lwn.net 피드 구독하기
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
업데이트: 1시간 23분 지남

Security updates for Tuesday

수, 2021/09/08 - 12:08오전
Security updates have been issued by openSUSE (apache2, java-11-openjdk, libesmtp, nodejs10, ntfs-3g_ntfsprogs, openssl-1_1, xen, and xerces-c), Red Hat (kernel-rt and kpatch-patch), and SUSE (ntfs-3g_ntfsprogs and openssl-1_1).

OpenSSL 3.0.0 released

화, 2021/09/07 - 10:53오후
Version 3.0 of the OpenSSL TLS library has been released; the large version-number jump (from 1.1.1) reflects a new versioning scheme.

Most applications that worked with OpenSSL 1.1.1 will still work unchanged and will simply need to be recompiled (although you may see numerous compilation warnings about using deprecated APIs). Some applications may need to make changes to compile and work correctly, and many applications will need to be changed to avoid the deprecations warnings. We have put together a migration guide to describe the major differences in OpenSSL 3.0 compared to previous releases.

OpenSSL has also been relicensed to Apache 2.0, which should end the era of "special exceptions" needed to use OpenSSL in GPL-licensed applications. See this blog entry and the changelog for more information.


Reminder: linux.conf.au 2022 Call for Sessions open + Extended

화, 2021/09/07 - 4:24오전
The linux.conf.au organizers have put out a second, extended call for proposals for the 2022 event, which will be held online starting January 14.

Please submit a talk, join us in January. We have the "venue" sorted, sponsors organised, miniconfs chosen, keynotes ready, now all we need is a wonderful program of sessions for our community to listen and watch.

Proposals are due by September 12.


[$] More IOPS with BIO caching

화, 2021/09/07 - 12:28오전
Once upon a time, block storage devices were slow, to the point that they often limited the speed of the system as a whole. A great deal of effort went into carefully ordering requests to get the best performance out of the storage device; achieving that goal was well worth expending some CPU time. But then storage devices got much faster and the equation changed. Fancy I/O-scheduling mechanisms have fallen by the wayside and effort is now focused on optimizing code so that the CPU can keep up with its storage. A block-layer change that was merged for the 5.15 kernel shows the kinds of tradeoffs that must be made to get the best performance from current hardware.

Security updates for Monday

월, 2021/09/06 - 11:37오후
Security updates have been issued by Debian (btrbk, pywps, and squashfs-tools), Fedora (libguestfs, libss7, ntfs-3g, ntfs-3g-system-compression, partclone, testdisk, wimlib, and xen), Mageia (exiv2, golang, libspf2, and ruby-addressable), openSUSE (apache2, dovecot23, gstreamer-plugins-good, java-11-openjdk, libesmtp, mariadb, nodejs10, opera, python39, sssd, and xerces-c), and SUSE (apache2, java-11-openjdk, libesmtp, mariadb, nodejs10, python39, sssd, xen, and xerces-c).

OpenWrt 21.02.0 released

월, 2021/09/06 - 5:14오전
Version 21.02.0 of the OpenWrt router distribution is out. "It incorporates over 5800 commits since branching the previous OpenWrt 19.07 release and has been under development for about one and a half year". Significant changes include WPA3 support by default, TLS support in opkg and in the LuCi interface, initial Distributed Switch Architecture support, new hardware support, and more. See the release notes for more information.

[$] Not-so-anonymous virtual memory areas

금, 2021/09/03 - 11:45오후
Computing terminology can be counterintuitive at times, but even a longtime participant in the industry may have to look twice at the notion of named anonymous memory. That, however, is just the concept that this patch set posted by Suren Baghdasaryan proposes to add. There are, it seems, developers who find the idea useful enough to not only overcome the initial cognitive dissonance that comes with it, but also to resurrect an eight-year-old patch to get it into the kernel.

Eight new stable kernels

금, 2021/09/03 - 11:02오후

Greg Kroah-Hartman has announced the release of the 5.14.1, 5.13.14, 5.10.62, 5.4.144, 4.19.206, 4.14.246, 4.9.282, and 4.4.283 stable kernels. As usual, these updates contain important fixes; users of those series should upgrade.


Security updates for Friday

금, 2021/09/03 - 10:21오후
Security updates have been issued by Debian (qemu), Fedora (condor, grilo, libopenmpt, opencryptoki, and php), openSUSE (xen), and SUSE (ffmpeg, file, php72, rubygem-addressable, and xen).

[$] 5.15 Merge window, part 1

금, 2021/09/03 - 12:12오전
As of this writing, 3,440 non-merge changesets have been pulled into the mainline repository for the 5.15 development cycle. A mere 3,440 patches may seem like a slow start, but those patches are densely populated with significant new features. Read on for a look at what the first part of the 5.15 merge window has brought.

Fuzzing 100+ open source projects with OSS-Fuzz - lessons learned (ADA Logics blog)

목, 2021/09/02 - 11:48오후
On the ADA Logics blog, David Korczynski and Adam Korczynski write about their work integrating 115 open-source projects with Google's OSS-Fuzz project for doing continuous fuzz testing. They describe the process of integrating a project into OSS-Fuzz, and discuss their findings, which include more than 2000 bugs (500+ security relevant), of which 1300+ have been fixed at this point: Throughout the process we integrated projects written in C, C++, Python, Go and Rust and the types of bugs we found across the projects are a reflection of the language the project was written in. Typically, for managed languages the bugs are within the umbrella term of uncaught exceptions and denial of service bugs, whereas in native languages the bugs are mostly split between assert violations, NULL-dereferences, heap-out-of-bounds, stack-out-of-bounds, stack overflows, integer arithmetic, memory leaks, out-of-memory and timeout bugs.

Security updates for Thursday

목, 2021/09/02 - 10:48오후
Security updates have been issued by openSUSE (ffmpeg and gstreamer-plugins-good), SUSE (apache2, apache2-mod_auth_mellon, ffmpeg, gstreamer-plugins-good, libesmtp, openexr, rubygem-puma, xen, and xerces-c), and Ubuntu (openssl).

[$] LWN.net Weekly Edition for September 2, 2021

목, 2021/09/02 - 10:30오전
The LWN.net Weekly Edition for September 2, 2021 is available.

[$] Emacs discusses web-based development workflows

목, 2021/09/02 - 7:41오전
Discussions on ways to "modernize" the Emacs editor have come up in various guises over the past few years. Changes of that nature tend to be somewhat contentious in the Emacs community, pitting the "old guard" that values the existing features (and keybindings) against those who argue for changes to make Emacs more approachable (and aesthetically pleasing) to newcomers. Those discussions tend toward mega-thread status, so it should be no surprise that a query about possibly moving Emacs development to a "forge" (e.g. GitHub or GitLab) got similar treatment. As always in Emacs-land, there are multiple facets to the discussion, including the desirability of moving away from an email-based workflow, accommodating younger, forge-centric developers without forcing existing developers into that model, and—naturally—licensing.

Security updates for Wednesday

수, 2021/09/01 - 11:51오후
Security updates have been issued by CentOS (bind, GNOME, hivex, kernel, and sssd), Debian (gpac and squashfs-tools), Fedora (c-ares and openssl), openSUSE (dovecot23), Oracle (bind, hivex, kernel, and sssd), Red Hat (kernel), Scientific Linux (bind, hivex, kernel, libsndfile, libX11, and sssd), Slackware (ntfs), SUSE (dovecot23), and Ubuntu (ntfs-3g).

FSF copyright handling: A basis for distribution, licensing and enforcement

수, 2021/09/01 - 6:03오전
The Free Software Foundation (FSF) clarifies the purpose of its copyright policies and examines the impact of potential alternatives. For some GNU packages, the ones that are FSF-copyrighted, we ask contributors for two kinds of legal papers: copyright assignments, and employer copyright disclaimers. We drew up these policies working with lawyers in the 1980s, and they make possible our steady and continuing enforcement of the GNU General Public License (GPL).

These papers serve four different but related legal purposes, all of which help ensure that the GNU Project's goals of freedom for the community are met.


[$] Cooperative package management for Python

수, 2021/09/01 - 4:46오전
A longstanding tug-of-war between system package managers and Python's own installation mechanisms (primarily pip, but there are others) looks on its way to being resolved—or at least regularized. PEP 668 ("Graceful cooperation between external and Python package managers") has been created to provide ways for the two types of package installation to work together, rather than at cross-purposes at times. Since many operating systems depend on Python tools, with package versions that may differ from those of users' Python applications, making them play together nicely should result in more stable systems.

Realtime preemption locking core merged

수, 2021/09/01 - 12:11오전
The 5.15 merge window is off to a fast start; stay tuned for our usual full summary. It is worth mentioning, though, that the realtime preemption locking code has been pulled into the mainline with little fanfare. This work began in 2004 and has fundamentally changed many parts of the core kernel. With this pull, the sleepable locks that make deterministic realtime response possible have finally joined all of that other work (though the kernel must be built with the REALTIME configuration option to use them).

Congratulations are due to all of the realtime developers who pushed this project forward for nearly two decades.


Security updates for Tuesday

수, 2021/09/01 - 12:04오전
Security updates have been issued by CentOS (libsndfile and libX11), Debian (ledgersmb, libssh, and postgresql-9.6), Fedora (squashfs-tools), openSUSE (389-ds, nodejs12, php7, spectre-meltdown-checker, and thunderbird), Oracle (kernel, libsndfile, and libX11), Red Hat (bind, cloud-init, edk2, glibc, hivex, kernel, kernel-rt, kpatch-patch, microcode_ctl, python3, and sssd), SUSE (bind, mysql-connector-java, nodejs12, sssd, and thunderbird), and Ubuntu (apr, squashfs-tools, thunderbird, and uwsgi).

[$] Some 5.14 development statistics

화, 2021/08/31 - 4:39오전
The 5.14 kernel was released on August 29 after a nine-week development period. This cycle was not as active as its predecessor, which set a record for the number of developers involved, but there was still a lot going on and a number of long-awaited features were merged. Now that the release is out, the time has come for our traditional look at where the code in 5.14 came from and how it got there.