lwn.net 피드 구독하기
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
업데이트: 50분 14초 지남

Security updates for Thursday

목, 2019/03/14 - 11:46오후
Security updates have been issued by Arch Linux (chromium), Debian (libsdl1.2 and libsdl2), Fedora (firefox), Gentoo (bind, glibc, openssl, oracle-jdk-bin, webkit-gtk, and xrootd), Mageia (kernel), openSUSE (freerdp, mariadb, and obs-service-tar_scm), Oracle (openssl), Red Hat (kernel, kernel-rt, openstack-ceilometer, openstack-octavia, and tomcat), Scientific Linux (cockpit, openssl, and tomcat), and SUSE (java-1_7_1-ibm and mariadb).

[$] LWN.net Weekly Edition for March 14, 2019

목, 2019/03/14 - 10:01오전
The LWN.net Weekly Edition for March 14, 2019 is available.

[$] Turris: secure open-source routers

목, 2019/03/14 - 8:13오전

The Czech Republic top-level domain registrar, CZ.NIC, wondered about the safety of home routers, so it set out to gather some information on the prevalence of attacks against them. It turns out that one good way to do that is to create a home router that logs statistics and other information. Michal Hrušecký from CZ.NIC came to the 2019 Southern California Linux Expo (SCALE 17x) in Pasadena, CA to describe the experiment and how it grew into a larger project that makes and sells open-source routers.


[$] Python dictionary "addition" and "subtraction"

목, 2019/03/14 - 1:08오전

A proposal to add a new dictionary operator for Python has spawned a PEP and two large threads on the python-ideas mailing list. To a certain extent, it is starting to look a bit like the "PEP 572 mess"; there are plenty of opinions on whether the feature should be implemented and how it should be spelled, for example. As yet, there has been no formal decision made on how the new steering council will be handling PEP pronouncements, though a review of open PEPs is the council's "highest priority". This PEP will presumably be added into the process; it is likely too late to be included in Python 3.8 even if it were accepted soon, so there is plenty of time to figure it all out before 3.9 is released sometime in 2021.


Security updates for Wednesday

목, 2019/03/14 - 12:11오전
Security updates have been issued by Debian (libsndfile, systemd, waagent, and xmltooling), Fedora (guacamole-server, postgresql-jdbc, and xen), Oracle (cockpit and kernel), Red Hat (cockpit, docker, kernel-alt, and openssl), SUSE (ceph, java-1_7_0-ibm, java-1_7_1-ibm, openssl-1_0_0, python-azure-agent, python-numpy, and supportutils), and Ubuntu (kernel, php5, and walinuxagent).

Cook: security things in Linux v5.0

수, 2019/03/13 - 11:57오후
Kees Cook reviews some of the security-related enhancements in the 5.0 kernel. "While the C language has a statement to indicate the end of a switch case ('break'), it doesn’t have a statement to indicate that execution should fall through to the next case statement (just the lack of a 'break' is used to indicate it should fall through — but this is not always the case), and such 'implicit fall-through' may lead to bugs. Gustavo Silva has been the driving force behind fixing these since at least v4.14, with well over 300 patches on the topic alone (and over 20 missing break statements found and fixed as a result of the work). The goal is to be able to add -Wimplicit-fallthrough to the build so that the kernel will stay entirely free of this class of bug going forward. From roughly 2300 warnings, the kernel is now down to about 200. It’s also worth noting that with Stephen Rothwell’s help, this bug has been kept out of linux-next by him sending warning emails to any tree maintainers where a new instance is introduced (for example, here’s a bug introduced on Feb 20th and fixed on Feb 21st)."

The Linux Foundation's CommunityBridge platform

수, 2019/03/13 - 11:35오후
The Linux Foundation has announced a new initiative called CommunityBridge; its purpose is to help with funding and support for open-source developers. It includes some security-related services and a means for connecting developers with mentors. The program is in an "early access" mode for now.

The Linux Foundation is not the first to provide such services, of course; see this statement from the Software Freedom Conservancy for its take on this new initiative.


[$] Motivations and pitfalls for new "open-source" licenses

수, 2019/03/13 - 5:57오전

One of the bigger developments of the last year has been the introduction of licenses that purport to address perceived shortcomings in existing free and open-source software licenses. Much has been said and written about them, some of it here, and they are clearly much on the community's mind. At FOSDEM 2019, Michael Cheng gave his view on the motivations for the introduction of these licenses, whether they've been effective in addressing those motivations, what unintended consequences they may also have had, and the need for the community to develop some ground rules about them going forward.


Security updates for Tuesday

화, 2019/03/12 - 11:49오후
Security updates have been issued by Arch Linux (pacman), CentOS (java-1.7.0-openjdk), Debian (zabbix), Fedora (kernel-headers), openSUSE (libcomps), Oracle (kernel), Red Hat (chromium-browser), SUSE (ovmf and qemu), and Ubuntu (tiff).

[$] Leaderless Debian

화, 2019/03/12 - 6:43오전
One of the traditional rites of the (northern hemisphere) spring is the election for the Debian project leader. Over a six-week period, interested candidates put their names forward, describe their vision for the project as a whole, answer questions from Debian developers, then wait and watch while the votes come in. But what would happen if Debian were to hold an election and no candidates stepped forward? The Debian project has just found itself in that situation and is trying to figure out what will happen next.

Announcing the release of sway 1.0

화, 2019/03/12 - 3:05오전
Drew DeVault has announced the first stable release of sway, an i3-compatible Wayland desktop for Linux and FreeBSD. "Sway 1.0 adds a huge variety of features which were sorely missed on 0.x, improves performance in every respect, offers a more faithful implementation of Wayland, and exists as a positive political force in the Wayland ecosystem pushing for standardization and cooperation among Wayland projects."

Introducing Season of Docs

화, 2019/03/12 - 2:31오전
Google Open Source has announced Season of Docs. "During Season of Docs, technical writers will spend a few months working closely with open source communities. Each writer works with their chosen open source project. The writers bring their expertise to the projects’ documentation while at the same time learning about open source and new technologies. Mentors from participating open source organizations share knowledge of their communities’ processes and tools. Together the technical writers and mentors build a new doc set, improve the structure of the existing docs, develop a much-needed tutorial, or improve contribution processes and guides." Open source organizations may apply to take part in Season of Docs starting April 2.

SPI annual report

화, 2019/03/12 - 1:02오전
Software in the Public Interest has released its annual report [PDF] for 2018. "During the current board term SPI continues to strive for self-improvement and renewal. Treasury teamsprints, bank visits, and legal consultations during in-person meetings have helped keep the wheels turning. An overhaul of our corporate bylaws that better meets our needs is being presented to the members for their approval. And we have improved our reimbursement workflow with a view toward speedier and smoother processing."

Security updates for Monday

월, 2019/03/11 - 11:57오후
Security updates have been issued by CentOS (polkit), Debian (chromium, openjpeg2, php7.0, poppler, and symfony), Fedora (evolution, kernel, and kernel-headers), Gentoo (curl, firefox, keepalived, rdesktop, systemd, tar, wget, and zsh), openSUSE (gdm and hiawatha), Slackware (ntp), SUSE (audit, containerd, docker, docker-runc, golang-github-docker-libnetwork, runc, file, java-1_8_0-openjdk, mariadb, openssl-1_0_0, and sssd), and Ubuntu (poppler).

Some weekend stable kernel updates

월, 2019/03/11 - 1:10오전
The 5.0.1, 4.20.15, and 4.19.28 stable kernel updates have been released; each contains the usual set of important fixes.

[$] 5.1 Merge window part 1

토, 2019/03/09 - 3:14오전
As of this writing, 6,135 non-merge changesets have been pulled into the mainline repository for the 5.1 release. That is approximately halfway through the expected merge-window volume, which is a good time for a summary. A number of important new features have been merged for this release; read on for the details.

Security updates for Friday

토, 2019/03/09 - 12:35오전
Security updates have been issued by Fedora (php-typo3-phar-stream-wrapper2), Mageia (gnutls, nagios, openssl, and python-gnupg), openSUSE (apache2, ceph, chromium, openssh, and webkit2gtk3), and Ubuntu (nvidia-graphics-drivers-390).

Malcolm: Usability improvements in GCC 9

금, 2019/03/08 - 11:32오후
David Malcolm writes about improved diagnostics and more in the GCC 9 release. "Speaking of annotations, this example shows another new GCC 9 feature: diagnostics can label regions of the source code to show pertinent information. Here, what’s most important are the types of the left-hand and right-hand sides of the '+' operator, so GCC highlights them inline. Notice how the diagnostic also uses color to distinguish the two operands from each other and the operator."

[$] Controlling device peer-to-peer access from user space

금, 2019/03/08 - 5:39오전
The recent addition of support for direct (peer-to-peer) operations between PCIe devices in the kernel has opened the door for different use cases. The initial work concentrated on in-kernel support and the NVMe subsystem; it also added support for memory regions that can be used for such transfers. Jérôme Glisse recently proposed two extensions that would allow the mapping of those regions into user space and mapping device files between two devices. The resulting discussion surprisingly led to consideration of the future of core kernel structures dealing with memory management.

Security updates for Thursday

금, 2019/03/08 - 1:06오전
Security updates have been issued by openSUSE (amavisd-new, apache2, and containerd, docker, docker-runc,), Red Hat (java-1.7.1-ibm and java-1.8.0-ibm), and Ubuntu (linux, linux-azure, linux-gcp, linux-kvm, linux-raspi2, linux-hwe, linux-azure, and php5, php7.0).