Language Selection

English French German Italian Portuguese Spanish


Syndicate content is a comprehensive source of news and opinions from and about the Linux community. This is the main feed, listing all articles which are posted to the site front page.
Updated: 5 hours 2 min ago

Kügler: Plasma’s road ahead

Tuesday 18th of October 2016 07:36:01 PM
Sebastian Kügler reports on KDE's Plasma team meeting. "We took this opportunity to also look and plan ahead a bit further into the future. In what areas are we lacking, where do we want or need to improve? Where do we want to take Plasma in the next two years?" Specific topics include release schedule changes, UI and theming improvements, feature backlog, Wayland, mobile, and more. (Thanks to Paul Wise)

Tuesday's security updates

Tuesday 18th of October 2016 04:22:57 PM

Debian-LTS has updated libarchive (three vulnerabilities), libxrandr (insufficient validation), libxrender (insufficient validation), and quagga (stack overrun).

openSUSE has updated ffmpeg (Leap42.1; SPH for SLE12: multiple vulnerabilities) and kcoreaddons (Leap42.1, 13.2; SPH for SLE12: HTML injection).

Red Hat has updated atomic-openshift (RHOSCP: authentication bypass), kernel (RHEL6.5: privilege escalation), and openssl (RHEL6.7: multiple vulnerabilities).

[$] Graphics world domination may be closer than it appears

Tuesday 18th of October 2016 02:25:40 PM
The mainline kernel has support for a wide range of hardware. One place where support has traditionally been lacking, though, is graphics adapters. As a result, a great many people are still using proprietary, out-of-tree GPU drivers. Daniel Vetter went before the crowd at Kernel Recipes 2016 to say that the situation is not as bad as some think; indeed, he said, in this area as well as others, world domination is proceeding according to plan.

Secure Your Containers with this One Weird Trick (RHEL Blog)

Monday 17th of October 2016 05:55:41 PM
Over on the Red Hat Enterprise Linux Blog, Dan Walsh writes about using Linux capabilities to help secure Docker containers. "Let’s look at the default list of capabilities available to privileged processes in a docker container: chown, dac_override, fowner, fsetid, kill, setgid, setuid, setpcap, net_bind_service, net_raw, sys_chroot, mknod, audit_write, setfcap. In the OCI/runc spec they are even more drastic only retaining, audit_write, kill, and net_bind_service and users can use ocitools to add additional capabilities. As you can imagine, I like the approach of adding capabilities you need rather than having to remember to remove capabilities you don’t." He then goes through the capabilities listed describing what they govern and when they might need to be turned on for a container application.

Security advisories for Monday

Monday 17th of October 2016 03:40:38 PM

Arch Linux has updated guile (two vulnerabilities).

Debian has updated libgd2 (denial of service).

Debian-LTS has updated icedove (multiple vulnerabilities), libarchive (file overwrite), libdbd-mysql-perl (denial of service), and mpg123 (denial of service).

Fedora has updated chromium (F24: multiple vulnerabilities).

Gentoo has updated oracle-jdk-bin (multiple vulnerabilities).

openSUSE has updated thunderbird (13.1: multiple vulnerabilities) and tiff (13.1: denial of service).

Oracle has updated openssl (OL5: multiple vulnerabilities).

Red Hat has updated chromium-browser (RHEL6: multiple vulnerabilities).

A set of stable kernels

Sunday 16th of October 2016 06:35:49 PM
The 4.8.2, 4.7.8, and 4.4.25 stable kernels have been released. Each contains the usual set of important fixes.

The 4.9 merge window closes

Saturday 15th of October 2016 08:10:59 PM
Linus has released 4.9-rc1 and closed the merge window for this release one day earlier than some might have expected. "My own favorite 'small detail under the hood' happens to be Andy Lutomirski's new virtually mapped kernel stack allocations. They make it easier to find and recover from stack overflows, but the effort also cleaned up some code, and added a kernel stack mapping cache to avoid any performance downsides." The virtually mapped kernel stack work was covered here in June. There were 14,308 non-merge changesets pulled for this release, meaning that 4.9 will be, by far, the busiest development cycle ever.

Celebrating open standards around the world

Friday 14th of October 2016 07:04:13 PM celebrates World Standards Day on October 14. "Whether in the world of software, where without standards we would have been unable to connect the world through the Internet and the World Wide Web, or the physical world, where standards make nearly everything you buy easier, more useful, and safer, the world would be a difficult place to navigate without standards. And critical to the useful of standards is making them available to all in an accessible, free format, unencumbered by legal or other hurdles."

[$] PostgreSQL 9.6 improves synchronous replication and more

Friday 14th of October 2016 06:05:58 PM
The PostgreSQL project released version 9.6 on September 29th. This new major release has an assortment of new goodies for PostgreSQL fans, including parallel query and phrase search, new options for synchronous replication, remote query execution using foreign data wrappers, "crosstab" data transformations in psql, and more. Together with version 9.6, the community released a completely rewritten version of the pgAdmin database graphical interface. We'll explore multiple synchronous replicas, foreign data wrapper changes, crosstabs and the new pgAdmin here.

Friday's security advisories

Friday 14th of October 2016 04:05:32 PM

Arch Linux has updated gdk-pixbuf2 (denial of service).

Debian has updated freeimage (two vulnerabilities).

Debian-LTS has updated libxfixes (integer overflow).

Fedora has updated dbus (F24: code execution) and xen (F24; F23: three vulnerabilities).

openSUSE has updated compat-openssl098 (Leap42.1: multiple vulnerabilities), derby (13.2: information leak), libreoffice (Leap42.1: code execution), php5 (Leap42.1: multiple vulnerabilities), go1.4 (SPH for SLE12: denial of service), systemd (Leap42.1: denial of service), and unzip (13.2: two vulnerabilities).

Oracle has updated kernel 4.1.12 (OL7; OL6: stack corruption).

Red Hat has updated mariadb-galera (RHOSP9; RHELOSP7 for RHEL7; RHELOSP6 for RHEL7; RHELOSP5 for RHEL7; RHELOSP5 for RHEL6: SQL injection/privilege escalation).

SUSE has updated xen (SLE12; SLES11-SP2: multiple vulnerabilities).

Ubuntu has updated linux-ti-omap4 (12.04: three vulnerabilities).

KDE celebrates 20 years

Friday 14th of October 2016 01:39:05 PM notes the 20th anniversary of the KDE project. "In the 20 years since then so much has happened. We released great software, fought for software freedom and empowered people all over the world to take charge of their digital life. In many ways we have achieved what we set out to do 20 years ago - 'a consistent, nice looking free desktop-environment' and more."

For those feeling nostalgic, there is a new version of the KDE 1.1.2 desktop ported to contemporary systems.

Guile security vulnerability w/ listening on localhost + port

Thursday 13th of October 2016 06:07:14 PM
Christopher Allan Webber looks at a security vulnerability in Guile. Guile applications are generally not vulnerable, but arbitrary scheme code may by used to attack the systems of Guile developers. "There is also a lesson here that applies beyond Guile: the presumption that "localhost" is only accessible by local users can't be guaranteed by modern operating system environments. If you are looking to provide local-execution-only, we recommend using unix domain sockets or named pipes. Don't rely on localhost plus some port."

Ubuntu 16.10 (Yakkety Yak) released

Thursday 13th of October 2016 04:39:37 PM
Ubuntu 16.10 (Yakkety Yak) has been released. "Under the hood, there have been updates to many core packages, including a new 4.8-based kernel, a switch to gcc-6, and much more." The flavors Kubuntu, Lubuntu, Ubuntu GNOME, Ubuntu Kylin, Ubuntu MATE, Ubuntu Studio, and Xubuntu have also been released. Ubuntu 16.10 will be supported for 9 months.

Thursday's security updates

Thursday 13th of October 2016 04:33:44 PM

Arch Linux has updated crypto++ (information disclosure).

Fedora has updated bash (F23: code execution), chromium (F23: multiple vulnerabilities), freeimage (F24; F23: code execution), mingw-freeimage (F24; F23: code execution), perl-DBD-MySQL (F24: denial of service), and python-pillow (F23: memory disclosure).

Mageia has updated libass (three vulnerabilities) and ruby (encrypted ciphertext duplication).

openSUSE has updated flash-player (13.2; 13.1: multiple vulnerabilities), irssi (Leap42.1, 13.2: three vulnerabilities), python-suds-jurko (Leap42.1: symbolic link attack from 2013), systemd (13.2: denial of service), tiff (Leap42.1: multiple vulnerabilities), and tiff (13.2: denial of service).

Red Hat has updated flash-plugin (RHEL5,6: multiple vulnerabilities).

SUSE has updated firefox (SLE11-SP3,4: multiple vulnerabilities) and flash-playerqemu (SLE12-SP1: multiple vulnerabilities).

Ubuntu has updated libdbd-mysql-perl (14.04, 12.04: three vulnerabilities) and quagga (16.04, 14.04, 12.04: two vulnerabilities).

Apache OpenOffice 4.1.3 released

Thursday 13th of October 2016 04:05:23 PM
The long-awaited OpenOffice 4.1.3 release is out. "Apache OpenOffice 4.1.3 is a maintenance release incorporating important bug fixes, security fixes, updated dictionaries, and build fixes. All users of Apache OpenOffice 4.1.2 or earlier are advised to upgrade."

[$] Weekly Edition for October 13, 2016

Thursday 13th of October 2016 12:55:48 AM
The Weekly Edition for October 13, 2016 is available.

Security advisories for Wednesday

Wednesday 12th of October 2016 03:56:09 PM

CentOS has updated kernel (C7: stack corruption), tomcat (C7: multiple vulnerabilities), and tomcat6 (C6: multiple vulnerabilities).

Debian has updated ghostscript (multiple vulnerabilities).

Fedora has updated ca-certificates (F24: certificate update), nsd (F24: denial of service), and openssl (F23: multiple vulnerabilities).

Gentoo has updated bind (multiple vulnerabilities).

Mageia has updated libgd (denial of service), openssl (multiple vulnerabilities), and python-twisted-web (HTTP proxy redirect).

openSUSE has updated kde-cli-tools5 (SPH for SLE12; Leap42.1, 13.2: code execution), nodejs (Leap42.1, 13.2: multiple vulnerabilities), and xen (Leap42.1; 13.2: multiple vulnerabilities).

Scientific Linux has updated kernel (SL7: stack corruption), tomcat (SL7: multiple vulnerabilities), and tomcat6 (SL6: multiple vulnerabilities).

SUSE has updated ghostscript-library (SLE12-SP1; SLE11-SP2,3,4: multiple vulnerabilities) and xen (SLE11-SP4: multiple vulnerabilities).

Ubuntu has updated kdepimlibs (12.04: HTML injection) and tracker (16.04: denial of service).

[$] An update on input

Tuesday 11th of October 2016 09:20:10 PM
Peter Hutterer gave an update on the input stack at the 2016 X.Org Developers Conference (XDC). A lot has been accomplished, but there is, naturally, more to do—especially as more and more quirky (or buggy) input hardware is released. But, overall Hutterer painted a picture of a mature subsystem that is largely feature-complete at this point.

Announcing Google Code-in 2016 and Google Summer of Code 2017

Tuesday 11th of October 2016 08:36:59 PM
The Google Open Source Programs Office has announced Google Code-in 2016 and Google Summer of Code 2017. Google Code-in is for students from 13-17 years of age who would like to explore open source. "Students will find opportunities to learn and get hands on experience with tasks from a range of categories. This structure allows students to stretch themselves as they take on increasingly more challenging tasks." Students will begin on November 28.

Student applications for Google Summer of Code (GSoC) open on March 20, 2017. Applications for interested open source organizations open on January 19. GSoC "provides university students from around the world with an opportunity to take their skills and hone them by contributing to open source projects during their summer break from university."

The FSF seeks nominations for the annual Free Software Awards

Tuesday 11th of October 2016 07:37:07 PM
The Free Software Foundation and the GNU Project are asking for nominations for the 19th annual Free Software Awards. The Award for the Advancement of Free Software will be presented to "an individual who has made a great contribution to the progress and development of free software, through activities that accord with the spirit of free software" and the Award for Projects of Social Benefit will be presented to "the project or team responsible for applying free software, or the ideas of the free software movement, in a project that intentionally and significantly benefits society in other aspects of life." The deadline for nominations is November 6.

More in Tux Machines

Build open source clouds with 4 OpenStack guides and tutorials

Every time you turn around, it seems like there’s a new open source project which might be of value to a cloud administrator. A huge number of these projects fall under the umbrella of OpenStack, the open source cloud toolkit. And it may seem impossible keep up. Fortunately, there are plenty of tools out there to help with growing your OpenStack knowledge base, from meetups and in-person training, to mailing lists and IRC channels, to books, websites, and the official documentation. Read more

Reusable theme to fix accessibility sites

Public administrations that need to make their website comply with rules on accessibility and open standards should consider reusing, a port of the government’s Digital Services theme, built on Boostrap’s html and css templates. Read more

Alpine Linux 3.4.5 Released with Linux Kernel 4.4.27 LTS, Latest Security Fixes

A new maintenance update of the server-oriented Alpine Linux 3.4 operating system has been released, bringing a new Linux kernel version from the long-term supported 4.4 series and the latest security patches. Read more

DebEX Distro Now Lets You Create an Installable Debian 9 Live DVD with Refracta

After informing us of the release of Exton|OS Light Build 161021, today, October 26, 2016, GNU/Linux developer Arne Exton sent an email to announce the availability of DebEX Barebone Build 161025. The latest version of the DebEX Barebone GNU/Linux distribution, build 161025, is here, based on the soon-to-be-released Debian GNU/Linux 9 "Stretch" (Debian Testing) operating system and kernel 4.8.0-21-exton, a specially crafted Linux kernel package based on the latest stable Linux 4.8 kernel. Read more Just released: KNOPPIX 7.7.1 Public Release