Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 1 hour 49 min ago

Security updates for Tuesday

Tuesday 10th of September 2019 02:50:11 PM
Security updates have been issued by Debian (docker.io, icedtea-web, and trafficserver), openSUSE (opera), Red Hat (bind, firefox, go-toolset:rhel8, kernel, nghttp2, and polkit), SUSE (buildah, curl, java-1_7_1-ibm, and skopeo), and Ubuntu (freetype, memcached, python2.7, python3.4, and python2.7, python3.5, python3.6, python3.7).

[$] 5.3 Kernel development cycle statistics

Monday 9th of September 2019 03:30:52 PM
It's that time of the development cycle again: work on the 5.3 kernel is winding down with an expected final release date of September 15. Read on for LWN's traditional look at where the code in 5.3 came from in this relatively busy development cycle.

Security updates for Monday

Monday 9th of September 2019 02:23:50 PM
Security updates have been issued by Debian (expat, ghostscript, libreoffice, and memcached), Fedora (chromium, grafana, kea, nsd, pdfbox, roundcubemail, and SDL), Gentoo (apache, dbus, exim, libsdl2, pango, perl, vlc, and webkit-gtk), Mageia (dovecot, giflib, golang, icedtea-web, irssi, java-1.8.0-openjdk, libgcrypt, libmspack, mercurial, monit, php, poppler, python-urllib3, rdesktop, SDL12, sdl2, sigil, sqlite3, subversion, tomcat, and zstd), openSUSE (chromium, exim, go1.12, httpie, libmirage, python-SQLAlchemy, and srt), Oracle (firefox, ghostscript, and kernel), SUSE (apache2, mariadb, mariadb-connector-c, postgresql94, python-Django1, python-Pillow, python-urllib3, and qemu), and Ubuntu (exim4).

Kernel prepatch 5.3-rc8

Monday 9th of September 2019 07:37:16 AM
The eighth and presumably final 5.3 prepatch is out for testing. "So we probably didn't strictly need an rc8 this release, but with LPC and the KS conference travel this upcoming week it just makes everything easier."

Critical vulnerability in Exim

Friday 6th of September 2019 02:29:50 PM
Anybody running the Exim mail system will want to apply the updates that are being released today; there is a remote code-execution vulnerability in its TLS-handling code with a known proof-of-concept exploit. As the advisory says: "If your Exim server accepts TLS connections, it is vulnerable".

Stable kernels for everybody

Friday 6th of September 2019 02:17:19 PM
The 5.2.12, 4.19.70, 4.14.142, 4.9.191, and 4.4.191 stable kernels have been released with another set of important fixes. Milliseconds thereafter, 5.2.13 and 4.19.71 were released to fix a regression with the elantech mouse driver.

[$] How Chrome OS works upstream

Friday 6th of September 2019 01:46:06 PM
Google has a long and interesting history contributing to the upstream Linux kernel. With Chrome OS, Google has tried to learn from some of the mistakes of its past and is now working with the upstream Linux kernel as much as it can. In a session at the 2019 Open Source Summit North America, Google software engineer Doug Anderson detailed how and why Chrome OS developers work upstream. It is an effort intended to help the Linux community as well as Google.

Security updates for Friday

Friday 6th of September 2019 01:26:10 PM
Security updates have been issued by Debian (exim4 and firefox-esr), Fedora (lxc, lxcfs, pdfresurrect, python3-lxc, rdesktop, and seamonkey), Oracle (kernel), and SUSE (nginx, python-Werkzeug, SUSE Manager Client Tools, and util-linux and shadow).

[$] What happens to kernel staging-tree code

Thursday 5th of September 2019 03:42:13 PM
The staging tree was added to the kernel in 2008 for the 2.6.28 development cycle as a way to ease the process of getting substandard device drivers into shape and merged into the mainline. It has been followed by controversy for just about as long. The recent disagreements over the EROFS and exFAT filesystems have reignited many of the arguments over whether the staging tree is beneficial to the kernel community or not. LWN cannot answer that question, but we can look into what has transpired in the staging tree in its first eleven years to see if there are any conclusions to be drawn there. A lot of code has gone into the staging tree over the years; what happened to it thereafter?

Security updates for Thursday

Thursday 5th of September 2019 02:42:31 PM
Security updates have been issued by Debian (webkit2gtk), Fedora (systemd), openSUSE (go1.11, python-Twisted, SDL2_image, SDL_image, and wavpack), Oracle (kdelibs and kde-settings, kernel, and qemu-kvm), Red Hat (chromium-browser and firefox), Slackware (seamonkey), SUSE (java-1_8_0-ibm, kernel, and python-urllib3), and Ubuntu (firefox and npm/fstream).

Google's differential privacy library

Thursday 5th of September 2019 01:31:25 PM
Google has announced the release of a new library for applications using differential privacy techniques. "Differentially-private data analysis is a principled approach that enables organizations to learn from the majority of their data while simultaneously ensuring that those results do not allow any individual's data to be distinguished or re-identified. This type of analysis can be implemented in a wide variety of ways and for many different purposes. For example, if you are a health researcher, you may want to compare the average amount of time patients remain admitted across various hospitals in order to determine if there are differences in care. Differential privacy is a high-assurance, analytic means of ensuring that use cases like this are addressed in a privacy-preserving manner."

[$] LWN.net Weekly Edition for September 5, 2019

Thursday 5th of September 2019 12:10:20 AM
The LWN.net Weekly Edition for September 5, 2019 is available.

Linux Plumbers Conference waiting list closed; just a few days until the conference

Wednesday 4th of September 2019 09:40:26 PM
The Linux Plumbers Conference has filled up and has closed its waiting list. "All of the spots available have been allocated, so anyone who is not registered at this point will have to wait for next year. There will be no on-site registration. We regret that we could not accommodate everyone. The good news is that all of the microconferences, refereed talks, Kernel summit track, and Networking track will be recorded on video and made available as soon as possible after the conference. Anyone who could not make it to Lisbon this year will at least be able to catch up with what went on. Hopefully those who wanted to come will make it to a future LPC." LPC will be held in Lisbon, Portugal, September 9-11.

[$] Kernel runtime security instrumentation

Wednesday 4th of September 2019 04:49:33 PM
Finding ways to make it easier and faster to mitigate an ongoing attack against a Linux system at runtime is part of the motivation behind the kernel runtime security instrumentation (KRSI) project. Its developer, KP Singh, gave a presentation about the project at the 2019 Linux Security Summit North America (LSS-NA), which was held in late August in San Diego. A prototype of KRSI is implemented as a Linux security module (LSM) that allows eBPF programs to be attached to the kernel's security hooks.

Security updates for Wednesday

Wednesday 4th of September 2019 02:56:07 PM
Security updates have been issued by Arch Linux (grafana, irssi, and jenkins), Debian (freetype, samba, and varnish), Fedora (community-mysql, kernel, kernel-headers, kernel-tools, and python-mitogen), openSUSE (postgresql10 and python-SQLAlchemy), Oracle (kdelibs and kde-settings and squid:4), Red Hat (kdelibs and kde-settings, kernel, kernel-rt, openstack-nova, qemu-kvm, and redis), Scientific Linux (kdelibs and kde-settings, kernel, and qemu-kvm), SUSE (ansible, java-1_7_1-ibm, libosinfo, php53, and qemu), and Ubuntu (irssi, samba, and systemd).

[$] Maintaining the kernel's web of trust

Wednesday 4th of September 2019 12:49:38 PM
A typical kernel development cycle involves pulling patches from over 100 repositories into the mainline. Any of those pulls could conceivably bring with it malicious code, leaving the kernel (and its users) open to compromise. The kernel's web of trust helps maintainers to ensure that pull requests are legitimate, but that web has become difficult to maintain in the wake of the recent attacks on key servers and other problems. So now the kernel community is taking management of its web of trust into its own hands.

grsecurity: Teardown of a Failed Linux LTS Spectre Fix

Tuesday 3rd of September 2019 09:52:40 PM
This grsecurity blog entry looks at how an ineffective Spectre fix found its way into the stable kernel releases. If one looks past the advertising, it's a good summary of how the kernel processes can produce the wrong result. "Despite this warning, this code was merged into Thomas Gleixner's x86/tip tree verbatim, as can be seen here. Prior to merging the fix for 5.3-rc1, Linus Torvalds noticed the warning as seen on the LKML mailing list here and fixed it correctly. However, when the actual merge of the tree was performed, no mention was made of the correction to the fix, and with no specific commit mentioning the correction and fixing it alone, everyone else's processes that depended on cherry-picking specific commits ended up grabbing the bad warning-inducing change. As a further failure, instead of looking at Linus' correct fix (observable by checking out the master tree at the time), the approach seems to have been to naively silence the warning by simply swapping the order of the two lines."

[$] CHAOSS project bringing order to open-source metrics

Tuesday 3rd of September 2019 06:41:27 PM
Providing meaningful metrics for open-source projects has long been a challenge, as simply measuring downloads, commits, or GitHub stars typically doesn't say much about the health or diversity of a project. It's a challenge the Linux Foundation's Community Health Analytics Open Source Software (CHAOSS) project is looking to help solve. At the 2019 Open Source Summit North America (OSSNA), Matt Germonprez, one of the founding members of CHAOSS, outlined what the group is currently doing and why its initial efforts didn't work out as expected.

Android 10 released

Tuesday 3rd of September 2019 06:29:59 PM
Google has announced the release of Android 10, the free parts of which are available from the Android Open Source Project now. "Privacy is a central focus in Android 10, from stronger protections in the platform to new features designed with privacy in mind. Building on previous releases, Android 10 includes extensive changes to protect privacy and give users control, with improved system UI, stricter permissions, and restrictions on what data apps can use."

Firefox 69.0 released

Tuesday 3rd of September 2019 02:55:44 PM
Firefox 69.0 has been released. This release enables on-by-default Enhanced Tracking Protection for all users and gives more control over blocking playback of videos which start playing automatically. See the release notes for details.

More in Tux Machines

Audiocasts/Shows: System76, Pinebook and "The Linux Defender"

3 emerging open source projects to keep an eye on

The exciting thing about open source is that nobody needs permission to try something new. That's a formula that allows new ideas to emerge all the time. Here are three open source projects that are still in their early stages but show real promise. This Linux is utterly unapologetic in catering to technology hobbyists, enthusiasts, and power users. It's for the amateurs, in that best and most original sense of the word—those who love what they do. Awesome. So isn't Endeavour the perfect name? If what you want is to roll your sleeves up and level up while still enjoying a gentle start and a friendly community, this could be a great way to go about it. Read more

Android Leftovers

Raspberry Pi 4: Chronicling the Desktop Experience – Email – Week 5

This is a weekly blog about the Raspberry Pi 4 (“RPI4”), the latest product in the popular Raspberry Pi range of single-board computers. Last week’s blog looked at whether the RPI4 cuts the mustard as a desktop web browser. It does although with a few reservations. This week’s blog focuses on another absolutely essential desktop activity. Managing your email. My email requirements are very simple. I use Gmail for my personal email. It offers ample storage, threads, rich text features, useful keyboard shortcuts, and more. It gives me access to my email whatever device and platform I’m using. For the RPI4 to replace my desktop, I need quick and easy access to Gmail. Read more