Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 33 min 21 sec ago

[$] LWN.net Weekly Edition for September 19, 2019

2 hours 5 min ago
The LWN.net Weekly Edition for September 19, 2019 is available.

[$] Deep argument inspection for seccomp

6 hours 23 min ago
In the Kernel Summit track at the 2019 Linux Plumbers Conference, Christian Brauner and Kees Cook led a discussion on finding a way to do deep argument inspection for seccomp filtering. Currently, seccomp filters can only look at the top-level arguments to a system call, which means that there are use cases that cannot be supported. There was a lively discussion in the session, but no definitive conclusion was reached; various ideas were considered, but none seemed to quite fit the bill.

Security updates for Wednesday

11 hours 43 min ago
Security updates have been issued by CentOS (firefox and kernel), Debian (thunderbird), Fedora (curl), openSUSE (curl and python-Werkzeug), Oracle (kernel and thunderbird), Red Hat (rh-nginx114-nginx), SUSE (curl, ibus, MozillaFirefox, firefox-glib2, firefox-gtk3, openldap2, openssl, openssl1, python-urllib3, and util-linux and shadow), and Ubuntu (linux, linux-aws, linux-azure, linux-lts-trusty, linux-lts-xenial, linux-oracle, linux-raspi2, linux-snapdragon, and wpa).

Moving Firefox to a faster 4-week release cycle

Tuesday 17th of September 2019 09:07:32 PM
The Mozilla blog has an announcement that Firefox will be moving to 4-week release cycle, starting in 2020. "Shorter release cycles provide greater flexibility to support product planning and priority changes due to business or market requirements. With four-week cycles, we can be more agile and ship features faster, while applying the same rigor and due diligence needed for a high-quality and stable release. Also, we put new features and implementation of new Web APIs into the hands of developers more quickly." The Firefox ESR (Extended Support Release) release cadence will remain the same.

[$] The properties of secure IoT devices

Tuesday 17th of September 2019 09:03:13 PM
At Open Source Summit North America 2019, David Tarditi from Microsoft gave a talk on seven different properties for highly secure Internet of Things (IoT) devices. The properties are based on a Microsoft Research white paper [PDF] from 2017. His high-level summary of the talk was that if you are creating a device that will be connecting to the internet and you don't want it to get "owned", you should pay attention to the properties he would be describing. Overall, it was an interesting talk, with good analysis of the areas where effort needs to be focused to produce secure IoT devices, but it was somewhat marred by an advertisement for a proprietary product (which, naturally, checked all the boxes) at the end of the talk.

CentOS Linux 7 (1908) released

Tuesday 17th of September 2019 04:46:23 PM
A new release of CentOS Linux 7 is available. This release is tagged as 1908 and derived from Red Hat Enterprise Linux 7.7 source code. The release notes have the details. CentOS Linux 7 (1908) is also available for several alternate architectures.

Security updates for Tuesday

Tuesday 17th of September 2019 02:50:35 PM
Security updates have been issued by Debian (dino-im, python2.7, python3.4, and wpa), Fedora (kmplayer), openSUSE (podman and samba), Oracle (thunderbird), Red Hat (thunderbird), Slackware (expat), SUSE (curl), and Ubuntu (apache2).

[$] Maintainers Summit topics: pull depth, hardware vulnerabilities, etc.

Tuesday 17th of September 2019 05:57:47 AM
The final sessions at the 2019 Linux Kernel Maintainers Summit covered a number of relatively quick topics, including the "pull depth" for code going into the mainline, the handling of hardware vulnerabilities, the ABI status of tracepoints, and more.

Richard Stallman resigns from the FSF

Tuesday 17th of September 2019 05:39:16 AM
With a brief announcement, the Free Software Foundation has let it be known that founder Richard Stallman has resigned both as president and from the board of directors. "The board will be conducting a search for a new president, beginning immediately. Further details of the search will be published on fsf.org".

[$] Linus Torvalds on the kernel development community

Monday 16th of September 2019 05:22:22 PM
The Linux Kernel Maintainers Summit is all about the development process, so it is natural to spend some time on how that process is working at the top of the maintainer hierarchy. The "is Linus happy?" session during the 2019 summit revealed that things are working fairly well at that level, but that, as always, there are a few things that could be improved.

Stable kernel updates

Monday 16th of September 2019 02:35:05 PM
Stable kernels 5.2.15, 4.19.73, 4.14.144, 4.9.193, and 4.4.193 have been released. They all contain important fixes and users should upgrade.

Security updates for Monday

Monday 16th of September 2019 02:27:28 PM
Security updates have been issued by Debian (ansible, faad2, linux-4.9, and thunderbird), Fedora (jbig2dec, libextractor, sphinx, and thunderbird), Mageia (expat, kconfig, mediawiki, nodejs, openldap, poppler, thunderbird, webkit2, and wireguard), openSUSE (buildah, ghostscript, go1.12, libmirage, python-urllib3, rdesktop, and skopeo), SUSE (python-Django), and Ubuntu (exim4, ibus, and Wireshark).

[$] The stable-kernel process

Monday 16th of September 2019 10:05:10 AM
The stable kernel process is a perennial topic of discussion at gatherings of kernel developers; the 2019 Linux Kernel Maintainers Summit was no exception. Sasha Levin ran a session there where developers could talk about the problems they have with stable kernels and ponder solutions.

The 5.3 kernel is out

Monday 16th of September 2019 05:50:13 AM
The 5.3 kernel is available at last. The announcement includes a long discussion about user-space regressions — an ext4 filesystem performance improvement had caused some systems to fail booting due to a lack of entropy early after startup. "It's more that it's an instructive example of what counts as a regression, and what the whole 'no regressions' kernel rule means. The reverted commit didn't change any API's, and it didn't introduce any new bugs. But it ended up exposing another problem, and as such caused a kernel upgrade to fail for a user. So it got reverted."

Some of the more significant changes in 5.3 include scheduler utilization clamping, the pidfd_open() and clone3() system calls, bounded loop support for BPF programs, support for the 0.0.0.0/8 IPv4 address range, a new configuration option for the soon-to-be-merged realtime preemption code, and more. See the KernelNewbies 5.3 page for lots of details.

[$] Dealing with automated kernel bug reports

Sunday 15th of September 2019 07:36:54 AM
There is value in automatic testing systems, but they also present a problem of their own: how can one keep up with the high volume of bug reports that they generate? At the 2019 Linux Kernel Maintainers Summit, Shuah Khan ran a session dedicated to this issue. There was general agreement that the reports are hard to deal with, but not a lot of progress toward a solution.

[$] Defragmenting the kernel development process

Saturday 14th of September 2019 07:22:20 AM
The first session at the 2019 Linux Kernel Maintainers Summit was a last-minute addition to the schedule. Dmitry Vyukov's Linux Plumbers Conference session on the kernel development process (slides [PDF]) had inspired a number of discussions that, it was agreed, should carry over into the summit. The result was a wide-ranging conversation about the kernel's development tools and what could be done to improve them.

Security updates for Friday

Friday 13th of September 2019 02:49:22 PM
Security updates have been issued by Debian (curl, dnsmasq, and golang-go.crypto), Mageia (docker, firefox, flash-player-plugin, ghostscript, links, squid, sympa, tcpflow, thunderbird, and znc), openSUSE (srt), Oracle (.NET Core, kernel, libwmf, and poppler), Scientific Linux (firefox), SUSE (cri-o, curl, java-1_8_0-ibm, python-SQLAlchemy, and python-urllib3), and Ubuntu (curl and expat).

[$] Comparing GCC and Clang security features

Thursday 12th of September 2019 10:33:56 PM
Hardening must be performed at all levels of a system, including in the compiler that is used to build that system. There are two viable compilers in the free-software community now, each of which offers a different set of security features. Kees Cook ran a session during the Toolchains microconference at the 2019 Linux Plumbers Conference that examined the security-feature support provided by both GCC and LLVM Clang, noting the places where each one could stand to improve.

Security updates for Thursday

Thursday 12th of September 2019 02:48:51 PM
Security updates have been issued by Arch Linux (exim, firefox, and webkit2gtk), Debian (libonig and opensc), Fedora (cobbler), Oracle (firefox and kernel), Red Hat (flash-plugin, kernel, kernel-rt, rh-maven35-jackson-databind, rh-nginx110-nginx, and rh-nginx112-nginx), Scientific Linux (kernel), Slackware (curl, mozilla, and openssl), SUSE (ceph, libvirt, and python-Werkzeug), and Ubuntu (vlc and webkit2gtk).

[$] LWN.net Weekly Edition for September 12, 2019

Thursday 12th of September 2019 12:31:58 AM
The LWN.net Weekly Edition for September 12, 2019 is available.