Language Selection

English French German Italian Portuguese Spanish

Security and BSD Leftovers

Filed under
Security
BSD
  • Security updates for Wednesday

    Security updates have been issued by Arch Linux (go, go-pie, pacman, and xpdf), CentOS (java-1.7.0-openjdk, java-1.8.0-openjdk, java-11-openjdk, and patch), openSUSE (gcc7), Red Hat (firefox, kernel, and qemu-kvm-rhev), Slackware (mozilla), SUSE (kernel, libcaca, openconnect, python, sysstat, and zziplib), and Ubuntu (libxslt, linux-azure, and linux-lts-xenial, linux-aws).

  • os-release file appears

    There’s now (well, for DragonFly 5.7 users) an /etc/os-release file to show the installed DragonFly version.

  • samsung ativ book 9

    Physically, it’s in the ultraportable category with a 12 inch screen and weighing about two pounds. It’s a completely fanless design, using an M-5Y31 CPU (Broadwell generation). My model came with 8GB RAM and 256GB SSD, but it’s possible to find some with half that. Everything is a bit tiny and compromised, so in my opinion it wouldn’t make for a good all around machine (like the Carbon X1), but if space and weight is at a premium, it’s a good substitute.

    I immediately installed OpenBSD 6.6 when it arrived and have been using it for a few days. I have a few complaints, and I’m not confident in recommending it, but no regrets.

More in Tux Machines

Audiocasts/Shows/Screencasts: Linux in the Ham Shack, Linux Headlines, LibreOffice 6.4 Alpha Quick Look and OpenIndiana 2019.10 Overview

Announcing coreboot 4.11

The coreboot project is proud to announce to have released coreboot 4.11. This release cycle was a bit shorter to get closer to our regular schedule of releasing in spring and autumn. Since 4.10 there were 1630 new commits by over 130 developers. Of these, about 30 contributed to coreboot for the first time. Thank you to all contributors who made 4.11 what it is and welcome to the project to all new contributors! Read more Also: Coreboot 4.11 Brings Many Intel Improvements, New Support For Supermicro / Lenovo Boards

GNOME Development: Technical Reports From Federico Mena-Quintero and Jussi Pakkanen

  • Refactoring the Length type

    Over a couple of years, librsvg's type that represents CSS lengths went from a C representation along the lines of "all data in the world is an int", to a Rust representation that uses some interesting type trickery: C struct with char for units. C struct with a LengthUnits enum. C struct without an embodied direction; each place that needs to normalize needs to get the orientation right. C struct with a built-in direction as an extra field, done at initialization time. Same struct but in Rust. An ugly but workable Parse trait so that the direction can be set at parse/initialization time. Three newtypes LengthHorizontal, LengthVertical, LengthBoth with a common core. A cleaned-up Parse trait. A macro to generate those newtypes. Replace the LengthDir enum with an Orientation trait, and three zero-sized types Horizontal/Vertical/Both that implement the trait. Replace most of the macro with a helper trait LengthTrait that has an Orientation associated type. Replace the helper trait with a single Length<T: Orientation> type, which puts the orientation as a generic parameter. The macro disappears and there is a single implementation for everything. Refactoring never ends!

  • Some intricacies of ABI stability

    As far as I know, there is no known real-world solution to this problem that would scale to a full operating system (i.e. all of Debian, FreeBSD or the like). If there are any university professors reading this needing problems for your grad students, this could be one of them. The problem itself is fairly simple to formulate: make it possible to run two different, ABI incompatible C++ standard libraries within one process. The solution will probably require changes in the compiler, linker and runtime loader. For example, you might extend symbol resolution rules so that they are not global, but instead symbols from, say library bar would first be looked up in its direct descendents (in this case only abi2) and only after that in other parts of the tree. To get you started, here is one potential solution I came up with while writing this post. I have no idea if it actually works, but I could not come up with an obvious thing that would break. I sadly don't have the time or know-how to implement this, but hopefully someone else has.

Graphics and Games: Intel, Vulkan, Trine and Google Stadia

  • Intel's Graphics Driver DoS Fix Last Week Has Hurt Power Consumption

    While the patches overnight about "substantial" improvement in power usage for Intel graphics on Linux were exciting on first look, it's less so now as it turns out last week's graphics driver security fixes is what regressed the Intel graphics power-savings. During last Tuesday's round of Intel security disclosures where there was a fix for denial of service in the Intel graphics driver, it turns out that the CVE-2019-0154 fix is what regressed power usage. The potential Denial of Service vulnerability was about unprivileged users being able to cause a DoS by reading select memory regions when the graphics hardware is in certain low-power states.

  • vkBasalt 0.2 Released With SMAA, Other Vulkan Post Processing Layer Enhancements

    The open-source vkBasalt project was started as a layer implementing Contrast Adaptive Sharpening (akin to Radeon Image Sharpening) for any Vulkan-using GPU/driver/software. The vkBasalt project then picked up FXAA support for this Vulkan post-processing layer while now a new release is out with more functionality added. The vkBasalt 0.2 release is out today and adds support for enhanced sub-pixel morphological anti-aliasing (SMAA) for higher-quality anti-aliasing than FXAA. SMAA is an image-based implementation of MLAA. This release also allows for multiple visual effects to be activated at once where as previously only any one of these image enhancing features could be active at a time.

  • Flax Engine Ported To Linux + Vulkan Rendering Support

    Flax Engine is the latest game engine seeing native Linux support and in the process the renderer also picked up Vulkan support. Flax Engine is a lesser known game engine that now works on Linux alongside Windows and Xbox One. After two years in development, the open beta release of Flax is expected soon.

  • The sad case of Trine on Mesa and Linux in 2019

    A year or so back I was planning on writing a congratulatory article to show my appreciation to Dave Airlie for fixing a long standing bug in Mesa that prevented users of older AMD Radeon HD cards from enjoying Trine Enchanted Edition on the free graphics stack. Bug 91808 resulted in a variety of graphical artifacts which, while not interfering with the gameplay, still put me off using that version of Trine. After several years and a great deal of evident frustration on his part, Airlie was able to track down the root of the problem and at long last was able to push a fix to master in May 2018. Airlie and developers like him are often the unsung heroes of FOSS development, and I wanted to give him a well deserved public pat on the back for his effort in fixing a bug which would only have affected such a small number of people. Unfortunately my research into this led me down an entirely different rabbit hole when I discovered the report for Bug 66067. A much more subtle misrendering of the game's colours and lighting, this bug is present in both Trine 2 and Trine Enchanted Edition and affects all Mesa users. Unlike the previous instance where it was an issue in the drivers that was the culprit, this issue is present in the game binaries themselves.

  • Google Stadia is out now for early adopters, well a few anyway

    Today, the Google Stadia streaming service officially launched for those who picked up the Founder or Premier Edition. Well, sort of anyway. Some people have it, a lot of people don't, we certainly don't and it appears the team at Stadia give different answers to different people on when you will actually be able to access it. I've also seen plenty of people whose orders have been cancelled without warning or explanation. Even worse still, some people have been sent their hardware without an access code. Google have, so far, done a terrible job at communicating on Stadia and so the initial launch doesn't seem to have gone down well at all.