Népszerű fórum témák
FreeBSD Project News
Linux Weekly News
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Frissült: 9 perc 50 másodperc
Jeffrey Pomerantz and Robin Peek seek to disambiguate the word "open", as it is used or misused today. Examples include open source, open access, open society, open knowledge, open government, and so on. "From the common ancestor Free Software, the term “open” diversified, filling a wide range of niches. The Open Source Definition gave rise to a number of other definitions, articulating openness for everything from hardware to knowledge. Inspired by the political philosophy of openness, the Open Society Institute funded the meeting at which the Budapest Open Access Initiative declaration was created. Open Access then gave rise to a wide range of other opens concerned with scholarship, publication, and cultural heritage generally. This spread of openness can be seen as the diversification of a powerful idea into a wide range of resources and services. It can also be seen more importantly as the arrival, society-wide, of an idea whose time has come ... an idea with political, legal, and cultural impacts." (Thanks to Paul Wise)
CentOS has updated thunderbird (C5: two vulnerabilities).
Fedora has updated botan (F23; F22: three vulnerabilities), community-mysql (F23; F22: multiple vulnerabilities), gd (F22: code execution), jackson-dataformat-xml (F23; F22: XXE attack), kernel (F22: multiple vulnerabilities), ocaml (F23: code execution), openvpn (F23: multiple vulnerabilities), and qemu (F23: multiple vulnerabilities).
openSUSE has updated Chromium (Leap42.1, 13.2: multiple vulnerabilities).
Should you happen to be running a CoreOS alpha release in an exposed setting, you'll want to have a look at this advisory and do a quick upgrade. "A misconfiguration in the PAM subsystem in CoreOS Linux Alpha 1045.0.0 and 1047.0.0 allowed unauthorized users to gain access to accounts without a password or any other authentication token being required. This vulnerability affects a subset of machines running CoreOS Linux Alpha. Machines running CoreOS Linux Beta or Stable releases are unaffected."
Linus has released the 4.6 kernel, saying: "It's just as well I didn't cut the rc cycle short, since the last week ended up getting a few more fixes than expected, but nothing in there feels all that odd or out of line." Some of the more significant changes in this release are: post-init read-only memory as a bare beginning of the effort to harden the kernel, support for memory protection keys, the preadv2() and pwritev2() system calls, the kernel connection multiplexer, the OrangeFS distributed filesystem, compile-time stack validation, the OOM reaper, and many more. See the KernelNewbies 4.6 page for an amazing amount of detail.
At his blog, Christian Schaller discusses the details of the OpenH264 media codec from Cisco, which is now available in Fedora. In particular, he notes that the codec only handle the H.264 "Baseline" profile. "So as you might guess from the name Baseline, the Baseline profile is pretty much at the bottom of the H264 profile list and thus any file encoded with another profile of H264 will not work with it. The profile you need for most online videos is the High profile. If you encode a file using OpenH264 though it will work with any decoder that can do Baseline or higher, which is basically every one of them." Wim Taymans of GStreamer is looking at improving the codec with Cisco's OpenH264 team.
CentOS has updated thunderbird (C7: multiple vulnerabilities).
Debian has updated libxstream-java (XML external-entity attack).
Fedora has updated glibc (F23: denial of service).
Red Hat has updated chromium-browser (RHEL6: multiple vulnerabilities), docker (RHEL7: privilege escalation), flash-plugin (RHEL 5,6: multiple vulnerabilities), and openshift (RHOSE 3.2: multiple vulnerabilities).
The Electronic Frontier Foundation (EFF) has announced a new name and web site for the Let's Encrypt client. The Let's Encrypt project is a free certificate authority for TLS certificates that enable HTTPS for the web. The client, now called "Certbot", uses Automatic Certificate Management Environment (ACME) to talk to the Let's Encrypt CA, though it will no longer be the "official" client and there are other ACME clients that can be used. "Along with the rename, we've also launched a brand new website for Certbot, found at https://certbot.eff.org. The site includes frequently asked questions as well as links to how you can learn more and help support the project, but by far the biggest feature of the website is an interactive instruction tool. To get the specific commands you need to get Certbot up and running, just input your operating system and webserver. No more searching through pages and pages of documentation or Google search results! While a new name has the potential for creating technical issues, the Certbot team has worked hard to make this transition as seamless as possible. Packages installed from PyPI, letsencrypt-auto, and third party plugins should all continue to work and receive updates without modification. We expect OS packages to begin using the Certbot name in the next few weeks as well. On many systems, the current client packages will automatically transition to Certbot while continuing to support the letsencrypt command so you won't have to edit any scripts you're currently using."
Oracle has updated pcre (OL7: multiple vulnerabilities).
Slackware has updated thunderbird (multiple vulnerabilities).
Ubuntu has updated qemu, qemu-kvm (multiple vulnerabilities).
The LWN.net Weekly Edition for May 12, 2016 is available.
The OpenWrt project is perhaps the most widely known Linux-based distribution for home WiFi routers and access points; it was spawned from the source code of the now-famous Linksys WRT54G router more than 12 years ago. In early May, the OpenWrt user community was thrown into a fair amount of confusion when a group of core OpenWrt developers announced that they were starting a spin-off (or, perhaps, a fork) of OpenWrt to be named the Linux Embedded Development Environment (LEDE). It was not entirely clear to the public why the split was taking place—and the fact that the LEDE announcement surprised a few other OpenWrt developers suggested trouble within the team.
The Mozilla Open Source Support (MOSS), an award program focused on supporting open source and free software, was launched last year. The first track provided support for software projects that Mozilla uses or relies on. This year MOSS is open "to any open source project in the world which is undertaking an activity that meaningfully furthers Mozilla’s mission." In other words, projects that help to ensure the Internet is a global public resource, open and accessible to all. "So if you think your project qualifies, we encourage you to apply. Applications for the Mission Partners track are open as of today. (Applications for Foundational Technology also remain open.) You can read more about our selection criteria and committee on the wiki. The budget for this track for 2016 is approximately US$1.25 million."
Greg Kroah-Hartman has released stable kernels 4.5.4, 4.4.10, and 3.14.69. All of them contain important fixes.
Fedora has updated glibc (F23: multiple vulnerabilities), graphite2 (F22: multiple vulnerabilities), ntp (F23: multiple vulnerabilities), openssl (F22: multiple vulnerabilities), pgpdump (F23; F22: denial of service), and thunderbird (F22: multiple vulnerabilities).
Red Hat has updated file (RHEL6: multiple vulnerabilities), icedtea-web (RHEL6: applet execution), java-1.8.0-ibm (RHEL6: multiple vulnerabilities), kernel (RHEL6: multiple vulnerabilities), ntp (RHEL6: multiple vulnerabilities), openshift (RHOSE3.1: information disclosure), openssh (RHEL6: multiple vulnerabilities), pcre (RHEL7: multiple vulnerabilities), and qemu-kvm-rhev (RHELOSP5 for RHEL6: code execution).
Scientific Linux has updated pcre (SL7: multiple vulnerabilities).
Slackware has updated imagemagick (multiple vulnerabilities).
SUSE has updated ImageMagick (SOSC5, SMP2.1, SM2.1, SLE11-SP4: multiple vulnerabilities).
Ubuntu has updated openjdk-6 (12.04: multiple vulnerabilities).
Techniques for hardening the security of running systems often focus on access to memory. An attacker who can write (or even read) arbitrary memory regions will be able to take over the system in short order; even the ability to access small regions of memory can often be exploited. One possible defensive technique would be to encrypt the contents of memory so that an attacker can do nothing useful with it, even if access is somehow gained; this type of encryption clearly requires hardware support. Both Intel and AMD are introducing such support in their processors, and patches to enable that support have been posted for consideration; the two manufacturers have taken somewhat different approaches to the problem, though.
BitKeeper, the inspiration behind Git and Mercurial, has been released under the Apache 2.0 License. Larry McVoy is answering questions on Hacker News, posting as 'luckydude'. In one comment he says: "Git/Github has all the market share. Trying to compete with that just proved to be too hard. So rather than wait until we were about to turn out the lights, we decided to open source it while we still had money in the bank and see what happens. We've got about 2 years of money and we're trying to build up some additional stuff that we can charge for. We're also open to being doing work for pay to add whatever it is that some company wants to BK, that's more or less what we've been doing for the last 18 years. Will it work? No idea. We have a couple of years to find out. If nothing pans out, open sourcing it seemed like a better answer than selling it off." (Thanks to Josh Triplett)
The Future of Open Source Survey aims to examine trends in open source. It's hosted by Black Duck and North Bridge. Opensource.com looks at the results. "The 2016 Future of Open Source Survey analyzed responses from nearly 3,400 professionals. Developers made their voices heard in the survey this year, comprising roughly 70% of the participants. The group that showed exponential growth were security professionals, whose participation increased by over 450%. Their participation shows the increasing interest in ensuring that the open source community pays attention to security issues in open source software and securing new technologies as they emerge."
Ars Technica likes Ubuntu's latest release, and thinks it may be the best release Canonical has presented to date. Snap packaging is part of that appeal, but Snaps have competition. "While something like Snap packages have the potential to completely change the way distros work, it remains to be seen if Snap specifically will be what ends up reaching critical mass. It's certainly possible that Snap may prove popular enough to warrant other distros incorporating it, but it's also possible that there may end up being more than one way to handle self-contained packages. Looking at Canonical's track record does not inspire confidence. Upstart gave way to systemd, the software center gave way to GNOME Software, and even simple things like scrollbars get abandoned for upstream solutions. How Snap packages end up over the long term will be fascinating for Ubuntu users to watch, but even in the worst-case scenario, fans shouldn't have anything to worry about. If one day Ubuntu does abandon Snap in favor of another system, all the changes will likely be behind the scenes. In the shorter term, Snap packages should be a boon to Ubuntu, allowing users to stick with a stable base system while still leaving them free to try just-released software packages without fear of wrecking the system."
Red Hat has updated ImageMagick (RHEL6,7: multiple vulnerabilities), openssl (RHEL6: multiple vulnerabilities), qemu-kvm (RHEL7; RHEL6: code execution), and qemu-kvm-rhev (RHOSP8; RHELOSP7 for RHEL7; RHELOSP6 for RHEL7; RHELOSP5 for RHEL7: code execution).
Ubuntu has updated kernel (15.10; 14.04; 12.04: multiple vulnerabilities), linux-lts-trusty (12.04: multiple vulnerabilities), linux-lts-utopic (14.04: multiple vulnerabilities), linux-lts-vivid (14.04: multiple vulnerabilities), linux-lts-wily (14.04: multiple vulnerabilities), linux-raspi2 (15.10: multiple vulnerabilities), linux-ti-omap4 (12.04: multiple vulnerabilities), and openssh (15.10, 14.04, 12.04: multiple vulnerabilities).
The Journal of Open Source Software (JOSS) has been announced. JOSS is an open source, developer-friendly journal for research software packages. "As academics, it's important for us to be able to measure the impact of our work, but available tools & metrics are woefully lacking when it comes to tracking research output that doesn't look like a paper. A 2009 survey of more than 2000 researchers found that > 90% of them consider software important or very important to their work — but even if you've followed this GitHub guide for archiving a GitHub repository with Zenodo (and acquired a DOI in the process), citations to your work probably aren't being counted by the people that matter." (Thanks to Paul Wise)
CentOS has updated openssl (C7: multiple vulnerabilities).
Debian has updated ikiwiki (cross-site scripting).
Fedora has updated firefox (F22: multiple vulnerabilities), kernel (F22: multiple vulnerabilities), libecap (F22: multiple vulnerabilities), openvas-cli (F22: cross-site scripting), openvas-gsa (F22: cross-site scripting), openvas-libraries (F22: cross-site scripting), openvas-manager (F22: cross-site scripting), openvas-scanner (F22: cross-site scripting), perl (F22: denial of service), quassel (F23; F22: denial of service), and squid (F22: multiple vulnerabilities).
openSUSE has updated ImageMagick (Leap42.1; 13.2: multiple vulnerabilities), java-1_7_0-openjdk (Leap42.1: multiple vulnerabilities), java-1_8_0-openjdk (Leap42.1: multiple vulnerabilities), and subversion (Leap42.1; 13.2: two vulnerabilities).
Oracle has updated openssl (OL7: multiple vulnerabilities).
Ubuntu has updated kernel (16.04: multiple vulnerabilities), linux-lts-xenial (14.04: multiple vulnerabilities), linux-raspi2 (16.04: multiple vulnerabilities), and linux-snapdragon (16.04: multiple vulnerabilities).
HUP napi hírlevél
Legfrissebb HUP képek
Ha el kell indítanod egy shell scriptet, hogyan teszed?
egyéb módon/attól függ
soha nem futtatok shell scripteket
Csak az eredmény érdekel.
Összes szavazat: 562