lwn.net 피드 구독하기
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
업데이트: 2시간 5분 지남

Security updates for Friday

금, 2021/10/15 - 11:14오후
Security updates have been issued by Debian (squashfs-tools, tomcat9, and wordpress), Fedora (openssh), openSUSE (kernel, mbedtls, and rpm), Oracle (httpd, kernel, and kernel-container), SUSE (firefox, kernel, and rpm), and Ubuntu (linux-azure, linux-azure-5.4).

Ubuntu 21.10 (Impish Indri) released

금, 2021/10/15 - 2:32오전
The latest release of the Ubuntu Linux distribution is out: Ubuntu 21.10, code named "Impish Indri". The release notes fills in all of the details for the new features in this version, but the announcement lists some as well: Ubuntu Desktop 21.10 makes wayland sessions available while using the Nvidia proprietary driver. PulseAudio 15 introduces support for Bluetooth LDAC and AptX codecs, as well as HFP Bluetooth profiles providing better audio quality. The recovery key feature at installation time has been improved, with the recovery key now optional, stronger and editable. Ubuntu Desktop 21.10 includes GNOME version 40, with a new and improved Activities Overview design. Workspaces are now arranged horizontally, and the overview and app grid are accessed vertically. Each direction has accompanying keyboard shortcuts, touchpad gestures and mouse actions.

Ubuntu Server 21.10 integrates recent innovations from key open infrastructure projects like OpenStack Xena, QEMU 6.0, PHP8, libvirt 7.6, Kubernetes, and Ceph with advanced life-cycle management tools for multi-cloud and on-prem operations from bare metal, VMWare and OpenStack, to every major public cloud.


Devuan 4.0 (Chimaera) released

금, 2021/10/15 - 1:20오전
Version 4.0 of the Devuan distribution has been released; it is code-named Chimaera. This release is based on Debian Bullseye, has improved desktop support, and benefits from more accessibility work. See the release notes for details.

[$] A viable solution for Python concurrency

목, 2021/10/14 - 11:31오후
Concerns over the performance of programs written in Python are often overstated — for some use cases, at least. But there is no getting around the problem imposed by the infamous global interpreter lock (GIL), which severely limits the concurrency of multi-threaded Python code. Various efforts to remove the GIL have been made over the years, but none have come anywhere near the point where they would be considered for inclusion into the CPython interpreter. Now, though, Sam Gross has entered the arena with a proof-of-concept implementation that may solve the problem for real.

Plasma 25th Anniversary Edition released

목, 2021/10/14 - 11:03오후
The KDE project is celebrating its 25th anniversary with a special release of the Plasma desktop.

This time around, Plasma renews its looks and, not only do you get a new wallpaper, but also a gust of fresh air from an updated theme: Breeze - Blue Ocean. The new Breeze theme makes KDE apps and tools not only more attractive, but also easier to use both on the desktop and your phone and tablet.

Of course, looks are not the only you can expect from Plasma 25AE: extra speed, increased reliability and new features have also found their way into the app launcher, the software manager, the Wayland implementation, and most other Plasma tools and utilities.

Lots of details can be found in the changelog.


Security updates for Thursday

목, 2021/10/14 - 10:48오후
Security updates have been issued by Mageia (golang, grilo, mediawiki, plib, python-flask-restx, python-mpmath, thunderbird, and xstream/xmlpull/mxparser), Oracle (389-ds-base, grafana, httpd:2.4, kernel, libxml2, and openssl), Red Hat (httpd), and SUSE (kernel).

[$] LWN.net Weekly Edition for October 14, 2021

목, 2021/10/14 - 9:50오전
The LWN.net Weekly Edition for October 14, 2021 is available.

[$] Scrutinizing bugs found by syzbot

목, 2021/10/14 - 6:22오전
The syzbot kernel-fuzzing system finds an enormous number of bugs, but, since many of them may seem to be of a relatively low severity, they have a lower priority when contending for the attention of developers. A talk at the recent Linux Security Summit North America reported on some research that dug further into the bugs that syzbot has found; the results are rather worrisome. Rather than a pile of difficult- or impossible-to-exploit bugs, there are numerous, more serious problems lurking within.

Four stable kernels

수, 2021/10/13 - 11:57오후
Stable kernels 5.14.12, 5.10.73, 5.4.153, and 4.19.211 have been released with important fixes. Users of those series should upgrade.

[$] Digging into Julia's package system

수, 2021/10/13 - 11:55오후
We recently looked at some of the changes and new features arriving with the upcoming version 1.7 release of the Julia programming language. The package system provided by the language makes it easier to explore new language versions, while still preserving multiple versions of various parts of the ecosystem. This flexible system takes care of dependency management, both for writing exploratory code in the REPL and for developing projects or libraries.

Security updates for Wednesday

수, 2021/10/13 - 11:50오후
Security updates have been issued by Debian (flatpak and ruby2.3), Fedora (flatpak, httpd, mediawiki, redis, and xstream), openSUSE (kernel, libaom, libqt5-qtsvg, systemd, and webkit2gtk3), Red Hat (.NET 5.0, 389-ds-base, httpd:2.4, kernel, kernel-rt, libxml2, openssl, and thunderbird), Scientific Linux (389-ds-base, kernel, libxml2, and openssl), SUSE (apache2-mod_auth_openidc, curl, glibc, kernel, libaom, libqt5-qtsvg, systemd, and webkit2gtk3), and Ubuntu (squashfs-tools).

[$] A QEMU case study in grappling with software complexity

수, 2021/10/13 - 3:34오전
There are many barriers to producing software that is reliable and maintainable over the long term. One of those is software complexity. At the recently concluded 2021 KVM Forum, Paolo Bonzini explored this topic, using QEMU, the open source emulator and virtualizer, as a case study. Drawing on his experience as a maintainer of several QEMU subsystems, he made some concrete suggestions on how to defend against undesirable complexity. Bonzini used QEMU as a running example throughout the talk, hoping to make it easier for future contributors to modify QEMU. However, the lessons he shared are equally applicable to many other projects.

Security updates for Tuesday

수, 2021/10/13 - 12:21오전
Security updates have been issued by Debian (firefox-esr, hiredis, and icu), Fedora (kernel), Mageia (libreoffice), openSUSE (chromium, firefox, git, go1.16, kernel, mbedtls, mupdf, and nodejs8), Oracle (firefox and kernel), Red Hat (firefox, grafana, kernel, kpatch-patch, and rh-mysql80-mysql), and SUSE (apache2, containerd, docker, runc, curl, firefox, kernel, libqt5-qtsvg, and squid).

A study of data collection by Android devices

화, 2021/10/12 - 11:00오후
A group of researchers at Trinity College in Dublin has released the results of a study into the data collected by a number of Android variants. There are few surprises here, but the picture is still discouraging.

We find that the Samsung, Xiaomi, Huawei and Realme Android variants all transmit a substantial volume of data to the OS developer (i.e. Samsung etc) and to third-party parties that have pre-installed system apps (including Google, Microsoft, Heytap, LinkedIn, Facebook). LineageOS sends similar volumes of data to Google as these proprietary Android variants, but we do not observe the LineageOS developers themselves collecting data nor pre-installed system apps other than those of Google. Notably, /e/OS sends no information to Google or other third parties and sends essentially no information to the /e/OS developers.


[$] The intersection of modules, GKI, and rocket science

화, 2021/10/12 - 12:24오전
One does not normally expect a lot of controversy around a patch series that makes changes to platform-specific configurations and drivers. The furor over some work on the Samsung Exynos platform may thus be surprising. When one looks into the discussion, things become more clear; it mostly has to do with disagreements over the best ways to get hardware vendors to cooperate with the kernel development community.

Security updates for Monday

화, 2021/10/12 - 12:00오전
Security updates have been issued by Debian (apache2, mediawiki, neutron, and tiff), Fedora (chromium, dr_libs, firefox, and grafana), Mageia (apache), openSUSE (chromium and rabbitmq-server), Oracle (kernel), Red Hat (firefox and httpd24-httpd), SUSE (rabbitmq-server), and Ubuntu (libntlm).

Jörg Schilling is gone

월, 2021/10/11 - 11:28오후
Jörg Schilling, a longtime free-software developer, has passed on. Most people will remember him from his work on cdrtools and the seemingly endless drama that surrounded that work. He was a difficult character to deal with, but he also contributed some important code that, for a period, almost all of us depended on. Rest well, Jörg.

Kernel prepatch 5.15-rc5

월, 2021/10/11 - 9:25오전
The 5.15-rc5 kernel prepatch is out for testing. "So things continue to look quite normal, and it looks like the rough patch (hah!) we had early in the release is all behind us. Knock wood."

A set of stable kernels

월, 2021/10/11 - 8:40오전
The 5.14.11, 5.10.72, 5.4.152, 4.19.210, 4.14.250, 4.9.286, and 4.4.288 stable kernel updates have all been released; each contains another set of important fixes.

[$] Pulling slabs out of struct page

금, 2021/10/08 - 11:29오후
For the time being, the effort to add the folio concept to the memory-management subsystem appears to be stalled, but appearances can be deceiving. The numerous folio discussions have produced a number of points of consensus, though; one of those is that far too much of the kernel has to work with page structures to get its job done. As an example of how a subsystem might be weaned off of struct page usage, Matthew Wilcox has split out the slab allocators in a 62-part patch set. The result may be a foreshadowing of changes to come in the memory-management subsystem.