Népszerű fórum témák
FreeBSD Project News
Linux Weekly News
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Frissült: 9 perc 35 másodperc
The development of the Foresight Linux distribution has come to an end. "The Foresight Linux Council has determined that there has been insufficient volunteer activity to sustain meaningful new development of Foresight Linux. Faced with the need either to update the project's physical infrastructure or cease operations, we find no compelling reason to update the infrastructure."
Greg Kroah-Hartman has released stable kernel 3.19.8. This is the last kernel in the 3.19.x series and users should upgrade to 4.0.x.
Arch Linux has updated docker (multiple vulnerabilities).
Fedora has updated firefox (F20: multiple vulnerabilities), libreoffice (F20: code execution), netcf (F21; F20: denial of service), perl-XML-LibXML (F21; F20: information disclosure), proftpd (F21: unauthenticated copying of files), prosody (F20: denial of service), thunderbird (F20: multiple vulnerabilities), and xulrunner (F20: multiple vulnerabilities).
Mageia has updated wordpress (cross-site scripting).
Ubuntu has updated icu (15.04, 14.10, 14.04: code execution), kernel (14.10, 14.04: regression in previous update), libtasn1-3, libtasn1-6 (15.04, 14.10, 14.04, 12.04: denial of service), linux-lts-utopic (14.04: regression in previous update), and linux-lts-trusty (12.04: regression in previous update).
The 4.1 development cycle continues with the release of 4.1-rc3. "Go out and test. By -rc3, things really should be pretty non-threatening and this would be a good time to just make sure everything is running smoothly if you haven't tried one of the earlier development kernels already."
At the Go Blog, Andrew Gerrand provides a look at the language's approach to combining example code and documentation. "Godoc examples are snippets of Go code that are displayed as package documentation and that are verified by running them as tests. They can also be run by a user visiting the godoc web page for the package and clicking the associated "Run" button. Having executable documentation for a package guarantees that the information will not go out of date as the API changes." Each package's examples are compiled as part of the package test suite; examples can also (optionally) be executed in order to capture failures with the testing framework.
Fedora has updated async-http-client (F20: multiple vulnerabilites), realmd (F21: unsanitized input), springframework (F20: information disclosure), testdisk (F20: multiple vulnerabilities), and v8 (F20; F21: denial of service).
Mandriva has updated libtasn1 (BS1,2: code execution).
Greg Kroah-Hartman has released the latest batch of stable kernels: 3.10.77, 3.14.41, 3.19.7, and 4.0.2. As usual, they contain fixes all over the tree and users should upgrade.
Over at Opensource.com, one of the translators for OpenStack, Łukasz Jernaś, is interviewed about the process of translating a large project like OpenStack. "How does OpenStack's release cycle play into the translation process? Is it manageable to get translations done on a six-month release cycle? Most of the work gets done after the string freeze period, which happens around a month before the release, with a lot of it being completed after getting the first release candidate out of the window. Documentation is translated during the entire cycle, as many parts are common between releases and can be deployed independently to the releases. So we don't have to focus that much about deadlines, as it's available online all the time and not prepackaged and pushed out to users and distributions. Of course, having a month to do the translations can be cumbersome, depending on the team doing the translation (some do that part time, some people in their spare time), and how many developers push out new strings during the string freeze."
Debian has updated sqlite3 (three vulnerabilities).
Mageia has updated dpkg (integrity verification bypass), libtasn1 (denial of service), perl-XML-LibXML (information disclosure), qt3, qt4, and qtbase5 (three vulnerabilities), and tcl-tcllib (cross-site scripting).
Mandriva has updated perl-XML-LibXML (BS1,2: information disclosure).
The LWN.net Weekly Edition for May 7, 2015 is available.
Two talks at the 2015 Libre Graphics Meeting in Toronto came from video-editing projects. One was an update from Natron, a relatively young project that deals with video compositing, while the other was a reflection on ten years' worth of development on the general-purpose non-linear editor (NLE) Pitivi. Both are active projects, but they take two markedly different approaches: one aims to support an existing industry standard, while the other must build its core functionality from the ground up.
Debian has updated dnsmasq (information disclosure).
Mageia has updated erlang (man-in-the-middle attack), glibc (multiple vulnerabilities), mariadb (multiple unspecified vulnerabilities), qtwebkit (denial of service), and x11-server (two vulnerabilities).
Red Hat has updated openstack-glance (RHELOSP6.0: denial of service).
Ubuntu has updated clamav (15.04, 14.10, 14.04, 12.04: multiple vulnerabilities), kernel (15.04; 14.10; 14.04; 12.04: privilege escalation), linux-lts-trusty (12.04: privilege escalation), linux-lts-utopic (14.04: privilege escalation), oxide-qt (15.04, 14.10, 14.04: multiple vulnerabilities), and ppp (14.10, 14.04, 12.04: denial of service).
This year the International Day Against DRM will be held on May 6. The Free Software Foundation focuses on community with a wide variety of community groups, activist organizations, and businesses all taking part in the ninth International Day Against DRM.
The FSF's DefectiveByDesign campaign looks at how DRM affects people with disabilities. "DRM is especially bad for those of us that face additional hurdles using computers. It's beastly for blind people, who are dependent on an audiobook market heavily laden with DRM."
Early support for hosting Git repositories directly on Launchpad has been announced. "This has been by far the single most commonly requested feature from Launchpad code hosting for a long time; we’ve been working hard on it for several months now, and we’re very happy to be able to release it for general use. This is distinct from the facility to import code from Git (and some other systems) into Bazaar that Launchpad has included for many years."
CoreOS looks at community adoption of the App Container spec (appc). "In order to ensure the specification remains a community-led effort, the appc project has established a governance policy and elected several new community maintainers unaffiliated with CoreOS: initially, Vincent Batts of Red Hat, Tim Hockins of Google and Charles Aylward of Twitter. This new set of maintainers brings each of their own unique points of view and allows appc to be a true collaborative effort. Two of the initial developers of the spec from CoreOS, Brandon Philips and Jonathan Boulle, remain as maintainers, but now are proud to have the collective help of others to make the spec what it is intended to be: open, well-specified and developed by a community."
Debian has updated wordpress (multiple vulnerabilities).
Fedora has updated mingw-curl (F21: multiple vulnerabilities), mingw-libgcrypt (F21: multiple vulnerabilities), mingw-openssl (F21: multiple vulnerabilities), and mingw-qt5-qtbase (F21: multiple vulnerabilities).
Mageia has updated clamav (multiple vulnerabilities), gstreamer0.10-plugins-bad (code execution), hiawatha (multiple vulnerabilities), net-snmp (code execution), nodejs (privilege escalation), pdns, pdns-recursor (denial of service), and squid (certificate validation bypass).
Mandriva has updated cherokee (MBS1.0: authentication bypass), clamav (MBS2.0, MBS1.0: multiple vulnerabilities), directfb (MBS2.0, MBS1.0: two vulnerabilities), fcgi (MBS1.0: denial of service), mariadb (MBS2.0, MBS1.0: multiple unspecified vulnerabilities), ppp (MBS2.0, MBS1.0: denial of service), and ruby (MBS2.0, MBS1.0: man-in-the-middle attack).
Synfig Studio 1.0 has been released. This version features a reworked UI, a full-featured bone system to create cutout animation, advanced image distortion, a new Cutout Tool, sound support, and more.
Debian has updated jqueryui (cross-site scripting), libphp-snoopy (command execution), libxml-libxml-perl (information disclosure), owncloud (multiple vulnerabilities), ruby1.8 (man-in-the-middle attack), ruby1.9.1 (man-in-the-middle attack), and ruby2.1 (man-in-the-middle attack).
Debian-LTS has updated xorg-server (denial of service).
Fedora has updated clamav (F21: multiple vulnerabilities), curl (F21: multiple vulnerabilities), ikiwiki (F21; F20: cross-site scripting), mingw-libtiff (F21: two vulnerabilities), proftpd (F20: unauthenticated copying of files), qt3 (F21; F20: code execution), and xen (F21; F20: information leak).
Mageia has updated 389-ds-base (access control bypass), cherokee (authentication bypass), chromium-browser-stable (multiple vulnerabilities), curl (multiple vulnerabilities), directfb (two vulnerabilities), fcgi (denial of service), python-pip (two vulnerabilities), ruby (man-in-the-middle attack), and subversion (multiple vulnerabilities).
The second 4.1 prepatch is out for testing. "As usual, it's a mixture of driver fixes, arch updates (with s390 really standing out due to that one prng commit), and some filesystem and networking."
HUP napi hírlevél
Legfrissebb HUP képek
Hol chateteltek manapság?
Gmail (hangout, gchat)
Összes szavazat: 447