LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
업데이트: 56분 18초 지남
목, 2018/12/20 - 9:24오전
The LWN.net Weekly Edition for December 20, 2018 is available.
목, 2018/12/20 - 6:56오전
The December 20 LWN.net Weekly Edition is the final one for the year; as
usual, we will be taking the last week of the year off for a brief rest.
LWN, which is about to conclude its 21st year of publication, has had the
time to build up some traditions, one of which is a year-end retrospective
that evaluates the
predictions we made back
in January. As usual, some of those predictions aged rather better than
others; read on for our report card.
목, 2018/12/20 - 6:12오전
Stable kernel
4.19.11 has been released
with some important fixes; users should upgrade.
목, 2018/12/20 - 6:06오전
A year-old bug in Kubernetes was the
topic of a talk given by Michelle Au and Jan Šafránek at KubeCon
+ CloudNativeCon North America, which was held mid-December in
Seattle. In the talk, they looked at the details of the bug and the
response from the Kubernetes product
security team (PST). While the bug was fairly straightforward, it was
surprisingly hard to fix. The whole process also provided experience that
will help improve vulnerability handling in the future.
목, 2018/12/20 - 12:56오전
Security updates have been issued by CentOS (ghostscript), Fedora (ansible and wireshark), openSUSE (go1.11, pdns, and pdns-recursor), Oracle (firefox), Red Hat (java-1.8.0-ibm), Scientific Linux (firefox), and SUSE (crash, libqt5-qtbase, perl, and qemu).
수, 2018/12/19 - 5:01오전
Back in late October, when we looked in on
the Python
governance question, which came about due to the resignation of Guido van Rossum, things seemed
to be mostly set for a vote in late November. There were six Python
Enhancement Proposals (PEPs) under consideration that would be ranked by
voters in a two-week period ending December 1; instant-runoff
voting would be used to determine the winner. In the interim, though,
much of that changed; the voting period, winner-determination mechanism,
and number of PEPs under consideration are all different. But the voting
concluded on December 16 and a winner
has been declared; PEP 8016 ("The
Steering Council Model"), which was added to the mix in early November, came
out on top.
수, 2018/12/19 - 3:25오전
HardenedBSD has
released
version 12 of its security-enhanced fork of FreeBSD. Improvements in
this release include Non-Cross-DSO Control-Flow Integrity (CFI) for
applications on amd64 and arm64; jailed bhyve; per-jail toggles for
unprivileged process debugging; Spectre v2 mitigation with retpoline
applied to the entirety of base and ports; Symmetric Multi-Threading (SMT)
disabled by default; and more.
수, 2018/12/19 - 12:48오전
Security updates have been issued by Debian (libapache-mod-jk and sleuthkit), Fedora (kernel, kernel-headers, mbedtls, php, php-symfony, php-symfony3, php-symfony4, and wireshark), openSUSE (pdns, pdns-recursor, and salt), Oracle (firefox and ghostscript), Red Hat (ansible, firefox, ghostscript, and kernel), Scientific Linux (firefox and ghostscript), and SUSE (ovmf).
화, 2018/12/18 - 8:24오전
Greg Kroah-Hartman has released stable kernel
4.4.168. As usual, there are important fixes
and users should upgrade.
화, 2018/12/18 - 2:41오전
Gustavo Padovan
notes
an important milestone in Linux graphics development: "The dream
finally came true in 2018 with the release of the Google Pixel 3, the first
Android phone running with the mainline graphics stack. A feat that was
deemed impossible 10 years ago is now a reality thanks to a lot of hard
work from the entire community."
화, 2018/12/18 - 1:50오전
Stable kernel
3.18.130 has been released
with important fixes; users should upgrade.
화, 2018/12/18 - 12:22오전
Security updates have been issued by Debian (php5, poppler, and samba), Fedora (firefox, mbedtls, nbdkit, pdns-recursor, php, php-symfony, php-symfony3, and php-symfony4), Gentoo (CouchDB, scala, and spamassassin), Mageia (firefox, libwpd, nss, and thunderbird), openSUSE (Chromium, cups, ghostscript, kernel, openvswitch, phpMyAdmin, qemu, and tcpdump), Red Hat (RHGS WA), and SUSE (ansible, openldap2, openvswitch, qemu, and tcpdump).
월, 2018/12/17 - 6:24오후
Linus has released
4.20-rc7, saying:
"The plan remains the same: if everything continues normally, I'll
release 4.20 just before christmas, and then just have a more
leisurely merge window than normal."
On the stable side,
4.19.10,
4.14.89,
and 4.9.146 are out with a new set of
important fixes.
토, 2018/12/15 - 7:27오전
Indirect function calls — calls to a function whose address is stored in a
pointer variable — have never been blindingly fast, but the Spectre
hardware vulnerabilities have made things far worse. The indirect branch
predictor used to speed up indirect calls in the CPU can no longer be
used, and performance has suffered accordingly. The
"retpoline"
mechanism
was a brilliant hack that proved faster than the hardware-based solutions
that were tried at the beginning. While retpolines took a lot of the pain
out of Spectre mitigation, experience over the last year has made it clear
that they still hurt. It is thus not surprising that developers have been
looking for alternatives to retpolines; several of them have shown up on
the kernel lists recently.
토, 2018/12/15 - 12:55오전
Security updates have been issued by CentOS (ghostscript, git, java-1.7.0-openjdk, java-11-openjdk, kernel, NetworkManager, python-paramiko, ruby, sos-collector, thunderbird, and xorg-x11-server), Debian (gcc-4.9), and SUSE (amanda, ntfs-3g_ntfsprogs, and tiff).
금, 2018/12/14 - 2:23오전
The Linux kernel is generally seen as a poor fit for safety-critical
systems; it was never designed to provide realtime response guarantees or
to be certifiable for such uses. But the systems that
can be used
in such settings lack the features needed to support complex applications.
This problem is often solved by deploying a mix of computers running
different operating systems. But what if you want to support a mixture of
tasks, some safety-critical and some not, on the same system? At a talk
given at
LinuxLab 2018, Claudio
Scordino described an effort to support this type of mixed-criticality
system.
금, 2018/12/14 - 1:18오전
Greg Kroah-Hartman has released stable kernels
4.19.9,
4.14.88,
4.9.145,
4.4.167, and
3.18.129. They all contain important fixes and
users should upgrade.
금, 2018/12/14 - 1:10오전
Security updates have been issued by Debian (firefox-esr), Fedora (singularity), openSUSE (compat-openssl098, cups, firefox, mozilla-nss, and xen), and SUSE (cups, exiv2, ghostscript, and git).
목, 2018/12/13 - 9:42오전
The LWN.net Weekly Edition for December 13, 2018 is available.
목, 2018/12/13 - 1:55오전
In the RDMA microconference of the 2018 Linux Plumbers Conference (LPC),
John Hubbard, Dan Williams, and Matthew Wilcox led a discussion on the
problems surrounding get_user_pages() (and friends) and the
interaction with DMA. It is not the first time the topic has come up,
there was also a discussion about it at the
Linux Storage, Filesystem, and Memory-Management Summit back in April. In
a nutshell, the problem is that multiple parts of the kernel think they
have responsibility for the same chunk of memory, but they do not
coordinate their activities; as might be guessed, mayhem can sometimes ensue.
페이지