Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 48 min 46 sec ago

PacketFence 5.0 released

Saturday 18th of April 2015 07:52:26 AM
PacketFence is a free network access control system; the 5.0 release is now available. Changes include a new active clustering mode, better device fingerprinting, better performance monitoring, the elimination of plaintext passwords, and more.

Schaller: Red Hat joins Khronos

Friday 17th of April 2015 10:33:30 PM

At his blog, Christian Schaller announces that Red Hat has joined the Khronos Group, the consortium behind (among other things) the OpenGL standard. Schaller notes that "the reason we are joining is because of all the important changes that are happening in Graphics and GPU compute these days and our wish to have more direct input of the direction of some of these technologies. Our efforts are likely to focus on improving the OpenGL specification by proposing some new extensions to OpenGL, and of course providing input and help with moving the new Vulkan standard forward."

Friday's security updates

Friday 17th of April 2015 04:13:27 PM

Arch Linux has updated php (multiple vulnerabilities).

Debian-LTS has updated tzdata (unspecified vulnerability).

Gentoo has updated adobe-flash (multiple vulnerabilities) and xorg-server (multiple vulnerabilities).

openSUSE has updated icecast (13.1, 13.2:denial of service) and ntop (13.1, 13.2: cross-site scripting).

Red Hat has updated java-1.8.0-oracle (RHEL6,7: multiple vulnerabilities), novnc (RHEL6 OSP; RHEL7 OSP: VNC session hijacking), openstack-foreman-installer (RHEL6 OSP: root command execution), openstack-glance (RHEL6 OSP; RHEL7 OSP: denial of service), openstack-nova (RHEL6 OSP; RHEL7 OSP: multiple vulnerabilities), openstack-packstack, openstack-puppet-modules (RHEL6 OSP; RHEL7 OSP: root command execution), openstack-swift (RHEL6 OSP; RHEL7 OSP: metadata constraint bypass), python-django-horizon, python-django-openstack-auth (RHEL6 OSP; RHEL7 OSP: denial of service), and redhat-access-plugin-openstack (RHEL6 OSP; RHEL7 OSP: information disclosure).

Ubuntu has updated apport (14.04, 14.10: privilege escalation).

GNU Hurd 0.6 released

Thursday 16th of April 2015 09:19:21 PM
It has been roughly a year and a half since the last release of the GNU Hurd operating system, so it may be of interest to some readers that GNU Hurd 0.6 has been released along with GNU Mach 1.5 (the microkernel that Hurd runs on) and GNU MIG 1.5 (the Mach Interface Generator, which generates code to handle remote procedure calls). New features include procfs and random translators; cleanups and stylistic fixes, some of which came from static analysis; message dispatching improvements; integer hashing performance improvements; a split of the init server into a startup server and an init program based on System V init; and more. "GNU Hurd runs on 32-bit x86 machines. A version running on 64-bit x86 (x86_64) machines is in progress. Volunteers interested in ports to other architectures are sought; please contact us (see below) if you'd like to help. To compile the Hurd, you need a toolchain configured to target i?86-gnu; you cannot use a toolchain targeting GNU/Linux. Also note that you cannot run the Hurd "in isolation": you'll need to add further components such as the GNU Mach microkernel and the GNU C Library (glibc), to turn it into a runnable system."

Boyer: Fedora 22 and Kernel 4.0

Thursday 16th of April 2015 08:13:34 PM
On his blog, Josh Boyer looks at the choice of the 4.0 kernel for Fedora 22. While the underpinnings of the live kernel patching feature have been merged, even when it is fully operational it is probably not something that Fedora (and perhaps other distributions) will use often (or at all). "In reality, we might not ever really leverage the live patching functionality in Fedora itself. It is understandable that people want to patch their kernel without rebooting, but the mechanism is mostly targeted at small bugfixes and security patches. You cannot, for example, live patch from version 4.0 to 4.1. Given that the Fedora kernel rebases both from stable kernel (e.g. 3.19.2 to 3.19.3) and major release kernels over the lifetime of a Fedora release, we don't have much opportunity to build the live patches."

Security updates for Thursday

Thursday 16th of April 2015 03:01:42 PM

Debian has updated gst-plugins-bad0.10 (code execution), inspircd (code execution from 2012), movabletype-opensource (code execution), and ppp (denial of service).

Debian-LTS has updated ruby1.9.1 (three vulnerabilities).

Mageia has updated java-1.7.0-openjdk (multiple vulnerabilities), mono (three SSL/TLS vulnerabilities), and python-dulwich (two code execution flaws).

openSUSE has updated flash-player (11.4: 45 vulnerabilities) and rubygem-rest-client (13.2, 13.1: plaintext password logging).

Oracle has updated java-1.6.0-openjdk (OL5: unspecified vulnerabilities) and java-1.7.0-openjdk (OL5: unspecified vulnerabilities).

Red Hat has updated chromium-browser (RHEL6: multiple vulnerabilities), java-1.6.0-openjdk (RHEL5,6&7: multiple vulnerabilities), java-1.7.0-openjdk (RHEL5; RHEL6&7: multiple vulnerabilities), and java-1.8.0-openjdk (RHEL6&7: multiple vulnerabilities).

Scientific Linux has updated java-1.6.0-openjdk (SL5,6&7: multiple vulnerabilities), java-1.7.0-openjdk (SL5; SL6&7: multiple vulnerabilities), and java-1.8.0-openjdk (SL6&7: multiple vulnerabilities).

SUSE has updated flash-player (SLE11SP3: 22 vulnerabilities).

[$] LWN.net Weekly Edition for April 16, 2015

Thursday 16th of April 2015 12:48:48 AM
The LWN.net Weekly Edition for April 16, 2015 is available.

[$] Plotting tools for networks, part I

Wednesday 15th of April 2015 09:50:12 PM

In the first two installments in this series on plotting tools (which covered gnuplot and matplotlib), we introduced tools for creating plots and graphs, and used the terms interchangeably to refer to the typical scientific plot relating one set of quantities to another. In this article we use the term "graph" in its mathematical, graph-theory context, meaning a set of nodes connected by edges. There is a strong family resemblance among graph-theory graphs, flowcharts, and network diagrams—so much so that some of the same tools can be coerced into creating all of them. We will now survey several mature free-software systems for building these types of visualizations. At least one of these tools will likely be useful if you are ever in need of an automated way to diagram source-code interdependencies, make an organizational chart, visualize a computer network, or organize a sports tournament. We will start with a graphical charting tool and a flexible graphing system that can easily be called by other programs.


Security advisories for Wednesday

Wednesday 15th of April 2015 04:42:27 PM

CentOS has updated java-1.6.0-openjdk (C7; C6; C5: multiple vulnerabilities), java-1.7.0-openjdk (C7; C6; C5: multiple vulnerabilities), and java-1.8.0-openjdk (C7; C6: multiple vulnerabilities).

Debian-LTS has updated libvncserver (multiple vulnerabilities) and libx11 (code execution).

Mageia has updated arj (multiple vulnerabilities), asterisk (SSL server spoofing), flash-player-plugin (multiple vulnerabilities), glusterfs (denial of service), librsync (file checksum collision), ntp (two vulnerabilities), qemu (denial of service), quassel (denial of service), shibboleth-sp (denial of service), socat (denial of service), tor (denial of service), and wesnoth (information leak).

Oracle has updated java-1.6.0-openjdk (OL6: multiple vulnerabilities), java-1.7.0-openjdk (OL6: multiple vulnerabilities), and java-1.8.0-openjdk (OL6: multiple vulnerabilities).

Red Hat has updated flash-plugin (RHEL5,6 Supplementary: multiple vulnerabilities).

SUSE has updated Adobe Flash Player (SLEWE12, SLED12: multiple vulnerabilities).

Debian project leader election results

Wednesday 15th of April 2015 01:14:21 PM
This year's Debian project election leader election has concluded, with Neil McGovern winning by a conclusive margin.

[$] Report from the Python Language Summit

Tuesday 14th of April 2015 10:25:22 PM
The first half of our report from the Python Language Summit is now available. Subscribers can click below to access reports from five sessions held before lunch covering topics like the atomicity of Python operations, making Python 3 more attractive to developers, PyParallel, infrastructure for Python development, and Python 3 adoption. We will be adding more reports to this page as they become available.

OIN Expands the Linux System Definition

Tuesday 14th of April 2015 07:05:00 PM
Open Invention Network (OIN) has announced that it has updated its Linux System patent non-aggression coverage. "For this update, 115 new packages will be added to the Linux System, out of almost 800 proposed by various parties. Key additions are the reference implementations of the popular Go and Lua programming languages, Nginx, Openshift, and development tools like CMake and Maven. This update will represent an increase of approximately 5% of the total number of packages covered in the Linux System, a reflection of the incremental and disciplined nature of the update process."

KDE Ships Plasma 5.3 Beta

Tuesday 14th of April 2015 06:51:38 PM
A beta version of Plasma 5.3 has been released. This release features enhanced power management, better Bluetooth capabilities, improved Plasma widgets, a tech preview of Plasma Media Center, big steps towards Wayland support, and lots of bug fixes.

Tuesday's security updates

Tuesday 14th of April 2015 03:41:55 PM

Arch Linux has updated ruby (man-in-the-middle attack).

CentOS has updated openssl (C5: multiple vulnerabilities).

Debian-LTS has updated ia32-libs (multiple vulnerabilities).

Oracle has updated openssl (OL5: multiple vulnerabilities).

Red Hat has updated kernel (RHEL6.4: privilege escalation).

Scientific Linux has updated xorg-x11-server (SL7, SL6: information leak/denial of service).

Ubuntu has updated apport (14.10, 14.04: privilege escalation), libx11, libxrender (14.10, 14.04, 12.04: code execution), and ntp (14.10, 14.04, 12.04: multiple vulnerabilities).

The Document Liberation, one year after

Monday 13th of April 2015 07:35:38 PM
The Document Foundation's project Document Liberation looks at its progress during the past year. "During 2014, members of the project released a new framework library, called librevenge, which contains all the document interfaces and helper types, in order to simplify the dependency chain. In addition, they started a new library for importing Adobe PageMaker documents, libpagemaker, written as part of Google Summer of Code 2014 by Anurag Kanungo. Existing libraries have also been extended with the addition of more formats, like libwps with the addition of Microsoft Works Spreadsheet and Database by Laurent Alonso. He is now working on adding support for Lotus 1-2-3, which is one of the most famous legacy applications for personal computers. Laurent has also added support for more than twenty legacy Mac formats to libmwaw."

Stable kernel updates

Monday 13th of April 2015 06:05:32 PM
Greg KH has released stable kernels 3.19.4, 3.14.38, and 3.10.74. All of them contain the usual set of important fixes.

Security advisories for Monday

Monday 13th of April 2015 05:06:48 PM

Arch Linux has updated icecast (denial of service).

CentOS has updated xorg-x11-server (C6: information leak).

Debian has updated chrony (multiple vulnerabilities), das-watchdog (privilege escalation), libdbd-firebird-perl (buffer overflow), libtasn1-3 (denial of service), libx11 (code execution), ntp (two vulnerabilities), and wesnoth-1.10 (information leak).

Debian-LTS has updated chrony (multiple vulnerabilities), das-watchdog (privilege escalation), libtasn1-3 (denial of service), and ntp (two vulnerabilities).

Fedora has updated arj (F20: multiple vulnerabilities), ca-certificates (F21; F20: certificate update), ImageMagick (F21: multiple vulnerabilities), libxml2 (F20: denial of service), openldap (F21: denial of service), qemu (F21: multiple vulnerabilities), varnish (F21: heap buffer overflow), and xen (F21; F20: multiple vulnerabilities).

Gentoo has updated apache (multiple vulnerabilities), mysql (multiple unspecified vulnerabilities), sudo (information disclosure), and xen (multiple vulnerabilities).

Mandriva has updated batik (MBS1,2: information leak).

openSUSE has updated kernel (13.2; 13.1: multiple vulnerabilities) and tor (13.2, 13.1: denial of service).

Red Hat has updated openssl (RHEL5: multiple vulnerabilities).

Scientific Linux has updated openssl (SL5: multiple vulnerabilities).

SUSE has updated firefox (SLES12; SLED12: multiple vulnerabilities).

Hubička: Link time and inter-procedural optimization improvements in GCC 5

Monday 13th of April 2015 12:08:16 PM
Jan Hubička has posted a lengthy discussion of the optimization improvements found in the upcoming GCC 5.0 release. "Identical code folding is a new pass (contributed by Martin Liška, SUSE) looking for functions with the same code and variables with the same constructors. If some are found, one copy is removed and replaced one by an alias to another where possible. This is especially important for C++ code bases that tend to contain duplicated functions as a result of template instantiations."

The 4.0 kernel has been released

Monday 13th of April 2015 07:32:11 AM
Linus has released the 4.0 kernel right on schedule. "Feature-wise, 4.0 doesn't have all that much special. Much have been made of the new kernel patching infrastructure, but realistically, that not only wasn't the reason for the version number change, we've had much bigger changes in other versions. So this is very much a 'solid code progress' release." Beyond the (incomplete) live-patching mechanism, this release includes the removal of the remap_file_pages() system call, improved persistent memory support, the lazytime mount option, and the kernel address sanitizer.

Turon: Fearless Concurrency with Rust

Friday 10th of April 2015 05:54:38 PM
Aaron Turon has posted a lengthy introduction to concurrency in the Rust programming language. "Every data type knows whether it can safely be sent between or accessed by multiple threads, and Rust enforces this safe usage; there are no data races, even for lock-free data structures. Thread safety isn't just documentation; it's law."