ls -1TörténelemNépszerű témákNépszerű fórum témákHardverAjánlott böngésző FreeBSD Project NewsOpenBSD JournalNetBSD News
|
Linux Weekly News
LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
Webcím: http://lwn.net
Frissült: 34 másodperc Claws Mail 3.10.0 releasedVersion 3.10.0 of the Claws Mail email client is available. New features
include improved SSL certificate management, automatic email account
configuration, a number of new configuration options, and more.
Kategóriák: Linux
Perl 5.20.0 releasedThe Perl 5.20.0 release is out. "Perl 5.20.0 represents
approximately 12 months of development since Perl 5.18.0 and contains
approximately 470,000 lines of changes across 2,900 files from 124
authors." Significant changes include subroutine signatures,
improved random number generation, a new slice syntax, postfix
dereferencing, improved 64-bit support, various performance improvements,
and more; see the
changelog for lots of details.
Kategóriák: Linux
AOSP Debugging and Performance Analysis course materials availableOn Google+, Opersys CEO Karim Yaghmour has announced the availability of the course materials (slides and exercises) for the company's Android Open Source Project (AOSP) Debugging and Performance Analysis class. The materials are available under the CC-BY-SA (Attribution-ShareAlike) license. "I've been helping people use Android in all sorts of devices for quite a few years now and one of the top requests I get is for information on how to debug the AOSP's internals. As with many things related to Android's internals, such information has been hard to come by. Until now ... [...] The material is built around the Inforce IFC6410 board because it was one of the only dev boards I could find that actually has both Android running on it while still having full performance counter support in perf --- sidenote, perf support on ARM SoCs, especially in combination with Android, tends to be partial at best."
Kategóriák: Linux
Unsafe cookies leave WordPress accounts open to hijacking, 2-factor bypass (Ars Technica)Ars Technica is reporting on a WordPress bug that allows attackers to use a captured, unencrypted cookie to break into an account. "[Electronic Frontier Foundation staff technologist Yan] Zhu snagged a cookie for her own account the same way a malicious hacker might and then pasted it into a fresh browser profile. When she visited WordPress she was immediately logged in—without having to enter her credentials and even though she had enabled two-factor authentication. She was then able to publish blog posts, read private posts and blog stats, and post comments that were attributed to her account. As if that wasn't enough, she was able to use the cookie to change the e-mail address assigned to the account and, if two-factor authentication wasn't already in place, set up the feature. That means a hacker exploiting the vulnerability could lock out a vulnerable user. When the legitimate user tried to access the account, the attempt would fail, since the one-time passcode would be sent to a number controlled by the attacker. Remarkably, the pilfered cookie will remain valid for three years, even if the victim logs out of the account before then."
Kategóriák: Linux
Monday's security updatesFedora has updated libvirt (F20: information disclosure/denial of service), mutt (F19: code execution), perl-LWP-Protocol-https (F19: SSL certificate verification botch), qt (F19: denial of service), rubygem-actionpack (F20; F19: information leak), and zabbix (F20; F19: access restriction bypass). Mageia has updated kernel-linus (M3: multiple vulnerabilities), kernel-rt (M3: multiple vulnerabilities), kernel-tmb (M4; M3: multiple vulnerabilities), kernel-vserver (M3: multiple vulnerabilities), and mariadb (multiple unspecified vulnerabilities). Ubuntu has updated EC2 kernel (10.04: multiple vulnerabilities), kernel (12.04; 10.04: multiple vulnerabilities), and mod-wsgi (14.04, 13.10, 12.04: two vulnerabilities). Kategóriák: Linux
Kernel prepatch 3.15-rc7Linus is back on the Sunday schedule with the 3.15-rc7 release.
"It's just a few days after -rc6, but as expected, there were some
pending stuff for when I got back home, so you should think of this as
being the 'normal' release, and rc6 just having been oddly delayed by
my travel."
Kategóriák: Linux
Warner: The new Sync protocolAt his blog, Mozilla's Brian Warner describes the revised Firefox Sync protocol that was rolled out with the recent Firefox 29 release, including the design decisions that the project learned from supporting the previous incarnation. In the old system, Mozilla discovered, "users *thought* their email and password would be sufficient to get their data back, but in fact you need access to a device that was already attached to your account. This made it unsuitable for people with a single device, and made it mostly impossible to recover from the all-too-common case of losing your only browser. It also confused people who thought email+password was the standard way to set up a new browser." This eventually led to the new "Firefox Accounts" system, which incorporates two tiers of data protection. Warner also describes various factors of migrating between the old Sync and the new Sync. "If you’re still running FF28, the FF24 ESR (Extended Support Release), or another pre-FF29 browser, you can still use the pairing flow to connect additional old browsers. We’ll support this flow until at least the end of the ESR maintenance period (14-Oct-2014), maybe a bit longer, but eventually we’ll shut down the servers necessary to support the old pairing flow, and pairing will stop working." It sounds like still more features may be in store further down the road. Kategóriák: Linux
Friday's security updatesCentOS has updated mysql55-mysql (C5; C6: multiple vulnerabilities). Debian has updated torque (code execution). Gentoo has updated libyaml (code execution). Mageia has updated chromium-browser-stable (multiple vulnerabilities) and webmin (multiple vulnerabilities). openSUSE has updated perl-LWP-Protocol-https (12.3, 13.1: certificate verification bypass), libXfont (12.3, 13.1: multiple vulnerabilities), libxml2 (11.4: denial of service), mumble (12.3, 13.1: denial of service), and strongswan (11.4: multiple vulnerabilities). Oracle has updated mysql55-mysql (O5: multiple vulnerabilities). Red Hat has updated mysql55-mysql (RHEL5; RHEL6: multiple vulnerabilities). Scientific Linux has updated mysql55-mysql (SL5: multiple vulnerabilities). Kategóriák: Linux
EFF: Hacking the Patent System: A Guide to Alternative Patent Licensing for InnovatorsThe Electronic Frontier Foundation (EFF) has announced a new guide to alternative patent licensing [PDF] that was prepared by Marta Belcher and John Casey, students in the Juelsgaard Intellectual Property & Innovation Clinic at Stanford Law School, in partnership with the EFF, Engine, and the Open Invention Network. It looks at the pros and cons of several defensive patent aggregators as well as various patent pledges. The EFF hopes it will be a "useful starting place for companies trying to navigate the patent landscape".
Kategóriák: Linux
First Set of Microconferences Approved for LPC 2014The first set of microconferences for the Linux Plumbers Conference (LPC) have been approved. "The LPC 2014 committee has started reviewing and approving this year’s Microconferences Proposals. The approved microconferences so far are Containers, Wayland, Network Virtualization and Security, and Wireless Networking. For details on each of the approved microconferences and the currently pending proposals, please see the LPC 2014 wiki." The first in a series of posts covering the microconferences has also been posted; it looks at the Containers microconference.
LPC will be held October 15-17 in Düsseldorf, Germany, co-located with LinuxCon Europe.
Kategóriák: Linux
Security updates for ThursdayCentOS has updated mariadb55-mariadb (multiple unspecified vulnerabilities), ruby193-libyaml (two code execution flaws), and ruby193-rubygem-actionpack (information leak). Debian has updated libgadu (code execution). Fedora has updated kernel (F19: multiple vulnerabilities), openssh (F20: two vulnerabilities), perl-LWP-Protocol-https (F20: SSL certificate verification botch), and python-fedora (F19: two vulnerabilities). openSUSE has updated strongswan (two vulnerabilities). Red Hat has updated rubygem-openshift-origin-node (RHOSE2.1; RHOSE2.0: code execution). SUSE has updated Linux kernel (SLE11SP2: many vulnerabilities). Ubuntu has updated libxalan2-java (13.10, 12.04, 10.04: code execution) and lxml (14.04, 13.10, 12.04: code execution). Kategóriák: Linux
[$] LWN.net Weekly Edition for May 22, 2014The LWN.net Weekly Edition for May 22, 2014 is available.
Kategóriák: Linux
Kernel prepatch 3.15-rc6A bit off his normal schedule, due to chasing fish in the Pacific, Linus
Torvalds has released the 3.15-rc6
prepatch. "With rc5 being a couple of days early, and rc6 being several days
late, we had almost two weeks in between them. The size of the result
is not twice as large, though, hopefully partially because it's
getting late in the rc series and things are supposed to be calming
down, but presumably also because some submaintainers just didn't send
their pull requests because they knew I was off-line. Whatever the
reason, things don't look bad." He plans to return to the normal
Sunday schedule for rc7, presumably on June 1, which might be the last
rc for 3.15.
Kategóriák: Linux
[$] PostgreSQL 9.4 beta: Binary JSON and Data Change StreamingIt's May, which means that it's time for a new PostgreSQL beta
release. As with each annual release, PostgreSQL 9.4 has a
few dozen new features addressing the various ways people use the database
system. While users all have
their own favorites among the new features, this article will focus on two
features that have received the most attention: the new JSONB type, and
Data Change Streaming.
Subscribers can click below for guest author Josh Berkus's look at these two new PostgreSQL features. Kategóriák: Linux
Security advisories for WednesdayFedora has updated botan (F20; F19: insufficiently random cryptographic base), dpkg (F20: unauthorized file creation), and python-fmn-web (F20; F19: covert redirect). SUSE has updated Linux kernel (SLERTE11 SP3: privilege escalation) and nagios-nrpe, nagios-nrpe-debuginfo, (SLES11 SP3: code execution). Ubuntu has updated libgadu (13.10, 12.04 LTS: code execution) and pidgin (14.04 LTS, 13.10, 12.04 LTS: code execution). Kategóriák: Linux
Bacon: Goodbye Canonical, Hello XPRIZEUbuntu Community Manager Jono Bacon has announced that he is leaving that position to become the Senior Director of Community at the XPRIZE Foundation. "Now, I won’t actually be going anywhere. I will still be hanging out on IRC, posting on my social media networks, still responding to email, and will continue to do Bad Voltage and run the Community Leadership Summit. I will continue to be an Ubuntu Member, to use Ubuntu on my desktop and server, and continue to post about and share my thoughts about where Ubuntu is moving forward. I am looking forward in many ways to experiencing the true Ubuntu community experience now I will be on the other side of the garden."
Kategóriák: Linux
Wayland and Weston 1.5.0 releasedThe 1.5.0 releases of the Wayland display manager and Weston compositor are
available. It has been a relatively quiet cycle, especially on the Wayland
side, but there are still numerous improvements, including a transition to
the new Xwayland server. "The Xwayland code was
refactored to be its own X server in the Xorg tree, similar to how
Xwin and Xquartz and Xnest work. A lot of the complexity and hacks
in the old Xorg based Xwayland was about fighting Xorg trying to be
a native display server, discovering input devices and driving the
outputs. The goal was to be able to reuse the 2D acceleration code
from the various Xorg DDX drivers. With glamor becoming a credible
acceleration architecture, we no longer need to jump through those
hoops and the new code base is much simpler and cleaner as a
result."
There is also a change in the maintainer model, with Kristian Høgsberg
giving commit privileges to a number of top-level developers.
Kategóriák: Linux
Robyn Bergeron stepping down as Fedora leaderFedora project leader Robyn Bergeron has announced
her intention to step down from the position. "With Fedora 20
well behind us, and Fedora.next on the road ahead, it seems like a natural
time to step aside and let new leadership take the reins. Frankly, I
shouldn’t even say 'the road ahead' since we’re well-entrenched in the
process of establishing the Fedora.next features and processes, and it’s a
rather busy time for us all in Fedora-land — but this is precisely why make
the transition into new leadership as smooth as possible for the Fedora
Project community is so important. It’s a good time for change, and fresh
ideas and leadership will be an asset to the community as we go forward,
but I also want to make sure it’s not going to distract us from all the
very important things we have in the works."
Kategóriák: Linux
TechView: Linus Torvalds, Inventor of Linux (Huffington Post)The Huffington Post has an
interview with Linus Torvalds. "I think very few people get to
feel like they have actually made a difference, and let me tell you, it's a
good feeling to have. I was never very interested in the commercial side,
and to me the people and companies who were able to take Linux and use it
commercially are the people who did what I simply would never have had the
drive to do. And it was needed, and useful, so I'm actually very grateful
for the commercial entities: they've allowed me to concentrate on the parts
I enjoy."
Kategóriák: Linux
Tuesday's security updatesCentOS has updated libxml2 (C6: denial of service). Debian has updated python-django (multiple vulnerabilities). Mageia has updated kernel (MG3: multiple vulnerabilities), kernel-linus (MG4: multiple vulnerabilities), kernel-rt (MG4: multiple vulnerabilities), kernel-vserver (MG4: multiple vulnerabilities), moodle (multiple vulnerabilities), and python-django (two vulnerabilities). Oracle has updated libxml2 (OL6: denial of service). Red Hat has updated kernel (RHEL6.2 EUS: two vulnerabilities) and mariadb55-mariadb (RHSC1: multiple vulnerabilities). Kategóriák: Linux
|
KeresésNavigációBelépésHupWikiÁllásajánlatokHWSWFriss blogbejegyzések
HUP napi hírlevélLegfrissebb HUP videókLegfrissebb Linux játékvideókLegfrissebb HUP képekLegfrissebb HUP dokumentumokSzavazásDual-SIM Felesleges, nem érdekel. 30% Jó lenne, de a kedvenc gyártóm nem foglalkozik vele, emiatt viszont nem váltok más gyártó termékére. 9% Nem rossz szolgáltatás, ha adják OK, de extra pénzt nem fizetnék érte. 20% Ha lehet, dual-SIM-es készüléket veszek, de nem fő szempont. 18% Kizárólag dual-SIM-es készüléket veszek, más szóba sem jöhet. 12% Egyéb, leírom. 4% Csak az eredmény érdekel. 7% Összes szavazat: 308
InformációKövess minket!Partnerünk |
Friss hozzászólások
53 másodperc
3 perc 55 másodperc
9 perc 9 másodperc
12 perc 16 másodperc
18 perc 53 másodperc
24 perc 42 másodperc
43 perc 4 másodperc
53 perc 21 másodperc
1 óra 10 perc
1 óra 11 perc