5 év 6 hónap óta
Security updates have been issued by Debian (libssh, ruby2.3, and ruby2.5), Fedora (kernel and libgit2), openSUSE (chromium and libssh), Oracle (openslp), Red Hat (container-tools:1.0, container-tools:rhel8, freetype, kernel, and kpatch-patch), Scientific Linux (openslp), SUSE (git and LibreOffice), and Ubuntu (graphicsmagick).
ris
5 év 6 hónap óta
XFS filesystem maintainer Darrick Wong
summarizes
the significant XFS developments from the last year. "The year
2038 poses a special problem for Linux -- any signed 32-bit seconds counter
will overflow back to 1901. Work is underway in the kernel to extend all of
those counters to support 64-bit counters fully. In 2020, we will begin
work on extending XFS's metadata (primarily inode timestamps and quota
expiration timer) to support timestamps out to the year 2486. It should be
possible to upgrade to existing V5 filesystems."
corbet
5 év 6 hónap óta
Stable kernels
5.4.3,
5.3.16, and
4.19.89 have been released. They all contain
important fixes throughout the tree and users should upgrade.
ris
5 év 6 hónap óta
Security updates have been issued by Debian (davical, intel-microcode, libpgf, php-horde, spamassassin, spip, and thunderbird), Mageia (clementine, dnsmasq, git, jasper, kdelibs4, kernel, libcroco, libgit2, libvirt, ncurses, openafs, proftpd, qbittorrent, signing-party, squid, and wireshark), openSUSE (java-1_8_0-openjdk and postgresql), Oracle (kernel), Red Hat (chromium-browser and openslp), and SUSE (kernel, libssh, and xen).
ris
5 év 6 hónap óta
corbet
5 év 6 hónap óta
ZDNet
reports
on a police raid at the NGINX office. "Moscow police executed the raid after last week the Rambler Group filed a copyright violation against NGINX Inc., claiming full ownership of the NGINX web server code. The Rambler Group is the parent company of rambler.ru, one of Russia's biggest search engines and internet portals.
According to copies of the search warrant posted on Twitter today, Rambler
claims that Igor Sysoev developed NGINX while he was working as a system
administrator for the company, hence they are the rightful owner of the
project."
corbet
5 év 6 hónap óta
The saga of get_user_pages() — and the problems it causes within
the kernel — has been extensively chronicled here; see
the LWN kernel
index for the full series. In short, get_user_pages() is used
to pin user-space pages in memory for some sort of manipulation outside of
the owning process(es); that manipulation can sometimes surprise other
parts of the kernel that think they have exclusive rights to the pages in
question.
This
patch series from John Hubbard does not solve all of the problems, but
it does create some infrastructure that may make a solution easier to come
by.
corbet
5 év 6 hónap óta
Security updates have been issued by Fedora (knot-resolver and xen), openSUSE (kernel), and SUSE (haproxy, kernel, and openssl).
jake
5 év 6 hónap óta
Linux offers two modes for file I/O: buffered and direct. Buffered I/O
passes through the kernel's page cache; it is relatively easy to use and
can yield significant performance benefits for data that is accessed
multiple times. Direct I/O, instead, goes straight between a user-space
buffer and the storage device. It can be much faster for situations where
caching by the operating system isn't necessary, but it is complex to use
and contains traps for the unwary. Now, it seems, Jens Axboe has come up
with
a
way to get many of the benefits of direct I/O with a lot less bother.
corbet
5 év 6 hónap óta
Security updates have been issued by CentOS (firefox and nss-softokn), Fedora (samba), Oracle (nss, nss-softokn, nss-util, nss-softokn, and thunderbird), Scientific Linux (thunderbird), SUSE (firefox), and Ubuntu (librabbitmq and samba).
jake
5 év 6 hónap óta
The LWN.net Weekly Edition for December 12, 2019 is available.
corbet
5 év 6 hónap óta
An effort to protect package downloads from the
Python
Package Index (PyPI) has resulted in a Python Enhancement Proposal
(PEP) and, perhaps belatedly, some discussion in the wider community. The
basic idea is to use
The
Update Framework (TUF) to protect PyPI users from
some malicious
actors who are aiming to interfere with the installation and update of
Python modules. But the name of the PEP and its wording, coupled with some
recent typosquatting problems on PyPI, caused
some confusion along the way. There are some competing interests and
different cultures coming together over this PEP; the process has not run as
smoothly as anyone might want, though that seems to be resolving itself at
this point.
jake
5 év 6 hónap óta
Security updates have been issued by Arch Linux (crypto++ and thunderbird), Debian (cacti, freeimage, git, and jackson-databind), Fedora (nss), openSUSE (clamav, dnsmasq, munge, opencv, permissions, and shadowsocks-libev), Red Hat (nss, nss-softokn, nss-util, rh-maven35-jackson-databind, and thunderbird), Scientific Linux (nss, nss-softokn, nss-util, nss-softokn, and thunderbird), SUSE (caasp-openstack-heat-templates, crowbar-core, crowbar-openstack, crowbar-ui, etcd, flannel, galera-3, mariadb, mariadb-connector-c, openstack-dashboard-theme-SUSE, openstack-heat-templates, openstack-neutron, openstack-nova, openstack-quickstart, patterns-cloud, python-oslo.messaging, python-oslo.utils, python-pysaml2, libssh, and strongswan), and Ubuntu (git, libpcap, libssh, and thunderbird).
ris
5 év 6 hónap óta
The Electronic Frontier Foundation has posted
a detailed
study on third-party corporate surveillance on the Internet (and
beyond). "Both Google and Apple encourage developers to use ad IDs
for behavioral profiling in lieu of other identifiers like IMEI or phone
number. Ostensibly, this gives users more control over how they are
tracked, since users can reset their identifiers by hand if they
choose. However, in practice, even if a user goes to the trouble to reset
their ad ID, it’s very easy for trackers to identify them across resets by
using other identifiers, like IP address or in-app storage. Android’s
developer policy instructs trackers not to engage in such behavior, but the
platform has no technical safeguards to stop it. In February 2019, a study
found that over 18,000 apps on the Play store were violating Google’s
policy."
corbet
5 év 6 hónap óta
A new mechanism to help thwart
return-oriented
programming (ROP) and similar attacks has recently been added to the
OpenBSD kernel. It will block system calls that are not made via the C
library (libc) system-call wrappers. Instead of being able to string
together some "gadgets" that make a system call directly, an attacker would
need to be able to call the wrapper, which is normally at a randomized location.
jake
5 év 6 hónap óta
The Kubernetes scheduler is being overhauled with a series of improvements
that will introduce a new framework and enhanced capabilities that could
help cluster administrators to optimize performance and
utilization. Abdullah Gharaibeh, co-chair of the Kubernetes scheduling
special interest group (
SIG
Scheduling), detailed what has been happening with the
scheduler in recent releases and what's on the roadmap
in a
session at
KubeCon + CloudNativeCon North America 2019.
jake
5 év 6 hónap óta
The Git project has released Git v2.24.1, v2.23.1, v2.22.2, v2.21.1,
v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and
v2.14.6. "These releases fix various security flaws, which allowed an
attacker to overwrite arbitrary paths, remotely execute code, and/or
overwrite files in the .git/ directory etc." The release notes
contained in this announcement have the details.
ris
5 év 6 hónap óta
Google Open Source has
announced
Google Summer of Code (GSoC) 2020, a program that introduces university
students to open-source development. "And the 'special sauce' that has
kept this program thriving for 16 years: the mentorship aspect of the
program. Participants gain invaluable experience working directly with
mentors who are dedicated members of these open source communities; mentors
help bring students into their communities while teaching them, guiding
them and helping them find their place in the world of open source."
Applications for interested organizations open on January 14.
ris
5 év 6 hónap óta
Security updates have been issued by Debian (firefox-esr, jruby, and squid3), Fedora (librabbitmq, libuv, and xpdf), openSUSE (calamares and opera), Oracle (kernel and nss), Red Hat (httpd24-httpd, kernel, kernel-alt, kpatch-patch, nss-softokn, sudo, and thunderbird), SUSE (apache2-mod_perl, java-1_8_0-openjdk, and postgresql), and Ubuntu (eglibc, firefox, and samba).
ris
5 év 6 hónap óta
Daniel Vetter has posted
a
summary of his LPC talk on kernel graphics drivers.
"Unfortunately the business case for 'upstream first' on the kernel
side is completely broken. Not for open source, and not for any fundamental
reasons, but simply because the kernel moves too slowly, is too big,
drivers aren’t well contained enough and therefore customer will not or
even can not upgrade. For some hardware upstreaming early enough is
possible, but graphics simply moves too fast: By the time the upstreamed
driver is actually in shipping distros, it’s already one hardware
generation behind. And missing almost a year of tuning and performance
improvements. Worse it’s not just new hardware, but also GL and Vulkan
versions that won’t work on older kernels due to missing features,
fragmenting the ecosystem further."
corbet
Ellenőrizve
2 perc 24 másodperc ago
LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
Feliratkozás a következőre: Linux Weekly News hírcsatorna