lwn.net 피드 구독하기
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
업데이트: 1시간 54분 지남

Kernel prepatch 5.5-rc5 and stable updates

월, 2020/01/06 - 9:24오전
The 5.5-rc5 kernel prepatch has been released. Linus added a note to the release announcement: "One sad piece of news I got this past week was that Bruce Evans has passed away. Bruce wasn't really ever really much directly involved in Linux development - he was active on the BSD side - but he was the developer behind Minix/i386, which was what I used for the original Linux development in the very early days before Linux became self-hosting."

On the stable-update side, 5.4.8, 4.19.93, 4.14.162, 4.9.208, and 4.4.208 are all available with another set of important fixes.


[$] Some median Python NaNsense

토, 2020/01/04 - 7:11오전
Anybody who has ever taken a numerical analysis course understands that floating-point arithmetic on computers is a messy affair. Even so, it is easy to underestimate just how messy things can be. This topic came to the fore in an initially unrelated python-ideas mailing-list thread; what should the Python statistics module do with floating-point values that are explicitly not numbers?

The Schism at the Heart of the Open-Source Movement (The Atlantic)

토, 2020/01/04 - 6:16오전
It is not all that often that the mainstream press looks at issues in the open-source world, but this article from The Atlantic does just that; it looks at the controversy surrounding GitHub renewing its contract with the US Immigration and Customs Enforcement (ICE) agency and the concerns some have had with their code being used by ICE. "So when news of GitHub’s contract with ICE emerged, its employees weren’t the only ones outraged. Because of the transitive nature of open source, volunteer developers—who host code on the site to share with others—may have unwittingly contributed to the code GitHub furnished for ICE, the agency responsible for enforcing immigration policy. Some were troubled by the idea that their code might in some way be used to help agents detain and deport undocumented migrants. But their outrage—and the backlash to it—reveals existential questions about the very nature of open source."

Security updates for Friday

토, 2020/01/04 - 5:58오전
Security updates have been issued by Debian (netty) and Fedora (libssh, nethack, php, samba, and xen).

[$] A medley of performance-related BPF patches

금, 2020/01/03 - 7:49오전
One of the advantages of the in-kernel BPF virtual machine is that it is fast. BPF programs are just-in-time compiled and run directly by the CPU, so there is no interpreter overhead. For many of the intended use cases, though, "fast" can never be quite fast enough. It is thus unsurprising that there are currently a number of patch sets under development that are intended to speed up one aspect or another of using BPF in the system. A few, in particular, seem about ready to hit the mainline.

Ruby 2.7 released

금, 2020/01/03 - 2:46오전
Over the holiday week, we missed the announcement of Ruby 2.7 on December 25. It is the most recent release of the Ruby programming language and was more than a year in development. There are quite a few new features including experimental pattern matching for case statements (more information can be found in these slides), a new compaction garbage collector for the heap, support for separating positional and keyword arguments, and plenty more.

Security updates for Thursday

목, 2020/01/02 - 11:40오후
Security updates have been issued by Red Hat (chromium-browser and rh-git218-git) and SUSE (java-1_8_0-ibm and openssl-1_1).

[$] LWN.net Weekly Edition for January 2, 2020

목, 2020/01/02 - 9:50오전
The LWN.net Weekly Edition for January 2, 2020 is available.

[$] Python first()

목, 2020/01/02 - 5:18오전
Python prides itself on being a newbie-friendly language; its developers have gone out of their way to try to ensure that easy tasks are straightforward to program. A recent discussion on the python-ideas mailing list looked at a use case that is common, but often implemented in an inefficient, incorrect fashion, with an eye toward making it easier to do correctly. Finding the first match for a regular expression in a body of text is where the conversation started, but it went in some other interesting directions as well.

[$] LWN's 2020 vision

목, 2020/01/02 - 5:14오전
January 1, 2020 marks the beginning of a new year and a new decade. Many things will doubtless change over the course of this year in the free-software community and beyond, while others will remain the same. One thing that will certainly hold true is LWN's tradition of starting the new year with some ill-advised predictions about what may be in store. Your editor has no special vision, but neither does he fear being proved badly wrong in a public setting — it's all in a day's work.

Security updates for Wednesday

목, 2020/01/02 - 12:51오전
Security updates have been issued by Debian (igraph, jhead, libgcrypt20, otrs2, and waitress) and Mageia (clamaw, exiv2, filezilla, hunspell, libidn2, pdfresurrect, roundcubemail, and xpdf).

[$] Fedora and fstrim

수, 2020/01/01 - 7:20오전
A proposal to periodically run the fstrim command on Fedora 32 systems was discussed recently on the Fedora devel mailing list. fstrim is used to cause a filesystem to inform the underlying storage of unused blocks, which can help SSDs and other types of block devices perform better. There were a number of questions and concerns raised, including whether to change the behavior of earlier versions of the distribution when they get upgraded and if the kernel should be responsible for handling the whole problem.

Stable kernel updates

수, 2020/01/01 - 3:36오전
Stable kernels 5.4.7, 4.19.92, and 4.14.161 have been released. They all contain important fixes and users should upgrade.

Security updates for Tuesday

수, 2020/01/01 - 12:54오전
Security updates have been issued by Debian (intel-microcode and libbsd), openSUSE (chromium, LibreOffice, and spectre-meltdown-checker), and SUSE (mozilla-nspr, mozilla-nss and python-azure-agent).

Security updates for Monday

화, 2019/12/31 - 12:46오전
Security updates have been issued by Debian (debian-lan-config, freeimage, imagemagick, libxml2, mediawiki, openssl1.0, php5, and tomcat8).

The results from the Debian init-system GR

월, 2019/12/30 - 11:54오후
The results from the Debian general resolution vote on init systems are in; the project's developers chose the option titled "Systemd but we support exploring alternatives". It makes systemd into the preferred init system, and allows packages to use systemd-specific features; packagers are not required to support other init systems, but support for other systems is encouraged where it is practical.

Kernel prepatch 5.5-rc4

월, 2019/12/30 - 11:44오후
The 5.5-rc4 kernel prepatch is out for testing. "To absolutely nobody's surprise, last week was very quiet indeed. It's hardly even worth making an rc release, but there are _some_ fixes in here, so here's the usual weekly Sunday afternoon rc."

Garrett: Wifi deauthentication attacks and home security

토, 2019/12/28 - 2:54오전
Matthew Garrett works out how to avoid being recorded by "Ring" door cameras in his apartment building. "The most interesting one here is the deauthentication frame that access points can use to tell clients that they're no longer welcome. These can be sent for a variety of reasons, including resource exhaustion or authentication failure. And, by default, they're entirely unprotected. Anyone can inject such a frame into your network and cause clients to believe they're no longer authorised to use the network, at which point they'll have to go through a new authentication cycle - and while they're doing that, they're not able to send any other packets."

Security updates for Friday

토, 2019/12/28 - 2:44오전
Security updates have been issued by SUSE (dia, kernel, and libgcrypt).

[$] KRSI — the other BPF security module

토, 2019/12/28 - 2:29오전
One of the first uses of the BPF virtual machine outside of networking was to implement access-control policies for the seccomp() system call. Since then, though, the role of BPF in the security area has not changed much in the mainline kernel, even though BPF has evolved considerably from the "classic" variant still used with seccomp() to the "extended" BPF now supported by the kernel. That has not been for a lack of trying, though. The out-of-tree Landlock security module was covered here over three years ago. We also looked at the kernel runtime security instrumentation (KRSI) patch set in September. KP Singh has posted a new KRSI series, so the time seems right for a closer look.