lwn.net

The default apps on a mobile platform like Android are familiar targets for replacement, especially for developers concerned about security. But while messaging and voice apps (which can be replaced by Signal and Ostel, for instance) may be the best known examples, the non-profit Guardian Project has taken up the cause of improving the security features of the camera app. Its latest such project is ProofMode, an app to let users take photos and videos that can be verified as authentic by third parties.

Security updates have been issued by Arch Linux (linux-hardened), CentOS (sudo), Debian (apache2, c-ares, flatpak, graphite2, and openvpn), Fedora (glibc and thunderbird), Gentoo (graphite2, jbig2dec, libksba, nettle, urbanterror, and vim), openSUSE (go and unrar), Oracle (sudo), SUSE (tomcat), and Ubuntu (openvpn).

The digiKam Team has released version 5.6.0 of the digiKam Software Collection for photo management. "With this version the HTML gallery and the video slideshow tools are back, database shrinking (e.g. purging stale thumbnails) is also supported on MySQL, grouping items feature has been improved, the support for custom sidecars type-mime have been added, the geolocation bookmarks introduce fixes to be fully functional with bundles, the support for custom sidecars, and of course a lots of bug has been fixed."

Security updates have been issued by Arch Linux (lxterminal, lxterminal-gtk3, openvpn, and pcmanfm), CentOS (thunderbird), Debian (jython, spip, tomcat7, and tomcat8), openSUSE (openvpn), Oracle (thunderbird), Slackware (openvpn), SUSE (openvpn), and Ubuntu (kernel, linux-lts-trusty, nss, and valgrind).

The LWN.net Weekly Edition for June 22, 2017 is available.

At Open Source Summit Japan (OSSJ)—OSS is the new name for LinuxCon, ContainerCon, and CloudOpen—Sasha Levin gave a talk on the kernel's application binary interface (ABI). There is an effort to create a kernel ABI specification that has its genesis in a discussion about fuzzers at the 2016 Linux Plumbers Conference. Since that time, some progress on it has been made, so Levin described what the ABI is and the benefits that would come from having a specification. He also covered what has been done so far—and the the extensive work remaining to be done.

Guido Vranken describes his efforts to fuzz-test OpenVPN and the bug reports that resulted. "Most of this issues were found through fuzzing. I hate admitting it, but my chops in the arcane art of reviewing code manually, acquired through grueling practice, are dwarfed by the fuzzer in one fell swoop; the mortal’s mind can only retain and comprehend so much information at a time, and for programs that perform long cycles of complex, deeply nested operations it is simply not feasible to expect a human to perform an encompassing and reliable verification."

At PyCon 2017, Kavya Joshi looked at some of the differences between the Python reference implementation (known as "CPython") and that of MicroPython. In particular, she described the differences in memory use and handling between the two. Those differences are part of what allows MicroPython to run on the severely memory-constrained microcontrollers it targets—an environment that could never support CPython.

For those who are curious about how the community deals with a serious vulnerability, Solar Designer's description of the embargo process around the "Stack Clash" issue (and his unhappiness with it) is worth a read. "Qualys first informed the distros list about this upcoming set of issues on May 3. This initial notification didn't say Stack Clash nor anything like that, but merely expressed intent to disclose the issues and concern that the list's maximum embargo duration of 14 to 19 days might not be sufficient in this case. In the resulting discussion, I agreed to consider extending the embargo beyond list policy should there be convincing reasons for that. In retrospect, I think I shouldn't have agreed to that."

Version 1.2 of the Opus audio codec has been released. "For music encoding Opus has already been shown to out-perform other audio codecs at both 64 kb/s and 96 kb/s. We originally thought that 64 kb/s was near the lowest bitrate at which Opus could be useful for streaming stereo music. However, with variable bitrate (VBR) improvements in Opus 1.1, suddenly 48 kb/s became a realistic target. Opus 1.2 continues on the path to lowering the bitrate limit. Music at 48 kb/s is now quite usable and while the artefacts are generally audible, they are rarely annoying. Even more, we've actually been pushing all the way to fullband stereo at just 32 kb/s! Most of the music encoding quality improvements in 1.2 don't come from big new features (like tonality analysis that got added to version 1.1), but from many small changes that all add up."

In a brief note to the GCC list, David Edelson announces: "I am pleased to announce that the GCC Steering Committee has accepted the D Language front-end and runtime for inclusion in GCC and appointed Iain Buclaw as maintainer."

Security updates have been issued by CentOS (kernel), Debian (libffi, swftools, tomcat7, and zziplib), Gentoo (chromium, glibc, kodi, mbedtls, and wget), openSUSE (glibc and kernel), Oracle (kernel), Scientific Linux (thunderbird), and SUSE (kernel, sudo, and tomcat6).

Simon Raffeiner describes in detail the reasons he sees for the failure of the Ubuntu phone project. "I understand there weren’t enough developers to fix everything at once, but instead of deciding to either make a good phone OR a good tablet with Convergence, we had devices which couldn’t really do anything right. The whole project also always always had this 'these are developer devices, it’s not important to do it fast, we will win in the long run' air around it – until the management quite obviously realised that this was all way too expensive and too much time had already been lost."

Free Electrons has announced a new service to the embedded Linux community: toolchains.free-electrons.com. "This web site provides a large number of cross-compilation toolchains, available for a wide range of architectures, in multiple variants. The toolchains are based on the classical combination of gcc, binutils and gdb, plus a C library." There are over 100 toolchains covering many architectures.

Lennart Poettering announces casync, a tool for distributing system images. "casync takes inspiration from the popular rsync file synchronization tool as well as the probably even more popular git revision control system. It combines the idea of the rsync algorithm with the idea of git-style content-addressable file systems, and creates a new system for efficiently storing and delivering file system images, optimized for high-frequency update cycles over the Internet. Its current focus is on delivering IoT, container, VM, application, portable service or OS images, but I hope to extend it later in a generic fashion to become useful for backups and home directory synchronization as well."

The kernel's command line allows the specification of many operating parameters at boot time. A silly bug in command-line parsing was reported by Ilya Matveychikov on May 22; it can be exploited to force a stack buffer overflow with a controlled payload that can overwrite memory. The bug itself stems from a bounds-checking error that, while simple, has still been in the Linux kernel source since version 2.6.20. The subsequent disclosure post by Matveychikov in the oss-security list spawned a discussion on what constitutes a vulnerability, and what is, instead, merely a bug.

Christian Schaller has posted an extensive look forward at the changes coming to the Fedora desktop. "Another major project we been working on for a long time in Fleet Commander. Fleet Commander is a tool to allow you to manage Fedora and RHEL desktops centrally. This is a tool targeted at for instance Universities or companies with tens, hundreds or thousands of workstation installation. It gives you a graphical browser based UI (accessible through Cockpit) to create configuration profiles and deploy across your organization."

Security updates have been issued by Arch Linux (glibc and lib32-glibc), CentOS (glibc and kernel), Debian (eglibc, kernel, and libffi), openSUSE (exim, freeradius-server, libxml2, Mozilla based packages, and xorg-x11-server), Oracle (glibc and kernel), Scientific Linux (glibc and kernel), SUSE (glibc, kernel, and openvpn), and Ubuntu (eglibc, glibc, exim4, libnl3, linux, linux-meta, linux-aws, linux-meta-aws, linux-gke, linux-meta-gke, linux-hwe, linux-meta-hwe, linux-lts-xenial, linux-meta-lts-xenial, linux-meta-raspi2, linux-raspi2, and linux-meta-snapdragon, linux-snapdragon).

Normally, the -rc6 kernel testing release is not the place where one would expect to find a 900-line memory-management change. As it happens, though, such a change was quietly merged immediately prior to the 4.12-rc6 release; indeed, it may have been the real reason behind 4.12-rc6 coming out some hours later than would have been expected. This change is important, though, in that it addresses a newly publicized security threat that, it seems, is being actively exploited.

Windows Management Instrumentation (WMI) is a vaguely defined mechanism for the control of platform-specific devices; laptop functions like special buttons, LEDs, and the backlight are often controlled through WMI interfaces. On Linux, access to WMI functions is restricted to the kernel, while Windows allows user space to use them as well. A recent proposal to make WMI functions available to user space in Linux as well spawned a slow-moving conversation that turned on a couple of interesting questions — only one of which was anticipated in the proposal itself.