lwn.net

lwn.net 피드 구독하기
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
업데이트: 34분 53초 지남

[$] The end of the 5.5 merge window

17시간 10분 지남
By the end of the merge window, 12,632 non-merge changesets had been pulled into the mainline repository for the 5.5 release. This is thus a busy development cycle — just like the cycles that preceded it. Just over half of those changesets were pulled after the writing of our first 5.5 merge-window summary. As is often the case later in the merge window, many of those changes were relatively boring fixes. There were still a number of interesting changes, though; read on for a summary of what happened in the second half of this merge window.
카테고리:

Security updates for Monday

18시간 22분 지남
Security updates have been issued by CentOS (SDL), Debian (htmldoc, librabbitmq, nss, openjdk-7, openslp-dfsg, and phpmyadmin), Fedora (chromium, community-mysql, kernel, libidn2, oniguruma, proftpd, and rabbitmq-server), Mageia (ansible, clamav, evince, firefox, graphicsmagick, icu, libcryptopp, libtasn1, libtiff, libvncserver, libvpx, lz4, nss, openexr, openjpeg2, openssl, phpmyadmin, python-psutil, python-twisted, QT, sdl2_image, SDL_image, sysstat, thunderbird, and tnef), Oracle (firefox), Red Hat (java-1.8.0-ibm and nss), Scientific Linux (firefox and kernel), SUSE (kernel), and Ubuntu (nss).
카테고리:

Kernel prepatch 5.5-rc1

월, 2019/12/09 - 11:07오후
Linus has released the 5.5-rc1 kernel prepatch and closed the merge window for this development cycle. "Everything looks fairly regular - it's a tiny bit larger (in commit counts) than the few last merge windows have been, but not bigger enough to really raise any eyebrows. And there's nothing particularly odd in there either that I can think of: just a bit over half of the patch is drivers, with the next big area being arch updates. Which is pretty much the rule for how things have been forever by now. Outside of that, the documentation and tooling (perf and selftests) updates stand out, but that's actually been a common pattern for a while now too, so it's not really surprising either."
카테고리:

[$] Developers split over split-lock detection

토, 2019/12/07 - 3:55오전
A "split lock" is a low-level memory-bus lock taken by the processor for a memory range that crosses a cache line. Most processors disallow split locks, but x86 implements them, Split locking may be convenient for developers, but it comes at a cost: a single split-locked instruction can occupy the memory bus for around 1,000 clock cycles. It is thus understandable that interest in eliminating split-lock operations is high. What is perhaps less understandable is that a patch set intended to detect split locks has been pending since (at least) May 2018, and it still is not poised to enter the mainline.
카테고리:

VPN hijacking on Linux (and beyond) systems

금, 2019/12/06 - 11:52오후
William Tolley has disclosed a severe VPN-related problem in most current systems: "I am reporting a vulnerability that exists on most Linux distros, and other *nix operating systems which allows a network adjacent attacker to determine if another user is connected to a VPN, the virtual IP address they have been assigned by the VPN server, and whether or not there is an active connection to a given website. Additionally, we are able to determine the exact seq and ack numbers by counting encrypted packets and/or examining their size. This allows us to inject data into the TCP stream and hijack connections." There are various partial mitigations available, but a full solution to the problem has not yet been worked out. Most VPNs are vulnerable, but Tor evidently is not.
카테고리:

Security updates for Friday

금, 2019/12/06 - 11:05오후
Security updates have been issued by Debian (libav), Fedora (kernel, libuv, and nodejs), Oracle (firefox), Red Hat (firefox and java-1.7.1-ibm), SUSE (clamav, cloud-init, dnsmasq, dpdk, ffmpeg, munge, opencv, and permissions), and Ubuntu (librabbitmq).
카테고리:

[$] Debian votes on init systems

금, 2019/12/06 - 3:18오전
In November, the topic of init systems and, in particular, support for systems other than systemd reappeared on the Debian mailing lists. After one month of sometimes fraught discussion, this issue has been brought to the project's developers to decide in the form of a general resolution (GR) — the first such since the project voted on the status of debian-private discussions in 2016. The issues under discussion are complex, so the result is one of the most complex ballots seen for some time in Debian, with seven options to choose from.
카테고리:

Stable kernels 5.4.2, 5.3.15, and 4.19.88

금, 2019/12/06 - 12:32오전
Greg Kroah-Hartman has announced the release of the 5.4.2, 5.3.15, and 4.19.88 stable kernels. They contain a relatively large collection of important fixes throughout the tree; users of those kernel series should upgrade.
카테고리:

Security updates for Thursday

목, 2019/12/05 - 11:01오후
Security updates have been issued by Arch Linux (firefox), Fedora (cyrus-imapd, freeipa, haproxy, ImageMagick, python-pillow, rubygem-rmagick, sqlite, squid, and tnef), openSUSE (haproxy), Oracle (microcode_ctl), and Ubuntu (squid, squid3).
카테고리:

[$] LWN.net Weekly Edition for December 5, 2019

목, 2019/12/05 - 12:51오후
The LWN.net Weekly Edition for December 5, 2019 is available.
카테고리:

[$] A static-analysis framework for GCC

목, 2019/12/05 - 7:04오전
One of the features of the Clang/LLVM compiler that has been rather lacking for GCC may finally be getting filled in. In a mid-November post to the gcc-patches mailing list, David Malcolm described a new static-analysis framework for GCC that he wrote. It could be the starting point for a whole range of code analysis for the compiler.
카테고리:

[$] Creating Kubernetes distributions

목, 2019/12/05 - 4:00오전
Making a comparison between Linux and Kubernetes is often one of apples to oranges. There are, however, some similarities and there is an effort within the Kubernetes community to make Kubernetes more like a Linux distribution. The idea was outlined in a session about Kubernetes release engineering at KubeCon + CloudNativeCon North America 2019. "You might have heard that Kubernetes is the Linux of the cloud and that's like super easy to say, but what does it mean? Cloud is pretty fuzzy on its own," Tim Pepper, the Kubernetes release special interest group (SIG Release) co-chair said. He proceeded to provide some clarity on how the two projects are similar.
카테고리:

Security updates for Wednesday

목, 2019/12/05 - 1:26오전
Security updates have been issued by CentOS (389-ds-base, ghostscript, kernel, and tcpdump), Debian (libonig), Fedora (clamav, firefox, and oniguruma), openSUSE (calamares, cloud-init, haproxy, libarchive, libidn2, libxml2, and ucode-intel), Scientific Linux (SDL and tcpdump), Slackware (mozilla), and Ubuntu (haproxy, intel-microcode, and postgresql-common).
카테고리:

Two malicious Python libraries caught stealing SSH and GPG keys (ZDNet)

수, 2019/12/04 - 10:58오후
ZDNet reports that two more malicious modules have been removed from the Python Package Index. "The two libraries were created by the same developer and mimicked other more popular libraries -- using a technique called typosquatting to register similarly-looking names. The first is 'python3-dateutil,' which imitated the popular 'dateutil' library. The second is 'jeIlyfish' (the first L is an I), which mimicked the 'jellyfish' library." The latter of the two had been in PyPI for nearly a year.
카테고리:

Firefox 71

수, 2019/12/04 - 3:28오전
Firefox 71 is available. New features include improvements to the Lockwise integrated password manager and native MP3 decoding. The release notes have more details.
카테고리:

Security updates for Tuesday

수, 2019/12/04 - 1:13오전
Security updates have been issued by Arch Linux (intel-ucode and libtiff), Debian (exiv2), Oracle (SDL), Red Hat (kernel, patch, and python-jinja2), and Ubuntu (graphicsmagick, linux, linux-aws, linux-aws-5.0, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-oem-osp1, linux-oracle, linux-oracle-5.0, linux-raspi2, linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-gcp, linux-gcp-5.3, linux-kvm, linux-oracle, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-lts-xenial, linux-aws, and sqlite3).
카테고리:

Wielaard: A public discussion about GNU

수, 2019/12/04 - 12:09오전
Mark Wielaard has posted a summary of the discussion thus far on the governance of the GNU project. "The mentoring and apprenticeship discussion focused on the GNU maintainers as being the core of the GNU project. But as was pointed out there are also webmasters, translators, infrastructure maintainers (partially paid FSF staff and volunteers), education and conference organizers, etc. All these people are GNU stakeholders. And how we organize governance of the GNU project should also involve them."
카테고리:

[$] 5.5 Merge window, part 1

화, 2019/12/03 - 7:33오전
The 5.5 merge window got underway immediately after the release of the 5.4 kernel on November 24. The first week has been quite busy despite the US Thanksgiving holiday landing in the middle of it. Read on for a summary of what the first 6,300 changesets brought for the next major kernel release.
카테고리:

Security updates for Monday

화, 2019/12/03 - 12:54오전
Security updates have been issued by Debian (389-ds-base, asterisk, file, nss, proftpd-dfsg, ssvnc, and tnef), Fedora (chromium, djvulibre, freeradius, ImageMagick, jhead, kernel, phpMyAdmin, python-pillow, and rubygem-rmagick), Mageia (bzip2, chromium-browser-stable, curl, dbus, djvulibre, glib2.0, glibc, gnupg2, httpie, libreoffice, libssh2, mosquitto, nginx, python-sqlalchemy, unbound, and zipios++), openSUSE (bluez, clamav, cpio, freerdp, openafs, phpMyAdmin, strongswan, and webkit2gtk3), Red Hat (samba and SDL), Scientific Linux (389-ds-base), and SUSE (haproxy, python-Django, and tightvnc).
카테고리:

PHP 7.4.0 released

월, 2019/12/02 - 12:21오후
Version 7.4.0 of the PHP language has been released. New features include typed properties, arrow functions, weak references, and more; see the release announcement and migration guide for more information.
카테고리:

페이지