Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 3 hours 48 min ago

Security updates for Wednesday

Wednesday 12th of April 2017 03:39:27 PM
Security updates have been issued by Debian (bouncycastle), Fedora (flatpak), openSUSE (php7 and slrn), Oracle (389-ds-base and kernel), Red Hat (kernel and kernel-rt), Scientific Linux (389-ds-base and kernel), SUSE (xen), and Ubuntu (dovecot).

Over The Air: Exploiting Broadcom’s Wi-Fi Stack (Part 2) (Project Zero)

Tuesday 11th of April 2017 11:21:49 PM
Here's the second part in the detailed Google Project Zero series on using the Broadcom WiFi stack to compromise the host system. "In this post, we’ll explore two distinct avenues for attacking the host operating system. In the first part, we’ll discover and exploit vulnerabilities in the communication protocols between the Wi-Fi firmware and the host, resulting in code execution within the kernel. Along the way, we’ll also observe a curious vulnerability which persisted until quite recently, using which attackers were able to directly attack the internal communication protocols without having to exploit the Wi-Fi SoC in the first place! In the second part, we’ll explore hardware design choices allowing the Wi-Fi SoC in its current configuration to fully control the host without requiring a vulnerability in the first place."

OpenBSD 6.1 released

Tuesday 11th of April 2017 07:08:47 PM
OpenBSD 6.1 has been released. This version adds the arm64 platform, using clang as the base system compiler. The loongson platform supports systems with Loongson 3A CPU and RS780E chipset. The armish, sparc, and zaurus platforms have been retired.

Portable Computing Language (pocl) v0.14 released

Tuesday 11th of April 2017 06:59:02 PM
Pocl aims to become a performance portable open source (MIT-licensed) implementation of the OpenCL standard. Version 0.14 adds support for LLVM/Clang 4.0 and 3.9 and a new binary format that enables running OpenCL programs on hosts without online compiler support. There is also initial support for out-of-order command queue task scheduling and plenty of bug fixes.

[$] A report from Netconf: Day 1

Tuesday 11th of April 2017 05:24:00 PM
As is becoming traditional, two times a year the kernel networking community meets in a two-stage conference: an invite-only, informal, two-day plenary session called Netconf, held in Toronto this year, and a more conventional one-track conference open to the public called Netdev. This article covers the first day of the conference which consisted of around 25 Linux developers meeting under the direction of David Miller, the kernel's networking subsystem maintainer.

Security updates for Tuesday

Tuesday 11th of April 2017 02:49:06 PM
Security updates have been issued by Debian (bouncycastle, dovecot, libnl, libnl3, and samba), Fedora (libtiff), Gentoo (chromium, qemu, and xorg-server), openSUSE (pidgin), Red Hat (389-ds-base and kernel), Slackware (vim), and Ubuntu (dovecot and webkit2gtk).

Mozilla Awards $365,000 to Open Source Projects as part of MOSS

Monday 10th of April 2017 11:55:58 PM
The Mozilla Open Source Support (MOSS) program awards grants to projects "that contribute to our work and to the health of the Internet." Recent recipients include SecureDrop, libjpeg-turbo, LLVM, LEAP Encryption Access Project, and Tokio. There have also been MOSS supported audits of ntp, ntpsec, curl, and more. "We ran a major joint audit on two codebases, one of which is a fork of the other – ntp and ntpsec. ntp is a server implementation of the Network Time Protocol, whose codebase has been under development for 35 years. The ntpsec team forked ntp to pursue a different development methodology, and both versions are widely used. As the name implies, the ntpsec team suggest that their version is or will be more secure. Our auditors did find fewer security flaws in ntpsec than in ntp, but the results were not totally clear-cut."

Vetter: Review, not Rocket Science

Monday 10th of April 2017 10:53:14 PM
Daniel Vetter discusses how to get people to review code. "The take away from these two articles seems to be that review is hard, there’s a constant lack of capable and willing reviewers, and this has been the state of review since forever. I’d like to counter pose this with our experiences in the graphics subsystem, where we’ve rolled out a well-working review process for the Intel driver, core subsystem and now the co-maintained small driver efforts with success, and not all that much pain."

[$] Connecting Kubernetes services with linkerd

Monday 10th of April 2017 05:12:19 PM
When a monolithic application is divided up into microservices, one new problem that must be solved is how to connect all those microservices to provide the old application's functionality. Linkerd, which is now officially a Cloud-Native Computing Foundation project, is a transparent proxy which solves this problem by sitting between those microservices and routing their requests. Two separate CNC/KubeCon events — a talk by Oliver Gould briefly joined by Oliver Beattie, and a salon hosted by Gould — provided a view of linkerd and what it can offer.

Security updates for Monday

Monday 10th of April 2017 03:39:51 PM
Security updates have been issued by Arch Linux (mediawiki, python-django, and python2-django), Debian (jasper, libdatetime-timezone-perl, logback, ming, potrace, and tzdata), Fedora (curl, ghostscript, icecat, and xen), openSUSE (apparmor), and Slackware (libtiff).

Kernel prepatch 4.11-rc6

Sunday 9th of April 2017 04:59:58 PM
The 4.11-rc6 kernel prepatch is out. "Things are looking fairly normal, so here's the regular weekly rc. It's a bit bigger than rc5, but not alarmingly so, and nothing looks particularly worrisome."

Haas: New Features Coming in PostgreSQL 10

Saturday 8th of April 2017 02:06:28 PM
Here's an extensive summary of new features in the upcoming PostgreSQL 10 release from Robert Haas. "PostgreSQL has had physical replication -- often called streaming replication -- since version 9.0, but this requires replicating the entire database, cannot tolerate writes in any form on the standby server, and is useless for replicating across versions or database systems. PostgreSQL has had logical decoding -- basically change capture -- since version 9.4, which has been embraced with enthusiasm, but it could not be used for replication without an add-on of some sort. PostgreSQL 10 adds logical replication which is very easy to configure and which works at table granularity, clearly a huge step forward. It will copy the initial data for you and then keep it up to date after that."

Weekend stable kernel updates

Saturday 8th of April 2017 01:50:40 PM
The 4.10.9, 4.9.21, and 4.4.60 stable kernel updates have been released. Each contains a relatively large set of important fixes.

Open Build Service 2.8 Released

Friday 7th of April 2017 10:37:14 PM
Open Build Service 2.8 has been released. "We’ve been hard at work to bring you many new features to the UI, the API and the backend. The UI has undergone several handy improvements including the filtering of the projects list based on a configurable regular expression and the ability to download a project’s gpg key and ssl certificate (also available via the API). The API has been fine-tuned to allow more control over users including locking or deleting them from projects as well as declaring users to be sub-accounts of other users. The backend now includes new features such as mulibuild - the ability to build multiple jobs from a single source package without needing to create local links. Worker tracking and management has also been enhanced along with the new obsservicedispatch service which handles sources in an asynchronous queue. Published packages can now be removed using the osc unpublish command." The reference server http://build.opensuse.org is available for all developers to build packages for the most popular distributions.

The new contribution workflow for GNOME

Friday 7th of April 2017 05:24:19 PM
The GNOME Project has announced a streamlined contribution system built around a Flatpak-based build system. "No specific distribution required. No specific version required. No dependencies hell. Reproducible, if it builds for me it will build for you. All with an UI and integrated, no terminal required. Less than five minutes of downloading plus building and you are contributing."

Pandavirtualization: Exploiting the Xen hypervisor (Project Zero)

Friday 7th of April 2017 04:22:08 PM
The latest installment from Google's Project Zero covers the development of an exploit for this unpleasant Xen vulnerability. "To demonstrate the impact of the issue, I created an exploit that, when executed in one 64-bit PV guest with root privileges, will execute a shell command as root in all other 64-bit PV guests (including dom0) on the same physical machine."

Security updates for Friday

Friday 7th of April 2017 03:29:28 PM
Security updates have been issued by Fedora (tigervnc) and openSUSE (clamav-database and ffmpeg).

Stone: Ubuntu rejoins the GNOME fold

Thursday 6th of April 2017 07:03:57 PM
Daniel Stone considers the future of the Linux desktop in the light of Ubuntu's return to GNOME. "The world in 2017, however, is a very different place. KMS provides us truly device-independent display control, Vulkan and EGL provide us GPU acceleration independent of window system, xkbcommon provides shared keyboard mechanics, and logind lets us do all these things without ever being root. GBM allocates our buffers, and the universal allocator, borne out of discussions with the whole community including NVIDIA, will soon join the family. Mir leans heavily on all these technologies, so the change is a bit less seismic than you might think."

Security updates for Thursday

Thursday 6th of April 2017 04:14:29 PM
Security updates have been issued by Fedora (xen), openSUSE (libpng12, libpng16, nodejs4, and samba), Scientific Linux (tigervnc), and SUSE (jasper).

[$] LWN.net Weekly Edition for April 6, 2017

Thursday 6th of April 2017 12:30:00 AM
The LWN.net Weekly Edition for April 6, 2017 is available.

More in Tux Machines

today's howtos

Linux and Linux Foundation

KDE and GNOME

Debian Family

  • Devuan GNU/Linux 1.0.0 "Jessie" Just Around the Corner, Release Candidate Out
    It's been five almost five months since the developers behind the Debian-based Devuan GNU/Linux operating system launched the second Beta version towards the first stable release of the OS, and they now announced the Release Candidate. The Devuan project continues its vision of providing a libre Debian fork without using the systemd init system, and the Release Candidate (RC) version brings the GNU/Linux distribution closer to a final release. The interesting fact is that this RC appears to be stable enough to be used for production work.
  • Budgie 10.3 Released, Here’s How to Install it on Ubuntu
    A new version of the Budgie desktop is available to install on Ubuntu. Budgie 10.3 adds a new Alt+Tab switcher, and brings a stack of bug fixes to the table.
  • Ubuntu 17.10 Codename Released "Artful Aardvark"
  • openHAB
    Partners Canonical, openHAB Foundation and Azul Systems have collaborated hard to drive development of the new openHAB 2.0 smart-home platform as a snap package. An alternative to Apple Homekit and Samsung SmartThings, openHAB from openHAB Foundation is completely free and open source, and acts as a control hub for home IoT setups.