Linux Weekly News

Tartalom átvétel
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Frissült: 6 perc 43 másodperc

Linux.conf.au 2015 videos

h, 2015-01-19 22:07
Videos from linux.conf.au 2015 have been posted to YouTube.
Kategóriák: Linux

Kernel prepatch 3.19-rc5

h, 2015-01-19 18:59
On January 18, Linus Torvalds released the fifth prepatch for Linux 3.19. Things are not calming down quite the way he would like and rc5 is larger than rc4, but: "That said, it's not like there is anything particularly scary in here. The arm64 vm bug that I mentioned as pending in the rc4 notes got fixed within a day of that previous rc release, and the rest looks pretty standard. Mostly drivers (networking, usb, scsi target, block layer, mmc, tty etc), but also arch updates (arm, x86, s390 and some tiny powerpc fixes), some filesystem updates (fuse and nfs), tracing fixes, and some perf tooling fixes."
Kategóriák: Linux

Security advisories for Monday

h, 2015-01-19 18:37

Debian has updated lsyncd (command injection) and xdg-utils (command execution).

Debian-LTS has updated ia32-libs (multiple vulnerabilities).

Fedora has updated elfutils (F21: directory traversal), gd (F21: denial of service), libhtp (F21; F20: denial of service), thunderbird (F21: multiple vulnerabilities), and xen (F21; F20: denial of service).

Mageia has updated firefox, thunderbird (multiple vulnerabilities) and python-django, python-django14 (multiple vulnerabilities).

Mandriva has updated kernel (multiple vulnerabilities).

openSUSE has updated firefox (13.2; 13.1: multiple vulnerabilities), openstack-dashboard (13.1: multiple vulnerabilities), and vsftpd (13.2, 13.1: unspecified vulnerability).

Slackware has updated freetype (code execution), firefox (multiple vulnerabilities), thunderbird (multiple vulnerabilities), and seamonkey (multiple vulnerabilities).

SUSE has updated firefox (SLE12: multiple vulnerabilities).

Ubuntu has updated libevent (14.10, 14.04, 12.04, 10.04: denial of service), libssh (14.10, 14.04, 12.04: denial of service), and rpm (14.10, 14.04, 12.04: code execution).

Kategóriák: Linux

Taylor: gnome-battery-bench

p, 2015-01-16 23:36
On his blog, Owen Taylor introduces gnome-battery-bench, which is a tool to measure power usage that should help lengthen battery life on Linux systems. It can smooth out the somewhat jumpy numbers reported by powertop and provide graphical feedback of parameters like power usage and estimated battery life remaining. "gnome-battery-bench is designed as a graphical application because I want to encourage people to explore with it and find out interactively what is using power on their system. And graphing is also useful so that the user can see when something is going wrong with the measurement; sometimes batteries will report data that jumps around. But there’s also a command line version that can be used for automatic scripting of benchmarks. I decided to use recorded sequences of events for a couple of reasons: first, it’s easy for anybody to create new test sequences – you just run the gnome-battery-bench command line tool in record mode and do what you want to test. Second, playing back event sequences at a low level simulates user interaction very accurately. There is little CPU overhead, and as far as the desktop is concerned it’s exactly like user input."
Kategóriák: Linux

Stable kernels 3.18.3, 3.14.29, and 3.10.65

p, 2015-01-16 19:45
Greg Kroah-Hartman has released the 3.18.3, 3.14.29, and 3.10.65 stable kernels. As usual, there are fixes in various places throughout the tree and users should upgrade.
Kategóriák: Linux

Friday's security updates

p, 2015-01-16 16:23

Debian has updated rpm (two code execution flaws).

Debian-LTS has updated curl (HTTP request injection).

openSUSE has updated flash-player (13.2, 13.1: multiple vulnerabilities), flashplayer (11.4: multiple vulnerabilities), and util-linux (13.2, 13.1: code execution).

SUSE has updated flash-player (SLE11SP3; SLE12: multiple vulnerabilities) and kernel (SLE12: multiple vulnerabilities, one from 2013).

Kategóriák: Linux

[$] Eben Moglen returns to LCA

cs, 2015-01-15 22:08
One of the defining moments of LCA 2005 was Eben Moglen's keynote, which was mostly focused on the dangers that software patents presented to our community. Ten years later, Eben returned to LCA for another keynote address. While he had some things to say about software patents, it is clear that Eben thinks that the largest threats to our community — and our freedom in general — come from elsewhere.
Kategóriák: Linux

Varda: Sandstorm raises $1.3M seed; paying forward crowdfunds

cs, 2015-01-15 20:48
On the Sandstorm blog, co-founder and CEO Kenton Varda gives an update on the funding and plans for the company behind the open-source Sandstorm personal cloud platform. We looked at the project back in June. "In fact, we are now arguably more aligned with the community than before. Whereas previously there had been a lot of pressure on us to focus on our subscription-based managed hosting option as a way to get revenue, our immediate goal now is just to develop and prove the platform. That means that self-hosted users are just as important to us as paying subscribers. To that end, the first thing we have done with our new money is to hire Asheesh Laroia, a long-time self-hosting and Free Software enthusiast, whose main focus will be improving Sandstorm’s self-hosting experience. To be clear, everything you need to run your own Sandstorm server will always be free and open source, still developed in the open."
Kategóriák: Linux

Security advisories for Thursday

cs, 2015-01-15 18:01

CentOS has updated firefox (C7; C6; C5: multiple vulnerabilities), thunderbird (C6; C5: three vulnerabilities), and xulrunner (C7: multiple vulnerabilities).

Debian has updated iceweasel (multiple vulnerabilities) and kernel (multiple vulnerabilities, including one from 2013).

Debian-LTS has updated unrtf (two code execution flaws).

Fedora has updated firefox (F21; F20: multiple vulnerabilities), kde-runtime (F21: kwallet crypto botch from 2013), and owasp-esapi-java (F21; F20: crypto botch from 2013).

Mageia has updated flash-player-plugin (multiple vulnerabilities) and python-pip (denial of service).

Mandriva has updated libsndfile (code execution), libvirt (denial of service), mpfr (code execution), and untrf (denial of service).

Oracle has updated firefox (OL5: multiple vulnerabilities).

Red Hat has updated flash-plugin (RHEL5&6: multiple vulnerabilities).

SUSE has updated kernel (SLERTE11SP3: multiple vulnerabilities, some from 2012 and 2013) and xorg-x11-server (SLE11SP3: multiple vulnerabilities).

Ubuntu has updated coreutils (14.04, 12.04, 10.04: two vulnerabilities, one from 2009), curl (HTTP request injection), firefox (14.10, 14.04, 12.04: multiple vulnerabilities), gparted (12.04: code execution), GTK+ (14.04: lock screen bypass), unzip (three code execution flaws), and ubufox (14.10, 14.04, 12.04: multiple vulnerabilities).

Kategóriák: Linux

LWN.net Weekly Edition for January 15, 2015

cs, 2015-01-15 02:24
The LWN.net Weekly Edition for January 15, 2015 is available.
Kategóriák: Linux

[$] Bob Young on freedom, control, and the GPL

sze, 2015-01-14 23:26
Bob Young, known to the free-software community as the co-founder of Red Hat, founder of the print-on-demand service Lulu, and creator of the non-profit Center For The Public Domain, delivered the morning keynote address on the first full day of linux.conf.au (LCA) 2015 in Auckland. Although Young confessed several times to not being as plugged-in to the Linux and free-software economy as he once was, he had plenty of wisdom to dispense to the crowd.

Click below (subscribers only) for the full report from LCA 2015.

Kategóriák: Linux

Firefox 35.0

sze, 2015-01-14 20:33
Firefox 35.0 has been released. New in this release: Firefox Hello with new rooms-based conversations model, new search UI improved and enabled for more locales, access the Firefox Marketplace from the Tools menu and optional toolbar button, improved high quality image resizing performance, and more. See the release notes for details.
Kategóriák: Linux

Security advisories for Wednesday

sze, 2015-01-14 18:52

Debian has updated binutils-mingw-w64 (multiple vulnerabilities).

Fedora has updated drupal6-flag (F21; F20: code execution).

openSUSE has updated gcab (13.2, 13.1: directory traversal), jasper (13.2; 13.1; 12.3: two code execution vulnerabilities), and libsndfile (13.2, 13.1: buffer overflows).

Oracle has updated firefox (OL7; OL6: multiple vulnerabilities) and thunderbird (OL6: multiple vulnerabilities).

Red Hat has updated cloud-init (RH Common for RHEL6: denial of service), firefox (RHEL5,6,7: multiple vulnerabilities), kernel (RHEL6.4: multiple vulnerabilities), openstack-neutron (RHEL OSP: denial of service), and thunderbird (RHEL5,6: multiple vulnerabilities).

Scientific Linux has updated firefox (SL5,6,7: multiple vulnerabilities) and thunderbird (SL5,6: multiple vulnerabilities).

Ubuntu has updated git (14.10, 14.04, 12.04: code execution) and python-django (14.10, 14.04, 12.04, 10.04: multiple vulnerabilities).

Kategóriák: Linux

[$] Rockstor — A Btrfs-based NAS distribution

sze, 2015-01-14 01:45
This is the second article in a short series on distributions designed for use in a network-attached storage (NAS) box. The first was a look at OpenMediaVault, a fairly traditional NAS distribution. The subject this time around — Rockstor — is a different beast; its purpose is to make the features of the Btrfs filesystem available behind an easy-to-use, web-oriented management interface.
Kategóriák: Linux

Plasma 5.2 beta out for testing

k, 2015-01-13 23:45
KDE has announced the release of Plasma 5.2 beta. Some new components in this release include BlueDevil to manage Bluetooth devices, the Muon software manager, Login theme configuration (SDDM), KScreen to set up multiple monitors, and more.
Kategóriák: Linux

Tuesday's security updates

k, 2015-01-13 18:37

Debian has updated php5 (denial of service).

Fedora has updated ca-certificates (F20: certificate update), kernel (F20: multiple vulnerabilities), and openssl (F21: multiple vulnerabilities).

Red Hat has updated condor (RHE MRG for RHEL6; RHE MRG for RHEL5: code execution).

Ubuntu has updated kernel (14.10; 14.04; 12.04; 10.04: multiple vulnerabilities), libyaml (14.10, 14.04, 12.04: denial of service), libyaml-libyaml-perl (14.10, 14.04, 12.04: denial of service), linux-lts-trusty (12.04: multiple vulnerabilities), linux-lts-utopic (14.04: multiple vulnerabilities), linux-ti-omap4 (12.04: multiple vulnerabilities), openssl (14.10, 14.04, 12.04, 10.04: multiple vulnerabilities), and pyyaml (14.10, 14.04, 12.04: denial of service).

Kategóriák: Linux

Top 10 FOSS legal developments of 2014 (Opensource.com)

h, 2015-01-12 23:14
Mark Radcliffe covers some legal developments from 2014, on Opensource.com. "Governments are one of the most important users of software but have had a mixed record in using and contributing to FOSS (free and open source software). The EC recently announced that it intends to remove the barriers that may hinder code contributions to FOSS projects. In particular, the EC wants to clarify legal aspects, including intellectual property rights, copyright, and which author or authors to name when submitting code to the upstream repositories. Pierre Damas, Head of Sector at the Directorate General for IT, hopes that such clarification will motivate many of the EC’s software developers and functionaries to promote the use of FOSS at the EC."
Kategóriák: Linux

Security advisories for Monday

h, 2015-01-12 19:14

Debian has updated binutils (multiple vulnerabilities), openssl (multiple vulnerabilities), and otrs2 (privilege escalation).

Debian-LTS has updated openssl (multiple vulnerabilities).

Fedora has updated curl (F21; F20: access restriction bypass), kernel (F21: multiple vulnerabilities), smack (F21: IQ response spoofing), webkitgtk (F21: multiple vulnerabilities), and webkitgtk3 (F21: multiple vulnerabilities).

Mageia has updated curl (access restriction bypass), gcab (directory traversal), glpi (multiple vulnerabilities), mpfr (buffer overflow), openssl (multiple vulnerabilities), unrtf (denial of service), and wireshark (denial of service).

Mandriva has updated curl (access restriction bypass), libssh (denial of service), openssl (multiple vulnerabilities), and wireshark (denial of service).

Slackware has updated openssl (multiple vulnerabilities).

Kategóriák: Linux

Kernel prepatch 3.19-rc4

v, 2015-01-11 22:34
Linus has released the 3.19-rc4 prepatch. "Another week, another -rc. Things have remained reasonably calm, although we also had a few last-minute MM regressions. Happily, most of them got fixed really quickly, with one remaining arm64 issue still pending."
Kategóriák: Linux

Rust 1.0 alpha released

p, 2015-01-09 20:36
The alpha version of the Rust 1.0 release has been announced. There is a long list of new features added to the language; see the release notes for details. "The language is feature-complete for 1.0. While we plan to make many usability improvements before the final release, all 1.0 language features are now in place and we do not expect major breaking changes to them."
Kategóriák: Linux