ls -1TörténelemNépszerű témákNépszerű fórum témákHardverAjánlott böngésző FreeBSD Project NewsOpenBSD JournalNetBSD News
|
Linux Weekly News
LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
Webcím: http://lwn.net
Frissült: 8 perc 53 másodperc An open-minded Internet safety curriculum (Opensource.com)Part of the curriculum for high school students in the US is a class on
internet safety. This article on Opensource.com looks
at what is taught and what else should be covered in these classes.
"Of course, we must work to help kids understand that the technology world can be a complicated and unsafe place. Digital reputation, Internet security, and online self-defense are critical skills for every citizen. However, in a rush to reduce the discussion to popular topics such as cyberbullying, online predators, and chat rooms, many schools have missed larger and more salient issues. Net Neutrality, Snowden's NSA revelations, social data mining, vendor lock-in and control: these fundamental ideas, principles, and values will ultimately shape and direct our students' technology future, and our society."
Kategóriák: Linux
The future of realtime Linux in doubtIn a message about the release of the 3.14.10-rt7 realtime Linux kernel, Thomas Gleixner reiterated that the funding problems that have plagued realtime Linux (which he raised, again, at last year's Real Time Linux Workshop) have only gotten worse. Efforts were made to find funding for the project, but "nothing has materialized". Assuming that doesn't change, Gleixner plans to cut back on development and on plans to get the code upstream. "After my last talk about the state of preempt-RT at LinuxCon Japan,
Linus told me: 'That was far more depressing than I feared'.
The mainline kernel has seen a lot of benefit from the preempt-RT
efforts in the past 10 years and there is a lot more stuff which needs
to be done upstream in order to get preempt-RT fully integrated, which
certainly would improve the general state of the Linux kernel again."
Kategóriák: Linux
Tuesday's security updatesDebian has updated vlc (code execution). Fedora has updated cacti (F19; F20: cross-site scripting), dbus (F20: denial of service), openstack-ceilometer (F20: information leak), php (F19: multiple vulnerabilities), and python-pycadf (F20: information leak). SUSE has updated PHP5 (SLE11SP1: multiple vulnerabilities). Kategóriák: Linux
First release of KDE Frameworks 5The KDE Community has announced the release of KDE Frameworks 5.0. "Frameworks 5 is the next generation of KDE libraries, modularized and optimized for easy integration in Qt applications. The Frameworks offer a wide variety of commonly needed functionality in mature, peer reviewed and well tested libraries with friendly licensing terms. There are over 50 different Frameworks as part of this release providing solutions including hardware integration, file format support, additional widgets, plotting functions, spell checking and more. Many of the Frameworks are cross platform and have minimal or no extra dependencies making them easy to build and add to any Qt application."
Kategóriák: Linux
Release for CentOS-7The CentOS project has released CentOS 7.0-1406. This release is the first
to be built with sources hosted at git.centos.org. All source rpms are
signed with the same key used to sign their binary counterparts. This
release also introduces the new numbering scheme. "The 0 component
maps to the upstream release, whose code this release is built from. The 1406
component indicates the monthstamp of the code included in the release
( in this case, June 2014 ). By using a monthstamp we are able to
respin and reissue updated media for things like container and cloud
images, that are regularly refreshed, while still retaining a
connection to the base distro version."
The release
notes also mention that this is the first release to have a supported
upgrade path, from CentOS 6.5 to CentOS 7. (Thanks to Scott Dowdle)
Kategóriák: Linux
Stable kernel updatesGreg KH has released stable kernels 3.15.4,
3.14.11, 3.10.47, and 3.4.97. All of them contain important fixes
throughout the tree.
Kategóriák: Linux
Security advisories for MondayDebian has updated kernel (privilege escalation). Fedora has updated file (F20: multiple vulnerabilities), kdelibs (F19: information disclosure), and mediawiki (F19; F20: prevent external resources in SVG files). Mageia has updated ffmpeg (MG4; MG3: multiple vulnerabilities), file (multiple vulnerabilities), libxfont (multiple vulnerabilities), and samba (multiple vulnerabilities). openSUSE has updated dbus-1 (11.4: denial of service). SUSE has updated PHP5 (SLES10: multiple vulnerabilities) and xalan-j2 (SLE11SP3: information disclosure/code execution). Ubuntu has updated EC2 kernel (10.04: privilege escalation), kernel (10.04; 12.04; 14.04: privilege escalation), linux-lts-quantal (12.04: privilege escalation), linux-lts-raring (12.04: privilege escalation), linux-lts-saucy (12.04: privilege escalation), and linux-lts-trusty (12.04: privilege escalation). Kategóriák: Linux
Garrett: Self-signing custom Android ROMsMatthew Garrett explains
how to get an Android device to refuse to boot an operating system that
has not been signed by the device's owner. "It's annoying and
involves a bunch of manual processes and you'll need to re-sign every
update yourself. But it is possible to configure Nexus devices in such a
way that you retain the same level of security you had when you were using
the Google keys without losing the freedom to run whatever you
want."
Kategóriák: Linux
Kernel prepatch 3.16-rc4Linus has released the 3.16-rc4 prepatch.
"Things have calmed down nicely, and everything seems pretty
normal."
Kategóriák: Linux
Gräßlin: Next Generation KlipperOn his blog, Martin Gräßlin examines Klipper, the KDE clipboard manager, with an eye toward how it should work for Plasma 5.1. "A clipboard history is of course an important part of a desktop shell and thus should be a first class citizen. The user interface needs to be integrate and this means the interface needs to be provided by a Plasmoid which needs to be added to the notification area. The interface would still show a list and this is best done by providing the data in the form of a QAbstractItemModel.
As there should only be one clipboard history manager, but at the same time perhaps several user interfaces for it (e.g. one panel per screen) the QAbstractItemModel holding the data needs to be provided by a DataEngine. So overall we need to separate the user interface (Plasmoid) from the data storage (DataEngine) and turn the existing Klipper in just being the data storage."
Kategóriák: Linux
Interview: Damian Conway (Linux Voice)Linux Voice magazine has an interview with Damian Conway, one of the chief architects of Perl 6. In it, he talks about Perl 6 a bit (of course), but also about Perl, in general, as well as about teaching and learning programming. "Anyone who believes you can teach programming in an hour has no idea about what programming is. I think that I finally thought that I was a confident programmer maybe about four or five years ago, so after about a quarter of a century of coding. I felt that I was an ordinary good programmer by that stage. I don’t think you can even teach HTML in an hour, to be brutally honest."
Kategóriák: Linux
Friday's security advisoriesFedora has updated apt-cacher-ng (F20: cross-site scripting) and xen (F20; F19: information leak). SUSE has updated php5 (SLE11SP2: two vulnerabilities) and php53 (SLE11SP2, SLE11SP3: multiple vulnerabilities). Kategóriák: Linux
The CHERI capability model: Revisiting RISC in an age of risk (Light Blue Touchpaper)Over at the Light Blue Touchpaper blog, there is a summary of a paper [PDF] presented in late June at the 2014 International Symposium on Computer Architecture about Capability Hardware Enhanced RISC Instructions (CHERI).
"CHERI is an instruction-set extension, prototyped via an FPGA-based soft processor core named BERI, that integrates a capability-system model with a conventional memory-management unit (MMU)-based pipeline. Unlike conventional OS-facing MMU-based protection, the CHERI protection and security models are aimed at compilers and applications. CHERI provides efficient, robust, compiler-driven, hardware-supported, and fine-grained memory protection and software compartmentalisation (sandboxing) within, rather than between, addresses spaces. We run a version of FreeBSD that has been adapted to support the hardware capability model (CheriBSD) compiled with a CHERI-aware Clang/LLVM that supports C pointer integrity, bounds checking, and capability-based protection and delegation. CheriBSD also supports a higher-level hardware-software security model permitting sandboxing of application components within an address space based on capabilities and a Call/Return mechanism supporting mutual distrust."
Kategóriák: Linux
Python Foundation uncoils as membership opens up (Opensource.com)Opensource.com has an interview with Nick Coghlan, who is a newly elected Python Software Foundation (PSF) board member. In the interview, Coghlan discusses the new open membership model for the PSF, what makes Python special, how the huge investment in OpenStack is having an impact on CPython core development, and a look at the future for both Python and the PSF. "For me, the most fascinating thing about Python is the sheer breadth of the domains it competes in. In the projects I worked on at Boeing, Python became our "go to" glue language for getting different parts of a complex system to play nicely together, as well for writing simulation tools for testing environments. Linux distributions tend to use it in a similar fashion. In the scientific space it goes head to head with the likes of MATLAB for numeric computing, and R for statistical analysis. It was the original implementation language for YouTube, and the language of choice for OpenStack components, yet still simple enough to be chosen as the preferred programming language for the Raspberry Pi and One Laptop Per Child educational programs. With the likes of Maya and Blender using it as their embedded scripting engine, animation studios love it because animators can learn to handle tasks that previously had to be handled by the studios' development teams.
That diversity of use cases can make things fraught at times, especially in core development where the competing interests can often collide, but it's also a tremendous strength."
Kategóriák: Linux
3.14 to be the next longterm stable kernelGreg Kroah-Hartman has announced that 3.14 will be the next longterm stable
kernel that he will be maintaining. It should continue to receive updates
until August 2016.
Kategóriák: Linux
Schneier: NSA Targets Privacy Conscious for SurveillanceBruce Schneier has a good summary of recently reported information about the US National Security Agency (NSA) targeting of users searching for or reading information about Tor and The Amnesic Incognito Live System (Tails), which certainly could include readers of this site. "Jake Appelbaum et. al, are reporting on XKEYSCORE selection rules that target users -- and people who just visit the websites of -- Tor, Tails, and other sites. This isn't just metadata; this is "full take" content that's stored forever. [...] It's hard to tell how extensive this is. It's possible that anyone who clicked on this link -- with the embedded torproject.org URL above -- is currently being monitored by the NSA. It's possible that this only will happen to people who receive the link in e-mail, which will mean every Crypto-Gram subscriber in a couple of weeks. And I don't know what else the NSA harvests about people who it selects in this manner.
Whatever the case, this is very disturbing." Also see reports in Linux Journal (which was specifically noted in the XKeyscore rules) and Boing Boing.
Kategóriák: Linux
OpenSSL speeds up development to avoid being “slow-moving and insular” (Ars Technica)Ars Technica reports on the OpenSSL project's new roadmap that describes a number of problems with the project and its code along with plans to address them. "The project has numerous problems, the roadmap says. These include a backlog of bug reports, incomplete and incorrect documentation, code complexity that causes maintenance problems, inconsistent coding style, a lack of code review, and having no clear release plan, platform strategy, or security strategy.
The plan is to fix all these problems. For example, bug reports should receive 'an initial response within four working days.' That goal can be met now, the roadmap says, but others will take longer. Defining a clear coding standard for the project is expected to take about three months. 'Review[ing] and revis[ing] the public API with a view to reducing complexity' will take about a year."
Kategóriák: Linux
Schaller: Wayland in Fedora updateChristian Schaller has posted an
update on Fedora's transition to the Wayland display manager.
"So the summary is that while we expect to have a version of Wayland
in Fedora Workstation 21 that will be able to run a fully functional
desktop, there are some missing pieces we now know that will not make
it. Which means that since we want to ship at least one Fedora release with
a feature complete Wayland as an option before making it default, that
means that Fedora Workstation 23 is the earliest Wayland can be the
default."
Kategóriák: Linux
Security updates for ThursdayDebian has updated dbus (three denial of service flaws). Fedora has updated libreoffice (F19: code execution), lzo (F20: denial of service/possible code execution), and seamonkey (F20; F19: multiple vulnerabilities). openSUSE has updated gpg2 (13.1, 12.3: denial of service) and memcached (13.1, 12.3: multiple vulnerabilities, one from 2011). Ubuntu has updated nspr (code execution). Kategóriák: Linux
[$] LWN.net Weekly Edition for July 3, 2014The LWN.net Weekly Edition for July 3, 2014 is available.
Kategóriák: Linux
|
KeresésNavigációBelépésHupWikiÁllásajánlatokHWSWFriss blogbejegyzésekHUP napi hírlevélLegfrissebb HUP videókLegfrissebb Linux játékvideókLegfrissebb HUP képekLegfrissebb HUP dokumentumokSzavazásVan-e hiteled és / vagy megtakarításod? Van, hitelem is és megtakarításom is - a megtakarítás a több 5% Van, hitelem is és megtakarításom is - a hitel a több 17% Nincs hitelem és van megtakarításom 44% Van hitelem és nincs megtakarításom 14% Nincs se hitelem, se megtakarításom 12% Egyéb / nem nyilatkozom / csak az eredmény érdekel stb. 7% Összes szavazat: 494
InformációKövess minket!Partnerünk |
Friss hozzászólások
19 másodperc
40 másodperc
41 másodperc
1 perc 23 másodperc
4 perc 54 másodperc
4 perc 47 másodperc
7 perc 3 másodperc
7 perc 31 másodperc
7 perc 32 másodperc
7 perc 36 másodperc