Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 2 hours 39 min ago

Security updates for Monday

Monday 5th of August 2019 02:29:31 PM
Security updates have been issued by Debian (proftpd-dfsg and vim), Fedora (java-11-openjdk and matrix-synapse), Gentoo (binutils and libpng), Mageia (kernel), and SUSE (openexr and python-Django).

[$] vDSO, 32-bit time, and seccomp

Friday 2nd of August 2019 03:52:35 PM
The seccomp() mechanism is notoriously difficult to use. It also turns out to be easy to break unintentionally, as the development community discovered when a timekeeping change meant to address the year-2038 problem created a regression for seccomp() users in the 5.3 kernel. Work is underway to mitigate the problem for now, but seccomp() users on 32-bit systems are likely to have to change their configurations at some point.

Security updates for Friday

Friday 2nd of August 2019 02:12:57 PM
Security updates have been issued by Debian (firefox-esr and thunderbird), openSUSE (openexr and rmt-server), Oracle (bind, container-tools:rhel8, cyrus-imapd, dotnet, edk2, firefox, flatpak, freeradius:3.0, ghostscript, gvfs, httpd:2.4, java-1.8.0-openjdk, java-11-openjdk, kernel, mod_auth_mellon, pacemaker, pki-deps:10.6, python-jinja2, python27:2.7, python3, python36:3.6, systemd, thunderbird, vim, virt:rhel, WALinuxAgent, and wget), Slackware (mariadb), SUSE (java-1_8_0-openjdk, polkit, and python-Django1), and Ubuntu (Sigil and sox).

The GNU C Library version 2.30 is now available

Thursday 1st of August 2019 09:29:45 PM

Version 2.30 of the GNU C Library (glibc) has been released. New features include Unicode 12.1.0 support; wrappers for the getdents64(), gettid(), and tgkill() system calls on Linux; addition of a bunch of POSIX-proposed pthreads calls; protections for memory allocation functions so that they cannot cause ptrdiff_t overflows; and more, such as fixes for two security problems: CVE-2019-7309: x86-64 memcmp used signed Jcc instructions to check size. For x86-64, memcmp on an object size larger than SSIZE_MAX has undefined behavior. On x32, the size_t argument may be passed in the lower 32 bits of the 64-bit RDX register with non-zero upper 32 bits. When it happened with the sign bit of RDX register set, memcmp gave the wrong result since it treated the size argument as zero. Reported by H.J. Lu.

CVE-2019-9169: Attempted case-insensitive regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read. Reported by Hongxu Chen.

GNOME and KDE to co-host the Linux App Summit in November

Thursday 1st of August 2019 06:37:20 PM
The GNOME and KDE projects are teaming up to host the Linux App Summit (LAS) that will be held in Barcelona, November 12-15. "LAS is the first collaborative event co-hosted by the two organizations since the Desktop Summit in 2009. Both organizations are eager to bring their communities together in building an application ecosystem that transcends individual distros and broadens the market for everyone involved. KDE and GNOME will no longer be taking a passive role in the free desktop sector. With the joint influence of the two desktop projects, LAS will shepherd the growth of the FOSS desktop by encouraging the creation of quality applications, seeking opportunities for compensation for FOSS developers, and fostering a vibrant market for the Linux operating system." The CfP is open until August 31.

[$] An end to implicit fall-throughs in the kernel

Thursday 1st of August 2019 03:06:36 PM
The C switch statement has, since the beginning of the language, required the use of explicit break statements to prevent execution from falling through from one case to the next. This behavior can be a useful feature, allowing for more compact code, but it can also lead to bugs. The effort to rid the kernel of implicit fall-through coding patterns came to a conclusion with the 5.3-rc2 release, where the last cases were fixed. There is a good chance that these fixes will have to be redone in the future, though.

Security updates for Thursday

Thursday 1st of August 2019 01:18:00 PM
Security updates have been issued by CentOS (httpd, libssh2, and qemu-kvm), Debian (glib2.0, squirrelmail, subversion, and wpa), Fedora (proftpd), Oracle (icedtea-web), Red Hat (icedtea-web), Scientific Linux (icedtea-web), SUSE (icedtea-web, java-1_7_0-openjdk, subversion, and zypper, libzypp and libsolv), and Ubuntu (linux-hwe, openjdk-lts, pango1.0, python-django, and subversion).

[$] LWN.net Weekly Edition for August 1, 2019

Thursday 1st of August 2019 12:27:17 AM
The LWN.net Weekly Edition for August 1, 2019 is available.

[$] Python and public APIs

Wednesday 31st of July 2019 09:12:22 PM
In theory, the public API of a Python standard library module is fully specified as part of its documentation, but in practice it may not be quite so clear cut. There are other ways to specify the names in a module that are meant to be public, and there are naming conventions for things that should not be public (e.g. the name starts with an underscore), but there is no real consistency in how those are used throughout the standard library. A mid-July discussion on the python-dev mailing list considered the problem and some possible solutions; the main outcome seems to be interest in making the rules more explicit.

[$] KernelShark releases version 1.0

Wednesday 31st of July 2019 04:52:11 PM
It has been the better part of a decade since the last KernelShark article appeared here; in the interim, the kernel-tracing visualization tool has undergone some major changes. While the high-level appearance is largely similar, the underlying code has switched from GTK+ 2.0 to Qt 5. On July 26, maintainer Steven Rostedt announced the release of KernelShark version 1.0, which makes it a good time to take another peek.

[$] Bounded loops in BPF for the 5.3 kernel

Wednesday 31st of July 2019 04:39:31 PM
BPF programs have gained significantly in capabilities over the last few years and can now perform many useful operations. That said, BPF developers have had to work around an annoying limitation until recently: they could not use loops. This restriction was recently lifted by a patch set from Alexei Starovoitov that was merged for Linux 5.3. In addition to adding support for loops, it also greatly decreases the load time of most BPF programs.

Three stable kernels

Wednesday 31st of July 2019 03:13:04 PM
Stable kernels 5.2.5, 4.19.63, and 4.14.135 have been released. These updates are on the large side. The 4.14 kernel is largest with 4748 insertions and 3145 deletions. As usual, users should upgrade.

Security updates for Wednesday

Wednesday 31st of July 2019 02:59:04 PM
Security updates have been issued by CentOS (389-ds-base, curl, and kernel), Debian (libssh2), Fedora (kernel, kernel-headers, and oniguruma), openSUSE (chromium, openexr, thunderbird, and virtualbox), Oracle (389-ds-base, curl, httpd, kernel, and libssh2), Red Hat (nss and nspr and ruby:2.5), Scientific Linux (httpd and kernel), SUSE (java-1_8_0-openjdk, mariadb, mariadb-connector-c, polkit, and python-requests), and Ubuntu (openjdk-8, openldap, and sox).

Final call for proposals for the containers and checkpoint/restore microconference at LPC 2019

Tuesday 30th of July 2019 10:45:30 PM
This is the final call for proposals for the containers and checkpoint/restore microconference at the Linux Plumbers Conference; the deadline is Friday, August 2. LPC will take place September 9-11 in Lisbon, Portugal.

Final reminder: LPC 2019 Networking Track CFP

Tuesday 30th of July 2019 07:48:18 PM
This is the final call for proposals for the 3 day networking track at the Linux Plumbers Conference; the deadline is Friday, August 2. LPC will take place September 9-11 in Lisbon, Portugal. "Any kind of advanced networking-related topic will be considered."

Collabora: Moving the Linux desktop to another reality

Tuesday 30th of July 2019 07:43:27 PM
The Collabora blog announces some ongoing work to integrate Linux desktop environments with head-mounted displays. "In contrast to these approaches xrdesktop aims to integrate into existing Linux desktop environments, eliminating the necessity of running a dedicated compositor for only VR and thus making it usable in current setups. For our initial release, we focused on integration in the most popular Linux desktops, GNOME and KDE, but xrdesktop is designed to be integrated into any desktop. This can be done with Compiz-like plugins as for KWin or patches on the compositor in the case of GNOME Shell. This integration of xrdesktop into the window managers enables mirroring existing windows into XR and to synthesize desktop input through XR actions."

Blender 2.80 released

Tuesday 30th of July 2019 07:05:59 PM
Version 2.80 of the Blender 3D animation system has been released. "Blender 2.80 features a redesigned user interface that puts the focus on the artwork that you create. A new dark theme and modern icon set were introduced. Keyboard, mouse and tablet interaction got a refresh with left click select as the new default. Quick Favorites menus provide rapid access to often-used tools."

[$] Darling: macOS compatibility for Linux

Tuesday 30th of July 2019 04:54:56 PM
There is an increasingly active development effort, known as Darling, that is aiming to provide a translation layer for macOS software on Linux; it is inspired in part by Wine. While Darling isn't nearly as mature as Wine, contributors are continuing to build out capabilities that could make the project more useful to a wider group of users in the future.

Subscribers can read on for a look at Darling from this week's edition.

Security updates for Tuesday

Tuesday 30th of July 2019 02:38:37 PM
Security updates have been issued by Fedora (cutter-re and radare2), Oracle (389-ds-base, httpd, kernel, libssh2, and qemu-kvm), Red Hat (389-ds-base, chromium-browser, curl, docker, httpd, keepalived, kernel, kernel-alt, kernel-rt, libssh2, perl, podman, procps-ng, qemu-kvm, qemu-kvm-ma, ruby, samba, and vim), Scientific Linux (389-ds-base, curl, libssh2, and qemu-kvm), SUSE (bzip2 and openexr), and Ubuntu (python-urllib3 and tmpreaper).

NumPy 1.17.0 released

Monday 29th of July 2019 05:20:38 PM
The NumPy team has announced the release of NumPy 1.17.0. NumPy is a fundamental package for scientific computing with Python. "The 1.17.0 release contains a number of new features that should substantially improve its performance and usefulness. The Python versions supported are 3.5-3.7, note that Python 2.7 has been dropped."

More in Tux Machines

Android Leftovers

Intel SoC, Mesa Driver, and Quad Core Cortex-A35

  • Linux Begins Preparing For Intel's New "Lightning Mountain" SoC

    Linux kernel development activity has shown light on a new Intel SoC we haven't anything about to date... Lightning Mountain.  We haven't seen Intel Lightning Mountain referenced elsewhere yet but in our original monitoring of the various Linux kernel patch flow, this is a new Atom SoC on the way. 

  • ARB_gl_spirv and ARB_spirv_extension support for i965 landed Mesa master

    And something more visible thanks to that: now the Intel Mesa driver exposes OpenGL 4.6 support, the most recent version of OpenGL. As perhaps you could recall, the i965 Intel driver became 4.6 conformant last year. You have more details about that, and what being conformant means in this Iago blog post. On that blog post Iago mentioned that it was passing with an early version of the ARB_gl_spirv support, that we were improving and interating during this time so it could be included on Mesa master. At the same time, the CTS tests were only testing the specifics of the extensions, and we wanted a more detailed testing, so we also were adding more tests on the piglit test suite, written manually for ARB_gl_spirv or translated from existing GLSL tests.

  • Compulab CL-SOM-iMX8X SoM & SBC Feature NXP i.MX 8QuadXPlus Quad Core Cortex-A35 Processor

    NXP i.MX 8X Cortex-A35 processor designed for automotive infotainment and a variety of industrial applications was officially announced in early 2017...

Red Hat/Fedora: Flock’19 Budapest, Cockpit 201 and Systemd 243 RC2

  • Flock’19 Budapest

    This was the first occurrence of the conference for me to attend. Its an annual Fedora Community gathering, which happens in a new city of Europe every year. This time it was in Budapest, the capital of Hungary, last year it was hosted in Dresden. Dates for the same were: 8th Aug through 11th Aug 2019. Also I got an opportunity to present there on my proposal: “Getting Started with Fedora QA”. Day 1 Started with a Keynote by Mathew Miller (mattdm). In here he spoke about where we as a community are and where we need to go further. It was a knowledgeable discussion for a first timer like me who was always looking out for the Vision and Mission of Fedora community. There are people who are with Fedora since its first release and you get to meet them here at the annual gathering. [...] Groups were formed and people decided for themselves where they wanted to go for the evening hangout on the Day 1. We were 7 people who decided to hangout at the Atmosphere Klub near the V.Kerulet and left at around 9:00 pm by walk. Day 2 started with a keynote by Denise Dumas, Vice President, Operating System Platform, Red Hat. She spoke on “Fedora, Red Hat and IBM”. I woke up late, 20 minutes before the first session as I went to bed late last night and had walked for around 11 kms the day before.

  • Fedora 30 : Set up the Linux Malware Detect.
  • Cockpit 201

    It’s now again possible to stop a service, without disabling it. Reloading is now available only when the service allows it. Furthermore, disabling or masking a service removes any lingering “failed” state, reducing noise.

  • Systemd 243 RC2 Released

    Released nearly one month ago was the systemd 243 release candidate while the official update has yet to materialize. It looks though like it may be on the horizon with a second release candidate being posted today. Red Hat's Zbigniew Jędrzejewski-Szmek has just tagged systemd 243-RC2 as the newest test release for this new version of this de facto Linux init system. Over the past month have been new hardware database (HWDB) additions, various fixes, new network settings, resolvectl zsh shell completion support, bumping timedated to always run at the highest priority, and other changes.

Announcing Qt for MCUs

  • Announcing Qt for MCUs

    Today we announce the launch of Qt for MCUs – a comprehensive toolkit to deliver smartphone-like user experience on displays powered by microcontrollers. What started as a research project is now in the final leg of its journey to being released as a product. Connected devices found in vehicles, wearables, smart home, industrial and healthcare often have requirements that include real-time processing capabilities, low power consumption, instant boot time and low bill of materials. These requirements can be fulfilled by a microcontroller architecture. However, as devices get smarter and offer more features and capabilities, users expect an enhanced and intuitive experience on par with today’s smartphones. Qt for MCUs delivers an immersive and enriching user interface by utilizing a new runtime specifically developed for ARM Cortex-M microcontrollers and leveraging on-chip 2D graphics accelerators such as PxP on NXP’s i.MX RT series, Chrom-Art Accelerator on STM32 series and RGL on Renesas RH850.

  • Qt for MCUs – Qt Announces support for Microcontrollers

    About Qt for MCUs Qt- The well known opensource toolkit for creating graphical interface announced their new release: Qt for MCUs, targeting MCU’s.

  • The Qt Company Is Now Working On Qt For Microcontrollers

    There have been a lot of announcements pertaining to Qt as of late, most of which have been about forthcoming efforts around Qt 6 development. A new announcement out of The Qt Company catching us off-guard is their plans for the tool-kit on micro-controllers. Qt for MCUs is the company's newest commercial endeavour. In particular, they are working on the Qt tool-kit for displays powered by micro-controllers for smartphone-like user experiences. Qt for MCUs has been a research project at the company but is now being worked out as a new commercial offering. Considering how well though Qt works on mobile devices, it's only another step down catering it to low-power micro-controllers.