Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 1 hour 27 min ago

Security updates for Wednesday

Wednesday 5th of April 2017 03:41:13 PM
Security updates have been issued by Debian (python-django), Fedora (firebird), openSUSE (pidgin and ruby2.2, ruby2.3), Red Hat (v8), Scientific Linux (bash, coreutils, curl, glibc, gnutls, kernel, libguestfs, ocaml, openssh, qemu-kvm, quagga, samba, samba4, subscription-manager, and wireshark), and Ubuntu (lightdm, linux-hwe, linux-lts-trusty, linux-lts-xenial, linux-ti-omap4, and python-django).

[$] An update on storage standards

Wednesday 5th of April 2017 01:58:09 PM
In a second-day plenary session at the 2017 Linux Storage, Filesystem, and Memory-Management Summit, Fred Knight updated the attendees on what has happened in the storage standards world over the last year. While the transports (e.g. Fibre Channel, Ethernet) and the SCSI protocol have not seen a ton of changes over the last year, the NVM Express (NVMe) standards have had a lot of action.

Klumpp: On Tanglu

Tuesday 4th of April 2017 07:21:55 PM
Matthias Klumpp looks at the future of the Debian derivative Tanglu. "So, what actually is the way forward? First, maybe I have the chance to find a few people willing to work on tasks in Tanglu. It’s a fun project, and I learned a lot while working on it. Tanglu also possesses some unique properties few other Debian derivatives have, like being built from source completely (allowing us things like swapping core components or compiling with more hardening flags, switching to newer KDE Plasma and GNOME faster, etc.). Second, if we do not have enough manpower, I think converting Tanglu into a rolling-release distribution might be the only viable way to keep the project running. A rolling release scheme creates much less effort for us than making releases (especially time-based ones!). That way, users will have a constantly updated and secure Tanglu system with machines doing most of the background work."

[$] Handling writeback errors

Tuesday 4th of April 2017 07:11:45 PM
Error handling during writeback is something of a mess in Linux these days, Jeff Layton said in his plenary session to open the second day of the 2017 Linux Storage, Filesystem, and Memory Management Summit. He has investigated the situation and wanted to discuss it with attendees. He also presented a proposal for a way to make things better.

[$] Eliminating Android wrapfs "hackery"

Tuesday 4th of April 2017 07:04:43 PM
As it has evolved over the years, Android has acquired some hacks in how it handles its filesystems. Ted Ts'o would like to see those hacks eliminated, so he led a session at LSFMM 2017 to look at the problem and see what, if any, upstream-acceptable solution could be found.

Sir Tim Berners-Lee Receives ACM A.M. Turing Award

Tuesday 4th of April 2017 06:26:24 PM
The Association for Computing Machinery (ACM) has announced that Sir Tim Berners-Lee is the recipient of the 2016 ACM A.M. Turing Award. "Berners-Lee was cited for inventing the World Wide Web, the first web browser, and the fundamental protocols and algorithms allowing the Web to scale. Considered one of the most influential computing innovations in history, the World Wide Web is the primary tool used by billions of people every day to communicate, access information, engage in commerce, and perform many other important activities."

Kdenlive status update

Tuesday 4th of April 2017 05:09:04 PM
Kdenlive is a video editing tool. This status report covers what the project has been working on and where they need more help. "Since the beginning of the year, we have been working on a big refactoring/rewrite of some of the core parts of Kdenlive. Being more than 10 years old, some parts of our code had become messy and impossible to maintain. Not to mention the difficulty in adding new features. Part of the process involves improving the architecture of the code, adding some tests, and switching the timeline code from QGraphicsView to the more recent QML framework. This should hopefuly improve stability, allow further developments and also more flexibility in the display and user interaction of the timeline."

Over The Air: Exploiting Broadcom’s Wi-Fi Stack (Project Zero)

Tuesday 4th of April 2017 04:48:56 PM
Here's a lengthy and detailed description of how the Project Zero team reverse engineered Broadcom's proprietary WiFi processor and developed a remote code execution exploit. "All that said and done, the introduction of Wi-Fi FullMAC chips does not come without a cost. Introducing these new pieces of hardware, running proprietary and complex code bases, may weaken the overall security of the devices and introduce vulnerabilities which could compromise the entire system."

Security updates for Tuesday

Tuesday 4th of April 2017 03:59:32 PM
Security updates have been issued by Debian (collectd, curl, and tryton-server), Fedora (kernel and pcs), Mageia (jhead, munin, mxml, phpmyadmin, pidgin, and wget), openSUSE (geotiff), Red Hat (kernel), SUSE (kernel and ruby19), and Ubuntu (nagios3).

The Linux Foundation picks up FRRouting

Tuesday 4th of April 2017 03:39:46 PM
The Linux Foundation has announced that the FRRouting project has come under the LF umbrella. "FRRouting (FRR) is an IP routing protocol suite for Unix and Linux platforms which includes protocol daemons for BGP, IS-IS, LDP, OSPF, PIM, and RIP, and the community is working to make this the best routing protocol stack available. FRR is rooted in the Quagga project and includes the fundamentals that made Quagga so popular as well as a ton of recent enhancements that greatly improve on that foundation." It is a fork of Quagga that originally went under the name "Cumulus private Quagga".

Android Security Bulletin—April 2017

Tuesday 4th of April 2017 03:17:21 PM
The April Android Security Bulletin provides a discouragingly long list of vulnerabilities fixed in the latest update (for those with devices sufficiently well supported to receive them). "The most severe of these issues is a Critical security vulnerability that could enable remote code execution on an affected device through multiple methods such as email, web browsing, and MMS when processing media files." There's also a fix for CVE-2016-10229, which is a remotely exploitable vulnerability in the UDP stack that was fixed in the 4.5 and 4.4.21 kernels. Those kernels were not vulnerable as the result of other work, but older kernels with backported fixes (Android kernels, for example) were.

[$] Container-aware filesystems

Monday 3rd of April 2017 08:26:08 PM
We are getting closer to being able to do unprivileged mounts inside containers, but there are still some pieces that do not work well in that scenario. In particular, the user IDs (and group IDs) that are embedded into filesystem images are problematic for this use case. James Bottomley led a discussion on the problem in a session at the 2017 Linux Storage, Filesystem, and Memory-Management Summit.

Enterprise Linux 5 end-of-life

Monday 3rd of April 2017 04:14:19 PM
Red Hat, CentOS, and Scientific Linux have announced the end-of-life for version 5 of their enterprise Linux offering. As of March 31, 2017 there will be no more updates, including security updates.

Security updates for Monday

Monday 3rd of April 2017 03:56:33 PM
Security updates have been issued by Fedora (samba) and openSUSE (ceph).

Kernel prepatch 4.11-rc5

Monday 3rd of April 2017 03:02:19 AM
The 4.11-rc5 kernel prepatch has been released for testing. "Ok, things have definitely started to calm down, let's hope it stays this way and it wasn't just a fluke this week."

[$] A new API for mounting filesystems

Sunday 2nd of April 2017 08:23:25 PM
The mount() system call tries to do too many things, Miklos Szeredi said at the start of a filesystem-only discussion at LSFMM 2017. He has been interested in cleaning that up for a long time. So he wanted to discuss some ideas he had for a new interface to mount filesystems.

Weekend security updates

Sunday 2nd of April 2017 04:10:40 PM
Security updates have been issued by Debian (ejabberd, jhead, and samba), Fedora (chromium, drupal8, empathy, erlang, firefox, icoutils, kernel, knot-resolver, libICE, libupnp, libXdmcp, links, mbedtls, moodle, mupdf, ntp, openslp, R, rkward, rpy, sane-backends, sscg, tcpreplay, thunderbird, and webkitgtk4), Mageia (kernel, kernel-linus, and kernel-tmb), openSUSE (apache2, Chromium, kernel, and virglrenderer), Oracle (kernel), and Slackware (samba).

Announcing the PostgreSQL STIG

Friday 31st of March 2017 11:21:22 PM
Crunchy Data has announced the availability of a "security technical implementation guide" for the PostgreSQL database management system. "While the STIG was authored for the benefit of the U.S. Government, the DISA PostgreSQL STIG offers security-conscious enterprises a comprehensive guide for the configuration and operation of open source PostgreSQL. Enterprises can refer to the STIG as for guidance on PostgreSQL security best practices they consider open source PostgreSQL as an alternative to proprietary, closed source, database software."

Scientific Linux 5 End of Life

Friday 31st of March 2017 11:04:29 PM
The Scientific Linux project has announced that Scientific Linux 5 has reached its end of life. "After March 31 2017 Scientific Linux 5 will not receive further updates and the files will be archived. The existing files will be moved into http://ftp.scientificlinux.org/linux/scientific/obsolete/ for archival purposes after March 31 2017. This will break existing yum repos and kickstarts using the official distribution servers."

[$] Extending statx()

Friday 31st of March 2017 09:32:36 PM

When Andreas Dilger proposed the statx() topic for the 2017 Linux Storage, Filesystem, and Memory-Management Summit, the system call had still not been merged. But that all changed in the 4.11 development cycle when Al Viro merged the system call to provide additional file information. So, unlike previous years, the discussion was not about how to merge such a system call but, instead, how to extend statx() for additional file information.

More in Tux Machines

GNOME/Unity in Ubuntu

today's howtos

Leftovers: Software (Subsurface, GRUB, GIMP, and Todo.txt)

  • Announcing Subsurface 4.6.4
    The Subsurface development team proudly announces the release 4.6.4 of Subsurface, an open source dive log and dive planning program for Windows, Mac and Linux.
  • Subsurface 4.6.4 Open-Source Dive Log and Planning Tool Adds Many Improvements
    The development team behind the Subsurface open-source dive log and dive planning application was proud to announce the immediate availability for download of the Subsurface 4.6.4 release. Subsurface 4.6.4 is the latest stable version of the popular program developed by Linus Torvalds in collaboration with other developers, and adds a great number of improvements over previous builds. These include a new planner mode to calculate minimum gas, better handling of notes when replanning dives, as well as support for the border width setting in printing templates.
  • GRUB 2.02 Bootloader Officially Released with ZFS LZ4 & LVM RAID1 Support, More
    The long-anticipated GRUB 2.02 open-source bootloader software project was finally promoted to the stable channel after being in Beta stages of development for the past few years. The development team took their time to finalize the release of GRUB 2.02, which should soon make its way into the stable software repositories of your favorite operating system, but it's finally here and we want to thank them for all their hard work and the awesome new features and improvements implemented so far.
  • [New] GIMP review
    GIMP (short for GNU Image Manipulation Program) is a free alternative to Photoshop that more than holds its own. But don't think that the lack of a price tag means GIMP is lacking in features; it packs enough punch to genuinely rival Adobe's imaging behemoth. GIMP comes with impressive selection and montage features, various ways to retouch your images, cropping, noise reduction and colour adjustment tools, customisable brushes, gradients and so much more. There's plenty for the more advanced user, too, including layer masks, bezier curves, filters and even an animation package.
  • Todo.txt – A Nifty ToDo Indicator Applet for Ubuntu
    Todo.txt is an extremely simple indicator applet that lets you quickly tick off the tasks contained in your todo.txt file. It lives in the system tray and has options: Edit todo.txt, Clear completed, and refresh. Ultimately, its job is to help you edit your todo.txt file and mark tasks as completed without needing to open a full-fledged text editing application.

Red Hat News