Népszerű fórum témák
FreeBSD Project News
Linux Weekly News
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Frissült: 18 perc 26 másodperc
CentOS has updated perl (C6; C5: multiple vulnerabilities).
Debian has updated icinga (code execution).
openSUSE has updated pigz (information disclosure).
Red Hat has updated perl (multiple vulnerabilities).
Scientific Linux has updated perl (multiple vulnerabilities).
Matthew Garrett asserts that people attacking UEFI secure boot are aiming at the wrong target. "Those who argue against Secure Boot risk depriving us of the freedom to make a personal decision as to who we trust. Those who argue against Secure Boot while ignoring Restricted Boot risk depriving us of even more. The traditional PC market is decreasing in importance. Unless we do anything about it, free software will be limited to a niche group of enthusiasts who've carefully chosen from a small set of devices that respect user freedom. We should have been campaigning against Restricted Boot 10 years ago. Don't delay it even further by fighting against implementations that already respect user freedom."
Over at the grsecurity blog, Brad Spengler and the PaX Team have co-written a lengthy look at kernel address space layout randomization (KASLR) and its failures. "KASLR is an easy to understand metaphor. Even non-technical users can make sense of the concept of a moving target being harder to attack. But in this obsession with an acronym outside of any context and consideration of its limitations, we lose sight of the fact that this moving target only moves once and is pretty easy to spot. We forget that the appeal of ASLR was in its cost/benefit ratio, not because of its high benefit, but because of its low cost."
The world was a simpler place when the TCP/IP network protocol suite was first designed. The net was slow and primitive and it was often a triumph to get a connection to a far-away host at all. The machines at either end of a TCP session normally did not have to concern themselves with how that connection was made; such details were left to routers. As a result, TCP is built around the notion of a (single) connection between two hosts. The Multipath TCP (MPTCP) project looks to change that view of networking by adding support for multiple transport paths to the endpoints; it offers a lot of benefits, but designing a deployable protocol for today's Internet is surprisingly hard.
The Spanish association Hispalinux has filed a complaint against Microsoft to the European Commission, Reuters reports. "In its 14-page complaint, Hispalinux said Windows 8 contained an "obstruction mechanism" called UEFI Secure Boot that controls the start-up of the computer and means users must seek keys from Microsoft to install another operating system. The group said it was "a de facto technological jail for computer booting systems ... making Microsoft's Windows platform less neutral than ever"." (Thanks to Pat Read)
The H has an extensive survey of available RSS reader applications, both open source and proprietary. "ownCloud is a complete self-hosted service platform that provides file sharing and collaboration features including calendaring, to do lists, a document viewer, and integration with Active Directory and LDAP. The software also includes a feed reader application, which started as a Google Summer of Code effort and takes many design cues from Google Reader."
CentOS has updated axis (C5: incorrect certificate validation).
Debian has updated libxml2 (denial of service).
Oracle has updated axis (OL5: incorrect certificate validation).
Red Hat has updated axis (RHEL5: incorrect certificate validation).
Scientific Linux has updated axis (SL5: incorrect certificate validation).
GTK+ 3.8.0 has been released. This version includes support for Wayland 1.0, and contains many new features and performance improvements.
Fedora has updated krb5 (F18: denial of service), euca2ools (F18; F17: insecure snapshots), kernel (F18: multiple vulnerabilities), mimetex (F18; F17: multiple vulnerabilities), and tor (F17: denial of service).
Scientific Linux has updated OpenIPMI (privilege escalation).
Slackware has updated php (multiple vulnerabilities).
SUSE has updated samba (multiple vulnerabilities in SWAT).
Ubuntu has updated kernel (10.04 LTS: multiple vulnerabilities), EC2 kernel (10.04 LTS: multiple vulnerabilities), OMAP4 kernel (11.10: multiple vulnerabilities), openssl (multiple vulnerabilities), and gnome-online-accounts (information disclosure).
Sebastian Sauer has announced the availability of the first version of the Calligra office suite for Android systems. For now, the focus is on providing a viewer for ODT documents. "Since bringing a whole Office suite to another platform is a huge task and I am a small team I had to focus. Later on I plan to add doc/docx support, editing, saving and Calligra Sheets (spreadsheets) and Calligra Stage (presentations)." The application can be installed from the Play Store.
The 3.9-rc4 kernel prepatch is out. Linus says: "Another week, another -rc. And things haven't calmed down, meaning that the nice small and calm -rc2 was definitely the outlier so far. … While it hasn't been as calm as I'd like things to be, it's not like things have been hugely exciting either. Most of this really is pretty trivial. It's all over, with the bulk in drivers (drm, md, net, mtd, usb, sound), but also some arch updates (powerpc, arm, sparc, x86) and filesystem work (cifs, ext4)."
John Regehr explains how new optimizations in GCC 4.8.0 can break code making use of undefined behavior. "A C compiler, upon seeing d[++k], is permitted to assume that the incremented value of k is within the array bounds, since otherwise undefined behavior occurs. For the code here, GCC can infer that k is in the range 0..15. A bit later, when GCC sees k<16, it says to itself: 'Aha-- that expression is always true, so we have an infinite loop.'"
The GCC 4.8.0 release is out. "Extending the widest support for hardware architectures in the industry, GCC 4.8 has gained support for the upcoming 64-bit ARM instruction set architecture, AArch64. GCC 4.8 also features support for Hardware Transactional Memory on the upcoming Intel Haswell CPU architecture." There's a lot of new stuff in this release; see the changes file and LWN's GCC 4.8.0 coverage for details.
OpenSSH 6.2 is out. New features include some new encryption modes, the ability to require multiple authentication protocols (requiring both public key and a password, for example), key revocation list support, better seccomp-filter sandbox support, and more.
openSUSE has updated telepathy-gabble (denial of service).
Red Hat has updated boost (code execution), Django (multiple vulnerabilities), openstack-cinder (multiple vulnerabilities), openstack-nova (multiple vulnerabilities), openstack-packstack (insecure file handling), and qt (information disclosure).
Perhaps the best description and analysis of the unfortunate events at PyCon can be found in this post from Amanda Blum. In short, she concludes that everybody lost in this incident.
Any comments posted should, please, have something new to say and demonstrate the highest level of respect for others, whether or not you agree with them.
See also: What really happened at PyCon.
Rusty Russell ran an investigation to determine whether code compiled with the GCC C++ compiler is slower than code from the C compiler. "With this in mind, and Ian Taylor’s bold assertion that 'The C subset of C++ is as efficient as C', I wanted to test what had changed with some actual measurements. So I grabbed gcc 4.7.2 (the last release which could do this), and built it with C and C++ compilers." His conclusion is that the speed of the compiler is the same regardless of how it was built; using C++ does not slow things down.
Canonical has announced a collaboration with the Chinese government to create a standard operating system reference architecture based on the Ubuntu distribution. "The initial work of the CCN Joint Lab is focused on the development of an enhanced version of the Ubuntu desktop with features specific to the Chinese market. The new version is called Ubuntu Kylin and the first version will be released in April 2013 in conjunction with Ubuntu’s global release schedule. Future work will extend beyond the desktop to other platforms."
For those who could not attend PyCon US 2013, videos from the talks are now available.
Red Hat has updated java-1.6.0-sun (Web Start and browser plugin EOL).
Ubuntu has updated python-nova (two vulnerabilities), python-keystone (12.10: incorrect revocation checking), clamav (multiple unspecified vulnerabilities), and OMAP4 kernel (12.10: multiple vulnerabilities).
HUP napi hírlevél
Legfrissebb HUP videók
Legfrissebb HUP képek
Nálunk rendszeresen van ISO audit és rendszeradminként ...
nekem is van munkám vele.
engem nem érint.
nálunk nincs minőségirányítási rendszer bevezetve.
mi az az ISO audit?
Összes szavazat: 323