lwn.net 피드 구독하기
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
업데이트: 2시간 57분 지남

GNOME supported by the Sovereign Tech Fund

금, 2023/11/10 - 11:34오후
The GNOME Foundation has announced the receipt of a €1 million award from the German Sovereign Tech Fund. The funding will support work on accessibility, privacy, hardware support, and more.

Security updates for Friday

금, 2023/11/10 - 11:18오후
Security updates have been issued by Fedora (community-mysql, matrix-synapse, and xorg-x11-server-Xwayland), Mageia (squid and vim), Oracle (dnsmasq, python3, squid, squid:4, and xorg-x11-server), Red Hat (fence-agents, insights-client, kernel, kpatch-patch, mariadb:10.5, python3, squid, squid:4, tigervnc, and xorg-x11-server), Scientific Linux (bind, firefox, java-1.8.0-openjdk, java-11-openjdk, kernel, libssh2, python-reportlab, python3, squid, thunderbird, and xorg-x11-server), SUSE (go1.21), and Ubuntu (linux-gke and linux-iot).

[$] The push to save Itanium

금, 2023/11/10 - 12:25오전
It is (relatively) easy to add code to the kernel; it tends to be much harder to remove that code later. The most recent example of this dynamic can be seen in the story of the ia64 ("Itanium") architecture, support for which was removed during the 6.7 merge window. That removal has left a small group of dedicated ia64 users unhappy and clinging to a faint hope that this support could return in a year's time.

Security updates for Thursday

목, 2023/11/09 - 10:56오후
Security updates have been issued by Debian (cacti and chromium), Fedora (CuraEngine, podman, and rubygem-rmagick), Mageia (gnome-shell, openssl, and zlib), SUSE (salt), and Ubuntu (xrdp).

[$] LWN.net Weekly Edition for November 9, 2023

목, 2023/11/09 - 9:06오전
The LWN.net Weekly Edition for November 9, 2023 is available.

The 2023 TAB election deadline is approaching

목, 2023/11/09 - 6:15오전
The reminder has gone out: the deadline for nominations for the Linux Foundation Technical Advisory Board is November 13. If you are interested in representing the kernel community on the TAB, now is the time to put together a self-nomination and get onto the ballot.

[$] Reducing patch postings to linux-kernel

목, 2023/11/09 - 5:45오전
The linux-kernel mailing list famously gets an enormous amount of email on a daily basis; the volume is so high that various email providers try to rate-limit it, which can lead to huge backlogs on the sending side and, of course, delayed mail. Part of the reason there is so much traffic is that nearly every patch gets copied to the mailing list, even when it may be unnecessary to do so. A proposed change would start shunting some of that patch email aside and, as might be guessed, has both supporters and detractors, but the discussion does highlight some of the different ways the mailing list is used by kernel developers.

A pile of stable kernel updates

목, 2023/11/09 - 12:05오전
The 6.6.1, 6.5.11, 6.1.62, 5.4.260, 4.19.298, and 4.14.329 stable kernel updates have all been released, each contains another set of important fixes.

Note that 5.15.138 and 5.10.200 ended up going into a second round of review; they can be expected in the near future.


Chamberlain v. Home Assistant

수, 2023/11/08 - 11:58오후
The developers of Home Assistant, which has recently been covered here, have announced that they will be removing support for Chamberlain and Liftmaster garage-door openers after being locked out by the company.

Because we cannot continue to work around Chamberlain Group if they keep blocking access to third parties, the MyQ integration will be removed from Home Assistant in the upcoming 2023.12 release on December 6, 2023. We are very disappointed that it has come to this and sincerely hope that Chamberlain Group is willing to reconsider its position.

Longtime readers may remember that Chamberlain tried to use the DMCA to block the use of third-party remotes nearly 20 years ago.


Canonical reveals more details about Ubuntu Core Desktop (Register)

수, 2023/11/08 - 11:37오후
The Register attended a talk about Ubuntu's upcoming Core Desktop immutable distribution.

We suspect that Core Desktop might yet be the tool that validates Canonical's Snap format and helps to overcome some of the resistance it faces. Snap's single-file distribution format is simple and enables transactional installation – including, critically, rollback – without a fancy filesystem underneath, or elaborate distribution methods such as libostree.


Security updates for Wednesday

수, 2023/11/08 - 11:30오후
Security updates have been issued by Debian (python-urllib3 and tang), Fedora (chromium, mlpack, open-vm-tools, and salt), Red Hat (avahi, binutils, buildah, c-ares, cloud-init, containernetworking-plugins, cups, curl, dnsmasq, edk2, flatpak, frr, gdb, ghostscript, glib2, gmp, grafana, haproxy, httpd, mod_http2, java-21-openjdk, kernel, krb5, libfastjson, liblouis, libmicrohttpd, libpq, libqb, librabbitmq, LibRaw, libreoffice, libreswan, libssh, libtiff, libvirt, libX11, linux-firmware, mod_auth_openidc, ncurses, nghttp2, opensc, pcs, perl-CPAN, perl-HTTP-Tiny, podman, procps-ng, protobuf-c, python-cryptography, python-pip, python-tornado, python-wheel, python3.11, python3.11-pip, python3.9, qemu-kvm, qt5 stack, runc, samba, samba, evolution-mapi, openchange, shadow-utils, skopeo, squid, sysstat, tang, tomcat, toolbox, tpm2-tss, webkit2gtk3, wireshark, xorg-x11-server, xorg-x11-server-Xwayland, and yajl), Slackware (sudo), SUSE (squid), and Ubuntu (python-urllib3).

[$] Progress in wrangling the Python C API

수, 2023/11/08 - 5:12오전
There has been a lot of action for the Python C API in the last month or so—much of it organizational in nature. As predicted in our late September article on using the "limited" C API in the standard library, the core developer sprint in October was the scene of some discussions about the API and the plans for it. Out of those discussions have come two PEPs, one of which describes the API, its purposes, strengths, and weaknesses, while the other would establish a C API working group to coordinate and oversee the development and maintenance of it.

Sponsorship for the Openwall lists

수, 2023/11/08 - 12:26오전
Alexander "Solar Designer" Peslyak, the longtime maintainer of the oss-security and linux-distros mailing lists, has announced that this work has gained a sponsor:

After 15+ years of being a 100% volunteer effort, Openwall's maintenance of oss-security and (linux-)distros is finally sponsored by the OpenSSF, a project of the Linux Foundation. This sponsorship does not provide the Linux Foundation with the ability to set policies for community resources managed by Openwall. I am grateful for the support, which will help ensure continued operation of these resources on a new level while retaining independence.

As part of this arrangement, Peslyak is now producing statistics on vulnerability handling; the first set for 2023 has been posted.


Fedora 39 released

화, 2023/11/07 - 11:24오후
Fedora 39 has been released, one day after the Fedora project's 20th anniversary. See the list of approved changes and this Fedora Magazine article for more information.

As always, we’ve updated many, many other packages as we work to bring you the best of everything the free and open source software world has to offer. Fedora Linux 39 includes gcc 13.2, binutils 2.40, glibc 2.38, gdb 13.2, and rpm 4.19. It also has updates to popular programming language stacks, including Python 3.12 and Rust 1.73.


Security updates for Tuesday

화, 2023/11/07 - 11:15오후
Security updates have been issued by Debian (trapperkeeper-webserver-jetty9-clojure), Mageia (libsndfile, packages, thunderbird, and x11-server), Oracle (.NET 6.0), SUSE (kernel, kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools- container, virt-operator-container, redis, and squid), and Ubuntu (gsl).

[$] The BPF-programmable network device

화, 2023/11/07 - 1:23오전
Containers and virtual machines on Linux communicate with the world via virtual network devices. This arrangement makes the full power of the Linux networking stack available, but it imposes the full overhead of that stack as well. Often, the routing of this networking traffic can be handled with relatively simple logic; the BPF-programmable network device, which was merged for the 6.7 kernel release, makes it possible to avoid expensive network processing, in at least some cases.

Security updates for Monday

월, 2023/11/06 - 11:22오후
Security updates have been issued by Debian (chromium, open-vm-tools, openjdk-17, pmix, and trafficserver), Fedora (netconsd, podman, suricata, and usd), Oracle (.NET 6.0, .NET 7.0, binutils, ghostscript, java-1.8.0-openjdk, kernel, and squid), SUSE (apache-ivy, gstreamer-plugins-bad, kernel, nodejs12, opera, poppler, rubygem-activesupport-5.2, tiff, util-linux, and virtualbox), and Ubuntu (krb5).

First handset with MTE on the market (Project Zero)

토, 2023/11/04 - 3:24오전
The Google Project Zero blog celebrates the launch of the Pixel 8 handset, the first to make use of Arm's Memory Tagging Extension (MTE). Linux has supported MTE since the 5.10 release in 2020, but that support has only now shown up (in experimental form) in an available handset.

I think this is a huge improvement for the general security of the device - many zero-click attack surfaces involve large amounts of unsafe C/C++ code, whether that's WebRTC for calling, or one of the many media or image file parsing libraries. MTE is not a silver bullet for memory safety - but the release of the first production device with the ability to run almost all user-mode applications with synchronous-MTE is a huge step forward, and something that's worth celebrating!

The article includes detailed instructions for how to turn the MTE feature on.


OpenELA's first code drop

토, 2023/11/04 - 1:33오전
The Open Enterprise Linux Association, a joint venture founded by CIQ, Oracle, and SUSE, has announced its first code release.

OpenELA is excited to announce that the source code for all packages necessary for anyone to build a derivative Enterprise Linux operating system is now available. The initial focus is on EL8 and EL9, and packages for EL7 are forthcoming. The project is committed to ensuring the continued availability of EL sources to the community indefinitely.

The organization has also announced a technical steering committee made up of "highly experienced individuals from the founding companies".


[$] The first half of the 6.7 merge window

금, 2023/11/03 - 11:19오후
As of this writing, 9,842 non-merge changesets have found their way into the mainline repository since the 6.7 merge window opened. Nearly a third of those consist of the entire bcachefs development history but, even discounting that, there has been a lot of material landing for the next release. Read on for a summary of the most interesting changes pulled so far in this development cycle.