Hírolvasó

The LWN.net Weekly Edition for February 10, 2022 is available.

The LWN.net Weekly Edition for February 10, 2022 is available.

The PinePhone is a Linux-based smartphone made by PINE64 that runs free and open-source software (FOSS); it is designed to use a close-to-mainline Linux kernel. While many smartphones already use the Linux kernel as part of Android, few run distributions that are actually similar to those used on desktops and laptops. The PinePhone is different, however; it provides an experience that is much closer to normal desktop Linux, though it probably cannot completely replace a full-featured smartphone—at least yet.

The PinePhone is a Linux-based smartphone made by PINE64 that runs free and open-source software (FOSS); it is designed to use a close-to-mainline Linux kernel. While many smartphones already use the Linux kernel as part of Android, few run distributions that are actually similar to those used on desktops and laptops. The PinePhone is different, however; it provides an experience that is much closer to normal desktop Linux, though it probably cannot completely replace a full-featured smartphone—at least yet.

Version 2.38 of the GNU Binutils tool set has been released. Changes include new hardware support (including for the LoongArch architecture), various Unicode-handling improvements, a new --thin option to ar for the creation of thin archives, and more.

Version 2.38 of the GNU Binutils tool set has been released. Changes include new hardware support (including for the LoongArch architecture), various Unicode-handling improvements, a new --thin option to ar for the creation of thin archives, and more.

Security updates have been issued by CentOS (aide), Debian (connman), Fedora (perl-App-cpanminus and rust-afterburn), Mageia (glibc), Red Hat (.NET 5.0, .NET 6.0, aide, log4j, ovirt-engine, and samba), SUSE (elasticsearch, elasticsearch-kit, kafka, kafka-kit, logstash, openstack-monasca-agent, openstack-monasca-log-metrics, openstack-monasca-log-persister, openstack-monasca-log-transformer, openstack-monasca-persister-java, openstack-monasca-persister-java-kit, openstack-monasca-thresh, openstack-monasca-thresh-kit, spark, spark-kit, venv-openstack-monasca, zookeeper, zookeeper-kit and elasticsearch, elasticsearch-kit, kafka, kafka-kit, logstash, openstack-monasca-agent, openstack-monasca-persister-java, openstack-monasca-persister-java-kit, openstack-monasca-thresh, openstack-monasca-thresh-kit, spark, spark-kit, storm, storm-kit, venv-openstack-monasca, zookeeper, zookeeper-kit), and Ubuntu (bluez, linux, linux-aws, linux-aws-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-kvm, linux-oracle, linux-oracle-5.4, nvidia-graphics-drivers-450-server, nvidia-graphics-drivers-470, nvidia-graphics-drivers-470-server, nvidia-graphics-drivers-510, python2.7, and util-linux).

Security updates have been issued by CentOS (aide), Debian (connman), Fedora (perl-App-cpanminus and rust-afterburn), Mageia (glibc), Red Hat (.NET 5.0, .NET 6.0, aide, log4j, ovirt-engine, and samba), SUSE (elasticsearch, elasticsearch-kit, kafka, kafka-kit, logstash, openstack-monasca-agent, openstack-monasca-log-metrics, openstack-monasca-log-persister, openstack-monasca-log-transformer, openstack-monasca-persister-java, openstack-monasca-persister-java-kit, openstack-monasca-thresh, openstack-monasca-thresh-kit, spark, spark-kit, venv-openstack-monasca, zookeeper, zookeeper-kit and elasticsearch, elasticsearch-kit, kafka, kafka-kit, logstash, openstack-monasca-agent, openstack-monasca-persister-java, openstack-monasca-persister-java-kit, openstack-monasca-thresh, openstack-monasca-thresh-kit, spark, spark-kit, storm, storm-kit, venv-openstack-monasca, zookeeper, zookeeper-kit), and Ubuntu (bluez, linux, linux-aws, linux-aws-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-kvm, linux-oracle, linux-oracle-5.4, nvidia-graphics-drivers-450-server, nvidia-graphics-drivers-470, nvidia-graphics-drivers-470-server, nvidia-graphics-drivers-510, python2.7, and util-linux).

Version 5.24 of the KDE-based Plasma desktop is out; this is a long-term-support release. Changes include various task-manager improvements, a new overview mode, fingerprint-reader support, improved Wayland support, and more.

Version 5.24 of the KDE-based Plasma desktop is out; this is a long-term-support release. Changes include various task-manager improvements, a new overview mode, fingerprint-reader support, improved Wayland support, and more.

It's been two whole days since the last set of stable kernel releases, but the long wait is over: 5.16.8, 5.15.22, 5.10.99, 5.4.178, 4.19.228, 4.14.265, and 4.9.300 have all been released. Each contains yet another set of important fixes.

It's been two whole days since the last set of stable kernel releases, but the long wait is over: 5.16.8, 5.15.22, 5.10.99, 5.4.178, 4.19.228, 4.14.265, and 4.9.300 have all been released. Each contains yet another set of important fixes.

This is a few days old, but evidently there is still need for this message: Konstantin Ryabitsev explains how it is easy to cause a commit to appear falsely to be part of a GitHub repository:

With all the benefits of object sharing comes one important downside — namely, you can access any shared object through any of the forks. So, if you fork linux.git and push your own commit into it, any of the 41.1k forks will have access to the objects referenced by your commit. If you know the hash of that object, and if the web ui allows to access arbitrary repository objects by their hash, you can even view and link to it from any of the forks, making it look as if that object is actually part of that particular repository (which is how we get the links at the start of this article).

A failure to understand this point is how the net fills up with articles like this one.

This is a few days old, but evidently there is still need for this message: Konstantin Ryabitsev explains how it is easy to cause a commit to appear falsely to be part of a GitHub repository:

With all the benefits of object sharing comes one important downside — namely, you can access any shared object through any of the forks. So, if you fork linux.git and push your own commit into it, any of the 41.1k forks will have access to the objects referenced by your commit. If you know the hash of that object, and if the web ui allows to access arbitrary repository objects by their hash, you can even view and link to it from any of the forks, making it look as if that object is actually part of that particular repository (which is how we get the links at the start of this article).

A failure to understand this point is how the net fills up with articles like this one.

Go 1.18, the biggest release of the Go language since Go 1.0 in March 2012, is expected to be released in February. The first beta was released in December with two features which, each on their own, would have made the release a big one. It adds support for generic types and native support for fuzz testing. In the blog post announcing the beta, core developer Russ Cox emphasized that the release "represents an enormous amount of work".

Go 1.18, the biggest release of the Go language since Go 1.0 in March 2012, is expected to be released in February. The first beta was released in December with two features which, each on their own, would have made the release a big one. It adds support for generic types and native support for fuzz testing. In the blog post announcing the beta, core developer Russ Cox emphasized that the release "represents an enormous amount of work".

Andrew 'bunnie' Huang introduces PDDB, a database meant to allow users to (plausibly) deny the existence of specific data within it.

Precursor is a device we designed to keep secrets, such as passwords, wallets, authentication tokens, contacts and text messages. We also want it to offer plausible deniability in the face of an attacker that has unlimited access to a physical device, including its root keys, and a set of “broadly known to exist” passwords, such as the screen unlock password and the update signing password. We further assume that an attacker can take a full, low-level snapshot of the entire contents of the FLASH memory, including memory marked as reserved or erased. Finally, we assume that a device, in the worst case, may be subject to repeated, intrusive inspections of this nature.

We created the PDDB (Plausibly Deniable DataBase) to address this threat scenario.

Andrew 'bunnie' Huang introduces PDDB, a database meant to allow users to (plausibly) deny the existence of specific data within it.

Precursor is a device we designed to keep secrets, such as passwords, wallets, authentication tokens, contacts and text messages. We also want it to offer plausible deniability in the face of an attacker that has unlimited access to a physical device, including its root keys, and a set of “broadly known to exist” passwords, such as the screen unlock password and the update signing password. We further assume that an attacker can take a full, low-level snapshot of the entire contents of the FLASH memory, including memory marked as reserved or erased. Finally, we assume that a device, in the worst case, may be subject to repeated, intrusive inspections of this nature.

We created the PDDB (Plausibly Deniable DataBase) to address this threat scenario.

Security updates have been issued by CentOS (log4j), Debian (chromium, xterm, and zabbix), Fedora (kate, lua, and podman), Oracle (aide and log4j), and SUSE (xen).

Security updates have been issued by CentOS (log4j), Debian (chromium, xterm, and zabbix), Fedora (kate, lua, and podman), Oracle (aide and log4j), and SUSE (xen).