Linux Weekly News

Tartalom átvétel
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Frissült: 2 perc 43 másodperc

LedgerSMB 1.4.0 released

h, 2014-09-15 16:43
Version 1.4.0 of the LedgerSMB accounting system is out. It features a new contact management subsystem, a reworked report generation subsystem, better integration with other business applications, and more. The announcement left out download information; those who are interested can find the software at ledgersmb.org.
Kategóriák: Linux

Kernel prepatch 3.17-rc5

h, 2014-09-15 15:11
The fifth 3.17 prepatch is out. "So I should probably have delayed this until Wednesday for sentimental reasons: that will be 23 years since I uploaded the 0.01 source tree. But I'm not an overly sentimental person, so screw that. I'm doing my normal Sunday release." Linus noted that this is a relatively large set of changes, so any thoughts of doing an early 3.17 release (to avoid conflicts between the merge window and his travel plans) have to be put aside.
Kategóriák: Linux

Klumpp: Listaller: Back to the future!

p, 2014-09-12 23:27

At his blog, Matthias Klumpp provides an update on recent work in Listaller, the cross-distribution framework for third-party package installation. The core issue is that Listaller currently relies on PackageKit's plugin infrastructure, which is going away. As a result, Klumpp has started work on a substantial rewrite of Listaller that will integrate with AppStream and other up-to-date tools. He is also, notably, taking this opportunity to trim down the project in other respects: "The new incarnation of Listaller will only support installations of statically linked software at the beginning. We will start with a very small, robust core, and then add more features (like dependency-solving) gradually, but only if they are useful. There will be no feature-creep like in the previous version."

Kategóriák: Linux

Friday's security updates

p, 2014-09-12 16:46

Debian has updated bind9 (denial of service) and gnupg (key disclosure).

SUSE has updated glibc (SLES10 SP4; SLES11 SP1: multiple vulnerabilities) and firefox (SLES10 SP3; SLES10 SP4: multiple vulnerabilities).

Ubuntu has updated thunderbird (12.04, 14.04: multiple vulnerabilities).

Kategóriák: Linux

Hertzog: Freexian’s first report about Debian Long Term Support

cs, 2014-09-11 23:14
On his blog, Raphaël Hertzog reports on the first few months of work on Debian Long Term Support (LTS). Official support for Debian 6.0 (Squeeze) ended in May and the LTS is an effort to continue the support until February 2016 (five years after the original release). Hertzog's company, Freexian, is collecting subscriptions to pay Debian developers to work on the LTS. Reports from the two developers sponsored, Thorsten Alteholz and Holger Levsen, are also linked from the report. "It’s worth noting that Freexian sponsored Holger’s work to fix the security tracker to support squeeze-lts. It’s my belief that using the money of our sponsors to make it easier for everybody to contribute to Debian LTS is money well spent. As evidenced by the progress bar on Freexian’s offer page, we have not yet reached our minimal goal of funding the equivalent of a half-time position. And it shows in the results, the dla-needed.txt still shows around 30 open issues. This is slightly better than the state two months ago but we can improve a lot on the average time to push out a security update…" (Thanks to Paul Wise.)
Kategóriák: Linux

Yao: The State of ZFS on Linux

cs, 2014-09-11 21:56
At the ClusterHQ blog, Richard Yao looks at the current status of the ZFSOnLinux (ZoL) project. He argues that ZoL is ready for production use for a number of different reasons, all of which boil down to the belief that the ZFS filesystem port to Linux has achieved the same level of data integrity, runtime stability, and features as have the other platforms where ZFS runs. "Sharing a common code base with other Open ZFS platforms has given ZFS on Linux the opportunity to rapidly implement features available on other Open ZFS platforms. At present, Illumos is the reference platform in the Open ZFS community and despite its ZFS driver having hundreds of features, ZoL is only behind on about 18 of them."
Kategóriák: Linux

Thursday's security advisories

cs, 2014-09-11 16:18

Debian has updated curl (two cookie-handling vulnerabilities) and file (regression in previous security update).

Fedora has updated qemu (F20: information leak).

openSUSE has updated glibc (13.1, 12.3: three vulnerabilities) and procmail (13.1, 12.3: code execution).

Oracle has updated kernel 2.6.39 (OL6; OL5: denial of service), kernel 2.6.32 (OL6; OL5: two vulnerabilities), kernel 3.8.13 (OL7; OL6: denial of service), and procmail (OL5: code execution).

SUSE has updated firefox (SLE11SP2: two vulnerabilities) and LibreOffice (SLE11SP3: two vulnerabilities, one from 2013).

Kategóriák: Linux

[$] LWN.net Weekly Edition for September 11, 2014

cs, 2014-09-11 03:37
The LWN.net Weekly Edition for September 11, 2014 is available.
Kategóriák: Linux

[$] A common Markdown

sze, 2014-09-10 23:50

The Markdown text-markup format was created in 2004 by John Gruber, and has been widely adopted—especially in applications where some sort of text formatting is desirable, but full HTML is, for some reason, considered overkill. Despite its wide adoption, though, there have long been differing interpretations of various ambiguities in the canonical description of the format, leading to incompatible implementations. Now a small team of Markdown enthusiasts has decided to publish a more formal specification that can be used as a strict guidebook for implementers concerned about valid formatting.

Kategóriák: Linux

KDE e.V. election results

sze, 2014-09-10 21:27
The new KDE e.V. board has been announced. "Of the five positions of the KDE e.V. board, three were up for re-election. Lydia Pintscher’s first term on the board lapsed, and she ran for re-election. Marta Rubczynska took over mid-term when Agustin Benito Bethencourt stepped down from the board, and stood for election for a regular board seat. Because of their proven commitment and steady hand, both won their seats with ease. Together with Albert Astal Cid and Pradeepto Bhattacharya they will provide the experience and continuity needed for the board to perform it’s function. The remaining board seat was contested between Jos Poortvliet and Aleix Pol, both long-standing and committed KDE community members. It was won in a tight race by Aleix Pol. He will bring his experience from building KDE Spain to the mothership of KDE e.V. Good luck to him and the whole new board, and many thanks to Jos for standing up for election."
Kategóriák: Linux

Security advisories for Wednesday

sze, 2014-09-10 19:12

CentOS has updated kernel (C6: multiple vulnerabilities) and procmail (C7; C6; C5: code execution).

Debian has updated acpi-support (privilege escalation).

Fedora has updated GraphicsMagick (F20: code execution), mariadb (F20; F19: multiple vulnerabilities), net-snmp (F20; F19: denial of service), python-django (F20; F19: multiple vulnerabilities), python-django14 (F20: multiple vulnerabilities), python-django15 (F20: multiple vulnerabilities), python-elixir (F20; F19: information leak), squid (F19: denial of service), thunderbird-enigmail (F20; F19: information leak), and webalizer (F20: code execution).

openSUSE has updated Firefox (11.4: 475 vulnerabilities), flash-player (13.1, 12.3: multiple vulnerabilities), and net-snmp (13.1, 12.3: denial of service).

Oracle has updated kernel (OL6: multiple vulnerabilities) and procmail (OL7; OL6: code execution).

Red Hat has updated flash-plugin (RHEL5,6 Supplementary: multiple vulnerabilities), kernel (RHEL6: multiple vulnerabilities), and procmail (RHEL5,6,7: code execution).

Scientific Linux has updated kernel (SL6: multiple vulnerabilities) and procmail (SL5,6: code execution).

Slackware has updated seamonkey (multiple vulnerabilities).

SUSE has updated firefox (SLE11 SP3: multiple vulnerabilities).

Ubuntu has updated php5 (multiple vulnerabilities).

Kategóriák: Linux

Fedora Developer Announces New Partition Manager (Linux Magazine)

k, 2014-09-09 21:38
Linux Magazine takes a look at blivet-gui, a partition tool built from storage and configuration management tools used in Fedora’s Anaconda installer. "According to the developer, the Linux community needs a new partition tool because of all the new storage technologies that have appeared over the last few years. Traditional tools such as GParted no longer support the full range of Linux filesystem and storage options."
Kategóriák: Linux

Tuesday's security advisories

k, 2014-09-09 18:07

CentOS has updated jakarta-commons-httpclient (C7; C6; C5: SSL server spoofing).

Debian has updated file (multiple vulnerabilities).

Mageia has updated gtk+3.0 (MG4: screen lock bypass).

openSUSE has updated firefox (13.1, 12.3: multiple vulnerabilities) and thunderbird (13.1, 12.3: multiple vulnerabilities).

Oracle has updated jakarta-commons-httpclient (OL7; OL6; OL5: SSL server spoofing).

Red Hat has updated jakarta-commons-httpclient (RHEL5,6,7: SSL server spoofing).

Scientific Linux has updated jakarta-commons-httpclient (SL5,6: SSL server spoofing).

Ubuntu has updated nss (code execution) and qemu, qemu-kvm (multiple vulnerabilities).

Kategóriák: Linux

FSF and Debian join forces to help free software users find the hardware they need

h, 2014-09-08 21:54
The Free Software Foundation and the Debian Project have announced cooperation to expand and enhance h-node, a database to help users learn and share information about computers that work with free software operating systems. "While other databases list hardware that is technically compatible with GNU/Linux, h-node lists hardware as compatible only if it does not require any proprietary software or firmware. Information about hardware that flunks this test is also included, so users know what to avoid. The database lists individual components, like WiFi and video cards, as well as complete notebook systems." Compatibility information comes from users testing on FSF endorsed free software distributions. The FSF has acknowledged that Debian qualifies as a free software distribution as long as only the main repository is enabled.
Kategóriák: Linux

Security advisories for Monday

h, 2014-09-08 18:13

Fedora has updated squid (F20: denial of service).

Mageia has updated procmail (code execution).

openSUSE has updated enigmail (13.1, 12.3: information leak).

Red Hat has updated nss (RHEL4 ELCS: code execution).

Ubuntu has updated cups (privilege escalation) and eglibc (10.04: regression in previous update).

Kategóriák: Linux

Kernel prepatch 3.17-rc4

h, 2014-09-08 16:36
The 3.17-rc4 prepatch is out. "For a short while there, this week was really nice and calm, but that was mostly because the 'linux-foundation.org' entry fell off the DNS universe, and my mailbox got very quiet for a few hours. The rest of the week looked pretty normal."
Kategóriák: Linux

Glibc 2.20 released

h, 2014-09-08 15:07
Version 2.20 of the GNU C Library is now available. Significant changes include support for file-private POSIX locks, removal of support for the _BSD_SOURCE and _SVID_SOURCE feature test macros (see this article for more information), various performance improvements, and more.
Kategóriák: Linux

The OpenSSL security policy

h, 2014-09-08 14:21
The OpenSSL project has posted a policy document describing how it intends to respond to security incidents. "There are actually not a large number of serious vulnerabilities in OpenSSL which make it worth spending significant time keeping our own list of vendors we trust, or signing framework agreements, or dealing with changes, and policing the policy. This is a significant amount of effort per issue that is better spent on other things."
Kategóriák: Linux

Linus 3.17-rc4

h, 2014-09-08 13:55
Kategóriák: Linux

Video from the GNU Tools Cauldron

szo, 2014-09-06 14:01
Videos from the 2014 GNU Tools Cauldron (July 18-20, Cambridge, UK) have now been posted. Topics covered vary from ABI compatibility checking, GCC/LLVM collaboration, and just-in-time compilation to performance testing and debugging issues.
Kategóriák: Linux