Hírolvasó

OpenSSH 9.9 released!

OpenBSD Journal
11 hónap 3 hét óta

In a fediverse post, Damien Miller (djm@) announced the availability of the new OpenSSH version 9.9:

OpenSSH 9.9 has just been released. New features include support for hybrid ML-KEM X25519 post-quantum key exchange (using a formally-verified ML-KEM implementation), improved controls to drop and penalise unwanted connections, faster NTRUPrime key exchange code and more.

Read more…

pcp: pmcd network daemon review (SUSE Security Team Blog)

Linux Weekly News
11 hónap 3 hét óta

The SUSE Security Team Blog has a detailed review of the Performance Co-Pilot (PCP) 6.2.1 release:

The rather complex PCP software suite was difficult to judge just from a cursory look, so we decided to take a closer look especially at PCP's networking logic at a later time. This report contains two CVEs and some non-CVE related findings we also gathered during the follow-up review.

CVE-2024-45769, a flaw that could allow an attacker to send crafted data to crash pcmd, and CVE-2024-45770, which could allow a full local root exploit from the pcp user to root, have been addressed in the 6.3.1 release of PCP.

jzb

[$] The 6.12 merge window begins

Linux Weekly News
11 hónap 3 hét óta
As of this writing, 6,778 non-merge changesets have been pulled into the mainline kernel for the 6.12 release — over half of the work that had been staged in linux-next prior to the opening of the merge window. There has been a lot of refactoring and cleanup work this time around, but also some significant changes. Read on for a summary of the first half of the 6.12 merge window.
corbet

OpenSSH 9.9 released

Linux Weekly News
11 hónap 3 hét óta

The OpenSSH project has released version 9.9. This version includes support for the new post-quantum cryptography standard from NIST. The release also includes the next step in the deprecation of DSA keys — they are now disabled by default at compile time, and are expected to be removed entirely in early 2025. The release also contains the normal mixture of bug fixes and small usability improvements.

daroc

[$] Considering kernel pass-through interfaces

Linux Weekly News
11 hónap 3 hét óta
The kernel normally sits firmly between user space and the system's peripheral devices, and provides a standard interface to those devices. At times, though, a more direct interface to a device is desired — but such interfaces can be controversial. At the 2024 Maintainers Summit, the assembled developers considered a specific case — the proposed fwctl subsystem — as well as the role of such drivers in general.
corbet

Security updates for Friday

Linux Weekly News
11 hónap 3 hét óta
Security updates have been issued by Debian (chromium), Fedora (bluez, chromium, frr, iwd, libell, python3.11, python3.8, python3.9, and ruby), Mageia (kernel, kmod-xtables-addons, and kmod-virtualbox and kernel-linus), Red Hat (kernel), SUSE (kernel, kubernetes1.23, kubernetes1.24, kubernetes1.25, libmfx, and python-azure-identity), and Ubuntu (emacs, emacs24, emacs25, libreoffice, postgresql-9.5, python2.7, python3.5, and tgt).
daroc

The realtime preemption pull request

Linux Weekly News
11 hónap 3 hét óta
On September 19, Thomas Gleixner delivered the pull request for the realtime preemption enablement patches to Linus Torvalds — in printed form, wrapped in gold, with a ribbon, as Torvalds had requested. It was a significant milestone, marking the completion of a project that required 20 years of effort. Congratulations are due to everybody involved.

Torvalds acted on the pull request the following morning.

corbet

[$] Best practices for error handling in kernel Rust

Linux Weekly News
11 hónap 3 hét óta

Dirk Behme led a session discussing the use of Rust's question-mark operator in the kernel at Kangrejos 2024. He was particularly concerned with the concept of "silent" errors that don't print any messages to the console. Other attendees were less convinced that this was a problem, but his presentation sparked a lot of discussion about whether the Rust-for-Linux project could improve error handling in kernel Rust code.

daroc

[$] RPM 4.20 is coming

Linux Weekly News
11 hónap 3 hét óta

The RPM Package Manager (RPM) project is nearing the release of RPM 4.20, the last major planned update for the RPM 4.x series. It has few user-facing changes, but several additions and enhancements for developers—as well as some small incompatibilities that will likely require RPM packagers to revise their spec files. 4.20 will be rolling out to many users soon, in Fedora 41, which is scheduled for October. RPM 6.0 is already in the works, with a new package format and opening the door to enabling C++ use in the RPM codebase.

jzb

Security updates for Thursday

Linux Weekly News
11 hónap 3 hét óta
Security updates have been issued by Debian (expat and tinyproxy), Fedora (frr, microcode_ctl, python3.10, python3.12, python3.6, and ruby), Oracle (expat, fence-agents, firefox, ghostscript, java-1.8.0-openjdk, kernel, and thunderbird), Red Hat (firefox, openssl, ruby:3.3, and thunderbird), SUSE (clamav, ffmpeg-4, kernel, libmfx, python3, python312, runc, ucode-intel, and wireshark), and Ubuntu (apache2, git, linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-nvidia, linux-oracle, linux-raspi, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp, and linux, linux-aws, linux-gcp, linux-gke, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle).
jake