Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 2 hours 2 min ago

Security updates for Thursday

Thursday 30th of July 2020 04:45:21 PM
Security updates have been issued by Arch Linux (webkit2gtk), CentOS (GNOME, grub2, and kernel), Debian (firefox-esr, grub2, json-c, kdepim-runtime, libapache2-mod-auth-openidc, net-snmp, and xrdp), Gentoo (chromium and firefox), Mageia (podofo), openSUSE (knot and tomcat), Oracle (grub2, kernel, postgresql-jdbc, and python-pillow), Red Hat (firefox, grub2, kernel, and kernel-rt), SUSE (grub2), and Ubuntu (firefox, grub2, grub2-signed, and librsvg).

Grub2 updates for Red Hat systems are making some unbootable

Thursday 30th of July 2020 04:44:23 PM
As reported in the comments on the Grub2 secure-boot vulnerabilities report, the updates for grub2 for RHEL 8 and CentOS 8 are making some systems unbootable. The boot problems are seemingly unrelated to whether the system has secure boot enabled. It may be worth waiting a bit for that to shake out.

[$] LWN.net Weekly Edition for July 30, 2020

Thursday 30th of July 2020 12:23:48 AM
The LWN.net Weekly Edition for July 30, 2020 is available.

[$] Open-source CNCing

Wednesday 29th of July 2020 06:50:09 PM
Last year Sienci Labs finished its Kickstarter campaign for the open-source LongMill Benchtop CNC Router — its second successful open-source CNC machine Kickstarter campaign. CNC routers allow users to mill things (like parts) from raw materials (like a block of aluminum) based on a 3D-model. The LongMill is a significant improvement over the original sold-out Mill One and makes professional-quality machining based entirely on open-source technology a reality. As an owner of a LongMill, I will walk through the various open-source technologies that make this tool a cornerstone of my home workshop.

A long list of GRUB2 secure-boot holes

Wednesday 29th of July 2020 06:47:47 PM
Several vulnerabilities have been disclosed in the GRUB2 bootloader; they enable the circumvention of the UEFI secure boot mechanism and the persistent installation of hostile software. Fixing the problem is not just a matter of getting a new GRUB2 installation, unfortunately. "It is important to note that updating the exploitable binaries does not in fact mitigate the CVE, since an attacker could bring an old, exploitable, signed copy of a grub binary onto a system with whatever kernel they wished to load. In order to mitigate, the UEFI Revocation List (dbx) must be updated on a system. Once the UEFI Revocation List is updated on a system, it will no longer boot binaries that pre-date these fixes. This includes old install media."

Four stable kernels

Wednesday 29th of July 2020 03:17:58 PM
Stable kernels 5.7.11, 5.4.54, 4.19.135, and 4.14.190 have been released. They all contain important fixes and users should upgrade.

[$] A look at Dart

Wednesday 29th of July 2020 03:14:41 PM
Dart is a BSD-licensed programming language from Google with a mature open-source community supporting the project. It works with multiple architectures, is capable of producing native machine-code binaries, and can also produce JavaScript versions of its applications. Dart version 1.0 was released in 2013, with the most recent version, 2.8, released on June 3 (2.9 is currently in public beta). Among the open-source projects using Dart is the cross-device user-interface (UI) toolkit Flutter. We recently covered the Canonical investment in Flutter to help drive more applications to the Linux desktop, and Dart is central to that story.

Security updates for Wednesday

Wednesday 29th of July 2020 02:58:51 PM
Security updates have been issued by Debian (curl, firefox-esr, luajit, and salt), Fedora (clamav, java-1.8.0-openjdk, and java-11-openjdk), Gentoo (claws-mail, dropbear, ffmpeg, libetpan, mujs, mutt, and rsync), openSUSE (qemu), Red Hat (openstack-tripleo-heat-templates), SUSE (freerdp, ldb, rubygem-puma, samba, and webkit2gtk3), and Ubuntu (mysql-5.7, mysql-8.0 and sympa).

GNU nano 5.0 released

Wednesday 29th of July 2020 02:25:12 PM
Version 5.0 of the GNU nano text editor is out; it contains a number of improvements to the editing experience. "With --indicator (or -q or 'set indicator') nano will show a kind of scrollbar on the righthand side of the screen to indicate where in the buffer the viewport is located and how much it covers."

[$] Lockless algorithms for mere mortals

Tuesday 28th of July 2020 07:34:08 PM
Time, as some have said, is nature's way of keeping everything from happening at once. In today's highly concurrent computers, though, time turns out not to be enough to keep events in order; that task falls to an extensive set of locking primitives and, below those, the formalized view of memory known as the Linux kernel memory model. It takes a special kind of mind to really understand the memory model, though; kernel developers lacking that particular superpower are likely to make mistakes when working in areas where the memory model comes into play. Working at that level is increasingly necessary for performance purposes, though; a recent conversation points out ways in which the kernel could make that kind of work easier for ordinary kernel developers.

Firefox 79.0

Tuesday 28th of July 2020 03:51:54 PM
Firefox 79.0 has been released. This version has improved accessibility for people using screen readers. See the release notes for more details.

[$] TLS gets a boost from Arduino for IoT devices

Tuesday 28th of July 2020 03:18:03 PM
Arduino devices are a favorite among do-it-yourself (DIY) enthusiasts to create, among other things, Internet of Things (IoT) devices. We have previously covered the Espressif ESP8266 family of devices that can be programmed using the Arduino SDK, but the Arduino project itself also provides WiFi-enabled devices such as the Arduino MKR WiFi 1010 board. Recently, the Arduino Security Team raised the problem of security shortcomings of IoT devices in a post, and how the Arduino project is working to make improvements. We will take the opportunity to share some interesting things from that, and also look at the overall state of TLS support in the Arduino and Espressif SDK projects.

Historical programming-language groups disappearing from Google

Tuesday 28th of July 2020 03:04:34 PM
As Alex McDonald notes in this support request, Google has recently banned the old Usenet groups comp.lang.forth and comp.lang.lisp from the Google Groups system. "Of specific concern is the archive. These are some of the oldest groups on Usenet, and the depth & breadth of the historical material that has just disappeared from the internet, on two seminal programming languages, is huge and highly damaging. These are the history and collective memories of two communities that are being expunged, and it's not great, since there is no other comprehensive archive after Google's purchase of Dejanews around 20 years ago." Perhaps Google can be convinced to restore the content, but it also seems that some of this material could benefit from a more stable archive.

Security updates for Tuesday

Tuesday 28th of July 2020 02:58:34 PM
Security updates have been issued by openSUSE (cacti, cacti-spine, go1.13, SUSE Manager Client Tools, and tomcat), Red Hat (postgresql-jdbc and python-pillow), Slackware (mozilla), SUSE (python-Django and python-Pillow), and Ubuntu (clamav, librsvg, libslirp, linux-gke-5.0, linux-oem-osp1, linux-hwe, linux-azure-5.3, linux-gcp-5.3, linux-gke-5.3, linux-hwe, linux-oracle-5.3, and sqlite3).

Git v2.28.0

Monday 27th of July 2020 05:29:37 PM
Version 2.28.0 of the git version control system has been released. "It is smaller than the releases in our recent past, mostly due to the development cycle was near the shorter end of the spectrum (our cycles last 8-12 weeks and this was a rare 8-week cycle)."

See this GitHub Blog post for details on the new features in this release.

Security updates for Monday

Monday 27th of July 2020 02:51:53 PM
Security updates have been issued by Debian (e2fsprogs, ffmpeg, milkytracker, mupdf, openjdk-11, and qemu), Fedora (bashtop), Gentoo (ant, arpwatch, awstats, cacti, chromium, curl, dbus, djvu, filezilla, firefox, freexl, fuseiso, fwupd, glib-networking, haml, hylafaxplus, icinga, jhead, lha, libexif, libreswan, netqmail, nss, ntfs3g, ntp, ocaml, okular, ossec-hids, qtgui, qtnetwork, re2c, reportlab, samba, sarg, sqlite, thunderbird, transmission, tre, twisted, webkit-gtk, wireshark, and xen), openSUSE (cacti, cacti-spine, chromium, freerdp, go1.13, kernel, knot, libraw, LibVNCServer, perl-YAML-LibYAML, salt, tomcat, vino, and webkit2gtk3), and SUSE (mailman, rubygem-excon, rust, rust-cbindgen, samba, and tomcat).

Kernel prepatch 5.8-rc7

Monday 27th of July 2020 01:24:06 PM
The 5.8-rc7 kernel prepatch is out for testing; Linus is unsure about whether things are slowing down enough or not. "But it *might* mean that an rc8 is called for. It's not like rc7 is *big* big. We've had bigger rc7's. Both 5.3 and 5.5 had bigger rc7's, but only 5.3 ended up with an rc8. Put another way: it could still go either way. We'll see how this upcoming week goes."

[$] Mycroft: an open-source voice assistant

Friday 24th of July 2020 09:40:25 PM
Mycroft is a free and open-source software project aimed at providing voice-assistant technology, licensed under the Apache 2.0 license. It is an interesting alternative to closed-source commercial offerings such as Amazon Alexa, Google Home, or Apple Siri. Use of voice assistants has become common among consumers, but the privacy concerns surrounding them are far-reaching. There have been multiple instances of law enforcement's interest in the data these devices produce for use against their owners. Mycroft claims to offer a privacy-respecting, open-source alternative, giving users a choice on how much of their personal data is shared and with whom.

Bison 3.7 released

Friday 24th of July 2020 03:12:22 PM
Version 3.7 of the Bison parser generator is out. The biggest new feature would appear to be the generation of "counterexamples" for conflicts — examples of strings that could be parsed in multiple ways. There is also better support for reproducible builds, documentation links in warnings, and more.

digiKam 7.0.0 released

Friday 24th of July 2020 02:05:32 PM
Version 7.0.0 of the digiKam photo editing and management application is out. This release adds support for a number of new raw formats, support for Apple's HEIF format, and a new mosaic plugin. The headline feature, though, appears to be completely reworked face detection: "The new code, based on recent Deep Neural Network features from the OpenCV library, uses neuronal networks with pre-learned data models dedicated for the Face Management. No learning stage is required to perform face detection and recognition. We have saved coding time, run-time speed, and a improved the success rate which reaches 97% of true positives. Another advantage is that it is able to detect non-human faces, such as those of dogs."

More in Tux Machines

The Best Linux Distributions for Old Machines

Do you have an old laptop that has gathered layers of dust over time and you don’t exactly what to do with it? A good place to start would be to install a Linux distribution that will perfectly support its low-end hardware specifications without much of a hassle. You could still enjoy performing basic tasks such as web browsing, word processing, and watching videos, listening to your favourite music to mention a few. In this guide, we feature some of the best Linux distributions that you can install on your old PC and breathe some life into it. Read more

5 tips for making documentation a priority in open source projects

Open source software is now mainstream; long gone are the days when open source projects attracted developers alone. Nowadays, users across numerous industries are active consumers of open source software, and you can't expect everyone to know how to use the software just by reading the code. Even for developers (including those with plenty of experience in other open source projects), good documentation serves as a valuable onboarding tool when people join a community. People who are interested in contributing to a project often start by working on documentation to get familiar with the project, the community, and the community workflow. Read more

5 reasons to run Kubernetes on your Raspberry Pi homelab

There's a saying about the cloud, and it goes something like this: The cloud is just somebody else's computer. While the cloud is actually more complex than that (it's a lot of computers), there's a lot of truth to the sentiment. When you move to the cloud, you're moving data and services and computing power to an entity you don't own or fully control. On the one hand, this frees you from having to perform administrative tasks you don't want to do, but, on the other hand, it could mean you no longer control your own computer. This is why the open source world likes to talk about an open hybrid cloud, a model that allows you to choose your own infrastructure, select your own OS, and orchestrate your workloads as you see fit. However, if you don't happen to have an open hybrid cloud available to you, you can create your own—either to help you learn how the cloud works or to serve your local network. Read more

today's howtos and leftovers

  • Linux commands for user management
  • CONSOOM All Your PODCASTS From Your Terminal With Castero
  • Install Blender 3D on Debian 10 (Buster)
  • Things To Do After Installing openSUSE Leap 15.2
  • GSoC Reports: Fuzzing Rumpkernel Syscalls, Part 2

    I have been working on Fuzzing Rumpkernel Syscalls. This blogpost details the work I have done during my second coding period.

  • Holger Levsen: DebConf7

    DebConf7 was also special because it had a very special night venue, which was in an ex-church in a rather normal building, operated as sort of community center or some such, while the old church interior was still very much visible as in everything new was build around the old stuff. And while the night venue was cool, it also ment we (video team) had no access to our machines over night (or for much of the evening), because we had to leave the university over night and the networking situation didn't allow remote access with the bandwidth needed to do anything video. The night venue had some very simple house rules, like don't rearrange stuff, don't break stuff, don't fix stuff and just a few little more and of course we broke them in the best possible way: Toresbe with the help of people I don't remember fixed the organ, which was broken for decades. And so the house sounded in some very nice new old tune and I think everybody was happy we broke that rule.