Linux Weekly News

Tartalom átvétel
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Frissült: 3 hét 43 perc

Mesa 13.0.0 released

cs, 2016-11-03 00:04
The Mesa project has announced version 13.0.0 of the 3D graphics library that provides an open-source implementation of OpenGL. "This release has huge amount of features, but without a doubt the biggest ones are: Vulkan driver for hardware supported by the AMDGPU kernel driver [and] OpenGL 4.4/4.5 capability, yet the drivers may expose lower version due to pending Khronos CTS validation."
Kategóriák: Linux

Eben Moglen on GPL Compliance and Building Communities: What Works (Linux.com)

sze, 2016-11-02 23:28
Linux.com has a transcript of Eben Moglen's talk in New York on October 28. "I have some fine clients and wonderful friends in this movement who have been getting rather angry recently. There is a lot of anger in the world, in fact, in politics. Our political movement is not the only one suffering from anger at the moment. But some of my angry friends, dear friends, friends I really care for, have come to the conclusion that they’re on a jihad for free software. And I will say this after decades of work—whatever else will be the drawbacks in other areas of life—the problem in our neighborhood is that jihad does not scale." There is a video of the talk available as well.
Kategóriák: Linux

Collabora Online Development Edition 2.0 released

sze, 2016-11-02 18:19
Version 2.0 of the Collabora Online Development Edition online office suite has been released. "Collabora Productivity, the developers behind LibreOffice Online, announced the release of CODE 2.0, including the latest and most requested feature from customers: collaborative editing. Developers and home users are encouraged to update, try this out and get involved with the latest developments." See this blog entry for lots of details.
Kategóriák: Linux

Security advisories for Wednesday

sze, 2016-11-02 17:47

Arch Linux has updated bind (denial of service).

Debian has updated bind9 (denial of service) and tar (file overwrite).

Debian-LTS has updated libwmf (denial of service), tiff (multiple vulnerabilities), and tiff3 (two vulnerabilities).

Fedora has updated ecryptfs-utils (F23: two vulnerabilities), libass (F23: multiple vulnerabilities), libXfixes (F23: integer overflow), libXrandr (F23: insufficient validation), libXrender (F23: insufficient validation), libXtst (F23: insufficient validation), libXv (F23: insufficient validation), libXvMC (F23: insufficient validation), systemd (F23: denial of service), and tor (F23: denial of service).

Mageia has updated libtiff (two vulnerabilities).

Red Hat has updated java-1.7.0-ibm (RHEL5: multiple vulnerabilities), java-1.7.1-ibm (RHEL6,7: multiple vulnerabilities), and java-1.8.0-ibm (RHEL6,7: multiple vulnerabilities).

SUSE has updated bind (SLE12-SP1,2; SLES12: denial of service), curl (SLE12-SP1; SSO1.3: multiple vulnerabilities), nodejs4 (SLEM12: multiple vulnerabilities), php7 (SLEM12: many vulnerabilities), and php7 (SLEM12: three vulnerabilities in libgd).

Ubuntu has updated bind9 (denial of service), dbus (denial of service from 2015), libgd2 (three vulnerabilities), mailman (two vulnerabilities), oxide-qt (16.10, 16.04, 14.04: multiple vulnerabilities), and python-django (two vulnerabilities).

Kategóriák: Linux

Project for porting C to Rust gains Mozilla's backing (InfoWorld)

k, 2016-11-01 23:18
InfoWorld takes a look at a C-to-Rust translation project called Corrode. "What Corrode does not do (yet) is take constructs specific to C and rewrite them in memory-safe Rust equivalents. In other words, it performs the initial grunt work involved in porting a project from C to Rust, but it leaves the heavier lifting -- for example, using Rust's idioms and language features -- to the developer."
Kategóriák: Linux

[$] A discussion on stable kernel workflow issues

k, 2016-11-01 21:35
The opening session at the 2016 Kernel Summit, led by Jiri Kosina, had to do with the process of creating stable kernel updates. There is, he said, a bit of a disconnect between what the various parties involved want, and that has led to trouble for the consumers of the stable kernel releases.

Click below (subscribers only) for the first article from LWN's 2016 Kernel Summit coverage

Kategóriák: Linux

Minoca OS goes open source

k, 2016-11-01 19:19
Minoca OS has been released under the GNU GPLv3. "Minoca OS is a general purpose operating system written completely from the ground up. It’s intended for devices looking to conserve power, memory, and storage. It aims to be lean, maintainable, modular, and compatible with existing software."
Kategóriák: Linux

Stable kernel 4.4.30

k, 2016-11-01 17:00
Stable kernel 4.4.30 has been released. "This fixes a bug in 4.4.29 and older kernels by reverting two patches that should not have been applied."
Kategóriák: Linux

Security updates for Tuesday

k, 2016-11-01 16:56

Arch Linux has updated libxml2 (two vulnerabilities) and memcached (three code execution vulnerabilities).

Debian-LTS has updated libxml2 (two vulnerabilities) and tar (file overwrite).

Fedora has updated tor (F24: denial of service).

Gentoo has updated openvpn (information disclosure) and unzip (multiple vulnerabilities from 2014).

Mageia has updated flash-player-plugin (code execution).

Red Hat has updated kernel (RHEL6.6; RHEL6.4; RHEL6.2: two vulnerabilities), mariadb55-mariadb (RHSCL: multiple vulnerabilities), and mysql55-mysql (RHSCL: multiple vulnerabilities).

Slackware has updated kernel (local privilege escalation (Dirty COW)), libX11 (multiple vulnerabilities), mariadb (multiple vulnerabilities), and php (multiple vulnerabilities).

SUSE has updated php5 (SLEMWS12: multiple vulnerabilities).

Kategóriák: Linux

The (updated) history of Android (Ars Technica)

h, 2016-10-31 22:31
Ars Technica covers the history of Android from version 0.5 to 7.0 "Nougat". "One of the most interesting additions to Nougat is a revamp of the app framework to allow for resizable apps. This allowed Google to implement split screen on phones and tablets, picture-in-picture on Android TV, and a mysterious floating windowed mode. We've been able to access the floating window mode with some software trickery, but we've yet to see Google use it in an actual product. Is it being aimed at desktop computing?"
Kategóriák: Linux

Two stable kernel updates

h, 2016-10-31 19:18
Greg Kroah-Hartman has released stable kernels 4.8.6 and 4.4.29. Both of them contain important fixes throughout the tree.
Kategóriák: Linux

Security advisories for Monday

h, 2016-10-31 18:25

CentOS has updated kernel (C5: two vulnerabilities).

Debian has updated ghostscript (regression in previous update).

Debian-LTS has updated bash (error in previous update), cairo (denial of service), ghostscript (regression in previous update), and qemu-kvm (multiple vulnerabilities).

Fedora has updated kdepim (F24: three vulnerabilities), kdepim-addons (F24: three vulnerabilities), kdepim-apps-libs (F24: three vulnerabilities), kdepim-runtime (F24: three vulnerabilities), kf5-akonadi-calendar (F24: three vulnerabilities), kf5-akonadi-contacts (F24: three vulnerabilities), kf5-akonadi-mime (F24: three vulnerabilities), kf5-akonadi-notes (F24: three vulnerabilities), kf5-akonadi-search (F24: three vulnerabilities), kf5-akonadi-server (F24: three vulnerabilities), kf5-calendarsupport (F24: three vulnerabilities), kf5-eventviews (F24: three vulnerabilities), kf5-gpgmepp (F24: three vulnerabilities), kf5-grantleetheme (F24: three vulnerabilities), kf5-incidenceeditor (F24: three vulnerabilities), kf5-kalarmcal (F24: three vulnerabilities), kf5-kblog (F24: three vulnerabilities), kf5-kcalendarcore (F24: three vulnerabilities), kf5-kcalendarutils (F24: three vulnerabilities), kf5-kcontacts (F24: three vulnerabilities), kf5-kdgantt2 (F24: three vulnerabilities), kf5-kholidays (F24: three vulnerabilities), kf5-kidentitymanagement (F24: three vulnerabilities), kf5-kimap (F24: three vulnerabilities), kf5-kldap (F24: three vulnerabilities), kf5-kmailtransport (F24: three vulnerabilities), kf5-kmbox (F24: three vulnerabilities), kf5-kmime (F24: three vulnerabilities), kf5-kontactinterface (F24: three vulnerabilities), kf5-kpimtextedit (F24: three vulnerabilities), kf5-ktnef (F24: three vulnerabilities), kf5-libgravatar (F24: three vulnerabilities), kf5-libkdepim (F24: three vulnerabilities), kf5-libkleo (F24: three vulnerabilities), kf5-libksieve (F24: three vulnerabilities), kf5-mailcommon (F24: three vulnerabilities), kf5-mailimporter (F24: three vulnerabilities), kf5-messagelib (F24: three vulnerabilities), kf5-pimcommon (F24: three vulnerabilities), kf5-syndication (F24: three vulnerabilities), kleopatra (F24: three vulnerabilities), and nodejs (F24: code execution).

Gentoo has updated adobe-flash (multiple vulnerabilities), chromium (many vulnerabilities), and wget (code execution).

openSUSE has updated flash-player (13.1: use-after-free), ImageMagick (13.2: multiple vulnerabilities), and libpng12 (13.2: read underflow).

Oracle has updated kernel (OL5: local privilege escalation (Dirty COW)).

Red Hat has updated kernel (RHEL5.9; RHEL5.6: local privilege escalation (Dirty COW)).

Scientific Linux has updated kernel (SL5: two vulnerabilities).

SUSE has updated gd (SLE12-SP1: three vulnerabilities) and php7 (SLE12-SP1: three vulnerabilities).

Kategóriák: Linux

Kernel prepatch 4.9-rc3

v, 2016-10-30 04:44
The 4.9-rc3 prepatch is out. "It turns out that the bug that we thought was due to the new virtually mapped stacks during the rc2 release wasn't due to that at all, but a block request queuing race condition. So people who turned off the new feature weren't actually avoiding it at all." The new feature appears to be solid, but more testing is always welcome.
Kategóriák: Linux

What comes after ‘iptables’? Its successor, of course: `nftables` (RH blog)

p, 2016-10-28 19:52
The Red Hat Developers Blog is running an introduction to the nftables packet filtering system. "nftables implements a set of instructions, called expressions, which can exchange data by storing or loading it in a number of registers. In other words, the nftables core can be seen as a virtual machine. Applications like the nftables front end-tool nft can use the expressions offered by the kernel to mimic the old iptables matches while gaining more flexibility."
Kategóriák: Linux

Formatted kernel documentation at kernel.org

p, 2016-10-28 18:13
For the last couple of release cycles, the kernel's ongoing transition to the Sphinx documentation system has left kernel.org behind. Thanks to some work by Konstantin Ryabitsev, that situation has now been remedied, and kernel.org has the formatted documentation generated from the current -rc kernel. The DocBook-generated documents remain available for as long as DocBook stays in use. (For those interested in the linux-next version of the documentation, the version on LWN's server is usually up to date; it currently has the changes that are queued for 4.10.)
Kategóriák: Linux

A change of lawyers at the FSF

p, 2016-10-28 18:05
The Free Software Foundation has announced that Eben Moglen has stepped down as the organization's general counsel; there is no word on who his replacement will be. "The FSF looks forward to working together in other capacities with Professor Moglen and SFLC on future projects to advance the free software movement and use of the GNU General Public License (GPL)."
Kategóriák: Linux

Two new stable kernels

p, 2016-10-28 17:33
Greg Kroah-Hartman has released the 4.8.5 and 4.4.28 stable kernels. As usual, they contain fixes throughout the tree and users of those series should upgrade.
Kategóriák: Linux

[$] Defending against Rowhammer in the kernel

p, 2016-10-28 17:01
The Rowhammer vulnerability affects hardware at the deepest levels. It has proved to be surprisingly exploitable on a number of different systems, leaving security-oriented developers at a loss. Since it is a hardware vulnerability, it would appear that solutions, too, must be placed in the hardware. Now, though, an interesting software-based mitigation mechanism is under discussion on the linux-kernel mailing list. The ultimate effectiveness of this defense is unproven, but it does show that there may be hope for a solution that doesn't require buying new computers.
Kategóriák: Linux

Friday's security advisories

p, 2016-10-28 16:13

Debian has updated nginx (packaging problem in previous security update).

Debian-LTS has updated tre (code execution).

openSUSE has updated flash-player (13.2: code execution).

Red Hat has updated kernel (RHEL5: two vulnerabilities) and nodejs and nodejs-tough-cookie (RHOSE: two vulnerabilities).

SUSE has updated flash-player (SLE12: code execution).

Ubuntu has updated firefox (two vulnerabilities), , nginx (16.10, 16.04, 14.04: packaging problem in previous security update), and thunderbird (multiple vulnerabilities).

Kategóriák: Linux

Gregg: DTrace for Linux 2016

cs, 2016-10-27 20:02
Brendan Gregg celebrates the capabilities of Linux kernel tracing with BPF. "With the final major capability for BPF tracing (timed sampling) merging in Linux 4.9-rc1, the Linux kernel now has raw capabilities similar to those provided by DTrace, the advanced tracer from Solaris. As a long time DTrace user and expert, this is an exciting milestone! On Linux, you can now analyze the performance of applications and the kernel using production-safe low-overhead custom tracing, with latency histograms, frequency counts, and more."
Kategóriák: Linux