Language Selection

English French German Italian Portuguese Spanish


Syndicate content is a comprehensive source of news and opinions from and about the Linux community. This is the main feed, listing all articles which are posted to the site front page.
Updated: 6 hours 53 min ago

Harrington: Wayland: Atomics Ahead!

Thursday 17th of September 2015 01:49:20 PM
Bryce Harrington writes about the current and future state of Wayland. "A lot of people are anticipating Wayland on their desktops. For now, we remain in a holding pattern while the DE developers roll out their Wayland support, but some of these efforts are reasonably mature enough now. The question starts to become whether there is an adequate ecosystem of Wayland enabled client applications. For things that can’t simply be moved to Wayland, the question is if Xwayland will be up to snuff. Exploring this space will take some pioneering spirits."

[$] Weekly Edition for September 17, 2015

Thursday 17th of September 2015 01:03:51 AM
The Weekly Edition for September 17, 2015 is available.

[$] How Debian managed the systemd transition

Wednesday 16th of September 2015 07:59:42 PM

Debian's decision to move to systemd as the default init system was a famously contentious (and rather public) debate. Once all the chaos regarding the decision itself had died down, however, it was left to project members to implement the change. At DebConf 2015 in Heidelberg, Martin Pitt and Michael Biebl gave a down-to-earth talk about how that implementation work had gone and what was still ahead.

Library’s Tor relay now restored (Ars Technica)

Wednesday 16th of September 2015 07:09:27 PM
Last week we reported that the Kilton Public Library in Lebanon, New Hampshire suspended its Tor node deployment due to criticism by the local police department. Ars Technica now reports that the Tor relay has been restored. "As Ars reported earlier, the goal of the Library Freedom Project is to set up Tor exit relays in as many of these ubiquitous public institutions as possible. As of now, only about 1,000 exit relays exist worldwide. If this plan is successful, it could vastly increase the scope and speed of the famed anonymizing network. For now, Kilton has a middle relay but has plans to convert it to an exit relay. A middle relay passes traffic to another relay before departing the Tor network on the exit relay."

[$] Python and crypto-strength random numbers by default

Wednesday 16th of September 2015 05:26:07 PM
There are various types of random number generators (RNGs) that target different use cases, but a programming language can only have one default. For high-security random numbers (e.g. cryptographic keys and the like), it is a grievous error to use the wrong kind of RNG, while other use cases are typically more forgiving. The Python community is in the middle of a debate about how it should be handling random numbers within the language's standard library.

Click below (subscribers only) for the full report.

Security advisories for Wednesday

Wednesday 16th of September 2015 04:41:35 PM

CentOS has updated kernel (C7: multiple vulnerabilities).

Debian has updated icu (denial of service).

Fedora has updated moodle (F22; F21: multiple vulnerabilities).

Oracle has updated kernel (OL7: multiple vulnerabilities) and qemu-kvm (OL7: information leak).

Red Hat has updated kernel (RHEL7: multiple vulnerabilities), kernel-rt (RHEL7; RHEMRG: multiple vulnerabilities), and qemu-kvm (RHEL7: information leak).

Scientific Linux has updated kernel (SL7: multiple vulnerabilities) and qemu-kvm (SL7: information leak).

Presidential candidate Lawrence Lessig goes one on one with Ars Technica

Tuesday 15th of September 2015 07:56:36 PM
A bit far afield, perhaps, but Lawrence Lessig is the co-founder of Creative Commons and a proponent of reduced legal restrictions on copyright and trademark. Ars Technica talks with Lawrence about his bid for the US presidency. "Ars: Does your copyleft past help or hurt your presidential bid? Lessig: Whatever you call it, I have the right position on copyright—namely, that it is essential, but needs to be updated to the digital age. If people want to challenge that position, then I’d have to make fair use of the words of Harry Callahan: “Go ahead, make my day.”"

Tuesday's security advisories

Tuesday 15th of September 2015 04:23:42 PM

Debian-LTS has updated openldap (denial of service).

Fedora has updated php (F22; F21: multiple vulnerabilities), php-doctrine-annotations (F22; F21: privilege escalation), php-doctrine-cache (F22; F21: privilege escalation), and php-doctrine-doctrine-bundle (F22; F21: privilege escalation).

Mageia has updated ipython (MG4,5: cross-site scripting), openldap (MG4,5: denial of service), php-ZendFramework (MG5; MG4: XML external entity attack), qemu (MG5; MG4: multiple vulnerabilities), and spice (MG4,5: code execution).

[$] The LPC Android microconference, part 2

Monday 14th of September 2015 08:43:55 PM
The Linux Plumbers Android microconference was held in Seattle on August 20th. It included discussions of a variety of topics, many of which need to be coordinated within the Android ecosystem. The microconference was split up into two separate sessions; this summary covers the second session, which was held for three hours in the evening. Topics were toybox in Android, improving AOSP vendor trees, providing per-task quality of service, and improving big.LITTLE on Android.

Security updates for Monday

Monday 14th of September 2015 05:22:18 PM

Arch Linux has updated icedtea-web (applet execution), libvdpau lib32-libvdpau (multiple vulnerabilities), and openldap (denial of service).

Debian has updated openldap (denial of service), php5 (multiple vulnerabilities), virtualbox (unspecified vulnerability), and vzctl (insecure ploop-based containers).

Fedora has updated kernel (F22: privilege escalation), pcre (F22; F21: code execution), and phpMyAdmin (F22; F21: guessable user credentials).

Mageia has updated conntrack-tools (MG4,5: denial of service), freetype2 (MG4: denial of service), gnupg (MG4: two vulnerabilities), libgcrypt (MG4: information leak), libvdpau (MG4,5: multiple vulnerabilities), mariadb (MG4,5: unspecified vulnerabilities), php (MG4: multiple vulnerabilities), phpmyadmin (MG4,5: guessable user credentials), and xfsprogs (MG5: information disclosure).

Red Hat has updated qemu-kvm-rhev (RHEL OSP5,6,7: code execution).

Some stable kernel releases

Sunday 13th of September 2015 06:41:09 PM
The 4.1.7, 3.14.52, and 3.10.88 stable kernel updates have been released. Each contains the usual collection of important fixes.

Python 3.5.0 released

Sunday 13th of September 2015 05:29:23 PM
The Python 3.5.0 release is out. "Python 3.5.0 is the newest version of the Python language, and it contains many exciting new features and optimizations." See the what's new page and this LWN article for details on the new features in this release.

Kernel prepatch 4.3-rc1

Sunday 13th of September 2015 12:13:55 AM
Linus has released 4.3-rc1 and closed the 4.3 merge window one day ahead of the usual schedule. "I decided that I'm not interested in catering to anything that comes in tomorrow, and I might as well just close the merge window and do the -rc1 release." In the end, 10,756 non-merge changesets were pulled during this merge window.

Library Suspends Tor Node After DHS Intimidation (EFF DeepLinks)

Friday 11th of September 2015 09:55:10 PM

The Electronic Frontier Foundation (EFF) is running a story on its DeepLinks blog that the Kilton Public Library in Lebanon, New Hampshire has suspended its Tor node deployment—at least temporarily—due to criticism by the local police department (we covered the launch of the Kilton library's Tor node in August). The EFF post says that the criticism originated when "a regional Department of Homeland Security office contacted the local police to spread fear, uncertainty, and doubt about Tor. The police got in touch with the library board, who suspended the program until they could vote on it on September 15." The EFF has set up a page at which interested parties can sign a petition showing support for the library, and has written its own letter of support to the Lebanon library board. The Library Freedom Project, which is handling the details of running Kilton's Tor node, has also written about the incident and promises further updates after the library board meeting.

Friday's security updates

Friday 11th of September 2015 03:23:38 PM

Debian-LTS has updated libvdpau (multiple vulnerabilities).

Fedora has updated onionshare (F21; F22: denial of service).

openSUSE has updated libvdpau (13.1, 13.2: multiple vulnerabilities) and squid (13.1, 13.2: certificate validation bypass).

Red Hat has updated libunwind (RHEL7 OSP; RHEL6 OSP: buffer overflow) and python-django (RHEL7 OSP; RHEL6 OSP: multiple vulnerabilities).

SUSE has updated MozillaFirefox, mozilla-nss (SLE11: multiple vulnerabilities).

Ubuntu has updated freetype (12.04, 14.04, 15.04: multiple vulnerabilities).

OpenWrt "Chaos Calmer" 15.05 released

Friday 11th of September 2015 01:46:57 PM
The OpenWrt 15.05 release is out. This release includes a number of new features, including improved package signing, support for hardened builds and jails, a lot of new hardware support, and much more. (See also: LWN's review of the 15.05 release from July).

[$] Weekly Edition for September 11, 2015

Friday 11th of September 2015 01:12:19 AM
The Weekly Edition for September 11, 2015 is available.

Shah: QEMU Maintainers on the 2.4 Release

Thursday 10th of September 2015 03:33:41 PM
On his blog, QEMU developer Amit Shah gathered up information on the recent QEMU 2.4 release from the maintainers. It takes the form of a video made at KVM Forum, as well as some email comments from those who were not present. "Many contributors to the QEMU and KVM projects meet at the annual KVM Forum conference to talk about new features, new developments, what changed since the last conference, etc. The QEMU project released version 2.4 just a week before the 2015 edition of KVM Forum. I thought that was a good opportunity to gather a few developers and maintainers, and get them on video where we can see them speak about the improvements they made in the 2.4 release, and what we can expect in the 2.5 release."

Security updates for Thursday

Thursday 10th of September 2015 03:14:30 PM

Debian has updated libvdpau (three vulnerabilities).

Debian-LTS has updated bind9 (denial of service).

Fedora has updated bind (F22: denial of service).

SUSE has updated qemu (SLE12: two vulnerabilities).

[$] Easier Python string formatting

Thursday 10th of September 2015 01:08:15 PM
Some languages pride themselves on providing many ways to accomplish any given task. Python, instead, tends to focus on providing a single solution to most problems. There are exceptions, though; the creation of formatted strings would appear to be one of them. Despite the fact that there are (at least) three mechanisms available now, Python's developers have just adopted a plan to add a fourth. With luck, this new formatting mechanism (slated for Python 3.6) will improve the traditionally cumbersome string-formatting facilities available in Python.

More in Tux Machines

Data indicates that Android picked up global market share from iOS last month

Tracking mobile web traffic, NetMarketShare computes the market share for mobile operating systems. Based on the data from last month, Android was able to widen its gap over iOS globally. Considering that the Apple iPhone 6s and Apple iPhone 6s Plus weren't launched until September 25th, the recently released phones accounted for a miniscule part of the data. The new models won't have a major effect on the results until the figures for this month are released. Read more

RapidDisk / RapidCache 3.4 now available.

RapidDisk is an advanced Linux RAM Disk which consists of a collection of modules and an administration tool. Features include: Dynamically allocate RAM as block device. Use them as stand alone disk drives or even map them as caching nodes to slower local disk drives. I pushed 3.4 into the mainline earlier this morning. Changes include:
  • Added ability to autoload RapidDisk volumes during module insertion.
  • Fixed bug in RapidDisk (volatile) volume size definition across 32 to 64 bit types.
  • Making use of BIT() macro in the driver.
  • Removed RapidDisk-NV support. It was redundant with the recently kernel integrated pmem code.
You can pull it from the git, yum, ZYpp & apt repos or download it from the SourceForge project page. To stay updated, you can follow the RapidDisk Google+ page.