Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 3 hours 25 min ago

Cory Doctorow Rejoins EFF to Eradicate DRM Everywhere

Tuesday 20th of January 2015 10:52:31 PM
The Electronic Frontier Foundation has announced that Cory Doctorow has rejoined the organization "to battle the pervasive use of dangerous digital rights management (DRM) technologies that threaten users' security and privacy, distort markets, confiscate public rights, and undermine innovation."

Shuttleworth: Smart things powered by snappy Ubuntu Core on ARM and x86

Tuesday 20th of January 2015 10:05:44 PM
Mark Shuttleworth takes a look at Ubuntu and the Internet of Things. "Ubuntu is right at the heart of the “internet thing” revolution, and so we are in a good position to raise the bar for security and consistency across the whole ecosystem. Ubuntu is already pervasive on devices – you’ve probably seen lots of “Ubuntu in the wild” stories, from self-driving cars to space programs and robots and the occasional airport display. I’m excited that we can help underpin the next wave of innovation while also thoughtful about the responsibility that entails. So today we’re launching snappy Ubuntu Core on a wide range of boards, chips and chipsets, because the snappy system and Ubuntu Core are perfect for distributed, connected devices that need security updates for the OS and applications but also need to be completely reliable and self-healing. Snappy is much better than package dependencies for robust, distributed devices."

Tuesday's security updates

Tuesday 20th of January 2015 06:00:57 PM

Debian has updated icedove (multiple vulnerabilities).

Debian-LTS has updated tomcat6 (exception on empty XML attributes).

Mageia has updated binutils (multiple vulnerabilities), coreutils (code execution), elfutils (directory traversal), file (denial of service), iceape (multiple vulnerabilities), moodle (multiple vulnerabilities), and otrs (privilege escalation).

SUSE has updated libpng16 (SLE12: two vulnerabilities).

Ubuntu has updated thunderbird (14.10, 14.04, 12.04: multiple vulnerabilities).

PSF 2014 Year in Review

Monday 19th of January 2015 09:08:33 PM
The Python Software Foundation begins a review of 2014. "2014 was an eventful year for the Python community, and so we thought a brief rundown of highlights from last year should put us all in the right frame of mind to make 2015 an equally, or even more, productive year. There was so much activity in 2014, that it will take the next couple of blog posts to cover it all, so today's post will focus on membership growth, PSF funding, and conferences."

Linux.conf.au 2015 videos

Monday 19th of January 2015 09:07:39 PM
Videos from linux.conf.au 2015 have been posted to YouTube.

Kernel prepatch 3.19-rc5

Monday 19th of January 2015 05:59:02 PM
On January 18, Linus Torvalds released the fifth prepatch for Linux 3.19. Things are not calming down quite the way he would like and rc5 is larger than rc4, but: "That said, it's not like there is anything particularly scary in here. The arm64 vm bug that I mentioned as pending in the rc4 notes got fixed within a day of that previous rc release, and the rest looks pretty standard. Mostly drivers (networking, usb, scsi target, block layer, mmc, tty etc), but also arch updates (arm, x86, s390 and some tiny powerpc fixes), some filesystem updates (fuse and nfs), tracing fixes, and some perf tooling fixes."

Security advisories for Monday

Monday 19th of January 2015 05:37:21 PM

Debian has updated lsyncd (command injection) and xdg-utils (command execution).

Debian-LTS has updated ia32-libs (multiple vulnerabilities).

Fedora has updated elfutils (F21: directory traversal), gd (F21: denial of service), libhtp (F21; F20: denial of service), thunderbird (F21: multiple vulnerabilities), and xen (F21; F20: denial of service).

Mageia has updated firefox, thunderbird (multiple vulnerabilities) and python-django, python-django14 (multiple vulnerabilities).

Mandriva has updated kernel (multiple vulnerabilities).

openSUSE has updated firefox (13.2; 13.1: multiple vulnerabilities), openstack-dashboard (13.1: multiple vulnerabilities), and vsftpd (13.2, 13.1: unspecified vulnerability).

Slackware has updated freetype (code execution), firefox (multiple vulnerabilities), thunderbird (multiple vulnerabilities), and seamonkey (multiple vulnerabilities).

SUSE has updated firefox (SLE12: multiple vulnerabilities).

Ubuntu has updated libevent (14.10, 14.04, 12.04, 10.04: denial of service), libssh (14.10, 14.04, 12.04: denial of service), and rpm (14.10, 14.04, 12.04: code execution).

Taylor: gnome-battery-bench

Friday 16th of January 2015 10:36:36 PM
On his blog, Owen Taylor introduces gnome-battery-bench, which is a tool to measure power usage that should help lengthen battery life on Linux systems. It can smooth out the somewhat jumpy numbers reported by powertop and provide graphical feedback of parameters like power usage and estimated battery life remaining. "gnome-battery-bench is designed as a graphical application because I want to encourage people to explore with it and find out interactively what is using power on their system. And graphing is also useful so that the user can see when something is going wrong with the measurement; sometimes batteries will report data that jumps around. But there’s also a command line version that can be used for automatic scripting of benchmarks. I decided to use recorded sequences of events for a couple of reasons: first, it’s easy for anybody to create new test sequences – you just run the gnome-battery-bench command line tool in record mode and do what you want to test. Second, playing back event sequences at a low level simulates user interaction very accurately. There is little CPU overhead, and as far as the desktop is concerned it’s exactly like user input."

Stable kernels 3.18.3, 3.14.29, and 3.10.65

Friday 16th of January 2015 06:45:54 PM
Greg Kroah-Hartman has released the 3.18.3, 3.14.29, and 3.10.65 stable kernels. As usual, there are fixes in various places throughout the tree and users should upgrade.

Friday's security updates

Friday 16th of January 2015 03:23:10 PM

Debian has updated rpm (two code execution flaws).

Debian-LTS has updated curl (HTTP request injection).

openSUSE has updated flash-player (13.2, 13.1: multiple vulnerabilities), flashplayer (11.4: multiple vulnerabilities), and util-linux (13.2, 13.1: code execution).

SUSE has updated flash-player (SLE11SP3; SLE12: multiple vulnerabilities) and kernel (SLE12: multiple vulnerabilities, one from 2013).

[$] Eben Moglen returns to LCA

Thursday 15th of January 2015 09:08:24 PM
One of the defining moments of LCA 2005 was Eben Moglen's keynote, which was mostly focused on the dangers that software patents presented to our community. Ten years later, Eben returned to LCA for another keynote address. While he had some things to say about software patents, it is clear that Eben thinks that the largest threats to our community — and our freedom in general — come from elsewhere.

Varda: Sandstorm raises $1.3M seed; paying forward crowdfunds

Thursday 15th of January 2015 07:48:29 PM
On the Sandstorm blog, co-founder and CEO Kenton Varda gives an update on the funding and plans for the company behind the open-source Sandstorm personal cloud platform. We looked at the project back in June. "In fact, we are now arguably more aligned with the community than before. Whereas previously there had been a lot of pressure on us to focus on our subscription-based managed hosting option as a way to get revenue, our immediate goal now is just to develop and prove the platform. That means that self-hosted users are just as important to us as paying subscribers. To that end, the first thing we have done with our new money is to hire Asheesh Laroia, a long-time self-hosting and Free Software enthusiast, whose main focus will be improving Sandstorm’s self-hosting experience. To be clear, everything you need to run your own Sandstorm server will always be free and open source, still developed in the open."

Security advisories for Thursday

Thursday 15th of January 2015 05:01:49 PM

CentOS has updated firefox (C7; C6; C5: multiple vulnerabilities), thunderbird (C6; C5: three vulnerabilities), and xulrunner (C7: multiple vulnerabilities).

Debian has updated iceweasel (multiple vulnerabilities) and kernel (multiple vulnerabilities, including one from 2013).

Debian-LTS has updated unrtf (two code execution flaws).

Fedora has updated firefox (F21; F20: multiple vulnerabilities), kde-runtime (F21: kwallet crypto botch from 2013), and owasp-esapi-java (F21; F20: crypto botch from 2013).

Mageia has updated flash-player-plugin (multiple vulnerabilities) and python-pip (denial of service).

Mandriva has updated libsndfile (code execution), libvirt (denial of service), mpfr (code execution), and untrf (denial of service).

Oracle has updated firefox (OL5: multiple vulnerabilities).

Red Hat has updated flash-plugin (RHEL5&6: multiple vulnerabilities).

SUSE has updated kernel (SLERTE11SP3: multiple vulnerabilities, some from 2012 and 2013) and xorg-x11-server (SLE11SP3: multiple vulnerabilities).

Ubuntu has updated coreutils (14.04, 12.04, 10.04: two vulnerabilities, one from 2009), curl (HTTP request injection), firefox (14.10, 14.04, 12.04: multiple vulnerabilities), gparted (12.04: code execution), GTK+ (14.04: lock screen bypass), unzip (three code execution flaws), and ubufox (14.10, 14.04, 12.04: multiple vulnerabilities).

[$] LWN.net Weekly Edition for January 15, 2015

Thursday 15th of January 2015 01:24:07 AM
The LWN.net Weekly Edition for January 15, 2015 is available.

[$] Bob Young on freedom, control, and the GPL

Wednesday 14th of January 2015 10:26:04 PM
Bob Young, known to the free-software community as the co-founder of Red Hat, founder of the print-on-demand service Lulu, and creator of the non-profit Center For The Public Domain, delivered the morning keynote address on the first full day of linux.conf.au (LCA) 2015 in Auckland. Although Young confessed several times to not being as plugged-in to the Linux and free-software economy as he once was, he had plenty of wisdom to dispense to the crowd.

Click below (subscribers only) for the full report from LCA 2015.

Firefox 35.0

Wednesday 14th of January 2015 07:33:46 PM
Firefox 35.0 has been released. New in this release: Firefox Hello with new rooms-based conversations model, new search UI improved and enabled for more locales, access the Firefox Marketplace from the Tools menu and optional toolbar button, improved high quality image resizing performance, and more. See the release notes for details.

Security advisories for Wednesday

Wednesday 14th of January 2015 05:52:27 PM

Debian has updated binutils-mingw-w64 (multiple vulnerabilities).

Fedora has updated drupal6-flag (F21; F20: code execution).

openSUSE has updated gcab (13.2, 13.1: directory traversal), jasper (13.2; 13.1; 12.3: two code execution vulnerabilities), and libsndfile (13.2, 13.1: buffer overflows).

Oracle has updated firefox (OL7; OL6: multiple vulnerabilities) and thunderbird (OL6: multiple vulnerabilities).

Red Hat has updated cloud-init (RH Common for RHEL6: denial of service), firefox (RHEL5,6,7: multiple vulnerabilities), kernel (RHEL6.4: multiple vulnerabilities), openstack-neutron (RHEL OSP: denial of service), and thunderbird (RHEL5,6: multiple vulnerabilities).

Scientific Linux has updated firefox (SL5,6,7: multiple vulnerabilities) and thunderbird (SL5,6: multiple vulnerabilities).

Ubuntu has updated git (14.10, 14.04, 12.04: code execution) and python-django (14.10, 14.04, 12.04, 10.04: multiple vulnerabilities).

[$] Rockstor — A Btrfs-based NAS distribution

Wednesday 14th of January 2015 12:45:27 AM
This is the second article in a short series on distributions designed for use in a network-attached storage (NAS) box. The first was a look at OpenMediaVault, a fairly traditional NAS distribution. The subject this time around — Rockstor — is a different beast; its purpose is to make the features of the Btrfs filesystem available behind an easy-to-use, web-oriented management interface.

Plasma 5.2 beta out for testing

Tuesday 13th of January 2015 10:45:32 PM
KDE has announced the release of Plasma 5.2 beta. Some new components in this release include BlueDevil to manage Bluetooth devices, the Muon software manager, Login theme configuration (SDDM), KScreen to set up multiple monitors, and more.

Tuesday's security updates

Tuesday 13th of January 2015 05:37:11 PM

Debian has updated php5 (denial of service).

Fedora has updated ca-certificates (F20: certificate update), kernel (F20: multiple vulnerabilities), and openssl (F21: multiple vulnerabilities).

Red Hat has updated condor (RHE MRG for RHEL6; RHE MRG for RHEL5: code execution).

Ubuntu has updated kernel (14.10; 14.04; 12.04; 10.04: multiple vulnerabilities), libyaml (14.10, 14.04, 12.04: denial of service), libyaml-libyaml-perl (14.10, 14.04, 12.04: denial of service), linux-lts-trusty (12.04: multiple vulnerabilities), linux-lts-utopic (14.04: multiple vulnerabilities), linux-ti-omap4 (12.04: multiple vulnerabilities), openssl (14.10, 14.04, 12.04, 10.04: multiple vulnerabilities), and pyyaml (14.10, 14.04, 12.04: denial of service).

More in Tux Machines

BackBox Linux 4.1 Is a Powerful Penetration Testing Distro Based on Ubuntu 14.04.1

BackBox Linux is a distribution based on Ubuntu 14.04.1 LTS, that is built to perform penetration tests and security assessments. A new version has been released and is now available for upgrade and testing. Read more

Airdroid - Transfer Files Between Android Phones/Tablets And Linux (Any Distribution)

 
airdroid transfer file between android phone/tablet and linux mint ubuntu
We often need to transfer large amount data in the form of mp3 Songs, Video Songs, Movies and most importantly, large Games between android phones/tablets and Linux machine. Transferring via USB cable takes time, so let's do it with 'Airdroid' easily and quickly.
 
 
 
 

Read at LinuxAndUbuntu

If You Like the Terminal, You Will Love the Terminal-Only Alpine Linux OS

Security-oriented, lightweight Linux distribution Alpine Linux is based on based on musl libc and Busybox, which make up the terminal, has been upgraded once more and is now available for download. Read more

Android Wear just got very, very smart

Google's Android Wear software just got smart - very smart - simply because it integrates Google Now top to bottom. With an update to Google Now comes an update to Android Wear, and what we're seeing today is an explosive update that'll make the suggestions for directions and sports scores you've been getting so far seem like drops in a barrel of friendly, and I daresay helpful, updates from apps of all kinds. Everything from eBay auction updates to the ability to "Download Venice" - all on your wrist, very soon. Read more