Népszerű fórum témák
FreeBSD Project News
Linux Weekly News
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Frissült: 7 perc 17 másodperc
Red Hat has announced that it is acquiring Ansible, the company behind the Ansible configuration management system. "Ansible's automation capabilities, together with Red Hat's existing management portfolio, will help users drive down the cost and complexity of deploying and managing both cloud-native and traditional applications across hybrid cloud environments." LWN looked at Ansible in August.
Arch Linux has updated mbedtls (code execution).
Mageia has updated roundcubemail (multiple vulnerabilities).
openSUSE has updated flash-player (13.2, 13.1: multiple vulnerabilities), jakarta-taglibs-standard (13.2, 13.1: code execution), rsync (13.2, 13.1: file checksum collision), and spice (13.2, 13.1: multiple vulnerabilities).
Red Hat has updated flash-plugin (RHEL6: multiple vulnerabilities).
SUSE has updated docker (SLE12: two vulnerabilities).
The LWN.net Weekly Edition for October 15, 2015 is available.
On the final day of LinuxCon Europe 2015, HP's Chief Technology Officer Martin Fink delivered a bold keynote about software licensing. Fink recapped the negative effects of license proliferation and addressed projects that use their choice of license as hostile act against the competition. He then ended the session with an extended appeal to move the open-source software industry away from permissive licenses like Apache 2.0 and toward copyleft licenses like the GPL. Not doing so, he said, puts the FOSS community at just as much risk of collapse as license proliferation threatened to in years past.
openSUSE has updated polkit (13.2, 13.1: multiple vulnerabilities).
Ubuntu has updated gdk-pixbuf (15.04, 14.04, 12.04: two vulnerabilities).
There has been a lot of concern recently that a new set of rules [PDF] from the US Federal Communications Commission (FCC) could lead to locking-down of home router devices. It appears that the worst-case scenario feared by many will not come to pass, but that has not stopped a large, high-profile group of developers from putting together a detailed counter-proposal to the FCC that could change the game entirely. Not content with fending off the lockdown threat, this group seeks to push the pendulum the other way by forcing router software to be open. The result, it is said, would be an Internet that performs better and which is much more secure.
The term "bundling" refers to the practice of distributing a copy of one software project (usually some sort of library) within another one. Software developers may have a number of reasons for bundling, but Linux distributors tend to dislike it for reasons of their own. The Fedora project, in particular, has long forbidden bundling except in a few cases where it could not be avoided. It now seems, though, that Fedora has decided to back off a bit on its anti-bundling policy — a decision that is not uniformly popular in its development community, but which may well be necessary to help ensure the distribution's ongoing relevance.
Debian has updated kernel (multiple vulnerabilities).
Debian-LTS has updated linux-2.6 (multiple vulnerabilities).
SUSE has updated kernel-source (SLE12: multiple vulnerabilities).
Here is an article in Slate about the dangers of using closed-source software to provide evidence in criminal trials. "Because eliminating errors from code is so hard, experts have endorsed openness to public scrutiny as the surest way to keep software secure. Similarly, requiring the government to rely exclusively on open-source forensic tools would crowd-source cross-examination of forensic device software. Forensic device manufacturers, which sell exclusively to government crime laboratories, may lack incentives to conduct the obsessive quality testing required."
The Electronic Frontier Foundation reports that 567 relays from the 2014 Tor Challenge are still up and running—"more than were established during the entire inaugural Tor Challenge back in 2011. To put that number in perspective, these nodes represent more than 8.5% of the roughly 6,500 public relays currently active on the entire Tor network, a system that supports more than 2-million directly connecting clients worldwide."
Arch Linux has updated gdk-pixbuf2 (two vulnerabilities).
Debian has updated spice (multiple vulnerabilities).
Fedora has updated ntp (F22: multiple vulnerabilities).
Mageia has updated isodumper (MG5: command execution), jakarta-commons-httpclient (MG5: denial of service), kernel-linus (MG5: multiple vulnerabilities), php-ZendFramework/php-ZendFramework2 (MG5: privilege escalation), php/php-timezonedb (MG5: multiple vulnerabilities), and spice (MG5: multiple vulnerabilities).
The fifth 4.3 prepatch is out. "It's the usual 'lots of small fixes to drivers and architecture code, with some filesystem updates thrown in for variety'." This prepatch also features a change to the kernel codename, which is now "Blurry Fish Butt".
The new version of the WRT1900AC router from Linksys looks like just another high-end home router, but there is an important difference: "Linksys has collaborated with OpenWrt and Marvell to provide full open source support for the WRT1900ACS in OpenWrt's stable and development branches." When asked, the company confirmed that the router is fully supported by free drivers. LWN is not normally filled with new-product announcements, but, given the pervasive binary-blob problem in this space, a router with free drivers seems noteworthy.
Arch Linux has updated opensmtpd (multiple vulnerabilities).
openSUSE has updated freetype2 (13.1: two vulnerabilities from 2014).
SUSE has updated firefox (SLE11SP3, SLE11SP4: multiple vulnerabilities).
The Creative Commons has announced that a "detailed analysis" has determined that materials licensed under BY-SA 4.0 license may be distributed under the terms of GPLv3. "But if your use case calls for or requires (in the case of remixing CC BY-SA 4.0 and GPLv3 material to make a single adaptation) releasing a CC BY-SA 4.0 adaptation under GPLv3, now you can: copyright in the guise of incompatible copyleft licenses is no longer a barrier to growing the part of the commons you’re working in. We hope that this new compatibility not only removes a barrier, but helps inspire new and creative combinations of software and culture, design, education, and science, and the adoption of software best practices such as source control (e.g., through “git”) in these fields."
On his blog, Martin Gräßlin has posted an update on porting KDE's Plasma desktop to Wayland. There has been progress in various areas, including transient window positioning (which makes menus appear at the right location), Plasma/KWin specific extensions, support for multiple X servers, and support for "KWin in the cloud": "So on Friday I decided to dedicate my development time on a virtual framebuffer backend. This backend (to start use kwin_wayland --xwayland --virtual) doesn’t render to any device, but only “simulates” rendering by using a QImage which then isn’t used at all. Well not completely true: there is an environment variable to force the backend to store each rendered frame into a temporary directory. Why is such a virtual backend so exiting? Well it means we can run KWin anywhere. We are not bound to any hardware restrictions like screen attached or screen resolution. With other words we can run it on servers – in the cloud. The first such instance runs on our CI [continuous integration] servers in the form of an automated integration test. And in future there will be much more such tests."
Arch Linux has updated bugzilla (privilege escalation).
openSUSE has updated IPython, (cross-site scripting).
SUSE has updated php5 (SLE11SP2: three vulnerabilities).
SCSI subsystem maintainer James Bottomley has posted a different view on the issue of civility on the kernel's mailing lists. "So, by and large, I’m proud of the achievements we’ve made in civility and the way we have improved over the years. Are we perfect? by no means (but then perfection in such a large community isn’t a realistic goal). However, we have passed our stress test: that an individual with bad patches to several mailing lists was met with courtesy and helpful advice, in spite of serially repeating the behaviour."
The LWN.net Weekly Edition for October 8, 2015 is available.
Drivers for graphics hardware are an important part of the graphics stack, so it was not unexpected that the 2015 X.Org Developers Conference had several status updates for free graphics drivers. Three projects had talks: the Nouveau driver for NVIDIA devices, the amdgpu driver for AMD hardware, and the Etnaviv driver for Vivante GPUs. Each presented an update on its progress and plans.
HUP napi hírlevél
Legfrissebb HUP képek
Black Friday ...
Lehetne jobb is.
Egyéb, leírom, nem tudom stb.
Összes szavazat: 377