Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 2 hours 48 min ago

t2 Linux 20.10 released

4 hours 14 min ago
The 20.10 release of the t2 Linux distribution is available. "After a decade of development we are proud to announce the availability of the new T2 Linux Source and Embedded Linux distribution build kit stable release 20.10." More information about this distribution can be found at t2sde.org: "T2 SDE is not just a regular Linux distribution - it is a flexible Open Source System Development Environment or Distribution Build Kit (others might even name it Meta Distribution). T2 allows the creation of custom distributions with state of the art technology, up-to-date packages and integrated support for cross compilation. Currently the Linux kernel is normally used - but the T2 SDE is being expanded to Minix, Hurd, OpenDarwin, Haiku and OpenBSD - more to come."

[$] The future of 32-bit Linux

4 hours 40 min ago
The news for processors and system-on-chip (SoC) products these days is all about 64-bit cores powering the latest computers and smartphones, so it's easy to be misled into thinking that all 32-bit technology is obsolete. That quickly leads to the idea of removing support for 32-bit hardware, which would clearly make life easier for kernel developers in a number of ways. At the same time, a majority of embedded systems shipped today do use 32-bit processors, so a valid question is if this will ever change, or if 32-bit will continue to be the best choice for devices that do not require significant resources.

GitHub's report on open-source security

10 hours 5 min ago
GitHub has released its "2020 State of the Octoverse" report; one piece of that is a report on security [PDF]. There are a number of interesting conclusions there, including that a surprising number of security vulnerabilities are planted deliberately. "Analysis on a random sample of 521 advisories from across our six ecosystems finds that 17% of the advisories are related to explicitly malicious behavior such as backdoor attempts. Of those 17%, the vast majority come from the npm ecosystem. While 17% of malicious attacks will steal the spotlight in security circles, vulnerabilities introduced by mistake can be just as disruptive and are much more likely to impact popular projects. Out of all the alerts GitHub sent developers notifying them of vulnerabilities in their dependencies, only 0.2% were related to explicitly malicious activity. That is, most vulnerabilities were simply those caused by mistakes."

Security updates for Friday

11 hours 37 min ago
Security updates have been issued by Debian (thunderbird), Fedora (c-ares, pdfresurrect, webkit2gtk3, and xen), openSUSE (python3), SUSE (gdm, python-pip, rpmlint, and xen), and Ubuntu (snapcraft).

[$] XFS, stable kernels, and -rc releases

Thursday 3rd of December 2020 06:36:50 PM
Ever since the stable-update process was created, there have been questions about which patches are suitable for inclusion in those updates; usually, these discussions are driven by people who think that the criteria should be more restrictive. A regression in the XFS filesystem that found its way into the 5.9.9 stable update briefly rekindled this discussion. In one sense, there was little new ground covered in this iteration, but there was an interesting point raised about the relationship between stable updates and the mainline kernel -rc releases.

Linux Foundation 2020 annual report

Thursday 3rd of December 2020 04:08:15 PM
The Linux Foundation has published a glossy report of its activities for 2020. "2020 has been a year of challenges for the Linux Foundation ('LF') and our hosted communities. During this pandemic, we’ve all seen our daily lives and those of many of our colleagues, friends, and family around the world completely changed. Too many in our community also grieved over the loss of family and friends. It was uplifting to see LF members join the fight against COVID-19. Our members worldwide contributed technical resources for scientific researchers, offered assistance to struggling families and individuals, contributed to national and international efforts, and some even came together to create open source projects under LF Public Health to help countries deal with the pandemic."

Security updates for Thursday

Thursday 3rd of December 2020 02:16:52 PM
Security updates have been issued by Mageia (cimg, pngcheck, poppler, tor, and xdg-utils), openSUSE (mariadb), Red Hat (go-toolset-1.14-golang), and Ubuntu (linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon).

[$] LWN.net Weekly Edition for December 3, 2020

Thursday 3rd of December 2020 01:42:53 AM
The LWN.net Weekly Edition for December 3, 2020 is available.

[$] Python structural pattern matching morphs again

Wednesday 2nd of December 2020 10:30:19 PM
A way to specify multiply branched conditionals in the Python language—akin to the C switch statement—has been a longtime feature request. Over the years, various proposals have been mooted, but none has ever crossed the finish line and made it into the language. A highly ambitious proposal that would solve the multi-branch-conditional problem (and quite a bit more) has been discussed—dissected, perhaps—in the Python community over the last six months or so. We have covered some of the discussion in August and September, but the ground has shifted once again so it is time to see where things stand.

Certificates from Let's Encrypt (R3 active)

Wednesday 2nd of December 2020 07:25:22 PM
Let's Encrypt has announced that, as of today, the TLS certificates issued by the Let's Encrypt certificate authority are using a new intermediate certificate. "While LE will start using their new _roots_ next year, the change today is using a _variant_ of their "R3" certificate which is cross-signed from IdenTrust, rather than chaining back to their "ISRG Root X1". This will affect you if you're using DANE, TLSA records in DNS, signed by DNSSEC, to advertise properties of the certificate chain which remote systems should expect to see."

Stable kernel updates

Wednesday 2nd of December 2020 04:09:19 PM
Stable kernels 5.9.12, 5.4.81, 4.19.161, 4.14.210, 4.9.247, and 4.4.247 have been released with important fixes. Users should upgrade.

Security updates for Wednesday

Wednesday 2nd of December 2020 03:59:32 PM
Security updates have been issued by Debian (brotli, jupyter-notebook, and postgresql-9.6), Fedora (perl-Convert-ASN1 and php-pear), openSUSE (go1.15, libqt5-qtbase, mutt, python-setuptools, and xorg-x11-server), Oracle (firefox, kernel, libvirt, and thunderbird), Red Hat (rh-postgresql10-postgresql and rh-postgresql12-postgresql), SUSE (java-1_8_0-openjdk, python, python-cryptography, python-setuptools, python3, and xorg-x11-server), and Ubuntu (linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oracle, linux-raspi, linux, linux-aws, linux-azure, linux-kvm, linux-lts-trusty, linux-raspi2, linux-snapdragon, python-werkzeug, and xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04).

Popov: Linux kernel heap quarantine versus use-after-free exploits

Wednesday 2nd of December 2020 03:21:17 PM
Alexander Popov describes his kernel heap-quarantine patches designed to protect the system against use-after-free vulnerabilities. "In July 2020, I got an idea of how to break this heap spraying technique for UAF exploitation. In August I found some time to try it out. I extracted the slab freelist quarantine from KASAN functionality and called it SLAB_QUARANTINE. If this feature is enabled, freed allocations are stored in the quarantine queue, where they wait to be actually freed. So there should be no way for them to be instantly reallocated and overwritten by UAF exploits."

xorg-server 1.20.10

Tuesday 1st of December 2020 10:40:03 PM
Xorg-server 1.20.10 has been released. This version fixes security issues that could lead to privilege escalation, or other problems.

[$] Challenges in protecting virtual machines from untrusted entities

Tuesday 1st of December 2020 08:01:03 PM
As an ever-growing number of workloads are being moved to the cloud, CPU vendors have begun to roll out purpose-built hardware features to isolate virtual machines (VMs) from potentially hostile parties. These processor features, and their extensions, enable the notion of "secure VMs" (or "confidential VMs") — where a VM's "sensitive state" needs to be protected from untrusted entities. Drawing from his experience contributing to the secure VM implementation for the s390 architecture, Janosch Frank described the challenges involved in a talk at the 2020 (virtual) KVM Forum. Though the implementations across CPU vendors may vary, there are many shared problems, which opens up possibilities for collaboration.

Security updates for Tuesday

Tuesday 1st of December 2020 04:41:18 PM
Security updates have been issued by Debian (libxstream-java, musl, mutt, pdfresurrect, vips, and zsh), Fedora (libuv, nodejs, thunderbird, and xen), openSUSE (libssh2_org, mutt, neomutt, and thunderbird), Oracle (firefox and thunderbird), Red Hat (firefox, rh-nodejs12-nodejs, rh-php73-php, and thunderbird), Scientific Linux (thunderbird), SUSE (libX11, mariadb, mutt, python-pip, python-setuptools, and python36), and Ubuntu (containerd, php-pear, and sniffit).

[$] Scheduling for asymmetric Arm systems

Monday 30th of November 2020 06:15:59 PM
The Arm processor architecture has pushed the boundaries in a number of ways, some of which have required significant kernel changes in response. For example, the big.LITTLE architecture placed fast (but power-hungry) and slower (but more power-efficient) CPUs in the same system-on-chip (SoC); significant scheduler changes were needed for Linux to be able to properly distribute tasks on such systems. For all their quirkiness, big.LITTLE systems still feature CPUs that are in some sense identical: they can all run any task in the system. What is the scheduler to do, though, if confronted with a system where that is no longer true?

pip 20.3 release

Monday 30th of November 2020 05:03:05 PM
The Python Packaging Authority has announced the release of pip 20.3. There is some potential for disruption with this release. "The new resolver is now *on by default*. It is significantly stricter and more consistent when it receives incompatible instructions, and reduces support for certain kinds of constraints files, so some workarounds and workflows may break."

Security updates for Monday

Monday 30th of November 2020 04:27:37 PM
Security updates have been issued by Arch Linux (c-ares, libass, raptor, rclone, and swtpm), Debian (libproxy, qemu, tcpflow, and x11vnc), Fedora (asterisk, c-ares, microcode_ctl, moodle, pam, tcpdump, and webkit2gtk3), Mageia (jruby and webkit2), openSUSE (buildah, c-ares, ceph, fontforge, java-1_8_0-openjdk, kernel, LibVNCServer, mariadb, thunderbird, ucode-intel, and wireshark), Red Hat (firefox, rh-mariadb103-mariadb and rh-mariadb103-galera, and thunderbird), SUSE (binutils, libssh2_org, LibVNCServer, libX11, and nodejs12), and Ubuntu (mysql-8.0 and qemu).

PHP 8.0.0 released

Monday 30th of November 2020 02:22:05 PM
Version 8.0.0 of the PHP language has been released. New features include union types, named arguments, match expressions, a just-in-time compiler, and more; see this article for more information.

More in Tux Machines

Jetson Xavier system bundles LIPSedge 3D vision camera

LIPS’ IP67-protected “LIPSedge AE400” 3D vision industrial camera is now available with Aaeon’s Linux-driven, AGX Xavier based Boxer-8240AI computer. The RK3399-based camera is built around an Intel RealSense D415 and offers GbE with PoE. Aaeon announced that its Boxer-8240AI edge AI system based on Nvidia’s high-end Jetson AGX Xavier module has received Nvidia Isaac Certification for a bundle that combines the compact, embedded system with LIPS Corp’s LIPSedge AE400 Industrial 3D Camera. The camera is billed as an industrial version of the Intel RealSense dual-lens stereovision camera. Applications for the Aaeon/LIPS offering include autonomous guided vehicles (AGV), vision guided robots, and smart factory systems. Read more

Release of t2 GNU/Linux 20.10

  • T2 20.10 tagged and shipping!

    A decade in the making, T2 version 20.10 was finally tagged and shipped! Grab your favorite release ISO, e.g. highly optimized AMD64, PPC64 for your PS3, MIPS64 for your Sgi Octane or any other of our release builds for playing along at home!

  • t2 Linux 20.10 released

    The 20.10 release of the t2 Linux distribution is available.

Canonical/Ubuntu: FOSDEM 2021 Community DevRoom, Snap Store and Ubuntu Technical Board Call For Nominations

  • Laura Czajkowski: FOSDEM Community Devroom 2021 CFP

    The twenty-first edition of FOSDEM will take place 6-7 February, 2021 – online, and we’re happy to announce that there will be a virtual Community DevRoom as part of the event.

  • When you need the numbers just right – benchmark and profiling applications in the Snap Store | Ubuntu

    The world of software is a vast and complex one, often too difficult to easily assess by human intuition alone. Which is why detailed and accurate measurements of software behavior are essential in helping us understand and gauge how well our applications perform. The Snap Store has a fair share of productivity tools and utilities, including a wide range of benchmarking and profiling tools. These are designed to help developers, system administrators and hardcore enthusiasts get a precise sense of their software, whether as part of research and design or for troubleshooting ongoing problems in production environments. Let’s have a little tour.

  • Ubuntu Fridge | Ubuntu Technical Board Call For Nominations

    The Ubuntu Technical Board is responsible for the technical direction of Ubuntu. It makes decisions on package selection, packaging policy, installation systems and processes, kernel, X server, display management, library versions, and dependencies. The board works with relevant teams to establish a consensus on the right path to take, especially where diverse elements of Ubuntu cannot find consensus on shared components. The current Technical Board is expiring at the end of the year, and the Community Council would like to confirm a new Technical Board, consisting of five people, who will serve for two years.

Wine 6.0-rc1 Released

  • Wine 6.0-rc1 Released

    The Wine development release 6.0-rc1 is now available. This is the first release candidate for the upcoming Wine 6.0. It marks the beginning of the yearly code freeze period. Please give this release a good testing to help us make 6.0 as good as possible.

  • Wine 6.0-RC1 Released Following Last Minute Changes - Phoronix

    As expected, the first release candidate of Wine 6.0 is now available for testing for this annual update to Wine for running Windows programs and games on Linux and other platforms. Wine 6.0-RC1 marks the start of the code/feature freeze ahead of Wine 6.0.0, which should be out in January. Until then the release candidates will continue.

  • The road to Wine 6.0 begins with a first Release Candidate | GamingOnLinux

    The Wine compatibility layer for running Windows applications on Linux and other systems has a new development release up, the first Release Candidate for Wine 6.0. Marking the beginning of a code freeze period, where the Wine team will now be focusing on stability rather than chucking in new features to make Wine 6.0 as good as it can be.