1 hét 6 nap óta
The GhostBSD project has released version 25.02 of the
FreeBSD-based desktop operating system. This release brings GhostBSD
up to date with FreeBSD 14.3,
includes enhancements for the Software Station package management
application, and introduces an "OS X-like" desktop environment
based on GNUstep called Gershwin:
This early preview includes:
- GNUstep-based desktop environment with familiar OS X-style
interface
- Seamless integration with GhostBSD tools through wrappers for
installer, Software Station, Backup Station, and Update Station
- Support for running non-GNUstep applications alongside GNUstep
apps
- Several included GNUstep applications to get you started
LWN covered GhostBSD
in June 2024.
jzb
1 hét 6 nap óta
The Internet is a wonderful thing; it allows anybody to look up
information of interest. Included in all of that is the history of the
free-software development community; how we got to where we are says a lot
about why things are the way they are and what might come next. So the
takeover of Groklaw rings a loud alarm; we have been reminded that history
stored on the Internet is an ephemeral thing and cannot be expected to
remain available forever.
corbet
1 hét 6 nap óta
Security updates have been issued by Debian (node-cipher-base), Fedora (keylime-agent-rust and libtiff), Oracle (aide, kernel, mod_http2, pam, pki-deps:10.6, python-cryptography, python3, python3.12, and thunderbird), SUSE (cheat, ffmpeg, firebird, govulncheck-vulndb, postgresql17, tomcat, tomcat10, tomcat11, ucode-intel-20250812, and v2ray-core), and Ubuntu (binutils, gst-plugins-base1.0, gst-plugins-good1.0, and linux-raspi-realtime).
jzb
2 hét óta
Shadow stacks are a control-flow-integrity feature designed to defend
against exploits that manipulate a thread's call stack. The kernel first
gained support for hardware-implemented shadow
stacks, for the x86 architecture, in the 6.6 release; 64-bit Arm
support followed in 6.13. This feature does not give user space much
control over the allocation of shadow stacks for new threads, though; a
patch
series from Mark Brown may, after many attempts, finally be about
to change that situation.
corbet
2 hét óta
Security updates have been issued by Debian (ffmpeg, firebird3.0, and luajit), Fedora (chromium, python3-docs, and python3.13), Oracle (aide, firefox, glibc, libxml2, and tomcat), Red Hat (aide, git, kernel, kernel-rt, libarchive, pam, python-cryptography, python3, python3.12, and webkit2gtk3), SUSE (cmake3, ffmpeg-4, kernel, kubernetes1.18, libqt4, minikube, net-tools, pam, postgresql16, proftpd, python-urllib3, python311, python312, python36, tomcat10, tomcat11, and webkit2gtk3), and Ubuntu (nginx).
corbet
2 hét óta
Google has
announced
a new set of restrictions on the ability of users to install apps on their
own devices:
Starting next year, Android will require all apps to be registered
by verified developers in order to be installed by users on
certified Android devices. This creates crucial accountability,
making it much harder for malicious actors to quickly distribute
another harmful app after we take the first one down. Think of it
like an ID check at the airport, which confirms a traveler's
identity but is separate from the security screening of their bags;
we will be confirming who the developer is, not reviewing the
content of their app or where it came from.
corbet
2 hét 1 nap óta
The PyCon team has announced
that all PyCon US 2025 recordings are now available on its
YouTube channel.
We had an amazing and diverse group of community members join us for
PyCon US 2025, attending from 58 different countries! By the numbers,
we welcomed a total attendance of 2,225 Pythonistas to the David
L. Lawrence Convention Center. We couldn't be more grateful for all
who supported the Python ecosystem and helped make PyCon US 2025 a
huge success.
See the LWN
conference index for coverage of some of the talks from
PyCon US 2025.
jzb
2 hét 1 nap óta
In July 2024,
Let's Encrypt, the nonprofit TLS certificate authority (CA),
announced
that it would be ending support for the
online certificate status protocol
(OCSP), which is used to determine when a server's signing certificate has been
revoked. This prevents a compromised key from being used to impersonate a web
server.
The organization cited privacy concerns, and recommended that people
rely on
certificate revocation lists (CRLs)
instead. On August 6, Let's Encrypt
followed through and disabled its OCSP service. This poses a
problem for Linux systems that must now rely on CRLs because, unlike on other
operating systems, there is no standardized way for Linux programs to share a
CRL cache.
daroc
2 hét 1 nap óta
The Linux Foundation, in cooperation with a couple of other groups, has
announced
the publication on the intersection of businesses and commercial
open-source software (deemed "COSS"). Everything, it seems, is great, and
COSS companies make a lot of money for their investors.
Even more encouraging, COSS project communities continue along
healthy growth paths after the company receives venture funding. In
essence, highly valued COSS companies tend to cultivate more
vibrant, diverse, and integral open source ecosystems, reinforcing
the idea that business value and community value are tightly
coupled in successful COSS models.
corbet
2 hét 1 nap óta
Security updates have been issued by AlmaLinux (kernel and tomcat9), Debian (iperf3, mupdf, qemu, thunderbird, and unbound), Fedora (glab, kubernetes1.31, kubernetes1.32, kubernetes1.33, and toolbox), Oracle (kernel and tomcat9), Red Hat (firefox, kernel, kernel-rt, and squid), SUSE (abseil-cpp-devel, aide, flake-pilot, gdk-pixbuf, glibc, go-sendxmpp, ImageMagick, jetty-annotations, jupyter-bqplot-jupyterlab, libtiff-devel-32bit, pam, pdns-recursor, ruby3.4-rubygem-activerecord, rust-keylime, terragrunt, and thunderbird), and Ubuntu (linux-azure and linux-azure-fips).
jake
2 hét 1 nap óta
Linus has released
6.17-rc3 (called
"3.17-rc3" in the email, but the tag in the repository is correct) for
testing. "Anyway, things seem fairly normal for this phase in the
release cycle, nothing stands out. Please keep testing,"
corbet
2 hét 2 nap óta
The
6.16.3 stable kernel update has been
released. It contains a set of ext4 filesystem fixes that are probably a
good thing for any 6.16 ext4 user to have.
corbet
2 hét 3 nap óta
Version 8.0 of the FFmpeg
audio and video toolkit has been released.
Thanks to several delays, and modernization of our entire infrastructure,
this release ended up being one of our largest releases to date. In short,
its new features are:
- Native decoders: APV, ProRes RAW, RealVideo 6.0, Sanyo LD-ADPCM, G.728
- VVC decoder improvements: IBC, ACT, Palette Mode
- Vulkan compute-based codecs: FFv1 (encode and decode), ProRes RAW (decode only)
- Hardware accelerated decoding: Vulkan VP9, VAAPI VVC, OpenHarmony H264/5
- Hardware accelerated encoding: Vulkan AV1, OpenHarmony H264/5
- Formats: MCC, G.728, Whip, APV
- Filters: colordetect, pad_cuda, scale_d3d11, Whisper, and others
corbet
2 hét 4 nap óta
The
Microdot
web framework is quite small, as its name would imply; it supports both
standard CPython and
MicroPython,
so it can be used on systems ranging from internet-of-things (IoT) devices
all the way up to large, cloudy servers. It was developed by Miguel
Grinberg, who gave a presentation about it at
EuroPython 2025. His name
may sound familiar from his well-known
Flask
Mega-Tutorial, which has introduced many to the
Flask lightweight Python-based
web framework. It should come as no surprise, then, that Microdot is
inspired by its rather larger cousin, so Flask enthusiasts will find much
to like in Microdot—and will come up to speed quickly should their needs turn
toward smaller systems.
jake
2 hét 4 nap óta
Security updates have been issued by AlmaLinux (tomcat), Debian (squid), Fedora (matrix-synapse, rust-slab, socat, and webkitgtk), SUSE (firefox-esr, gdk-pixbuf, gdk-pixbuf-devel, govulncheck-vulndb, rust-keylime, and wicked2nm), and Ubuntu (linux-nvidia, linux-oracle, linux-oracle-6.8, php7.0, php7.2, php7.4, python3.13, python3.12, python3.11, python3.10, python3.9, python3.8, python3.7, python3.6, python3.5, python3.4, and ruby-webrick).
daroc
2 hét 4 nap óta
The Arch Linux project has posted an
update about recent service
outages that have affected its infrastructure:
The Arch Linux Project is currently experiencing an ongoing denial
of service attack that primarily impacts our main webpage, the Arch
User Repository (AUR), and the Forums.
We are aware of the problems that this creates for our end users
and will continue to actively work with our hosting provider to
mitigate the attack. We are also evaluating DDoS protection providers
while carefully considering factors including cost, security, and
ethical standards.
The post contains information on workarounds to use during the
service disruption, and notes that Arch is not sharing technical
details about the attack or mitigation while the attack is still
ongoing.
jzb
2 hét 5 nap óta
The
restartable sequences feature, which
was added to the 4.18 kernel in 2018, exists to enable better performance
in certain types of threaded applications. While there are users for
restartable sequences, they tend to be relatively specialized code; this is
not a tool that most application developers reach for. Over time, though,
the use of restartable sequences has grown, and it looks to grow further as
the feature is tied to new capabilities provided by the kernel. As
restartable sequences become less of a niche feature, though, some problems
have turned up; fixing one of them may involve an ABI change visible in
user space.
corbet
2 hét 5 nap óta
Security updates have been issued by AlmaLinux (libarchive, mingw-sqlite, pki-deps:10.6, and tomcat), Debian (chromium and firefox-esr), Fedora (python3.6 and suricata), Oracle (go-toolset:rhel8, kernel, libarchive, mingw-sqlite, tomcat, and xterm), Red Hat (kernel), Slackware (mozilla), SUSE (aws-efs-utils, docker-machine-driver-kvm2, nova, pluto, polaris, and python310), and Ubuntu (ceph, gcc-10, gcc-11, gcc-12, linux-aws-6.8, linux-gcp, linux-gcp-6.8, linux-gkeop, linux-ibm,
linux-ibm-6.8, linux-hwe-6.14, linux-oem-6.14, linux-ibm, linux-intel-iotg, linux-oracle, linux-raspi, linux-iot, poppler, and tiff).
jake
2 hét 5 nap óta
Inside this week's LWN.net Weekly Edition:
- Front: Debian; CPython; huge zero folio; kexec handover; FHS; Koka programming language
- Briefs: PyPI domain checks; Firefox 142.0; Git v2.51; Ghostty; LibreOffice 25.8; Zig 0.15.1; Quotes; ...
- Announcements: Newsletters, conferences, security updates, patches, and more.
corbet
2 hét 5 nap óta
The Zig project has
announced version 0.15.1 of the language. The release, much like the
last one, includes incremental progress toward the goal of completely dropping LLVM and improving compile time, as well as a handful of breaking changes as the language team wrestles with past API design. The biggest change this time around is to the standard library Reader and Writer interfaces, which have been completely rearranged in the name of performance and reducing unneeded copies.
All existing std.io readers and writers are deprecated in favor of the newly provided std.Io.Reader and std.Io.Writer which are non-generic and have the buffer above the vtable - in other words the buffer is in the interface, not the implementation. This means that although Reader and Writer are no longer generic, they are still transparent to optimization; all of the interface functions have a concrete hot path operating on the buffer, and only make vtable calls when the buffer is full.
These changes are extremely breaking. I am sorry for that, but I have carefully examined the situation and acquired confidence that this is the direction that Zig needs to go. I hope you will strap in your seatbelt and come along for the ride; it will be worth it.
daroc
Ellenőrizve
4 perc 12 másodperc ago
LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
Feliratkozás a következőre: Linux Weekly News hírcsatorna