lwn.net 피드 구독하기
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
업데이트: 2시간 2초 지남

Security updates for Tuesday

3시간 12분 지남
Security updates have been issued by Arch Linux (lynis), CentOS (kdelibs, libtirpc, rpcbind, and samba), Debian (miniupnpc), Fedora (chromium, chromium-native_client, and kernel), Oracle (kdelibs and samba), Red Hat (libtirpc and rpcbind), and Scientific Linux (kdelibs, libtirpc, rpcbind, and samba).

Hughes: Updating Logitech Hardware on Linux

3시간 46분 지남
Richard Hughes describes his work to address the MouseJack vulnerability in Logitech (and other) receivers. This vulnerability allows an attacker to pair new devices with the receiver with no user interaction or awareness, and, thus, take over the machine. "This makes sitting in a café quite a dangerous thing to do when any affected hardware is inserted, which for the unifying dongle is quite likely as it’s explicitly designed to remain in an empty USB socket."

Logitech has provided firmware updates, but not for "unsupported" platforms like Linux. Hughes has filled that gap by getting documentation and a fixed firmware image from Logitech and adding support for these devices to fwupd. He is now looking for testers to ensure that the whole thing works across all devices. This is important work that is well worth supporting.


GNU Guix & GuixSD 0.13.0 released

화, 2017/05/23 - 3:11오전
GNU Guix and GuixSD 0.13.0 have been released. GNU Guix is a transactional package manager for the GNU system and the Guix System Distribution, GuixSD, is an advanced distribution of the GNU system. A couple of highlights in this version: Guix can now be used on aarch64 systems, and GuixSD now supports Btrfs and adds the LXDE desktop as an option. See the announcement for more information.

FreeBSD quarterly status report

화, 2017/05/23 - 1:28오전
FreeBSD has released its status report for the first quarter of 2017. As usual there are reports from the FreeBSD Core Team, the FreeBSD Foundation, the FreeBSD Ports Collection, and the FreeBSD Release Engineering Team, followed by more information about ongoing projects, and more.

Security updates for Monday

화, 2017/05/23 - 12:22오전
Security updates have been issued by Arch Linux (fop), Debian (dropbear, icu, and openjdk-7), Fedora (chicken, cinnamon-settings-daemon, jbig2dec, libtirpc, sane-backends, and smb4k), Mageia (flash-player-plugin, vlc, and webmin), Oracle (libtirpc and rpcbind), Red Hat (kdelibs, libtirpc, rpcbind, and samba), and SUSE (kernel).

The end of Parsix GNU/Linux

월, 2017/05/22 - 11:01오후
The Debian-based Parsix distribution has announced that it will be shutting down six months after the Debian "Stretch" release. "Parsix GNU/Linux 8.15 (Nev) will be fully supported during this time and users should be able to upgrade their installations to Debian Stretch without any significant issues. We will make all necessary changes, and updates to ensure a smooth transition to Debian Stretch."

Kernel prepatch 4.12-rc2

월, 2017/05/22 - 11:54오전
The 4.12-rc2 kernel prepatch is out. "I'm back on the usual Sunday schedule, and everything else looks fairly normal too. This rc2 is maybe a bit bigger than usual, but the whole merge window was bigger than most, so maybe it's just that. And it's not like it's huge".

Stable kernels for everybody

토, 2017/05/20 - 11:59오후
The 4.11.2, 4.10.17, 4.9.29, 4.4.69, and 3.18.54 stable kernel updates have all been released with the usual set of important fixes. Note that this is the final update for the 4.10 kernel.

[$] Revisiting "too small to fail"

토, 2017/05/20 - 10:58오후
Back in 2014, the revelation that the kernel's memory-management subsystem would not allow relatively small allocation requests to fail created a bit of a stir. The discussion has settled down since then, but the "too small to fail" rule still clearly creates a certain amount of confusion in the kernel community, as is evidenced by a recent discussion inspired by the 4.12 merge window. It would appear that the rule remains in effect, but developers are asked to act as if it did not.

zetcd: running ZooKeeper apps without ZooKeeper

토, 2017/05/20 - 8:15오전
The CoreOS Blog introduces the first beta release, v0.0.1, of zetcd. "Distributed systems commonly rely on a distributed consensus to coordinate work. Usually the systems providing distributed consensus guarantee information is delivered in order and never suffer split-brain conflicts. The usefulness, but rich design space, of such systems is evident by the proliferation of implementations; projects such as chubby, ZooKeeper, etcd, and consul, despite differing in philosophy and protocol, all focus on serving similar basic key-value primitives for distributed consensus. As part of making etcd the most appealing foundation for distributed systems, the etcd team developed a new proxy, zetcd, to serve ZooKeeper requests with an unmodified etcd cluster."

Security updates for Friday

토, 2017/05/20 - 12:14오전
Security updates have been issued by Debian (deluge, jbig2dec, mysql-connector-java, and nss), Fedora (jasper), Mageia (mhonarc and radicale), openSUSE (smb4k), SUSE (kdelibs4 and rpcbind), and Ubuntu (jasper and openjdk-7).

[$] The trouble with SMC-R

금, 2017/05/19 - 4:52오전
Among the many features merged for the 4.11 kernel was the "shared memory communications over RDMA" (SMC-R) protocol from IBM. SMC-R is a high-speed data-center communications protocol that is claimed to be much more efficient than basic TCP sockets. As it turns out, though, the merging of this code was a surprise — and an unpleasant one at that — to a relevant segment of the kernel development community. This issue and the difficulties in resolving it are an indicator of how the increasingly fast-paced kernel development community can go off track.

Security updates for Thursday

금, 2017/05/19 - 12:36오전
Security updates have been issued by Debian (shadow), Fedora (rpcbind), Gentoo (gst-plugins-bad and tomcat), Red Hat (ansible and openshift-ansible, openstack-heat, and Red Hat OpenStack Platform director), and Ubuntu (bash, FreeType, linux-aws, linux-gke, linux-raspi2, linux-snapdragon, and linux-lts-xenial).

[$] LWN.net Weekly Edition for May 18, 2017

목, 2017/05/18 - 9:17오전
The LWN.net Weekly Edition for May 18, 2017 is available.

What’s New in Android: O Developer Preview 2

목, 2017/05/18 - 6:00오전
The Android Developers blog looks at the latest Android O Developer Preview, which is now in public beta. The developer preview also contains an early version of a project called Android Go which is built specifically for Android devices that have 1GB or less of memory.

[$] Restricting pathname resolution with AT_NO_JUMPS

목, 2017/05/18 - 5:35오전
On April 29, Al Viro posted a patch on the linux-api mailing list adding a new flag to be used in conjunction with the ...at() family of system calls. The flag is for containing pathname resolution to the same filesystem and subtree as the given starting point. This is a useful feature to have for implementing file I/O in programs that accept pathnames as untrusted user input. The ensuing discussion made it clear that there were multiple use cases for such a feature, especially if the granularity of its restrictions could be increased.

[$] IPv6 segment routing

목, 2017/05/18 - 3:31오전

In November 2016, a new networking feature, IPv6 segment routing (also known as "IPv6 SR" or "SRv6"), was merged into net-next and subsequently included in Linux 4.10. In this article, we explain this new feature, describe key elements of its implementation, and present a few performance measurements.


[$] Vulnerability hoarding and Wcry

목, 2017/05/18 - 3:06오전
A virulent ransomware worm attacked a wide swath of Windows machines worldwide in mid-May. The malware, known as Wcry, Wanna, or WannaCry, infected a number of systems at high-profile organizations as well as striking at critical pieces of the infrastructure—like hospitals, banks, and train stations. While the threat seems to have largely abated—for now—the origin of some of its code, which is apparently the US National Security Agency (NSA), should give one pause.

openSUSE Leap 42.1 has reached end of SUSE support

목, 2017/05/18 - 12:53오전
SUSE sponsored maintenance of openSUSE Leap 42.1 has ended. "The currently maintained stable release is openSUSE Leap 42.2, which will be maintained until the Q2/2018."

Security updates for Wednesday

목, 2017/05/18 - 12:46오전
Security updates have been issued by Arch Linux (libplist), Debian (mysql-connector-java), Fedora (jasper, kdelibs, lxterminal, menu-cache, pcmanfm, and postgresql), openSUSE (qemu), Slackware (freetype and kdelibs), SUSE (ghostscript-library, libtirpc, and mariadb), and Ubuntu (ghostscript, kernel, linux, linux-raspi2, linux-hwe, openjdk-7, qemu, shadow, and thunderbird).