Language Selection

English French German Italian Portuguese Spanish


Syndicate content is a comprehensive source of news and opinions from and about the Linux community. This is the main feed, listing all articles which are posted to the site front page.
Updated: 4 hours 32 min ago

Rust Once, Run Everywhere

Friday 24th of April 2015 07:24:39 PM

The Rust blog has posted a guide to using Rust's foreign function interface (FFI) with C code. Highlighted in particular are Rust's safe abstractions, which are said to impose no costs. "Most features in Rust tie into its core concept of ownership, and the FFI is no exception. When binding a C library in Rust you not only have the benefit of zero overhead, but you are also able to make it safer than C can! Bindings can leverage the ownership and borrowing principles in Rust to codify comments typically found in a C header about how its API should be used."

Friday's security updates

Friday 24th of April 2015 02:59:12 PM

Arch Linux has updated powerdns (denial of service) and powerdns-recursor (denial of service).

Debian-LTS has updated subversion (multiple vulnerabilities).

Fedora has updated lcms (F20: denial of service) and php (F21: multiple vulnerabilities).

Mageia has updated chromium-browser-stable (M4: multiple vulnerabilities), chrony (M4: multiple vulnerabilities), lftp (M4: SSL server spoofing), libksba (M4: denial of service), ntop (M4: cross-site scripting), setup (M4: information disclosure), and t1utils (M4: multiple vulnerabilities).

openSUSE has updated firefox (13.1; 13.2: code execution) and socat (13.1: denial of service).

Oracle has updated kernel (kernel 3.8.18 (O6, O7); kernel 2.6.39 (O5, O6); kernel 2.6.32 (O5, O6): multiple vulnerabilities).

Red Hat has updated novnc (RHEL OSP4: VNC session hijacking).

Ubuntu has updated firefox (code execution), usb-creator (12.04, 14.04, 14.10; 15.04: privilege escalation), and wpa_supplicant (14.04, 14.10: code execution).

Ubuntu 15.04 (Vivid Vervet) released

Thursday 23rd of April 2015 05:12:34 PM
The Ubuntu 15.04 release is out. "Ubuntu Server 15.04 includes the Kilo release of OpenStack, alongside deployment and management tools that save devops teams time when deploying distributed applications - whether on private clouds, public clouds, x86 or ARM servers, or on developer laptops. Several key server technologies, from MAAS to Ceph, have been updated to new upstream versions with a variety of new features. This release also includes the first release of snappy Ubuntu Core, a new distribution model based on transactional updates." LWN looked at Snappy in January.

Wi-Fi software security bug could leave Android, Windows, Linux open to attack (Ars Technica)

Thursday 23rd of April 2015 02:09:31 PM
Ars Technica reports on a wpa_supplicant bug that might leave Linux and other systems open to remote code execution. "That's because the code fails to check the length of incoming SSID information and writes information beyond the valid 32 octets of data to memory beyond the range it was allocated. SSID information 'is transmitted in an element that has a 8-bit length field and potential maximum payload length of 255 octets,' [wpa_supplicant maintainer Jouni] Malinen wrote, and the code 'was not sufficiently verifying the payload length on one of the code paths using the SSID received from a peer device. This can result in copying arbitrary data from an attacker to a fixed length buffer of 32 bytes (i.e., a possible overflow of up to 223 bytes). The overflow can override a couple of variables in the struct, including a pointer that gets freed. In addition, about 150 bytes (the exact length depending on architecture) can be written beyond the end of the heap allocation.'"

Security updates for Thursday

Thursday 23rd of April 2015 01:40:44 PM

Arch Linux has updated glibc (code execution).

Fedora has updated chrony (F21: three vulnerabilities), gnupg2 (F20: denial of service), java-1.7.0-openjdk (F20: unspecified), java-1.8.0-openjdk (F21: unspecified), kernel (F21; F20: denial of service), ntp (F20: two vulnerabilities), python (F20: denial of service from 2013), spatialite-tools (F21: three vulnerabilities), and sqlite (F21: three vulnerabilities).

Oracle has updated kvm (OL5: two vulnerabilities).

[$] Weekly Edition for April 23, 2015

Thursday 23rd of April 2015 01:34:20 AM
The Weekly Edition for April 23, 2015 is available.

[$] The kdbuswreck

Wednesday 22nd of April 2015 07:41:32 PM
Few readers will have failed to notice by now that the attempted merging of the kdbus interprocess communication system into the 4.1 kernel has failed to go as well as its proponents would have liked. As of this writing, the discussion continues and nothing has been merged. This article constitutes an attempt to derive a bit of light from the massive amounts of heat that have been generated so far, with a specific focus on the issue of metadata and capabilities.

Sourcegraph: A free code search tool for open source developers (

Wednesday 22nd of April 2015 07:07:28 PM introduces Sourcegraph. "Sourcegraph is a code search engine and browsing tool that semantically indexes all the open source code available on the web. You can search for code by repository, package, or function and click on fully linked code to read the docs, jump to definitions, and instantly find usage examples. And you can do all of this in your web browser, without having to configure any editor plugin."

Security advisories for Wednesday

Wednesday 22nd of April 2015 05:16:49 PM

Arch Linux has updated firefox (code execution).

CentOS has updated kernel (C6: multiple vulnerabilities), kvm (C5: two vulnerabilities), and qemu-kvm (C6: privilege escalation).

Debian has updated curl (multiple vulnerabilities) and subversion (two vulnerabilities).

Debian-LTS has updated wireshark (multiple vulnerabilities).

Fedora has updated ceph-deploy (F21: information leak), firefox (F20: multiple vulnerabilities), libzip (F21; F20: code execution), mingw-gnutls (F21: denial of service), mingw-libtasn1 (F21; F20: denial of service), openstack-neutron (F20: denial of service), python-virtualenv (F21; F20: insecure software download), qt5-qtwebkit (F21; F20: denial of service), and qtwebkit (F21; F20: denial of service).

openSUSE has updated Chromium (13.2, 13.1: multiple vulnerabilities).

Oracle has updated glibc (OL6: two vulnerabilities), kernel (OL6: multiple vulnerabilities), and qemu-kvm (OL6: privilege escalation).

Red Hat has updated kernel (RHEL5.9: privilege escalation), kvm (RHEL5: two vulnerabilities), and qemu-kvm (RHEL6: privilege escalation).

Scientific Linux has updated kernel (SL6: multiple vulnerabilities), kvm (SL5: two vulnerabilities), and qemu-kvm (SL6: privilege escalation).

Slackware has updated bind (denial of service), gnupg (multiple vulnerabilities), httpd (multiple vulnerabilities), libssh (two vulnerabilities), firefox (multiple vulnerabilities), thunderbird (multiple vulnerabilities), mutt (denial of service), ntp (two vulnerabilities), openssl (multiple vulnerabilities), php (multiple vulnerabilities), ppp (two vulnerabilities), proftpd (unauthenticated copying of files), qt (multiple vulnerabilities), and seamonkey (multiple vulnerabilities).

SUSE has updated mariadb (SLE12: multiple vulnerabilities).

GCC 5.1 released

Wednesday 22nd of April 2015 03:32:15 PM
Version 5.1 of the GNU Compiler Collection is out. "GCC 5.1 is a major release containing substantial new functionality not available in GCC 4.9.x or previous GCC releases." Some of that new functionality includes full C++14 language support, quite a few optimization improvements, partial OpenACC support, OpenMP 4.0 support, an experimental JIT library, and more; see the changelog for details.

How Tor is building a new Dark Net with help from the U.S. military (The Daily Dot)

Tuesday 21st of April 2015 05:52:56 PM
The Daily Dot reports that the Tor project is receiving some funding from the US Defense Advanced Research Projects Agency (DARPA) to improve Tor's hidden services. "The Dark Net road map moving forward is ambitious. Tor plans to double the encryption strength of hidden service’s identity key and to allow offline storage for that key, a major security upgrade. Next-generation hidden services may be run from multiple hosts to better deal with denial of service attacks and high traffic in general, a potentially big power boost that further closes the gap between the Dark Net and normal websites."

Announcing the release of Fedora 22 Beta

Tuesday 21st of April 2015 04:48:29 PM
Fedora 22 Beta has been released. It comes in Workstation, Server, and Cloud editions, as well as several spins. This version replaces yum with DNF for package management, as discussed in this recent LWN article. The Cloud edition features the latest versions of rpm-ostree and rpm-ostree-toolbox and introduces the Atomic command line tool. The Server edition features a new database server role based on PostgreSQL, an updated Cockpit, and XFS as the default filesystem. The Workstation product has also seen a number of enhancements and improvements, including a redesigned GNOME Shell notification system, transitional Wayland support, and much more.

Tuesday's security updates

Tuesday 21st of April 2015 04:07:35 PM

Arch Linux has updated jdk8-openjdk (multiple vulnerabilities), jre8-openjdk (multiple vulnerabilities), jre8-openjdk-headless (multiple vulnerabilities), and tcpdump (denial of service).

CentOS has updated glibc (C6: two vulnerabilities).

Debian-LTS has updated python-django-markupfield (information leak).

Red Hat has updated glibc (RHEL6: two vulnerabilities) and kernel (RHEL6: multiple vulnerabilities).

Scientific Linux has updated glibc (SL6: two vulnerabilities).

SUSE has updated Real Time Linux Kernel (SLERTE11 SP3: multiple vulnerabilities).

Ubuntu has updated mysql-5.5 (14.10, 14.04, 12.04: multiple vulnerabilities), openjdk-6 (12.04, 10.04: multiple vulnerabilities), openjdk-7 (14.10, 14.04: multiple vulnerabilities), and php5 (14.10, 14.04, 12.04, 10.04: multiple vulnerabilities).

The Puppet design philosophy (O'Reilly)

Tuesday 21st of April 2015 01:01:21 PM
O'Reilly has posted an excerpt from Puppet Best Practices, an upcoming book about the Puppet system configuration tool. It's a good place to look for those wanting an introduction to how Puppet works. "Puppet can be somewhat alien to technologists who have a background in automation scripting. Where most of our scripts scripts are procedural, Puppet is declarative. While a declarative language has many major advantages for configuration management, it does impose some interesting restrictions on the approaches we use to solve common problems."

Tschumperlé: My latest ten months working on G’MIC

Tuesday 21st of April 2015 12:46:41 PM
David Tschumperlé has posted an extensive summary of his work on G'MIC, an image-processing tool. One of those projects was comic colorization: "The idea is very simple: Instead of forcing the artist to do all the colorization job by himself, we just ask him to put some colored key-points here and here, inside the different image regions to fill-in. Then, the algorithm tries to guess a probable colorization of the drawing, by analyzing the contours in the image and by interpolating the given colored key-points with respect to these contours." (LWN looked at G'MIC in August 2014).

VMware just created its first Linux OS, and it’s container-friendly (NetworkWorld)

Monday 20th of April 2015 11:31:23 PM
NetworkWorld takes a look at two VMWare projects that are aimed at running containers inside the VM. "VMware has created Photon as an OS that can run in vSphere. VMware says it’s a “lightweight” Linux OS that has only the basic elements required to package applications in containers and run them inside virtual machines. Because of its minimalist feature set, Project Photon is meant to boot up quickly, which is a key advantage of using containers. Project Photon supports many container image platforms, including those from Docker (which is both an open source container runtime and the name of the company that is commercializing it), as well as container images from CoreOS (called “rkt”) and Pivotal (named “Garden”)." VMWare also announced a beta version of Project Lightwave, "which is an identity and access management tool meant to provide an extra security layer for containers."

Stable kernel updates

Monday 20th of April 2015 06:15:52 PM
New stable kernel updates have been released for 3.19.5, 3.14.39, and 3.10.75. All of them contain important fixes throughout the tree.

Security advisories for Monday

Monday 20th of April 2015 06:01:53 PM

Arch Linux has updated chromium (multiple vulnerabilities), flashplugin (multiple vulnerabilities), jdk7-openjdk (multiple vulnerabilities), jre7-openjdk (multiple vulnerabilities), and jre7-openjdk-headless (multiple vulnerabilities).

Debian has updated django-markupfield (information leak) and mysql-5.5 (multiple vulnerabilities).

Debian-LTS has updated file (memory leak), openldap (multiple vulnerabilities), ppp (denial of service), and wesnoth-1.8 (information leak).

Fedora has updated gnupg2 (F21: double-free issue), groovy-sandbox (F21: privilege escalation), jenkins (F21: multiple vulnerabilities), jenkins-matrix-project-plugin (F21: privilege escalation), jenkins-script-security-plugin (F21: privilege escalation), knot (F21; F20: multiple vulnerabilities), libtasn1 (F21; F20: denial of service), mediawiki (F21; F20: multiple vulnerabilities), owncloud (F21; F20: multiple vulnerabilities), perl-DBD-Firebird (F21; F20: buffer overflow), perl-Module-Signature (F21; F20: multiple vulnerabilities), perl-Test-Signature (F21; F20: multiple vulnerabilities), php-symfony (F21; F20: two vulnerabilities), postgis (F21: multiple vulnerabilities), python (F21: denial of service), rest (F21; F20: denial of service), tcpdump (F20: multiple vulnerabilities), and tor (F21; F20: denial of service).

Mageia has updated perl-DBD-Firebird (buffer overflow), perl-Module-Signature (multiple vulnerabilities), and potrace (denial of service).

openSUSE has updated xen (13.1: multiple vulnerabilities).

Red Hat has updated java-1.6.0-sun (RHEL5,6,7: multiple vulnerabilities) and java-1.7.0-oracle (RHEL5,6,7: multiple vulnerabilities).

Ardour 4.0 released

Monday 20th of April 2015 12:29:05 PM
Version 4.0 of the Ardour audio editing system is available. This release features Windows support, more flexible audio support (JACK is no longer required), a lot of user-interface work, and official OS X and Windows support.

PacketFence 5.0 released

Saturday 18th of April 2015 07:52:26 AM
PacketFence is a free network access control system; the 5.0 release is now available. Changes include a new active clustering mode, better device fingerprinting, better performance monitoring, the elimination of plaintext passwords, and more.

More in Tux Machines

Android Leftovers

  • Android Candy: Intercoms
    Ever since my "tiny $20 tablet" project (see my Open-Source Classroom column in the March 2015 issue), I've been looking for more and more cool things to do with cheap Android devices. Although the few obvious ones like XBMC or Plex remotes work well, I've recently found that having Android devices around the house means I can gain back an old-school ability that went out of style in the late 1980s—namely, an intercom system.
  • There's a wild prank hidden in Google Maps that insults Apple in the most childishly inappropriate way
    Rawalpindi is a vibrant Pakistani city known for its bazaars, ancient ruins, and array of religious shrines. But if you pay it a visit on Google Maps, you're going to notice something very unusual on the outskirts of the city — the Android "droid" mascot urinating on the Apple logo.
  • There's an Android bot peeing on an Apple logo on Google Maps
    Sick of all the Apple Watch news today? You're in luck, because we have something completely different for you. An image of an Android mascot, also known as an Android bot or Bugdroid, peeing on an Apple logo has been discovered on Google Maps.
  • An Android robot is peeing on an Apple logo in Google Maps
  • An Android is urinating on the Apple logo in Google Maps (update)
    Google and Apple have always had their differences, but a new Easter egg inside Google Maps has just taken their rivalry to a whole new level. As spotted by Team Android, if you head to these coordinates with the regular Map view enabled, you'll see Google's iconic Android mascot taking a leak on the Apple logo. At the moment, it's unclear who created this little piece of mischief and whether Google is taking action. But if this hidden message is any indication, it was snuck through by a member of the public using Google's Map Maker service, rather than a Google employee. Regardless, it's a crazy (and pretty hilarious) addition that's sure to rile some of the employees in Cupertino. Shots fired!
  • Sony's Android TV-powered 4K televisions are ridiculously thin
    Four models from Sony’s 2015 Android TV-powered 4K television range are now available for pre-order, with shipping to begin in May. The Japanese electronics giant unveiled its 4K TV lineup for 2015 at the Consumer Electronics Show in January, but kept pricing and release information to itself, only saying the new sets would be available sometime in the spring. Those details are finally here and the TVs themselves aren’t far off.
  • Android Wear v1.1 APK has Apple references in it, but when is iOS support coming?
    That Google is working on iOS support for Android Wear is nearly undeniable at this point, but even more evidence has surfaced in case you aren’t a believer. We peeked inside the latest Android Wear update APK to see what hidden bits were swarming about, and we came across some very interesting references.
  • 5 Things to Expect from the Nexus 5 Android 5.1.1 Release
    A few weeks ago, an Android 5.1.1 update mysteriously appeared alongside an update for Google’s Android SDK. Earlier this week, Google finally confirmed the Nexus Android 5.1.1 release with an update for its Nexus Player. With an Android 5.1.1 update now on the minds of Nexus users, particularly Nexus 5 users dealing with Android 5.0 Lollipop problems, we want to take a look at what we expect from the Nexus 5 Android 5.1 release from Google.

The Turing Phone Is Super Durable and Ultra Secure

The device also sports a 13MP/8MP camera combo, 64GB / 128GB of internal storage and runs Android 5.0 Lollipop out of the box. Read more

GNU/Linux Share of Global Page-Views Reaches New High

Eight days in April, 2015, so far, have reached 2% share of page-views for GNU/Linux on the desktop worldwide, according to data from StatCounter. Read more

Linux Kernel 4.0 Update Kit Now Available for Black Lab Linux 6.5, Ubuntu 15.04

Roberto J. Dohnert announced the immediate availability of the Linux Kernel 4.0 Update Kit for his Black Lab Linux computer operating system, allowing users to update to the newly released Linux 4.0 kernel. Read more