Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 3 hours 13 min ago

A new set of Docker tools

Thursday 4th of December 2014 06:24:33 PM
Docker has announced a new set of container management tools: Machine (for system provisioning), Swarm (native clustering for Dockerized applications), and Compose (assembly of multi-container applications). "Finally, Docker Swarm has a pluggable architecture and ships 'batteries included' with a default scheduler. Stay tuned for the public API in the first half of 2015 which will allow swapping-in a scheduler implemented by an ecosystem partner or even your own custom implementation. Nevertheless, regardless of the underlying scheduler implementation, the interface to the app remains consistent, meaning that the app remains 100% portable."

Thursday's security updates

Thursday 4th of December 2014 06:20:23 PM

CentOS has updated firefox (C5; C6; C7: multiple vulnerabilities), nss (C5; C6; C7: protocol downgrade), thunderbird (C5; C6: multiple vulnerabilities), and wpa_supplicant (C7: command execution).

Debian has updated iceweasel (multiple vulnerabilities), jasper (code execution), qemu (privilege escalation), qemu-kvm (privilege escalation), and tcpdump (multiple vulnerabilities).

Fedora has updated firefox (F20: multiple vulnerabilities), tcpdump (F19: multiple vulnerabilities), teeworlds (F19; F20: denial of service), thunderbird (F20: multiple vulnerabilities), util-linux (F20: command injection), and wireshark (F20: multiple vulnerabilities).

Mageia has updated firefox, thunderbird (M4: multiple vulnerabilities), libreoffice (M4: code execution), mediawiki (M4: multiple vulnerabilities), and sddm (M4: multiple vulnerabilities).

Oracle has updated firefox (O5; O6: multiple vulnerabilities) and wpa_supplicant (O7: command execution).

Red Hat has updated wget (RHEL6.5: code execution) and wpa_supplicant (RHEL7: command execution).

Scientific Linux has updated firefox (multiple vulnerabilities), nss, nss-util, nss-softokn (protocol downgrade), thunderbird (SL6: multiple vulnerabilities), and wpa_supplicant (SL7: command execution).

Ubuntu has updated eglibc, glibc (10.04, 12.04, 14.04, 14.10: multiple vulnerabilities), tcpdump (10.04, 12.04, 14.04, 14.10: multiple vulnerabilities), and thunderbird (12.04, 14.04, 14.10: multiple vulnerabilities).

[$] LWN.net Weekly Edition for December 4, 2014

Thursday 4th of December 2014 01:21:21 AM
The LWN.net Weekly Edition for December 4, 2014 is available.

[$] Moving some of Python to GitHub?

Wednesday 3rd of December 2014 06:06:47 PM
Over the years, Python's source repositories have moved a number of times, from CVS on SourceForge to Subversion at Python.org and, eventually, to Mercurial (aka hg), still on Python Software Foundation (PSF) infrastructure. But the new Python.org site code lives at GitHub (thus in a Git repository) and it looks like more pieces of Python's source may be moving in that direction. While some are concerned about moving away from a Python-based DVCS (i.e. Mercurial) into a closed-source web service, there is a strong pragmatic streak in the Python community that may be winning out.

Security advisories for Wednesday

Wednesday 3rd of December 2014 05:46:19 PM

Debian has updated wordpress (multiple vulnerabilities).

Fedora has updated drupal6 (F20; F19: two vulnerabilities), drupal7 (F20; F19: denial of service), lsyncd (F20; F19: command injection), mariadb-galera (F20: multiple vulnerabilities), and wordpress (F20; F19: multiple vulnerabilities).

Oracle has updated firefox (OL7: multiple vulnerabilities), nss (OL7; OL6; OL5: man-in-the-middle attack), and thunderbird (OL6: multiple vulnerabilities).

Red Hat has updated firefox (RHEL5,6,7: multiple vulnerabilities), kernel-rt (RHE MRG: multiple vulnerabilities), mariadb-galera (RHEL OSP for RHEL7; RHEL OSP for RHEL6: multiple vulnerabilities), nss (RHEL5,6,7: man-in-the-middle attack), openstack-neutron (RHEL OSP for RHEL7; RHEL OSP for RHEL6: denial of service), openstack-trove (RHEL OSP for RHEL7: information disclosure), qemu-kvm-rhev (RHEL OSP for RHEL7: information leak), and thunderbird (RHEL5,6,7: multiple vulnerabilities).

Slackware has updated mozilla (multiple vulnerabilities).

SUSE has updated flash-player (SLED11 SP3: code execution), IBM Java (SLE11 SP2: multiple vulnerabilities), and java-1_7_1-ibm (SLE12: multiple vulnerabilities).

Ubuntu has updated firefox (14.10, 14.04, 12.04: multiple vulnerabilities) and mod-wsgi (14.10, 14.04, 12.04: privilege escalation).

Announcing netdev 0.1

Tuesday 2nd of December 2014 09:19:13 PM
"Netdev" is a new conference aimed at networking developers; it will be held February 14 to 17 in balmy Ottawa, Canada. The call for papers is open now, with a submission deadline of January 10. "Netdev 0.1 (year 0, conference 1) is a community-driven conference geared towards Linux netheads. Linux kernel networking and user space utilization of the interfaces to the Linux kernel networking subsystem are the focus. If you are using Linux as a boot system for proprietary networking, then this conference may not be for you."

Update: the conference organizers have posted more information on the CFP and the types of proposals they are looking for.

The Impact of the Linux Philosophy (Opensource.com)

Tuesday 2nd of December 2014 09:04:35 PM
Starting with the premise that all operating systems have a philosophy, this article on Opensource.com looks at the Linux philosophy and how it differs from other operating systems. "Imagine for a moment the chaos and frustration that would result from attempting to use a nail gun that asked you if you really wanted to shoot that nail and would not allow you to pull the trigger until you said the word “yes” aloud. Linux allows you to use the nail gun as you choose. Other operating systems let you know that you can use nails but don't tell you what tool is used to insert the nails let alone allow you to put your own finger on the trigger."

LCA 2015 and InternetNZ Diversity Program

Tuesday 2nd of December 2014 08:44:38 PM
LCA 2015 and InternetNZ are supporting diversity at linux.conf.au. "The InternetNZ Diversity Programme is one of the many ways we ensure that the LCA 2015 continues to be an open and welcoming conference for everyone. Together with InternetNZ this program has been created to assist under-represented delegates who contribute to the Open Source community but, without financial assistance, would not be able to attend LCA 2015."

Security updates for Tuesday

Tuesday 2nd of December 2014 06:03:28 PM

Debian has updated openvpn (denial of service).

Fedora has updated curl (F20: information leak), erlang (F20: command injection), phpMyAdmin (F20; F19: multiple vulnerabilities), python-django14 (F20; F19: multiple vulnerabilities), python-eyed3 (F20; F19: insecure tmpfile use), wget (F19: symlink attack), and xen (F20; F19: multiple vulnerabilities).

Mageia has updated gnome-shell (lock screen bypass), tcpdump (two vulnerabilities), and teeworlds (information leak).

Scientific Linux has updated ruby (SL7; SL6: multiple vulnerabilities).

Ubuntu has updated openvpn (14.10, 14.04, 12.04: denial of service).

New features in Git 2.2.0

Tuesday 2nd of December 2014 02:15:23 PM
The "Atlassian Developers" site has a summary of interesting features in the recent Git 2.2.0 release, including signed pushes. "This is an important step in preventing man-in-the-middle attacks and any other unauthorized updates to your repository's refs. git push has learnt the --signed flag which applies your GPG signature to a "push certificate" sent over the wire during the push invocation. On the server-side, git receive-pack (the command that handles incoming git pushes) has learnt to verify GPG-signed push certificates. Failed verifications can be used to reject pushes and those that succeed can be logged in a file to provide an audit log of when and who pushed particular ref updates or objects to your git server."

Firefox 34 released

Monday 1st of December 2014 08:00:29 PM
Mozilla has released Firefox 34. This version changes the default search engine, includes the Firefox Hello real-time communication client, implements HTTP/2 (draft14) and ALPN, disables SSLv3, and more. See the release notes for details.

Rocket, a new container runtime from CoreOS

Monday 1st of December 2014 07:02:00 PM
CoreOS has announced that it is moving away from Docker and toward "Rocket," a new container runtime that it has developed. "Unfortunately, a simple re-usable component is not how things are playing out. Docker now is building tools for launching cloud servers, systems for clustering, and a wide range of functions: building images, running images, uploading, downloading, and eventually even overlay networking, all compiled into one monolithic binary running primarily as root on your server. The standard container manifesto was removed. We should stop talking about Docker containers, and start talking about the Docker Platform. It is not becoming the simple composable building block we had envisioned."

[$] A preview of darktable 1.6

Monday 1st of December 2014 06:43:32 PM

The darktable project recently announced the first release-candidate (RC) builds for its upcoming version 1.6 release. The new version will add a slideshow presentation tool to darktable's primary photo-editing features, plus several new image operations and support for new digital cameras. This time, several of the additions add to darktable's automatic adjustment capabilities, making the application a bit more friendly for users who are new to high-end photo editing.


Security advisories for Monday

Monday 1st of December 2014 05:37:52 PM

CentOS has updated ruby (C7; C6: multiple vulnerabilities).

Debian has updated flac (multiple vulnerabilities), libvncserver (multiple vulnerabilities), mutt (denial of service), openjdk-7 (multiple vulnerabilities), and ppp (privilege escalation).

Mageia has updated flac (multiple vulnerabilities) and geary (TLS certificate issues).

SUSE has updated IBM Java (SLE11 SP3: multiple vulnerabilities).

Ubuntu has updated ppp (privilege escalation).

Kernel prepatch 3.18-rc7

Monday 1st of December 2014 01:13:28 PM
The 3.18-rc7 prepatch is out. Linus seems happy enough, despite the persistent lockup problem that has defied all debugging attempts so far. "At the same time, with the holidays coming up, and the problem _not_ being a regression, I suspect that what will happen is that I'll release 3.18 on time in a week, because delaying it will either mess up the merge window and the holiday season, or I'd have to delay it a *lot*."

More in Tux Machines

What will 2015 bring for the open source cloud?

Regardless of what we see in 2015, the open source cloud will continue to grow, change, and adapt. What is your top prediction for this year? Read more

Five Great Applications For Systems Admins

Being a systems administrator is a difficult, often thankless job. You’re one of the people responsible for keeping the entire IT infrastructure of your business up and running. What that means is that whenever something doesn’t work the way it should, all eyes immediately turn in your direction. You can hardly be blamed for looking to make your life a bit easier. I’d actually recommend that you do so, truth be told. The less time you spend slogging through all the basics of administration, the more time you can devote to improving your server. To that end, I’ve compiled a list of a few of the best sysadmin apps on the web; tools that any Linux administrator worth their salt should consider using. Read more

today's leftovers

Sdparm & ddpt Linux Disk Utilities Updated

For those out of the loop, sdparm allows for setting and getting SCSI device parameters. The ddpt utility is yet another spin-off of dd but with extra features regarding storage control. Both ddpt and sdparm work on not only Linux but also BSDs, Solaris, and even Windows. Read more