Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 2 hours 45 min ago

The FSF opens nominations for the 17th annual Free Software Awards

6 hours 53 min ago
The Free Software Foundation (FSF) and the GNU Project have announced the opening of nominations for the 17th annual Free Software Awards. The Free Software Awards include the Award for the Advancement of Free Software and the Award for Projects of Social Benefit. "In the case of both awards, previous winners are not eligible for nomination, but renomination of other previous nominees is encouraged. Only individuals are eligible for nomination for the Advancement of Free Software Award (not projects), and only projects can be nominated for the Social Benefit Award (not individuals). For a list of previous winners, please visit https://www.fsf.org/awards."

Security advisories for Monday

7 hours 56 min ago

Debian has updated iceweasel (multiple vulnerabilities).

Fedora has updated glibc (F19: multiple vulnerabilities), gnome-shell (F20: lock screen bypass), kernel (F19: multiple vulnerabilities), libxml2 (F20: denial of service), openssl (F20; F19: multiple vulnerabilities), openstack-glance (F20: denial of service), and torque (F20; F19: authentication bypass).

openSUSE has updated bash (13.1; 12.3: multiple vulnerabilities).

Oracle has updated libxml2 (OL6: denial of service).

Kernel prepatch 3.18-rc1

12 hours 45 min ago
In a relatively predictable move, Linus has released 3.18-rc1 and closed the 3.18 merge window sooner than expected. He has, however, said that he will be more than usually open to post-rc1 pull requests from people who "grovel a bit." "There is also at least one pull request that I am hoping to get asap and planning on still pulling, ie I'm very much still hoping to get overlayfs finally merged." In the end, 9,711 non-merge changesets found their way into the mainline repository during this merge window.

Interview: Thomas Voß of Mir (Linux Voice)

Friday 17th of October 2014 06:37:30 PM

Linux Voice has an interview with Canonical's Thomas Voß, the technical architect of the Mir display server. The interview deals largely with background topics, such as the Mir team's decision to standardize on an API rather than define a protocol, and the various languages to support. "Obviously there are disadvantages to having only one graphics language, but the benefits outweigh the disadvantages. And I think that’s a common theme in the industry. Android made the same decision to go that way. Even Wayland to a certain degree has been doing that. They have to support EGL and GL, simply because it’s very convenient for app developers and toolkit developers – an open graphics language. That was the part that inspired us, and we wanted to have this one graphics language and support it well."

Friday's security updates

Friday 17th of October 2014 04:09:02 PM

CentOS has updated openssl (C5: protocol downgrade) and openssl (C6, C7: multiple vulnerabilities).

Debian has updated openssl (multiple vulnerabilities).

Fedora has updated firefox (F20: multiple vulnerabilities), java-1.7.0-openjdk (F20: multiple vulnerabilities), java-1.8.0-openjdk (F20: multiple vulnerabilities), kernel (F20: multiple vulnerabilities), php-ZendFramework (F19; F20: multiple vulnerabilities), and thunderbird (F20: multiple vulnerabilities).

Oracle has updated cups (O6: multiple vulnerabilities), file (O6: multiple vulnerabilities), firefox (O5; O6: multiple vulnerabilities), glibc (O6: multiple vulnerabilities), java-1.6.0-openjdk (O6: multiple vulnerabilities), java-1.7.0-openjdk (O6: multiple vulnerabilities), krb5 (O6: multiple vulnerabilities), libxml2 (O7: denial of service), openssh (O6: multiple vulnerabilities), openssl (O5; O6; O7: multiple vulnerabilities), thunderbird (O6: multiple vulnerabilities), and trousers (O6: denial of service).

Red Hat has updated java-1.6.0-sun (multiple vulnerabilities), java-1.7.0-oracle (multiple vulnerabilities), libxml2 (RHEL6,7: denial of service), openssl (RHEL5: protocol downgrade), openssl (RHEL6,7: multiple vulnerabilities), and rsyslog7 (RHEL6: denial of service).

Scientific Linux has updated openssl (SL5: protocol downgrade) and openssl (SL6,7:multiple vulnerabilities ).

Ubuntu has updated openjdk-6 (10.04, 12.04: multiple vulnerabilities) and openssl (multiple vulnerabilities).

The Debian init system general resolution returns

Friday 17th of October 2014 05:34:41 AM
Ian Jackson has resurrected the general resolution prohibiting Debian packages from depending on a single init system. This resolution failed to obtain enough seconds to proceed to a vote back in March, but this time more seconds have appeared and a vote will take place after the two-week discussion period. The initial discussion suggests that there is some support for the idea, but that not everybody appreciates seeing this resolution just before the jessie release is supposed to go into a freeze.

Docker 1.3 released

Thursday 16th of October 2014 09:47:54 PM
The 1.3 release of the Docker container system is available. "First up, in this release, the Docker Engine will now automatically verify the provenance and integrity of all Official Repos using digital signatures. Official Repos are Docker images curated and optimized by the Docker community to be the best building blocks for assembling distributed applications. A valid signature provides an added level of trust by indicating that the Official Repo image has not been tampered with."

GCC Undefined Behavior Sanitizer – ubsan (RH Developer Blog)

Thursday 16th of October 2014 09:45:39 PM
The Red Hat Developer Blog has an article about the undefined behavior sanitizer that was a part of the GCC 4.9 release. "One of the most important [checks] is the signed integer overflow checking. The practice shows that this undefined behavior is very common in real programs. Ubsan is able to check that the result of addition, subtraction, multiplication and negation does not overflow in signed arithmetic."

Tor Browser 4.0 released

Thursday 16th of October 2014 09:41:19 PM
Version 4.0 of the Tor Browser is now available. "The primary user-facing change since the 3.6 series is the transition to Firefox 31-ESR. More importantly for censored users who were using 3.6, the 4.0 series also features the addition of three versions of the meek pluggable transport. In fact, we believe that both meek-amazon and meek-azure will work in China today, without the need to obtain bridge addresses."

Thursday's security updates

Thursday 16th of October 2014 03:11:08 PM

CentOS has updated thunderbird (C5: multiple vulnerabilities).

Debian has updated drupal7 (SQL injection) and wpa (code execution).

Fedora has updated php-ZendFramework2 (F21: multiple vulnerabilities) and rsyslog (F20; F21: denial of service).

Oracle has updated firefox (O7: multiple vulnerabilities), java-1.6.0-openjdk (O5: multiple vulnerabilities), and java-1.7.0-openjdk (O5; O7: multiple vulnerabilities).

Red Hat has updated flash-plugin (RHEL5, RHEL6: multiple vulnerabilities) and thunderbird (RHEL5, RHEL6: multiple vulnerabilities).

Slackware has updated openssl (multiple vulnerabilities).

Ubuntu has updated mysql-5.5 (12.04, 14.04: multiple vulnerabilities).

[$] LWN.net Weekly Edition for October 16, 2014

Wednesday 15th of October 2014 11:46:49 PM
The LWN.net Weekly Edition for October 16, 2014 is available.

[$] A damp discussion of network queuing

Wednesday 15th of October 2014 09:01:24 PM
Very few presenters at technical conferences come equipped with gallons of water and a small inflatable swimming pool to contain it. But that is just how Stephen Hemminger showed up at the 2014 Linux Plumbers Conference. Stephen was there to talk about the current state of the fight against bufferbloat; while there was some good news to share, the sad fact is that, in a number of areas, we are still all wet.

Stable kernel updates

Wednesday 15th of October 2014 04:14:44 PM
Greg Kroah-Hartman has released four kernel updates: 3.17.1, 3.16.6, 3.14.22, and 3.10.58. All contain the usual set of important fixes.

Security advisories for Wednesday

Wednesday 15th of October 2014 04:07:55 PM

CentOS has updated firefox (C7; C5: multiple vulnerabilities), java-1.6.0-openjdk (C7; C5: multiple vulnerabilities), and java-1.7.0-openjdk (C7; C5: multiple vulnerabilities).

Debian has updated wireshark (yet another pile of dissector flaws).

openSUSE has updated rsyslog (13.1; 12.3: two vulnerabilities).

Oracle has updated java-1.6.0-openjdk (OL7: multiple vulnerabilities).

Red Hat has updated firefox (RHEL5,6,7: multiple vulnerabilities), java-1.6.0-openjdk (RHEL5,6,7: multiple vulnerabilities), java-1.7.0-openjdk (RHEL6,7; RHEL5: multiple vulnerabilities), and java-1.8.0-openjdk (RHEL6: multiple vulnerabilities).

SUSE has updated rsyslog (SLES11 SP3: two vulnerabilities).

Ubuntu has updated firefox (14.04, 12.04: multiple vulnerabilities), thunderbird (14.04, 12.04: multiple vulnerabilities), and wpa, wpasupplicant (14.04, 12.04, 10.04: command execution).

The POODLE vulnerability

Wednesday 15th of October 2014 03:05:34 PM
Google has disclosed a new SSL vulnerability that goes by the name POODLE. In essence: a man-in-the-middle attacker can force a connection to drop back to the obsolete SSL 3.0 protocol, then recover plaintext data. "Disabling SSL 3.0 support, or CBC-mode ciphers with SSL 3.0, is sufficient to mitigate this issue, but presents significant compatibility problems, even today. Therefore our recommended response is to support TLS_FALLBACK_SCSV. This is a mechanism that solves the problems caused by retrying failed connections and thus prevents attackers from inducing browsers to use SSL 3.0. It also prevents downgrades from TLS 1.2 to 1.1 or 1.0 and so may help prevent future attacks." The OpenSSL project has issued an advisory describing its response to a few vulnerabilities, POODLE included.

White paper: the state of KVM

Wednesday 15th of October 2014 10:03:14 AM
For those with an interest in the KVM hypervisor: the Linux Foundation's Open Virtualization Alliance has published a white paper [PDF] with an overview of KVM and where it is going. "OpenStack is one of the brightest spots for KVM. As cloud deployments gain in adoption, OpenStack is the leading open source option and has tremendous community momentum behind it. KVM is the most popular hypervisor for OpenStack deployments, so as OpenStack succeeds, so will KVM."

What’s new in the graphics stack in Fedora 21? (Fedora Magazine)

Tuesday 14th of October 2014 11:16:27 PM
Fedora Magazine looks at new features in the Fedora 21 graphics stack. "This article details some of the driver support and feature updates that will be available for the graphics stack in Fedora 21. Note that this post does contain some pretty low level details about new drivers and features in Fedora 21. While most users won’t directly see many of these features in day to day usage, the effects of all these low-level updates make more graphics cards work better on Fedora. Special thanks to Adam Jackson for collating this list of updates for this article."

Firefox 33 released

Tuesday 14th of October 2014 07:21:25 PM
Firefox 33 is available. The release notes have the details. This version includes sandboxed OpenH264 support, improvements to search through the location bar, slimmer and faster JavaScript strings, search suggestions on start pages, a new CSP (Content Security Policy) backend, support for connecting to HTTP proxy over HTTPS, and much more.

Red Hat Enterprise Linux 6.6 released

Tuesday 14th of October 2014 07:06:14 PM
Red Hat has announced the release of the sixth update to RHEL 6. "From the kernel to the network stack, Red Hat Enterprise Linux 6.6 has been tuned to optimize performance. With support for higher processor counts and memory limits as well as kernel optimizations that allow for more efficient CPU utilization on large NUMA systems, Red Hat Enterprise Linux 6.6 better accommodates dense single-server workloads. Other system performance enhancements include support for additional 40 GbE network adapters, reductions in network latency and jitter, and support for high performance, low latency applications." See the release notes for details.

Tuesday's security updates

Tuesday 14th of October 2014 05:00:00 PM

CentOS has updated rsyslog (C7: denial of service).

Fedora has updated mediawiki (F20; F19: code execution), openjpeg (F20: regression in previous update), and squid (F20; F19: buffer overflow).

openSUSE has updated claws-mail (13.1, 12.3: unspecified vulnerability), libvirt (13.1; 12.3: two vulnerabilities), and python (13.1, 12.3: buffer overflow).

Oracle has updated rsyslog (OL7: denial of service).

Red Hat has updated chromium-browser (RHEL6: multiple vulnerabilities), cups (RHEL6: multiple vulnerabilities), file (RHEL6: multiple vulnerabilities), glibc (RHEL6: two vulnerabilities), kernel (RHEL6: multiple vulnerabilities), krb5 (RHEL6: multiple vulnerabilities), luci (RHEL6: code execution), openssh (RHEL6: two vulnerabilities), rsyslog (RHEL7: denial of service), trousers (RHEL6: denial of service), and X11 client libraries (RHEL6: many vulnerabilities).

Scientific Linux has updated bind97 (SL5: denial of service), conga (SL5: multiple vulnerabilities), krb5 (SL5: multiple vulnerabilities), krb5 (SL5: code execution), php53 and php (SL5, SL6: multiple vulnerabilities), and rsyslog (SL7: denial of service).

SUSE has updated Containment-Studio (SUSE Studio: multiple vulnerabilities).

Ubuntu has updated oxide-qt (14.04: multiple vulnerabilities) and requests (14.04: multiple vulnerabilities).

More in Tux Machines

Discourse

Discourse is an open-source project, hosted at GitHub (see Resources), licensed under the GNU General Public License, version 2. It is backed by Atwood's company, which has the fantastic name of Civilized Discourse Construction Kit, Inc., and it aims to profit through installing and supporting Discourse. Read more

EXT4 In Linux 3.18 Has Clean-ups, Bug Fixes

With Linux 3.18-rc1 having came one week early, the EXT4 file-system pull request didn't end up landing until today. However, the EXT4 changes aren't overly exciting for the 3.18 merge window. The EXT4 changes for the Linux 3.18 kernel merge window come down to mostly just code clean-ups and bug fixes along with some minor journal optimizations. Read more

Free and Open Source Electronic Signature in Costa Rica

The LibreOffice component designed by the University of Costa Rica (UCR) is similar to similar software enhancements currently used for electronic signatures in other countries. Read more

Rejuvenate your Fedora desktop with Moka

Moka started as a single Linux desktop icon theme, but over time it has gradually evolved into an entire project & brand identity that provides quality designs to people. Moka is about personalization and its goal is to provide an assortment of style options to allow you to customize your experience. Read more