Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 24 min 35 sec ago

Red Hat Announces Winners of Women in Open Source Awards

Tuesday 23rd of June 2015 10:19:01 PM
Red Hat has announced the winners of its Women in Open Source Awards. The Academic Award goes to Kesha Shah, a student at Dhirubhai Ambani Institute of Information and Communication Technology, and the Community Award goes to Sarah Sharp, embedded software architect at Intel. Opensource.com has interviews with both women.

Kesha Shah: "Last year, I was a mentor in Season of KDE and GCI again, with BRLCAD and KDE. Now, I am currently working on testing automation of Ushahidi with Systers, an Anita Borg community, as a part of GSoC. During my journey, I had seen several of my peers enter the domain, succeed, and fail in equal measure. So, I took up the challenge of mentoring newbies. One of my biggest achievements is that I have personally guided about 20-22 newbies into the world of open source through mentoring programs like GCI, SoK, Learn IT girls, and through conducting hands-on workshops and enlightening talks on open source. Those efforts converted them to regular contributors."

Sarah Sharp: "My second proudest moment is the very first round when the Linux kernel participated in the Outreach Program for Women (now called Outreachy). A lot of kernel maintainers complained about how newcomers would send them mangled patches, and grump about how the newcomers should really just RTFM and look at our patch submission guidelines. Of course, it turned out the manual was lacking or out of date, and there were a lot of steps to set up tools for Linux kernel development, so I spent a week and created a step-by-step tutorial. It was really gratifying to see those first applicants go through my tutorial and send well-formed patches. I've loved watching those interns move onto bigger projects, and even get hired to work on the Linux kernel, and I'm really proud I was able to help people get involved in Linux kernel development."

Stable kernel updates

Tuesday 23rd of June 2015 06:08:24 PM
Greg Kroah-Hartman has released stable kernels 4.0.6, 3.14.45, and 3.10.81. All of them contain important fixes throughout the tree.

Tuesday's security advisories

Tuesday 23rd of June 2015 05:10:29 PM

Arch Linux has updated curl (information disclosure).

Debian-LTS has updated postgresql-8.4 (denial of service).

Fedora has updated xorg-x11-server (F22: permission bypass).

Gentoo has updated chromium (multiple vulnerabilities) and gnutls (denial of service).

Red Hat has updated kernel (RHEL7: multiple vulnerabilities), kernel-rt (RHEL7; RHEMRG2.5: multiple vulnerabilities), libreswan (RHEL7: denial of service), mailman (RHEL7: path traversal attack), and php (RHEL7: multiple vulnerabilities).

SUSE has updated e2fsprogs (SLE11SP4: code execution).

Ubuntu has updated kernel (14.10; 14.04; 12.04: regression in previous update), linux-ti-omap4 (12.04: regression in previous update), linux-lts-trusty (12.04: regression in previous update), linux-lts-utopic (14.04: regression in previous update), and patch (14.10, 14.04, 12.04: multiple vulnerabilities).

The Open Container Project

Monday 22nd of June 2015 07:01:01 PM
The Open Container Project has announced its existence. "Housed under the Linux Foundation, the OCP’s mission is to enable users and companies to continue to innovate and develop container-based solutions, with confidence that their pre-existing development efforts will be protected and without industry fragmentation. As part of this initiative, Docker will donate the code for its software container format and its runtime, as well as the associated specifications. The leadership of the Application Container spec (“appc”) initiative, including founding member CoreOS, will also be bringing their technical leadership and support to OCP."

Security advisories for Monday

Monday 22nd of June 2015 05:20:55 PM

Debian has updated pyjwt (accepts arbitrary tokens).

Debian-LTS has updated libclamunrar (double-free error), qemu (code execution), qemu-kvm (code execution), and zendframework (multiple vulnerabilities).

Fedora has updated abrt (F22: multiple vulnerabilities), cups (F22; F21: two vulnerabilities), drupal7-views (F22; F21; F20: access bypass), gnome-abrt (F22: multiple vulnerabilities), kernel (F22; F21: privilege escalation), krb5 (F21: two vulnerabilities), libreport (F22: multiple vulnerabilities), openssl (F22: multiple vulnerabilities), postgresql (F22: multiple vulnerabilities), qemu (F21: denial of service), qpid-cpp (F21: two vulnerabilities), and satyr (F22: multiple vulnerabilities).

Gentoo has updated adobe-flash (multiple vulnerabilities) and openssl (multiple vulnerabilities).

openSUSE has updated cgit (13.2, 13.1: code execution), xen (13.2; 13.1: multiple vulnerabilities), and XWayland (13.2: permission bypass).

SUSE has updated IBM Java (SLE11SP3: multiple vulnerabilities).

The long ARM of Linux: Red Hat Enterprise Linux Server for ARM Development Preview (Red Hat Blog)

Monday 22nd of June 2015 04:51:44 PM
In a post on the Red Hat Blog, the company has announced a version of Red Hat Enterprise Linux (RHEL) for ARM development. "Today, we are making the Red Hat Enterprise Linux Server for ARM Development Preview 7.1 available to all current and future members of the Red Hat ARM Partner Early Access Program as well as their end users as an unsupported development platform, providing a common standards-based operating system for existing 64-bit ARM hardware. Beyond this release, we plan to continue collaborating with our partner ISVs and OEMs, end users, and the broader open source community to enhance and refine the platform to ultimately work with the next generation of ARM-based designs." Jon Masters, who is the technical lead for the project, has a lengthy Google+ post about the project and its history over the last 4+ years.

Three projects funded by CII

Monday 22nd of June 2015 02:40:22 PM
The Linux Foundation's Critical Infrastructure Initiative has announced the funding of three projects to the tune of "nearly $500,000." "CII's funds will support a new open source automated testing project, the Reproducible Builds initiative from Debian, and IT security researcher Hanno Boeck's Fuzzing Project. Additionally, The Linux Foundation is announcing Emily Ratliff is joining The Linux Foundation as senior director of infrastructure security for CII. Ratliff is a Linux, system and cloud security expert with more than 20 years' experience. Most recently she worked as a security engineer for AMD and logged nearly 15 years at IBM."

Shuttleworth: Introducing the Fan

Monday 22nd of June 2015 02:12:16 PM
Mark Shuttleworth announces "the Fan", a new mechanism for directing communications between containers. "We recognised that container networking is unusual, and quite unlike true software-defined networking, in that the number of containers you want on each host is probably roughly the same. You want to run a couple hundred containers on each VM. You also don’t (in the docker case) want to live migrate them around, you just kill them and start them again elsewhere. Essentially, what you need is an address multiplier – anywhere you have one interface, it would be handy to have 250 of them instead." See this page for details on how it works.

Mageia 5 released

Monday 22nd of June 2015 01:34:07 PM
The Mageia 5 release is now available. The headline feature in this long-awaited distribution release appears to be UEFI BIOS support, but there's more; see the release notes for details.

The 4.1 kernel is out

Monday 22nd of June 2015 12:47:46 PM
Linus has released the 4.1 kernel. "It's not like the 4.1 release cycle was particularly painful, and let's hope that the extra week of letting it sit makes for a great release. Which wouldn't be a bad thing, considering that 4.1 will also be a LTS release." Headline features in this release include support for encrypted ext4 filesystems, the persistent memory block driver, ACPI support for the ARM64 architecture, and more.

[$] Rebasing openSUSE

Friday 19th of June 2015 09:42:27 PM
The openSUSE project has often struggled with questions of identity: what is the distribution trying to be, and for who? From the 2010 strategy search through to the 2013 development-model discussions and the 2014 release-management questions, openSUSE's developers have tried to find a development approach that is both sustainable and appealing to a wider audience. In 2015, it appears that a partial success has been achieved, but that success is driving a new and controversial change.

Poettering: The new sd-bus API of systemd

Friday 19th of June 2015 09:40:00 PM
Lennart Poettering writes about the sd-bus library with substantial digressions into how D-Bus works in general. "We believe the result of our work delivers our goals quite nicely: the library is fun to use, supports kdbus and sockets as back-end, is relatively minimal, and the performance is substantially better than both libdbus and GDBus."

Announcing the Code Climate platform

Friday 19th of June 2015 09:24:42 PM
Code Climate has announced the open-source release of its static-analysis platform. "We’re releasing the static analysis engines that power the new Code Climate Platform, and going forward, all of our static analysis code will be published under Open Source licenses. Code Climate has always provided free analysis to Open Source projects, and this continues to deepen our commitment to, and participation in, the OSS community."

Bacon: Rebasing Ubuntu on Android?

Friday 19th of June 2015 09:21:11 PM

At his blog, former Ubuntu Community Manager Jono Bacon speculates on whether or not the Ubuntu Phone project should rebase its software stack on Android. Bacon prefaces the post with a note that it is "designed purely for some intellectual fun and discussion. I am not proposing we actually do this, nor advocating for this." The central argument is that new mobile platforms invariably expend hundreds of thousands of dollars attracting well-known app vendors to the new stack. Supporting Android apps would let Ubuntu focus efforts on the user interface, scopes, and other components. "I know there has been a reluctance to support Android apps on Ubuntu as it devalues the Ubuntu app ecosystem and people would just use Android apps, but I honestly think some kind of middle-ground is needed to get into the game, otherwise I worry we won’t even make it to the subs bench no matter how awesome our technology is." Note that, whatever one makes of the idea, Bacon is speaking only about the Ubuntu Phone stack; the post does touch on how such a rebase would interfere with Ubuntu's plans for a converged software stack.

Friday's security updates

Friday 19th of June 2015 02:45:57 PM

Debian has updated cinder (file disclosure) and drupal7 (multiple vulnerabilities).

Fedora has updated mbedtls (F21: multiple vulnerabilities) and python-django14 (F20: cross-site scripting).

Mageia has updated cups (M4: multiple vulnerabilities), ffmpeg (M4: multiple vulnerabilities), openssl (M4: multiple vulnerabilities), and redis (M4: code execution).

SUSE has updated IBM Java (SLES10 SP4; SLE11: multiple vulnerabilities).

The launch of WebAssembly

Thursday 18th of June 2015 02:51:36 PM
Luke Wagner of Mozilla has announced the existence of the WebAssembly project. The purpose is to define a low-level language to run in web browsers; it will then serve as a compilation target for higher-level languages. Developers from most of the major browser engines are working on the project. "For existing Emscripten/asm.js users, targeting WebAssembly will be as easy as flipping a flag. Thus, it is natural to view WebAssembly as the next evolutionary step of asm.js (a step many have requested and anticipated)."

Security updates for Thursday

Thursday 18th of June 2015 02:13:27 PM

CentOS has updated cups (C7; C6: three vulnerabilities).

Debian has updated kernel (three vulnerabilities).

Debian-LTS has updated linux-2.6 (multiple vulnerabilities going back to 2011) and openssl (multiple vulnerabilities).

Fedora has updated mbedtls (F20: code execution), python-requests (F21: cookie stealing), and python-urllib3 (F21: proper openssl support).

openSUSE has updated busybox (13.2, 13.1: code execution) and strongswan (13.2, 13.1: information disclosure).

Oracle has updated cups (OL7; OL6: three vulnerabilities).

Red Hat has updated cups (RHEL6&7: three vulnerabilities).

Scientific Linux has updated cups (SL6&7: three vulnerabilities).

[$] LWN.net Weekly Edition for June 18, 2015

Thursday 18th of June 2015 01:51:57 AM
The LWN.net Weekly Edition for June 18, 2015 is available.

[$] Micro Python on the pyboard

Wednesday 17th of June 2015 07:39:31 PM
A 2013 Kickstarter project brought us Micro Python, which is a version of Python 3 for microcontrollers, along with the pyboard to run it on. Micro Python is a complete rewrite of the interpreter that avoids some of the CPython (the canonical Python interpreter written in C) implementation details that don't work well on microcontrollers. I recently got my hands on a pyboard and decided to give it—and Micro Python—a try.

Cool new features coming to Blender 2.75 (Opensource.com)

Wednesday 17th of June 2015 07:36:57 PM
Opensource.com takes a look at the upcoming release of Blender 2.75. "One of the biggest features merged into Blender this go-round were from the multiview branch. In short, Blender now fully supports the ability to create stereoscopic 3D images. With the increased pervasiveness of 3D films and televisions—not to mention VR headsets in gaming—a lot of people are interested in generating images that play nice in this format. And now Blender can."

More in Tux Machines

Ubuntu Touch OTA-5 Will Bring a New Thumbnailer in Unity 8, Support for Refunds

Canonical's Alejandro J. Cura had the great pleasure of reporting a few hours ago that the upcoming OTA-5 update for the Ubuntu Touch mobile operating system will get some attractive new features in the Unity 8 user interface. Read more

The July 2015 issue of the PCLinuxOS Magazine

With the exception of a brief period in 2009, The PCLinuxOS Magazine has been published on a monthly basis since September, 2006. The PCLinuxOS Magazine is a product of the PCLinuxOS community, published by volunteers from the community. The magazine is lead by Paul Arnote, Chief Editor, and Assistant Editor Meemaw. The PCLinuxOS Magazine is released under the Creative Commons Attribution-NonCommercial-Share-Alike 3.0 Unported license, and some rights are reserved. Read more

The Linux Setup - Neil McGovern, Debian Project Leader

I’m the current Debian Project Leader—which is a very impressive title that boils down to being a figurehead for the Debian project. I first started getting involved with Debian in 2003, and have wended my way through various roles in the project, from designing t-shirts to being the Release Manager for the last three releases, Lenny, Squeeze and Wheezy. In my day job, I’m the engineering manager for Collabora, an open source software consultancy which is fairly similar—basically making sure that all the engineers are happy and helping unblock any problems that come along. Read more

Parsix GNU/Linux 8.0 to Finally Switch to GNOME 3.16, Linux Kernel 4.0

The Parsix GNU/Linux developers were happy to announce that the first snapshot towards the anticipated Parsix GNU/Linux 8.0 distribution is now available for download and testing. Read more