Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 3 hours 24 min ago

Security updates for (US) Thanksgiving Day

Thursday 23rd of November 2017 03:36:44 PM
Security updates have been issued by Arch Linux (jbig2dec), Debian (libspring-ldap-java, sam2p, and xorg-server), Fedora (postgresql), openSUSE (cacti, cacti-spine), and Ubuntu (ldns and libraw).

7 tools for analyzing performance in Linux with bcc/BPF (opensource.com)

Wednesday 22nd of November 2017 04:37:45 PM
Brendan Gregg introduces a set of BPF-based tracing tools on opensource.com. "Traditional analysis of filesystem performance focuses on block I/O statistics—what you commonly see printed by the iostat(1) tool and plotted by many performance-monitoring GUIs. Those statistics show how the disks are performing, but not really the filesystem. Often you care more about the filesystem's performance than the disks, since it's the filesystem that applications make requests to and wait for. And the performance of filesystems can be quite different from that of disks! Filesystems may serve reads entirely from memory cache and also populate that cache via a read-ahead algorithm and for write-back caching. xfsslower shows filesystem performance—what the applications directly experience."

Security updates for Wednesday

Wednesday 22nd of November 2017 03:04:31 PM
Security updates have been issued by Arch Linux (roundcubemail), Debian (optipng, samba, and vlc), Fedora (compat-openssl10, fedpkg, git, jbig2dec, ldns, memcached, openssl, perl-Net-Ping-External, python-copr, python-XStatic-jquery-ui, rpkg, thunderbird, and xen), SUSE (tomcat), and Ubuntu (db, db4.8, db5.3, linux, linux-raspi2, linux-aws, linux-azure, linux-gcp, and samba).

Five fresh kernels

Tuesday 21st of November 2017 04:37:15 PM
Stable kernels 4.14.1, 4.13.15, 4.9.64, 4.4.100, and 3.18.83 have been released. They all contain important fixes and users should upgrade.

Security updates for Tuesday

Tuesday 21st of November 2017 04:30:07 PM
Security updates have been issued by Debian (ldns and swauth), Fedora (kernel and postgresql), Mageia (botan, krb5, and sssd), and Ubuntu (apport, linux, linux-aws, linux-gke, linux-kvm, linux-raspi2, linux-snapdragon, linux, linux-raspi2, linux-hwe, linux-lts-xenial, procmail, and samba).

[$] Replacing x86 firmware with Linux and Go

Monday 20th of November 2017 07:07:18 PM

The Intel Management Engine (ME), which is a separate processor and operating system running outside of user control on most x86 systems, has long been of concern to users who are security and privacy conscious. Google and others have been working on ways to eliminate as much of that functionality as possible (while still being able to boot and run the system). Ronald Minnich from Google came to Prague to talk about those efforts at the 2017 Embedded Linux Conference Europe.

Security updates for Monday

Monday 20th of November 2017 04:40:29 PM
Security updates have been issued by Arch Linux (icu and lib32-icu), CentOS (firefox), Debian (imagemagick, konversation, libspring-ldap-java, libxml-libxml-perl, lynx-cur, ming, opensaml2, poppler, procmail, shibboleth-sp2, and xen), Fedora (firefox, java-9-openjdk, jbig2dec, kernel, knot, knot-resolver, qt5-qtwebengine, and roundcubemail), Gentoo (adobe-flash, couchdb, icedtea-bin, and phpunit), Mageia (apr, bluez, firefox, jq, konversation, libextractor, and quagga), Oracle (firefox), Red Hat (firefox), and Scientific Linux (firefox).

Another set of stable kernel updates

Saturday 18th of November 2017 03:03:07 PM
The latest stable kernel updates are 4.13.14, 4.9.63, 4.4.99, and 3.18.82. Each contains the usual set of important fixes and updates.

[$] 4.15 Merge window part 1

Friday 17th of November 2017 04:07:28 PM
When he released 4.14, Linus Torvalds warned that the 4.15 merge window might be shorter than usual due to the US Thanksgiving holiday. Subsystem maintainers would appear to have heard him; as of this writing, over 8,800 non-merge changesets have been pulled into the mainline since the opening of the 4.15 merge window. Read on for a summary of the most interesting changes found in that first set of patches.

Security updates for Friday

Friday 17th of November 2017 03:57:57 PM
Security updates have been issued by Arch Linux (couchdb), Debian (opensaml2 and shibboleth-sp2), Fedora (knot and knot-resolver), openSUSE (firefox), Slackware (libplist and mozilla), and Ubuntu (firefox and ipsec-tools).

Introducing container-diff, a tool for quickly comparing container images (Google Open Source Blog)

Friday 17th of November 2017 12:03:10 AM
Google has announced that it has released its container-diff tool under the Apache v2 license. "container-diff helps users investigate image changes by computing semantic diffs between images. What this means is that container-diff figures out on a low-level what data changed, and then combines this with an understanding of package manager information to output this information in a format that’s actually readable to users. The tool can find differences in system packages, language-level packages, and files in a container image. Users can specify images in several formats - from local Docker daemon (using the prefix `daemon://` on the image path), a remote registry (using the prefix `remote://`), or a file in the .tar in the format exported by "docker save" command. You can also combine these formats to compute the diff between a local version of an image and a remote version."

[$] SPDX identifiers in the kernel

Thursday 16th of November 2017 05:28:02 PM
Observers of the kernel's commit stream or mailing lists will have seen a certain amount of traffic referring to the addition of SPDX license identifiers to kernel source files. For many, this may be their first encounter with SPDX. But the SPDX effort has been going on for some years; this article describes SPDX, along with why and how the kernel community intends to use it.

Security updates for Thursday

Thursday 16th of November 2017 02:55:02 PM
Security updates have been issued by Arch Linux (firefox, flashplugin, lib32-flashplugin, and mediawiki), CentOS (kernel and php), Debian (firefox-esr, jackson-databind, and mediawiki), Fedora (apr, apr-util, chromium, compat-openssl10, firefox, ghostscript, hostapd, icu, ImageMagick, jackson-databind, krb5, lame, liblouis, nagios, nodejs, perl-Catalyst-Plugin-Static-Simple, php, php-PHPMailer, poppler, poppler-data, rubygem-ox, systemd, webkitgtk4, wget, wordpress, and xen), Mageia (flash-player-plugin, icu, jackson-databind, php, and roundcubemail), Oracle (kernel and php), Red Hat (openstack-aodh), SUSE (wget and xen), and Ubuntu (apport and webkit2gtk).

[$] LWN.net Weekly Edition for November 16, 2017

Thursday 16th of November 2017 01:37:59 AM
The LWN.net Weekly Edition for November 16, 2017 is available.

NumPy will drop Python 2 support

Wednesday 15th of November 2017 05:48:44 PM
The NumPy project is phasing out support for Python 2. "The Python core team plans to stop supporting Python 2 in 2020. The NumPy project has supported both Python 2 and Python 3 in parallel since 2010, and has found that supporting Python 2 is an increasing burden on our limited resources; thus, we plan to eventually drop Python 2 support as well. Now that we're entering the final years of community-supported Python 2, the NumPy project wants to clarify our plans, with the goal of to helping our downstream ecosystem make plans and accomplish the transition with as little disruption as possible." NumPy releases will fully support both Python 2 and Python 3 until December 31, 2018. New feature releases will support only Python 3 as of January 1, 2019. (Thanks to Nathaniel Smith)

[$] SciPy reaches 1.0

Wednesday 15th of November 2017 05:29:58 PM

After 16 years of evolution, the SciPy project has reached version 1.0. SciPy, a free-software project, has become one of the most popular computational toolkits for scientists from a wide range of disciplines, and is largely responsible for the ascendancy of Python in many areas of scientific research. While the 1.0 release is significant, much of the underlying software has been stable for some time; the "1.0" version number reflects that the project as a whole is on solid footing.

Stable kernel updates

Wednesday 15th of November 2017 05:10:52 PM
Stable kernels 4.13.13, 4.9.62, 4.4.98, and 3.18.81 have been released. They all contain important fixes and users should upgrade.

Security updates for Wednesday

Wednesday 15th of November 2017 05:05:07 PM
Security updates have been issued by Debian (libxml-libxml-perl and varnish), openSUSE (GraphicsMagick, mongodb, shadowsocks-libev, and snack), Red Hat (flash-plugin, kernel, php, and redis), Scientific Linux (kernel and php), and Ubuntu (shadow).

[$] KAISER: hiding the kernel from user space

Wednesday 15th of November 2017 01:16:56 AM
Since the beginning, Linux has mapped the kernel's memory into the address space of every running process. There are solid performance reasons for doing this, and the processor's memory-management unit can ordinarily be trusted to prevent user space from accessing that memory. More recently, though, some more subtle security issues related to this mapping have come to light, leading to the rapid development of a new patch set that ends this longstanding practice for the x86 architecture.

Firefox 57

Tuesday 14th of November 2017 04:36:09 PM
Firefox 57 has been released. From the release notes: "Brace yourself for an all-new Firefox. It’s fast. Really fast. It’s over twice as fast as Firefox from 6 months ago, built on a completely overhauled core engine with brand new technology from our advanced research group, and graced with a clean, modern interface. Today is the first of several releases we’re calling Firefox Quantum, all designed to get to the things you love and the stuff you need faster than ever before. Experience the difference on desktops running Windows, macOS, and Linux; on Android, speed improvements are landing as well, and both Android and iOS have a new look and feel. To learn more about Firefox Quantum, visit the Mozilla Blog."

More in Tux Machines

Oracle Adds Initial Support for Linux Kernel 4.14 LTS to VirtualBox

Oracle recently updated their VirtualBox open-source and cross-platform virtualization software with initial support for the latest Linux 4.14 LTS kernel series. VirtualBox 5.2.2 is the first maintenance update to the latest VirtualBox 5.2 stable series of the application, and it looks like it can be compiled and used on GNU/Linux distribution running the recently released Linux 4.14 LTS kernel. It also makes it possible to run distros powered by Linux kernel 4.14 inside VirtualBox VMs. Read more

Today in Techrights

today's leftovers

  • How a Linux stronghold turned back to Windows: Key dates in Munich's LiMux project [Ed: This explains the progression of Microsoft's war on GNU/Linux, typically using proxies]
    The project is temporarily put on hold while a study investigates whether it could be derailed by software patents.
  • End of an open source era: Linux pioneer Munich confirms switch to Windows 10 [Ed: Microsoft paid (bribed) all the right people, got a Microsoft fan -- by his own admission -- in power, gifted him for this]
    Mayor Dieter Reiter said there's never been a unified Linux landscape in the city. "We always had mixed systems and what we have here is the possibility of going over to a single system. Having two operating systems is completely uneconomic.
  • Ubuntu Podcast: S10E38 – Soft Knowledgeable Burn
    This week we refactor a home network, discuss how gaming on Linux has evolved and grown in recent years, bring you a blend of love and go over your feedback.
  • Live ISOs for Slackware-current 20171122
    I have released an update of the ‘liveslak‘ scripts. I needed the tag for a batch of new ISO images for the Slackware Live Edition. These are based on the latest Slackware-current dated “Wed Nov 22 05:27:06 UTC 2017“) i.e. yesterday and that means, the ISOs are going to boot into the new 4.14.1 kernel.
  • Am I willing to pay the price to support ethical hardware?
    The planned obsolescence is even worse with tablets and smartphones, whose components are all soldered down. The last tablet with a removable battery was the Dell Venue 11 Pro (Haswell version) announced in October 2013, but it was an expensive Windows device that cost as much as a mid-range laptop. The last Android tablet with a removable battery was the Samsung Galaxy Note 10.1 (GT-N8000 series), released in August 2012. It is still possible to find mid-range smartphones with removable batteries. Last year the only high end phones with removable batteries were the LG G5 and V20, but even LG has given up on the idea of making phones that will last longer than 2 years once the battery starts to degrade after roughly 500 full charge and discharge cycles. Every flagship phone introduced in 2017 now has its battery sealed in the case. According to the gmsarena.com database, the number of new smartphone models with non-replaceable batteries grew from 1.9% in 2011 to 26.7% in 2014, and now to 90.3% in 2017. It is highly likely that not a single model of smartphone introduced next year will have a replaceable battery.

More Coverage of New Lumina Release

  • Lumina 1.4 Desktop Environment Released
    The TrueOS BSD folks working on their Qt5-powered Lumina Desktop Environment have issued a new feature update of their open-source desktop.
  • Lumina Desktop 1.4.0 Released
    Lumina 1.4.0 carries a number of changes, optimisations, and feature improvements. Lumina is the default desktop of TrueOS, a BSD-based operating system. The desktop itself is lightweight, modular, built using Qt, and uses Fluxbox for window management. Although Lumina is mostly aimed at BSD users it also runs on Linux, including Fedora, Arch and — *mario coin sfx* — Ubuntu.