Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 3 hours 30 min ago

Weekend security updates

Sunday 2nd of April 2017 04:10:40 PM
Security updates have been issued by Debian (ejabberd, jhead, and samba), Fedora (chromium, drupal8, empathy, erlang, firefox, icoutils, kernel, knot-resolver, libICE, libupnp, libXdmcp, links, mbedtls, moodle, mupdf, ntp, openslp, R, rkward, rpy, sane-backends, sscg, tcpreplay, thunderbird, and webkitgtk4), Mageia (kernel, kernel-linus, and kernel-tmb), openSUSE (apache2, Chromium, kernel, and virglrenderer), Oracle (kernel), and Slackware (samba).

Announcing the PostgreSQL STIG

Friday 31st of March 2017 11:21:22 PM
Crunchy Data has announced the availability of a "security technical implementation guide" for the PostgreSQL database management system. "While the STIG was authored for the benefit of the U.S. Government, the DISA PostgreSQL STIG offers security-conscious enterprises a comprehensive guide for the configuration and operation of open source PostgreSQL. Enterprises can refer to the STIG as for guidance on PostgreSQL security best practices they consider open source PostgreSQL as an alternative to proprietary, closed source, database software."

Scientific Linux 5 End of Life

Friday 31st of March 2017 11:04:29 PM
The Scientific Linux project has announced that Scientific Linux 5 has reached its end of life. "After March 31 2017 Scientific Linux 5 will not receive further updates and the files will be archived. The existing files will be moved into http://ftp.scientificlinux.org/linux/scientific/obsolete/ for archival purposes after March 31 2017. This will break existing yum repos and kickstarts using the official distribution servers."

[$] Extending statx()

Friday 31st of March 2017 09:32:36 PM

When Andreas Dilger proposed the statx() topic for the 2017 Linux Storage, Filesystem, and Memory-Management Summit, the system call had still not been merged. But that all changed in the 4.11 development cycle when Al Viro merged the system call to provide additional file information. So, unlike previous years, the discussion was not about how to merge such a system call but, instead, how to extend statx() for additional file information.

New stable kernels released

Friday 31st of March 2017 03:08:43 PM
The 4.10.8, 4.9.20, and 4.4.59 stable kernels have been released. Users of those kernel series should upgrade.

[Update: It appears that the urgency for getting these stable kernels out comes from a fix for CVE-2017-7184, which is a local privilege-escalation vulnerability.]

Security updates for Friday

Friday 31st of March 2017 02:53:05 PM
Security updates have been issued by Arch Linux (chromium), Debian (tiff3), Fedora (erlang), Mageia (deluge and mariadb), openSUSE (GraphicsMagick, pidgin, and wget), Red Hat (chromium-browser), and Ubuntu (firefox and samba).

OpenShot 2.3 released

Friday 31st of March 2017 01:53:26 PM
Version 2.3 of the OpenShot video editor has been released. "This is one of the biggest updates ever to OpenShot, and is filled with new features, performance improvements, and tons of bug fixes". This release adds a new transform tool, better zooming, better title editing, and more; the razor tool has also made a comeback.

LibrePlanet session videos released

Thursday 30th of March 2017 10:50:26 PM
Videos from the LibrePlanet 2017 keynotes and sessions are becoming available at media.libreplanet.org; many are already posted and others will be filled in over the next few days. "LibrePlanet 2017 closed Sunday, March 26th with a keynote by Sumana Harihareswara, bringing to an end two days of presentations, workshops, hacking, conversations, and fun. More than 400 people interested in free software joined the Free Software Foundation (FSF) and MIT's Student Information Processing Board (SIPB) in Cambridge, MA for the 9th annual LibrePlanet." LWN was there for the conference, so you can expect more coverage coming soon (our first article on Conor Schaefer's SecureDrop talk appeared in the March 30 weekly edition).

Stable kernels 4.10.7, 4.9.19, and 4.4.58

Thursday 30th of March 2017 03:28:51 PM
Greg Kroah-Hartman has announced the release of the 4.10.7, 4.9.19, and 4.4.58 stable kernels. They contain fixes throughout the tree and users of those series should upgrade. The next round of stable kernels is also in the review process at this point and those kernels can be expected on April 1.

Security updates for Thursday

Thursday 30th of March 2017 02:18:55 PM
Security updates have been issued by Debian (firebird2.5), openSUSE (gstreamer-0_10-plugins-good and php5), Oracle (curl), SUSE (kernel and samba), and Ubuntu (kernel, linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon, linux, linux-raspi2, linux, linux-ti-omap4, linux-hwe, linux-lts-trusty, linux-lts-xenial, and oxide-qt).

[$] LWN.net Weekly Edition for March 30, 2017

Thursday 30th of March 2017 02:00:19 AM
The LWN.net Weekly Edition for March 30, 2017 is available.

[$] Overlayfs features

Wednesday 29th of March 2017 05:24:41 PM
The overlayfs filesystem is being used more and more these days, especially in conjunction with containers. Amir Goldstein and Miklos Szeredi led a discussion about recent and upcoming features for the filesystem at LSFMM 2017.

[$] Memory-management patch review

Wednesday 29th of March 2017 03:21:04 PM
Memory-management (MM) patches are notoriously difficult to get merged into the mainline kernel. They are subjected to a high degree of review because this is an area where it is easy to get things wrong. Or, at least, that is how it used to be. The final memory-management session at the 2017 Linux Storage, Filesystem, and Memory-Management Summit was concerned with patch review in the MM subsystem — or the lack of it.

Security updates for Wednesday

Wednesday 29th of March 2017 03:10:47 PM
Security updates have been issued by CentOS (icoutils and openjpeg), Debian (eject, graphicsmagick, libytnef, and tnef), Fedora (drupal8, firefox, kernel, ntp, qbittorrent, texlive, and webkitgtk4), Oracle (bash, coreutils, glibc, gnutls, kernel, libguestfs, ocaml, openssh, qemu-kvm, quagga, samba, samba4, tigervnc, and wireshark), Red Hat (curl), Slackware (mariadb), SUSE (samba), and Ubuntu (apparmor).

GCC for new contributors

Wednesday 29th of March 2017 01:38:42 PM
David Malcolm has put together the beginnings of an unofficial guide to GCC for developers who are getting started with the compiler. "I’m a relative newcomer to GCC, so I thought it was worth documenting some of the hurdles I ran into when I started working on GCC, to try to make it easier for others to start hacking on GCC. Hence this guide."

[$] The next steps for userfaultfd()

Wednesday 29th of March 2017 01:24:09 PM
The userfaultfd() system call allows user space to intervene in the handling of page faults. As Andrea Arcangeli and Mike Rapaport described in a 2017 Linux Storage, Filesystem, and Memory-Management Summit session dedicated to the subject, userfaultfd() was originally created to help with the live migration of virtual machines between physical hosts. It allows pages to be copied to the new host on demand, after the machine itself has been moved, leading to faster, more predictable migrations. Work on userfaultfd() is not finished, though; there are a number of other features that developers would like to add.

[$] Supporting shared TLB contexts

Tuesday 28th of March 2017 07:57:14 PM
A processor's translation lookaside buffer (TLB) caches the mappings from virtual to physical addresses. Looking up virtual addresses is expensive, so good performance often depends on making the best use of the TLB. In the memory-management track of the 2017 Linux Storage, Filesystem, and Memory-Management Summit, Mike Kravetz described a SPARC processor feature that can improve TLB performance and explored ways in which that feature could be supported.

Kubernetes 1.6 released

Tuesday 28th of March 2017 07:53:42 PM
Version 1.6 of the Kubernetes orchestration system is available. "In this release the community’s focus is on scale and automation, to help you deploy multiple workloads to multiple users on a cluster. We are announcing that 5,000 node clusters are supported. We moved dynamic storage provisioning to stable. Role-based access control (RBAC), kubefed, kubeadm, and several scheduling features are moving to beta. We have also added intelligent defaults throughout to enable greater automation out of the box."

Google's new open-source site

Tuesday 28th of March 2017 06:17:37 PM
Google has announced the launch of opensource.google.com. "Today, we’re launching opensource.google.com, a new website for Google Open Source that ties together all of our initiatives with information on how we use, release, and support open source. This new site showcases the breadth and depth of our love for open source. It will contain the expected things: our programs, organizations we support, and a comprehensive list of open source projects we've released. But it also contains something unexpected: a look under the hood at how we "do" open source."

[$] Huge pages in the ext4 filesystem

Tuesday 28th of March 2017 03:38:48 PM
When the transparent huge page feature was added to the kernel, it only supported anonymous (non-file-backed) memory. In 2016, support for huge pages in the page cache was added, but only the tmpfs filesystem was supported. There is interest in expanding support to other filesystems, since, for some workloads, the performance improvement can be significant. Kirill Shutemov led the only session that combined just the filesystem and memory-management tracks at the 2017 Linux Storage, Filesystem, and Memory-Management Summit in a discussion of adding huge-page support to the ext4 filesystem.

More in Tux Machines

Dark times for OmniOS – an Oracle-free open-source Solaris project

Development of OmniOS – an Oracle-free open-source variant of Solaris – is being killed after five years of work. Active development of OmniOS by OmniTI is being suspended, we're told, with its current beta being the final release. OmniOS is a distribution of Illumos, which is derived from OpenSolaris, Sun's open-source flavor of Solaris. Read more

Ubuntu Phone security updates end in June, app store closing

When Mark Shuttleworth, founder of Canonical (the company behind the Ubuntu Linux distribution), announced his company would not only be abandoning their custom desktop environment (Unity), but also halting development on their phone/tablet operating system, many questions were left unanswered. One of those questions: What happens to the existing phones and tablets running Ubuntu Touch that have already been sold? Read more

today's leftovers

  • OpenRA C&C Reimplementation Gets New Stable Release, Here Is What's New
    Oliver Brakmann from the OpenRA project, an open-source and cross-platform initiative to offer a reimplementation of the popular Command & Conquer games, announced the availability of a new stable release.
  • Pisi-Linux-2.0-Beta-KDE5
  • Arch-Based arkOS Linux Being Discontinued
    arkOS, the Arch-based Linux distribution focused on "securely self-hosting your online life" with aims to make it easy to deploy servers for web-based services, is being discontinued. ArkOS since 2012 had been working to make it trivial to deploy your own Linux web server, your own personal cloud (ownCloud), and making it easy for other services to be deployed while being done so securely and easily. You probably haven't heard of arkOS making the news in a while and sadly now it's making news again, but only because it's being discontinued by its lead developer.
  • SUSE Hack Week 15
    Back in February the fifteenth SUSE Hack Week took place. As always this was a week of free hacking, to learn, to innovate, to collaborate, and to have a lot of fun. I didn't have the full time, so I worked on a couple of small things and a few projects I maintain. I did want to summarize that, so here you go.
  • How To Use SD Card As Internal Storage On Android | Adoptable Storage On Android
  • Anbox - Android in a Box
  • Your CEO’s Obliviousness about Open Source is Endangering Your Business [Ed: Jeff Luszcz says nothing about the risk of proprietary components with back doors etc. and instead 'pulls a Black Duck']
    But what caused these issues? Itis what happens when an open source component is integrated into a commercial software product and violates its open source license, or when it contains a vulnerability that was previously unknown. As technology evolves, open source security and compliance risk are reaching a critical apex that if not addressed, will threaten the entire software supply chain.
  • Mentor tips Azure IoT support and Linux-driven self-driving tech [Ed: Azure is a patent trap with back doors]
    Mentor announced Azure Certified for IoT compliance for Mentor Embedded Linux, and unveiled a Linux-based “DRS360” self-driving car platform.

Leftovers: Software

  • 3 signs your Kubernetes distro is built to last
    It's hard to turn around these days without bumping into a Kubernetes distribution. For example, Mirantis recently buffed its OpenStack distribution to use Kubernetes as an internal component and for container management. Major Linux server distributions include it now. For Kubernetes adopters, it's all good news. It means the most remarkable development in the container world since, well, containers themselves is enjoying strong uptake and acceptance.
  • Cockpit – An Easy Way to Administer Multiple Remote Linux Servers via a Web Browser
    Cockpit is a free and open source web-based system management tool where users can easily monitor and manage multiple remote Linux srvers. It is very thin and light weight utility & directly interacts with the operating system from a real Linux session and doesn’t require any difficult configuration so just install it, it is ready for use.
  • Some Useful Indicators: Ayatana, Clipboard-Autoedit, Diskstat, Files, Bulletin and Udisks
    Panel Indicators always comes in handy when you have to do some productive work on your desktop computer, to access quick functions of different applications these indicators saves you a lot of time, some indicator give you information you want to receive, it all depends on your needs. Today presenting you some useful indicators which may help you and makes your desktop experience much better. Following all the indicators are developed by just one guy and available through his PPA.
  • SRT Video Transport Protocol Open-Sourced
    In aiming to enhance online video streaming, the SRT video protocol has been open-sourced and an alliance forming around that for low-latency video. SRT is short for Secure Reliable Transport and is a low-latency video transport protocol developed by Haivision. The SRT protocol is being opened under the LGPL license.