Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 48 min 5 sec ago

Security updates for Wednesday

2 hours 8 min ago
Security updates have been issued by Debian (apache2 and unbound), Fedora (opendmarc, runc, and sudo), openSUSE (epiphany, GraphicsMagick, and libopenmpt), Oracle (kernel and sudo), Red Hat (java-1.8.0-openjdk, jss, kernel, kernel-rt, and kpatch-patch), SUSE (crowbar-core, crowbar-openstack, grafana, novnc, openstack-keystone, openstack-neutron, openstack-neutron-lbaas, openstack-nova, openstack-tempest, python-pysaml2, python-urllib3, rubygem-chef, rubygem-easy_diff, sleshammer, libpcap, sudo, and tcpdump), and Ubuntu (aspell and libsdl1.2).

Perl 6 renamed to Raku

Tuesday 15th of October 2019 03:29:29 PM
The pull request changing the name of Perl 6 to Raku has been merged. See the full text for more information. "This document describes the steps to be taken to effectuate a rename of 'Perl 6' to 'Raku', as described in issue #81. It does not pretend to be complete in scope or in time. To change a name of a project that has been running for 19+ years will take time, a lot of effort and a lot of cooperation. It will affect people in foreseen and unforeseen ways." (Thanks to Sean Whitton)

Security updates for Tuesday

Tuesday 15th of October 2019 02:58:33 PM
Security updates have been issued by Debian (sudo and xtrlock), openSUSE (sudo), Red Hat (Single Sign-On), Slackware (sudo), SUSE (binutils, dhcp, ffmpeg, kernel, kubernetes-salt, sudo, and tcpdump), and Ubuntu (sudo).

KDE Plasma 5.17 released

Tuesday 15th of October 2019 01:18:43 PM
The KDE project has announced the release of version 5.17 of the Plasma desktop environment. "Night Color, the color-grading system that relaxes your eyes when the sun sets, has landed for X11. Your Plasma desktop also recognizes when you are giving a presentation, and stops messages popping up in the middle of your slideshow. If you are using Wayland, Plasma now comes with fractional scaling, which means that you can adjust the size of all your desktop elements, windows, fonts and panels perfectly to your HiDPI monitor."

Python 3.8.0 released

Monday 14th of October 2019 10:15:39 PM
Version 3.8.0 of the Python language has been released. New features include the controversial assignment expressions, positional-only arguments, the Vectorcall mechanism, and more; see the what's new in Python 3.8 document for more information.

PyPy 7.2 released

Monday 14th of October 2019 07:11:30 PM
Version 7.2 of PyPy, an implementation of the Python language, is out. With this release, Python 3.6 support is deemed ready: "This release removes the 'beta' tag from PyPy3.6. While there may still be some small corner-case incompatibilities (around the exact error messages in exceptions and the handling of faulty codec errorhandlers) we are happy with the quality of the 3.6 series and are looking forward to working on a Python 3.7 interpreter."

[$] Finding race conditions with KCSAN

Monday 14th of October 2019 06:13:07 PM
Race conditions can be some of the trickiest bugs to find. The resulting problems can be subtle, and reproducing the problem in order to track it down can be difficult or impossible; often code inserted to narrow down a race condition will cause it to stop manifesting entirely. A tool that can find race conditions automatically would thus be a valuable thing for the kernel community to have. In late September, Marco Elver announced a tool called KCSAN (the Kernel Concurrency Sanitizer) that does exactly that — and which has already found a number of real problems.

Security updates for Monday

Monday 14th of October 2019 03:00:06 PM
Security updates have been issued by Arch Linux (chromium, sdl, and unbound), Debian (clamav, libdatetime-timezone-perl, openssl, tcpdump, and tzdata), Fedora (cutter-re, jackson-annotations, jackson-bom, jackson-core, jackson-databind, jackson-parent, libapreq2, ming, opendmarc, radare2, and thunderbird), openSUSE (chromium), Oracle (kernel), and SUSE (axis, jakarta-commons-fileupload, kernel, sles12sp3-docker-image, sles12sp4-image, system-user-root, and webkit2gtk3).

Kernel prepatch 5.4-rc3

Monday 14th of October 2019 01:52:12 PM
The 5.4-rc3 kernel prepatch is out for testing. "Things continue to look fairly normal, with rc3 being larger than rc2, as people are starting to find more regressions, but 5.4 so far remains on the smaller side of recent releases."

More stable kernels

Saturday 12th of October 2019 11:19:26 PM
The 5.3.6, 4.19.79, and 4.14.149 stable kernel updates have been released; each contains another set of important updates.

[$] Calibrating your fear of big bad optimizing compilers

Friday 11th of October 2019 02:14:14 PM
As noted earlier, when compiling Linux-kernel code that does a plain C-language load or store, as in "a=b", the C standard grants the compiler the right to assume that the affected variables are neither accessed nor modified by any other thread at the time of that load or store. The compiler is therefore permitted to carry out a surprisingly large number of optimizations, any number of which might ruin your concurrent code's day. Given that current compilers usually do not emit diagnostics warning of potential ruined days, it would be good to have other tools take on this task.

Security updates for Friday

Friday 11th of October 2019 02:04:07 PM
Security updates have been issued by Debian (lucene-solr and ruby-openid), Fedora (krb5 and SDL2), openSUSE (kernel and libopenmpt), and Ubuntu (python2.7, python3.4).

Understanding Scheduling Behavior with SchedViz (Google Open Source Blog)

Thursday 10th of October 2019 10:38:28 PM
The Google Open Source Blog has an announcement of the release of the SchedViz tool that is used internally at the company "to discover many opportunities for better scheduling choices and to root-cause many latency issues". SchedViz provides a GUI to explore kernel traces: "The SchedViz UI displays collections in several ways. A zoomable and pannable heatmap shows system cores on the y-axis, and the trace duration on the x-axis. Each core in the system has a swim-lane, and each swim-lane shows CPU utilization (when that CPU is being kept busy) and wait-queue depth (how many threads are waiting to run on that CPU.) The UI also includes a thread list that displays which threads were active in the heatmap, along with how long they ran, waited to run, and blocked on some event, and how many times they woke up or migrated between cores. Individual threads can be selected to show their behavior over time, or expanded to see their details."

[$] BPF at Facebook (and beyond)

Thursday 10th of October 2019 04:47:38 PM
It is no secret that much of the work on the in-kernel BPF virtual machine and associated user-space support code is being done at Facebook. But less is known about how Facebook is actually using BPF. At Kernel Recipes 2019, BPF developer Alexei Starovoitov described a bit of that work, though even he admitted that he didn't know what most of the BPF programs running there were doing. He also summarized recent developments with BPF and some near-future work.

Security updates for Thursday

Thursday 10th of October 2019 01:47:25 PM
Security updates have been issued by Debian (clamav, libtomcrypt, and rsyslog), Fedora (suricata), SUSE (libopenmpt and python-requests), and Ubuntu (libsoup2.4 and octavia).

[$] LWN.net Weekly Edition for October 10, 2019

Thursday 10th of October 2019 12:58:31 AM
The LWN.net Weekly Edition for October 10, 2019 is available.

[$] An update on the input stack

Wednesday 9th of October 2019 09:59:52 PM
The input stack for Linux is an essential part of interacting with our systems, but it is also an area that is lacking in terms of developers. There has been progress over the last few years, however; Peter Hutterer from Red Hat came to the 2019 X.Org Developers Conference to talk about some of the work that has been done. He gave a status report on the input stack that covered development work that is going on now as well as things that have been completed in the last two years or so. Overall, things are looking pretty good for input on Linux, though the "bus factor" for the stack is alarmingly low.

Stallman: No radical changes in GNU Project

Wednesday 9th of October 2019 06:46:01 PM
Richard Stallman has issued a brief statement saying that there will not be any radical changes in the GNU Project's goals, principles and policies. "I would like to make incremental changes in how some decisions are made, because I won't be here forever and we need to ready others to make GNU Project decisions when I can no longer do so. But these won't lead to unbounded or radical changes."

[$] Free software support for virtual and augmented reality

Wednesday 9th of October 2019 04:05:12 PM
A talk at the recent X.Org Developers Conference in Montréal, Canada looked at support for "XR" in free software. XR is an umbrella term that includes both virtual reality (VR) and augmented reality (AR). In the talk, Joey Ferwerda and Christoph Haag from Collabora gave an overview of XR and the Monado project that provides support for those types of applications.

Security updates for Wednesday

Wednesday 9th of October 2019 02:57:03 PM
Security updates have been issued by Fedora (chromium), openSUSE (rust and sqlite3), SUSE (dnsmasq, firefox, and kubernetes, patchinfo), and Ubuntu (python2.7, python3.5, python3.6, python3.7).

More in Tux Machines

VirtualBox Adds Support for Linux Kernel 5.3, Red Hat Enterprise Linux 8.1 Beta

VirtualBox 6.0.14 is here to add support for new technologies, fix bug, and add various improvements. For example it implements support for the Linux 5.3 kernel series, as well as for the Red Hat Enterprise Linux 7.7, CentOS Linux 7.7, Oracle Linux 7.7m and Red Hat Enterprise Linux 8.1 Beta operating systems. On top of that, VirtualBox 6.0.14 improves the detection of the Python version during the creation of the RPM package on Linux hosts to address some installation issues addresses and package dependencies, and improves shared folders for Linux guests, especially when unmounting them in service script. Read more

Fedora at 15: Why Matthew Miller sees a bright future for the Linux distribution

Fedora—as a Linux distribution—will celebrate the 15th anniversary of its first release in November, though its technical lineage is much older, as Fedora Core 1 was created following the discontinuation of Red Hat Linux 9 in favor of Red Hat Enterprise Linux (RHEL). That was a turbulent time in Red Hat history, and Fedora has had its own share of turbulence as well. Since becoming project leader in June 2014, Matthew Miller had led the Fedora.next initiative, intended to guide the second decade of the Fedora project. That initiative resulted in the creation of separate Fedora Workstation, Server, and Cloud editions—the latter of which has since been replaced with CoreOS—as well as the addition of an Internet of Things (IoT) edition. Read more

Some nice widgets for your Plasma desktop

Plasma is an extremely extensible, flexible desktop environment, and it lets you customize and change anything and everything to the tiniest detail. You can go about mimicking other desktops and systems as you please, limited only by your imagination and patience. If you want a Mac-like look or a Unity look, you can. So I thought, I should revisit my old Plasma widgets article and explore some fresh applets out there, to see what else you can do here. Indeed, there are lots of hidden goodies lurking beneath the surface, and if you're curious, you will discover fresh tools and features that can make the Plasma desktop experience even more enjoyable. Read more

Security Leftovers

  • Security updates for Wednesday

    Security updates have been issued by Debian (apache2 and unbound), Fedora (opendmarc, runc, and sudo), openSUSE (epiphany, GraphicsMagick, and libopenmpt), Oracle (kernel and sudo), Red Hat (java-1.8.0-openjdk, jss, kernel, kernel-rt, and kpatch-patch), SUSE (crowbar-core, crowbar-openstack, grafana, novnc, openstack-keystone, openstack-neutron, openstack-neutron-lbaas, openstack-nova, openstack-tempest, python-pysaml2, python-urllib3, rubygem-chef, rubygem-easy_diff, sleshammer, libpcap, sudo, and tcpdump), and Ubuntu (aspell and libsdl1.2).

  • Cybersecurity Awareness Month: Increasing our self-awareness so we can improve security

    October has been National Cybersecurity Awareness Month since 2004. According to staysafeonline.org, this initiative was started by the National Cybersecurity Alliance and the US Department of Homeland Security to help all Americans stay safe and secure when online. This month is usually marked with a significant uptick in cybersecurity outreach and training. It’s also the one month of the year when you can get a significant amount of cybersecurity swag such as webcam covers, mugs, and pens. This event has an outward focus to raise awareness of security globally, Many other events have come into existence along with this. For example, there are numerous electronics recycling events that now occur in October where people can securely dispose of their old computers. Some municipalities have extended this to include safe disposal of old prescription medications, paints, and other hazardous materials. Recent events in the greater technology community, specifically the resignation of Richard Stallman from both MIT and the Free Software Foundation, have become character foils that show us that while we have come a long way, we still have a long way ahead of us to improve.

  • Michael Tremer/IPFire: On quadrupling throughput of our Quality of Service

    There have been improvements to our Quality of Service (or QoS) which have made me very excited. Our QoS sometimes was a bottleneck. Enabling it could cut your bandwidth in half if you were unlucky. That normally was not a problem for larger users of IPFire, because if you are running a 1 Gigabit/s connection, you would not need any QoS in the first place, or your hardware was fast enough to handle the extra load. For the smaller users this was, however, becoming more and more of a problem. Smaller systems like the IPFire Mini Appliance are designed to be small (the clue is in the name) and to be very energy-efficient. And they are. They are popular with users with a standard DSL connection of up to 100 Megabit/s which is very common in Germany. You have nothing to worry about here. But if you are lucky to have a faster Internet connection, then this hardware and others that we have sold before might be running out of steam. There is only so much you can get out of them.

  • The City Of Baltimore Blew Off A $76,000 Ransomware Demand Only To Find Out A Bunch Of Its Data Had Never Been Backed Up [Ed: Windows]

    The City of Baltimore was hit with a ransomware attack in May of this year. Criminals using remodeled and rebranded NSA exploits (EternalBlue) knocked out a "majority" of the city's servers and crippled many of its applications. More details didn't surface until September when the city's government began reshuffling the budget to cover the expenses of recovering from the attack.