Linux Weekly News

Tartalom átvétel
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Frissült: 1 perc 51 másodperc

[$] Grsecurity goes private

p, 2017-05-05 00:46
On April 26, the grsecurity project announced that it was withdrawing public access to its kernel-hardening patch sets; henceforth, they will be available only to paying customers of Open Source Security, Inc., the company behind this work. This move has yielded quite a bit of discussion and no small amount of recrimination. It is not clear, though, that the right conclusions are being drawn from this change.
Kategóriák: Linux

GStreamer 1.12 released

cs, 2017-05-04 21:13
The 1.12 release of the GStreamer multimedia framework is out. It contains many new features and bug fixes. New features include support for Intel's Media SDK for hardware-accelerated video encoding and decoding, multi-threaded video scaling and conversion, x264 can encode multiple bit depths transparently, multiple new video formats are supported, and so on. "More than 635 bugs have been fixed during the development of 1.12. This list does not include issues that have been cherry-picked into the stable 1.10 branch and fixed there as well, all fixes that ended up in the 1.10 branch are also included in 1.12. This list also does not include issues that have been fixed without a bug report in bugzilla, so the actual number of fixes is much higher."
Kategóriák: Linux

Security updates for Thursday

cs, 2017-05-04 16:03
Security updates have been issued by Arch Linux (chromium), Debian (tiff), Mageia (minicom), and SUSE (firefox, mozilla-nss, mozilla-nspr).
Kategóriák: Linux

[$] LWN.net Weekly Edition for May 4, 2017

cs, 2017-05-04 05:38
The LWN.net Weekly Edition for May 4, 2017 is available.
Kategóriák: Linux

[$] Machine learning for lawyers

sze, 2017-05-03 22:42
Machine learning is a technique that has taken the computing world by storm over the last few years. As Luis Villa discussed in his 2017 Free Software Legal and Licensing Workshop (LLW) talk, there are legal implications that need to be considered, especially with regard to the data sets that are used by machine-learning systems. The talk, which was not under the Chatham House Rule default for the workshop, also provided a simplified introduction to machine learning geared toward a legal audience.
Kategóriák: Linux

[$] 4.12 Merge window part 1

sze, 2017-05-03 22:08
The 4.12 merge window opened on May 1; as of this writing, just over 4,300 non-merge changesets have been pulled into the mainline repository. Though things are just beginning, it has the look of yet another busy development cycle for the kernel community. Thus far, the bulk of the changes merged have been in the block I/O and networking areas.
Kategóriák: Linux

Cook: security things in Linux v4.11

sze, 2017-05-03 22:07
Kees Cook has done his usual roundup of new security features, this time for the 4.11 kernel. It lists seven different features and fixes with security implications, including: "A common way attackers use to escape confinement is by rewriting the user-mode helper sysctls (e.g. /proc/sys/kernel/modprobe) to run something of their choosing in the init namespace. To reduce attack surface within the kernel, Greg KH introduced CONFIG_STATIC_USERMODEHELPER, which switches all user-mode helper binaries to a single read-only path (which defaults to /sbin/usermode-helper). Userspace will need to support this with a new helper tool that can demultiplex the kernel request to a set of known binaries."
Kategóriák: Linux

[$] Intel's zero-day problem

sze, 2017-05-03 21:43
In his talk at FOSDEM 2017, Georg Greve mentioned that every recent Intel CPU contains a second, internal CPU that you cannot audit but which can take over your machine. His contention was that this could be used to do bad things without your consent if it turned out to be treacherous or buggy. As of May 1, 2017, the latter prediction turned out to be worryingly prescient.
Kategóriák: Linux

Stable kernel updates

sze, 2017-05-03 18:08
Greg Kroah-Hartman has released stable kernels 4.10.14, 4.9.26, and 4.4.66. They all contain important fixes and users should upgrade.
Kategóriák: Linux

Security updates for Wednesday

sze, 2017-05-03 17:56
Security updates have been issued by Debian (libxstream-java, mysql-connector-java, tomcat7, and tomcat8), Fedora (log4j), Mageia (texlive), openSUSE (weechat), SUSE (ghostscript-library, graphite2, and xen), and Ubuntu (icu and libreoffice).
Kategóriák: Linux

[$] The first Operating-System-Directed Power-Management Summit

sze, 2017-05-03 17:42
The first Operating-System-Directed Power-Management (OSPM) Summit took place at the ReTiS Lab of the Scuola Superiore Sant'Anna in Pisa on April 3 and 4, 2017. This summit was organized as a collection of collaborative sessions focused on trying to improve how operating-system-directed power management and the kernel's task scheduler can work together to achieve the goal of reducing energy consumption while still meeting performance and latency requirements. This subject is receiving great interest, not least since the advent of energy-aware scheduling (EAS) and heterogeneous CPU designs.
Kategóriák: Linux

Devcic: Have You Heard? KDE Applications 17.04 and Plasma 5.9.5 Now Available

k, 2017-05-02 21:14
Ivana Isadora Devcic takes a look at the recently released KDE Applications 17.04 and Plasma 5.9.5. In file management there have been improvements to the Dolphin file manager, the Okular PDF viewer, and the archiving tool Ark. The video editor Kdenlive has seen the biggest improvements among multimedia applications. Several educational applications have also seen some changes. "The most obvious changes introduced in Plasma 5.9.5 are related to window decorations and other visual tweaks. Themes in the System Settings module are now sorted, Plastik window decoration supports the global menu, and Aurorae window decorations support the global menu button. KWin will respect theme colors in buttons, and you will be able to edit the default color scheme of your Plasma Desktop."
Kategóriák: Linux

[$] The rise of copyright trolls

k, 2017-05-02 20:02
At the 2017 Free Software Legal and Licensing Workshop (LLW), which was held April 26-28 in Barcelona, Spain, more information about the GPL enforcement efforts by Patrick McHardy emerged. The workshop is organized by the Free Software Foundation Europe (FSFE) and its legal network. A panel discussion on the final day of the workshop discussed McHardy's methodology and outlined why those efforts are actually far from the worst-case scenario of a copyright troll. While the Q&A portion of the discussion was under Chatham House Rule (which was the default for the workshop), the discussion between the three participants was not—it provided much more detail about McHardy's efforts, and copyright trolling in general, than has been previously available publicly.
Kategóriák: Linux

GCC 7.1 Released

k, 2017-05-02 19:14
GNU Compiler Collection 7.1 has been released, 30 years after the 1.0 release. "This release features various improvements in the emitted diagnostics, including improved locations, location ranges, suggestions for misspelled identifiers, option names, fix-it hints and various new warnings have been added." There is also experimental support for all of the current C++17 draft, improved optimizers, and more. (LWN previewed the 7.1 release in early April.)
Kategóriák: Linux

Security updates for Tuesday

k, 2017-05-02 17:43
Security updates have been issued by Fedora (bouncycastle, drupal8, and kernel), Mageia (389-ds-base, freetype2, libxslt, openjpeg, python-lshell, and squirrelmail), openSUSE (feh, kernel, and virtualbox), and Slackware (rxvt).
Kategóriák: Linux

Intel's AMT remote vulnerability

k, 2017-05-02 15:39
The fears of vulnerabilities lurking in Intel's "management engine" technology have just shown some validity: Intel has announced a remotely exploitable vulnerability in it's "active management technology" engine. "There is an escalation of privilege vulnerability in Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology versions firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6 that can allow an unprivileged attacker to gain control of the manageability features provided by these products. This vulnerability does not exist on Intel-based consumer PCs."

See Matthew Garrett's writeup for a more comprehensible summary of what is known at this time.

Kategóriák: Linux

Ubuntu 12.04 (Precise Pangolin) End of Life

h, 2017-05-01 17:56
Support for Ubuntu 12.04 (Precise Pangolin) is at an end. There will be no more updates as of April 28, 2017. "The supported upgrade path from Ubuntu 12.04 is via Ubuntu 14.04. Users are encouraged to evaluate and upgrade to our latest 16.04 LTS release via 14.04."
Kategóriák: Linux

Stable kernels 4.4.65 and 3.18.51

h, 2017-05-01 17:44
Stable kernels 4.4.65 and 3.18.51 have been released. Both of them contain important fixes and users should upgrade.
Kategóriák: Linux

Security updates for Monday

h, 2017-05-01 17:16
Security updates have been issued by Arch Linux (bind, curl, and dovecot), Debian (batik, fop, freetype, kedpm, libpodofo, libsndfile, libxstream-java, partclone, and tomcat7), Fedora (ansible, community-mysql, java-1.8.0-openjdk, and yara), Mageia (java-1.8.0-openjdk and xstream), openSUSE (libosip2 and ruby2.1), Oracle (kernel and nss), and SUSE (ghostscript, kvm, and mysql).
Kategóriák: Linux

Rockbox 3.14 released

h, 2017-05-01 15:33
Rockbox is a replacement firmware for a number of digital audio players. The project seemed to have faded away along with much of the audio-player market in general, but Rockbox is now back with the release of version 3.14. "Over 4 years have passed since the last release, and in that time we've been busy adding features and fixing bugs to give you the best Rockbox experience yet on the widest range of targets ever." Support for a number of devices has been added, performance and battery life has been improved, and a number of features have been added; see the announcement for details.
Kategóriák: Linux