1 év 3 hónap óta
Version
127.0 of the Firefox browser is out. Changes include support for DNS
prefetching and the ability to close duplicate tabs in a window. The
browser will now try to upgrade images and videos with HTTP URLs that are
found in an HTTPS page to HTTPS as well; if that fails, the non-HTTPS
resources will simply fail to load.
Update: this
Mozilla Security Blog post describes the HTTPS-related changes in
detail.
corbet
1 év 3 hónap óta
VFS maintainer Christian Brauner led a discussion about the possibility of
selectively dropping the contents of the page cache for a filesystem in a
session at the
2024
Linux Storage,
Filesystem, Memory Management, and BPF Summit. As he described in his
topic
proposal, the use case that started him down this path comes from
GNOME, which wants to be able to safely suspend access to an encrypted home
directory. While it is known to kernel
developers, it is surprising to others that reads from encrypted
filesystems that have been suspended will succeed if the data to be read
still exists in the
page cache.
jake
1 év 3 hónap óta
Security updates have been issued by AlmaLinux (ruby:3.3), Fedora (efifs, libvirt, podman-tui, prometheus-podman-exporter, and strongswan), Red Hat (firefox, idm:DL1, ipa, nghttp2, and thunderbird), SUSE (aws-nitro-enclaves-cli, cdi-apiserver-container, cdi-cloner-container, cdi- controller-container, cdi-importer-container, cdi-operator-container, cdi- uploadproxy-container, cdi-uploadserver-container, containerized-data-importer, frr, glibc, go1.21, go1.22, gstreamer-plugins-base, kernel, kernel-firmware-nvidia-gspx-G06, nvidia-open- driver-G06-signed, libxml2, mariadb, poppler, python-Brotli, python-docker, python-idna, rmt-server, skopeo, sssd, unbound, unrar, util-linux, and webkit2gtk3), and Ubuntu (giflib, libphp-adodb, linux-gkeop, linux-gkeop-5.15, linux-kvm, linux-laptop, linux-oem-6.8, nodejs, and tiff).
corbet
1 év 3 hónap óta
P4, short for "Programming
Protocol-independent Packet Processors", is a programming language aimed at
networking devices; it is useful for the configuration of firewalls and
complicated routing architectures. Since a lot of advanced networking is
done with Linux systems, it stands to reason that there would be value in
supporting P4 and, indeed,
an
implementation of P4 in the kernel's traffic-control subsystem was
first posted by Jamal Hadi Salim at the beginning of 2023. After nearly
18 months, though, this feature has not been merged, and the chances
of that happening would appear to be getting worse.
corbet
1 év 3 hónap óta
Version 5.40.0 of the Perl language has been released. "Perl 5.40.0
represents approximately 11 months of development since Perl 5.38.0 and
contains approximately 160,000 lines of changes across 1,500 files from 75
authors". Significant changes include a new __CLASS__
keyword, a :reader attribute for field variables, a new
"^^" logical-XOR operator (because two of those were not enough),
moving "try/catch" out of the experimental category, and more; see
this
page for lots of details.
corbet
1 év 3 hónap óta
Security updates have been issued by Fedora (galera and mariadb10.11), Mageia (0-plugins-base and plasma-workspace), Oracle (ruby:3.1 and ruby:3.3), Red Hat (bind, bind-dyndb-ldap, and dhcp), SUSE (apache2, glib2, libvirt, openssl-1_1, openssl-3, opera, python-Jinja2, python-requests, and squid), and Ubuntu (linux, linux-gcp, linux-gcp-5.15, linux-lowlatency,
linux-lowlatency-hwe-5.15, linux-xilinx-zynqmp, linux, linux-gcp, linux-gcp-6.5, linux-lowlatency,
linux-lowlatency-hwe-6.5, linux-raspi, linux, linux-ibm, linux-lowlatency, linux-raspi, linux-aws, linux-gcp, linux-azure, linux-azure-6.5, linux-starfive, linux-starfive-6.5, and linux-gke, linux-ibm, linux-intel-iotg, linux-oracle).
jake
1 év 3 hónap óta
The
6.10-rc3 kernel prepatch is out.
"So things look good, the water is warm, please jump right in and keep
testing,"
corbet
1 év 3 hónap óta
Ladybird is an open-source
project aimed at building an independent web browser, rather than
yet another browser based on Chrome. It is written in C++ and licensed under a
two-clause BSD license. The effort
began as part of the SerenityOS project, but
developer Andreas Kling announced
on June 3 that he was "forking" Ladybird as a separate project and stepping away from
SerenityOS to focus his attention on the browser completely. Ladybird
is not ready to replace Firefox or Chrome for regular use, but it is showing
great promise.
jzb
1 év 3 hónap óta
According to CrowdStrike, a
vulnerability in the Linux kernel's nftables code
that was discovered earlier this
year is being actively exploited in the wild. The vulnerability allows for
local privilege escalation. Most distributions have already released a fix.
As noted by the exploit developer, leveraging this POC is dependent on the
kernel's unprivileged user namespaces feature accessing nf_tables. This access
is enabled by default on Debian, Ubuntu and kernel capture-the-flag (CTF)
distributions. An attacker can then trigger the double-free vulnerability, scan
the physical memory for the kernel base address, bypass kernel address-space
layout randomization (KASLR) and access the modprobe_path kernel variable with
read/write privileges. After overwriting the modprobe_path, the exploit drops a
root shell.
daroc
1 év 3 hónap óta
BPF was first
generalized beyond packet filtering more than a decade ago. In that time, it
has changed a lot, becoming much more capable.
Alexei Starovoitov kicked off the second day of the BPF track at the 2024
Linux Storage,
Filesystem, Memory Management, and BPF Summit by leading a session
discussing which changes to BPF are going to come in the next ten years as it
continues evolving. He proposed several ideas, including expanding the number of
registers available to BPF programs, dynamic deadlock detection, and relaxing
some existing limits of the verifier.
daroc
1 év 3 hónap óta
Security updates have been issued by Mageia (libtiff), Oracle (cockpit, glibc, kernel, less, libxml2, linux-kernel, and tomcat), Red Hat (java-1.8.0-ibm, nghttp2, and ruby:3.3), Slackware (php), SUSE (go1.21, go1.22, and python-docker), and Ubuntu (aom and libvpx).
daroc
1 év 3 hónap óta
The kernel's user-space ABI does not lack for ring buffers; they have been
defined for subsystems like
BPF,
io_uring,
perf,
and
tracing, for
example. Naturally, each of those ring buffers is unique, with no common
interface between them. The natural response to this ABI proliferation is,
of course, to add yet another ring buffer as the generic option; that is
the intent of
this
patch series from Kent Overstreet adding a new set of system calls for
ring buffers.
corbet
1 év 3 hónap óta
Security updates have been issued by AlmaLinux (cockpit, kernel, kernel-rt, libxml2, ruby:3.1, and tomcat), Debian (libarchive, pillow, and tinyproxy), Fedora (apptainer), Mageia (amavisd-new and libxml2), Oracle (edk2), Red Hat (booth, cockpit, kernel-rt, less, libxml2, nghttp2, ruby:3.1, ruby:3.3, and tomcat), Slackware (kernel), and Ubuntu (atril, bluez, frr, gdk-pixbuf, openjdk-17, openjdk-21, openjdk-8, openjdk-lts, qemu, and unixodbc).
jake
1 év 3 hónap óta
The LWN.net Weekly Edition for June 6, 2024 is available.
corbet
1 év 3 hónap óta
There are two types of file I/O on Linux, buffered I/O, which goes through
the page cache, and direct I/O, which goes directly to the storage device.
The performance of buffered I/O was reported to be a lot worse than direct
I/O, especially for one specific test, in Luis Chamberlain's
topic
proposal for a session at the 2024
Linux Storage,
Filesystem, Memory Management, and BPF Summit.
The proposal resulted in a lengthy mailing-list discussion,
which also came up in
Paul McKenney's RCU session the next
day; Chamberlain led a
combined storage and filesystem session to discuss those results with an
eye toward improving buffered I/O performance.
jake
1 év 3 hónap óta
Version 2024.2 of the Kali Linux penetration testing distribution
has been released. This
release includes an update to GNOME
46, a high-resolution (HiDPI) mode for Xfce, as well as a number
of new packages such as the AutoRecon network
reconnaissance tool, pspy command-line utility for
snooping on Linux processes, and SploitScan tool for
fetching and displaying CVE information. Kali Linux is based on Debian
testing, and 2024.2 incorporates Debian's work to transition to 64-bit
time_t to avoid year 2038 problems. Users with existing Kali
systems should be sure to follow the documentation
when upgrading.
jzb
1 év 3 hónap óta
jzb
1 év 3 hónap óta
Many years ago, the PostgreSQL project started holding regular CommitFests to
help tackle the work of reviewing and committing patches in a more
organized fashion. That has served the project well, but some in
the project are concerned that CommitFests are no longer meeting
the needs of PostgreSQL or its contributors. A lengthy discussion on the
pgsql-hackers mailing list turned up a number of complaints, a few
suggestions for improvement, but little consensus or momentum toward
a solution.
jzb
1 év 3 hónap óta
The GFP_NOFS flag is meant for kernel memory allocations that
should not cause a call into the filesystems to reclaim memory because there are
already locks held that can potentially cause a deadlock. The "scoped
allocation" API is a better choice for filesystems to indicate that they
are holding a lock, so GFP_NOFS has
long been on the chopping block, though
progress has been slow. In a filesystem-track session at
the 2024
Linux Storage,
Filesystem, Memory Management, and BPF Summit, Matthew Wilcox wanted to
discuss how to move kernel filesystems away from the flag with the eventual
goal of removing it completely.
jake
1 év 3 hónap óta
Drew DeVault has published
an update about the state of the SourceHut software development
platform and its plans for the coming months. This is the first update
since the January post-mortem
following a distributed denial-of-service (DDoS) attack that resulted
in a prolonged
outage:
As you can imagine, it has been a stressful time for us. However, I
wish to stress that everything we've been dealing with is planned for
in our models, both technical and financial. There is no existential
threat to SourceHut. Nevertheless, we are grateful for your patience
and support.
[...] We have been focusing on two things this year: provisioning
and managing our infrastructure and getting as much rest as
possible. Our situation has calmed down, and while we still have a lot
of loose ends to attend to I'm happy to say that we're resuming a
sense of normalcy here and preparing to resume our work on the
features you need.
jzb
Ellenőrizve
10 perc 45 másodperc ago
LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
Feliratkozás a következőre: Linux Weekly News hírcsatorna