lwn.net

lwn.net 피드 구독하기
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
업데이트: 2시간 31분 지남

Security updates for Thursday

목, 2024/02/15 - 10:47오후
Security updates have been issued by Debian (edk2, postgresql-13, and postgresql-15), Fedora (engrampa, vim, and xen), Mageia (mbedtls and quictls), Oracle (nss, openssh, and tcpdump), Red Hat (.NET 8.0), SUSE (hugin, kernel, pdns-recursor, python3, tomcat, and tomcat10), and Ubuntu (clamav, edk2, linux-gcp-6.2, linux-intel-iotg-5.15, linux-oem-6.1, and ujson).
카테고리:

[$] LWN.net Weekly Edition for February 15, 2024

목, 2024/02/15 - 9:44오전
The LWN.net Weekly Edition for February 15, 2024 is available.
카테고리:

LineageOS 21 released

목, 2024/02/15 - 8:03오전
Version 21 of LineageOS, an Android-based distribution, has been released.

With all that said, we have been working extremely hard since Android 14’s release last October to port our features to this new version of Android. Thanks to our hard work adapting to Google’s largely UI-based changes in Android 12/13, and Android 14’s dead-simple device bring-up requirements, we were able to rebase our changes onto Android 14 much more efficiently.

This lets us spend some much overdue time on our apps suite! Applications such as Aperture had their features and UX improved significantly, while many of our aging apps such as Jelly, Dialer, Contacts, Messaging, LatinIME (Keyboard), and Calculator got near full redesigns that bring them into the Material You era!

카테고리:

The Ubuntu community mourns the loss of Gunnar Hjalmarsson

목, 2024/02/15 - 4:52오전

The Ubuntu Weekly Newsletter carries the sad news that long-time contributor Gunnar Hjalmarsson has passed away. Gunnar has been a steadfast contributor to Ubuntu and Debian for well over a decade. His work around translation and localization efforts has helped enable people from around the world to use and enjoy the software that we all love. It goes without saying that people like Gunnar are the foundation of our community, and his passing is a tremendous loss.

카테고리:

[$] KDE Plasma X11 support gets a reprieve for Fedora 40

목, 2024/02/15 - 4:06오전

The Fedora Project is working toward the release of Fedora Linux 40, and (as with each release) that means changes to the way the project works and the software included in its repositories. Most of the changes set for Fedora 40 are uncontroversial, but one change is causing quite a stir. The KDE Special Interest Group's (SIG) proposal to adopt KDE Plasma 6 with only Wayland session support, which it interpreted as a mandate to block any X11 packages for Plasma. Others saw it as overreach by the SIG, and an attempt to block users and contributors from maintaining software they needed.

카테고리:

[$] A turning point for CVE numbers

목, 2024/02/15 - 2:05오전
The Common Vulnerabilities and Exposures (CVE) system was set up in 1999 as a way to refer unambiguously to known vulnerabilities in software. That system has found itself under increasing strain over the years, and numerous projects have responded by trying to assert greater control over how CVE numbers are assigned for their code. On February 13, though, a big shoe dropped when the Linux kernel project announced that it, too, was taking control of CVE-number assignments. As is often the case, though, the kernel developers are taking a different approach to vulnerabilities, with possible implications for the CVE system as a whole.
카테고리:

Security updates for Wednesday

수, 2024/02/14 - 11:09오후
Security updates have been issued by Debian (bind9 and unbound), Fedora (clamav, firecracker, libkrun, rust-event-manager, rust-kvm-bindings, rust-kvm-ioctls, rust-linux-loader, rust-userfaultfd, rust-versionize, rust-vhost, rust-vhost-user-backend, rust-virtio-queue, rust-vm-memory, rust-vm-superio, rust-vmm-sys-util, and virtiofsd), Red Hat (.NET 6.0, dotnet6.0, and dotnet7.0), Slackware (bind and dnsmasq), and Ubuntu (dotnet6, dotnet7, dotnet8, linux-lowlatency, linux-raspi, linux-nvidia-6.2, and ujson).
카테고리:

The kernel becomes its own CNA

수, 2024/02/14 - 4:13오전
Greg Kroah-Hartman has announced that the kernel project has been accepted as a CVE numbering authority (CNA). The way that CVE numbers will be handled by the kernel is described in this documentation patch:

As part of the normal stable release process, kernel changes that are potentially security issues are identified by the developers responsible for CVE number assignments and have CVE numbers automatically assigned to them. These assignments are published on the linux-cve mailing list as announcements on a frequent basis.

Note, due to the layer at which the Linux kernel is in a system, almost any bug might be exploitable to compromise the security of the kernel, but the possibility of exploitation is often not evident when the bug is fixed. Because of this, the CVE assignment team are overly cautious and assign CVE numbers to any bugfix that they identify. This explains the seemingly large number of CVEs that are issued by the Linux kernel team.

카테고리:

[$] A look at dynamic linking

화, 2024/02/13 - 11:54오후

The dynamic linker is a critical component of modern Linux systems, being responsible for setting up the address space of most processes. While statically linked binaries have become more popular over time as the tradeoffs that originally led to dynamic linking become less relevant, dynamic linking is still the default. This article looks at what steps the dynamic linker takes to prepare a program for execution.

카테고리:

Security updates for Tuesday

화, 2024/02/13 - 11:47오후
Security updates have been issued by Fedora (clamav and virtiofsd), Oracle (gimp), Red Hat (gnutls and nss), SUSE (kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t and squid), and Ubuntu (openssl).
카테고리:

FreeBSD phasing out 32-bit platforms

화, 2024/02/13 - 4:27오전

The FreeBSD Project has announced that it intends to deprecate 32-bit platforms "over the next couple of major releases". We anticipate FreeBSD 15.0 will not include the armv6, i386, and powerpc platforms, and FreeBSD 16.0 will not include armv7. Support for executing 32-bit binaries on 64-bit kernels will be retained through at least the lifetime of the stable/16 branch if not longer.

The announcement notes that support for some 32-bit platforms "may be extended if there is both demand and commitment to increased developer resources". More details about the current plans for 32-bit platforms are available in the FreeBSD 14.0-RELEASE Release Notes.

카테고리:

FreeBSD phasing out 32-bit platforms

화, 2024/02/13 - 4:27오전

The FreeBSD Project has announced that it intends to deprecate 32-bit platforms "over the next couple of major releases". We anticipate FreeBSD 15.0 will not include the armv6, i386, and powerpc platforms, and FreeBSD 16.0 will not include armv7. Support for executing 32-bit binaries on 64-bit kernels will be retained through at least the lifetime of the stable/16 branch if not longer.

The announcement notes that support for some 32-bit platforms "may be extended if there is both demand and commitment to increased developer resources". More details about the current plans for 32-bit platforms are available in the FreeBSD 14.0-RELEASE Release Notes.

카테고리:

[$] Another runc container breakout

화, 2024/02/13 - 12:57오전

Once again, runc—a tool for spawning and running OCI containers—is drawing attention due to a high severity container breakout attack. This vulnerability is interesting for several reasons: its potential for widespread impact, the continued difficulty in actually containing containers, the dangers of running containers as a privileged user, and the fact that this vulnerability is made possible in part by a response to a previous container breakout flaw in runc.

카테고리:

[$] Another runc container breakout

화, 2024/02/13 - 12:57오전

Once again, runc—a tool for spawning and running OCI containers—is drawing attention due to a high severity container breakout attack. This vulnerability is interesting for several reasons: its potential for widespread impact, the continued difficulty in actually containing containers, the dangers of running containers as a privileged user, and the fact that this vulnerability is made possible in part by a response to a previous container breakout flaw in runc.

카테고리:

Security updates for Monday

월, 2024/02/12 - 11:42오후
Security updates have been issued by Debian (libgit2), Fedora (chromium, firecracker, libkrun, openssh, python-nikola, runc, rust-event-manager, rust-kvm-bindings, rust-kvm-ioctls, rust-linux-loader, rust-userfaultfd, rust-versionize, rust-vhost, rust-vhost-user-backend, rust-virtio-queue, rust-vm-memory, rust-vm-superio, rust-vmm-sys-util, virtiofsd, webkitgtk, and wireshark), Mageia (filezilla and xpdf), Oracle (gimp), Red Hat (libmaxminddb, linux-firmware, squid:4, and tcpdump), Slackware (xpdf), SUSE (cdi-apiserver-container, cdi-cloner-container, cdi- controller-container, cdi-importer-container, cdi-operator-container, cdi- uploadproxy-container, cdi-uploadserver-container, cont and suse-build-key), and Ubuntu (python-glance-store and webkit2gtk).
카테고리:

Security updates for Monday

월, 2024/02/12 - 11:42오후
Security updates have been issued by Debian (libgit2), Fedora (chromium, firecracker, libkrun, openssh, python-nikola, runc, rust-event-manager, rust-kvm-bindings, rust-kvm-ioctls, rust-linux-loader, rust-userfaultfd, rust-versionize, rust-vhost, rust-vhost-user-backend, rust-virtio-queue, rust-vm-memory, rust-vm-superio, rust-vmm-sys-util, virtiofsd, webkitgtk, and wireshark), Mageia (filezilla and xpdf), Oracle (gimp), Red Hat (libmaxminddb, linux-firmware, squid:4, and tcpdump), Slackware (xpdf), SUSE (cdi-apiserver-container, cdi-cloner-container, cdi- controller-container, cdi-importer-container, cdi-operator-container, cdi- uploadproxy-container, cdi-uploadserver-container, cont and suse-build-key), and Ubuntu (python-glance-store and webkit2gtk).
카테고리:

Kernel prepatch 6.8-rc4

월, 2024/02/12 - 5:43오전
The 6.8-rc4 kernel prepatch is out for testing. "Commit counts and contents look normal for this phase of the release, nothing here really stands out."
카테고리:

Kernel prepatch 6.8-rc4

월, 2024/02/12 - 5:43오전
The 6.8-rc4 kernel prepatch is out for testing. "Commit counts and contents look normal for this phase of the release, nothing here really stands out."
카테고리:

Introducing Fedora Atomic Desktops (Fedora Magazine)

토, 2024/02/10 - 7:19오전
Fedora Magazine has announced the creation of Fedora Atomic Desktops: a way of branding Fedora's growing set of rpm-ostree spins. Joseph Gayso wrote "we’ve seen more of our mainline Fedora Linux spins make the jump to offer a version that implements rpm-ostree. It’s reached the point where it can be hard to talk about all of them at the same time. Therefore we’ve introduced a new brand that will serve to simplify how we discuss rpm-ostree and how we name future atomic spins." LWN covered Project Bluefin, which is based on Fedora's rpm-ostree work, in December 2023.
카테고리:

Introducing Fedora Atomic Desktops (Fedora Magazine)

토, 2024/02/10 - 7:19오전
Fedora Magazine has announced the creation Fedora Atomic Desktops: a way of branding Fedora's growing set of rpm-ostree spins. Joseph Gayso wrote "we’ve seen more of our mainline Fedora Linux spins make the jump to offer a version that implements rpm-ostree. It’s reached the point where it can be hard to talk about all of them at the same time. Therefore we’ve introduced a new brand that will serve to simplify how we discuss rpm-ostree and how we name future atomic spins." LWN covered Project Bluefin, which is based on Fedora's rpm-ostree work, in December 2023.
카테고리:

페이지