Népszerű fórum témák
FreeBSD Project News
Linux Weekly News
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Frissült: 29 perc 13 másodperc
Arch Linux has updated optipng (code execution).
Gentoo has updated xen (multiple vulnerabilities, some from 2012).
openSUSE has updated ghostscript (Leap42.1: buffer overflow).
Red Hat has updated nss, nss-util, nspr (RHEL6: two vulnerabilities).
Slackware has updated thunderbird (multiple vulnerabilities).
SUSE has updated xen (SLE11-SP4: multiple vulnerabilities, some from 2013).
Matthew Garrett's take on the Debian-XScreenSaver disagreement is worth a read. "Free software doesn't benefit from distributions antagonising their upstreams, even if said upstream is a cranky nightclub owner. Debian's users are Debian's highest priority, but those users are going to suffer if developers decide that not using free licenses improves their quality of life. Kneejerk reactions around specific instances aren't helpful, but now is probably a good time to start thinking about what value Debian bring to its upstream authors and how that can be increased."
The Linux Foundation has announced the Civil Infrastructure Platform, "an open source framework that will provide the software foundation needed to deliver essential services for civil infrastructure and economic development on a global scale." Civil infrastructure systems deliver critical services such as electric power, oil and gas, water, health care, communications, transportation and more. "The Civil Infrastructure Platform will aim to work upstream with the Linux kernel and other open source projects to establish a “base layer” of industrial-grade software. This base layer will enable the use of software building blocks that meet safety, security, reliability and other requirements that are critical to industrial and civil infrastructure projects."
Arch Linux has updated squid (denial of service).
Fedora has updated apache-commons-collections (F23; F22: code execution), bind (F22: multiple vulnerabilities), bind99 (F22: multiple vulnerabilities), and NetworkManager (F23: multiple vulnerabilities).
openSUSE has updated krb5 (13.2: null pointer dereference).
Oracle has updated openssh (OL5: two vulnerabilities).
Linus has released the second 4.6 prepatch. "You all know the drill by now - another week, another rc. I'd say that things look fairly normal at this point: it's not a big rc2, but that's been true lately (rc3 tends to be a bit bigger - probably just because it takes time for people to start noticing issues)."
Version 1.5 of the Discourse open-source discussion-and-commenting system has been released. Significant work went into rewriting the top-level "topics" page, resulting in a five-fold speed increase. Administrators can now change and customize every object label used in the interface. "Want topics to be 'threads'? Users to be 'funkatrons'? Like to be 'brofist'? Well, Discourse is your huckleberry." Support for email comments has also been improved, and user groups can now exchange private messages. The badge system, which is used to denote user roles and to mark popular posts, received a visual refresh and new documentation; user summary pages were also refreshed.
Fedora has updated kubernetes (F23: improper admission check control).
At the Mono Project blog, Miguel de Icaza announced that the Mono runtime has been relicensed, moving from a dual-license slate (with LGPLv2 and proprietary optiona) to the MIT license. The Mono compiler and class libraries were already under the MIT license and will remain so. "Moving the Mono runtime to the MIT license removes barriers to the adoption of C# and .NET in a large number of scenarios, embedded applications, including embedding Mono as a scripting engine in game engines or other applications." De Icaza notes that Xamarin (which was recently acquired by Microsoft) had developed several proprietary Mono modules in recent years; these will also now be released under the MIT license.
Red Hat has updated openvswitch (RHEL7 OSP: code execution).
SUSE has updated pidgin-otr (SLE12: code execution).
The LWN.net Weekly Edition for March 31, 2016 is available.
The web-development community was briefly thrown into chaos in late March when a lone Node.js developer suddenly unpublished a short but widely used package from the Node Package Manager (npm) repository. The events leading up to that developer's withdrawal are controversial in their own right, but the chaotic effects raise even more serious questions for the Node.js and npm user communities.
NetworkWorld reports that software developed at MIT Media Lab will be open source by default. "This effort does away with developers having to get such licenses approved first by an internal committee, which [Lab Director Joi Ito] says "always allowed our developers to open-source their work" anyway."
Dustin Kirkland announces the availability of the Ubuntu user space on Windows 10 — a cooperative project with Microsoft. "Finally, I imagine some of you -- long time Windows and Ubuntu users alike -- are still wondering, perhaps, 'Why?!?' Having dedicated most of the past two decades of my career to free and open source software, this is an almost surreal endorsement by Microsoft on the importance of open source to developers. Indeed, what a fantastic opportunity to bridge the world of free and open source technology directly into any Windows 10 desktop on the planet."
Ubuntu has updated pcre3 (multiple vulnerabilities).
The KDE project has announced a new framework called the Kirigami UI; it appears to be oriented toward the needs of mobile applications. "Kirigami UI isn't just a set of components, it's also a philosophy: It defines precise UI/UX patterns to allow developers to quickly develop intuitive and consistent apps that provide a great user experience."
The OpenBSD 5.9 release is available. There are a lot of enhancements and improvements. Perhaps most significant is the addition of the pledge() system call, which can be used by a process to limit its future capabilities. LWN looked at an early version of this work, back when it was called tame().
For many aspiring projects, getting accepted and shipped by popular distributions is an important step toward a long and successful life. But even large and established projects can struggle in this area. The distribution outreach program recently launched by the KDE project hosted a discussion making it clear that KDE cannot count on the support of distributions without supporting them in turn. If the participants are to be believed, KDE's second-place position in the desktop competition can at least partially be attributed to how the project works with distributors.
Debian has updated openvswitch (code execution).
openSUSE has updated gdk-pixbuf (13.2: three vulnerabilities).
SUSE has updated samba (SLES11-SP2: ACL ownership overwrite).
IEEE Spectrum interviews Linus Torvalds. "The kernel is actually doing very well. People continue to worry about things getting too complicated for people to understand and fix bugs. It’s certainly an understandable worry. But at the same time, we have a lot of smart people involved. The fact that the system has grown so big and complicated and so many people depend on it has forced us to have a lot of processes in place. It can be very challenging to get big and have invasive changes accepted, so I wouldn’t call it one big happy place, but I think kernel development is working."
HUP napi hírlevél
Legfrissebb HUP képek
Véded-e speciális tokkal a chippel ellátott kártyáid?
Egyéb, leírom / csak az eredmény érdekel
Összes szavazat: 270