Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 1 hour 39 min ago

[$] LWN.net Weekly Edition for June 13, 2019

Thursday 13th of June 2019 12:51:50 AM
The LWN.net Weekly Edition for June 13, 2019 is available.

[$] Paying (some) Debian developers

Wednesday 12th of June 2019 09:56:34 PM
In an offshoot of the Debian discussion we looked at last week, the Debian project has been discussing the idea of paying developers to work on the distribution. There is some history behind the idea, going back to the controversial Dunc-Tank initiative in 2006, but some think attitudes toward funding developers may have changed—or that a new approach might be better accepted. While it is playing out with regard to Debian right now, it is a topic that other projects have struggled with along the way—and surely will again.

Security updates for Wednesday

Wednesday 12th of June 2019 03:17:11 PM
Security updates have been issued by Debian (libgd2, mediawiki, otrs2, vlc, and zookeeper), Fedora (containernetworking-plugins, kernel, kernel-headers, nodejs-tough-cookie, podman, python-django, and python-urllib3), openSUSE (virtualbox), SUSE (gnome-shell, libcroco, and php7), and Ubuntu (dbus, Neovim, and vim).

[$] Python and "dead" batteries

Wednesday 12th of June 2019 12:44:54 PM
Python is, famously, a "batteries included" language; it comes with a rich standard library right out of the box, which makes for a highly useful starting point for everyone. But that does have some downsides as well. The standard library modules are largely maintained by the CPython core developers, which adds to their duties; the modules themselves are subject to the CPython release schedule, which may be suboptimal. For those reasons and others, there have been thoughts about retiring some of the older modules; it is a topic that has come up several times over the last year or so.

Introducing Matrix 1.0 and the Matrix.org Foundation

Tuesday 11th of June 2019 08:31:47 PM
The Matrix team has announced the first stable release of the Matrix protocol and specification across all APIs. The Synapse 1.0 reference implementation, which implements the full Matrix 1.0 API surface, has also been released. "Now, before you get too excited, it’s critical to understand that Matrix 1.0 is all about providing a stable, self-consistent, self-contained and secure version of the standard which anyone should be able to use to independently implement production-grade Matrix clients, servers, bots and bridges etc. It does not mean that all planned or possible features in Matrix are now specified and implemented, but that the most important core of the protocol is a well-defined stable platform for everyone to build on. On the Synapse side, our focus has been exclusively on ensuring that Synapse correctly implements Matrix 1.0, to provide a stable and secure basis for participating in Matrix without risk of room corruption or other nastinesses." The announcement also covers the launch of the Matrix.org Foundation.

[$] Generalized events notification and security policies

Tuesday 11th of June 2019 03:29:30 PM
Interfaces for the reporting of events to user space from the kernel have been a recurring topic on the kernel mailing lists for almost as long as the kernel has existed; LWN covered one 15 years ago, for example. Numerous special-purpose event-reporting APIs exist, but there are none that are designed to be a single place to obtain any type of event. David Howells is the latest to attempt to change that situation with a new notification interface that, naturally, uses a ring buffer to transfer events to user space without the need to make system calls. The API itself (which hasn't changed greatly since it was posted in 2018) is not hugely controversial, but the associated security model has inspired a few heated discussions.

Five new stable kernels

Tuesday 11th of June 2019 02:50:19 PM
Stable kernels 5.1.9, 4.19.50, 4.14.125, 4.9.181, and 4.4.181 have been released. They all contain important fixes and users should upgrade.

Security updates for Tuesday

Tuesday 11th of June 2019 02:36:28 PM
Security updates have been issued by CentOS (bind and thunderbird), Mageia (firefox, ghostscript, graphicsmagick, imagemagick, postgresql, and thunderbird), Oracle (kernel), Red Hat (Advanced Virtualization and rh-haproxy18-haproxy), SUSE (bind, gstreamer-0_10-plugins-base, thunderbird, and vim), and Ubuntu (elfutils, glib2.0, and libsndfile).

[$] BPF for security—and chaos—in Kubernetes

Monday 10th of June 2019 04:41:45 PM
BPF is probably familiar to many LWN readers, though it's likely not yet quite as well known in the Kubernetes community — but that could soon change. At KubeCon + CloudNativeCon Europe 2019 there were multiple sessions with BPF in the title where developers talked about how BPF can be used to help with Kubernetes security, monitoring, and even chaos engineering testing. We will look at two of those talks that were led by engineers closely aligned with the open-source Cilium project, which is all about bringing BPF to Kubernetes container environments. Thomas Graf, who contributes to BPF development in the Linux kernel, led a session on transparent chaos testing with Envoy, Cilium, and BPF, while his counterpart Dan Wendlandt, who is well known in the OpenStack community for helping to start the Neutron networking project, spoke about using the kernel's BPF capabilities to add visibility and security in a Kubernetes-aware manner.

Security updates for Monday

Monday 10th of June 2019 02:12:25 PM
Security updates have been issued by Arch Linux (chromium and pam-u2f), Debian (cyrus-imapd), Fedora (curl, cyrus-imapd, kernel, kernel-headers, php, and vim), openSUSE (axis, bind, bubblewrap, evolution, firefox, gnome-shell, libpng16, and rmt-server), Oracle (edk2 and kernel), and SUSE (bind, cloud7, and libvirt).

Kernel prepatch 5.2-rc4

Monday 10th of June 2019 02:09:47 PM
The 5.2-rc4 kernel prepatch is out for testing. "We've had a fairly calm release so far, and on the whole that seems to hold. rc4 isn't smaller than rc3 was (it's a bit bigger), but rc3 was fairly small, so the size increase isn't all that worrisome. I do hope that we'll start actually shrinking now, though."

Stable kernel updates

Monday 10th of June 2019 12:45:06 PM
The 5.1.8, 4.19.49, and 4.14.124 stable kernel updates have been released; each contains another set of important fixes.

[$] Detecting and handling split locks

Friday 7th of June 2019 04:56:29 PM
The Intel architecture allows misaligned memory access in situations where other architectures (such as ARM or RISC-V) do not. One such situation is atomic operations on memory that is split across two cache lines. This feature is largely unknown, but its impact is even less so. It turns out that the performance and security impact can be significant, breaking realtime applications or allowing a rogue application to slow the system as a whole. Recently, Fenghua Yu has been working on detecting and fixing these issues in the split-lock patch set, which is currently on its eighth revision.

Security updates for Friday

Friday 7th of June 2019 01:11:18 PM
Security updates have been issued by Debian (evolution and qemu), Fedora (cyrus-imapd and hostapd), Gentoo (exim), openSUSE (exim), Red Hat (qpid-proton), SUSE (bind, libvirt, mariadb, mariadb-connector-c, python, and rubygem-rack), and Ubuntu (firefox, jinja2, and linux-lts-xenial, linux-aws).

[$] Renaming openSUSE

Thursday 6th of June 2019 03:52:14 PM
In mid-May, LWN reported on the discussions in the openSUSE project over whether a separation from SUSE would be a good move. It would appear that this issue has been resolved and that openSUSE will be setting up a foundation as its new home independent of the SUSE corporation. But now the community has been overtaken by a new, related discussion that demonstrates a characteristic of free-software projects: the hardest issues are usually related to naming.

Severe vulnerability in Exim

Thursday 6th of June 2019 01:49:16 PM
Qualys has put out an advisory on a vulnerability in the Exim mail transfer agent, versions 4.87 through 4.91; it allows for easy command execution by a local attacker and remote execution in some scenarios. "To remotely exploit this vulnerability in the default configuration, an attacker must keep a connection to the vulnerable server open for 7 days (by transmitting one byte every few minutes). However, because of the extreme complexity of Exim's code, we cannot guarantee that this exploitation method is unique; faster methods may exist." Sites running Exim should upgrade to 4.92 if they have not already.

Security updates for Thursday

Thursday 6th of June 2019 12:56:01 PM
Security updates have been issued by Arch Linux (binutils), Debian (exim4 and poppler), Fedora (deepin-api, kernel, kernel-headers, kernel-tools, and php), openSUSE (cronie), and Ubuntu (apparmor, exim4, mariadb-10.1, php5, and php7.0, php7.2).

[$] LWN.net Weekly Edition for June 6, 2019

Thursday 6th of June 2019 01:01:42 AM
The LWN.net Weekly Edition for June 6, 2019 is available.

[$] Seeking consensus on dh

Wednesday 5th of June 2019 09:58:57 PM

Debian takes an almost completely "hands off" approach to the decisions that Debian developers (DDs) can make in regard to the packaging and maintenance of their packages. That leads to maximal freedom for DDs, but impacts the project in other ways, some of which may be less than entirely desirable. New Debian project leader (DPL) Sam Hartman started a conversation about potential changes to the Debian packaging requirements back in mid-May. In something of a departure from the Debian tradition of nearly endless discussion without reaching a conclusion (and, possibly, punting the decision to the technical committee or a vote in a general resolution), Hartman has instead tried to guide the discussion toward reaching some kind of rough consensus.

[$] How many kernel test frameworks?

Wednesday 5th of June 2019 03:52:37 PM

The kernel self-test framework (kselftest) has been a part of the kernel for some time now; a relatively recent proposal for a kernel unit-testing framework, called KUnit, has left some wondering why both exist. In a lengthy discussion thread about KUnit, the justification for adding another testing framework to the kernel was debated. While there are different use cases for kselftest and KUnit, there was concern about fragmenting the kernel-testing landscape.

More in Tux Machines

5 Open Source 2D Animation Software to Use

An animation software is a special program that’s used to design a moving animation out of the objects required. Traditional painting/drawing software (Like Inkscape) do not support creating animation, as they are used just to make the objects or paint them, but they do not have some necessary capabilities to create a moving animation out of those objects/images/photos, such as tweeing, rotoscoping, motion capture, VFX & simulation support. If you are someone who’s interested in creating 2D animation, whether as a hobby or part of your job, then you would be glad to know that there are many open source 2D animation software to use. In this article we’ll see 5 of them. Read more

LG buddies up with Qt to expand webOS in autos, smart home, and robots

The Qt Company and LG are collaborating to integrate LG’s Linux-based webOS Open Source Edition with the Qt development platform for automotive, smart home, and robotics. The Qt Company announced “a significant expansion of its long-standing partnership” with LG Electronics to extend the reach of the webOS Open Source Edition, which LG launched in early 2018. The Qt Company will work with LG to release webOS with the cross-platform Qt SDK and related GUI and development tools to offer “the most comprehensive operating system for smart devices in the automotive, robotics and smart home sectors,” says the Qt Company. Other potential applications are said to include AI, connectivity, media and content services, and automation. “Qt will play a key role in the development of webOS Auto, planned for deployment in future automotive infotainment systems,” says LG. In addition, webOS will officially become a Qt reference OS of Qt, with full support for the distribution within Qt Creator, Qt Design Studio, Qt 3D Studio, and related Qt software. The goal is to make webOS with Qt “the platform of choice for embedded smart devices.” Read more

Android Leftovers

SUSE Manager 4: Traditional server management marries DevOps

Managing Linux servers has never been easy. Programs like Cockpit, cPanel, and Webmin use a GUI to make it simpler to handle common sysadmin tasks. But, with servers moving from the racks in your server room to the cloud and the edge and the Internet of Things (IoT), we need more. That's where DevOps comes in. And now programs like the new SUSE Manager 4 combine the best of both sysadmin approaches. Daniel Nelson, SUSE VP of products and solutions, explained in a statement: "SUSE Manager manages physical, virtual, and containerized systems across edge, core, and cloud environments, all from a single centralized console. It's part of the IT transformation that lowers costs, reduces complexity, and boosts business agility." Read more