014-07-11 23:03

OpenBSD Journal is reporting that the first release of LibreSSL Portable is available for download from OpenBSD project servers. LibreSSL is the OpenSSL fork started in April by members of the OpenBSD development community after the "Heartbleed" vulnerability; the "Portable" version is designed to run on operating systems other than OpenBSD itself, including Linux. The announcement calls this release "an initial release to allow the community to start using and providing feedback;" it is tagged as version 2.0.0.

Kategóriák: Linux

Friday's security updates

p, 2014-07-11 17:55

Debian has updated eglibc (privilege escalation), libav (code execution), and libxml2 (denial of service).

Fedora has updated ansible (F19; F20: unspecified vulnerability) and kernel (F20: multiple vulnerabilities).

Mandriva has updated apache-mod_wsgi (BS1: multiple vulnerabilities), asterisk (BS1: multiple vulnerabilities), and samba (BS1: multiple vulnerabilities).

Kategóriák: Linux

Day: Sandboxed applications for GNOME

p, 2014-07-11 01:43
In the first of a two-part series, GNOME contributor Allan Day looks at sandboxed applications for the GNOME desktop. In this installment, he looks at the benefits of application sandboxes from a couple of different angles. "Security and privacy, I think, are core beliefs for Free Software. Users should be able to trust us to have their interests at heart, and should be able to have more faith in our products than proprietary alternatives. Ironically, though, the Free Software desktop world hasn’t done a great job at security. It is actually pretty scary what a malicious desktop application could do if it wants to. We rely on transparency and good faith to ensure that applications do not infringe on user privacy, rather than robust technical architecture."
Kategóriák: Linux

Boyer: At the playground

p, 2014-07-11 00:57
Fedora kernel team member Josh Boyer, writes about a Fedora kernel-playground Copr (Cool Other Project Repository) on his blog. The idea is to provide an unsupported kernel that has some new features for those who want to help develop and test them. "OK, now that we have that out of the way, let's talk about what is actually in kernel-playground. At the moment there are two additions on top of the standard rawhide kernel; overlayfs (v22) and kdbus. Overlayfs is one of the top competing "union" filesystems out there, and has actually been posted for review for the past few releases. It has the best chance of landing upstream sometime this decade, and there has been interest in it for quite a while. I believe things like Docker would also be able to make use of it as a backend. I'll track upstream submissions and update accordingly. kdbus is of course the thing that Lennart Poettering and Kay Sievers have been talking about at various conferences for a while now. It is the in-kernel d-bus replacement. It has not been submitted for upstream review yet, but systemd already has support for it and things seem to be progressing well there."
Kategóriák: Linux

Security updates for Thursday

cs, 2014-07-10 18:26

CentOS has updated lzo (C7: denial of service/possible code execution), samba (C7: three vulnerabilities), samba, samba3x (C6; C5: two vulnerabilities), and tomcat6 (C6: multiple vulnerabilities).

Debian has updated phpmyadmin (multiple vulnerabilities).

Mageia has updated flash-player-plugin (multiple vulnerabilities).

Mandriva has updated gd (BS1.0: denial of service), liblzo (BS1.0: denial of service/possible code execution), and python (BS1.0: information leak).

Oracle has updated samba, samba3x (OL6; OL5: two vulnerabilities) and tomcat6 (OL6: multiple vulnerabilities).

Red Hat has updated flash-plugin (RHEL5&6: multiple vulnerabilities), lzo (RHEL6&7: denial of service/possible code execution), samba (RHEL7: three vulnerabilities), samba, samba3x (RHEL5&6: two vulnerabilities), and tomcat6 (RHEL6: multiple vulnerabilities).

Scientific Linux has updated lzo (SL6: denial of service/possible code execution), samba and samba3x (SL5&6: two vulnerabilities), and tomcat6 (SL6: multiple vulnerabilities).

Ubuntu has updated php5 (multiple vulnerabilities).

Kategóriák: Linux

[$] LWN.net Weekly Edition for July 10, 2014

cs, 2014-07-10 03:36
The LWN.net Weekly Edition for July 10, 2014 is available.
Kategóriák: Linux

Andrew Tanenbaum retires

cs, 2014-07-10 00:21
Professor Andrew Tanenbaum, creator of MINIX, is retiring after 43 years at the Vrije Universiteit in the Netherlands. He will give a final lecture at the VU on October 23, which will be followed by a reception. (Thanks to Michael Kerrisk.)
Kategóriák: Linux

Stable kernel updates

sze, 2014-07-09 21:51
Stable kernels 3.15.5, 3.14.12, 3.10.48, and 3.4.98 have been released. All of them contain plenty of important fixes.
Kategóriák: Linux

[$] Filesystem notification, part 1: An overview of dnotify and inotify

sze, 2014-07-09 19:39

Filesystem notification APIs provide a mechanism by which applications can be informed when events happen within a filesystem—for example, when a file is opened, modified, deleted, or renamed. Over time, Linux has acquired three different filesystem notification APIs, and it is instructive to look at them to understand what the differences between the APIs are. It's also worthwhile to consider what lessons have been learned during the design of the APIs—and what lessons remain to be learned.

The first part of guest author Michael Kerrisk's series on filesystem notification in Linux is now available for subscribers.

Kategóriák: Linux

Security advisories for Wednesday

sze, 2014-07-09 19:17

CentOS has updated lzo (C6: code execution).

Debian has updated php5 (multiple vulnerabilities).

Fedora has updated owncloud (F20: undisclosed vulnerability), python-django-evolution (F20; F19: incompatible versions), ReviewBoard (F20; F19: incompatible versions), and samba (F19: multiple vulnerabilities).

Gentoo has updated adobe-flash (multiple vulnerabilities).

Mageia has updated dpkg (multiple vulnerabilities), freerdp (two vulnerabilities), gd (denial of service), liblzo (code execution), php (MG4; MG3: multiple vulnerabilities), python (two vulnerabilities), and python-simplejson (missing boundary check).

Mandriva has updated ffmpeg (BS1.0: multiple vulnerabilities), file (BS1.0: multiple vulnerabilities), gnupg (BS1.0: denial of service), iodine (BS1.0: authentication bypass), libxfont (BS1.0: multiple vulnerabilities), php (BS1.0: multiple vulnerabilities), and phpmyadmin (BS1.0: multiple cross-site scripting vulnerabilities).

openSUSE has updated kernel (11.4: privilege escalation).

Oracle has updated lzo (OL6: code execution).

Red Hat has updated cumin (MRG for RHEL6; MRG for RHEL5: two vulnerabilities).

Ubuntu has updated dbus (14.04, 13.10, 12.04: multiple denial of service flaws).

Kategóriák: Linux

An open-minded Internet safety curriculum (Opensource.com)

k, 2014-07-08 20:05
Part of the curriculum for high school students in the US is a class on internet safety. This article on Opensource.com looks at what is taught and what else should be covered in these classes. "Of course, we must work to help kids understand that the technology world can be a complicated and unsafe place. Digital reputation, Internet security, and online self-defense are critical skills for every citizen. However, in a rush to reduce the discussion to popular topics such as cyberbullying, online predators, and chat rooms, many schools have missed larger and more salient issues. Net Neutrality, Snowden's NSA revelations, social data mining, vendor lock-in and control: these fundamental ideas, principles, and values will ultimately shape and direct our students' technology future, and our society."
Kategóriák: Linux

The future of realtime Linux in doubt

k, 2014-07-08 18:45
In a message about the release of the 3.14.10-rt7 realtime Linux kernel, Thomas Gleixner reiterated that the funding problems that have plagued realtime Linux (which he raised, again, at last year's Real Time Linux Workshop) have only gotten worse. Efforts were made to find funding for the project, but "nothing has materialized". Assuming that doesn't change, Gleixner plans to cut back on development and on plans to get the code upstream. "After my last talk about the state of preempt-RT at LinuxCon Japan, Linus told me: 'That was far more depressing than I feared'. The mainline kernel has seen a lot of benefit from the preempt-RT efforts in the past 10 years and there is a lot more stuff which needs to be done upstream in order to get preempt-RT fully integrated, which certainly would improve the general state of the Linux kernel again."
Kategóriák: Linux

Tuesday's security updates

k, 2014-07-08 17:51

Debian has updated vlc (code execution).

Fedora has updated cacti (F19; F20: cross-site scripting), dbus (F20: denial of service), openstack-ceilometer (F20: information leak), php (F19: multiple vulnerabilities), and python-pycadf (F20: information leak).

SUSE has updated PHP5 (SLE11SP1: multiple vulnerabilities).

Kategóriák: Linux

First release of KDE Frameworks 5

k, 2014-07-08 00:56
The KDE Community has announced the release of KDE Frameworks 5.0. "Frameworks 5 is the next generation of KDE libraries, modularized and optimized for easy integration in Qt applications. The Frameworks offer a wide variety of commonly needed functionality in mature, peer reviewed and well tested libraries with friendly licensing terms. There are over 50 different Frameworks as part of this release providing solutions including hardware integration, file format support, additional widgets, plotting functions, spell checking and more. Many of the Frameworks are cross platform and have minimal or no extra dependencies making them easy to build and add to any Qt application."
Kategóriák: Linux

Release for CentOS-7

h, 2014-07-07 21:17
The CentOS project has released CentOS 7.0-1406. This release is the first to be built with sources hosted at git.centos.org. All source rpms are signed with the same key used to sign their binary counterparts. This release also introduces the new numbering scheme. "The 0 component maps to the upstream release, whose code this release is built from. The 1406 component indicates the monthstamp of the code included in the release ( in this case, June 2014 ). By using a monthstamp we are able to respin and reissue updated media for things like container and cloud images, that are regularly refreshed, while still retaining a connection to the base distro version." The release notes also mention that this is the first release to have a supported upgrade path, from CentOS 6.5 to CentOS 7. (Thanks to Scott Dowdle)
Kategóriák: Linux

Stable kernel updates

h, 2014-07-07 19:46
Greg KH has released stable kernels 3.15.4, 3.14.11, 3.10.47, and 3.4.97. All of them contain important fixes throughout the tree.
Kategóriák: Linux

Security advisories for Monday

h, 2014-07-07 18:39

Debian has updated kernel (privilege escalation).

Fedora has updated file (F20: multiple vulnerabilities), kdelibs (F19: information disclosure), and mediawiki (F19; F20: prevent external resources in SVG files).

Mageia has updated ffmpeg (MG4; MG3: multiple vulnerabilities), file (multiple vulnerabilities), libxfont (multiple vulnerabilities), and samba (multiple vulnerabilities).

openSUSE has updated dbus-1 (11.4: denial of service).

SUSE has updated PHP5 (SLES10: multiple vulnerabilities) and xalan-j2 (SLE11SP3: information disclosure/code execution).

Ubuntu has updated EC2 kernel (10.04: privilege escalation), kernel (10.04; 12.04; 14.04: privilege escalation), linux-lts-quantal (12.04: privilege escalation), linux-lts-raring (12.04: privilege escalation), linux-lts-saucy (12.04: privilege escalation), and linux-lts-trusty (12.04: privilege escalation).

Kategóriák: Linux