Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 2 hours 30 min ago

[$] Reviving the Hershey fonts

Wednesday 26th of August 2015 12:16:29 AM

At the 2015 edition of TypeCon in Denver, Adobe's Frank Grießhammer presented his work reviving the famous Hershey fonts from the Mid-Century era of computing. The original fonts were tailor-made for early vector-based output devices but, although they have retained a loyal following (often as a historical curiosity), they have never before been produced as an installable digital font.

Go 1.5 released

Tuesday 25th of August 2015 09:06:07 PM
Version 1.5 of the Go language has been released. "This release includes significant changes to the implementation. The compiler tool chain was translated from C to Go, removing the last vestiges of C code from the Go code base. The garbage collector was completely redesigned, yielding a dramatic reduction [PDF] in garbage collection pause times. Related improvements to the scheduler allowed us to change the default GOMAXPROCS value (the number of concurrently executing goroutines) from 1 to the number of available CPUs. Changes to the linker enable distributing Go packages as shared libraries to link into Go programs, and building Go packages into archives or shared libraries that may be linked into or loaded by C programs (design doc)."

Happy 24th birthday, Linux kernel (Opensource.com)

Tuesday 25th of August 2015 07:58:03 PM
Opensource.com wishes Linux a happy 24th birthday, with a brief timeline of Linux history. "There's some debate in the Linux community as to whether we should be celebrating Linux's birthday today or on October 5 when the first public release was made, but Linus says he is O.K. with you celebrating either one, or both! So as we say happy birthday, let's take a quick look back at the years that have passed and how far we have come."

KDE Ships Plasma 5.4.0, Feature Release for August

Tuesday 25th of August 2015 07:33:33 PM
KDE has released Plasma 5.4 with some new features. "This release of Plasma brings many nice touches for our users such as much improved high DPI support, KRunner auto-completion and many new beautiful Breeze icons. It also lays the ground for the future with a tech preview of Wayland session available. We're shipping a few new components such as an Audio Volume Plasma Widget, monitor calibration tool and the User Manager tool comes out beta."

Tuesday's security updates

Tuesday 25th of August 2015 05:22:29 PM

CentOS has updated httpd (C6: denial of service) and nss (C5: two vulnerabilities).

Oracle has updated httpd (OL7; OL6: denial of service), mariadb (OL7: multiple unspecified vulnerabilities), and nss (OL5: two vulnerabilities).

Red Hat has updated httpd (RHEL7; RHEL6: HTTP request smuggling), httpd24-httpd (RHSCL2: multiple vulnerabilities), libunwind (RHELOSP6: buffer overflow), mariadb (RHEL7: multiple vulnerabilities), nss (RHEL5: two vulnerabilities), openstack-neutron (RHELOSP6: denial of service), openstack-swift (RHELOSP6; RHELOSP5: arbitrary object deletion), python-django (RHELOSP6; RHELOSP5: denial of service), python-django-horizon (RHELOSP6: cross-site scripting), python-keystoneclient (RHELOSP6; RHELOSP5: two vulnerabilities), qemu-kvm-rhev (RHELOSP6; RHELOSP5: information leak), redis (RHELOSP6: code execution), and thunderbird (RHEL5,6,7: multiple vulnerabilities).

Scientific Linux has updated httpd (SL7; SL6: denial of service), mariadb (SL7: multiple vulnerabilities), nss (SL5: two vulnerabilities), and thunderbird (SL5,6,7: multiple vulnerabilities).

Ubuntu has updated thunderbird (15.04, 14.04, 12.04: multiple vulnerabilities).

Ubuntu on the Mainframe: Interview with Canonical's Dustin Kirkland (Linux.com)

Monday 24th of August 2015 10:26:16 PM
Linux.com has an interview with Dustin Kirkland of Canonical's Ubuntu Product and Strategy team, about Ubuntu on the mainframe and more. "Canonical is doing a lot of different things in the enterprise space, to solve different problems. One of the interesting works going on at Canonical is Fan networking. We all know that the world is running out of IPv4 addresses (or already has). The obvious solution to this problem is IPv6, but it’s not universally available. Kirkland said, "There are still places where IPv6 doesn't exist -- little places like Amazon web services where you end up finding lots of containers." The problem multiplies as many instances in cloud need IP addresses. "Each of those instances can run hundreds of containers, each of those containers then needs to be addressable," said Kirkland."

Security advisories for Monday

Monday 24th of August 2015 04:39:38 PM

Debian-LTS has updated extplorer (cross-site scripting), roundup (multiple vulnerabilities), and wesnoth-1.8 (information leak).

Mageia has updated libcryptopp (MG4,5: information disclosure), mediawiki (MG4,5: multiple vulnerabilities), openssh (MG4,5: multiple vulnerabilities), php (MG5; MG4: multiple vulnerabilities), and x11-server (MG5: permission bypass).

openSUSE has updated wireshark (13.2: multiple vulnerabilities) and xfsprogs (13.2, 13.1: information disclosure).

Red Hat has updated rh-ruby22-ruby (RHSCL2: DNS hijacking).

Slackware has updated gnutls (denial of service).

SUSE has updated glibc (SLE11SP3,4: multiple vulnerabilities) and kvm (SLE11SP2: two vulnerabilities).

Kernel prepatch 4.2-rc8

Monday 24th of August 2015 08:01:23 AM
In the end, Linus decided to hold off one more week and release 4.2-rc8 instead of the final 4.2 kernel. "It's not like there are any real outstanding issues, and I waffled between just doing the release and doing another -rc. But we did have another low-level x86 issue come up this week, and together with the fact that a number of people are on vacation, I decided that waiting an extra week isn't going to hurt. But it was close. It's a fairly small rc8, and I really feel like it could have gone either way."

Mozilla: The Future of Developing Firefox Add-ons

Friday 21st of August 2015 04:58:11 PM
Mozilla has announced a significant set of changes for authors of Firefox add-ons. These include a new API (and the deprecation of XUL and XPCOM), a process-based sandboxing mechanism, mandatory signing of extensions, and more. "For our add-on development community, these changes will bring benefits, like greater cross-browser add-on compatibility, but will also require redevelopment of a number of existing add-ons. We’re making a big investment by expanding the team of engineers, add-on reviewers, and evangelists who work on add-ons and support the community that develops them. They will work with the community to improve and finalize the WebExtensions API, and will help developers of unsupported add-ons make the transition to newer APIs and multi-process support."

The bcachefs filesystem

Friday 21st of August 2015 04:43:20 PM
Kent Overstreet, author of the bcache block caching layer, has announced that bcache has metamorphosed into a fully featured copy-on-write filesystem. "Well, years ago (going back to when I was still at Google), I and the other people working on bcache realized that what we were working on was, almost by accident, a good chunk of the functionality of a full blown filesystem - and there was a really clean and elegant design to be had there if we took it and ran with it. And a fast one - the main goal of bcachefs to match ext4 and xfs on performance and reliability, but with the features of btrfs/zfs."

Security updates for Friday

Friday 21st of August 2015 03:52:48 PM

Fedora has updated pure-ftpd (F21: denial of service).

Red Hat has updated openshift (RHOSE3: privilege escalation).

SUSE has updated xen (SLE11SP1: two vulnerabilities).

Ubuntu has updated subversion (15.04, 14.04, 12.04: multiple vulnerabilities) and firefox (15.04, 14.04, 12.04: regression in previous update).

[$] Glibc wrappers for (nearly all) Linux system calls

Thursday 20th of August 2015 09:27:58 PM
The GNU C Library (glibc) is a famously conservative project. In the past, that conservatism created a situation where there is no way to directly call a number of Linux system calls from a glibc-using program. As glibc has relaxed a bit in recent years, its developers have started to reconsider adding wrapper functions for previously inaccessible system calls. But, as the discussion shows, adding these wrappers is still not as straightforward as one might think.

Security advisories for Thursday

Thursday 20th of August 2015 04:29:52 PM

Debian has updated conntrack (denial of service), openjdk-6 (multiple vulnerabilities), vlc (code execution), and zendframework (XML External Entity attack).

Debian-LTS has updated conntrack (denial of service).

Fedora has updated mariadb (F22: multiple vulnerabilities).

Red Hat has updated mariadb55-mariadb (RHSCL2: multiple vulnerabilities) and rh-mariadb100-mariadb (RHSCL2: multiple vulnerabilities).

SUSE has updated kvm (SLE11SP1: code execution).

Rkt 0.8 released

Wednesday 19th of August 2015 07:03:12 PM

Version 0.8 of the rkt container specification has been released. The changelog notes that this version adds support for running under the LKVM hypervisor and adds experimental support for user namespaces. Other features include improved integration with systemd and additional functional tests. An accompanying blog post goes into further detail for many of these new features.

Wednesday's security advisories

Wednesday 19th of August 2015 01:35:24 PM

CentOS has updated pam (C6; C7: denial of service).

Debian has updated python-django (multiple vulnerabilities).

Debian-LTS has updated wordpress (multiple vulnerabilities).

Fedora has updated audit (F21; F22: unsafe escape-sequence handling), icecast (F21; F22: denial of service), kernel (F21; F22: information leak), openssh (F22: multiple vulnerabilities), rubygem-rack (F22: denial of service), rubygems (F21: DNS hijacking), strongswan (F21; F22: multiple vulnerabilities), and xfsprogs (F21: information leak).

Oracle has updated pam (O6; O7: denial of service).

Red Hat has updated kernel (RHEL6: privilege escalation) and pam (RHEL6, 7: denial of service).

Scientific Linux has updated pam (SL6, 7: denial of service).

Ubuntu has updated python-django (12.04, 14.04, 15.04: multiple vulnerabilities) and openssh (12.04, 14.04, 15.04: upstream regression resulting in denial of service).

Ruoho: Multiple Vulnerabilities in Pocket

Tuesday 18th of August 2015 11:48:43 PM
On his blog, Clint Ruoho reports on multiple vulnerabilities he found in the Pocket service that saves articles and other web content for reading later on a variety of devices. Pocket integration has been controversially added to Firefox recently, which is what drew his attention to the service. "The full output from server-status then was synced to my Android, and was visible when I switched from web to article view. Apache’s mod_status can provide a great deal of useful information, such as internal source and destination IP address, parameters of URLs currently being requested, and query parameters. For Pocket’s app, the URLs being requested include URLs being viewed by users of the Pocket application, as some of these requests are done as HTTP GETs. These details can be omitted by disabling ExtendedStatus in Apache. Most of Pocket’s backend servers had ExtendedStatus disabled, however it remained enabled on a small subset, which would provide meaningful information to attackers." He was able to get more information, such as the contents of /etc/passwd on Pocket's Amazon EC2 servers. (Thanks to Scott Bronson and Pete Flugstad.)

Security advisories for Tuesday

Tuesday 18th of August 2015 06:08:14 PM

CentOS has updated glibc (C5: code execution from 2013), mysql55-mysql (C5: multiple unspecified vulnerabilities, one from 2014), net-snmp (C7; C6: code execution), sqlite (C6: code execution), sqlite (C7: three vulnerabilities), and subversion (C6: three vulnerabilities).

Debian has updated apache2 (two vulnerabilities), gdk-pixbuf (code execution), and nss (two vulnerabilities).

Debian-LTS has updated libstruts1.2-java (unclear vulnerability from 2014).

Fedora has updated erlang (F22; F21: man-in-the-middle vulnerability), firefox (F22: many vulnerabilities), flac (F21: two vulnerabilities from 2014), gnutls (F21: code execution), golang (F22; F21: HTTP request smuggling), nagios-plugins (F22; F21: three vulnerabilities), qemu (F22: two vulnerabilities), uwsgi (F22; F21: denial of service), and webkitgtk4 (F22: three unspecified vulnerabilities).

Mageia has updated kdepim (M4: no attachment encryption from 2014).

openSUSE has updated subversion (two vulnerabilities) and virtualbox (two vulnerabilities).

Oracle has updated glibc (OL5: code execution from 2013), mysql55-mysql (OL5: multiple unspecified vulnerabilities, one from 2014), net-snmp (OL7; OL6: code execution), sqlite (OL7: three vulnerabilities), sqlite (OL6: code execution), and subversion (OL6: three vulnerabilities).

Red Hat has updated net-snmp (RHEL6&7: code execution).

Scientific Linux has updated glibc (SL5: code execution from 2013), mysql55-mysql (SL5: multiple unspecified vulnerabilities, one from 2014), net-snmp (SL6&7: code execution), sqlite (SL6: code execution), and subversion (SL6: three vulnerabilities).

Ubuntu has updated kernel (12.04: three vulnerabilities), kernel (15.04; 14.04: denial of service), linux-lts-trusty (12.04: denial of service), linux-lts-utopic (14.04: denial of service), linux-lts-vivid (14.04: denial of service), linux-ti-omap4 (12.04: three vulnerabilities), and net-snmp (two vulnerabilities, one from 2014).

[$] Development statistics for the 4.2 kernel

Tuesday 18th of August 2015 02:12:54 PM
As of this writing, the 4.2-rc7 prepatch is out and the final 4.2 kernel looks to be (probably) on-track to be released on August 23. Tradition says that it's time for a look at the development statistics for this cycle. 4.2, in a couple of ways, looks a bit different from recent cycles, with some older patterns reasserting themselves. Click below (subscribers only) for the full article.

Schaller: An Open Letter to Apache Foundation and Apache OpenOffice team

Tuesday 18th of August 2015 12:22:32 AM
Christian Schaller has posted an open letter to the Apache Software Foundation with a non-trivial request: "So dear Apache developers, for the sake of open source and free software, please recommend people to go and download LibreOffice, the free office suite that is being actively maintained and developed and which has the best chance of giving them a great experience using free software. OpenOffice is an important part of open source history, but that is also what it is at this point in time."

In this context, it's interesting to note that OpenOffice project chair Jan Iverson recently stepped down, listing resistance to an effort to cooperate with LibreOffice as one of the main reasons. The project currently looks set to name Dennis Hamilton (who is running unopposed) as its new chair.

The Open Mainframe Project

Monday 17th of August 2015 11:31:54 PM
The Linux Foundation has announced the launch of the Open Mainframe Project. "In just the last few years, demand for mainframe capabilities have drastically increased due to Big Data, mobile processing, cloud computing and virtualization. Linux excels in all these areas, often being recognized as the operating system of the cloud and for advancing the most complex technologies across data, mobile and virtualized environments. Linux on the mainframe today has reached a critical mass such that vendors, users and academia need a neutral forum to work together to advance Linux tools and technologies and increase enterprise innovation."

More in Tux Machines

Leftovers: KDE

  • KDE-5_15.09 – september release for Slackware-current
  • Kontact and GnuPG under Windows
    Kontact has, in contrast to Thunderbird, integrated crypto support (OpenPGP and S/MIME) out-of-the-box. That means on Linux you can simply start Kontact and read crypted mails (if you have already created keys). After you select your crypto keys, you can immediately start writing encrypted mails. With that great user experince I never needed to dig further in the crypto stack.
  • Randa – KDE sprints 2015
  • KDE 5 Application Dashboard: A fullscreen app launcher that beats the competition
    Fullscreen applications launchers are my favorite kind of application menus, of which there are several to choose from on the K Desktop Environment, or KDE. On KDE 4, available options are the Takeoff Launcher, Simple Welcome, and Homerun.
  • Krita 2.9.7 Released!
    Two months of bug fixing, feature implementing, Google-Summer-of-Code-sweating, it’s time for a new release! Krita 2.9.7 is special, because it’s the last 2.9 release that will have new features. We’ll be releasing regular bug fix releases, but from now on, all feature development focuses on Krita 3.0. But 2.9.7 is packed! There are new features, a host of bug fixes, the Windows builds have been updated with OpenEXR 2.2. New icons give Krita a fresh new look, updated brushes improve performance, memory handling is improved… Let’s first look at some highlights:
  • Last Krita 2.9 Release Adds New Features, Fixes 150 Bugs, Krita 3.0 Coming Next
    The development team of the popular, open-source, and cross-platform digital painting software Krita, acclaimed by numerous artists from all over the world, have announced the release of the last maintenance version of the 2.9 branch.

GIMP and GNOME Foundation

Red Hat Results, Beta Release

Fedora: The Latest

  • Flock Rochester
    I’m not going to do a day by day outline of what I did at flock, if I did it would basically be “blah blah blah I talked a lot to a lot of people about a lot of tech topics” and anyone that’s ever met me would have guessed that! It was, as in the past, a great conference. A big shout out to the organisers for an excellent event with two excellent evening events! So I’m going to give a brief summary to my talks and link to slides and video recordings.
  • Day 4 of Flock 2015
  • Write the Docs 2015
    Writing documentation is not only about writing, but actually a lot about layout, accessibility, UX and UI, too. So I actually enjoyed listening to Beth Aitman, for example (here are here slides). Among the most memorable were Elijah Caine with his talk about writing emails, which I really really hope more people could listen to, and Christina Elmore talking about creative problem solving. One of my personal favorites was a lightning talk by Marcin Warpechowski about laptop stickers! TL;DR – stickers are a great way to engage employees and the community! Got me (and actually everybody) excited about stickers even more and willing to create some. GitHub’s octocat also contributed to my feelings about stickers. They actually produce a special version for all conferences they attend! Also I think it was ladies from GitHub taking most the notes (or maybe I just happened to seat behind them ;) ).
  • F23 Cloud Base Test Day September 8th!
    For this test day we are going to concentrate on the base image. We will have vagrant boxes (see this page for how to set up your machine), qcow images, raw images, and AWS EC2 images. In a later test day we will focus on the Atomic images and Docker images.
  • Impostor syndrome talk: FAQs and follow-ups
  • More Fedora 22 scrollbar annoyances (fixed)