lwn.net 피드 구독하기
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
업데이트: 30분 8초 지남

Fedora 27 has reached its end of life

토, 2018/12/01 - 7:43오전
As of today, Fedora 27 will not be getting any more updates, including security updates. Users should be planning to upgrade more or less immediately. "Fedora 28 will continue to receive updates until 4 weeks after the release of Fedora 30. The maintenance schedule of Fedora releases is documented on the Fedora Project wiki. The Fedora Project wiki also contains instructions on how to upgrade from a previous release of Fedora to a version receiving updates."

[$] Binary portability for BPF programs

토, 2018/12/01 - 2:52오전
The BPF virtual machine is the same on all architectures where it is supported; architecture-specific code takes care of translating BPF to something the local processor can understand. So one might be tempted to think that BPF programs would be portable across architectures but, in many cases, that turns out not to be true. During the BPF microconference at the Linux Plumbers Conference, Alexei Starovoitov (assisted by Yonghong Song, who has done much of the work described) explained the problem and the work that has been done toward "compile once, run everywhere" BPF.

Security updates for Friday

토, 2018/12/01 - 2:27오전
Security updates have been issued by Debian (libarchive, perl, and qemu), Fedora (glibc, glusterfs, links, and moodle), Gentoo (libsndfile and postgresql), openSUSE (openssh, rubygem-loofah, and tiff), Oracle (ruby), Red Hat (ruby), and Ubuntu (libssh and linux-aws).

SFC: Appeal Moving Forward in GPL Compliance Suit Against VMware

금, 2018/11/30 - 6:38오전
The Software Freedom Conservancy reports that the first hearing in the appeal of the GPL enforcement lawsuit against VMware has been held in Germany. "The hearing yesterday was a tiny step in a long process toward resolving this issue, and, as we understand the situation, nothing is yet decided."

Go 2, here we come (Go Blog)

금, 2018/11/30 - 5:18오전
The Go Blog looks forward to version 2 of the Go language. "A major difference between Go 1 and Go 2 is who is going to influence the design and how decisions are made. Go 1 was a small team effort with modest outside influence; Go 2 will be much more community-driven. After almost 10 years of exposure, we have learned a lot about the language and libraries that we didn’t know in the beginning, and that was only possible through feedback from the Go community."

[$] Taming STIBP

금, 2018/11/30 - 1:11오전
The Spectre class of hardware vulnerabilities was apparently so-named because it can be expected to haunt us for some time. One aspect of that haunting can be seen in the fact that, nearly one year after Spectre was disclosed, the kernel is still unable to prevent one user-space process from attacking another in some situations. An attempt to provide that protection using a new x86 microcode feature called STIBP has run into trouble once its performance impact was understood; now a more nuanced approach may succeed in providing protection where it is needed without slowing down everybody else.

Security updates for Thursday

목, 2018/11/29 - 11:12오후
Security updates have been issued by Gentoo (openssl and rpm), Mageia (icecast and yaml-cpp), Oracle (kernel and sos-collector), Red Hat (rh-ruby23-ruby, rh-ruby24-ruby, and rh-ruby25-ruby), Slackware (samba), SUSE (tomcat6), and Ubuntu (ghostscript).

[$] LWN.net Weekly Edition for November 29, 2018

목, 2018/11/29 - 9:51오전
The LWN.net Weekly Edition for November 29, 2018 is available.

[$] event-stream, npm, and trust

목, 2018/11/29 - 6:19오전

Malware inserted into a popular npm package has put some users at risk of losing Bitcoin, which is certainly worrisome. More concerning, though, is the implications of how the malware got into the package—and how the package got distributed. This is not the first time we have seen package-distribution channels exploited, nor will it be the last, but the underlying problem requires more than a technical solution. It is, fundamentally, a social problem: trust.


Security updates for Wednesday

목, 2018/11/29 - 1:07오전
Security updates have been issued by Arch Linux (powerdns-recursor and samba), Debian (ghostscript), Fedora (community-mysql, flatpak, gettext, git, php-PHPMailer, php-phpmailer6, and wireshark), Oracle (kernel and NetworkManager), Scientific Linux (ghostscript, kernel, NetworkManager, and sos-collector), SUSE (dpdk, java-1_7_1-ibm, kernel, python-oslo.cache, python-oslo.concurrency, python-oslo.db, python-oslo.log, python-oslo.messaging, python-oslo.middleware, python-oslo.serialization, python-oslo.service, python-oslo.utils, python-oslo.versionedobjects, python-oslo.vmware, python-oslotest, qemu, rubygem-loofah, tiff, tomcat, and util-linux), and Ubuntu (git, openjdk-8, openjdk-lts, samba, systemd, and webkit2gtk).

[$] Filesystems and case-insensitivity

수, 2018/11/28 - 10:41오후

A recurring topic in filesystem-developer circles is on handling case-insensitive file names. Filesystems for other operating systems do so but, by and large, Linux filesystems do not. In the Kernel Summit track of the 2018 Linux Plumbers Conference (LPC), Gabriel Krisman Bertazi described his plans for making Linux filesystems encoding-aware as part of an effort to make ext4, and possibly other filesystems, interoperable with case-insensitivity in Android, Windows, and macOS.


A set of stable kernels

수, 2018/11/28 - 6:36오전
Greg Kroah-Hartman has released stable kernels 4.19.5, 4.14.84, 4.9.141, 4.4.165, and 3.18.127. They all contain important fixes and users should upgrade.

Security updates for Tuesday

수, 2018/11/28 - 1:05오전
Security updates have been issued by Debian (gnuplot and samba), Fedora (flatpak, kernel-headers, kernel-tools, mariadb-connector-c, php-PHPMailer, php-phpmailer6, and xml-security-c), Gentoo (binutils, libav, mupdf, spice-gtk, strongswan, and tablib), Mageia (libpng(12), mariadb, and openssl), Oracle (ghostscript), Red Hat (.NET Core, ghostscript, java-1.7.1-ibm, kernel, kernel-alt, kernel-rt, NetworkManager, rh-nginx112-nginx, rh-nginx114-nginx, and sos-collector), Scientific Linux (389-ds-base, binutils, curl and nss-pem, fuse, git, glibc, glusterfs, GNOME, gnutls, jasper, java-1.7.0-openjdk, java-11-openjdk, kernel, krb5, libcdio, libkdcraw, libmspack, libreoffice, libvirt, openssl, ovmf, python, python-paramiko, samba, setup, sssd, thunderbird, wget, wpa_supplicant, X.org X11, xerces-c, xorg-x11-server, zsh, and zziplib), SUSE (dom4j, glib2, java-1_7_0-ibm, java-1_7_1-ibm, openssh, postgresql94, procps, qemu, and tiff), and Ubuntu (samba).

[$] Updates on the KernelCI project

화, 2018/11/27 - 6:01오전

The kernelci.org project develops and operates a distributed testing infrastructure for the kernel. It continuously builds, boots, and tests multiple kernel trees on various types of boards. Kevin Hilman and Gustavo Padovan led a session in the Testing & Fuzzing microconference at the 2018 Linux Plumbers Conference (LPC) to describe the project, its goals, and its future.


[$] Toward a kernel maintainer's guide

화, 2018/11/27 - 2:07오전
"Who's on Team Xmas Tree?" asked Dan Williams at the beginning of his talk in the Kernel Summit track of the 2018 Linux Plumbers Conference. He was referring to a rule for the ordering of local variable declarations within functions that is enforced by a minority of kernel subsystem maintainers — one of many examples of "local customs" that can surprise developers when they submit patches to subsystems where they are not accustomed to working. Documenting these varying practices is a small part of Williams's project to create a kernel maintainer's manual, but it seems to be where the effort is likely to start.

Security updates for Monday

화, 2018/11/27 - 12:46오전
Security updates have been issued by Debian (gnuplot5, icecast2, liblivemedia, otrs2, phpbb3, roundcube, squid3, and xml-security-c), Fedora (kio-extras, tmux, and xen), Gentoo (asterisk, chromium, exiv2, ghostscript-gpl, and thunderbird), openSUSE (libwpd, openssl, openssl-1_1, postgresql10, and SDL2_image), Red Hat (chromium-browser, rh-mysql57-mysql, rh-nginx110-nginx, and rh-nginx18-nginx), SUSE (exiv2, libgcrypt, rpm, and tiff), and Ubuntu (firefox and qemu).

Kernel prepatch 4.20-rc4

월, 2018/11/26 - 9:26오전
Linus has released the 4.20-rc4 kernel prepatch. "Nothing looks particularly odd or scary, although we do have some known stuff still pending."

Stable kernel updates

토, 2018/11/24 - 12:38오전
Greg Kroah-Hartman has released a number of stable kernels over the last few days, 3.18.126 on November 22, and, on November 23: 4.19.4, 4.14.83, and 4.9.193. Two problems were reported for 4.9.193, which quickly led to the release of 4.9.194. As usual, these kernels contain important fixes; users of those series should upgrade.

Security updates for Friday

토, 2018/11/24 - 12:30오전
Security updates have been issued by Arch Linux (flashplugin, lib32-libtiff, and webkit2gtk), Debian (libphp-phpmailer and openjdk-7), Mageia (flash-player-plugin, Ghostscript, and poppler), openSUSE (chromium and virtualbox), and SUSE (java-1_8_0-ibm, libwpd, openssl, openssl-1_1, realtime-kernel, salt, and SDL_image).

Security updates for (US) Thanksgiving Day

금, 2018/11/23 - 4:04오전
Security updates have been issued by Debian (ceph, openssl, and pixman), Fedora (kernel-headers, kernel-tools, libconfuse, python-urllib3, and xen), Mageia (gettext and roundcubemail), openSUSE (GraphicsMagick and libwpd), Oracle (thunderbird), Slackware (openssl), and Ubuntu (libapache2-mod-perl2).