Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 4 hours 26 min ago

Garrett: Reducing power consumption on Haswell and Broadwell systems

Monday 27th of April 2015 08:44:15 PM
Matthew Garrett looked into why Linux systems consume too much power on recent Intel chipsets and wrote up his results — a reduction of idle power use on his laptop from 8.5W to 5W. "This trend is likely to continue. As systems become more integrated we're going to have to pay more attention to the interdependencies in order to obtain the best possible power consumption, and that means that distribution vendors are going to have to spend some time figuring out what these dependencies are and what the appropriate default policy is for their users."

Security advisories for Monday

Monday 27th of April 2015 05:18:43 PM

Arch Linux has updated curl (multiple vulnerabilities) and wpa_supplicant (code execution).

Debian has updated chromium-browser (multiple vulnerabilities), kernel (multiple vulnerabilities), libreoffice (code execution), openjdk-6 (multiple vulnerabilities), openjdk-7 (multiple vulnerabilities), and wpa (code execution).

Fedora has updated cherokee (F21; F20: authentication bypass), chrony (F20: multiple vulnerabilities), php (F20: multiple vulnerabilities), qt5-qtbase (F21; F20: multiple vulnerabilities), resteasy (F20: XML eXternal Entity (XXE) attacks), spatialite-tools (F20: multiple vulnerabilities), sqlite (F20: multiple vulnerabilities), wesnoth (F21; F20: information leak), wpa_supplicant (F21: code execution), and zarafa (F21; F20: denial of service).

Mageia has updated php (three vulnerabilities) and wordpress (multiple vulnerabilities).

Mandriva has updated asterisk (MBS1.0: SSL server spoofing), glusterfs (MBS2.0: denial of service), librsync (MBS1.0: file checksum collision), perl-Module-Signature (MBS1.0: multiple vulnerabilities), php (MBS1.0, MBS2.0: multiple vulnerabilities), qemu (MBS1.0, MBS2.0: denial of service), setup (MBS2.0: information disclosure), and tor (MBS1.0: denial of service).

openSUSE has updated java-1_7_0-openjdk (13.2: multiple vulnerabilities), java-1_8_0-openjdk (13.2: multiple vulnerabilities), and ntp (13.2, 13.1: two vulnerabilities).

Ubuntu has updated autofs (14.10: privilege escalation), libreoffice (14.10, 14.04, 12.04: two vulnerabilities), and tcpdump (14.10, 14.04, 12.04: multiple vulnerabilities).

Kernel prepatch 4.1-rc1

Monday 27th of April 2015 01:36:21 AM
The 4.1-rc1 prepatch is out. Linus says: "No earth-shattering new features come to mind, even if initial support for ACPI on arm64 looks funny. Depending on what you care about, your notion of 'big new feature' may differ from mine, of course. There's a lot of work all over, and some of it might just make a big difference to your use cases." What he doesn't mention is that, in the end, kdbus was not merged for this development cycle.

Debian 8 "Jessie" released

Sunday 26th of April 2015 03:42:49 AM
Debian 8, codenamed "Jessie", has been released. It comes with a wide array of upgraded packages including GNOME 3.14, KDE Plasma Workspaces and KDE Applications 4.11.13, Python 2.7.9 and 3.4.2, Perl 5.20.2, PHP 5.6.7, PostgreSQL 9.4.1, MariaDB 10.0.16 and MySQL 5.5.42, Linux 3.16.7-ctk9, and lots more. "With this broad selection of packages and its traditional wide architecture support, Debian once again stays true to its goal of being the universal operating system. It is suitable for many different use cases: from desktop systems to netbooks; from development servers to cluster systems; and for database, web, or storage servers. At the same time, additional quality assurance efforts like automatic installation and upgrade tests for all packages in Debian's archive ensure that "Jessie" fulfills the high expectations that users have of a stable Debian release."

Rust Once, Run Everywhere

Friday 24th of April 2015 07:24:39 PM

The Rust blog has posted a guide to using Rust's foreign function interface (FFI) with C code. Highlighted in particular are Rust's safe abstractions, which are said to impose no costs. "Most features in Rust tie into its core concept of ownership, and the FFI is no exception. When binding a C library in Rust you not only have the benefit of zero overhead, but you are also able to make it safer than C can! Bindings can leverage the ownership and borrowing principles in Rust to codify comments typically found in a C header about how its API should be used."

More in Tux Machines

Simplicity Linux Makes Good on Its Easy-Peasy Promise

The latest edition of Simplicity Linux, version 15.4, recently became available for download. Simplicity Linux delivers just what its name suggests: It is a simpler way to run a fully powered Linux desktop on any computer you touch. Read more

Today in Techrights

You can now build an open source browser based on Chrome for Android code

If you were itching to build an open source browser for Android, you can now do it using a practically all the code from Chrome for Android. As Venture Beat spotted, Google has uploaded the bulk of the remaining code into the open source Chromium repository. The open-source browser shares a lot of the same code as Google Chrome and often serves as the proving ground for new and experimental services. Read more

FUSE Exploit Closed in All Ubuntu OSes

Canonical has published details about a FUSE vulnerability in its Ubuntu 15.04, Ubuntu 14.10, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS operating systems. This is not a major issue, but that's not a reason not to upgrade. Read more