Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 19 min 20 sec ago

Security updates for Monday

2 hours 29 min ago
Security updates have been issued by Debian (aspell, graphite-web, imagemagick, mediawiki, milkytracker, nfs-utils, and openjdk-11), Fedora (kernel, kernel-headers, kernel-tools, mediawiki, and radare2), openSUSE (dhcp, libpcap, lighttpd, and tcpdump), Scientific Linux (java-1.8.0-openjdk), Slackware (python), SUSE (bluez, kernel, and python-xdg), and Ubuntu (aspell).

Kernel prepatch 5.4-rc4

3 hours 46 min ago
The 5.4-rc4 kernel prepatch is out for testing. "This release cycle remains pretty normal. In fact, the rc's have been a bit on the smaller side of the average of the last few releases, and rc4 continues this, if only barely."

[$] Implementing alignment guarantees for kmalloc()

Friday 18th of October 2019 09:52:44 PM
kmalloc() is a frequently used primitive for the allocation of small objects in the kernel. During the 2019 Linux Storage, Filesystem, and Memory Management Summit, Vlastimil Babka led a session about the unexpected alignment problems developers face when using this function. After a few months he has come back with the second version of a patch set implementing a natural alignment guarantee for kmalloc(). From the strong opposition it faced initially, it seemed that the change would not get accepted. However, it ended up in Linus Torvalds's tree. Let's explore what happened.

LTTng 2.11.0 "Lafontaine" released

Friday 18th of October 2019 02:53:21 PM
After more than two years of development, the Linux trace toolkit next generation (LTTng) project has released version 2.11.0 of the kernel and user-space tracing tool. The release covers the LTTng tools, LTTng user-space tracer, and LTTng kernel modules. It includes a number of new features that are described in the announcement including session rotation, dynamic user-space tracing, call-stack capturing for the kernel and user space, improved networking performance, NUMA awareness for user-space tracing buffer allocation, and more. "The biggest feature of this release is the long-awaited session rotation support. Session rotations now allow you to rotate an ongoing tracing session much in the same way as you would rotate logs. The 'lttng rotate' command rotates the current trace chunk of the current tracing session. Once a rotation is completed, LTTng does not manage the trace chunk archive anymore: you can read it, modify it, move it, or remove it. Because a rotation causes the tracing session’s current sub-buffers to be flushed, trace chunk archives are never redundant, that is, they do not overlap over time, unlike snapshots. Once a rotation is complete, offline analyses can be performed on the resulting trace, much like in 'normal' mode. However, the big advantage is that this can be done without interrupting tracing, and without being limited to tools which implement the 'live' protocol."

Five new stable kernels

Friday 18th of October 2019 02:15:14 PM
Greg Kroah-Hartman has announced the release of the 5.3.7, 4.19.80, 4.14.150, 4.9.197, and 4.4.197 stable kernels. All five contain important fixes throughout the kernel tree, as usual. Users of those series should upgrade.

Security updates for Friday

Friday 18th of October 2019 01:20:10 PM
Security updates have been issued by Debian (poppler, sudo, and wordpress), Oracle (java-1.8.0-openjdk), Red Hat (java-1.8.0-openjdk), Scientific Linux (java-1.8.0-openjdk, java-11-openjdk, and kernel), and SUSE (kernel and postgresql10).

Ubuntu 19.10 (Eoan Ermine) released

Thursday 17th of October 2019 10:09:52 PM
Ubuntu has announced the release of 19.10 "Eoan Ermine" in desktop and server editions as well as all of the different flavors: Ubuntu Budgie, Kubuntu, Lubuntu, Ubuntu Kylin, Ubuntu MATE, Ubuntu Studio, and Xubuntu. "The Ubuntu kernel has been updated to the 5.3 based Linux kernel, and our default toolchain has moved to gcc 9.2 with glibc 2.30. Additionally, the Raspberry Pi images now support the new Pi 4 as well as 2 and 3. Ubuntu Desktop 19.10 introduces GNOME 3.34 the fastest release yet with significant performance improvements delivering a more responsive experience. App organisation is easier with the ability to drag and drop icons into categorised folders and users can select light or dark Yaru theme variants. The Ubuntu Desktop installer also introduces installing to ZFS as a root filesystem as an experimental feature." More information can also be found in the release notes.

[$] Really fixing getrandom()

Thursday 17th of October 2019 05:08:23 PM
The final days of the 5.3 kernel development cycle included an extensive discussion of the getrandom() API and the reversion of an ext4 improvement that was indirectly causing boot hangs due to a lack of entropy. Blocking filesystem improvements because they are too effective is clearly not a good long-term development strategy for the kernel, so there was a consensus that some sort of better solution had to be found. What was lacking was an idea of what that solution should be. It is thus surprising that the problem appears to have been dealt with in 5.4 with little in the way of dissent or disagreement.

Bazel 1.0 released

Thursday 17th of October 2019 02:23:16 PM
Google has announced version 1.0 of its Bazel build system. "A growing list of Bazel users attests to the widespread demand for scalable, reproducible, and multi-lingual builds. Bazel helps Google be more open too: several large Google open source projects, such as Angular and TensorFlow, use Bazel. Users have reported 3x test time reductions and 10x faster build speeds after switching to Bazel."

Security updates for Thursday

Thursday 17th of October 2019 01:27:50 PM
Security updates have been issued by Arch Linux (sudo), Debian (libsdl1.2 and libsdl2), Mageia (e2fsprogs, kernel, libpcap and tcpdump, nmap, and sudo), openSUSE (GraphicsMagick and sudo), Oracle (java-1.8.0-openjdk, java-11-openjdk, jss, and kernel), Red Hat (java-1.8.0-openjdk and java-11-openjdk), Scientific Linux (jss), SUSE (gcc7 and libreoffice), and Ubuntu (leading to a double-free, libsdl1.2, and tiff).

[$] LWN.net Weekly Edition for October 17, 2019

Thursday 17th of October 2019 12:25:53 AM
The LWN.net Weekly Edition for October 17, 2019 is available.

[$] WireGuard and the crypto API

Wednesday 16th of October 2019 09:38:05 PM
When last we looked in on the progress of the WireGuard VPN tunnel toward the mainline kernel, it seemed like the main sticking point had been overcome. The Zinc cryptography API used by WireGuard was generally seen as a duplication of effort with the existing kernel cryptographic algorithms, so an effort to rework Zinc to use that existing code seemed destined to route around that problem and bring WireGuard to the mainline. In the six months since then, though, things have gone fairly quiet in WireGuard-land; that all changed based on a conversation at the recent Kernel Recipes conference in Paris.

[$] FPGAs and free software

Wednesday 16th of October 2019 04:11:09 PM
The problems with field-programmable gate arrays (FPGAs) is not exactly an obvious talk topic for a graphics-related conference like the 2019 X.Org Developers Conference (XDC). Ben Widawsky acknowledged that, but said that he sees parallels in the situation with FPGA support in the free-software world and the situation with graphics hardware support in the past. It is his hope that the tools for developing with FPGAs can make the same journey that graphics drivers have made over the last two decades or so.

Security updates for Wednesday

Wednesday 16th of October 2019 02:37:20 PM
Security updates have been issued by Debian (apache2 and unbound), Fedora (opendmarc, runc, and sudo), openSUSE (epiphany, GraphicsMagick, and libopenmpt), Oracle (kernel and sudo), Red Hat (java-1.8.0-openjdk, jss, kernel, kernel-rt, and kpatch-patch), SUSE (crowbar-core, crowbar-openstack, grafana, novnc, openstack-keystone, openstack-neutron, openstack-neutron-lbaas, openstack-nova, openstack-tempest, python-pysaml2, python-urllib3, rubygem-chef, rubygem-easy_diff, sleshammer, libpcap, sudo, and tcpdump), and Ubuntu (aspell and libsdl1.2).

Perl 6 renamed to Raku

Tuesday 15th of October 2019 03:29:29 PM
The pull request changing the name of Perl 6 to Raku has been merged. See the full text for more information. "This document describes the steps to be taken to effectuate a rename of 'Perl 6' to 'Raku', as described in issue #81. It does not pretend to be complete in scope or in time. To change a name of a project that has been running for 19+ years will take time, a lot of effort and a lot of cooperation. It will affect people in foreseen and unforeseen ways." (Thanks to Sean Whitton)

Security updates for Tuesday

Tuesday 15th of October 2019 02:58:33 PM
Security updates have been issued by Debian (sudo and xtrlock), openSUSE (sudo), Red Hat (Single Sign-On), Slackware (sudo), SUSE (binutils, dhcp, ffmpeg, kernel, kubernetes-salt, sudo, and tcpdump), and Ubuntu (sudo).

KDE Plasma 5.17 released

Tuesday 15th of October 2019 01:18:43 PM
The KDE project has announced the release of version 5.17 of the Plasma desktop environment. "Night Color, the color-grading system that relaxes your eyes when the sun sets, has landed for X11. Your Plasma desktop also recognizes when you are giving a presentation, and stops messages popping up in the middle of your slideshow. If you are using Wayland, Plasma now comes with fractional scaling, which means that you can adjust the size of all your desktop elements, windows, fonts and panels perfectly to your HiDPI monitor."

Python 3.8.0 released

Monday 14th of October 2019 10:15:39 PM
Version 3.8.0 of the Python language has been released. New features include the controversial assignment expressions, positional-only arguments, the Vectorcall mechanism, and more; see the what's new in Python 3.8 document for more information.

PyPy 7.2 released

Monday 14th of October 2019 07:11:30 PM
Version 7.2 of PyPy, an implementation of the Python language, is out. With this release, Python 3.6 support is deemed ready: "This release removes the 'beta' tag from PyPy3.6. While there may still be some small corner-case incompatibilities (around the exact error messages in exceptions and the handling of faulty codec errorhandlers) we are happy with the quality of the 3.6 series and are looking forward to working on a Python 3.7 interpreter."

[$] Finding race conditions with KCSAN

Monday 14th of October 2019 06:13:07 PM
Race conditions can be some of the trickiest bugs to find. The resulting problems can be subtle, and reproducing the problem in order to track it down can be difficult or impossible; often code inserted to narrow down a race condition will cause it to stop manifesting entirely. A tool that can find race conditions automatically would thus be a valuable thing for the kernel community to have. In late September, Marco Elver announced a tool called KCSAN (the Kernel Concurrency Sanitizer) that does exactly that — and which has already found a number of real problems.

More in Tux Machines

today's howtos

today's leftovers

  • openSUSE.Asia Summit 2019

    This year, openSUSE.Asia summit 2019 host in Indonesia again.

  • Why Taking Responsibility for Our Carbon Emissions Means Promoting the Right to Repair

    In our global system of production, consumption and premature disposal, using products for longer should be considered a pillar of global climate justice, and in an even broader sense, environmental justice.Saturday 19 October 2019 marks the third International Repair Day, and the theme this year is “Repair for Future”. | By Janet Gunter

  • The Most Important Right-to-Repair Hearing Yet Is on Monday

    The Massachusetts state legislature is holding a three-hour hearing on the Digital Right to Repair act, a bill that would require electronics manufacturers to sell repair parts and tools, make repair guides available, and would prevent them from using software to artificially prevent repair.

    So far this year, 19 other states have considered similar legislation. It hasn’t passed in any of them. But Massachusetts is one of the most likely states to pass the legislation, for a few different reasons. Most notably, the legislation is modeled on a law passed unanimously in Massachusetts in 2012 that won independent auto shops the right to repair, meaning lawmakers there are familiar with the legislation and the benefits that it has had for auto repair shops not just in Massachusetts but around the country.

  • [Older] GNS Technical Specification Milestone 1/4

    We are happy to announce the completion of the first milestone for the GNS Specification. The objective is to provide a detailed and comprehensive guide for implementors of the GNU Name System. The initial milestone consists of documenting the cryptographic principles of GNS data structures. This includes the specification of the GNS record wire and serialization formats as well as internationalization.

  • GNUnet project invited to ICANN66

    We are delighted to announce that ICANN has invited the GNUnet project to speak at the next ICANN Annual General Meeting. We have been invited to join a panel discussion on Emerging Internet Identifier Technologies in order to share our ideas and work on the GNU Name System (GNS). ICANN generously offered to cover travel and accomodation. The meeting will take place in Montreal between 2 - 7 November. The panel will tentatively be help on November 6th.

  • AWS Dangles Free Credits to Lure Open Source Developers

    Amazon Web Services is taking steps to improve its relations with open source software developers, offering them free service credits and sponsoring a popular programming language.

  • Opmantek Expands IT Audit Capabilities With Open-AudIT Cloud
  • Help! They’re about to obliterate us!

    Don’t let Yahoo fool you, with what they say, “Oh, just click here and download your content.” It’s not that simple. They have been breaking things to prevent us from leaving for years, and they are not making it easy now either. We live in a broken interface, and rescuing our content, especially quickly, is not at all easy.

  • USB-C Has Finally Come Into Its Own

    Even so, the road has been bumpy. Just because USB-C can do all these things doesn’t mean that it always does. Take charging. While the body that governs USB protocol, the USB Implementers Forum, sets a Power Delivery standard, manufacturers have come up with their own unique implementations as well. Qualcomm has Quick Charge, Samsung has Adaptive Fast Charging, and so on. The result, as nicely detailed by Android Authority earlier this year, is a landscape where you’re never quite sure what you’re going to get, especially once you reach for a third-party cable. Your phone will still charge, just not as fast as advertised if all of the involved components aren’t built for the same spec. And in extreme cases, some dodgy cables have been capable of frying devices altogether by drawing too much power for a specific task.

Security Leftovers

  • 6 top OSINT tools: Find sensitive public info before hackers do

    The same OSINT tactics used for spycraft can now be applied to cybersecurity. Most organizations have vast, public-facing infrastructures that span many networks, technologies, hosting services and namespaces. Information can be stored on employee desktops, in legacy on-prem servers, with employee-owned BYOD devices, in the cloud, embedded inside devices like webcams, or even hidden in the source code of active apps and programs.

  • 3 steps toward improving container security

    As developers increasingly make use of containers, securing them becomes more and more important. Gartner has named container security one of its top 10 concerns for this year in this report, which isn’t surprising given their popularity in producing lightweight and reusable code and lowering app dev costs. In this article, I’ll look at the three basic steps involved in container security: securing the build environment, securing the underlying container hosts, and securing the actual content that runs inside each container. To be successful at mastering container security means paying attention to all three of these elements. If you step back a moment, container security isn’t all that different from ordinary application security. If you replace the appropriate words in the above paragraph, you could have written this post 10, 20, or even 30 years ago with a few other modifications. But containers do have a few oddities and new twists that are worth highlighting. To get started, I suggest you listen to the recorded talk by Red Hat’s Dan Walsh about general container security considerations.

  • Good guy, Microsoft: Multi-factor auth outage gives cloudy Office, Azure users a surprise three-day weekend

    Microsoft is battling to fix its knackered multi-factor authentication system that today blocked customers from logging into their Microsoft 365 and Azure services. The Redmond giant confirmed on Friday an unspecified glitch prevented customers in North America from receiving the multi-factor auth (MFA) codes they need to sign into their cloud-based accounts. Obviously, those not using MFA are not affected. Though Azure and Microsoft 365 MFA users initially were locked out, by mid-day US Pacific Time, Azure was said to be working again, leaving 365 subscribers trying to log in high and dry. "We've taken multiple actions to mitigate impact and are working to validate service restoration," Microsoft told Microsoft 365 aka Office 365 customers. "In parallel, we're continuing to review system logs and service telemetry to better understand the underlying root cause."

  • Update Warning Issued For Millions Of Microsoft Windows 10 Users

    At this stage, it isn’t clear what is the cause with users citing BSOD failures with cldflt.sys, Affinity applications and more but all have found that uninstalling KB4517389 fixes the problem, which pins the source squarely on this already troubled update. Needless to say, the problem with a BSOD bug is you may not be lucky enough to get back to your desktop to do this. If you are, then navigate to Control Panel > Programs > Programs and Features > Installed updates > KB4517389 > Uninstall KB4517389 has already rolled out to millions of users but for hundreds of millions who have not received it yet, use Microsoft’s Show or Hide updates tool to block it from installing on your PC.

LibreOffice: Continuous Endnotes in Writer and AutoCorrect Dialog

  • Continuous endnotes in Writer

    What you can see is that endnotes unconditionally start after the end of the document content in Word, while endnotes are unconditionally on separate endnote pages in Writer. The new ContinuousEndnotes layout compatibility flag in Writer allows rendering endnotes the Word way. This new flag is enabled by default for DOC files, disabled otherwise. All this is available in LibreOffice master (towards 6.4), so you can try it out right now, if interested.

  • [LibreOffice] AutoCorrect Dialog

    In addition to an better placement the Word Completion Tab should be now easier to understood.