Népszerű fórum témák
FreeBSD Project News
Linux Weekly News
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Frissült: 23 perc 46 másodperc
Key members of the CentOS Project have joined Red Hat's Open Source and Standards team. "Working alongside the Fedora and RHEL ecosystems, we hope to further expand on the community offerings by providing a platform that is easily consumed, by other projects to promote their code while we maintain the established base." The announcement also welcomes new members to the CentOS Board.
Ars technica takes a look at a torrent search scope for the Ubuntu Dash. "Torrent search would be added to Ubuntu's Dash, a central tool that lets users search files and applications on their desktop as well as online sources like Amazon or Wikipedia. The search tool prototype uses the Pirate Bay as a data source. It may be modified to filter out pirated content, but users can change the filters to suit their desires. It's also possible that a future version could use a different data source. Developer David Callé discussed the possibility of getting the torrents scope enabled by default in the next version of Ubuntu last month on Google+ and got a vote of support from Shuttleworth."
Debian has updated openssl (denial of service).
Red Hat has updated ruby193-rubygem-actionpack (multiple vulnerabilities).
Ubuntu has updated puppet (13.10, 13.04, 12.10, 12.04 LTS: insecure temporary files).
Version 3.4 of the LLVM compiler suite is out. "This is a big new release with a lot of features. Clang now supports all of the features in the current working draft of the upcoming C++ standard, provisionally named C++1y. The static analyzer has greatly improved C++ support, produces fewer false positives and catches more bugs. Clang also includes a few new capabilities: 1) a tool called 'clang-format' which can be used in an IDE or text editor to auto-format your code according to builtin styles, and 2) a new (experimental!) driver designed for drop-in compatibility with Visual Studio on Windows." See the release notes for more information.
The previous installment in LWN's ongoing series on the Btrfs filesystem covered multiple device handling: various ways of setting up a single filesystem on a set of physical devices. Another interesting aspect of Btrfs can be thought of as working in the opposite manner: subvolumes allow the creation of multiple filesystems on a single device (or array of devices). Subvolumes create a number of interesting possibilities not supported by other Linux filesystems. This article will discuss how to use the subvolume feature and the associated snapshot mechanism.
Gentoo has updated libgdiplus (code execution from 2010).
Mageia has updated cxf (denial of service), firefox, thunderbird (multiple vulnerabilities), librsvg (denial of service), nodejs (multiple vulnerabilities), openjpeg (multiple vulnerabilities), openssl (denial of service), ruby (code execution), and xml-security (xml signature spoofing).
openSUSE has updated acroread (end-of-life), libvirt (13.1: denial of service), nagios (13.1, 12.x: denial of service), openssl (12.3; 13.1; 12.2: denial of service), pixman (12.3; 12.2; 13.1: denial of service), rubygem-actionpack-2_3 (11.4: multiple vulnerabilities), rubygem-actionpack-3_2 (13.1, 12.x: multiple vulnerabilities), seamonkey (13.1, 12.x: multiple vulnerabilities), thttpd (11.4: world readable logfile), and wireshark (12.x; 13.1; 11.4: multiple vulnerabilities).
SUSE has updated WebYaST (privilege escalation).
The 3.13-rc7 prepatch has been released. Linus says: "Anyway, things have been nice and quiet, and if I wasn't travelling, this would probably be the last -rc: there isn't really anything holding up a release, even if there are a couple of patches still going through discussions and percolating through maintainers. But rather than do a real 3.13 next weekend, I'll be on the road and decidedly *not* opening the merge window, so I'll do an rc8 next week instead, needed or not."
Libre Graphics World has an introduction to Valentina, an open source pattern design and editing application. Patternmaking is a niche with few options available; "fashion designers who are only starting their business are mostly locked between expensive software products they cannot afford, rather simplistic free-as-in-lunch applications, and various generic CAD systems (from affordable to pirated expensive ones) that don't make it easy"—where "expensive" evidently runs in the five-figure range. Valentina and a few other free software projects are making progress, though there is clearly quite a lot remaining to be done.
Ubuntu has updated EC2 kernel (10.04: multiple vulnerabilities), kernel (10.04; 12.04; 12.10 13.04; 13.10: multiple vulnerabilities), linux-lts-quantal (multiple vulnerabilities), linux-lts-raring (multiple vulnerabilities), linux-lts-saucy (multiple vulnerabilities), and linux-ti-omap4 (12.04; 12.10; 13.04; 13.10: multiple vulnerabilities).
Eric S. Raymond has posted a message to emacs-devel suggesting that the project move from Bazaar (bzr) to Git. It is not the first time the idea has come up, but it would seem that Richard Stallman is not opposed to such a move as he has been in the past. Raymond writes:
The bzr version control system is dying; by most measures it is already moribund. The dev list has flatlined, most of Canonical's in-house projects have abandoned bzr for git, and one of its senior developers has written a remarkably candid assessment of why bzr failed:
I urge all Emacs developers to read this, then sleep on it, then read it again - not least because I think Emacs development has fallen into some of the same traps the author decribes. But *that* is a discussion for another day; the conversation we need to have now is about escaping the gravitational pull of bzr's failure.
Debian has updated typo3-src (multiple vulnerabilities).
The LWN.net Weekly Edition for January 2, 2014 is available.
GNU Octave is a Matlab-like interpreted language for numerical computations; the 3.8.0 release has just been announced. "One of the biggest new features for Octave 3.8 is a graphical user interface. It is the one thing that users have requested most often over the last few years and now it is almost ready." Other new features include Matlab-compatible nested functions, named exceptions, and more; see the NEWS file for the full list.
The dual elliptic curve deterministic random bit generator (Dual EC DRBG) cryptographic algorithm has a dubious history—it is believed to have been backdoored by the US National Security Agency (NSA)—but is mandated by the FIPS 140-2 US government cryptographic standard. That means that any cryptographic library project that is interested in getting FIPS 140-2 certified needs to implement the discredited random number algorithm. But, since certified libraries cannot change a single line—even to fix major, fatal bugs—having a non-working version of Dual EC DRBG may actually be the best defense against the backdoor. Interestingly, that is exactly where the OpenSSL project finds itself.
Commotion is a mesh networking system intended for resiliency in difficult situations; it claims a number of real-world deployments. The 1.0 release has just been announced. "The launch represents the first full iteration of the technology, which makes it possible for communities to build and own their communications infrastructure using 'mesh' networking. In mesh networks, users connect their devices to each other without having to route through traditional major infrastructure." Binary downloads (including a special OpenWRT image and an Android client) are available from this page; source is hosted on github.
Debian has updated ruby-i18n (cross-site scripting).
openSUSE has updated kernel (12.3: multiple vulnerabilities).
Version 1.4 of the Darktable photo editor is out. New features include an embedded Lua engine for scripting, a number of new mask types, various performance enhancements, a new "waveform" histogram mode, and more.
On his blog, Alex Gaynor laments the adoption rate of Python 3 and wonders if the split 2.x/3.x development model is to blame. "First, I think it's because of a lack of urgency. Many years ago, before I knew how to program, the decision to have Python 3 releases live in parallel to Python 2 releases was made. In retrospect this was a mistake, it resulted in a complete lack of urgency for the community to move, and the lack of urgency has given way to lethargy. Second, I think there's been little uptake because Python 3 is fundamentally unexciting. It doesn't have the super big ticket items people want, such as removal of the GIL or better performance (for which many are using PyPy). Instead it has many new libraries (whose need is largely filled by pip install), and small cleanups which many experienced Python developers just avoid by habit at this point."
The previous installments of this series on the Btrfs filesystem have focused on the basics of using Btrfs like any other Linux filesystem. But Btrfs offers a number of features not supported by the alternatives; near the top of that list is support for multiple physical devices. Btrfs is not just a filesystem; it also has its own RAID mechanism built in. This article will delve into how this feature works and how to make use of it.
IT Services Hungary
HUP napi hírlevél
Legfrissebb HUP videók
Legfrissebb Linux játékvideók
Legfrissebb HUP képek
Legfrissebb HUP dokumentumok
Hogyan viszonyul a főnököd / munkáltatód a Linkedin-en való jelenlét(ed)hez?
Nem érdekli / nincs rá semmilyen szabályozás
Támogatja / ösztönöz rá
Esetleg szóvá teszi, ha véletlenül megtalálna, de aktívan nem vadászik Rád
a HR aktívan vadászik a saját dolgozóira és a felettesed elbeszélget veled
Azonnali elbocsátás jár érte
Összes szavazat: 191