Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 2 hours 48 min ago

Security updates for Friday

14 hours 26 min ago
Security updates have been issued by Arch Linux (go, libxml2, postgresql, and wireshark-cli), Debian (drupal7 and lxml), Fedora (drupal7, java-1.8.0-openjdk-aarch32, libxml2, pacemaker, slurm, and swtpm), openSUSE (c-ares, ceph, chromium, dash, firefox, go1.14, java-1_8_0-openjdk, kernel, krb5, perl-DBI, podman, postgresql10, postgresql12, rclone, slurm, ucode-intel, wireshark, wpa_supplicant, and xen), SUSE (ceph, firefox, kernel, LibVNCServer, and python), and Ubuntu (freerdp, poppler, and xdg-utils).

Thanksgiving security updates

Thursday 26th of November 2020 02:46:52 PM
Security updates have been issued by openSUSE (blueman, chromium, firefox, LibVNCServer, postgresql10, postgresql12, thunderbird, and xen), Slackware (bind), SUSE (bluez, kernel, LibVNCServer, thunderbird, and ucode-intel), and Ubuntu (mutt, poppler, thunderbird, and webkit2gtk).

The new rules for Perl governance

Wednesday 25th of November 2020 04:29:49 PM
The process of adopting a new governance model for the Perl project appears to be reaching an end; the new model is designed to look a lot like the one adopted by the Python project. "So, now Perl has two well-defined bodies involved in its governance: a core team of a few dozen and a steering council of three people. The core team sets the rules of Perl governance, votes on membership of the two groups, and delegates substantial decision making power to the steering council. The steering council has broad authority to make decisions about the development of the Perl language, the interpreter, and all other components, systems and processes that result in new releases of the language interpreter." The full description is available for those looking for the details.

Security updates for Wednesday

Wednesday 25th of November 2020 03:49:09 PM
Security updates have been issued by Debian (spip and webkit2gtk), Fedora (kernel and libexif), openSUSE (chromium and rclone), Slackware (mutt), SUSE (kernel, mariadb, and slurm), and Ubuntu (igraph).

[$] Mutt releases version 2.0

Wednesday 25th of November 2020 02:50:03 PM
The venerable email client Mutt has just reached version 2.0. Mutt is different from the type of client that has come to dominate the email landscape—for one thing, it has no graphical interface. It has a long history that is worth a bit of a look, as are its feature set and extensive customizability. Version 2.0 brings several enhancements to Mutt's interface, configurability, and convenience, as well. In this article, readers who are unfamiliar with Mutt will learn about a different way to deal with the daily chore of wrangling their inboxes, while Mutt experts may discover some new sides to an old friend.

A set of stable kernels

Tuesday 24th of November 2020 05:20:27 PM
Greg Kroah-Hartman has released stable kernels 5.9.11, 5.4.80, 4.19.160, 4.14.209, 4.9.246, and 4.4.246 have been released. They all contain important fixes and users should upgrade.

Security updates for Tuesday

Tuesday 24th of November 2020 04:10:21 PM
Security updates have been issued by Fedora (chromium, microcode_ctl, and seamonkey), Mageia (f2fs-tools, italc, python-cryptography, python-pillow, tcpreplay, and vino), Oracle (thunderbird), Red Hat (bind, kernel, microcode_ctl, net-snmp, and Red Hat Virtualization), Scientific Linux (net-snmp and thunderbird), SUSE (kernel and mariadb), and Ubuntu (atftp, libextractor, pdfresurrect, and pulseaudio).

GNU Guix 1.2.0 released

Monday 23rd of November 2020 06:22:34 PM
GNU Guix, a functional package manager and associated free software distribution, was introduced eight years ago. The 1.2.0 release celebrates the anniversary. "A major highlight in this release is the ability to authenticate channels, which probably makes Guix one of the safest ways to deliver complete operating systems today. This was the missing link in our “software supply chain” and we’re glad it’s now fixed. The end result is that guix pull and related commands now cryptographically authenticate channel code that they fetch; you cannot, for instance, retrieve unauthorized commits to the official Guix repository."

Huang: Evaluating Precursor’s Hardware Security

Monday 23rd of November 2020 06:06:39 PM
For those who are interested in security at the hardware level, this blog post from Andrew 'bunnie' Huang is well worth a read. "Despite any claims you may have heard otherwise, tamper resistance is a largely unsolved problem. Any secrets committed to a non-volatile format are vulnerable to recovery by a sufficiently advanced adversary. The availability of near-atomic level microscopy, along with sophisticated photon and phonon based probing techniques, means that a lab equipped with a few million dollars worth of top-notch gear and well-trained technicians has a good chance of recovering secret key material out of virtually any non-volatile storage media. The hard part is figuring out where the secrets are located on the chip."

Security updates for Monday

Monday 23rd of November 2020 04:10:52 PM
Security updates have been issued by Debian (cimg, golang-1.7, golang-1.8, krb5, mediawiki, mupdf, php-pear, samba, thunderbird, and zabbix), Fedora (chromium, krb5, microcode_ctl, pngcheck, and rpki-client), Mageia (librepo, postgresql, python-twisted, raptor2, tcpdump, and thunderbird), openSUSE (blueman, java-11-openjdk, moinmoin-wiki, python, rmt-server, SDL, and tcpdump), Red Hat (chromium-browser and thunderbird), SUSE (c-ares, ceph, dash, firefox, java-1_8_0-openjdk, postgresql10, postgresql12, postgresql96, u-boot, and ucode-intel), and Ubuntu (openldap).

Kernel prepatch 5.10-rc5

Monday 23rd of November 2020 12:24:21 AM
The 5.10-rc5 kernel prepatch is out. "The 5.10 release candidates stubbornly keeps staying fairly big, even though by rc5 we really should be seeing things starting to calm down and shrink. There's nothing in here that makes me particularly nervous, but in pure numbers of commits, this is the largest rc5 we've had in the 5.x series."

Some weekend stable kernel updates

Sunday 22nd of November 2020 05:20:46 PM
The 5.9.10, 5.4.79, 4.19.159, 4.14.208, 4.9.245, and 4.4.245 stable kernel updates are all available. Each contains another set of important fixes, as usual.

[$] epoll_pwait2(), close_range(), and encoded I/O

Friday 20th of November 2020 05:50:30 PM
The various system calls and other APIs that the kernel provides for access to files and filesystems has grown increasingly comprehensive over the years. That does not mean, though, that there is no need or room for improvement. Several relatively small additions to the kernel's filesystem-related API are under consideration in the development community; read on for a survey of some of this work.

Security updates for Friday

Friday 20th of November 2020 02:06:35 PM
Security updates have been issued by CentOS (firefox), Fedora (chromium, microcode_ctl, mingw-libxml2, seamonkey, and xen), openSUSE (slurm_18_08 and tor), Oracle (thunderbird), SUSE (buildah, firefox, go1.14, go1.15, krb5, microcode_ctl, perl-DBI, podman, postgresql12, thunderbird, ucode-intel, wireshark, wpa_supplicant, and xen), and Ubuntu (firefox and phpmyadmin).

Paalanen: Developing Wayland Color Management and High Dynamic Range

Friday 20th of November 2020 01:13:48 AM
Over on the Collabora blog, Pekka Paalanen writes about adding color management and high dynamic range (HDR) support to the Wayland display server protocol. X11 already has support for color management tools and workflow, but not HDR, and Wayland currently doesn't support either, but Paalanen and others are working to change that. "As color management is all about color spaces and gamuts, and high dynamic range (HDR) is also very much about color spaces and gamuts plus extended luminance range, Sebastian [Wick] and I decided that Wayland color management extension should cater for both from the beginning. Combining traditional color management and HDR is a fairly new thing as far as I know, and I'm not sure we have much prior art to base upon, so this is an interesting research journey as well. There is a lot of prior art on HDR and color management separately, but they tend to have fundamental differences that makes the combination not obvious."

GCompris releases version 1.0 to celebrate 20 years

Friday 20th of November 2020 12:16:59 AM

The GCompris project, which provides a "high quality educational software suite, including a large number of activities for children aged 2 to 10", has announced its 1.0 release, which celebrates the 20th anniversary of the project. It includes more than 100 activities, a new Dataset selection in the Activity Settings menu for more than 50 activities, and four new activities, including an Analog Electricity activity to simulate and learn about circuits. KDE.news covered the release: "We have built the activities to follow the principles of 'nothing succeeds like success' and that children, when learning, should be challenged, but not made to feel threatened. Thus, GCompris congratulates, but does not reprimand; all the characters the child interacts with are friendly and supportive; activities are brightly colored, contain encouraging voices and play upbeat, but soothing music. The hardware requirements for running GCompris are extremely low and it will run fine on older computers or low-powered machines, like the Raspberry Pi. This saves you and your school from having to invest in new and expensive equipment and it is also eco-friendly, as it reduces the amount of technological waste that is produced when you have to renew computers to adapt to more and more power-hungry software. GCompris works on Windows, Android and GNU/Linux computers, and on desktop machines, laptops, tablets and phones."

[$] ID mapping for mounted filesystems

Thursday 19th of November 2020 06:03:10 PM
Almost every filesystem (excepting relics like VFAT) implements the concept of the owner and group of each file; the higher levels of the operating system then use that information to control access to those files. For decades, it has usually sufficed to track a single owner and group for each file, but there is an increasing number of use cases wanting to make that ownership relative to the environment any given process is running in. Developers have been working for a few years to find solutions to this problem; the latest attempt is the ID-mapped mounts patch set from Christian Brauner.

Six new stable kernels

Thursday 19th of November 2020 03:47:57 PM
Greg Kroah-Hartman has released the 5.9.9, 5.4.78, 4.19.158, 4.14.207, 4.9.244, and 4.4.244 stable kernels. They all contain important fixes throughout the kernel tree; users of those series should upgrade.

Rust 1.48.0 released

Thursday 19th of November 2020 03:17:01 PM
Version 1.48.0 of the Rust language has been released. The biggest change appears to be improvements to the documentation system, but there's more: "The most significant API change is kind of a mouthful: [T; N]: TryFrom<Vec<T>> is now stable. What does this mean? Well, you can use this to try and turn a vector into an array of a given length".

Security updates for Thursday

Thursday 19th of November 2020 02:15:22 PM
Security updates have been issued by Arch Linux (chromium and firefox), CentOS (bind, curl, fence-agents, kernel, librepo, libvirt, microcode_ctl, python, python3, qt and qt5-qtbase, resource-agents, and tomcat), Debian (drupal7, firefox-esr, jupyter-notebook, packer, python3.5, and rclone), Fedora (firefox), Mageia (firefox, nss), openSUSE (gdm, kernel-firmware, and moinmoin-wiki), Oracle (net-snmp), SUSE (libzypp, zypper), and Ubuntu (c-ares).

More in Tux Machines

today's leftovers

  • openSUSE Tumbleweed – Review of the week 2020/48 – Dominique a.k.a. DimStar (Dim*)

    After last week being filled with problems, this week felt like a ‘relaxing one’ – not that there would be fewer changes incoming, but we could focus on those changes instead of cuddling the infrastructure. And so it comes that we managed to publish 5 snapshots during this week (1119, 1121, 1123, 1124, and 1125).

  • Red Hat Process Automation Manager 7.9 brings Apache Kafka integration and more - Red Hat Developer

    Red Hat Process Automation Manager 7.9 brings bug fixes, performance improvements, and new features for process and case management, business and decision automation, and business optimization. This article introduces you to Process Automation Manager’s out-of-the-box integration with Apache Kafka, revamped business automation management capabilities, and support for multiple decision requirements diagrams (DRDs). I will also guide you through setting up and using the new drools-metric module for analyzing business rules performance, and I’ll briefly touch on Spring Boot integration in Process Automation Manager 7.9.

  • Getting started with Fedora CoreOS

    Fedora CoreOS (FCOS) came from the merging of CoreOS Container Linux and Fedora Atomic Host. It is a minimal and monolithic OS focused on running containerized applications. Security being a first class citizen, FCOS provides automatic updates and comes with SELinux hardening. For automatic updates to work well they need to be very robust. The goal being that servers running FCOS won’t break after an update. This is achieved by using different release streams (stable, testing and next). Each stream is released every 2 weeks and content is promoted from one stream to the other (next -> testing -> stable). That way updates landing in the stable stream have had the opportunity to be tested over a long period of time.

  • Slimjet – SparkyLinux

    Slimjet is built on top of the Chromium open-source project on which Google Chrome is also based. It enjoys the same speed and reliablity provided by the underlying blink engine as Google Chrome. However, many additional features and options have been added in Slimjet to make it more powerful, intelligent and customizable than Chrome. In addition to that, Slimjet DOES NOT send any usage statistics back to Google’s server like Google Chrome, which is a growing concern for many Chrome users due to the ubiquitous presence and reach of the advertising empire. Slimjet is compatible with all extensions and plugins designed for Google Chrome available from the Chrome web store.

  • Better handling of cached field results in Writer

    Writer now has much better support for preserving the cached result of fields in documents. This is especially beneficial for Word formats where the input document may have a field result which is not only a cache, but re-calculating the formula would yield a different result, even in Word. [...] Collabora intends to continue supporting and contributing to LibreOffice, the code is merged so we expect all of this work will be available in TDF’s next release too (7.1).

  • Argus: The Linux Commander – Manila Bulletin

    If you are like me who uses a Mac to manage Linux servers, then you may find this little menu bar tool a little nifty. Argus, currently on version 1.3, is a free download from https://argus-app.net. Argus already supports Big Sur and the new Apple Silicon M1 SoC. Installing Argus is just like any other MacOS application — drag and drop. Since this is a monitoring tool for remote Linux servers, you will need to add basic server information so Argus can set it up and gather the data from it. Argus creates an SSH tunnel to the server, so it requires SSH credentials (of course this means that the remote server has SSH properly configured). You can use your username-password pair, but I’d advise that you set up your certificates first to make it more secure (and easier). Once you have provided the server information and SSH credentials, Argus will connect to it and start downloading the Argus daemon. Installing the daemon will require root privileges, so make sure that you have sudo access, as your password will be asked during the install. Configure all the other remote servers that you wish to monitor through the Preferences pane.

  • Additional Linux Power For SAP Business One

    The migration from ERP/ECC 6.0 to S/4 Hana continues to be one of the main challenges in the SAP community. It is worthwhile to also take a look at SAP Business One on Hana in this context. It’s well known that more and more companies of all shapes and sizes are taking the first step towards S/4 Hana or are already operating it. What’s not as well known, however, is that Business One (B1), a solution for smaller and mid-sized companies, has been on a steep growth trajectory for a few years now. Experts put the estimated number of B1 installations at 100,000 worldwide.

  • Master boot vinyl record: It just gives DOS on my IBM PC a warmer, more authentic tone

    Looking for something to do in quarantine? How about booting DOS from a 10-inch vinyl record? While booting an operating system nowadays usually sees the software loaded from disk or flash memory, some of us of a certain age recall the delights of shovelling bytes in memory via the medium of tape, such as an audio cassette sending noise into the RAM of a home computer. Tinkerer Jozef Bogin has taken things a little further by booting an elderly IBM PC from a record player. Bogin used an old IBM PC and took advantage of a boot loader that would cause the hardware to fall back to the PC's cassette interface should everything else (floppies etc) fail. An analogue recording of bootable, read-only RAM drive was played through the interface, containing a version of FreeDOS tweaked by Bogin to fit into the memory constraints, a tiny COMMAND.COM and a patched version of INTERLINK to shovel data through the printer cable.

  • The Homer Car, But It's leinir's Laptop

    We are now into week three of me sitting in a virtual machine on my better half's laptop, while we wait for my replacement Dell XPS 13 2-in-1 (2019) to arrive, after Dell conceded that they could not fix the old one. Short version: The graphics fan went wonky and stopped spinning, so they sent an engineer out to replace the mainboard (because everything is soldered on, including the fan assembly), and then it stopped booting. So they sent out another, and that also immediately failed to post, and then decided that wasn't worth trying again, so they would send me a replacement laptop. Three weeks later, and i have a tracking number, with no updates for a couple of days, though it also isn't past the estimate they gave me for getting it (two weeks for an in stock item, from Ireland to England, nice...).

GNOME and KDE librsvg, calculator and more

  • Do not use librsvg 2.40.x

    Please do not use librsvg 2.40.x; it cannot render recent Adwaita icon themes correctly. The librsvg 2.40.x series is the last "C only" version of the library; it was deprecated in 2017. During the port to Rust, I rewrote the path parser to be spec-compliant, and fixed a few cases that the C version did not handle. One of this cases is for compact Arc data. The SVG path grammar allows one to remove whitespace between numbers if the next number starts with a sign. For example, 23-45 gets parsed as two numbers 23 -45. In addition, the arguments of the Arc commands have two flags in the middle of a bunch of numbers. The flags can be 0 or 1, and there may be no whitespace between the flags and the next number. For example, A1.98 1.98 0 0015 13.96 gets parsed as A1.98 1.98 0 0 0 15 13.96 — note the two 0 0 flags before the 15. [...] Please use at least librsvg 2.48.x; any earlier versions are not supported. Generally I keep an eye on the last two stable release sets (2.48.x and 2.50.x as of this writing), but only commit fixes to the latest stable series (2.50.x currently).

  • Pranali Deshmukh: GSoD Weekly Summary 9

    The idea here was to consolidate all documentation regarding the different operational modes of the calculator into a single section consisting of an overview page along with dedicated pages for each of the operational modes: Basic, Advanced, Financial, Programming and Keyboard modes.

  • Please give us your 20.12 releases features

    The KDE release service will make another bundle of releases next month on Dec 10th.

Devices and Open Hardware: Chomebox, MNT Reform, Arduino and More

  • ASUS Chromebox 4 features Intel Comet Lake processor, WiFi 6, up to 16GB RAM

    Chrome OS devices, be it Chromebook laptops, Chomebox mini PCs, or Chromebit PC sticks, used to be relatively low-cost devices designed to run the Chrome browser. But over the years. the versatility of the platform has increased with more powerful, yet still with low-power consumption, hardware, and improved software with support for Android apps, the Google Play Store, and even Linux programs. [...] I could not quite remember what BC 1.2 meant, and it stands for “Battery Charging 1.2” technology meant you’ll be able to charge your smartphone or other battery-powered devices faster through compatible ports.

  • How to choose a wireless protocol for home automation

    In the second article in this series, I talked about local control vs. cloud connectivity and some things to consider for your home automation setup. In this third article, I will discuss the underlying technology for connecting devices to Home Assistant, including the dominant protocols that smart devices use to communicate and some things to think about before purchasing smart devices.

  • MNT Reform Production Update November 2020 — MNT Research

    Shortly after the conclusion of the Crowd Supply campaign, we shipped 8 hand-built beta devices and collected some last minute feedback. Based on the feedback and our own learnings during this last test assembly phase, we further refined some aspects of the MNT Reform design.

  • uSVC Arduino VGA board – a portable and programmable retro-gaming console (crowdfunding)

    Itaca Innovation previously launched uChip, an Arduino-compatible board that has a Cortex M0+ MCU that features 0.3” spacing between rows. Now, next-hack joined Itaca Innovation to come up with an expansion board for uChip. The uChip Simple VGA Console (uSVC) Arduino based retro-gaming console is open hardware and is a programmable console. It will allow creating and playing retro “9-bit” games with standard USB controllers and keyboards.

  • Arduino Blog » Controlling a gas convection heater with a custom thermostat

    Redditor “Higgs8” had a gas convection heater that is (or was) controlled manually, but they wanted something a bit more. To accomplish this, they came up with a small Arduino-based thermostat. This allows you to set the desired temperature using a potentiometer, and it senses the current temperature value via a DS18B20 thermometer unit. It then adjusts the formerly manual knob with a stepper motor and custom gear reduction in response, maintaining the desired comfort level.

Programming: Awk, LLVM Clang and Qt

  • Why Every Linux User Needs To Learn Awk - YouTube

    Awk is one of those tools that every linux user has on their system but they probably only use it for fairly simple tasks, so today I thought I'd explain not only what awk but why you should use it and compare it some other Linux utils like sed.

  • Arm Neoverse N2 Support Added To The LLVM Clang 12 Compiler - Phoronix

    In September Arm began adding Neoverse N2 support to the open-source compilers initially with GCC and now the support has been merged into LLVM Clang 12 as well. The Neoverse N2 "Perseus" core was outlined in September as a follow-on design to the successful Neoverse N1. The N2 aims to provide 40% more performance over the N1 for single-threaded performance. The N2 is intended for use from the cloud to enterprise networking devices to edge computing.

  • Qt 6.0 RC and timelines for 6.1 and 6.2

    Hi all, First of all, I wanted to thank everybody for the hard work towards getting Qt 6.0 out of the door. We now have a first RC out, so we’re definitely getting very close to the 6.0.0 release. With that and the fact that we now have a 6.0 branch, it’s also time to start looking a bit ahead towards 6.1 and 6.2. We have long discussed, that the timing of our feature releases to be just before summer and Christmas vacation is a bit unfortunate, as we have little slack for delays without going into the vacation period. Especially the releases in December have sometimes been difficult in that respect. So we’d like to push the schedule a bit and move the minor releases towards a Spring/Autumn schedule. A somewhat shorter release cycle directly after 6.0 is probably a good idea anyway, as we will probably still need to do changes/fixes that don’t quite fit with our policy for patch level releases. So the idea is to shorten the release cycle for Qt 6.1 a bit and focus mainly on bug fixing and stability for that release. We’d aim for a feature freeze by the end of January, and a final Qt 6.1.0 release end of April. 6.2 would then also happen a bit earlier, with a feature freeze in June and a release end of September. Content wise, I believe we’ll start seeing more and more of the add-ons from Qt 5 being supported over the next 6-9 months, and I believe that with Qt 6.2 we will have brought most modules that we supported in Qt 5.15 over to Qt 6. Cheers, Lars

  • Qt 6.1, Qt 6.2 Expected To Come Sooner With Tightened Release Cycles - Phoronix

    Qt 6.0 is releasing in December and The Qt Company is already drafting plans for the release cycles of Qt 6.1 and Qt 6.2 LTS next year. Normally Qt is on a six-month release cadence but next year's Qt 6.1/6.2 releases will likely be tightened up both to address a long-standing gripe of the current timing that often puts new releases around summer holidays and the Thanksgiving~Christmas holiday season. To try to move off those May and November~December release windows, they are looking at tightening up the cycles for Qt 6.1 and Qt 6.2, with the latter being the first long-term support release of the Qt6 series. Lars Knoll is proposing that Qt 6.1 be shipped by the end of April which would put the feature freeze already at the end of January. But for Qt 6.1 the emphasis anyhow will likely be on bug fixing and stability improvements after all the changes in Qt 6.0, so a tightened up Qt 6.1 release makes sense.