Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 2 hours 15 min ago

LinkedIn open-sources Pinot

Thursday 11th of June 2015 01:30:34 PM
LinkedIn has announced the release of its "Pinot" analytics system under the Apache license. "We’ve been using it at LinkedIn for more than two years, and in that time, it has established itself as the de facto online analytics platform to provide valuable insights to our members and customers. At LinkedIn, we have a large deployment of Pinot storing 100’s of billions of records and ingesting over a billion records every day."

[$] LWN.net Weekly Edition for June 11, 2015

Thursday 11th of June 2015 01:51:49 AM
The LWN.net Weekly Edition for June 11, 2015 is available.

[$] Resurrecting the SuperH architecture

Wednesday 10th of June 2015 10:00:04 PM
Processor architectures are far from trivial; untold millions of dollars and many thousands of hours have likely gone into the creation and refinement of the x86 and ARM architectures that dominate the CPUs in Linux boxes today. But that does not mean that x86 and ARM are the only architectures of value, as Jeff Dionne, Rob Landley, and Shumpei Kawasaki illustrated in their LinuxCon Japan session "Turtles all the way down: running Linux on open hardware." The team has been working on breathing new life into a somewhat older architecture that offers comparable performance to many common system-on-chip (SoC) designs—and which can be produced as open hardware.

Click below (subscribers only) for the full report from LinuxCon Japan.

Huston: Multipath TCP

Wednesday 10th of June 2015 07:31:37 PM
Geoff Huston has written a lengthy column on multipath TCP. "For many scenarios there is little value in being able to use multiple addresses. The conventional behavior is where each new session is directed to a particular interface, and the session is given an outbound address as determined by local policies. However, when we start to consider applications where the binding of location and identity is more fluid, and where network connections are transient, and the cost and capacity of connections differ, as is often the case in todays mobile cellular radio services and in WiFi roaming services, then having a session that has a certain amount of agility to switch across networks can be a significant factor." (See also: LWN's look at the Linux multipath TCP implementation from 2013).

Inside NGINX: How We Designed for Performance & Scale

Wednesday 10th of June 2015 07:25:42 PM
The folks behind the NGINX web server have put up a highly self-congratulatory article on how the system was designed. "NGINX scales very well to support hundreds of thousands of connections per worker process. Each new connection creates another file descriptor and consumes a small amount of additional memory in the worker process. There is very little additional overhead per connection. NGINX processes can remain pinned to CPUs. Context switches are relatively infrequent and occur when there is no work to be done."

Security updates for Wednesday

Wednesday 10th of June 2015 04:14:22 PM

Arch Linux has updated cups (two vulnerabilities).

Debian has updated cups (two vulnerabilities).

Debian-LTS has updated libapache-mod-jk (information disclosure) and libraw (denial of service).

Oracle has updated abrt (OL7: multiple vulnerabilities) and kernel (OL6: multiple vulnerabilities).

Red Hat has updated abrt (RHEL7: multiple vulnerabilities), flash-plugin (RHEL5,6: multiple vulnerabilities), and kernel (RHEL6; RHEL6.2: multiple vulnerabilities).

Scientific Linux has updated kernel (SL6: multiple vulnerabilities).

Ubuntu has updated cups (15.04, 14.10, 14.04, 12.04: two vulnerabilities) and qemu, qemu-kvm (15.04, 14.10, 14.04, 12.04: multiple vulnerabilities).

[$] Obstacles to contribution in embedded Linux

Tuesday 9th of June 2015 08:46:22 PM
Tim Bird has worked with embedded Linux for many years; during this time he has noticed an unhappy pattern: many of the companies that use and modify open-source software are not involved with the communities that develop that software. That is, he said, "a shame." In an attempt to determine what is keeping companies from contributing to the kernel in particular, the Consumer Electronics Linux Forum (a Linux Foundation workgroup) has run a survey of embedded kernel developers. The resulting picture highlights some of the forces keeping these developers from engaging with the development community and offers some ideas for improving the situation.

Tuesday's security advisories

Tuesday 9th of June 2015 04:28:37 PM

Debian-LTS has updated cups (two vulnerabilities).

Fedora has updated fuse (F21: privilege escalation), mbedtls (F22: code execution), python-tornado (F22: side-channel attack), and thermostat (F22: code execution).

Mageia has updated ipsec-tools (denial of service), jackrabbit (information leak), php-ZendFramework (CRLF injection), and rabbitmq-server (multiple vulnerabilities).

Ubuntu has updated strongswan (15.04, 14.10, 14.04: information disclosure).

As open source code, Apple's Swift language could take flight (ITWorld)

Monday 8th of June 2015 10:50:29 PM
ITWorld reports that Apple will release its Swift programming language under an open source license. "When Swift becomes open source later this year, programmers will be able to compile Swift programs to run on Linux as well as on OS X and iOS, said Craig Federighi, Apple’s head of software engineering, during the opening keynote of Apple’s Worldwide Developers Conference Monday in San Francisco. The source code will include the Swift compiler and standard library, and community contributions will be “accepted—and encouraged,” Apple said."

Security advisories for Monday

Monday 8th of June 2015 04:14:55 PM

Debian has updated php5 (multiple vulnerabilities), redis (code execution), and strongswan (information disclosure).

Debian-LTS has updated fuse (privilege escalation).

Fedora has updated dcraw (F22; F21; F20: denial of service), fuse (F22: privilege escalation), ipsec-tools (F21; F20: denial of service), less (F22: information leak), ntfs-3g (F21: privilege escalation), php-symfony (F22; F21; F20: restriction bypass), ufraw (F22; F21; F20: denial of service), and zarafa (F21; F20: file overwrites).

Scientific Linux has updated openssl (SL6,7: cipher-downgrade attacks).

SUSE has updated cups (SLE11SP3: privilege escalation).

Some stable kernel updates

Monday 8th of June 2015 01:37:10 PM
The 4.0.5, 3.14.44, and 3.10.80 stable kernels have been released. These contain a number of important bug fixes, including the fixes for the ext4 and RAID 0 data corruption issues discussed in this article.

At LinuxCon Japan last week it was announced that the next long-term stable release, to be maintained for two years, will be 4.1.

Kernel prepatch 4.1-rc7

Monday 8th of June 2015 01:15:37 PM
The 4.1-rc7 prepatch is out. "Normally rc7 tends to be the last rc release, and there's not a lot going on to really merit anything else this time around. However, we do still have some pending regressions, and as mentioned last week I also have my yearly family vacation coming up, so we'll have an rc8 and an extra week before 4.1 actually gets released."

Let's Encrypt Root and Intermediate Certificates

Friday 5th of June 2015 10:41:30 PM
The Let's Encrypt project has announced that it has created the root and intermediate keys and certificates it will use to sign certificates. Let's Encrypt is the no-cost certificate authority announced by the Electronic Frontier Foundation (EFF) back in November. In April, the Linux Foundation announced that it would be hosting the project. "The keys and certificates that will underlie Let’s Encrypt have been generated. This was done during a key ceremony at a secure facility today." The intermediate certificates will be cross-signed by IdenTrust so that they will be accepted by browsers before the Let's Encrypt root certificate has been propagated. A bit more news from the blog post: "In the next few weeks, we’ll be saying some more about our plans for going live."

Security updates for Friday

Friday 5th of June 2015 02:41:41 PM

Arch Linux has updated pcre (code execution).

CentOS has updated openssl (C7; C6: cipher downgrade).

Fedora has updated batik (F22; F21; F20: information leak), netty (F21: httpOnly cookie bypass), and pcs (F22; F21; F20: two vulnerabilities).

openSUSE has updated e2fsprogs (13.2; 13.1: two vulnerabilities) and fuse (13.1: privilege escalation).

Oracle has updated openssl (OL7; OL6: cipher downgrade).

Red Hat has updated openssl (RHEL6&7: cipher downgrade).

GNU Octave 4.0.0 Released

Thursday 4th of June 2015 11:43:12 PM
GNU Octave, which is a high-level programming language for numerical computations that is largely compatible with MATLAB, has made its 4.0 release. There are lots of new features in this major release, which are described in the release notes. Some of those features include defaulting to the graphical user interface instead of the command-line interface, OpenGL graphics and Qt widgets by default, a new syntax for object-oriented programming using classdef, audio functions, better MATLAB compatibility, and more.

Thursday's security alerts

Thursday 4th of June 2015 01:58:32 PM

Debian has updated libapache-mod-jk (information disclosure).

Debian-LTS has updated mercurial (two code execution flaws).

Oracle has updated kernel (OL5: unspecified vulnerabilities).

Red Hat has updated php54 (RHSC6&7: multiple vulnerabilities), php55 (RHSC6&7: multiple vulnerabilities), python27 (RHSC6&7: multiple vulnerabilities, two from 2013), and thermostat1 (RHSC6&7: code execution).

Ubuntu has updated t1utils (14.10, 14.04: code execution).

[$] LWN.net Weekly Edition for June 4, 2015

Thursday 4th of June 2015 12:55:26 AM
The LWN.net Weekly Edition for June 4, 2015 is available.

Emergency security band-aids with Systemtap

Wednesday 3rd of June 2015 09:14:30 PM
Here's an article on the Red Hat security blog on the use of Systemtap to apply emergency security fixes. "With the vulnerability-band-aid approach chosen, we need to express our intent in the systemtap scripting language. The model is simple: for each place where the state change is to be done we place a probe. In each probe handler, we detect whether the context indicates an exploit is in progress and, if so, make changes to the context. We might also need additional probes to detect and capture state from before the vulnerable section of code, for diagnostic purposes."

[$] Automotive Grade Linux and a distribution for cars

Wednesday 3rd of June 2015 04:58:23 PM

At the 2015 Automotive Linux Summit in Tokyo, Dan Cauchy from the Linux Foundation (LF) kicked off the first day's program with an announcement: that the LF's Automotive Grade Linux (AGL) workgroup has decided to build its own Linux distribution, which it plans to run as an ongoing, long-term project. While the desire for a workgroup to create a distribution tailored to its needs is nothing new, the announcement had several in the crowd wondering what this decision meant for Tizen IVI—which, up until now, has served as the reference distribution for AGL. Tizen, of course, is also an LF-hosted project, and it has made in-vehicle infotainment (IVI) one of its high-priority use cases.

Security advisories for Wednesday

Wednesday 3rd of June 2015 03:57:22 PM

CentOS has updated kernel (C5: privilege escalation).

Debian has updated jqueryui (regression in previous update) and wireshark (multiple vulnerabilities).

Fedora has updated httpd (F21: mis-handling of Require directives), libtiff (F22: two vulnerabilities), nss (F22: cipher-downgrade attacks), nss-softokn (F22: cipher-downgrade attacks), and nss-util (F22: cipher-downgrade attacks).

openSUSE has updated fuse (13.2: privilege escalation), nbd (13.2, 13.1: denial of service), and php5 (13.2, 13.1: multiple vulnerabilities).

Oracle has updated kernel (OL5: privilege escalation).

Red Hat has updated kernel (RHEL5: privilege escalation) and virtio-win (RHEL7; RHEL6: denial of service).

Scientific Linux has updated kernel (SL5: privilege escalation).

Ubuntu has updated qt4-x11, qtbase-opensource-src (15.04, 14.10, 14.04, 12.04: multiple vulnerabilities).

More in Tux Machines

BeagleCore Open Source Internet Of Things Development Board (video)

BeagleCore is a new Internet of Things development board that has been created to be 100 percent open source and provide an easy way for makers, developers and hobbyists to have access to all all the core features of BeagleBone Black in a miniaturised computer module. Read more

Red Hat CEO Warns About Faux Open Source

Red Hat CEO Jim Whitehurst spent last week’s annual Summit praising the progress made in open source, but during his opening keynote he also warned attendees about companies that claim to be open source without actually encouraging open participation and innovation from a broad group of users. Read more

Check the Ubuntu Touch Wish List for Apps and New Features

If you have any questions regarding new features and apps that are present, absent, or in the works for the Ubuntu Touch platform, you need to know that there is already a comprehensive wish list out there that takes care of everything. Read more Also: Unity 8 Just Got a Cool 3D App Switcher for the Desktop

Finding the Right Enterprise SSD for Linux Machines

If you are planning to purchase SSDs for Linux, keep an eye on the drives that are blacklisted by the Linux Kernel. Also pay heed to what Sukar suggests, “...be careful, even when you don’t enable the TRIM explicitly, at least since Ubuntu 14.04 the explicit FSTRIM runs in a cron once per week on all partitions – the freeze of your storage for a couple of seconds will be your smallest problem." If you pay attention to these points, your data may just stay in the solid state. Read more