Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 20 min 13 sec ago

[$] PHP and P++

Thursday 15th of August 2019 02:03:33 PM
PHP is the Fortran of the world-wide web: it demonstrated the power of code embedded in web pages, but has since been superseded in many developers' minds by more contemporary technologies. Even so, as with Fortran, there is far more PHP code out there than one might think, and PHP is still chosen for new projects. There is a certain amount of tension in the PHP development community between the need to maintain compatibility for large amounts of ancient code and the need to evolve the language to keep it relevant for current developers. That tension has now come into the open with a proposal to split PHP into two languages.

Security updates for Thursday

Thursday 15th of August 2019 01:26:37 PM
Security updates have been issued by openSUSE (irssi, ledger, libheimdal, libmediainfo, libqb, and libsass) and Slackware (mozilla).

[$] LWN.net Weekly Edition for August 15, 2019

Thursday 15th of August 2019 12:51:42 AM
The LWN.net Weekly Edition for August 15, 2019 is available.

[$] Hardening the "file" utility for Debian

Wednesday 14th of August 2019 06:47:49 PM
The file command would seem to be an ideal candidate for sandboxing; it routinely handles untrusted input. But an effort to add seccomp() filtering to file for Debian has run aground. The upstream file project has added support for sandboxing via seccomp() but it does not play well with other parts of the Debian world, package building in particular. This situation provides further evidence that seccomp() filtering is brittle and difficult to use.

EPEL 8.0 released

Wednesday 14th of August 2019 03:45:44 PM
EPEL 8.0 is out. "EPEL stands for Extra Packages for Enterprise Linux and is a subcommunity of the Fedora and CentOS projects aimed at bringing a subset of packages out of Fedora releases ready to be used and installed on various Red Hat Enterprise Linux (RHEL)." Beyond the update to RHEL (and CentOS) 8, this release features a new faster-moving "playground" package stream and support for the s390 architecture.

Kroah-Hartman: Patch Workflow With Mutt - 2019

Wednesday 14th of August 2019 03:21:18 PM
For those interested in the details of how one kernel developer works: Greg Kroah-Hartman has documented his email workflow in great detail. "The ability to edit a single message directly within my email client is essential. I end up having to fix up changelog text, editing the subject line to be correct, fixing the mail headers to not do foolish things with text formats, and in some cases, editing the patch itself for when it is corrupted or needs to be fixed (I want a Linkedin skill badge for 'can edit diff files by hand and have them still work')"

Security updates for Wednesday

Wednesday 14th of August 2019 02:53:55 PM
Security updates have been issued by Debian (kernel, linux-4.9, otrs2, and tomcat8), Fedora (igraph and jhead), openSUSE (ansible, GraphicsMagick, kconfig, kdelibs4, live555, mumble, phpMyAdmin, proftpd, python-Django, and znc), Oracle (kernel and openssl), Red Hat (kernel, openssl, and rh-mysql80-mysql), Scientific Linux (kernel and openssl), Slackware (kernel), SUSE (containerd, docker, docker-runc, golang-github-docker-libnetwork and mariadb-100), and Ubuntu (linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-aws, linux-aws-hwe, linux-lts-xenial, linux-aws, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon, linux-snapdragon, php5, php7.0, php7.2, and wpa).

[$] Corner cases and exception types

Tuesday 13th of August 2019 09:13:05 PM
Some unanticipated corner cases with Python's new "walrus" operator—described in our Python 3.8 overview—have cropped up recently. The problematic uses of the operator will be turned into errors before the final release, but just what exception should be raised came into question. It seems that the exception specified in the PEP for the operator may not really be the best choice, as a recent discussion hashed out.

[$] Long-term get_user_pages() and truncate(): solved at last?

Tuesday 13th of August 2019 06:53:58 PM
Technologies like RDMA benefit from the ability to map file-backed pages into memory. This benefit extends to persistent-memory devices, where the backing store for the file can be mapped directly without the need to go through the kernel's page cache. There is a fundamental conflict, though, between mapping a file's backing store directly and letting the filesystem code modify that file's on-disk layout, especially when the mapping is held in place for a long time (as RDMA is wont to do). The problem seems intractable, but there may yet be a solution in the form of this patch set (marked "V1,000,002") from Ira Weiny.

Security updates for Tuesday

Tuesday 13th of August 2019 02:32:18 PM
Security updates have been issued by Arch Linux (chromium, postgresql, and postgresql-libs), Debian (atril, chromium, evince, ghostscript, jackson-databind, kernel, and php5), Fedora (kf5-kconfig, mingw-sqlite, pam-u2f, and poppler), Mageia (kernel), openSUSE (aubio, chromium, kconfig, kdelibs4, nodejs10, osc, and zstd), Red Hat (ghostscript), and Ubuntu (ghostscript and MariaDB).

Xfce 4.14 released

Monday 12th of August 2019 05:05:13 PM
The Xfce desktop 4.14 is out. "In this 4.14 cycle the main goal was to port all core components to Gtk3 (over Gtk2) and GDBus (over D-Bus GLib). Most components also received GObject Introspection support. Along the way we ended up polishing our user experience, introducing quite a few new features and improvements."

LXD 3.16 released

Monday 12th of August 2019 04:15:31 PM
Version 3.16 of the LXD system container manager has been released. "This release includes a number of new features, configuration options and improvements to the command line tool. Behind the scenes, a lot of work has gone into reworking the infrastructure used for container devices with the nic, infiniband and proxy devices having switched over to the new logic. This should result in much cleaner code that is easier to debug, better tests and more thorough error handling and configuration validation."

GNU Radio 3.8.0.0 released

Monday 12th of August 2019 03:54:15 PM
GNU Radio is an extensive framework for software-defined radio development. The 3.8.0.0 release is finally available. "It's the first minor release version since more than six years, not without pride this community stands to face the brightest future SDR on general purpose hardware ever had."

Two stable kernels

Monday 12th of August 2019 02:35:59 PM
Stable kernels 4.9.189 and 4.4.189 have been released. They both contain important fixes and users should upgrade.

Security updates for Monday

Monday 12th of August 2019 02:31:31 PM
Security updates have been issued by Debian (fusiondirectory, gosa, kconfig, kernel, pango1.0, and python-django), Fedora (aubio, icedtea-web, java-1.8.0-openjdk, kernel, kernel-headers, kernel-tools, libslirp, openqa, os-autoinst, and upx), Gentoo (JasPer, libvncserver, and redis), Mageia (cyrus-imapd and php), Oracle (kernel), Red Hat (chromium-browser, cockpit-ovirt, Red Hat Virtualization, and rhvm-appliance), SUSE (ImageMagick, libvirt, python, and wireshark), and Ubuntu (poppler).

Kernel prepatch 5.3-rc4

Monday 12th of August 2019 01:34:29 PM
The 5.3-rc4 kernel prepatch has been released for testing. "I mentioned last week that rc3 was unusually small. Well, we fixed that."

Stable kernels 5.2.8, 4.19.66, and 4.14.138

Friday 9th of August 2019 05:58:42 PM
Greg Kroah-Hartman has announced the release of three new stable kernels: 5.2.8, 4.19.66, and 4.14.138. As usual, the kernels contain important fixes, so users should upgrade.

[$] Akaunting: a web-based accounting system

Friday 9th of August 2019 04:31:27 PM
One of these years, LWN will have a new accounting system based on free software. That transition has not yet happened, though, despite the expending of a fair amount of energy into researching alternatives. Your editor recently became aware of a system called Akaunting, so a look seemed worthwhile. This tool may have the features that some users want, but it seems clear that your editor's quest is not done yet.

A Kubernetes security assessment

Friday 9th of August 2019 04:12:23 PM
The Kubernetes community has posted the extensive results [PDF] of a security assessment performed earlier this year. "Overall, Kubernetes is a large system with significant operational complexity. The assessment team found configuration and deployment of Kubernetes to be non-trivial, with certain components having confusing default settings, missing operational controls, and implicitly defined security controls. Also, the state of the Kubernetes codebase has significant room for improvement. The codebase is large and complex, with large sections of code containing minimal documentation and numerous dependencies, including systems external to Kubernetes. There are many cases of logic re-implementation within the codebase which could be centralized into supporting libraries to reduce complexity, facilitate easier patching, and reduce the burden of documentation across disparate areas of the codebase."

Security updates for Friday

Friday 9th of August 2019 01:47:46 PM
Security updates have been issued by Debian (postgresql-11, postgresql-9.4, and postgresql-9.6), Fedora (exiv2), openSUSE (python-Django and vlc), Oracle (kernel), Red Hat (qemu-kvm-rhev), SUSE (evince, nodejs10, python, and squid), and Ubuntu (postgresql-10, postgresql-11, postgresql-9.5).

More in Tux Machines