LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
업데이트: 33분 24초 지남
36분 29초 지남
Security updates have been issued by Debian (python-pysaml2 and redis), Fedora (buildah, containernetworking-plugins, containers-common, libmysofa, libpq, podman, postgresql, skopeo, xen, and xterm), openSUSE (nghttp2), Oracle (firefox and thunderbird), SUSE (glibc, ImageMagick, python-Jinja2, and salt), and Ubuntu (python2.7, python2.7, python3.4, python3.5, python3.6, python3.8, and tiff).
금, 2021/02/26 - 12:13오전
One of the under-the-hood changes in the Fedora 33 release was
a switch to
systemd-resolved for the handling of DNS queries. This change should
be invisible to most users unless they start using one of the new features
provided by systemd-resolved. Recently, though, the Fedora project changed
its default configuration for that service to eliminate fallback DNS
servers — a change which is indeed visible to some users who have found
themselves without domain-name resolution as a result.
목, 2021/02/25 - 11:50오후
Security updates have been issued by Arch Linux (ansible-base, keycloak, mumble, and postgresql), Debian (firefox-esr and nodejs), Fedora (dotnet3.1, dotnet5.0, keylime, php-horde-Horde-Text-Filter, radare2, scap-security-guide, and wireshark), openSUSE (postgresql, postgresql13 and python-djangorestframework), Red Hat (Ansible, firefox, and thunderbird), Scientific Linux (firefox and thunderbird), SUSE (php7, postgresql-jdbc, python-cryptography, rpmlint, and webkit2gtk3), and Ubuntu (dnsmasq, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.8, linux-kvm, linux-oracle, linux-raspi, linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon, linux-oem-5.10, linux-oem-5.6, screen, and xterm).
목, 2021/02/25 - 12:21오후
The LWN.net Weekly Edition for February 25, 2021 is available.
목, 2021/02/25 - 6:55오전
Two separate vulnerabilities led to the fast-tracked
release
of Python 3.9.2 and 3.8.8 on February 19, though
source-only
releases of 3.7.10 and 3.6.13 came a few days earlier. The
vulnerabilities may be problematic for some Python users and
workloads; one could potentially lead to remote code execution. The other
is, arguably, not exactly a flaw in the Python standard library—it simply
also follows an older standard—but it can lead to
web cache
poisoning attacks.
목, 2021/02/25 - 2:52오전
Sergio Durigan Junior has announced the availability of a
debuginfod server for Debian
systems. "In a nutshell, by using a debuginfod service you will not need to
install debuginfo (a.k.a. dbgsym) files anymore; the symbols will be
served to GDB (or any other debuginfo consumer that supports debuginfod)
over the network. Ultimately, this makes the debugging experience much
smoother (I myself never remember the full URL of our debuginfo
repository when I need it)."
수, 2021/02/24 - 11:58오후
Security updates have been issued by openSUSE (firefox and tor), Oracle (stunnel and xterm), Red Hat (virt:8.2 and virt-devel:8.2 and xterm), SUSE (avahi, gnuplot, java-1_7_0-ibm, and pcp), and Ubuntu (openssl).
수, 2021/02/24 - 8:10오전
NumPy is a Python library that adds
an array data type to the language, along with providing operators
appropriate to working on arrays and matrices. By wrapping fast Fortran and
C numerical routines, NumPy allows Python
programmers to write performant code in what is normally a relatively slow
language. NumPy 1.20.0
was
announced on January 30, in what its developers describe as the largest
release in the history of the project. That makes for a good opportunity to
show a little bit about what NumPy is, how to use it, and to describe what's new in the
release.
화, 2021/02/23 - 11:54오후
The
Firefox
86.0 release is out. New features this time include picture-in-picture
video and "
total
cookie protection", which appears to be a way to allow third-party
cookies while preserving some privacy.
화, 2021/02/23 - 10:36오후
Security updates have been issued by Arch Linux (connman, firejail, kernel, python-django, roundcubemail, and wpa_supplicant), Fedora (gdk-pixbuf2 and gdk-pixbuf2-xlib), openSUSE (python3 and tomcat), Scientific Linux (xterm), SUSE (postgresql12 and postgresql13), and Ubuntu (gdk-pixbuf, openldap, python-django, and qemu).
화, 2021/02/23 - 8:17오전
The beginning of the 5.12 merge window was delayed as the result of severe
weather in the US Pacific Northwest. Once Linus Torvalds got going, though, he
wasted little time; as of this writing, just over 8,600 non-merge
changesets have been pulled into the mainline repository for the 5.12
release \u2014 over a period of about two days. As one might imagine, that work
contains a long list of significant changes.
화, 2021/02/23 - 12:25오전
Matthew Garrett recently posted
a
patch set enabling hibernation on systems that are running in the UEFI
secure-boot lockdown mode.
This blog entry gets
into the details of how it all works. "When we encrypt material with
the TPM, we can ask it to record the PCR state. This is given back to us as
metadata accompanying the encrypted secret. Along with the metadata is an
additional signature created by the TPM, which can be used to prove that
the metadata is both legitimate and associated with this specific encrypted
data. In our case, that means we know what the value of PCR 23 was when we
encrypted the key. That means that if we simply extend PCR 23 with a known
value in-kernel before encrypting our key, we can look at the value of PCR
23 in the metadata. If it matches, the key was encrypted by the kernel -
userland can create its own key, but it has no way to extend PCR 23 to the
appropriate value first. We now know that the key was generated by the
kernel."
화, 2021/02/23 - 12:11오전
Version 19 of
the Kodi "entertainment center" application is out with a long list of new
features.
For audio and music lovers, there are significant improvements across the
board to metadata handling: library improvements, new tags, new displays,
improvements to how Kodi handles release dates, album durations, multi-disc
sets, and more. There's a new, Matrix-inspired visualisation, there are
improvements to display when fetching files from a web server, and several
changes to how audio decoder addons can pass information through to the
Kodi player.
For video, most of the changes are more technical, and may depend on your
hardware: AV1 software decoding, HLG HDR and static HDR10 playback on
Windows 10, static HDR10 and dynamic Dolby Vision HDR support on Android,
and more OpenGL bicubic scalers.
월, 2021/02/22 - 11:41오후
Security updates have been issued by Debian (chromium, libzstd, openldap, openvswitch, screen, and wpa), Fedora (dotnet5.0, subversion, and wpa_supplicant), openSUSE (mumble, python-djangorestframework, and tor), Oracle (container-tools:ol8, kernel, nodejs:10, nodejs:12, nodejs:14, subversion:1.10, and xterm), Red Hat (stunnel and xterm), and SUSE (ImageMagick, java-1_8_0-openjdk, kernel, krb5-appl, python3, tomcat, and webkit2gtk3).
토, 2021/02/20 - 3:33오전
Lockless algorithms are of interest for the Linux kernel when traditional
locking primitives either cannot be used or are not performant enough.
For this reason they come up every now and then on LWN; one of the last
mentions, which prompted me to write this article series, was
last July.
Topics that arise even more frequently are read-copy-update (RCU —
these
articles from 2007 are still highly relevant),
reference counting, and
ways of wrapping lockless primitives into higher-level,
more easily understood APIs. These articles will delve into the concepts
behind lockless algorithms and how they are used in the kernel.
토, 2021/02/20 - 12:18오전
Security updates have been issued by Debian (bind9, libbsd, openssl1.0, php-horde-text-filter, qemu, and unrar-free), Fedora (kiwix-desktop and libntlm), Mageia (coturn, mediawiki, privoxy, and veracrypt), openSUSE (buildah, libcontainers-common, podman), Oracle (kernel, nss, and perl), Red Hat (xterm), SUSE (java-1_7_1-ibm, php74, python-urllib3, and qemu), and Ubuntu (libjackson-json-java and shiro).
금, 2021/02/19 - 12:20오전
The
copy_file_range()
system call looks like a relatively straightforward feature; it allows
user space to ask the kernel to copy a range of data from one file to
another, hopefully applying some optimizations along the way. In truth,
this call has never been as generic as it seems, though some changes made
during 5.3 helped in that regard. When the developers of the Go language
ran into problems with copy_file_range(), there ensued a lengthy
discussion on how this system call should work and whether the kernel needs
to do more to make it useful.
목, 2021/02/18 - 11:46오후
Security updates have been issued by Debian (mumble, openssl, php7.3, and webkit2gtk), openSUSE (jasper, php7, and screen), SUSE (bind, php7, and php72), and Ubuntu (bind9, openssl, openssl1.0, and webkit2gtk).
목, 2021/02/18 - 11:19오후
The Google Security Blog carries
an
announcement of a heightened effort to reimplement security-critical
software in memory-safe languages. "The new Rust-based HTTP and TLS
backends for curl and now this new TLS library for Apache httpd are an
important starting point in this overall effort. These codebases sit at the
gateway to the internet and their security is critical in the protection of
data for millions of users worldwide."
페이지