Népszerű fórum témák
FreeBSD Project News
Linux Weekly News
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Frissült: 6 perc 21 másodperc
The 3.18-rc4 prepatch is out for test. "Hey, things are finally calming down. In fact, it looked *really* calm until yesterday, at which point some people clearly realized 'hey, I should push my stuff to Linus so that it makes it into -rc4', and then a third of all changes came in the last day, but despite that, rc4 finally looks like things are falling into place, and we'll get to stabilize this release after all."
The Free Software Foundation (FSF) and the Software Freedom Conservancy (SFC) have announced a new site called Copyleft.org that will play host to "useful information, tutorial material, and new policy ideas regarding all forms of copyleft licensing." The most prominent content at present is a comprehensive guide to the concept of copyleft and copyleft licenses. The announcement notes that the content is viable, among other things, as training material. "As the author, primary interpreter, and ultimate authority on the GPL, the FSF is in a unique position to provide insights into understanding free software licensing. While the guide as a living text will not automatically reflect official FSF positions, the FSF has already approved and published one version for use at its Seminar on GPL Enforcement and Legal Ethics in March 2014."
At her blog, Akkana Peck has announced a new GIMP plugin called "Saver" that is intended to replace the default Save/Export functionality introduced with the GIMP 2.8 release. GIMP 2.8 famously separated "Save"and "Export" into two separate functions, with "Save" only able to write out images to GIMP's native, multi-layer XCF format. As Peck notes, that change "has been a matter of much controversy. It's been over two years now, and people are still complaining on the gimp-users list." The new plugin is an attempt to perform the "expected" action in each circumstance. "I've been using Saver for nearly all my saving for the past year. If I'm just making a quick edit of a JPEG camera image, Ctrl-S overwrites it without questioning me. If I'm editing an elaborate multi-layer GIMP project, Ctrl-S overwrites the .xcf.gz. If I'm planning to export that image for the web, I Ctrl-Shift-S to bring up the Saver As... dialog, make sure the main filename is .xcf.gz, set a name (ending in .jpg) for the exported copy; and from then on, Ctrl-S will save both the XCF and the JPG copy.
Here's a PC World article on the old, insecure version of ownCloud shipped in Ubuntu 14.04 — and the difficulties in getting it updated or removed.
Ubuntu’s developers initially balked at this. Why, this isn’t the way the system works! The package is now locked-in for the stable release and shouldn’t have any major changes, even though it’s a fundamentally insecure piece of server software. Actually removing it would be highly unusual. They proposed that ownCloud should take over maintenance of the ownCloud packages in Ubuntu and keep them up-to-date. At the very least, it was ownCloud’s job to create an empty package and go through the bureaucratic process to push it out.
The writing is a little breathless, but there is a valid issue here; the software found in the more remote corners of distribution repositories may not be particularly well maintained.
CentOS has updated php (C5: multiple vulnerabilities).
Fedora has updated hostapd (F19; F20: command execution), Pound (F19: multiple vulnerabilities), python-rhsm (F19; F20: protocol downgrade), seamonkey (F19: multiple vulnerabilities), subscription-manager (F20: protocol downgrade), webkitgtk3 (F19: protocol downgrade), wss4j (F20: authentication spoofing), and xml-security (F20: denial of service).
Oracle has updated php (O5: multiple vulnerabilities).
Debian has updated libxml-security-java (xml signature spoofing from 2013).
Ubuntu has updated libreoffice (14.10, 14.04: code execution).
Version 2.1.0 of the GNU Privacy Guard has been released; this is the first release in the new "modern" branch. Changes include elliptic curve cryptography support, better keyserver pool handling, the creation of revocation certificates by default, the removal of support for PGP2 keys, and more.
The LWN.net Weekly Edition for November 6, 2014 is available.
CGManager is a year-old project to develop a daemon to manage control groups (cgroups) on a Linux system. These days, it is mostly targeted at doing that management for LXC containers, but it was originally envisioned as an alternative to systemd's cgroup management for those distributions that were not using systemd as their init. LXC maintainer Serge Hallyn gave a presentation about CGManager on October 13 at LinuxCon Europe in Düsseldorf, Germany.
Subscribers can click below for the full report on the talk from this
CentOS has updated mod_auth_mellon (C6: two vulnerabilities).
Debian has updated php5 (three vulnerabilities).
Ubuntu has updated ruby1.8, ruby1.9.1, ruby2.0, ruby2.1 (14.10, 14.04, 12.04: two vulnerabilities).
Professor Eben Moglen, Executive Director of the Software Freedom Law Center and professor of Law and Legal History at Columbia University Law School, will be a keynote speaker at linux.conf.au.
There has been a long history of attempts to put interprocess messaging systems into the Linux kernel; in general, these attempts have not gotten very far. From the beginning, though, the expectations around "kdbus," an in-kernel implementation of the widely used D-Bus mechanism, have been higher than the usual. Kdbus has been under development for more than two years, and was unveiled at linux.conf.au in January. But it had never been posted to the linux-kernel mailing list for review and, with luck, eventual inclusion — until October 29, when Greg Kroah-Hartman posted a twelve-part series for consideration.
Linux.com looks at the distributions powering mobile devices, including Firefox OS, Tizen, Ubuntu, and WebOS. "At the Mozilla Festival held earlier this week in the U.K. , Mozilla unveiled a PiFxOS version of Firefox OS for the Raspberry Pi, also dubbed Foxberry Pi, with promises to make it competitive with Raspbian Linux. It's currently a bleeding edge demoware build, but Mozilla appears to be serious about ramping it up, with an early focus on robotics hacking and media players. PiFxOS is based on a Firefox OS port to the Pi developed by Oleg Romashin and Philip Wagner, which seems to have stalled. Mozilla plans to beef it up with support for sensors, control motors, LEDs, solenoids, and other components, as well as build a modified version for drones. A longer term project is to develop a DOM/CSS platform for robots using "a declarative model of a reactive system.""
The GNU Tools Cauldron, a conference on the low-level toolchain (GCC, glibc, GDB, etc.) was held last July. There is now a full set of videos from the event available for your viewing pleasure. Anybody with an interest in this area is advised to have a fair amount of time available before visiting that page; there are quite a few interesting topics in the list.
The Fedora 21 beta release is available for testing. "Every bug you uncover is a chance to improve the experience for millions of Fedora users worldwide. Together, we can make Fedora 21 a rock-solid distribution. We have a culture of coordinating new features and pushing fixes upstream as much as feasible and your feedback will help improve not only Fedora but Linux and free software on the whole."
CentOS has updated cups-filters (C7: command execution).
Oracle has updated cups-filters (OL7: command execution).
Scientific Linux has updated cups (SL6: multiple vulnerabilities), cups-filters (SL7: command execution), file (SL6: multiple vulnerabilities), firefox (SL5,6,7: multiple vulnerabilities), glibc (SL6: two vulnerabilities), java-1.8.0-openjdk (SL6: multiple vulnerabilities), kernel (SL7; SL6: multiple vulnerabilities), krb5 (SL6: multiple vulnerabilities), luci (SL6: code execution), php (SL6,7: multiple vulnerabilities), php53 (SL5: multiple vulnerabilities), thunderbird (SL6: multiple vulnerabilities), wget (SL6,7: symlink attack), and X11 client libraries (SL6: multiple vulnerabilities).
The openSUSE 13.2 release is now available. "This version presents the first step to adopt the new openSUSE design guidelines system-wide. The graphical revamp is noticeable everywhere: the installer, the bootloader, the boot sequence and all of the (seven!) supported desktops (KDE, GNOME, Xfce, LXDE, Enlightenment 19, Mate and Awesome). Even the experimental Plasma 5.1 is adapted to the overall experience." See the announcement for details on what's new in this release.
The Netflix Tech Blog has posted an introduction to Dynomite, a database distribution system. "In the age of high scalability and big data, Dynomite’s design goal is to turn those single-server datastore solutions into peer-to-peer, linearly scalable, clustered systems while still preserving the native client/server protocols of the datastores, e.g., Redis protocol." Dynomite is available under the Apache license.
For those who are interested in the grungy details of getting the new atomic modesetting operations working with existing graphics drivers, Daniel Vetter has the scoop: "So I've just reposted my atomic modeset helper series, and since the main goal of all that work was to ensure a smooth and simple transition for existing drivers to the promised atomic land it's time to elaborate a bit. The big problem is that the existing helper libraries and callbacks to driver backends don't really fit the new semantics, so some shuffling was required to avoid long-term pain. So if you are a driver writer and just interested in the details then read for what needs to be done to support atomic modeset updates using these new helper libraries."
HUP napi hírlevél
Legfrissebb Linux játékvideók
Legfrissebb HUP dokumentumok
Tört már össze mobiltelefonod kijelzője valaha?
Csak az eredmény érdekel.
Összes szavazat: 704