Hírolvasó

Security updates for Friday

2 hét 3 nap óta
Security updates have been issued by AlmaLinux (.NET 8.0, .NET 9.0, glibc, kernel, and mod_security), Fedora (chromium, gh, mingw-icu, nginx-mod-modsecurity, python3.10, python3.9, thunderbird, valkey, and yarnpkg), Oracle (.NET 8.0, .NET 9.0, glibc, grafana-pcp, kernel, libxml2, mod_security, nodejs:20, and thunderbird), SUSE (audiofile, helm, kubernetes-old, kubernetes1.23, kubernetes1.24, libcryptopp, postgresql15, thunderbird, and valkey), and Ubuntu (linux-nvidia-tegra-igx).
daroc

dhcpd(8): use UDP sockets instead of BPF

2 hét 3 nap óta
In some cases, the current dhcpd(8) is not quite as reliable as one would want in providing the requested data to the actual requestor. After some rounds of discussion and experimentation, David Gwynne (dlg@) is circulating a diff on tech@ that switches the daemon to use UDP sockets instead of bpf.

The motivation is summarized as,

tl;dr this replaces bpf with udp sockets in dhcpd, mostly to make it better at replying with the ip that requests were sent to.

and the full message, with the subject dhcpd(8): use UDP sockets instead of BPF reads,

List: openbsd-tech Subject: dhcpd(8): use UDP sockets instead of BPF From: David Gwynne <david () gwynne ! id ! au> Date: 2025-06-13 3:29:20 tl;dr this replaces bpf with udp sockets in dhcpd, mostly to make it better at replying with the ip that requests were sent to. ive been hacking on this because of a problem at work, which i want to solve by setting up a bunch of "anycast" dhcp servers. ie, i want to have multiple dhcpd on separate servers with the same IP assigned as an alias on all of them.

Read more…

[$] FAIR package management for WordPress

2 hét 4 nap óta

The last year has been a rocky one for the WordPress community. Matt Mullenweg—WordPress co-founder and CEO of WordPress hosting company Automattic—started a messy public spat with WP Engine in September and has proceeded to use his control of the project's WordPress.org infrastructure as weapons against the company, with the community caught in the crossfire. It is not surprising, then, that on June 6 a group of WordPress community participants announced the Federated and Independent Repositories Package Manager (FAIR.pm) project. It is designed to be a decentralized alternative to WordPress.org with a goal of building "public digital infrastructure that is both resilient and fair".

jzb

Summaries from the 2025 Python Language Summit

2 hét 4 nap óta
The Python Software Foundation blog is carrying a set of detailed summaries from the 2025 Python Language Summit:

The Python Language Summit 2025 occurred on May 14th in Pittsburgh, Pennsylvania. Core developers and special guests from around the world gathered in one room for an entire day of presentations and discussions about the future of the Python programming language.

Topics covered include making breaking changes less painful, free-threaded Python, interaction with Rust, and challenges faced by the Steering Council.

corbet

[$] Parallelizing filesystem writeback

2 hét 4 nap óta
Writeback for filesystems is the process of flushing the "dirty" (written) data in the page cache to storage. At the 2025 Linux Storage, Filesystem, Memory Management, and BPF Summit (LSFMM+BPF), Anuj Gupta led a combined storage and filesystem session on some work that has been done to parallelize the writeback process. Some of the performance problems that have been seen with the existing single-threaded writeback came up in a session at last year's summit, where the idea of doing writeback in parallel was discussed.
jake

Security updates for Thursday

2 hét 4 nap óta
Security updates have been issued by AlmaLinux (kernel), Debian (chromium, gst-plugins-bad1.0, node-tar-fs, and ublock-origin), Gentoo (Emacs, File-Find-Rule, GStreamer, GStreamer Plugins, GTK+ 3, LibreOffice, Node.js, OpenImageIO, Python, PyPy, Qt, X.Org X server, XWayland, and YAML-LibYAML), Mageia (mariadb and roundcubemail), Red Hat (go-toolset:rhel8, golang, grafana, grafana-pcp, gstreamer1-plugins-bad-free, libxml2, libxslt, mod_security, nodejs:20, and perl-FCGI:0.78), Slackware (mozilla), SUSE (docker, docker-compose, iputils, kernel, libsoup, open-vm-tools, rabbitmq-server, rabbitmq-server313, wget, and yelp), and Ubuntu (libsoup2.4 and webkit2gtk).
jake

clang(1)/llvm/lld(1) updated to version 19

2 hét 4 nap óta

In a long series of commits, Robert Nagy (robert@) updated clang(1)/llvm/lld(1) in -current to version 19.1.7 (from version 16.0.6):

CVSROOT: /cvs Module name: src Changes by: robert@cvs.openbsd.org 2025/06/11 06:54:56 Log message: import of llvm from LLVM 19.1.7 Status: Vendor Tag: LLVM Release Tags: LLVM_19_1_7 U src/gnu/llvm/llvm/.clang-format […]

Those building from source should follow the instructions in Following -current and using snapshots before making the leap.