Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 2 hours 36 sec ago

Security updates for Monday

2 hours 6 min ago
Security updates have been issued by CentOS (bind), Debian (openocd), Mageia (unbound), Oracle (bind and microcode_ctl), Red Hat (bind, java-1.6.0-sun, libvirt, and qemu-kvm), Scientific Linux (bind), SUSE (kernel and perl-XML-LibXML), and Ubuntu (gimp, intel-microcode, mysql-5.5, mysql-5.7, and openssh).

20 Years of LWN

Monday 22nd of January 2018 03:35:21 AM
Back in mid-1997, your editor (Jonathan Corbet) and Liz Coolbaugh were engaged in a long-running discussion on how to trade our nice, stable, reliably paying jobs for a life of uncertainty, poverty, and around-the-clock work. Not that we thought of it in those terms, naturally. We eventually settled on joining Red Hat's nascent "support partner" program; while we were waiting for it to get started, we decided to start a weekly newsletter as a side project — not big and professional like the real press — to establish ourselves in the community. Thus began an amazing journey that has just completed its 20th year.

No 4.15 final release today

Monday 22nd of January 2018 12:48:22 AM
As might have been expected from watching the commit stream, the 4.15 kernel is not ready for release, so we'll get 4.15-rc9 instead. Linus said: "I really really wanted to just release 4.15 today, but things haven't calmed down enough for me to feel comfy about it, and Davem tells me he still has some networking fixes pending. Laura Abbott found and fixed a very subtle boot bug introduced this development cycle only yesterday, and it just didn't feel right to say that we're done."

Security updates for Monday

Monday 22nd of January 2018 12:22:15 AM
Security updates have been issued by Debian (bind9, couchdb, lucene-solr, mysql-5.5, openocd, and php5), Mageia (gdk-pixbuf2.0, golang, and mariadb), openSUSE (curl, gd, ImageMagick, lxterminal, ncurses, newsbeuter, perl-XML-LibXML, and xmltooling), Oracle (kernel), and SUSE (xmltooling).

Android Users: To Avoid Malware, Try the F-Droid App Store (Wired)

Sunday 21st of January 2018 07:17:45 PM
Wired recommends switching to F-Droid for Android apps. "A polluted ocean of apps is plaguing Android, an operating system built upon Free and Open-Source Software (FOSS) but now barely resembling those venerable roots. Today, the average Android device is not only susceptible to malware and trackers, it’s also heavily locked down and loaded with proprietary components—characteristics that are hardly the calling cards of the FOSS movement. Though Android bears the moniker of open-source, the chain of trust between developers, distributors, and end-users is broken."

OpenSSL development policy changes

Saturday 20th of January 2018 04:34:42 AM
The OpenSSL project has announced a number of changes to how the project is developed. These include shutting down the openssl-dev mailing list in favor of discussing all patches on GitHub and the addition of a new, read-only (for the world) openssl-project list. "We are changing our release schedule so that unless there are extenuating circumstances, security releases will go out on a Tuesday, with the pre-notification being the previous Tuesday. We don’t see a need to have people ready to sacrifice their weekend every time a new CVE comes out."

Kroah-Hartman: Meltdown and Spectre Linux Kernel Status - Update

Friday 19th of January 2018 07:09:04 PM
Here's a brief update from Greg Kroah-Hartman on the kernel's handling of the Meltdown and Spectre vulnerabilities. "This shows that my kernel is properly mitigating the Meltdown problem by implementing PTI (Page Table Isolation), and that my system is still vulnerable to the Spectre variant 1, but is trying really hard to resolve the variant 2, but is not quite there (because I did not build my kernel with a compiler to properly support the retpoline feature)."

[$] Deadline scheduler part 2 — details and usage

Friday 19th of January 2018 03:29:35 PM
Linux’s deadline scheduler is a global early deadline first scheduler for sporadic tasks with constrained deadlines. These terms were defined in the first part of this series. In this installment, the details of the Linux deadline scheduler and how it can be used will be examined.

Security updates for Friday

Friday 19th of January 2018 02:46:52 PM
Security updates have been issued by Arch Linux (bind, irssi, nrpe, perl-xml-libxml, and transmission-cli), CentOS (java-1.8.0-openjdk), Debian (awstats, libgd2, mysql-5.5, rsync, smarty3, and transmission), Fedora (keycloak-httpd-client-install and rootsh), and Red Hat (java-1.7.0-oracle and java-1.8.0-oracle).

Git v2.16.0

Thursday 18th of January 2018 10:35:50 PM
Git v2.16.0 is now available. "It is comprised of 509 non-merge commits since v2.15.0, contributed by 91 people, 26 of which are new faces." The release notes are included in the link below.

Wine 3.0 released

Thursday 18th of January 2018 08:54:59 PM
Version 3.0 of the Wine Windows emulation layer has been released. "This release represents a year of development effort and over 6,000 individual changes." Most of the improvements seem to be around Direct3D graphics, but it also now possible to package up Wine as an Android app; see the release notes for details.

[$] Shrinking the kernel with link-time optimization

Thursday 18th of January 2018 05:36:52 PM
This is the second article of a series discussing various methods of reducing the size of the Linux kernel to make it suitable for small environments. The first article provided a short rationale for this topic, and covered the link-time garbage collection, also called the ld --gc-sections method. We've seen that, though it is pretty straightforward, link-time garbage collection has issues of its own when applied to the kernel, making achieving optimal results more difficult than it is worth. In this article we'll have a look at what the compiler itself can do using link-time optimization.

Security updates for Thursday

Thursday 18th of January 2018 03:17:10 PM
Security updates have been issued by CentOS (linux-firmware and microcode_ctl), Fedora (icecat and transmission), Oracle (java-1.8.0-openjdk and microcode_ctl), Red Hat (java-1.8.0-openjdk), Scientific Linux (java-1.8.0-openjdk), Slackware (bind), SUSE (kernel), and Ubuntu (eglibc).

[$] LWN.net Weekly Edition for January 18, 2018

Thursday 18th of January 2018 01:14:58 AM
The LWN.net Weekly Edition for January 18, 2018 is available.

[$] Monitoring with Prometheus 2.0

Wednesday 17th of January 2018 06:15:24 PM
Prometheus is a monitoring tool built from scratch by SoundCloud in 2012. It works by pulling metrics from monitored services and storing them in a time series database (TSDB). It has a powerful query language to inspect that database, create alerts, and plot basic graphs. Those graphs can then be used to detect anomalies or trends for (possibly automated) resource provisioning. Prometheus also has extensive service discovery features and supports high availability configurations. That's what the brochure says, anyway; let's see how it works in the hands of an old grumpy system administrator. I'll be drawing comparisons with Munin and Nagios frequently because those are the tools I have used for over a decade in monitoring Unix clusters.

Four stable kernels

Wednesday 17th of January 2018 04:51:34 PM
Greg Kroah-Hartman has released stable kernels 4.14.14, 4.9.77, 4.4.112, and 3.18.92. All of them contain important fixes and users should upgrade.

Security updates for Wednesday

Wednesday 17th of January 2018 04:44:58 PM
Security updates have been issued by Debian (bind9, wordpress, and xbmc), Fedora (awstats, docker, gifsicle, irssi, microcode_ctl, mupdf, nasm, osc, osc-source_validator, and php), Gentoo (newsbeuter, poppler, and rsync), Mageia (gifsicle), Red Hat (linux-firmware and microcode_ctl), Scientific Linux (linux-firmware and microcode_ctl), SUSE (kernel and openssl), and Ubuntu (bind9, eglibc, glibc, and transmission).

[$] A survey of some free fuzzing tools

Wednesday 17th of January 2018 04:13:23 PM
Many techniques in software security are complicated and require a deep understanding of the internal workings of the computer and the software under test. Some techniques, though, are conceptually simple and do not rely on knowledge of the underlying software. Fuzzing is a useful example: running a program with a wide variety of junk input and seeing if it does anything abnormal or interesting, like crashing. Though it might seem unsophisticated, fuzzing is extremely helpful in finding the parsing and input processing problems that are often the beginning of a security vulnerability.

Analyzing the Linux boot process (opensource.com)

Tuesday 16th of January 2018 08:13:40 PM
Alison Chaiken looks in detail at how the kernel boots on opensource.com. "Besides starting buggy spyware, what function does early boot firmware serve? The job of a bootloader is to make available to a newly powered processor the resources it needs to run a general-purpose operating system like Linux. At power-on, there not only is no virtual memory, but no DRAM until its controller is brought up."

[$] Deadline scheduling part 1 — overview and theory

Tuesday 16th of January 2018 03:57:53 PM
The deadline scheduler enables the user to specify a realtime task's requirements using well-defined realtime abstractions, allowing the system to make the best scheduling decisions, guaranteeing the scheduling of realtime tasks even in higher-load systems. This article, the first in a series of two, provides an introduction to realtime scheduling (deadline scheduling in particular) and some of the theory behind it.