lwn.net 피드 구독하기
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
업데이트: 1시간 46분 지남

A set of weekend stable kernel updates

일, 2020/10/18 - 12:27오전
The 5.9.1, 5.8.16, 5.4.72, 4.19.152, 4.14.202, 4.9.240, and 4.4.240 stable updates have all been released; each contains another set of important fixes.

[$] 5.10 Merge window, part 1

토, 2020/10/17 - 12:48오전
As of this writing, 7,153 non-merge changesets have been pulled into the mainline Git repository for the 5.10 release — over a period of four days. This development cycle is clearly off to a strong start. Read on for an overview of the significant changes merged thus far for the 5.10 kernel release.

Security updates for Friday

토, 2020/10/17 - 12:41오전
Security updates have been issued by Fedora (dnf, kernel, libdnf, python27, and python34), SUSE (blktrace, crmsh, php7, and php72), and Ubuntu (containerd, docker.io, firefox, htmlunit, and newsbeuter).

linux.conf.au 2021 call for sessions and miniconfs

금, 2020/10/16 - 6:39오전
The 2021 edition of linux.conf.au will be held online on January 23-25, 2021; the call for proposals has gone out with a relatively tight deadline of November 6. "Our theme is 'So what's next?'. We all know we're living through unprecedented change and uncertain times. How can open source play a role in creating, helping and adapting to this ongoing change? What new developments in software and coding can we look forward to in 2021 and beyond?" Since there is no travel involved, this is a rare opportunity for those who have not normally been able to participate in LCA.

[$] The Arm64 memory tagging extension in Linux

금, 2020/10/16 - 1:58오전
One of the first features merged for the 5.10 kernel development cycle was support for the Arm v8.5 memory tagging extension [PDF]. By adding a "key" value to pointers, this mechanism enables the automated detection of a wide range of memory-safety issues. The result should be safer and more secure code — once support for the feature shows up in actual hardware.

Security updates for Thursday

금, 2020/10/16 - 12:44오전
Security updates have been issued by Arch Linux (chromium), Debian (httpcomponents-client), Fedora (claws-mail), SUSE (bcm43xx-firmware, crmsh, libqt5-qtimageformats, libqt5-qtsvg, php53, php7, and rubygem-activesupport-4_2), and Ubuntu (php5, php7.0, php7.2, php7.4, python2.7, python3.4, python3.5, python3.6, and vim).

[$] LWN.net Weekly Edition for October 15, 2020

목, 2020/10/15 - 10:02오전
The LWN.net Weekly Edition for October 15, 2020 is available.

[$] Further analysis of PyPI typosquatting

목, 2020/10/15 - 6:31오전
We have looked at the problem of confusingly named packages in repositories such as the Python Package Index (PyPI) before. In general, malicious actors create these packages with names that can be mistaken for those of legitimate packages in the repository in a form of "typosquatting". Since our 2016 article, the problem has not gone away—no surprise—but there has been some recent analysis of it, as well as some efforts to combat it.

[$] A PHP syntax for discardable assignments

목, 2020/10/15 - 4:05오전
Recently, John Bafford revived a years-long conversation on expanding the syntax of the PHP foreach statement to include iterating solely over keys. Bafford, who wrote a patch and request for comments (RFC) on the matter back in 2016, hopes to update his work and convince the community to adopt the abbreviated syntax in PHP 8.1. The community took Bafford's general idea and expanded it into other areas of the language.

BleedingTooth: critical kernel Bluetooth vulnerability

목, 2020/10/15 - 2:00오전
Several flaws in the BlueZ kernel Bluetooth stack prior to Linux 5.9 are being reported by Intel and by Google (GHSA-h637-c88j-47wq, GHSA-7mh3-gq28-gfrq, and GHSA-ccx2-w2r4-x649). They are collectively being called "BleedingTooth", and more information will be forthcoming, though there is already a YouTube video demonstrating remote code execution using BleedingTooth.

A set of stable kernels

목, 2020/10/15 - 12:05오전
Stable kernels 5.8.15, 5.4.71, 4.19.151, 4.14.201, 4.9.239, and 4.4.239 have been released. They all contain important fixes and users should upgrade.

Security updates for Wednesday

수, 2020/10/14 - 11:55오후
Security updates have been issued by Debian (jackson-databind and tomcat8), Fedora (dovecot), Oracle (firefox, spice and spice-gtk, and thunderbird), Red Hat (flash-plugin), SUSE (ansible, crowbar-core, crowbar-openstack, grafana, grafana-natel-discrete-panel, openstack-aodh, openstack-barbican, openstack-cinder, openstack-gnocchi, openstack-heat, openstack-ironic, openstack-magnum, openstack-manila, openstack-monasca-agent, openstack-murano, openstack-neutron, openstack-neutron-vpnaas, openstack-nova, openstack-sahara, python-Pillow, rubygem-crowbar-client, bind, crmsh, kernel, libproxy, php74, rubygem-activesupport-5_1, and tigervnc), and Ubuntu (dom4j, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon, linux, linux-lts-trusty, and linux-hwe, linux-gke-5.0, linux-gke-5.3, linux-oem-osp1, linux-raspi2-5.3).

Krita 4.4.0 released

수, 2020/10/14 - 10:50오후
Version 4.4.0 of the Krita painting application has been released. "With a whole slew of new fill layer types, including the really versatile SeExpr based scriptable fill layer type, exciting new options for Krita’s brushes like the gradient map mode for brushes, lightness and gradient modes for brush textures, support for dynamic use of colors in gradients, webm export for animations, new scripting features — and of course, hundreds of bug fixes that make this version of Krita better than ever." See the release notes for details.

[$] Some 5.9 kernel development statistics

수, 2020/10/14 - 3:01오전
The 5.9 kernel was released on October 11, at the end of a ten-week development cycle — the first release to take more than nine weeks since 5.4 at the end of 2019. While this cycle was not as busy as 5.8, which broke some records, it was still one of the busier ones we have seen in some time, featuring 14,858 non-merge changesets contributed by 1,914 developers. Read on for our traditional look at what those developers were up to while creating the 5.9 release.

[$] Python and the infinite

수, 2020/10/14 - 2:49오전
A recent proposal on the python-ideas mailing list would add a new way to represent floating-point infinity in the language. Cade Brown suggested the change; he cited a few different reasons for it, including fixing an inconsistency in the way the string representation of infinity is handled in the language. The discussion that followed branched in a few directions, including adding a constant for "not a number" (NaN) and a more general discussion of the inconsistent way that Python handles expressions that evaluate to infinity.

Security updates for Tuesday

수, 2020/10/14 - 12:02오전
Security updates have been issued by Mageia (mariadb), openSUSE (qemu and tigervnc), Oracle (kernel), Red Hat (chromium-browser and kernel), and SUSE (php5).

An open letter to Apache OpenOffice

화, 2020/10/13 - 11:14오후
On the 20th anniversary of the open-sourcing of the OpenOffice.org suite, the LibreOffice project has sent an open letter to the Apache OpenOffice project suggesting that it is time for the latter to recognize that the game is over. "If Apache OpenOffice wants to still maintain its old 4.1 branch from 2014, sure, that’s important for legacy users. But the most responsible thing to do in 2020 is: help new users. Make them aware that there’s a much more modern, up-to-date, professionally supported suite, based on OpenOffice, with many extra features that people need."

Plausible relicenses to AGPL

화, 2020/10/13 - 11:06오후
Plausible, a web-analytics package that was reviewed here in June, has announced a move from the MIT license to the Affero GPL, version 3. "This change makes no difference to any of you who subscribe to Plausible Cloud or who self-host Plausible, but it may upset a few corporations who tried to use our software to directly compete with us without contributing back."

The Open Invention Network's expanded Linux System Definition

화, 2020/10/13 - 10:58오후
The Open Invention Network, which offers patent protection for a wide range of open-source software, has expanded its Linux System Definition — the set of software covered by the OIN patent non-aggression agreement. In particular, the new definition includes the exFAT filesystem (once the subject of a lot of patent worries), the KDE Frameworks, the Robot Operating System, and version 10 of the Android Open Source Project.

Plasma 5.20 released

화, 2020/10/13 - 10:50오후
Version 5.20 of the Plasma KDE desktop is out. "A massive release, containing improvements to dozens of components, widgets, and the desktop behavior in general. Everyday utilities and tools, such as the Panels, Task Manager, Notifications and System Settings, have all been overhauled to make them more usable, efficient, and friendlier." There are also significant improvements in Plasma's Wayland support.