Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 3 hours 26 min ago

[$] Self-hosting projects with Gogs

Tuesday 7th of July 2015 09:08:39 PM
In May, we noted the problems that GIMP and other free-software projects have encountered of late with the SourceForge project-hosting service. While there are plenty of alternative hosting providers to choose from, some developers will likely always prefer to self-host their projects—precisely because an outside service provider can make just such an abrupt or surprising about-face. Gogs is one option for those taking the self-hosting approach: it provides a web-based front-end to a GitHub-like hosting service. Gogs offers quite a few features, but its choice of GitHub-like qualities may not be to everyone's tastes.

ownCloud 8.1 released

Tuesday 7th of July 2015 05:44:46 PM
The ownCloud 8.1 release is out. "This release marks significant under the hood improvements, such as increasing scalability and performance of syncing and file operations while making ownCloud a better platform for developers to build upon. Security enhancements, integrated documentation links, more control in the admin panel over external storage, LDAP and encryption make ownCloud more secure and easier to use." See the release notes for details.

Security updates for Tuesday

Tuesday 7th of July 2015 04:33:54 PM

Arch Linux has updated ntp (denial of service).

CentOS has updated firefox (C7; C6; C5: multiple vulnerabilities).

Debian has updated cups-filters (code execution) and libwmf (code execution).

Gentoo has updated exiv2 (denial of service), icu (code execution), libvncserver (multiple vulnerabilities), libxml2 (denial of service), sqlite (three vulnerabilities), tor (denial of service), and unrtf (code execution).

Red Hat has updated abrt (RHEL6: multiple vulnerabilities) and kernel (RHEL6.4: privilege escalation).

Ubuntu has updated haproxy (15.04, 14.10: information leak), kernel (15.04; 14.10; 14.04; 12.04: multiple vulnerabilities), linux-lts-trusty (12.04: multiple vulnerabilities), linux-lts-utopic (14.04: multiple vulnerabilities), linux-lts-vivid (14.04: multiple vulnerabilities), and linux-ti-omap4 (12.04: privilege escalation).

Stable kernel updates

Monday 6th of July 2015 06:44:29 PM
Greg KH has released two new stable kernels; 3.14.47 and 3.10.83. Both contain important fixes.

Security advisories for Monday

Monday 6th of July 2015 05:18:04 PM

Arch Linux has updated haproxy (information leak) and openssh (restriction bypass).

Debian has updated haproxy (information leak) and iceweasel (multiple vulnerabilities).

Debian-LTS has updated aptdaemon (information leak) and virtualbox-ose (multiple vulnerabilities).

Fedora has updated ansible (F22; F21: two vulnerabilities), mariadb (F22: man-in-the-middle attack), pam (F21: denial of service), and trafficserver (F22; F21: several vulnerabilities).

Gentoo has updated chrony (multiple vulnerabilities).

Mageia has updated chromium-browser (MG4,5: multiple vulnerabilities), coreutils (MG4: memory handling error), curl (MG5: information disclosure), filezilla (MG4,5: cipher-downgrade attacks), firefox (MG4,5: multiple vulnerabilities), libwmf (MG4,5: multiple vulnerabilities), mysql-connector-java (MG4: information disclosure), owncloud-client (MG4,5: man-in-the-middle attack), pam (MG4,5: denial of service), pcre (MG5: information leak), php (MG4: multiple vulnerabilities), polkit (MG4,5: multiple vulnerabilities), tidy (MG4: buffer overflow), and wireshark (MG5: denial of service).

openSUSE has updated php5 (13.2, 13.1: multiple vulnerabilities) and phpMyAdmin (13.2, 13.1: three vulnerabilities).

Scientific Linux has updated firefox (SL5,6,7: multiple vulnerabilities).

SUSE has updated OpenSSL (SLE11SP3; SLED11SP3, SLES10SP4; SLES11SP2; SLES10SP4: multiple vulnerabilities).

Ubuntu has updated cups-filters (15.04, 14.10, 14.04, 12.04: code execution) and php5 (15.04, 14.10, 14.04, 12.04: multiple vulnerabilities).

Kernel Summit 2015: Call for Proposals

Monday 6th of July 2015 12:23:27 AM
The 2015 Kernel Summit will be held October 26-28 in Seoul, South Korea; the call for discussion proposals is out now. Now would be a good time for those who would like to attend the Summit to come up with a good topic and get the discussion going. Proposals are due by July 31.

Kernel prepatch 4.2-rc1

Sunday 5th of July 2015 11:44:27 PM
Linus has released 4.2-rc1 and closed the merge window for this development cycle. As Linus explains, 4.2 may, in the end, not end up being the development cycle with the most commits ever, but there is still a lot going on. "However, if you count the size in pure number of lines changed, this really seems to be the biggest rc we've ever had, with over a million lines added (and about a quarter million removed). That beats the previous champion (3.11-rc1) that was huge mainly due to Lustre being added to the staging tree." The source of the biggest chunk of those new lines is the new amdgpu graphics driver.

Firefox 39 released

Friday 3rd of July 2015 09:55:48 PM

Firefox 39 has been released for both desktop and mobile systems. The new features include a social sharing tool for the Firefox Hello video chat subsystem. It is designed to make it easier to share Firefox Hello chat invitations over third-party social networks. In addition, Firefox's existing phishing-and-malware detection tool has been extended to cover downloads, support has been added for Unicode 8.0's multi-ethnic emoji characters, and there is improved support for the Accessible Rich Internet Applications (ARIA) standard.

Friday's security updates

Friday 3rd of July 2015 03:58:05 PM

Arch Linux has updated firefox (multiple vulnerabilities) and wesnoth (information leak).

Debian has updated stunnel4 (authentication bypass).

Debian-LTS has updated libxml2 (multiple vulnerabilities) and pykerberos (insecure authentication).

Fedora has updated drupal6 (F21; F22: account hijacking) and drupal7 (F21; F22: multiple vulnerabilities).

openSUSE has updated flash-player (11.4).

Oracle has updated firefox (O5; O6; O7: multiple vulnerabilities).

Red Hat has updated firefox (RHEL: multiple vulnerabilities) and openstack-cinder (RHEL OSP: file disclosure).

SUSE has updated MySQL (SLE 11 SP3: cipher downgrade attack), ntp (SLE11 SP3: multiple vulnerabilities), and OpenSSL (SLE 10 Client Tools; SUSE Manager 11 SP2, Studio Onsite; SLE 11 SAP; SLE 11 SP1; SLE SM 11 SP3: multiple vulnerabilities).

More in Tux Machines

An open source mapping primer

You now need a way to embed a map, manipulate the map tiles, and overlay other data onto the map. Leaflet is a popular choice for doing this. It's an open source Javascript library that lets you easily create "slippy" maps with tiled base layers, panning and zooming, and various layered features such as markers at specific geographical coordinates (i.e. latitude and longitude). It handles interactions with the map, has a fairly rich and well-documented API, and also works with a wide collection of plugin that provide additional features. Read more

today's leftovers

Leftovers: Software

  • Ocs-server 0.1 Technology Preview released! (with cats!)
    Finally, after many iterations, we have something that works! The ocs-server team (Claudio Desideri and Francesco Wofford) is therefore announcing the first release of ocs-server 0.1 technology preview.
  • 5 Less known Linux Admin Tools
  • dmMediaConverter Review - Converting Videos Has Never Been Easier
    dmMediaConverter is described by its developer as an FFmpeg frontend (GUI), but regular users only need to know that it's an application that allows them to quickly convert files from one format to another, in a simple and intuitive way. It's not the best looking out there, but it gets the job done.
  • Goggles Music Manager 1.0.7 Adds Support for Ratings and Tags to Filters, More
    On July 30, the developers of the Goggles Music Manager software, an open-source music collection manager and player that supports some of the most popular audio file formats, announced the release of version 1.0.7.
  • Semi-Official Google Drive Support For Linux Arrives, What's Next?
    Three years ago, when a user would attempt to download the Google Drive Sync Client, Google would bring them to the appropriate download page, which of course, is based off of the operating system that user is running on. If a user would attempt to download the Google Drive Sync Client while running on Linux, they’d land on a page where the message reads: “Not (yet) supported for Linux.” So, what’s the deal with Google not developing a sync client for Linux users, seeing as to how they build a lot of their things using Linux? There’s one simple answer to that, unfortunately. Windows is mainstream, so a lot of their focus is put on what a majority of people use. The bigger the market, the more money in their pockets, of course. But don’t fear, change is near!

today's howtos