Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 1 week 3 days ago

Important Etherpad release

Monday 9th of April 2018 04:05:33 PM
Several security vulnerabilities were found in Etherpad and version 1.6.4 has been released with fixes. The vulnerabilities include arbitrary code execution and information disclosure. Site admins are urged to update Etherpad to 1.6.4 as soon as possible.

Security updates for Monday

Monday 9th of April 2018 03:48:50 PM
Security updates have been issued by Arch Linux (openssl and zziplib), Debian (ldap-account-manager, ming, python-crypto, sam2p, sdl-image1.2, and squirrelmail), Fedora (bchunk, koji, libidn, librelp, nodejs, and php), Gentoo (curl, dhcp, libvirt, mailx, poppler, qemu, and spice-vdagent), Mageia (389-ds-base, aubio, cfitsio, libvncserver, nmap, and ntp), openSUSE (GraphicsMagick, ImageMagick, spice-gtk, and wireshark), Oracle (kubernetes), Slackware (patch), and SUSE (apache2 and openssl).

[$] Accelerating networking with AF_XDP

Monday 9th of April 2018 01:21:31 PM
The Linux network stack does not lack for features; it also performs well enough for most uses. At the highest network speeds, though, any overhead at all is too much; that has driven the most demanding users toward specialized, user-space networking implementations that can outperform the kernel for highly constrained tasks. The express data path (XDP) development effort is an attempt win those users back, with some apparent success so far. With the posting of the AF_XDP patch set by Björn Töpel, another piece of the XDP puzzle is coming into focus.

A big pile of weekend stable kernel updates

Sunday 8th of April 2018 03:58:01 PM
The 4.16.1, 4.15.16, 4.14.33, 4.9.93, 4.4.127, and 3.18.103 stable kernels have all been released; each contains a fairly long list of important fixes.

[$] Kernel lockdown locked out — for now

Friday 6th of April 2018 04:40:43 PM
As the 4.17 merge window opened, it seemed possible that the kernel lockdown patch set could be merged at last. That was before the linux-kernel mailing list got its hands on the issue. What resulted was not one of the kernel community's finest moments. But it did result in a couple of evident conclusions: kernel lockdown will almost certainly not be merged for 4.17, but something that looks very much like it is highly likely to be accepted in a subsequent merge window.

Security updates for Friday

Friday 6th of April 2018 02:42:37 PM
Security updates have been issued by Debian (sharutils), Fedora (firefox, httpd, and mod_http2), openSUSE (docker-distribution, graphite2, libidn, and postgresql94), Oracle (libvorbis and thunderbird), Red Hat (libvorbis, python-paramiko, and thunderbird), Scientific Linux (libvorbis and thunderbird), SUSE (apache2), and Ubuntu (firefox, linux-lts-xenial, linux-aws, and ruby1.9.1, ruby2.0, ruby2.3).

[$] The first half of the 4.17 merge window

Thursday 5th of April 2018 04:21:37 PM
As of this writing, 5,392 non-merge changesets have been pulled into the mainline repository for the 4.17 release. The 4.17 merge window is thus off to a good start, but it is far from complete. The changes pulled thus far cover a wide part of the core kernel as well as the networking, driver, and filesystem subsystems.

Security updates for Thursday

Thursday 5th of April 2018 01:47:52 PM
Security updates have been issued by Arch Linux (drupal), Debian (openjdk-7), Fedora (exempi, gd, and tomcat), SUSE (python-paramiko), and Ubuntu (kernel, libvncserver, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-lts-trusty, and linux-raspi2).

[$] LWN.net Weekly Edition for April 5, 2018

Thursday 5th of April 2018 12:43:57 AM
The LWN.net Weekly Edition for April 5, 2018 is available.

[$] Fedora and Python 2

Wednesday 4th of April 2018 08:47:09 PM

It has been known for quite some time that Python 2 will reach its end of life in 2020—after being extended by five years from its original 2015 expiry. After that, there will be no support, bug fixes, or security patches for Python 2, at least from the Python Software Foundation and the core developers. Some distributions will need to continue to support the final Python 2 release, however, since their support windows extend past that date; the enterprise and long-term support distributions will likely be supporting it well into the 2020s and possibly beyond. But even shorter-support-cycle distributions need to consider their plan for a sweeping change of this sort—in less than two years.

Security updates for Wednesday

Wednesday 4th of April 2018 03:20:38 PM
Security updates have been issued by Debian (apache2, ldap-account-manager, and openjdk-7), Fedora (libuv and nodejs), Gentoo (glibc and libxslt), Mageia (acpica-tools, openssl, and php), SUSE (clamav, coreutils, and libvirt), and Ubuntu (kernel, libraw, linux-hwe, linux-gcp, linux-oem, and python-crypto).

Free Nitrokey cryptographic cards for kernel developers

Wednesday 4th of April 2018 02:20:50 PM
The Linux Foundation and Nitrokey have announced a program whereby anybody who appears in the kernel's MAINTAINERS file or who has a kernel.org email address can obtain a free Nitrokey Start crypto card. The intent, of course, is that kernel developers will use these devices to safeguard their GnuPG keys and, as a result, improve the security of the kernel development process as a whole. "A digital smartcard token like Nitrokey Start contains a cryptographic chip that is capable of storing private keys and performing crypto operations directly on the token itself. Because the key contents never leave the device, the operating system of the computer into which the token is plugged in is not able to retrieve the private keys themselves, therefore significantly limiting the ways in which the keys can be leaked or stolen."

See this LWN article for a look at crypto cards.

[$] wait_var_event()

Tuesday 3rd of April 2018 09:19:38 PM
One of the trickiest aspects to concurrency in the kernel is waiting for a specific event to take place. There is a wide variety of possible events, including a process exiting, the last reference to a data structure going away, a device completing an operation, or a timeout occurring. Waiting is surprisingly hard to get right — race conditions abound to trap the unwary — so the kernel has accumulated a large set of wait_event_*() macros to make the task easier. An attempt to add a new one, though, has led to the generalization of specific types of waits for 4.17.

[$] Making institutional free software successful

Tuesday 3rd of April 2018 03:08:20 PM

Many large institutions, especially government agencies, would like to distribute their software—including the software of the vendors with whom they contract—as free software. They have a variety of reasons, ranging from the hope that opening the code will boost its use, all the way to a mature understanding of the importance of community, transparency, and freedom. There are special steps institutions can take to help ensure success, some stemming from best practices performed by many free-software projects and others specific to large organizations. At the 2018 LibrePlanet conference, Cecilia Donnelly laid out nine principles for the successful creation and maintenance of a software project under these circumstances.

Security updates for Tuesday

Tuesday 3rd of April 2018 02:45:19 PM
Security updates have been issued by Debian (beep and jruby), Fedora (libvncserver), and Ubuntu (openjdk-7 and openjdk-8).

Git v2.17.0 released

Tuesday 3rd of April 2018 02:31:38 PM
Version 2.17.0 of the Git source-code management system is out. It includes a long list of relatively minor tweaks. "Since Git 1.7.9, 'git merge' defaulted to --no-ff (i.e. even when the side branch being merged is a descendant of the current commit, create a merge commit instead of fast-forwarding) when merging a tag object. This was appropriate default for integrators who pull signed tags from their downstream contributors, but caused an unnecessary merges when used by downstream contributors who habitually 'catch up' their topic branches with tagged releases from the upstream. Update 'git merge' to default to --no-ff only when merging a tag object that does *not* sit at its usual place in refs/tags/ hierarchy, and allow fast-forwarding otherwise, to mitigate the problem."

GnuCash 3.0 released

Tuesday 3rd of April 2018 02:22:38 PM
The GnuCash 3.0 release is out. "The headline item for this release is that GnuCash now uses the Gtk+-3.0 Toolkit and the WebKit2Gtk API. This change was forced on us by some major Linux distributions dropping support for the WebKit1 API." This release also includes some new reports, a rewritten CSV importer, and more. LWN looked at GnuCash from a business-accounting point of view in August 2017.

OpenBSD 6.3 released

Monday 2nd of April 2018 08:11:43 PM
The OpenBSD 6.3 release is out. "The release was scheduled for April 15, but since all the components are ready ahead of schedule it is being released now." This release includes mitigation for the Meltdown vulnerability but not for Spectre on x86.

[$] Kernel lockdown in 4.17?

Monday 2nd of April 2018 07:23:09 PM
The UEFI secure boot mechanism is intended to protect the system against persistent malware threats — unpleasant bits of software attached to the operating system or bootloader that will survive a reboot. While Linux has supported secure boot for some time, proponents have long said that this support is incomplete in that it is still possible for the root user to corrupt the system in a number of ways. Patches that attempt to close this hole have been circulating for years, but they have been controversial at best. This story may finally come to a close, though, if Linus Torvalds accepts the "kernel lockdown" patch series during the 4.17 merge window.

Security updates for Monday

Monday 2nd of April 2018 03:25:15 PM
Security updates have been issued by Debian (dovecot, irssi, libevt, libvncserver, mercurial, mosquitto, openssl, python-django, remctl, rubygems, and zsh), Fedora (acpica-tools, dovecot, firefox, ImageMagick, mariadb, mosquitto, openssl, python-paramiko, rubygem-rmagick, and thunderbird), Mageia (flash-player-plugin and squirrelmail), Slackware (php), and Ubuntu (dovecot).

More in Tux Machines

Ubuntu Budgie 18.04 Beta 2, Replacement for gksu

  • The Unique Ubuntu Budgie 18.04 Beta 2
    It is the most unique among the Official Flavors in the 18.04. It's the only to bring Chromium browser, and it gives you the unique Budgie Desktop experiences. It is really a good place for everyone who wants new, distinct desktop experience with modern version of software and broad space to explore. And ultimately it is still available for 32 bit, which has been abandoned by Ubuntu original. We will wait until the planned release on April 26.
  • Welcome To The (Ubuntu) Bionic Age: Behind communitheme: interviewing Frederik
    My name is Frederik, I live in Germany and I am working as a java software developer in my daily job. I am using Ubuntu since 5 years and quickly started to report bugs and issues when they jumped into my face. Apart from that, I like good music, and beautiful software. I also make my own music in my free time.
  • gksu Removed From Ubuntu, Here's The Recommended Replacement
    gksu is used to allow elevating your permissions when running graphical applications, for example in case you want to run a graphical text editor as root to edit a system file, or to be able to remove or add a file to a system folder.
  •  

Devices: Aaeon, Tizen and Android

OSS Leftovers

  • Open source crucial to Orange as it prepares for ONAP deployment
    Orange has long played a key part in the testing and adoption of ONAP, dating back to when its ECOMP predecessor was created by AT&T as a platform for managing a software-defined network. The move to open source and its development as the ONAP project has made the platform a key component of the new telco open networking movement. But why should other telcos look to ONAP as they embark on their network transformation strategies, and how does it help enable the automated network that will lead to new business opportunities?
  • Lessons from OpenStack Telemetry: Deflation
    At some point, the rules relaxed on new projects addition with the Big Tent initiative, allowing us to rename ourselves to the OpenStack Telemetry team and splitting Ceilometer into several subprojects: Aodh (alarm evaluation functionality) and Panko (events storage). Gnocchi was able to join the OpenStack Telemetry party for its first anniversary.
  • Dev-tools in 2018
    This is a bit late (how is it the middle of April already?!), but the dev-tools team has lots of exciting plans for 2018 and I want to talk about them! [...] We're creating two new teams - Rustdoc, and IDEs and editors - and going to work more closely with the Cargo team. We're also spinning up a bunch of working groups. These are more focused, less formal teams, they are dedicated to a single tool or task, rather than to strategy and decision making. Primarily they are a way to let people working on a tool work more effectively. The dev-tools team will continue to coordinate work and keep track of the big picture.
  • Nonny de la Peña & the Power of Immersive Storytelling
    This week, we’re highlighting VR’s groundbreaking potential to take audiences inside stories with a four part video series. There aren’t many examples of creators doing that more effectively and powerfully than Nonny de la Peña. Nonny de la Peña is a former correspondent for Newsweek, the New York Times and other major outlets. For more than a decade now, de la Peña has been focused on merging her passion for documentary filmmaking with a deep-seeded expertise in VR. She essentially invented the field of “immersive journalism” through her company, Emblematic Group.
  • Collabora Online 3.2 Brings More Powerful Features to LibreOffice in the Cloud
    Michael Meeks of the Collabora Productivity has the pleasure of informing Softpedia today on the availability of Collabora Online 3.2, the second point release of the Collabora Online 3 series that promises yet another layer of new features and improvements to the enterprise-ready, cloud-based office suite. Based on the LibreOffice 6.1 open-source office suite, Collabora Online 3.2 introduces support for creating and inserting charts into Writer and Impress documents, and the ability to validate data in Calc, which might come in handy for engineers who want to do a final assembly inspection on their tablets, as well as to collaborate with their colleagues to ensure all tests are passed by a complete product.
  • Oracle demands dev tear down iOS app that has 'JavaScript' in its name
    Oracle, claims developer Zhongmin Steven Guo, has demanded that Apple remove an app he created because it contains the trademarked term "JavaScript." The app in question, published by Guo's Tyanya Software LLC – which appears to be more a liability shield than a thriving software business – is titled "HTML5, CSS, JavaScript, HTML, Snippet Editor." The name, Guo explains in a Hacker News comment, was chosen in an effort to "game the App Store ranking by adding all the keywords to the app name."
  • FoundationDB is Open Source
    Starting today, FoundationDB starts its next chapter as an open source project! FoundationDB is a distributed datastore, designed from the ground up to be deployed on clusters of commodity hardware. These clusters scale well as you add machines, automatically heal from hardware failures, and have a simple API. The key-value store supports fully global, cross-row ACID transactions. That's the highest level of data consistency possible. What does this mean for you? Strong consistency makes your application code simpler, your data models more efficient, and your failure modes less surprising. The great thing is that FoundationDB is already well-established — it's actively developed and has years of production use. We intend to drive FoundationDB forward as a community project and we welcome your participation.
  • Apple Open Sources FoundationDB, Releases Code On GitHub
    Back in 2015, Apple bought FoundationDB, a NoSQL database company. It created a distributed database of the same name designed to deal with large masses of structured data across clusters of servers. In a recent development, Apple has shared the FoundationDB core and turned it into an open source project.
  • Microsoft offers limited-time 30 percent discount on SQL Server on Linux [Ed: Microsoft is googlebombing Linux again and as I predicted it would be done only to help Microsoft sell malicious proprietary software. Mary Jo Foley is like Microsoft marketing at CBS. In this case she promotes proprietary software. She also says "SQL Server on Linux" (no such thing exists, it's an illusion).]
  • Friday Free Software Directory IRC meetup time: April 20th starting at 12:00 p.m. EDT/16:00 UTC
    Help improve the Free Software Directory by adding new entries and updating existing ones. Every Friday we meet on IRC in the #fsf channel on irc.freenode.org. Tens of thousands of people visit directory.fsf.org each month to discover free software. Each entry in the Directory contains a wealth of useful information, from basic category and descriptions, to providing detailed info about version control, IRC channels, documentation, and licensing info that has been carefully checked by FSF staff and trained volunteers.
  • Researchers deliver open-source simulator for cyber physical systems
    Cyber physical systems (CPS) are attracting more attention than ever thanks to the rapid development of the Internet of Things (IoT) and its combination with artificial intelligence (AI), machine learning and the cloud. These interacting networks of physical and computational components will provide the foundation of critical infrastructure, form the basis of ‘smart’ services, and improve the quality of life in areas ranging from energy and environment to transportation and healthcare. CPS technologies are already transforming the way people interact with engineered systems in the ‘real’ or ‘physical’ world, just as the internet has transformed the way people interact with information. Yet, due to their complexity, the developers of CPS face a major problem: the lack of simulation tools and models for their design and analysis.
  • Creators face an evolving challenge protecting IP
    The GNU General Public License, under which the operating system Linux and much open-source software is shared, is another example of copyleft. Open-source software, where programs are worked on together by loosely connected developer communities rather than traditional software houses, show one way IP can be shared without stifling innovation. Linux, the mobile operating system Android and the database system MySQL have all achieved widespread adoption, and are continually innovating despite, or perhaps because of, being open source.
  • Emerging Tech Speaker Series Talk with Rian Wanstreet
    This is an opportunity for the open source community, as alternative technologies and platforms are being developed which provide farmers the ability to farm outside of walled gardens. From open source seed initiatives, to open farm technologies, to data platform cooperatives, there is a small, but growing, collaborative movement that recognizes that farmers are at a critical moment: they can help to establish tools that advance freedom, or accept machines that foster dependencies.
  • Williamson Schools to develop open source social studies curriculum
    The open source science curriculum saved the district about $3.3 million. An open source social studies curriculum may post similar savings, with estimates at about $3.5-4 million, Gaddis said.
  • Large Open-Source Data Set Released to Help Train Algorithms Spot Malware
    For the first time, a large dataset has been released by a security firm to help AI research and training of machine learning models that statically detect malware. The data set released by cybersecurity firm Endgame is called EMBER is a collection of more than a million representations of benign and malicious Windows-portable executable files. Hyrum Anderson, Endgame's technical director of data science who worked on EMBER, says: "This dataset fills a void in the information security machine learning community: a benign/malicious dataset that is large, open and general enough to cover several interesting use cases. ... [We] hope that the dataset, code and baseline model provided by EMBER will help invigorate machine learning research for malware detection, in much the same way that benchmark datasets have advanced computer vision research."

Android Leftovers