Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 2 hours 41 min ago

Security updates for Friday

Friday 2nd of October 2020 02:17:00 PM
Security updates have been issued by Debian (jruby and ruby2.3), Fedora (crun, pdns, and podman), openSUSE (go1.14 and kernel), Oracle (qemu-kvm and virt:ol), Red Hat (qemu-kvm-ma and thunderbird), SUSE (nodejs10, nodejs12, perl-DBI, permissions, and xen), and Ubuntu (ntp).

Conservancy Announces New Strategy for GPL Enforcement and Related Work, Receives Grant from ARDC

Thursday 1st of October 2020 11:10:03 PM
The Software Freedom Conservancy has announced that it is embarking on "a new strategy toward improving compliance and the freedom of users of devices that contain Linux-based systems". That includes GPL enforcement, an effort to create alternative firmware for embedded Linux devices, and collaboration with other organizations "to promote copyleft compliance as a feature for consumers to protect their privacy and get more out of their devices". The work is being sponsored by an initial $150,000 grant from Amateur Radio Digital Communications (ARDC). "We take this holistic approach because compliance is not an end in itself, but rather a lever to help people advance technology for themselves and the world. Bradley Kuhn, Conservancy’s Policy Fellow and Hacker-in-Residence remarked: 'GPL enforcement began as merely an education process more than twenty years ago. We all had hoped that industry-wide awareness of copyleft’s essential role in spreading software freedom would yield widespread, spontaneous compliance. We were simply wrong about that. Today, we observe almost universal failure in compliance throughout the (so-called) Internet of Things (IoT) market. Only unrelenting enforcement that holds companies accountable can change this abysmal reality. ARDC, a visionary grant-maker, recognizes the value of systemic enforcement that utilizes the legal system to regain software freedom. That process also catalyzes community-led projects to build liberated firmware for many devices.'"

Edmundson: Plasma and the systemd startup

Thursday 1st of October 2020 05:45:52 PM
On his blog, David Edmundson writes about a new optional mechanism for starting up the KDE Plasma desktop using systemd. "Another big motivating factor was the ability for customisation. The root of Plasma's startup is very hardcoded. What if you want to run krunner with a different environment variable set? or have a script run every time plasmashell restarts, or show a UI after kwin is loaded but before plasma shell to perform some user setup? You can edit the code, but that's not easy and you're very much on your own. Systemd provides that level of customisation; both at a distro or a user level out of the box. From our POV for free."

A new crop of stable kernels

Thursday 1st of October 2020 05:04:26 PM
The 5.8.13, 5.4.69, 4.19.149, 4.14.200, and 4.4.238 stable kernels have been released. Note that 4.9.238 was in the review cycle with the rest of these kernels but needed a respin due to some test failures, so it will be released on or after October 3. As usual, all five of the released kernels have fixes throughout the tree; users should upgrade.

Update: Apparently October 3 came early for Greg Kroah-Hartman because 4.9.238 has now been released.

[$] From O_MAYEXEC to trusted_for()

Thursday 1st of October 2020 03:40:15 PM
The ability to execute the contents of a file is controlled by the execute-permission bits — some of the time. If a given file contains code that can be executed by an interpreter — such as shell commands or code in a language like Perl or Python, for example — there are easy ways to run the interpreter on the file regardless of whether it has execute permission enabled or not. Mickaël Salaün has been working on tightening up the administrator's control over execution by interpreters for some time, but has struggled to find an acceptable home for this feature. His latest attempt takes the form of a new system call named trusted_for().

Security updates for Thursday

Thursday 1st of October 2020 12:53:21 PM
Security updates have been issued by Debian (ruby-json-jwt and ruby-rack-cors), Fedora (xen), SUSE (aspell and tar), and Ubuntu (ruby-gon, ruby-kramdown, and ruby-rack).

[$] LWN.net Weekly Edition for October 1, 2020

Thursday 1st of October 2020 12:34:29 AM
The LWN.net Weekly Edition for October 1, 2020 is available.

[$] OpenWrt and SELinux

Wednesday 30th of September 2020 11:18:22 PM
SELinux is a security mechanism with a lot of ability to restrict user-space compromises in various useful ways. It has also generally been considered a heavyweight option that is not suitable for more resource-restricted systems like wireless routers. Undeterred by this perception, some OpenWrt developers are adding SELinux as an option for protecting the distribution, which targets embedded devices.

[$] LVFS tames firmware updates

Wednesday 30th of September 2020 09:27:27 PM
Keeping device firmware up-to-date can be a challenge for end users. Firmware updates are often important for correct behavior, and they can have security implications as well. The Linux Vendor Firmware Service (LVFS) project is playing an increasing role in making firmware updates more straightforward for both end users and vendors; LVFS just announced its 20-millionth firmware download. Since even a wireless mouse dongle can pose a security threat, the importance of simple, reliable, and easily applied firmware updates is hard to overstate.

RPM 4.16.0 released

Wednesday 30th of September 2020 05:36:20 PM
Version 4.16.0 of the RPM package manager has been released. "This turned out to be a much bigger release than anticipated with several groundbreaking new features, despite finally being back to annual cycle almost to date." Highlights include new database backends, macro and %if expressions including ternary operator and native version comparison, optional MIME type based file classification, new version parsing and comparison API in C and Python, license clarification, and more. The release notes have more details.

Security updates for Wednesday

Wednesday 30th of September 2020 03:03:59 PM
Security updates have been issued by Arch Linux (chromium, firefox, libvirt, and podman), Debian (firefox-esr and nss), Gentoo (bitcoind, chromium, cifs-utils, gpsd, libuv, and xen), Mageia (firefox, gnutls, mediawiki, samba, and Thunderbird), openSUSE (brotli and cifs-utils), Red Hat (audiofile, bluez, cloud-init, cpio, cups, curl, dbus, dnsmasq, e2fsprogs, evince and poppler, exiv2, expat, firefox, fontforge, freeradius, freerdp, glib2 and ibus, glibc, httpd, hunspell, ipa, kernel, kernel-rt, libcroco, libexif, libmspack, libpng, librabbitmq, libsndfile, libsrtp, libssh2, libtiff, libvirt, libvpx, libwmf, libxml2, libxslt, mariadb, mod_auth_openidc, NetworkManager, nss and nspr, okular, OpenEXR, openldap, openwsman, pcp, python, python-pillow, python3, qemu-kvm, qemu-kvm-ma, qt5-qtbase, samba, SDL, spamassassin, squid, subversion, systemd, tigervnc, tomcat, unoconv, and webkitgtk4), SUSE (bcm43xx-firmware, nodejs8, pdns, python-pip, and xen), and Ubuntu (libapreq2, netqmail, samba, and tomcat6).

[$] New features in the fish shell

Tuesday 29th of September 2020 05:52:59 PM
Fish (the "friendly interactive shell") has the explicit goal of being more user-friendly than other shells. It features a modern command-line interface with syntax highlighting, tab completion, and auto-suggestions out of the box (all with no configuration required). Unlike many of its competitors, it doesn't care about being POSIX-compliant but attempts to blaze its own path. Since our last look at the project, way back in 2013, it has seen lots of new releases with features, bug fixes, and refinements aimed at appealing to a wide range of users. Some of the biggest additions landed in the 3.0 release, but we will also describe some other notable changes from version 2.1 up through latest version.

Security updates for Tuesday

Tuesday 29th of September 2020 03:06:37 PM
Security updates have been issued by Debian (firefox-esr and mediawiki), openSUSE (firefox, libqt5-qtbase, and rubygem-actionpack-5_1), Red Hat (qemu-kvm, qemu-kvm-ma, and virt:rhel), SUSE (dpdk, firefox, and go1.15), and Ubuntu (dpdk, imagemagick, italc, libpgf, libuv1, pam-python, squid3, ssvnc, and teeworlds).

[$] Mercurial planning to transition away from SHA-1

Monday 28th of September 2020 04:04:03 PM
Recently, the Mercurial project has been discussing its plans to migrate away from the compromised SHA-1 hashing algorithm in favor of a more secure alternative. So far, the discussion is in the planning stages of algorithm selection and migration strategy, with a general transition plan for users. The project, for the moment, is favoring the BLAKE2 hashing algorithm.

OpenSSH 8.4 released

Monday 28th of September 2020 03:44:41 PM
OpenSSH 8.4 is out. The SHA-1 algorithm is deprecated and the "ssh-rsa" public key signature algorithm will be disabled by default "in a near-future release." They note that it is possible to perform chosen-prefix attacks against the SHA-1 algorithm for less than USD$50K.

Security updates for Monday

Monday 28th of September 2020 02:51:23 PM
Security updates have been issued by Debian (curl, libdbi-perl, linux-4.19, lua5.3, mediawiki, nfdump, openssl1.0, qt4-x11, qtbase-opensource-src, ruby-gon, and yaws), Fedora (grub2, libxml2, perl-DBI, singularity, and xawtv), Mageia (cifs-utils, kio-extras, libproxy, mbedtls, nodejs, novnc, and pdns), openSUSE (bcm43xx-firmware, chromium, conmon, fuse-overlayfs, libcontainers-common, podman, firefox, libqt4, libqt5-qtbase, openldap2, ovmf, pdns, rubygem-actionpack-5_1, and tiff), SUSE (firefox, go1.14, ImageMagick, and libqt5-qtbase), and Ubuntu (firefox, gnuplot, libquicktime, miniupnpd, ruby-sanitize, and sudo).

Kernel prepatch 5.9-rc7

Sunday 27th of September 2020 10:32:49 PM
The 5.9-rc7 kernel prepatch is out for testing. "But while I do now know of any remaining gating issues any more, the fixes came in fairly late. So unless I feel insanely optimistic and/or a burning bush tells me that everything is bug-free, my plan right now is that I'll do another rc next Sunday rather than the final 5.9 release. And btw, please no more burning bushes. We're kind of sensitive about those on the West coast right now."

A small set of stable kernels

Sunday 27th of September 2020 08:37:45 PM
The 5.8.12, 5.4.68, and 4.19.148 stable kernels have been released; each contains another set of important fixes.

[$] Toward a "modern" Emacs

Friday 25th of September 2020 04:49:57 PM
It has only been a few months since the Emacs community went through an extended discussion on how to make the Emacs editor "popular again". As the community gears up for the Emacs 28 development cycle, (after the Emacs 27.1 release in August) that discussion has returned with a vengeance. The themes of this discussion differ somewhat from the last; developers are concerned about making Emacs — an editor with decades of history — seem "modern" to attract new users.

Calibre 5.0 released

Friday 25th of September 2020 03:03:56 PM
Version 5.0 of the Calibre electronic-book manager has been released. "There has been a lot of work on the calibre E-book viewer. It now supports Highlighting. The highlights can be colors, underlines, strikethrough, etc. and have added notes. All highlights can be both stored in EPUB files for easy sharing and centrally in the calibre library for easy browsing. Additionally, the E-book viewer now supports both vertical and right-to-left text." Another significant change is a port to Python 3; that was a necessary change but it means that there are a number of plugins that have not yet been ported and thus won't work. The status of many plugins can be found on this page.

More in Tux Machines

Plasma Bigscreen – Updated Beta 2 Image Release For Raspberry Pi 4

Plasma Bigscreen project is pleased to announce the release of a newer beta image for the Raspberry Pi 4. The beta 2 release adds several new features and includes a number of bug fixes. Read more

Audiocasts/Shows: Lubuntu, Bad Voltage, Linux Gaming and Linux in the Ham Shack

  • How to install Lubuntu 20.10 - YouTube

    In this video, I am going to show how to install Lubuntu 20.10.

  • Bad Voltage 3×17: Such People In’t

    Stuart Langridge, Jono Bacon, and Jeremy Garcia present Bad Voltage, in which the reality distortion field is strong in this one, the middle name game continues unsuccessfully...

  • Linux Gaming and Lonely Noobs (w/ Batcastle of Drauger OS) - YouTube

    Welcome to the first in a series of conversations with Thomas of Drauger OS, a Linux distro optimized for gaming. Over the next few videos we'll discover his Linux origin story, hear about his new project that aims to help ALL gaming-focused Linux distributions, and learn more about Drauger OS.

  • LHS Episode #381: Enter the Dragon | Linux in the Ham Shack

    Welcome to the 381st episode of Linux in the Ham Shack. In this short topics episode, the hosts discuss SpaceX, the spectrum around 5.9GHz, Open WebRX, the non-free part of free software, the latest release candidate of WSJT-X, Kali Linux and much more. Thank you for listening and have a fantastic Thanksgiving week.

Best USB bootable distros of 2020

Trimmed distros aren’t only designed for ageing hardware. In fact, there are several lean distros that have been pruned and tuned and optimized for booting off of USB. There are several uses for shoving Linux distros inside a USB flash drive. For instance, they can be quite handy when you need to use somebody else’s computer. Or, perhaps you need to boot into a live Linux environment to troubleshoot issues with your computer, or perhaps to transfer data from a dying disk. Read more

Why MX Linux reminds me of old-school Linux--in the best ways

You might not know this, but according to Distrowatch, MX Linux is currently the No. 1 most downloaded Linux distribution. You're probably thinking, "MXWhat?" That's right, a distribution that seemingly came out of nowhere has shot up the ranks to the top of the class...sort of. MX Linux isn't all that new. In fact, it's been around since 2014. MX Linux was created as a cooperation between former MEPIS Linux communities and antiX, a lightweight, systemd-free Linux distribution. Although MX Linux defaults to the Xfce desktop as their flagship, you can download and install versions with KDE or Fluxbox for either a slightly more modern desktop (KDE) or a throwback to old-school Linux (Fluxbox). Read more