Hírolvasó

A hosszútávú cél, hogy az AI-szolgáltatás is pénzt termeljen a közösségi óriásnak.

Lamborghini? Kacsalábon forgó palota? Bitcoin? Kutyakozmetika? Ebben a weeklyben az illegálisan megszerzett vagyon nyomába eredünk.

Egy GVH-eljárás részeként a cég kötelezettséget vállalt rá, hogy tízmilliárd magyar szó felhasználásával tanítja az AI-alapú rendszereit.

"Kifizetéseket kellett leállítani, a csőd szélén a főváros" trey 2025. 05. 30., p – 07:53

As of this writing, 5,546 non-merge changesets have been pulled into the mainline kernel repository for the 6.16 release. This is a bit less than half of the total commits for 6.15, so the merge window is well on its way. Read on for our summary of the first half of the 6.16 merge window.

As the end of the 1990s approached, a lot of kernel-development effort was going into improving support for 32-bit systems with shockingly large amounts of memory installed. This being the 1990s, having more than 1GB of memory in such a system was deemed to be shocking. Many of the compromises made to support such inconceivably large systems have remained in the kernel to this day. One of those compromises — bounce buffering of I/O requests in the block layer — has finally been eased out for the 6.16 release, more than a quarter-century after its introduction.

The SUSE Security Team has published a detailed report about security vulnerabilities it discovered in the Kea DHCP server suite from the Internet Systems Consortium (ISC).

Since SUSE is also going to ship Kea DHCP in its products, we performed a routine review of its code base. Even before checking the network security of Kea, we stumbled over a range of local security issues, among them a local root exploit which is possible in many default installations of Kea on Linux and BSD distributions. [...]

This report is based on Kea release 2.6.1. Any source code references in this report relate to this version. Many systems still ship older releases of Kea, but we believe they are all affected as well by the issues described in this report.

The report details seven security issues including local-privilege-escalation and arbitrary file overwrite vulnerabilities. Security fixes for the vulnerabilities have been published in all of the currently supported release series of Kea: 2.4.2, 2.6.3, and the 2.7.9 development release were all released on May 28. Kea has assigned CVE-2025-32801, CVE-2025-32802, and CVE-2025-32803 to the vulnerabilities. Note that some of the CVEs cover multiple security flaws.

The 6.14.9 and 6.12.31 stable kernels have been released. Each contains an unusually large number of important fixes all over the kernel tree.

Security updates have been issued by AlmaLinux (kernel and kernel-rt), Debian (firefox-esr, libvpx, net-tools, php-twig, python-tornado, setuptools, varnish, webpy, yelp, and yelp-xsl), Fedora (xen), Mageia (cimg and ghostscript), Oracle (gstreamer1-plugins-bad-free, kernel, libsoup, thunderbird, and unbound), Red Hat (firefox, mingw-freetype and spice-client-win, pcs, and varnish:6), Slackware (curl and mozilla), SUSE (apparmor, containerd, dnsdist, go1.23-openssl, go1.24, gstreamer-plugins-bad, ImageMagick, jetty-minimal, python-tornado, python313-setuptools, s390-tools, thunderbird, tomcat10, ucode-intel, and wxWidgets-3_2), and Ubuntu (ffmpeg, krb5, libsoup3, libsoup2.4, linux-aws-5.4, linux-aws-fips, linux-fips, linux-oracle-6.8, net-tools, and python-setuptools, setuptools).

A funkciók eddig csak a Pixel 9-et használók számára voltak elérhetők.

Rendkívül drága a harc, amit az egyik legnépszerűbb stockfotó szolgáltatás vív a Stability AI ellen.

A platformok megegyeztek a részletekről, hamarosan jöhet a Telegramba integrált Grok.

A sorszámos sémától megválni készülnek a cupertinóiak, ami már a közelgő kiadásoktól kezdve életbe léphet.

A jogi szakértők szerint még nem tudni, mire lehet számítani, de a Metának talán hangyányival jobbak az esélyei.

Reining in file system access is hard to get right, even for OpenBSD developers.

In a message to tech@ titled openat(2) is mostly useless, sadly Theo de Raadt (deraadt@) describes how the openat(2) family of system calls has failed to live up to expectations in practice, and he proposes changes that may improve the situation.

Theo writes, List: openbsd-tech Subject: openat(2) is mostly useless, sadly From: "Theo de Raadt" <deraadt () openbsd ! org> Date: 2025-05-28 14:03:29 The family of system calls related to openat(2) are mostly useless in practice, rarely used. When they are used it is often ineffectively or even with performance-reducing results. int openat(int fd, const char *path, int flags, ...); These are the others:

Read more…

Megérkezett a Tárhely szolgáltatás a DÁP-ba! trey 2025. 05. 29., cs – 09:39

A cég adatközponti chipjeit elkapkodták az exporttilalmi intézkedések előtt, a negatív hatás most lesz érezhető.

Inside this week's LWN.net Weekly Edition:

• Front: Glibc security; How we lost the Internet; Encrypted DNS; 6.15 Development statistics; Filesystem stress-testing; BPF verifier; Network access from BPF; OSPM 2025.
• Briefs: AlmaLinux 10.0; FESCo decision overturned; NixOS 25.05; Pocket, Launchpad retired; Quotes; ...
• Announcements: Newsletters, conferences, security updates, patches, and more.

The GNU C Library (glibc) is the core C library for most Linux distributions, so it is a crucial part of the open-source ecosystem—and an attractive target for any attackers looking to carry out supply-chain attacks. With that being the case, securing the project's infrastructure using industry best practices and improving the security of its development practices are a frequent topic among glibc developers. A recent discussion suggests that improvements are not happening as quickly as some would like.

Mahé Tardy led two sessions about some of the challenges that he, Kornilios Kourtis, and John Fastabend have run into in their work on Tetragon (Apache-licensed BPF-based security monitoring software) at the Linux Storage, Filesystem, Memory Management, and BPF Summit. The session prompted discussion about the feasibility of letting BPF programs send data over the network, as well as potential new kfuncs to let BPF firewalls send TCP reset packets. Tardy presented several possible ways that these could be accomplished.