Linux Weekly News

Tartalom átvétel is a comprehensive source of news and opinions from and about the Linux community. This is the main feed, listing all articles which are posted to the site front page.
Frissült: 21 perc 5 másodperc

Round tables: Open Source and Software Patent Non-Aggression, European Context

h, 2015-09-21 23:09
The Free Software Foundation Europe and Open Invention Network, with the participation of the Legal Network and the Asian Legal Network, are presenting two round table events with presentations and panel discussion of industry and community speakers, titled "Open Source and Software Patent Non-Aggression, European Context". The events will be held in Berlin, Germany on October 21 and in Warsaw, Poland on October 22.
Kategóriák: Linux

Security advisories for Monday

h, 2015-09-21 18:00

Arch Linux has updated wordpress (multiple vulnerabilities).

Debian has updated owncloud-client (man-in-the-middle attack), qemu (multiple vulnerabilities), and qemu-kvm (multiple vulnerabilities).

Debian-LTS has updated libtorrent-rasterbar (code execution) and rpcbind (denial of service).

Fedora has updated icedtea-web (F22: multiple vulnerabilities), pcs (F22; F21: privilege escalation), php-pecl-zip (F22; F21: directory traversal), and qemu (F22: code execution).

Mageia has updated owncloud (MG5: multiple vulnerabilities).

openSUSE has updated Chromium (13.2, 13.1: multiple vulnerabilities), python-Django (13.2: denial of service), and remind (13.2, 13.1: buffer overflow).

SUSE has updated openssh (SLE11SP3: multiple vulnerabilities).

Kategóriák: Linux

Kernel prepatch 4.3-rc2

h, 2015-09-21 14:49
The second 4.3 prepatch is now available for testing. "As has been the trend for a while now, rc2 tends to be reasonably small, probably because it takes a while for regression reports to start trickling in (and some people probably actively wait for rc2 to even start testing - you scaredy-cats, you)."
Kategóriák: Linux

GeoClue 2.3.0 available

p, 2015-09-18 22:44

Version 2.3.0 of the GeoClue geolocation service has been released. The most notable change in this update is support for sharing and accessing GPS devices over a network connection. A proof-of-concept implementation of this feature is available in the Geoclue Share app for Android, which lets users relay GPS data from their device to a GNOME desktop system. Other new features include support for digital compasses and updated documentation.

Kategóriák: Linux

Friday's security updates

p, 2015-09-18 15:52

Fedora has updated ipython (F22; F21: cross-site scripting).

Mageia has updated icedtea-web (M5: multiple vulnerabilities) and wordpress (M4: multiple vulnerabilities).

openSUSE has updated sblim-sfcb (13.1, 13.2: denial of service).

Kategóriák: Linux

Rust 1.3 is available

cs, 2015-09-17 23:10

Version 1.3 of the Rust language has been released. The announcement listed API stabilization and increased performance work as the most notable changes. Specifically, there is a new substring-matching algorithm, a faster zero-filling method for initializing and resizing vectors, and speed-ups to the Read::read_to_end function. The release notes provide more detail. Also new in this release is the first edition of a new Rust programming guide, the Rustinomicon.

Kategóriák: Linux

Thursday's security updates

cs, 2015-09-17 16:09

Fedora has updated vorbis-tools (F22: denial of service).

Mageia has updated ganglia-web (M4, M5: authentication bypass).

openSUSE has updated spice (13.2: code execution).

Oracle has updated kernel (O7; O6: multiple vulnerabilities).

Red Hat has updated rubygem-openshift-origin-console (RHOSE2.2: code execution).

Ubuntu has updated icu (12.04, 14.04, 15.04: multiple vulnerabilities), openldap (12.04, 14.04, 15.04: multiple vulnerabilities), and unity-settings-daemon (14.04, 15.04: lock-screen bypass).

Kategóriák: Linux

Harrington: Wayland: Atomics Ahead!

cs, 2015-09-17 14:49
Bryce Harrington writes about the current and future state of Wayland. "A lot of people are anticipating Wayland on their desktops. For now, we remain in a holding pattern while the DE developers roll out their Wayland support, but some of these efforts are reasonably mature enough now. The question starts to become whether there is an adequate ecosystem of Wayland enabled client applications. For things that can’t simply be moved to Wayland, the question is if Xwayland will be up to snuff. Exploring this space will take some pioneering spirits."
Kategóriák: Linux

[$] Weekly Edition for September 17, 2015

cs, 2015-09-17 02:03
The Weekly Edition for September 17, 2015 is available.
Kategóriák: Linux

[$] How Debian managed the systemd transition

sze, 2015-09-16 20:59

Debian's decision to move to systemd as the default init system was a famously contentious (and rather public) debate. Once all the chaos regarding the decision itself had died down, however, it was left to project members to implement the change. At DebConf 2015 in Heidelberg, Martin Pitt and Michael Biebl gave a down-to-earth talk about how that implementation work had gone and what was still ahead.

Kategóriák: Linux

Library’s Tor relay now restored (Ars Technica)

sze, 2015-09-16 20:09
Last week we reported that the Kilton Public Library in Lebanon, New Hampshire suspended its Tor node deployment due to criticism by the local police department. Ars Technica now reports that the Tor relay has been restored. "As Ars reported earlier, the goal of the Library Freedom Project is to set up Tor exit relays in as many of these ubiquitous public institutions as possible. As of now, only about 1,000 exit relays exist worldwide. If this plan is successful, it could vastly increase the scope and speed of the famed anonymizing network. For now, Kilton has a middle relay but has plans to convert it to an exit relay. A middle relay passes traffic to another relay before departing the Tor network on the exit relay."
Kategóriák: Linux

[$] Python and crypto-strength random numbers by default

sze, 2015-09-16 18:26
There are various types of random number generators (RNGs) that target different use cases, but a programming language can only have one default. For high-security random numbers (e.g. cryptographic keys and the like), it is a grievous error to use the wrong kind of RNG, while other use cases are typically more forgiving. The Python community is in the middle of a debate about how it should be handling random numbers within the language's standard library.

Click below (subscribers only) for the full report.

Kategóriák: Linux

Security advisories for Wednesday

sze, 2015-09-16 17:41

CentOS has updated kernel (C7: multiple vulnerabilities).

Debian has updated icu (denial of service).

Fedora has updated moodle (F22; F21: multiple vulnerabilities).

Oracle has updated kernel (OL7: multiple vulnerabilities) and qemu-kvm (OL7: information leak).

Red Hat has updated kernel (RHEL7: multiple vulnerabilities), kernel-rt (RHEL7; RHEMRG: multiple vulnerabilities), and qemu-kvm (RHEL7: information leak).

Scientific Linux has updated kernel (SL7: multiple vulnerabilities) and qemu-kvm (SL7: information leak).

Kategóriák: Linux

Presidential candidate Lawrence Lessig goes one on one with Ars Technica

k, 2015-09-15 20:56
A bit far afield, perhaps, but Lawrence Lessig is the co-founder of Creative Commons and a proponent of reduced legal restrictions on copyright and trademark. Ars Technica talks with Lawrence about his bid for the US presidency. "Ars: Does your copyleft past help or hurt your presidential bid? Lessig: Whatever you call it, I have the right position on copyright—namely, that it is essential, but needs to be updated to the digital age. If people want to challenge that position, then I’d have to make fair use of the words of Harry Callahan: “Go ahead, make my day.”"
Kategóriák: Linux

Tuesday's security advisories

k, 2015-09-15 17:23

Debian-LTS has updated openldap (denial of service).

Fedora has updated php (F22; F21: multiple vulnerabilities), php-doctrine-annotations (F22; F21: privilege escalation), php-doctrine-cache (F22; F21: privilege escalation), and php-doctrine-doctrine-bundle (F22; F21: privilege escalation).

Mageia has updated ipython (MG4,5: cross-site scripting), openldap (MG4,5: denial of service), php-ZendFramework (MG5; MG4: XML external entity attack), qemu (MG5; MG4: multiple vulnerabilities), and spice (MG4,5: code execution).

Kategóriák: Linux

[$] The LPC Android microconference, part 2

h, 2015-09-14 21:43
The Linux Plumbers Android microconference was held in Seattle on August 20th. It included discussions of a variety of topics, many of which need to be coordinated within the Android ecosystem. The microconference was split up into two separate sessions; this summary covers the second session, which was held for three hours in the evening. Topics were toybox in Android, improving AOSP vendor trees, providing per-task quality of service, and improving big.LITTLE on Android.
Kategóriák: Linux

Security updates for Monday

h, 2015-09-14 18:22

Arch Linux has updated icedtea-web (applet execution), libvdpau lib32-libvdpau (multiple vulnerabilities), and openldap (denial of service).

Debian has updated openldap (denial of service), php5 (multiple vulnerabilities), virtualbox (unspecified vulnerability), and vzctl (insecure ploop-based containers).

Fedora has updated kernel (F22: privilege escalation), pcre (F22; F21: code execution), and phpMyAdmin (F22; F21: guessable user credentials).

Mageia has updated conntrack-tools (MG4,5: denial of service), freetype2 (MG4: denial of service), gnupg (MG4: two vulnerabilities), libgcrypt (MG4: information leak), libvdpau (MG4,5: multiple vulnerabilities), mariadb (MG4,5: unspecified vulnerabilities), php (MG4: multiple vulnerabilities), phpmyadmin (MG4,5: guessable user credentials), and xfsprogs (MG5: information disclosure).

Red Hat has updated qemu-kvm-rhev (RHEL OSP5,6,7: code execution).

Kategóriák: Linux

Some stable kernel releases

v, 2015-09-13 19:41
The 4.1.7, 3.14.52, and 3.10.88 stable kernel updates have been released. Each contains the usual collection of important fixes.
Kategóriák: Linux

Python 3.5.0 released

v, 2015-09-13 18:29
The Python 3.5.0 release is out. "Python 3.5.0 is the newest version of the Python language, and it contains many exciting new features and optimizations." See the what's new page and this LWN article for details on the new features in this release.
Kategóriák: Linux

Kernel prepatch 4.3-rc1

v, 2015-09-13 01:13
Linus has released 4.3-rc1 and closed the 4.3 merge window one day ahead of the usual schedule. "I decided that I'm not interested in catering to anything that comes in tomorrow, and I might as well just close the merge window and do the -rc1 release." In the end, 10,756 non-merge changesets were pulled during this merge window.
Kategóriák: Linux