Language Selection

English French German Italian Portuguese Spanish


Syndicate content is a comprehensive source of news and opinions from and about the Linux community. This is the main feed, listing all articles which are posted to the site front page.
Updated: 2 hours 6 min ago

Open Invention Network Celebrates 10 Year Anniversary

6 hours 20 min ago
Open Invention Network (OIN) marks its ten year anniversary. "Since its founding in 2005, Open Invention Network has grown its community to over 1,700 participants – from sizable multinational companies to key open source projects to emerging businesses. OIN has expanded its strategic patent portfolio to more than 1,000 worldwide patents and applications. In parallel, the zone of patent non-aggression that is defined by OIN’s Linux System definition has evolved to include more than 2,300 software packages, which ensures freedom of action in core functionality for global open source projects and technology platforms such as Linux, Red Hat, SUSE, Android, Open Stack and Apache."

Security updates for Tuesday

8 hours 12 min ago

Arch Linux has updated nodejs (denial of service).

Fedora has updated libvpx (F21: denial of service), openjpeg2 (F22: code execution), pixman (F22: buffer overflow), unzip (F21: two vulnerabilities), webkitgtk (F22; F21: denial of service), and webkitgtk3 (F22; F21: denial of service).

openSUSE has updated apache2 (13.2, 13.1: multiple vulnerabilities), conntrack-tools (13.2, 13.1: denial of service), froxlor (13.2, 13.1: privilege escalation), redis (13.2, 13.1: code execution), seamonkey (13.2, 13.1: multiple vulnerabilities), thunderbird (13.2, 13.1: multiple vulnerabilities), and vorbis-tools (13.2, 13.1: code execution).

SUSE has updated firefox, nspr (SLE12: multiple vulnerabilities).

Ubuntu has updated kernel (15.04; 14.04: multiple vulnerabilities), linux-lts-trusty (12.04: multiple vulnerabilities), linux-lts-utopic (14.04: multiple vulnerabilities), linux-lts-vivid (14.04: multiple vulnerabilities), and lxc (14.04: regression in previous update).

The 2015 Linux Foundation Technical Advisory Board elections

13 hours 13 min ago
The nomination process has begun for the 2015 election of the Technical Advisory Board for the Linux Foundation. That election will happen on October 26 at the Kernel Summit in Seoul, South Korea. There are five positions to be filled; terms are for two years.

Android 6.0 Marshmallow, thoroughly reviewed (Ars Technica)

Monday 5th of October 2015 07:57:12 PM
Ars Technica presents a lengthy review of Android 6.0 "Marshmallow". "While this is a review of the final build of "Android 6.0," we're going to cover many of Google's apps along with some other bits that aren't technically exclusive to Marshmallow. Indeed, big chunks of "Android" don't actually live in the operating system anymore. Google offloads as much of Android as possible to Google Play Services and to the Play Store for easier updating and backporting to older versions, and this structure allows the company to retain control over its open source platform. As such, consider this a look at the shipping Google Android software package rather than just the base operating system. "Review: New Android stuff Google has released recently" would be a more accurate title, though not as catchy."

Security advisories for Monday

Monday 5th of October 2015 04:41:45 PM

Arch Linux has updated hostapd (multiple vulnerabilities) and libunwind (denial of service).

Fedora has updated activemq (F22: information disclosure), bind (F21: denial of service), jenkins-script-security-plugin (F22: unspecified vulnerability), kernel (F22; F21: denial of service), libwmf (F22: two vulnerabilities), scap-security-guide (F22; F21: unspecified vulnerability), seamonkey (F22; F21: multiple vulnerabilities), thunderbird (F22: multiple vulnerabilities), and xen (F22; F21: multiple vulnerabilities).

Mageia has updated chromium-browser (MG5: information disclosure) and gdk-pixbuf2.0 (MG5: two vulnerabilities).

openSUSE has updated phpMyAdmin (13.2, 13.1: guessable user credentials).

Ubuntu has updated oxide-qt (15.04, 14.04: information disclosure), thunderbird (15.04, 14.04, 12.04: multiple vulnerabilities), and firefox (15.04, 14.04, 12.04: regression in previous update).

Sharp: Closing a door

Monday 5th of October 2015 02:30:45 PM
Sarah Sharp has made official her departure from the kernel development community. "I didn’t take the decision to step down lightly. I felt guilty, for a long time, for stepping down. However, I finally realized that I could no longer contribute to a community where I was technically respected, but I could not ask for personal respect. I could not work with people who helpfully encouraged newcomers to send patches, and then argued that maintainers should be allowed to spew whatever vile words they needed to in order to maintain radical emotional honesty. I did not want to work professionally with people who were allowed to get away with subtle sexist or homophobic jokes. I feel powerless in a community that had a 'Code of Conflict' without a specific list of behaviors to avoid and a community with no teeth to enforce it."

The Real-Time Linux Collaborative Project

Monday 5th of October 2015 08:51:19 AM
The Linux Foundation has announced the formation of a collaborative project to support the ongoing development of the realtime kernel patch set. "The RTL Collaborative Project will focus on pushing critical code upstream to be reviewed and eventually merged into the mainline Linux kernel where it will receive ongoing support. This will save the industry millions of dollars in research and development. It will also improve quality of the code through robust upstream kernel test infrastructure, since anything maintained in the mainline kernel is collectively supported by thousands of developers and hundreds of companies around the world." As part of the project, the Foundation has appointed Thomas Gleixner into a Fellow position.

Kernel prepatch 4.3-rc4

Sunday 4th of October 2015 07:28:25 PM
The 4.3-rc4 kernel prepatch is out. "You all know the drill by now. It's Sunday, and there is a new release candidate out there."

Stable kernels 4.2.3 and 4.1.10

Saturday 3rd of October 2015 03:24:41 PM
Greg Kroah-Hartman has released the 4.2.3 and 4.1.10 stable kernels. The fix for the deadlocks reported for 4.1.9 did not make it into 4.1.10. As usual, these stable kernels contain fixes throughout the tree.

Ad-blocking extension AdBlock sold to new owner

Friday 2nd of October 2015 11:00:48 PM

Many online media outlets are reporting the news that ownership of the popular ad-blocking browser extension AdBlock has been sold to a new owner. Not to be confused with similarly named projects AdBlock Plus and AdBlock Edge, this AdBlock announced the news of the sale to its users in a pop-up window. TheNextWeb reports that AdBlock employees refused to identify the buyer. In related news, the new owner has decided to join the "Acceptable Ads" whitelisting program run by rival AdBlock Plus. An announcement on the AdBlock Plus site confirms the move, and notes that an "independent review board" will now decide which advertisements are included the Acceptable Ads whitelist. Public nominations for the board are said to be open.

Friday's security updates

Friday 2nd of October 2015 03:47:14 PM

CentOS has updated thunderbird (C6; C5; C7: multiple vulnerabilities).

Debian-LTS has updated binutils (multiple vulnerabilities).

Fedora has updated freeimage (F22; F21: integer overflow), golang (F22; F21: multiple vulnerabilities), jakarta-commons-httpclient (F22; F21: denial of service), and openjpeg2 (F22; F21: use-after-free vulnerability).

Mageia has updated thunderbird (M5: multiple vulnerabilities).

openSUSE has updated bind (11.4: denial of service).

Oracle has updated thunderbird (O6; O7: multiple vulnerabilities).

Red Hat has updated mod_proxy_fcgi (RHEL6: denial of service).

Scientific Linux has updated thunderbird (SL5, 6, 7: multiple vulnerabilities).

Slackware has updated mozilla-thunderbird (14.0, 14.1, current: multiple vulnerabilities), php (14.0, 14.1, current: multiple vulnerabilities), and seamonkey (14.0, 14.1, current: multiple vulnerabilities).

Ubuntu has updated kernel (12.04: multiple vulnerabilities) and linux-ti-omap4 (12.04: multiple vulnerabilities).

GNOME’s 2014 Fiscal Year Annual Report Published

Thursday 1st of October 2015 11:43:56 PM
The GNOME Foundation has announced the release of its Annual Report [PDF] for the 2014 fiscal year, which ran from October 1, 2013 through September 30, 2014. The report covers topics like finances, the Groupon trademark battle, conferences, outreach, accessibility, and lots more. "Jean-François Fortin Tam, president of the GNOME Foundation for 2014-2015, states in the introduction letter: '2014 is on record as one of the most challenging years in the Foundation's history. It is also the year that has given us the most demonstrative and passionate display of support—from our members, our contributors, and the Free Software community—that we have ever experienced.'"

Qubes OS 3.0 released

Thursday 1st of October 2015 08:38:24 PM
Joanna Rutkowska has announced the release of Qubes OS 3.0, which has a new hypervisor abstraction layer (HAL) as one of its "killer features". Qubes OS uses a hypervisor as part of its "security by compartmentalization" strategy for creating a more secure operating system. The HAL "will allow us to easily switch the underlying hypervisors in the near future, perhaps even during the installation time, depending on the user needs (think tradeoffs between hardware compatibility and performance vs. security properties desired, such as e.g. reduction of covert channels between VMs, which might be of importance to some users). More philosophically-wise, this is a nice manifestation of how Qubes OS is really "not yet another virtualization system", but rather: a user of a virtualization system (such as Xen)." We looked at Qubes OS 3.0 back in May.

Stable kernels 3.14.54 and 3.10.90

Thursday 1st of October 2015 07:42:51 PM
Greg Kroah-Hartman has announced the release of the 3.14.54 and 3.10.90 stable kernels. As usual, they contain important fixes throughout the tree and users should upgrade.

FSF, Conservancy publish principles for community-oriented GPL enforcement

Thursday 1st of October 2015 05:46:20 PM
The Free Software Foundation (FSF) has announced a collaboration with Software Freedom Conservancy (SFC) on "The Principles of Community-Oriented GPL Enforcement", which describes what it means to do GPL enforcement in a way that is oriented toward gaining compliance (also: SFC announcement). "'GPL enforcement is mostly an educational process working with people who have made honest mistakes, but it must be undertaken with care and thoughtfulness. Our goal is not to punish or censure violators, but to help them come into compliance. Abiding by these principles aids our work in bringing about that outcome,' said FSF's licensing and compliance manager, Joshua Gay.

Thursday's security advisories

Thursday 1st of October 2015 03:58:34 PM

Debian-LTS has updated commons-httpclient (denial of service) and fuseiso (two vulnerabilities).

Mageia has updated kernel (multiple vulnerabilities).

openSUSE has updated firefox (multiple vulnerabilities) and python-PyJWT (13.2: privilege escalation).

Red Hat has updated openshift (RHOSE2.2: multiple vulnerabilities) and thunderbird (RHEL5,6,7: multiple vulnerabilities).

SUSE has updated haproxy (SOSCC5, SLE12: two vulnerabilities).

Ubuntu has updated cyrus-sasl2 (15.04: denial of service from 2013), php5 (multiple vulnerabilities), rpcbind (denial of service), and lxc (14.04: regression in previous fix).

[$] Weekly Edition for October 1, 2015

Thursday 1st of October 2015 12:44:09 AM
The Weekly Edition for October 1, 2015 is available.

The Linux Foundation Releases Value of Collaborative Development Report

Wednesday 30th of September 2015 06:12:57 PM
The Linux Foundation has announced the release of its first ever report that attempts to measure the estimated value of development costs in its Collaborative Projects. The report is titled “A $5 Billion Value: Estimating the Total Development Cost of Linux Foundation’s Collaborative Projects.” "Linux Foundation Collaborative Projects are independently funded software projects that harness the power of collaborative development to fuel innovation across industries and ecosystems. More than 500 companies and thousands of developers from around the world contribute to these open source software projects that are changing the world in which we live."

[$] Compile-time stack validation

Wednesday 30th of September 2015 06:00:07 PM
An occasionally heard horror story about the kernel development community concerns developers who are told that, in order to get their code upstream, they must first invest considerable effort into fixing a related subsystem. As with many such stories, this is not an experience many kernel developers have had, but there is also a grain of truth behind it. The ongoing live-patching effort, and the extra work that has been required to push that work forward, is a case in point.

Security advisories for Wednesday

Wednesday 30th of September 2015 04:58:16 PM

CentOS has updated openldap (C7: denial of service).

Debian-LTS has updated flightgear (inadequate filesystem validation checks), freetype (denial of service), libemail-address-perl (denial of service), openssh (regression in previous update), and wordpress (multiple vulnerabilities).

Oracle has updated openldap (OL7; OL6; OL5: denial of service).

Ubuntu has updated lxc (15.04, 14.04: apparmor policy bypass).

More in Tux Machines

Slackel Linux: Not Your Father's Slackware

You might think of the Slackel distro as a better Slackware derivative. Slackware dates back to 1992. By comparison, well-known and well-used distros such as Ubuntu, Fedora and Linux Mint were introduced in the mid-2000s. So Slackware is among the oldest actively maintained Linux distros. Despite its longevity, it has not joined more modern Linux offspring in terms of user friendliness. Read more

Android 6.0 Marshmallow Review: Google Outsmarts Apple By Guessing Your Next Move

It may seem like a big decision, but something tells me the service arms race is going to be a lot like the feature race. Google has the nose on Apple with Google Now on Tap until… Apple figures out a way to borrow it. Read more

Red Hat News

IBM releases Power-based Linux servers with Nvidia GPUs

The Power Systems LC line was introduced by Dr Stefanie Chiras, director and business line executive of IBM scale-out Power Systems, as part of her keynote on the subject of 'waitless computing'. IBM, as a patron of the OpenPower Foundation, has been a staunch supporter of Linux and OpenStack, and this represents a logical step for the company, as it has been building its Power line following the sale of its x86 server business to Lenovo in 2014. Read more