Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 4 hours 38 min ago

Security updates for Monday

Monday 24th of September 2018 02:56:51 PM
Security updates have been issued by Arch Linux (bitcoin-daemon and bitcoin-qt), Debian (firefox-esr, hylafax, libarchive-zip-perl, mediawiki, okular, openafs, strongswan, and texlive-bin), Fedora (gitolite3, kernel-headers, and lcms2), Mageia (dropbear, kernel, lcms2, libcgroup, libextratcor, mailman, mpg123, okular, php, soundtouch, unixODBC, webkit2, and xml-security-c), openSUSE (aubio, bouncycastle, chromium, ffmpeg-4, firefox, gdm, GraphicsMagick, hylafax+, ImageMagick, jhead, liblouis, nemo-extensions, nextcloud, nodejs6, obs-service-refresh_patches, okular, openslp, pango, phpMyAdmin, python-Django, python-Django1, and seamonkey), Oracle (spice and spice-gtk), Slackware (firefox and kernel), and SUSE (ant, apache2, gnutls, libzypp, zypper, nodejs6, nodejs8, and xorg-x11-libs).

Kernel prepatch 4.19-rc5

Monday 24th of September 2018 12:58:55 AM
The 4.19-rc5 kernel prepatch has been released by Greg Kroah-Hartman. "As almost everyone knows, it's been an 'interesting' week from a social point-of-view. But from the technical side, -rc5 looks totally normal."

[$] Time namespaces

Friday 21st of September 2018 07:17:36 PM
The kernel's namespace abstraction allows different groups of processes to have different views of the system. This feature is most often used with containers; it allows each container to have its own view of the set of running processes, the network environment, the filesystem hierarchy, and more. One aspect of the system that remains universal, though, is the concept of the system time. The recently posted time namespace patch set (from Dmitry Safonov with a lot of work by Andrei Vagin) seeks to change that.

Mir 1.0 released

Friday 21st of September 2018 07:07:10 PM
The Ubuntu blog has announced the release of version 1.0.0 of the Mir display server. "Whether for building a device or for writing a shell for the desktop, Mir can give you a graphics stack that is fast, light, and secure. The Mir graphical stack works across different graphics platforms and driver models and is easy to integrate into your kiosk, digital signage, or purpose built graphical solution. It was first conceived over 6 years ago as part of an initiative by Canonical to unify the graphical environment across all devices, including desktop, TV, and mobile devices and continues to be developed with new features and modern standards."

Security updates for Friday

Friday 21st of September 2018 01:52:35 PM
Security updates have been issued by Debian (hylafax, sympa, and texlive-bin), Fedora (curl and gitolite3), Mageia (bouncycastle, ghostscript, and libx11), openSUSE (webkit2gtk3), Oracle (spice and spice-gtk and spice-gtk and spice-server), Red Hat (rubygem-smart_proxy_dynflow, spice and spice-gtk, and spice-gtk and spice-server), Scientific Linux (spice and spice-gtk and spice-gtk and spice-server), and SUSE (ImageMagick, kernel, liblouis, openslp, and python-paramiko).

Security updates for Thursday

Thursday 20th of September 2018 02:16:38 PM
Security updates have been issued by Debian (glusterfs, php5, reportbug, and suricata), openSUSE (chromium and exempi), Red Hat (openstack-rabbitmq-container), SUSE (couchdb, crowbar, crowbar-core, crowbar-ha, crowbar-init, crowbar-openstack, crowbar-ui, gdm, OpenStack, pango, and webkit2gtk3), and Ubuntu (bind9, lcms, lcms2, and lcms2).

After Years of Abusive E-mails, the Creator of Linux Steps Aside (The New Yorker)

Thursday 20th of September 2018 02:10:56 AM
A story in The New Yorker magazine may help explain some of the timing of the recent upheavals in kernel-land. Longtime followers of kernel development will find the article to be a mixed bag—over the top in spots, fairly accurate elsewhere. "Torvalds’s decision to step aside came after The New Yorker asked him a series of questions about his conduct for a story on complaints about his abusive behavior discouraging women from working as Linux-kernel programmers. In a response to The New Yorker, Torvalds said, 'I am very proud of the Linux code that I invented and the impact it has had on the world. I am not, however, always proud of my inability to communicate well with others—this is a lifelong struggle for me. To anyone whose feelings I have hurt, I am deeply sorry.'"

[$] LWN.net Weekly Edition for September 20, 2018

Thursday 20th of September 2018 12:30:38 AM
The LWN.net Weekly Edition for September 20, 2018 is available.

Stable kernel updates

Wednesday 19th of September 2018 10:14:48 PM
Stable kernels 4.18.9, 4.14.71, 4.9.128, and 4.4.157 have been released. They all contain the usual set of important fixes and users should upgrade.

[$] Project Treble

Wednesday 19th of September 2018 07:33:45 PM

Android's Project Treble is meant as a way to reduce the fragmentation in the Android ecosystem. It also makes porting Android 8 ("Oreo"—the first version to mandate Treble) more difficult, according to Fedor Tcymbal. He described the project and what it means for silicon and device vendors in a talk at Open Source Summit North America 2018 in Vancouver, Canada.

[$] Resource control at Facebook

Wednesday 19th of September 2018 04:39:48 PM

Facebook runs a lot of programs and it tries to pack as many as it can onto each machine. That means running close to—and sometimes beyond—the resource limits on any given machine. How the system reacts when, for example, memory is exhausted, makes a big difference in Facebook getting its work done. Tejun Heo came to 2018 Open Source Summit North America to describe the resource control work that has been done by the team he works on at Facebook.

Security updates for Wednesday

Wednesday 19th of September 2018 02:48:40 PM
Security updates have been issued by Debian (chromium-browser and libapache2-mod-perl2), Oracle (kernel), and Ubuntu (ghostscript, glib2.0, and php5).

LLVM 7.0.0 released

Wednesday 19th of September 2018 12:56:26 PM
Version 7.0.0 of the LLVM compiler suite is out. "It is the result of the community's work over the past six months, including: function multiversioning in Clang with the 'target' attribute for ELF-based x86/x86_64 targets, improved PCH support in clang-cl, preliminary DWARF v5 support, basic support for OpenMP 4.5 offloading to NVPTX, OpenCL C++ support, MSan, X-Ray and libFuzzer support for FreeBSD, early UBSan, X-Ray and libFuzzer support for OpenBSD, UBSan checks for implicit conversions, many long-tail compatibility issues fixed in lld which is now production ready for ELF, COFF and MinGW, new tools llvm-exegesis, llvm-mca and diagtool". The list of new features is long; see the overall release notes, the Clang release notes, the Clang tools release notes, and the LLD linker release notes for more information.

[$] Code, conflict, and conduct

Tuesday 18th of September 2018 09:15:45 PM
A couple of surprising things happened in the kernel community on September 16: Linus Torvalds announced that he was taking a break from kernel development to focus on improving his own behavior, and the longstanding "code of conflict" was replaced with a code of conduct based on the Contributor Covenant. Those two things did not quite come packaged as a set, but they are clearly not unrelated. It is a time of change for the kernel project; there will be challenges to overcome but, in the end, less may change than many expect or fear.

Security updates for Tuesday

Tuesday 18th of September 2018 03:09:27 PM
Security updates have been issued by Fedora (ghostscript, icu, nspr, nss, nss-softokn, nss-util, and okular), Red Hat (java-1.7.1-ibm, java-1.8.0-ibm, OpenStack Platform, openstack-neutron, and openstack-nova), and Ubuntu (clamav and php5, php7.0, php7.2).

PostgreSQL adopts a code of conduct

Tuesday 18th of September 2018 02:04:55 PM
The PostgreSQL community has, after an extended discussion, announced the adoption of a code of conduct "which is intended to ensure that PostgreSQL remains an open and enjoyable project for anyone to join and participate in".

Versity announces next generation open source archiving filesystem

Monday 17th of September 2018 11:15:08 PM
Versity Software has announced that it has released ScoutFS under GPLv2. "ScoutFS is the first GPL archiving file system ever released, creating an inherently safer and more user friendly option for storing archival data where accessibility over very large time scales, and the removal of vendor specific risk is a key consideration."

Security updates for Monday

Monday 17th of September 2018 02:46:07 PM
Security updates have been issued by Debian (discount, ghostscript, intel-microcode, mbedtls, thunderbird, and zutils), Fedora (ghostscript, java-1.8.0-openjdk-aarch32, kernel-headers, kernel-tools, libzypp, matrix-synapse, nspr, nss, nss-softokn, nss-util, zsh, and zypper), Mageia (kernel, kernel-linus, and kernel-tmb), openSUSE (chromium, curl, ffmpeg-4, GraphicsMagick, kernel, libzypp, zypper, okular, python3, spice-gtk, tomcat, and zsh), Oracle (kernel), Slackware (php), SUSE (curl, libzypp, zypper, and openssh-openssl1), and Ubuntu (curl and firefox).

Apache SpamAssassin 3.4.2 released

Monday 17th of September 2018 01:30:23 PM
SpamAssassin 3.4.2 is out, the first release from this spam-filtering project since 3.4.1 came out in April 2015. It fixes some remotely exploitable security issues, so SpamAssassin users probably want to update in the near future. "The exploit has been seen in the wild but not believe to have been purposefully part of a Denial of Service attempt.  We are concerned that there may be attempts to abuse the vulnerability in the future.  Therefore, we strongly recommend all users of these versions upgrade to Apache SpamAssassin 3.4.2 as soon as possible."

[$] Fedora reawakens the hibernation debate

Monday 17th of September 2018 12:52:20 PM
Behavioral changes can make desktop users grumpy; that is doubly true for changes that arrive without notice and possibly risk data loss. Such a situation recently arose in the Fedora 29 development branch in the form of a new "suspend-then-hibernate" feature. This feature will almost certainly be turned off before Fedora 29 reaches an official release, but the discussion and finger-pointing it inspired reveal some significant differences of opinion about how this kind of change should be managed.