Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 55 min 55 sec ago

OpenBSD 6.4

2 hours 22 min ago
OpenBSD 6.4 has been released. This release features improved hardware support, adding a number of new drivers. Notable security improvements include the new unveil() system call to restrict file system access.

Ubuntu 18.10 (Cosmic Cuttlefish) released

6 hours 20 min ago
Ubuntu has announced the release of its latest version, 18.10 (or "Cosmic Cuttlefish"). It has lots of updated packages and such, and is available in both a desktop and server version; there are also multiple flavors that were released as well. More information can be found in the release notes. "The Ubuntu kernel has been updated to the 4.18 based Linux kernel, our default toolchain has moved to gcc 8.2 with glibc 2.28, and we've also updated to openssl 1.1.1 and gnutls 3.6.4 with TLS1.3 support. Ubuntu Desktop 18.04 LTS brings a fresh look with the community-driven Yaru theme replacing our long-serving Ambiance and Radiance themes. We are shipping the latest GNOME 3.30, Firefox 63, LibreOffice 6.1.2, and many others. Ubuntu Server 18.10 includes the Rocky release of OpenStack including the clustering enabled LXD 3.0, new network configuration via netplan.io, and iteration on the next-generation fast server installer. Ubuntu Server brings major updates to industry standard packages available on private clouds, public clouds, containers or bare metal in your datacentre."

PostgreSQL 11 released

7 hours 48 min ago
The PostgreSQL 11 release is out. "PostgreSQL 11 provides users with improvements to overall performance of the database system, with specific enhancements associated with very large databases and high computational workloads. Further, PostgreSQL 11 makes significant improvements to the table partitioning system, adds support for stored procedures capable of transaction management, improves query parallelism and adds parallelized data definition capabilities, and introduces just-in-time (JIT) compilation for accelerating the execution of expressions in queries." See this article for a detailed overview of what is in this release.

[$] Making the GPL more scary

9 hours 31 min ago
For some years now, one has not had to look far to find articles proclaiming the demise of the GNU General Public License. That license, we are told, is too frightening for many businesses, which prefer to use software under the far weaker permissive class of license. But there is a business model that is based on the allegedly scary nature of the GPL, and there are those who would like to make it more lucrative; the only problem is that the GPL isn't quite scary enough yet.

Stable kernels 4.18.15, 4.14.77, and 4.9.134

10 hours 18 min ago
Greg Kroah-Hartman has announced the release of the 4.18.15, 4.14.77, and 4.9.134 stable kernels. As usual, there are important fixes throughout the tree and users should upgrade.

Security updates for Thursday

10 hours 33 min ago
Security updates have been issued by Arch Linux (chromium, libssh, and net-snmp), Debian (libssh and xen), Fedora (audiofile), openSUSE (axis, GraphicsMagick, ImageMagick, kernel, libssh, samba, and texlive), Oracle (java-1.8.0-openjdk), Red Hat (java-1.8.0-openjdk, rh-nodejs6-nodejs, and rh-nodejs8-nodejs), SUSE (binutils and fuse), and Ubuntu (paramiko).

[$] LWN.net Weekly Edition for October 18, 2018

Thursday 18th of October 2018 12:29:38 AM
The LWN.net Weekly Edition for October 18, 2018 is available.

[$] A new direction for i965

Wednesday 17th of October 2018 10:30:08 PM

Graphical applications are always pushing the limits of what the hardware can do and recent developments in the graphics world have caused Intel to rethink its 3D graphics driver. In particular, the lower CPU overhead that the Vulkan driver on Intel hardware can provide is becoming more attractive for OpenGL as well. At the 2018 X.Org Developers Conference Kenneth Graunke talked about an experimental re-architecting of the i965 driver using Gallium3D—a development that came as something of a surprise to many, including him.

[$] Secure key handling using the TPM

Wednesday 17th of October 2018 04:36:57 PM

Trusted Computing has not had the best reputation over the years — Richard Stallman dubbing it "Treacherous Computing" probably hasn't helped — though those fears of taking away users' control of their computers have not proven to be founded, at least yet. But the Trusted Platform Module, or TPM, inside your computer can do more than just potentially enable lockdown. In our second report from Kernel Recipes 2018, we look at a talk from James Bottomley about how the TPM works, how to talk to it, and how he's using it to improve his key handling.

Security updates for Wednesday

Wednesday 17th of October 2018 03:08:04 PM
Security updates have been issued by CentOS (tomcat), Debian (asterisk, graphicsmagick, and libpdfbox-java), openSUSE (apache2 and git), Oracle (tomcat), Red Hat (kernel and Satellite 6.4), Slackware (libssh), SUSE (binutils, ImageMagick, and libssh), and Ubuntu (clamav, libssh, moin, and paramiko).

[$] A farewell to email

Tuesday 16th of October 2018 10:29:04 PM
The free-software community was built on email, a distributed technology that allows people worldwide to communicate regardless of their particular software environment. While email remains at the core of many projects' workflow, others are increasingly trying to move away from it. A couple of recent examples show what is driving this move and where it may be headed.

Bro becomes Zeek

Tuesday 16th of October 2018 04:43:32 PM
The Bro network security monitoring project has announced a name change to "Zeek". "On the Leadership Team of the Bro Project, we heard clear concerns from the Bro community that the name 'Bro' has taken on strongly negative connotations, such as 'Bro culture'. These send a sharp, anti-inclusive - and wholly unintended and undesirable - message to those who might use Bro. The problems were significant enough that during BroCon community sessions, several people have mentioned substantial difficulties in getting their upper management to even consider using open-source software with such a seemingly ill-chosen, off-putting name."

SFLC: Automotive Software Governance and Copyleft

Tuesday 16th of October 2018 03:28:35 PM
The Software Freedom Law Center has announced the availability of a whitepaper [PDF] about automotive software and copyleft, written by Mark Shuttleworth and Eben Moglen. At its core, it's an advertisement for Ubuntu and Snap, but it does look at some of the issues involved.

The fine grain of interface access rights provided by the snapd governance agent can thus provide further isolation and security when it is running user-modified code, guaranteed under the snap packaging paradigm to cause no other program code to be modified, to break, or to perform differently because of the presence of the user-modified program. Such a structure of modification permission can be operated by the OEM consistent with the requirements of GPLv3. The OEM can publish an authenticated record of the installation permission issued, indexed by the Vehicle Identification Number—without publishing the car owner’s personal information—so that public and private parties can be assured that no surreptitious modification of vehicle software occurs.

Security updates for Tuesday

Tuesday 16th of October 2018 02:58:12 PM
Security updates have been issued by CentOS (ghostscript and spamassassin), Debian (moin, spice, and tomcat8), Fedora (kernel-headers, kernel-tools, and libgit2), Oracle (ghostscript and tomcat), Red Hat (ghostscript and tomcat), Scientific Linux (ghostscript and tomcat), SUSE (git, kernel, python, and samba), and Ubuntu (net-snmp and thunderbird).

[$] Fighting Spectre with cache flushes

Monday 15th of October 2018 11:23:44 PM
One of the more difficult aspects of the Spectre hardware vulnerability is finding all of the locations in the code that might be exploitable. There are many locations that look vulnerable that aren't, and others that are exploitable without being obvious. It has long been clear that finding all of the exploitable spots is a long-term task, and keeping new ones from being introduced will not be easy. But there may be a simple technique that can block a large subset of the possible exploits with a minimal cost.

Security updates for Monday

Monday 15th of October 2018 02:47:00 PM
Security updates have been issued by Arch Linux (wireshark-cli), Debian (imagemagick, otrs2, tomcat7, and wireshark), Fedora (ca-certificates, dislocker, dolphin-emu, kernel-headers, kernel-tools, libgit2, mbedtls, mingw-openjpeg2, nekovm, openjpeg2, patch, strongswan, and thunderbird), Mageia (firefox, git, nextcloud, and texlive), Oracle (kernel and openssl), Scientific Linux (spamassassin), SUSE (libtirpc), and Ubuntu (requests).

Kernel prepatch 4.19-rc8

Monday 15th of October 2018 01:48:36 PM
As expected, the 4.19 development cycle has gone to 4.19-rc8. "Please go and test and ensure that all works well for you. Hopefully this should be the last -rc release."

A pile of weekend stable kernel updates

Saturday 13th of October 2018 04:24:11 PM
The 4.18.14, 4.14.76, 4.9.133, 4.4.161, and 3.18.124 stable kernels have all been released; each contains another pile of important fixes and updates.

[$] I/O scheduling for single-queue devices

Friday 12th of October 2018 05:03:33 PM
Block I/O performance can be one of the determining factors for the performance of a system as a whole, especially on systems with slower drives. The need to optimize I/O patterns has led to the development of a long series of I/O schedulers over the years; one of the most recent of those is BFQ, which was merged during the 4.12 development cycle. BFQ incorporates an impressive set of heuristics designed to improve interactive performance, but it has, thus far, seen relatively little uptake in deployed systems. An attempt to make BFQ the default I/O scheduler for some types of storage devices has raised some interesting questions, though, on how such decisions should be made.

Security updates for Friday

Friday 12th of October 2018 02:48:17 PM
Security updates have been issued by Debian (net-snmp), Fedora (php-horde-nag), openSUSE (git, java-1_8_0-openjdk, libxml2, mgetty, moinmoin-wiki, postgresql10, and soundtouch), Oracle (spamassassin), Red Hat (spamassassin), SUSE (apache2, axis, kernel, libX11 and libxcb, and texlive), and Ubuntu (clamav, git, and texlive-bin).

More in Tux Machines

Games: Hand of Fate 2, Rocket League, Reigns: Game of Thrones

today's leftovers

OSS Leftover

  • How an affordable open source eye tracker is helping thousands communicate
    In 2015, while sat in a meeting at his full-time job, Julius Sweetland posted to Reddit about a project he had quietly been working on for years, that would help people with motor neurone disease communicate using just their eyes and an application. He forgot about the post for a couple of hours before friends messaged him to say he'd made the front page. Now three years on Optikey, the open source eye-tracking communication tool, is being used by thousands of people, largely through word of mouth recommendations. Sweetland was speaking at GitHub Universe at the Palace of Fine Art in San Francisco, and he took some time to speak with Techworld about the project. [...] Originally, Sweetland's exposure to open source had largely been through the consumption of tools such as the GIMP. "I knew of the concept, I didn't really know how the nuts and bolts worked, I was always a little blase about how do you make money from something like that... but flipping it around again I'm still coming from the point of view that there's no money in my product, so I still don't understand how people make money in open source...
  • Fission open source serverless framework gets updated
    Platform9 just released updates to Fission.io - the open source, Kubernetes-native Serverless framework, with new features enabling developers and IT Operations to improve the quality and reliability of serverless applications. Other new features include Automated Canary Deployments to reduce the risk of failed releases, Prometheus integration for automated monitoring and alerts, and fine-grained cost and performance optimization capabilities. With this latest release, Fission offers the most complete set of features to allow Dev and Ops teams to safely adopt Serverless and benefit from the speed, cost savings and scalability of this cloud native development pattern on any environment - either in the public cloud or on-premises.
  • Alphabet’s DeepMind open-sources key building blocks from its AI projects
  • United States: It's Ten O'Clock: Do You Know Where Your Software Developers Are? [Ed: Smith Gambrell & Russell LLP are liars. Dana Hustins says FSF "purport to convert others' proprietary software into open source software" in there. They paint GPL as a conspiracy of some kind to entrap proprietary s/w developers.]
  • Transatomic Power To Open Source IP Regarding Advanced Molten Salt Reactors [Ed: There's no such thing as "IP", Duane Morris LLP. There are copyrights, trademarks, patents etc. and Transatomic basically made code free.]
  • Code Review--an Excerpt from VM Brasseur's New Book Forge Your Future with Open Source
    Even new programmers can provide a lot of value with their code reviews. You don't have to be a Rockstar Ninja 10x Unicorn Diva programmer with years and years of experience to have valuable insights. In fact, you don't even have to be a programmer at all. You just have to be knowledgable enough to spot patterns. While you won't be able to do a complete review without programming knowledge, you may still spot things that could use some work or clarification. If you're not a Rockstar Ninja 10x Unicorn Diva programmer, not only is your code review feedback still valuable, but you can also learn a great deal in the process: Code layout, programming style, domain knowledge, best practices, neat little programming tricks you'd not have seen otherwise, and sometimes antipatterns (or "how not to do things"). So don't let the fact that you're unfamiliar with the code, the project, or the language hold you back from reviewing code contributions. Give it a go and see what there is to learn and discover.

Security Leftovers