Language Selection

English French German Italian Portuguese Spanish


Syndicate content is a comprehensive source of news and opinions from and about the Linux community. This is the main feed, listing all articles which are posted to the site front page.
Updated: 3 hours 28 min ago

Security advisories for Thursday

5 hours 17 min ago

Arch Linux has updated bugzilla (privilege escalation).

openSUSE has updated IPython, (cross-site scripting).

SUSE has updated php5 (SLE11SP2: three vulnerabilities).

Bottomley: Respect and the Linux Kernel Mailing Lists

13 hours 8 min ago
SCSI subsystem maintainer James Bottomley has posted a different view on the issue of civility on the kernel's mailing lists. "So, by and large, I’m proud of the achievements we’ve made in civility and the way we have improved over the years. Are we perfect? by no means (but then perfection in such a large community isn’t a realistic goal). However, we have passed our stress test: that an individual with bad patches to several mailing lists was met with courtesy and helpful advice, in spite of serially repeating the behaviour."

[$] Weekly Edition for October 8, 2015

Thursday 8th of October 2015 01:03:05 AM
The Weekly Edition for October 8, 2015 is available.

[$] Status updates for three graphics drivers

Wednesday 7th of October 2015 05:02:54 PM
Drivers for graphics hardware are an important part of the graphics stack, so it was not unexpected that the 2015 X.Org Developers Conference had several status updates for free graphics drivers. Three projects had talks: the Nouveau driver for NVIDIA devices, the amdgpu driver for AMD hardware, and the Etnaviv driver for Vivante GPUs. Each presented an update on its progress and plans.

Security advisories for Wednesday

Wednesday 7th of October 2015 04:03:59 PM

Debian has updated freetype (denial of service) and zendframework (two vulnerabilities).

Fedora has updated openhpi (F22: world writable /var/lib/openhpi directory) and wireshark (F22: multiple vulnerabilities).

Ubuntu has updated spice (15.04, 14.04: multiple vulnerabilities).

[$] strscpy() and the hazards of improved interfaces

Wednesday 7th of October 2015 09:34:01 AM
Back in the distant past (May 2015), LWN looked at a couple of efforts to provide improved string-handling primitives to the kernel. One of those two was recently merged, while the other has run into trouble; both cases highlight a fundamental concern Linus has about this type of kernel patch. The end result is that it is possible to evolve the kernel toward safer interfaces, but attempts to do so as a series of mass changes will probably not end well.

Open Invention Network Celebrates 10 Year Anniversary

Tuesday 6th of October 2015 06:40:25 PM
Open Invention Network (OIN) marks its ten year anniversary. "Since its founding in 2005, Open Invention Network has grown its community to over 1,700 participants – from sizable multinational companies to key open source projects to emerging businesses. OIN has expanded its strategic patent portfolio to more than 1,000 worldwide patents and applications. In parallel, the zone of patent non-aggression that is defined by OIN’s Linux System definition has evolved to include more than 2,300 software packages, which ensures freedom of action in core functionality for global open source projects and technology platforms such as Linux, Red Hat, SUSE, Android, Open Stack and Apache."

Security updates for Tuesday

Tuesday 6th of October 2015 04:48:44 PM

Arch Linux has updated nodejs (denial of service).

Fedora has updated libvpx (F21: denial of service), openjpeg2 (F22: code execution), pixman (F22: buffer overflow), unzip (F21: two vulnerabilities), webkitgtk (F22; F21: denial of service), and webkitgtk3 (F22; F21: denial of service).

openSUSE has updated apache2 (13.2, 13.1: multiple vulnerabilities), conntrack-tools (13.2, 13.1: denial of service), froxlor (13.2, 13.1: privilege escalation), redis (13.2, 13.1: code execution), seamonkey (13.2, 13.1: multiple vulnerabilities), thunderbird (13.2, 13.1: multiple vulnerabilities), and vorbis-tools (13.2, 13.1: code execution).

SUSE has updated firefox, nspr (SLE12: multiple vulnerabilities).

Ubuntu has updated kernel (15.04; 14.04: multiple vulnerabilities), linux-lts-trusty (12.04: multiple vulnerabilities), linux-lts-utopic (14.04: multiple vulnerabilities), linux-lts-vivid (14.04: multiple vulnerabilities), and lxc (14.04: regression in previous update).

The 2015 Linux Foundation Technical Advisory Board elections

Tuesday 6th of October 2015 11:47:54 AM
The nomination process has begun for the 2015 election of the Technical Advisory Board for the Linux Foundation. That election will happen on October 26 at the Kernel Summit in Seoul, South Korea. There are five positions to be filled; terms are for two years.

Android 6.0 Marshmallow, thoroughly reviewed (Ars Technica)

Monday 5th of October 2015 07:57:12 PM
Ars Technica presents a lengthy review of Android 6.0 "Marshmallow". "While this is a review of the final build of "Android 6.0," we're going to cover many of Google's apps along with some other bits that aren't technically exclusive to Marshmallow. Indeed, big chunks of "Android" don't actually live in the operating system anymore. Google offloads as much of Android as possible to Google Play Services and to the Play Store for easier updating and backporting to older versions, and this structure allows the company to retain control over its open source platform. As such, consider this a look at the shipping Google Android software package rather than just the base operating system. "Review: New Android stuff Google has released recently" would be a more accurate title, though not as catchy."

Security advisories for Monday

Monday 5th of October 2015 04:41:45 PM

Arch Linux has updated hostapd (multiple vulnerabilities) and libunwind (denial of service).

Fedora has updated activemq (F22: information disclosure), bind (F21: denial of service), jenkins-script-security-plugin (F22: unspecified vulnerability), kernel (F22; F21: denial of service), libwmf (F22: two vulnerabilities), scap-security-guide (F22; F21: unspecified vulnerability), seamonkey (F22; F21: multiple vulnerabilities), thunderbird (F22: multiple vulnerabilities), and xen (F22; F21: multiple vulnerabilities).

Mageia has updated chromium-browser (MG5: information disclosure) and gdk-pixbuf2.0 (MG5: two vulnerabilities).

openSUSE has updated phpMyAdmin (13.2, 13.1: guessable user credentials).

Ubuntu has updated oxide-qt (15.04, 14.04: information disclosure), thunderbird (15.04, 14.04, 12.04: multiple vulnerabilities), and firefox (15.04, 14.04, 12.04: regression in previous update).

Sharp: Closing a door

Monday 5th of October 2015 02:30:45 PM
Sarah Sharp has made official her departure from the kernel development community. "I didn’t take the decision to step down lightly. I felt guilty, for a long time, for stepping down. However, I finally realized that I could no longer contribute to a community where I was technically respected, but I could not ask for personal respect. I could not work with people who helpfully encouraged newcomers to send patches, and then argued that maintainers should be allowed to spew whatever vile words they needed to in order to maintain radical emotional honesty. I did not want to work professionally with people who were allowed to get away with subtle sexist or homophobic jokes. I feel powerless in a community that had a 'Code of Conflict' without a specific list of behaviors to avoid and a community with no teeth to enforce it."

The Real-Time Linux Collaborative Project

Monday 5th of October 2015 08:51:19 AM
The Linux Foundation has announced the formation of a collaborative project to support the ongoing development of the realtime kernel patch set. "The RTL Collaborative Project will focus on pushing critical code upstream to be reviewed and eventually merged into the mainline Linux kernel where it will receive ongoing support. This will save the industry millions of dollars in research and development. It will also improve quality of the code through robust upstream kernel test infrastructure, since anything maintained in the mainline kernel is collectively supported by thousands of developers and hundreds of companies around the world." As part of the project, the Foundation has appointed Thomas Gleixner into a Fellow position.

Kernel prepatch 4.3-rc4

Sunday 4th of October 2015 07:28:25 PM
The 4.3-rc4 kernel prepatch is out. "You all know the drill by now. It's Sunday, and there is a new release candidate out there."

Stable kernels 4.2.3 and 4.1.10

Saturday 3rd of October 2015 03:24:41 PM
Greg Kroah-Hartman has released the 4.2.3 and 4.1.10 stable kernels. The fix for the deadlocks reported for 4.1.9 did not make it into 4.1.10. As usual, these stable kernels contain fixes throughout the tree.

Ad-blocking extension AdBlock sold to new owner

Friday 2nd of October 2015 11:00:48 PM

Many online media outlets are reporting the news that ownership of the popular ad-blocking browser extension AdBlock has been sold to a new owner. Not to be confused with similarly named projects AdBlock Plus and AdBlock Edge, this AdBlock announced the news of the sale to its users in a pop-up window. TheNextWeb reports that AdBlock employees refused to identify the buyer. In related news, the new owner has decided to join the "Acceptable Ads" whitelisting program run by rival AdBlock Plus. An announcement on the AdBlock Plus site confirms the move, and notes that an "independent review board" will now decide which advertisements are included the Acceptable Ads whitelist. Public nominations for the board are said to be open.

Friday's security updates

Friday 2nd of October 2015 03:47:14 PM

CentOS has updated thunderbird (C6; C5; C7: multiple vulnerabilities).

Debian-LTS has updated binutils (multiple vulnerabilities).

Fedora has updated freeimage (F22; F21: integer overflow), golang (F22; F21: multiple vulnerabilities), jakarta-commons-httpclient (F22; F21: denial of service), and openjpeg2 (F22; F21: use-after-free vulnerability).

Mageia has updated thunderbird (M5: multiple vulnerabilities).

openSUSE has updated bind (11.4: denial of service).

Oracle has updated thunderbird (O6; O7: multiple vulnerabilities).

Red Hat has updated mod_proxy_fcgi (RHEL6: denial of service).

Scientific Linux has updated thunderbird (SL5, 6, 7: multiple vulnerabilities).

Slackware has updated mozilla-thunderbird (14.0, 14.1, current: multiple vulnerabilities), php (14.0, 14.1, current: multiple vulnerabilities), and seamonkey (14.0, 14.1, current: multiple vulnerabilities).

Ubuntu has updated kernel (12.04: multiple vulnerabilities) and linux-ti-omap4 (12.04: multiple vulnerabilities).

GNOME’s 2014 Fiscal Year Annual Report Published

Thursday 1st of October 2015 11:43:56 PM
The GNOME Foundation has announced the release of its Annual Report [PDF] for the 2014 fiscal year, which ran from October 1, 2013 through September 30, 2014. The report covers topics like finances, the Groupon trademark battle, conferences, outreach, accessibility, and lots more. "Jean-François Fortin Tam, president of the GNOME Foundation for 2014-2015, states in the introduction letter: '2014 is on record as one of the most challenging years in the Foundation's history. It is also the year that has given us the most demonstrative and passionate display of support—from our members, our contributors, and the Free Software community—that we have ever experienced.'"

Qubes OS 3.0 released

Thursday 1st of October 2015 08:38:24 PM
Joanna Rutkowska has announced the release of Qubes OS 3.0, which has a new hypervisor abstraction layer (HAL) as one of its "killer features". Qubes OS uses a hypervisor as part of its "security by compartmentalization" strategy for creating a more secure operating system. The HAL "will allow us to easily switch the underlying hypervisors in the near future, perhaps even during the installation time, depending on the user needs (think tradeoffs between hardware compatibility and performance vs. security properties desired, such as e.g. reduction of covert channels between VMs, which might be of importance to some users). More philosophically-wise, this is a nice manifestation of how Qubes OS is really "not yet another virtualization system", but rather: a user of a virtualization system (such as Xen)." We looked at Qubes OS 3.0 back in May.

Stable kernels 3.14.54 and 3.10.90

Thursday 1st of October 2015 07:42:51 PM
Greg Kroah-Hartman has announced the release of the 3.14.54 and 3.10.90 stable kernels. As usual, they contain important fixes throughout the tree and users should upgrade.

More in Tux Machines

A decade of Linux patent non-aggression: The Open Invention Network

One reason why Linux weathered patent attacks and trolls to become today's dominant server and cloud operating system is because the Open Invention Network united its supporters into a strong patent consortium. Read more

Today in Techrights

Ubuntu Touch to Get Updated Android Drivers and Kernel

The Ubuntu Touch platform is still using some Android bits and it looks like the developers are preparing to upgrade those components as well in the coming months. Read more

Real Time Linux becomes a Linux Foundation Collaborative Project

With this project, the Linux Foundation is getting another fellow: Thomas Gleixner, the long time maintainer of RTLinux, who would join the ranks of Linus Torvalds and Greg KH. Linux Foundation sponsors the work of fellows so they don't have to worry about finding 'jobs' and can keep their focus on their projects. Read more