Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 6 hours 43 min ago

Maru OS now freely available

Wednesday 8th of June 2016 11:33:57 PM
The Maru OS handset distribution (reviewed here in April) has moved out of the beta-test period and is now freely downloadable without an invitation. Maru functions as both an Android handset and an Ubuntu desktop (when connected to an external monitor). For now, it remains limited to Nexus 5 handsets. "Now that the beta program is over, I’m finally turning my attention to the open-source project so we can expand device support with the help of the community. Let’s get Maru in the hands of a lot more people!"

Stable kernel updates

Wednesday 8th of June 2016 05:05:50 PM
Greg Kroah-Hartman has released stable kernels 4.6.2, 4.5.7, 4.4.13, and 3.14.72. This is the last 4.5.y stable kernel release. Users of the 4.5 kernel series should upgrade to the 4.6 kernel series.

Security advisories for Wednesday

Wednesday 8th of June 2016 04:39:25 PM

Arch Linux has updated firefox (multiple vulnerabilities), qemu (multiple vulnerabilities), qemu-arch-extra (multiple vulnerabilities), and subversion (two vulnerabilities).

CentOS has updated spice (C7: two vulnerabilities) and spice-server (C6: two vulnerabilities).

Debian has updated expat (two vulnerabilities) and vlc (code execution).

Debian-LTS has updated expat (two vulnerabilities), libpdfbox-java (XML External Entity attacks), and libxstream-java (XML External Entity attacks).

Fedora has updated openslp (F23; F22: denial of service).

Mageia has updated chromium-browser-stable/libpng (multiple vulnerabilities), libxslt (two vulnerabilities), and ntp (multiple vulnerabilities).

openSUSE has updated expat (Leap42.1: code execution), gd (13.2: information leak), glibc (13.2: multiple vulnerabilities), GraphicsMagick (Leap42.1; 13.2: command execution), libimobiledevice, libusbmuxd (Leap42.1, 13.2: sockets listening on INADDR_ANY), libksba (Leap42.1: denial of service), and php5 (Leap42.1: multiple vulnerabilities).

SUSE has updated expat (SLE11-SP4: code execution).

The Qt Automotive Suite launches

Wednesday 8th of June 2016 02:02:20 PM
The Qt Blog announces the launch of the Qt Automotive Suite. "With cumulative experience from over 20 automotive projects it was noted how Qt is really well suited to the needs of building IVIs and Instrument Clusters, that there were already millions of vehicles on the road with Qt inside, and that there were a lot of ongoing projects. There was though a feeling that things could be even better, that there were still a few things holding back the industry, contributing to the sense that shipped IVI systems could be built faster, cheaper and with a higher quality."

[$] Distributors ponder a systemd change

Tuesday 7th of June 2016 10:56:49 PM
Linux users tend to pride themselves on their position at the leading edge of a fast-moving development community. But, in truth, much of what we do is rooted in many decades of Unix tradition, and we tend to get grumpy when young developers show up and start changing things around. A recent change of default in systemd represents such a change and the kind of response that it brings out; as a result, Linux distributors are going to have to make a decision on whether they should preserve the way things have always worked or make a change that, while potentially disruptive to users, is arguably a step toward more predictable, controllable, and secure behavior.

Firefox 47

Tuesday 7th of June 2016 04:26:27 PM
Firefox 47 has been released. This version enables the VP9 video codec for users with fast machines, plays embedded YouTube videos with HTML5 video if Flash is not installed, and more. There is a blog post about these and other improvements. "Now, we are making it even easier to access synced tabs directly in your desktop Firefox browser. If you’re logged into your Firefox Account, you will see all open tabs from your smartphone or other computers within the sidebar. In the sidebar you can also search for specific tabs quickly and easily." See the release notes for more information.

Tuesday's security updates

Tuesday 7th of June 2016 03:38:55 PM

Debian has updated spice (two vulnerabilities).

Debian-LTS has updated dhcpcd5 (code execution) and nss (cipher-downgrade attacks).

Fedora has updated glibc (F23: denial of service), nginx (F23: denial of service), and qemu (F22: multiple vulnerabilities).

openSUSE has updated clamav-database (Leap42.1: database refresh).

Oracle has updated spice (OL7: two vulnerabilities) and spice-server (OL6: two vulnerabilities).

Red Hat has updated glibc (RHEL6.5: sends DNS queries to random file descriptors), jenkins (RHOSE3.2: multiple vulnerabilities), spice (RHEL7: two vulnerabilities), and spice-server (RHEL6: two vulnerabilities).

Scientific Linux has updated spice (SL7: two vulnerabilities) and squid (SL7: multiple vulnerabilities).

SUSE has updated expat (SLE12-SP1: code execution).

Ubuntu has updated libxml2 (multiple vulnerabilities) and oxide-qt (16.04, 15.10, 14.04: multiple vulnerabilities).

Open Build Service 2.7 released

Monday 6th of June 2016 08:25:21 PM
Open Build Service 2.7 has been released. "Three large features around the topic of integrating external resources made it into this release. We worked on automatic tracking of moving repositories of development versions like Fedora Rawhide, distribution updates or rolling Linux releases like Arch. A change to the OBS git integration to enable developers to work on continuous builds. And last but not least an experimental KIWI import that can be used to easily migrate your images from SUSE studio."

Security updates for Monday

Monday 6th of June 2016 04:07:54 PM

Arch Linux has updated chromium (multiple vulnerabilities), ntp (multiple vulnerabilities), and webkit2gtk (code execution).

Debian has updated chromium-browser (multiple vulnerabilities), mariadb-10.0 (multiple vulnerabilities), and samba (regression in previous update).

Debian-LTS has updated libxml2 (multiple vulnerabilities).

Fedora has updated php (F22: multiple vulnerabilities), phpMyAdmin (F22: multiple vulnerabilities), roundcubemail (F23; F22: cross-site scripting), sudo (F23: information leak), and xen (F23: multiple vulnerabilities).

Gentoo has updated gnupg (multiple vulnerabilities), libjpeg-turbo (information leak), puppet-agent (multiple vulnerabilities), and putty (multiple vulnerabilities).

openSUSE has updated Chromium (Leap42.1; 13.2: multiple vulnerabilities).

Slackware has updated ntp (multiple vulnerabilities).

SUSE has updated Chromium (SPH for SLE12: multiple vulnerabilities).

Kernel prepatch 4.7-rc2

Monday 6th of June 2016 01:00:56 AM
The second 4.7 prepatch is now available for testing. Linus says: "There's a late non-fix I took even though the merge window is over, because I've been wanting it for a while. I doubt anybody notices the actual effects of a pty change/cleanup that means that our old disgusting DEVPTS_MULTIPLE_INSTANCES kernel config option is gone, because the cleanup means that it is no longer needed." For details on this change, see this article from last week's Kernel Page.

More in Tux Machines

Today in Techrights

today's leftovers

  • Calamares 2.3 Installer Released
  • ANNOUNCE: libosinfo 0.3.1 released
    I am happy to announce a new release of libosinfo, version 0.3.1 is now available, signed with key DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF (4096R). All historical releases are available from the project download page.
  • There and Back Again: The MongoDB Cloud Story
    Before it was a database company, MongoDB was a cloud company. Founded in 2007 and originally known as 10gen, the company originally intended to build a Java cloud platform. After building a database it called MongoDB, the company realized that the infrastructure software it had built to support its product was more popular than the product itself, and the PaaS company pivoted to become a database company – eventually taking the obvious step of renaming itself to reflect its new purpose.
  • C++17: New Features Coming To 33-Year-Old Programming Language
    The C++17 standard is taking shape and adding new features to the vintage programming language. This major update aims to make C++ an easier language to work with and brings powerful technical specifications.
  • Clearing the Keystone Environment

GNU/Linux Leftovers

Red Hat Summit

  • Red Hat Summit Advocates the Power of Participation
    Red Hat hosted its annual Red Hat Summit customer event June 28-30 at the Moscone Center in San Francisco, with a theme of harnessing the power of participation. Once again, the DevNation developer event, which is the successor to JBoss World, was co-located with Red Hat Summit. For JBoss, 2016 is a particularly significant year as it marks 10 years since Red Hat acquired it. At DevNation, Red Hat announced the new JBoss Enterprise Application Platform (EAP) 7 release, providing new cloud-enhanced capabilities for Red Hat's flagship middleware platform. JBoss is now also working to help enable Java for the container era, with the launch of the MicroProfile Project, an effort to optimize enterprise Java for a microservices architecture. Java wasn't the only focus of DevNation this year either, as Microsoft took center stage too, announcing the availability of its .NET Core for Red Hat Enterprise Linux. In this slide show, eWEEK takes a look at some of the highlights of the Red Hat Summit and DevNation 2016 events.
  • How Red Hat is tailoring OpenStack to fit … everyone
    Even though there have been no major changes announced to the OpenStack platform of late, it was still one of the most talked about subjects at this year’s Red Hat Summit. Red Hat plays a significant role in the development of the platform and is very proud of its contribution to the community.
  • New technologies foster an open-source environment
    In 2007, when 3scale, Inc. was founded, some people thought it was crazy to be investing so much time and energy into API. But Steven Willmott, CEO of 3scale, Inc., said that even at that time his team knew that the future was API-driven, and they wanted to help that happen.