Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 6 min 48 sec ago

[$] New features in the fish shell

10 hours 11 min ago
Fish (the "friendly interactive shell") has the explicit goal of being more user-friendly than other shells. It features a modern command-line interface with syntax highlighting, tab completion, and auto-suggestions out of the box (all with no configuration required). Unlike many of its competitors, it doesn't care about being POSIX-compliant but attempts to blaze its own path. Since our last look at the project, way back in 2013, it has seen lots of new releases with features, bug fixes, and refinements aimed at appealing to a wide range of users. Some of the biggest additions landed in the 3.0 release, but we will also describe some other notable changes from version 2.1 up through latest version.

Security updates for Tuesday

12 hours 58 min ago
Security updates have been issued by Debian (firefox-esr and mediawiki), openSUSE (firefox, libqt5-qtbase, and rubygem-actionpack-5_1), Red Hat (qemu-kvm, qemu-kvm-ma, and virt:rhel), SUSE (dpdk, firefox, and go1.15), and Ubuntu (dpdk, imagemagick, italc, libpgf, libuv1, pam-python, squid3, ssvnc, and teeworlds).

[$] Mercurial planning to transition away from SHA-1

Monday 28th of September 2020 04:04:03 PM
Recently, the Mercurial project has been discussing its plans to migrate away from the compromised SHA-1 hashing algorithm in favor of a more secure alternative. So far, the discussion is in the planning stages of algorithm selection and migration strategy, with a general transition plan for users. The project, for the moment, is favoring the BLAKE2 hashing algorithm.

OpenSSH 8.4 released

Monday 28th of September 2020 03:44:41 PM
OpenSSH 8.4 is out. The SHA-1 algorithm is deprecated and the "ssh-rsa" public key signature algorithm will be disabled by default "in a near-future release." They note that it is possible to perform chosen-prefix attacks against the SHA-1 algorithm for less than USD$50K.

Security updates for Monday

Monday 28th of September 2020 02:51:23 PM
Security updates have been issued by Debian (curl, libdbi-perl, linux-4.19, lua5.3, mediawiki, nfdump, openssl1.0, qt4-x11, qtbase-opensource-src, ruby-gon, and yaws), Fedora (f2fs-tools, grub2, libxml2, perl-DBI, singularity, xawtv, and xen), Mageia (cifs-utils, kio-extras, libproxy, mbedtls, nodejs, novnc, and pdns), openSUSE (bcm43xx-firmware, chromium, conmon, fuse-overlayfs, libcontainers-common, podman, firefox, libqt4, libqt5-qtbase, openldap2, ovmf, pdns, rubygem-actionpack-5_1, and tiff), SUSE (firefox, go1.14, ImageMagick, and libqt5-qtbase), and Ubuntu (firefox, gnuplot, libquicktime, miniupnpd, ruby-sanitize, and sudo).

Kernel prepatch 5.9-rc7

Sunday 27th of September 2020 10:32:49 PM
The 5.9-rc7 kernel prepatch is out for testing. "But while I do now know of any remaining gating issues any more, the fixes came in fairly late. So unless I feel insanely optimistic and/or a burning bush tells me that everything is bug-free, my plan right now is that I'll do another rc next Sunday rather than the final 5.9 release. And btw, please no more burning bushes. We're kind of sensitive about those on the West coast right now."

A small set of stable kernels

Sunday 27th of September 2020 08:37:45 PM
The 5.8.12, 5.4.68, and 4.19.148 stable kernels have been released; each contains another set of important fixes.

[$] Toward a "modern" Emacs

Friday 25th of September 2020 04:49:57 PM
It has only been a few months since the Emacs community went through an extended discussion on how to make the Emacs editor "popular again". As the community gears up for the Emacs 28 development cycle, (after the Emacs 27.1 release in August) that discussion has returned with a vengeance. The themes of this discussion differ somewhat from the last; developers are concerned about making Emacs — an editor with decades of history — seem "modern" to attract new users.

Calibre 5.0 released

Friday 25th of September 2020 03:03:56 PM
Version 5.0 of the Calibre electronic-book manager has been released. "There has been a lot of work on the calibre E-book viewer. It now supports Highlighting. The highlights can be colors, underlines, strikethrough, etc. and have added notes. All highlights can be both stored in EPUB files for easy sharing and centrally in the calibre library for easy browsing. Additionally, the E-book viewer now supports both vertical and right-to-left text." Another significant change is a port to Python 3; that was a necessary change but it means that there are a number of plugins that have not yet been ported and thus won't work. The status of many plugins can be found on this page.

Security updates for Friday

Friday 25th of September 2020 02:52:59 PM
Security updates have been issued by Debian (rails), openSUSE (chromium, jasper, ovmf, roundcubemail, samba, and singularity), Oracle (firefox), SUSE (bcm43xx-firmware, firefox, libqt5-qtbase, qemu, and tiff), and Ubuntu (aptdaemon, atftp, awl, packagekit, and spip).

[$] Saying goodbye to set_fs()

Thursday 24th of September 2020 03:48:47 PM
The set_fs() function dates back to the earliest days of the Linux kernel; it is a key part of the machinery that keeps user-space and kernel-space memory separated from each other. It is also easy to misuse and has been the source of various security problems over the years; kernel developers have long wanted to be rid of it. They won't completely get their wish in the 5.10 kernel but, as the result of work that has been quietly progressing for several months, the end of set_fs() will be easily visible at that point.

PostgreSQL 13 released

Thursday 24th of September 2020 01:48:44 PM
Version 13 of the PostgreSQL database management system is out. "PostgreSQL 13 includes significant improvements to its indexing and lookup system that benefit large databases, including space savings and performance gains for indexes, faster response times for queries that use aggregates or partitions, better query planning when using enhanced statistics, and more. Along with highly requested features like parallelized vacuuming and incremental sorting, PostgreSQL 13 provides a better data management experience for workloads big and small, with optimizations for daily administration, more conveniences for application developers, and security enhancements."

Security updates for Thursday

Thursday 24th of September 2020 01:09:12 PM
Security updates have been issued by Fedora (firefox, libproxy, mbedtls, samba, and zeromq), openSUSE (chromium and virtualbox), Red Hat (firefox and kernel), SUSE (cifs-utils, conmon, fuse-overlayfs, libcontainers-common, podman, libcdio, python-pip, samba, and wavpack), and Ubuntu (rdflib).

[$] LWN.net Weekly Edition for September 24, 2020

Thursday 24th of September 2020 01:22:35 AM
The LWN.net Weekly Edition for September 24, 2020 is available.

[$] OpenPGP in Thunderbird

Wednesday 23rd of September 2020 10:17:04 PM
It is a pretty rare event to see a nearly 21-year-old bug be addressed—many projects are nowhere near that old for one thing—but that is just what has occurred for the Mozilla Thunderbird email application. An enhancement request filed at the end of 1999 asked for a plugin to support email encryption, but it has mostly languished since. The Enigmail plugin did come along to fill the gap by providing OpenPGP support using GNU Privacy Guard (GnuPG or GPG), but was never part of Thunderbird. As part of Thunderbird 78, though, OpenPGP is now fully supported within the mail user agent (MUA).

Six stable kernels

Wednesday 23rd of September 2020 07:24:05 PM
Stable kernels 5.8.11, 5.4.67, 4.19.147, 4.14.199, 4.9.237, and 4.4.237 have been released with important fixes. Users should upgrade.

[$] Removing run-time disabling for SELinux in Fedora

Wednesday 23rd of September 2020 03:53:35 PM
Disabling SELinux is, perhaps sadly in some ways, a time-honored tradition for users of Fedora, RHEL, and other distributions that feature the security mechanism. Over the years, SELinux has gotten easier to tolerate due to the hard work of its developers and the distributions, but there are still third-party packages that recommend or require disabling SELinux in order to function. Up until fairly recently, the kernel has supported disabling SELinux at run time, but that mechanism has been deprecated—in part due to another kernel security feature. Now Fedora is planning to eliminate the ability to disable SELinux at run time in Fedora 34, which sparked some discussion in its devel mailing list.

Security updates for Wednesday

Wednesday 23rd of September 2020 02:44:54 PM
Security updates have been issued by openSUSE (libetpan, libqt4, lilypond, otrs, and perl-DBI), Red Hat (kernel-rt), Slackware (seamonkey), SUSE (grafana, libmspack, openldap2, ovmf, pdns, rubygem-actionpack-5_1, and samba), and Ubuntu (debian-lan-config, ldm, libdbi-perl, and netty-3.9).

[$] Python 3.9 is around the corner

Tuesday 22nd of September 2020 10:17:49 PM
Python 3.9.0rc2 was released on September 17, with the final version scheduled for October 5, roughly a year after the release of Python 3.8. Python 3.9 will come with new operators for dictionary unions, a new parser, two string operations meant to eliminate some longstanding confusion, as well as improved time-zone handling and type hinting. Developers may need to do some porting for code coming from Python 3.8 or earlier, as the new release has removed several previously-deprecated features still lingering from Python 2.7.

[$] Accurate timestamps for the ftrace ring buffer

Tuesday 22nd of September 2020 09:29:15 PM
The function tracer (ftrace) subsystem has become an essential part of the kernel's introspection tooling. Like many kernel subsystems, ftrace uses a ring buffer to quickly communicate events to user space; those events include a timestamp to indicate when they occurred. Until recently, the design of the ring buffer has led to the creation of inaccurate timestamps when events are generated from interrupt handlers. That problem has now been solved; read on for an in-depth discussion of how this issue came about and the form of its solution.