lwn.net

lwn.net 피드 구독하기
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
업데이트: 2시간 14분 지남

Security updates for Thursday

금, 2020/08/07 - 1:11오전
Security updates have been issued by Debian (clamav and json-c), Fedora (python2, python36, and python37), Red Hat (thunderbird), Scientific Linux (thunderbird), SUSE (java-11-openjdk, kernel, rubygem-actionview-4_2, wireshark, xen, and xrdp), and Ubuntu (openjdk-8 and ppp).
카테고리:

[$] LWN.net Weekly Edition for August 6, 2020

목, 2020/08/06 - 9:43오전
The LWN.net Weekly Edition for August 6, 2020 is available.
카테고리:

[$] Checking out FreeCAD

목, 2020/08/06 - 4:56오전
Our look at running a CNC milling machine using open-source software led me to another tool worth looking at: FreeCAD. I wasn't previously familiar with the program, so I decided to check it out. In this article I will walk through my experiences with using FreeCAD for the first time to do a variety of CNC-related tasks I normally would have used a commercial product for. I had varying degrees of success in my endeavors, but in the end came away with a positive opinion.
카테고리:

Firefox extended tracking protection

목, 2020/08/06 - 4:44오전
This Mozilla Security Blog entry describes the new redirect-tracking protections soon to be provided by the Firefox browser. "ETP 2.0 clears cookies and site data from tracking sites every 24 hours, except for those you regularly interact with. We’ll be rolling ETP 2.0 out to all Firefox users over the course of the next few weeks."
카테고리:

[$] "Structural pattern matching" for Python, part 1

목, 2020/08/06 - 1:11오전
We last looked at the idea of a Python "match" or "switch" statement back in 2016, but it is something that has been circulating in the Python community both before and since that coverage. In June it was raised again, with a Python Enhancement Proposal (PEP) supporting it: PEP 622 ("Structural Pattern Matching"). As that title would imply, the match statement proposed in the PEP is actually a pattern-matching construct with many uses. While it may superficially resemble the C switch statement, a Python match would do far more than simply choose a chunk of code to execute based on the value of an expression.
카테고리:

Security updates for Wednesday

수, 2020/08/05 - 11:48오후
Security updates have been issued by Debian (net-snmp), Fedora (mingw-curl), openSUSE (firefox, ghostscript, and opera), Oracle (libvncserver and postgresql-jdbc), Scientific Linux (postgresql-jdbc), SUSE (firefox, kernel, libX11, xen, and xorg-x11-libX11), and Ubuntu (apport, grub2, grub2-signed, libssh, libvirt, mysql-8.0, ppp, tomcat8, and whoopsie).
카테고리:

Another set of stable kernels

수, 2020/08/05 - 11:47오후
The 5.7.13, 5.4.56, 4.19.137, and 4.14.192 stable kernel updates have been released; each contains another set of important fixes.
카테고리:

LibreOffice 7.0 released

수, 2020/08/05 - 10:43오후
Version 7.0 of the LibreOffice office suite is out. It brings a long list of new features, including: "support for OpenDocument Format (ODF) 1.3; Skia graphics engine and Vulkan GPU-based acceleration for better performance; and carefully improved compatibility with DOCX, XLSX and PPTX files". The plan to create a differentiated "enterprise edition" that was discussed in July has been deferred and is not part of this release.
카테고리:

Security updates for Tuesday

화, 2020/08/04 - 11:30오후
Security updates have been issued by Debian (libx11, webkit2gtk, and zabbix), Fedora (webkit2gtk3), openSUSE (claws-mail, ghostscript, and targetcli-fb), Red Hat (dbus, kpatch-patch, postgresql-jdbc, and python-pillow), Scientific Linux (libvncserver and postgresql-jdbc), SUSE (kernel and python-rtslib-fb), and Ubuntu (ghostscript, sqlite3, squid3, and webkit2gtk).
카테고리:

Linux Foundation announces Open Source Security Foundation

화, 2020/08/04 - 5:14오전
The Linux Foundation has announced the formation of the Open Source Security Foundation (OpenSSF). The foundation aims to improve the security of open source software. "The OpenSSF brings together the industry’s most important open source security initiatives and the individuals and companies that support them. The Linux Foundation’s Core Infrastructure Initiative (CII), founded in response to the 2014 Heartbleed bug, and the Open Source Security Coalition, founded by the GitHub Security Lab, are just a couple of the projects that will be brought together under the new OpenSSF. The Foundation’s governance, technical community and its decisions will be transparent, and any specifications and projects developed will be vendor agnostic. The OpenSSF is committed to collaboration and working both upstream and with existing communities to advance open source security for all."
카테고리:

[$] Some statistics from the 5.8 kernel cycle

화, 2020/08/04 - 3:34오전
Linus Torvalds released the 5.8 kernel on August 2, concluding another nine-week development cycle. By the time the work was done, 16,306 non-merge changesets had been pulled into the mainline repository for this release. That happens to be a record, beating the previous record holder (4.9, released in December 2016) by 92 changesets. It was, in other words, a busy development cycle. It's time for our traditional look into where that work came from to see what might be learned.
카테고리:

Julia 1.5 has been released

화, 2020/08/04 - 2:30오전
Version 1.5 of the Julia programming language has been released. On the Julia blog, Jeff Bezanson and Stefan Karpinski describe the highlights of the release, which includes struct layout improvements for decreasing heap allocations, stabilization of the multithreading API, faster random numbers, changes to the scoping rules in the read-eval-print loop (REPL), and more. "Julia excels at simulations, so random numbers are important to a lot of users of the language. For this release Rafael Fourquet, one of the primary architects of the Random standard library and a prolific contributor in general, implemented some impressive algorithmic improvements for some popular cases. The first is a major improvement when generating normally-distributed double-precision floats. Calling randn(1000) is nearly twice as fast in Julia 1.5 compared with Julia 1.4. Generating random booleans also got much faster: rand(Bool, 1000) is nearly 6x faster. Finally, sampling from discrete collections has also gotten faster: rand(1:100, 1000) got 25% faster." LWN looked at Julia (part 1, part 2) back in 2018, shortly after the release of Julia 1.0.
카테고리:

Debian 10.5 released

월, 2020/08/03 - 11:56오후
Debian 10 "buster" received a fifth update. In addition to the usual security and bug fixes, this point release addresses Debian Security Advisory: DSA-4735-1 grub2. This security update covers multiple CVE issues regarding the GRUB2 UEFI SecureBoot 'BootHole' vulnerability.
카테고리:

Security updates for Monday

월, 2020/08/03 - 11:37오후
Security updates have been issued by Arch Linux (ffmpeg, libjcat, mbedtls, tcpreplay, and wireshark-cli), Debian (ark, evolution-data-server, libjpeg-turbo, libopenmpt, libpam-radius-auth, libphp-phpmailer, libssh, ruby-zip, thunderbird, and transmission), Fedora (chromium, clamav, claws-mail, evolution-data-server, freerdp, glibc, java-latest-openjdk, nspr, and nss), Gentoo (libsndfile, pycrypto, python, snmptt, thunderbird, and webkit-gtk), Mageia (botan2, chocolate-doom, cloud-init, dnsmasq, freerdp/remmina, gssdp/gupnp, java-1.8.0-openjdk, matio, microcode, nasm, openjpeg2, pcre2, php-phpmailer, redis, roundcubemail, ruby-rack, thunderbird, virtualbox, and xerces-c), openSUSE (claws-mail, ldb, and libraw), Oracle (firefox), Red Hat (bind, grub2, kernel-rt, libvncserver, nss and nspr, and qemu-kvm-rhev), Scientific Linux (firefox), Slackware (thunderbird), and SUSE (firefox, kernel, and targetcli-fb).
카테고리:

The 5.8 kernel is out

월, 2020/08/03 - 7:10오전
Linus has released the 5.8 kernel. "So I considered making an rc8 all the way to the last minute, but decided it's not just worth waiting another week when there aren't any big looming worries around." Headline features in this release include: branch target identification and shadow call stacks for the arm64 architecture, the BPF iterator mechanism, inline encryption support in the block layer, the CAP_PERFMON and CAP_BPF capabilities, a generalized kernel event-notification subsystem, the KCSAN data-race detector, and more. As always, see the KernelNewbies 5.8 page for more information.
카테고리:

[$] Netgpu and the hazards of proprietary kernel modules

토, 2020/08/01 - 4:46오전
On its face, the netgpu patch set appears to add a useful feature: the ability to copy network data directly between a network adapter and a GPU without moving it through the host CPU. This patch set has quickly become an example of how not to get work into the kernel, though; it has no chance of being merged in anything like its current form and has created a backlash designed to keep modules like it from ever working in mainline kernels. It all comes down to one fundamental mistake: basing kernel work on a proprietary kernel module.
카테고리:

Stable kernels 5.7.12, 5.4.55, 4.19.136, 4.14.191, 4.9.232, and 4.4.232

토, 2020/08/01 - 3:21오전
Greg Kroah-Hartman has released the 5.7.12, 5.4.55, 4.19.136, 4.14.191, 4.9.232, and 4.4.232 stable kernels. As usual, these contain lots of important fixes throughout the tree; users should upgrade.
카테고리:

X.org security fixes address potential ASLR bypass, heap corruption

토, 2020/08/01 - 2:38오전
The X.Org project has announced two security advisories that impact Xserver and libX11. The first advisory for X server is regarding uninitialized memory in AllocatePixmap() that could lead to address space layout randomization bypass. The second, impacting libX11, is a heap corruption caused by integer overflows and signed/unsigned comparisons.
카테고리:

Security updates for Friday

토, 2020/08/01 - 1:32오전
Security updates have been issued by Debian (grub2 and mercurial), Fedora (chromium, firefox, and freerdp), Oracle (firefox and kernel), Red Hat (firefox), Scientific Linux (firefox, grub2, and kernel), and SUSE (ghostscript and targetcli-fb).
카테고리:

systemd 246 released

금, 2020/07/31 - 11:41오후
Systemd 246 has been released. There is an incredibly long list of new features, many of which have to do with support for encrypted and signed disk volumes. "Various command line parameters and configuration file settings that configure key or certificate files now optionally take paths to AF_UNIX sockets in the file system. If configured that way a stream connection is made to the socket and the required data read from it. This is a simple and natural extension to the existing regular file logic, and permits other software to provide keys or certificates via simple IPC services, for example when unencrypted storage on disk is not desired."
카테고리:

페이지