Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 6 weeks 5 days ago

The 4.16 kernel is out

Sunday 1st of April 2018 11:48:49 PM
Linus has released the 4.16 kernel, as expected. "We had a number of fixes and cleanups elsewhere, but none of it made me go 'uhhuh, better let this soak for another week'". Some of the headline changes in this release include initial support for the Jailhouse hypervisor, the usercopy whitelisting hardening patches, some improvements to the deadline scheduler and, of course, a lot of Meltdown and Spectre mitigation work.

More stable kernel updates

Saturday 31st of March 2018 06:11:58 PM
The stable kernel update machine continues to generate releases: 4.15.15, 4.14.32, 4.9.92, and 4.4.126 are now available with another set of important fixes.

[$] A look at terminal emulators, part 1

Friday 30th of March 2018 06:12:51 PM

Terminals have a special place in computing history, surviving along with the command line in the face of the rising ubiquity of graphical interfaces. Terminal emulators have replaced hardware terminals, which themselves were upgrades from punched cards and toggle-switch inputs. Modern distributions now ship with a surprising variety of terminal emulators. While some people may be happy with the default terminal provided by their desktop environment, others take great pride at using exotic software for running their favorite shell or text editor. But as we'll see in this two-part series, not all terminals are created equal: they vary wildly in terms of functionality, size, and performance.

Security updates for Friday

Friday 30th of March 2018 03:13:44 PM
Security updates have been issued by Debian (memcached, openssl, openssl1.0, php5, thunderbird, and xerces-c), Fedora (python-notebook, slf4j, and unboundid-ldapsdk), Mageia (kernel, libvirt, mailman, and net-snmp), openSUSE (aubio, cacti, cacti-spine, firefox, krb5, LibVNCServer, links, memcached, and tomcat), Slackware (ruby), SUSE (kernel and python-paramiko), and Ubuntu (intel-microcode).

[$] An audit container ID proposal

Thursday 29th of March 2018 05:22:46 PM
The kernel development community has consistently resisted adding any formal notion of what a "container" is to the kernel. While the needed building blocks (namespaces, control groups, etc.) are provided, it is up to user space to assemble the pieces into the sort of container implementation it needs. This approach maximizes flexibility and makes it possible to implement a number of different container abstractions, but it also can make it hard to associate events in the kernel with the container that caused them. Audit container IDs are an attempt to fix that problem for one specific use case; they have not been universally well received in the past, but work on this mechanism continues regardless.

Announcing Rust 1.25

Thursday 29th of March 2018 04:15:38 PM
The Rust team has announced the release of Rust 1.25.0. "The last few releases have been relatively minor, but Rust 1.25 contains a bunch of stuff! The first one is straightforward: we’ve upgraded to LLVM 6 from LLVM 4. This has a number of effects, a major one being a step closer to AVR support." See the release notes for details.

Four new stable kernels

Thursday 29th of March 2018 02:41:56 PM
Greg Kroah-Hartman has announced the release of the 4.15.14, 4.14.31, 4.9.91, and 4.4.125 stable kernels. As usual, they contain a wide array of fixes throughout the kernel tree; users should upgrade.

Security updates for Thursday

Thursday 29th of March 2018 01:59:26 PM
Security updates have been issued by Debian (drupal7, graphicsmagick, libdatetime-timezone-perl, thunderbird, and tzdata), Fedora (gd, libtiff, mozjs52, and nmap), Gentoo (thunderbird), Red Hat (openstack-tripleo-common, openstack-tripleo-heat-templates and sensu), SUSE (kernel, libvirt, and memcached), and Ubuntu (icu, librelp, openssl, and thunderbird).

[$] LWN.net Weekly Edition for March 29, 2018

Thursday 29th of March 2018 12:00:34 AM
The LWN.net Weekly Edition for March 29, 2018 is available.

[$] DNF 3: better performance and a move to C++

Wednesday 28th of March 2018 10:17:30 PM

It has only been a few years since DNF replaced Yum as the default Fedora package-management tool; that was done for Fedora 22 in 2015, though DNF had been available for several earlier Fedora releases. Since that time, DNF development has proceeded; it started a move from Python/C to all C in 2016 and has made multiple releases over the years. From an outsider's perspective, no major changes seem necessary, which makes the announcement of DNF 3, and a move to C++, a bit surprising to some.

[$] Recent improvements to Tor

Wednesday 28th of March 2018 08:58:23 PM
We may need Tor, "the onion router", more than we ever imagined. Authoritarian states are blocking more and more web sites and snooping on their populations online—even routine tracking of our online activities can reveal information that can be used to undermine democracy. Thus, there was strong interest in the "State of the Onion" panel at the 2018 LibrePlanet conference, where four contributors to the Tor project presented a progress update covering the past few years.

Subscribers can read on for a report on the panel by guest author Andy Oram.

A serious Drupal security issue

Wednesday 28th of March 2018 07:55:35 PM
The Drupal security team has sent out a "highly critical" alert: "A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised." This seems worth avoiding; updating to the current version is the way to do that. There is an FAQ page with a little more information.

DomTerm 1.0 released

Wednesday 28th of March 2018 06:57:22 PM
Per Bothner has released DomTerm 1.0. Since DomTerm was covered here in January 2016, many features have been added or enhanced. (See this article on opensource.com.) DomTerm is a mostly-xterm-compatible terminal emulator, but the output can be graphics, rich text, and other html, so it is suitable as a REPL for a program like gnuplot. Other major features include screen/tmux-style tiling and detachable sessions, readline-style input editing (integrated with mouse and clipboard), and opening an editor when clicking an error message.

Qubes OS 4.0 has been released

Wednesday 28th of March 2018 06:40:12 PM
The security-focused distribution Qubes OS has released version 4.0. "This release delivers on the features we promised in our announcement of Qubes 4.0-rc1, with some course corrections along the way, such as the switch from HVM to PVH for most VMs in response to Meltdown and Spectre. For more details, please see the full Release Notes."

[$] An introduction to projectM

Wednesday 28th of March 2018 04:10:32 PM

Many people have seen music visualizations before, whether in a music player on their computer, at a live concert, or possibly on a home stereo system. Those visualizations may have been generated using the open-source music-visualization software library that is part of projectM. Software-based abstract visualizers first appeared along with early MP3 music players as a sort of nifty thing to watch along with listening to your MP3s. One of the most powerful and innovative of these was a plugin for Winamp known as MilkDrop, which was developed by a Nullsoft (and later NVIDIA) employee named Ryan Geiss. The plugin was extensible by using visualization equation scripts (also known as "presets").

Subscribers can read on for a look at projectM by guest author (and projectM maintainer) Mischa Spiegelmock.

Security updates for Wednesday

Wednesday 28th of March 2018 02:40:55 PM
Security updates have been issued by CentOS (slf4j), Debian (firefox-esr, mupdf, net-snmp, and samba), Fedora (apache-commons-compress, calibre, chromium, glpi, kernel, libvncserver, libvorbis, mozjs52, ntp, slurm, sqlite, and wireshark), openSUSE (librelp), SUSE (librelp, LibVNCServer, and qemu), and Ubuntu (firefox and zsh).

[$] Read-only dynamic data

Tuesday 27th of March 2018 11:27:20 PM
Kernel developers go to some lengths to mark read-only data so that it can be protected by the system's memory-management unit. Memory that cannot be changed cannot be altered by an attacker to corrupt the system. But the kernel's mechanisms for managing read-only memory do not work for memory that must be initialized after the initial system bootstrap has completed. A patch set from Igor Stoppa seeks to change that situation by creating a new API just for late-initialized read-only data.

Kubernetes 1.10 released

Tuesday 27th of March 2018 08:46:18 PM
Kubernetes 1.10 has been released. "This newest version stabilizes features in 3 key areas, including storage, security, and networking. Notable additions in this release include the introduction of external kubectl credential providers (alpha), the ability to switch DNS service to CoreDNS at install time (beta), and the move of Container Storage Interface (CSI) and persistent local volumes to beta."

Appeals Court Overturns Google's Fair Use Victory For Java APIs (Techdirt)

Tuesday 27th of March 2018 06:29:55 PM
Techdirt reports that the US Court of Appeals for the Federal Circuit (CAFC) has resurrected Oracle's copyright claim against Google for its use of the Java APIs in Android. "Honestly, the most concerning part of the whole thing is how much of a mess CAFC has made of the whole process. The court ruled correctly originally that APIs are not subject to copyright. CAFC threw that out and ordered the court to have a jury determine the fair use question. The jury found it to be fair use, and even though CAFC had ordered the issue be heard by a jury, it now says 'meh, we disagree with the jury.' That's... bizarre."

Security updates for Tuesday

Tuesday 27th of March 2018 03:25:39 PM
Security updates have been issued by Debian (firefox-esr, irssi, and librelp), Gentoo (busybox and plib), Mageia (exempi and jupyter-notebook), openSUSE (clamav, dhcp, nginx, python-Django, python3-Django, and thunderbird), Oracle (slf4j), Red Hat (slf4j), Scientific Linux (slf4j), Slackware (firefox), SUSE (librelp), and Ubuntu (screen-resolution-extra).

More in Tux Machines

Today in Techrights

today's leftovers

  • Debian XU4 images updated
    I've updated my Debian images for the ODROID XU4; the newest build was done before stretch release, and a lot of minor adjustments have happened since then.
  • Parrot 4.0 Ethical Hacking Linux Distro Released
  • FBI says Russians hacked [sic] hundreds of thousands of home and office routers

    The warning followed a court order Wednesday that allowed the FBI to seize a website that the hackers [sic] planned to use to give instructions to the routers. Though that cut off malicious communications, it still left the routers infected, and Friday’s warning was aimed at cleaning up those machines.

  • FBI tells router users to reboot now to kill malware infecting 500k devices

    Researchers from Cisco’s Talos security team first disclosed the existence of the malware on Wednesday. The detailed report said the malware infected more than 500,000 devices made by Linksys, Mikrotik, Netgear, QNAP, and TP-Link. Known as VPNFilter, the malware allowed attackers to collect communications, launch attacks on others, and permanently destroy the devices with a single command. The report said the malware was developed by hackers [sic] working for an advanced nation, possibly Russia, and advised users of affected router models to perform a factory reset, or at a minimum to reboot.

Software and Games: KStars, Opera, OpenStack, MariaDB and More

  • KStars 2.9.6 is Released!
    I'm glad to announce the release of KStars 2.9.6 for Windows, MacOS, and Linux. This is a minor bugfix release.
  • Opera 54 Browser Enters Beta with News on the Speed Dial, Update & Recovery Menu
    Opera has promoted its upcoming Opera 54 web browser to the beta channel, giving us a glimpse of what to expect from the final version, due for release sometime next month. Based on the open-source Chromium 67.0.3396.18 web browser, Opera 54 recently entered beta stages of development with a plethora of new features and improvements, among which we can mention a new Update & Recovery Opera menu page that makes it easier for users to update the web browser and reset it to its default state, including the ability to clear temporary data, such as cookies.
  • OpenStack at a Crossroads
    The OpenStack of a few years ago is dead, however. What has emerged from the hype cycle is a materially different foundation, mission and software stack, with a great deal of change still ahead of it.
  • The OpenStack Foundation grows beyond OpenStack
    The OpenStack Foundation has made a considerable change to its development process and governance structure by introducing two open source projects that are not part of the OpenStack cloud platform. This week, the organization launched version 1.0 of Kata Containers - a runtime system with an emphasis on speed and security, enabling users to boot a VM in as little as five seconds - and introduced a brand new project called Zuul, spinning out the software development and integration platform that has been used by the OpenStack community internally since 2012.
  • Oracle nemesis MariaDB tries to lure enterprise folk with TX 3.0
    Open-source database biz MariaDB has upped the ante in its war against Oracle, promising enterprise customers better compatibility with – and easier migration from – Big Red. The Finnish firm's latest offering, MariaDB TX 3.0, released for GA today, extends the number of use cases to include temporal processing and advanced data protection for sensitive and personally identifiable information, as well as Oracle compatibility. The broad aim is to tap into customers' grumbles over legacy vendor lock-in, while convincing the bigger customers that they can move to an open-source database without compromising performance.
  • The Humble Monthly Bundle just added two great Linux games
    For those that are interested, you can secure a copy of two great Linux games in the current Humble Monthly Bundle. Just added today are: Get Cook, Serve, Delicious! 2!! Ken Follett's The Pillars of the Earth
  • SC-Controller 0.4.3 Released, Support Steam Controller & Sony DS4 Over Bluetooth
    For those looking to manage your Steam Controller and other supported Linux gaming peripheral input devices outside of Steam, there is a new release of the independently-developed SC-Controller Linux user-space software. While Linux 4.18 is bringing the Steam Controller kernel driver, for those looking for a Steam Controller solution right now to enjoy this excellent gaming controller for now outside of Steam, SC-Controller fills that void.

Huawei, Fuchsia and More

  • Huawei will no longer allow bootloader unlocking (Update: Explanation from Huawei)

    "In order to deliver the best user experience and prevent users from experiencing possible issues that could arise from ROM flashing, including system failure, stuttering, worsened battery performance, and risk of data being compromised, Huawei will cease providing bootloader unlock codes for devices launched after May 25, 2018. [...]"

  • Fuchsia Friday: How ad targeting might be a hidden cost of Fuchsia’s structure
     

    Fuchsia, by its nature, comes with the potential for a handful of new opportunities for ad targeting. Let’s peer into the dark side of Fuchsia’s innovative features.

  • iPhone Quarter, ZTE Troubles, Facebook Troubles, Nokia Come-back
     

    So the past month or two? The Quarterly results cycle came in. The item often of great interest is the Apple iPhone performance. 52.2 million iPhones shipped and that gives roughly a flat market share compared to the year before, so about 14%-15%. I'll come and do the full math later of the quarterly data. That race is no longer in any way interesting.

    But two Top 10 smartphone brands ARE in the news. One who is facing imminent death and the other who is making a miraculous return-from-dead. So imminent death and current Top 10 brand first. ZTE. The Trump administration has put a massive squeeze on ZTE and the company is in serious trouble of imminent collapse. Then bizarrely, Trump reversed course and felt he needed to protect CHINESE employment (???) and after yet another typical Trump-mess, we now are at a Never-Neverland where Trump's own party Republicans are revolting against their President and well, ZTE may end up a casualty of this mess. We'll keep an eye on it.

  •