Népszerű fórum témák
FreeBSD Project News
Linux Weekly News
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Frissült: 9 perc 53 másodperc
The digiKam team has announced the release of digiKam Software Collection 5.0.0. "This release marks almost complete port of the application to Qt5. All Qt4/KDE4 code has been removed and many parts have been re-written, reviewed, and tested. Porting to Qt5 required a lot of work, as many important APIs had to be changed or replaced by new ones. In addition to code porting, we introduced several changes and optimizations, especially regarding dependencies on the KDE project. Although digiKam is still a KDE desktop application, it now uses many Qt dependencies instead of KDE dependencies. This simplifies the porting job on other operating systems, code maintenance, while reducing the sensitivity of API changes from KDE project."
Those who are anxiously awaiting this week's edition later today (or tomorrow, depending on time zone) will have to wait another day. The US Independence Day holiday fell on Monday, so LWN staff took that day off for barbecues, fireworks, and other festivities. That means the edition will go out sometime in the early morning hours UTC on Friday, July 8. For those who celebrated the holiday, we hope you had a great one; for those who didn't, we certainly hope you had a great day too! We will be back on our normal schedule next week.
Debian-LTS has updated sqlite3 (information leak).
Mageia has updated gimp (use-after-free), iperf (denial of service), libarchive (multiple vulnerabilities), libgd (multiple vulnerabilities), libtorrent-rasterbar (denial of service), php (multiple vulnerabilities), phpmyadmin (multiple vulnerabilities), pidgin (multiple vulnerabilities), squidguard (cross-site scripting), and xerces-c (denial of service).
SUSE has updated xen (SLE11-SP3: multiple vulnerabilities - some from 2013).
Ubuntu has updated gimp (15.10, 14.04, 12.04: use-after-free), libimobiledevice (16.04, 15.10, 14.04: sockets listening on INADDR_ANY), libusbmuxd (16.04, 15.10: sockets listening on INADDR_ANY), and tomcat6, tomcat7 (multiple vulnerabilities).
The last time LWN looked at formatted kernel documentation in January, it seemed like the merging of AsciiDoc support for the kernel's structured source-code documentation ("kernel-doc") comments, was imminent. As Jonathan Corbet, in the capacity of the kernel documentation maintainer, wrote: "A good-enough solution that exists now should not be held up overly long in the hopes that vague ideas for something else might turn into real, working code." Sometimes, however, the threat that something not quite perfect might be merged is enough to motivate people to turn those vague ideas into something real.
Subscribers can click below to see the full story by guest author (and the developer behind most of the Sphinx work) Jani Nikula.
KDE Plasma 5.7 has been released. This release features the return of the agenda view in the calendar, improvements to the Volume Control applet allow volume control on a per-application basis, improved Wayland support, and more. "This release brings Plasma closer to the new windowing system Wayland. Wayland is the successor of the decades-old X11 windowing system and brings many improvements, especially when it comes to tear-free and flicker-free rendering as well as security. The development of Plasma 5.7 for Wayland focused on quality in the Wayland compositor KWin. Over 5,000 lines of auto tests were added to KWin and another 5,000 lines were added to KWayland which is now released as part of KDE Frameworks 5."
Debian-LTS has updated pidgin (multiple vulnerabilities).
Fedora has updated gimp (F24: use-after-free), kernel (F23: multiple vulnerabilities), libreoffice (F23: code execution), mbedtls (F24: three vulnerabilities), mediawiki (F24; F23: multiple vulnerabilities), mingw-xerces-c (F24: three vulnerabilities), ntp (F23; F22: multiple vulnerabilities), php (F24; F23; F22: multiple vulnerabilities), php-pecl-zip (F24; F23; F22: two vulnerabilities), phpMyAdmin (F23; F22: multiple vulnerabilities), pypy (F24; F23: startTLS stripping attack), pypy3 (F24: two vulnerabilities), python3 (F23: two vulnerabilities), qemu (F23; F22: multiple vulnerabilities), setroubleshoot-plugins (F23: command injection), and xerces-c (F24: two vulnerabilities).
openSUSE has updated gimp (Leap42.1, 13.2: use-after-free), GraphicsMagick (13.2: multiple vulnerabilities), kinit (Leap42.1, 13.2: privilege escalation), and spice (Leap42.1; 13.2: two vulnerabilities).
Slackware has updated thunderbird (multiple vulnerabilities).
The 4.7-rc6 kernel prepatch is out, right on schedule. "I'd love to tell you that things are calming down, and we're shrinking, but that would be a lie. It's not like this is a huge rc, but it's definitely bigger than the previous rc's were. I don't think that's necessarily a big problem, it seems to be mostly timing."
Slackware Linux Project has announced the release of Slackware version 14.2. "Slackware 14.2 brings many updates and enhancements, among which you'll find two of the most advanced desktop environments available today: Xfce 4.12.1, a fast and lightweight but visually appealing and easy to use desktop environment, and KDE 4.14.21 (KDE 4.14.3 with kdelibs-4.14.21) a stable release of the 4.14.x series of the award- winning KDE desktop environment. These desktops utilize eudev, udisks, and udisks2, and many of the specifications from freedesktop.org which allow the system administrator to grant use of various hardware devices according to users' group membership so that they will be able to use items such as USB flash sticks, USB cameras that appear like USB storage, portable hard drives, CD and DVD media, MP3 players, and more, all without requiring sudo, the mount or umount command. Just plug and play. Slackware's desktop should be suitable for any level of Linux experience." See the release notes for more details.
Debian-LTS has updated libvirt (authentication bypass), qemu (multiple vulnerabilities), qemu-kvm (multiple vulnerabilities), roundcube (cross-site scripting), wget (code execution), and wireshark (multiple vulnerabilities).
Fedora has updated kernel (F24: multiple vulnerabilities), python-django-horizon (F23: cross-site scripting), python3 (F24: StartTLS stripping), squidGuard (F22; F23; F24: cross-site scripting), struts (F23; F24: multiple vulnerabilities), and wordpress (F22; F23; F24: multiple vulnerabilities).
Ubuntu has updated oxide-qt (14.04, 15.10, 16.04: multiple vulnerabilities).
Linux Mint 18 has been released with Cinnamon and MATE editions. "Linux Mint 18 is a long term support release which will be supported until 2021. It comes with updated software and brings refinements and many new features to make your desktop even more comfortable to use." The MATE edition has MATE 1.14 along with many other updates listed on the What's New page. The Cinnamon edition has Cinnamon 3.0 (which we recently reviewed) and lots of other new packages described on its What's New page. The release notes pages (MATE, Cinnamon) also have important information on the releases.
The "Bits Please" blog has a detailed description of how one breaks full-disk encryption on an Android phone. Included therein is a lot of information on how full-disk encryption works on Android devices and its inherent limitations. "Instead of creating a scheme which directly uses the hardware key without ever divulging it to software or firmware, the code above performs the encryption and validation of the key blobs using keys which are directly available to the TrustZone software! Note that the keys are also constant - they are directly derived from the SHK (which is fused into the hardware) and from two 'hard-coded' strings. Let's take a moment to explore some of the implications of this finding."
CoreOS has announced the availability of version 3.0 of the etcd distributed key-value store. "etcd 3.0 marks the first stable release of the etcd3 API and data model. Upgrades are simple, because the same etcd2 JSON endpoints and internal cluster protocol are still provided in etcd3. Nevertheless, etcd3 is a wholesale API redesign based on feedback from etcd2 users and experience with scaling etcd2 in practice. This post highlights some notable etcd3 improvements in efficiency, reliability, and concurrency control."
Ubuntu has updated libreoffice (16.04, 15.10, 12.04: code execution).
The LWN.net Weekly Edition for June 30, 2016 is available.
At last year's PyCon in Montréal, Josh Triplett introduced the work he and others have done to port Python to run in the GRUB boot loader. At this year's PyCon in Portland, Oregon, he updated attendees on progress that has been made in the BIOS Implementation Test Suite (BITS) to add networking support. True to form, his presentation came with an eye-opening demonstration of the networking implemented in BITS.
The PulseAudio 9.0 release is out. Changes include improvements to automatic routing, beamforming support, use of the Linux memfd mechanism for transport, higher sample-rate support, and more; see the release notes for details.
See also: this article from Arun Raghavan on how the beamforming feature works. "The basic idea is that if you have a number of microphones (a mic array) in some known arrangement, it is possible to 'point' or steer the array in a particular direction, so sounds coming from that direction are made louder, while sounds from other directions are rendered softer (attenuated)."
The -stable kernel release process faces a contradictory set of constraints. Developers naturally want to get as many fixes into -stable as possible but, at the same time, there is a strong desire to avoid introducing new regressions there. Each -stable release is, after all, intended to be more stable than its predecessor. At times there have been complaints that -stable is too accepting and too prone to regressions, but not many specifics. But, it turns out, this is an area where at least a little bit of objective research can be done.
GitHub has published its 2015 transparency report. "This 2015 report details the types of requests we receive for user accounts, user content, information about our users, and other such information, and how we process those requests. Transparency and trust are essential to GitHub and to the open source community, and giving you access to information about these requests can protect you, protect us, and help you feel safe as you work on GitHub." The report notes that a significant number of requests for removal of content are notices submitted under the Digital Millennium Copyright Act, or the DMCA.
HUP napi hírlevél
Aki hozzánk programozói tudást igénylő pozícióra jelentkezik ...
Előbb lát egy szakmai tesztet, mint hogy a CV-jét egyáltalán megnéznénk
Előbb megnézzük a CV-jét, és ha az megfelelő, egy szakmai teszt az első amit kap tőlünk
Szakmai teszttel és a HR-es kérdésekkel nagyjából egyidőben találkozik egymást nem kizárva (pl egyfordulós interjú)
Előbb HR-es kérdéseket kap, majd azalapján döntünk, hogy kap-e szakmai tesztet (pl szakmai teszt csak második fordulóban)
Egyéb / Nincs munkám / Egyéni vállalkozó vagyok / Csak protekcióval felvételiztetünk / etc
Összes szavazat: 317