LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
Posodobljeno: 12 min 53 sec nazaj
Pon, 05/02/2022 - 14:23
Security updates have been issued by Debian (ffmpeg, ghostscript, libarchive, and tinyxml), Fedora (CuraEngine, epiphany, gzip, usd, vim, xen, and xz), Oracle (maven-shared-utils and qemu), Red Hat (gzip, python27-python and python27-python-pip, rh-maven36-maven-shared-utils, rh-python38-python, rh-python38-python-lxml, and rh-python38-python-pip, and zlib), Slackware (pidgin), SUSE (jasper, java-11-openjdk, libcaca, libslirp, mariadb, mutt, nodejs12, opera, and python-Twisted), and Ubuntu (libinput).
Pon, 05/02/2022 - 00:34
Drew DeVault has
announced
the existence of a new programming language called "Hare".
Hare is a systems programming language designed to be simple,
stable, and robust. Hare uses a static type system, manual memory
management, and a minimal runtime. It is well-suited to writing
operating systems, system tools, compilers, networking software,
and other low-level, high performance tasks.
Pon, 05/02/2022 - 00:28
Nathan Willis
took
a long look at the Open Source Initiative's 2022 board election and
wasn't entirely pleased with what he saw.
So it’s a troubling ballot to look at. There’s an ostensibly
non-profit organization that’s an official OSI affiliate trying to
run its CEO as an individual candidate while also running a second
member (a board director) on the appropriate, affiliate ballot in
the same election. There’s also two financial sponsors running
candidates on the individual ballot, one of them (Red Hat) running
two candidates at the same time for the two open seats.
Ned, 05/01/2022 - 23:55
The
5.18-rc5 kernel prepatch is out for
testing. "So if rc4 last week was tiny and smaller than usual, it seems to have
been partly timing, and rc5 is now a bit larger than usual.
But only a very tiny bit larger - certainly not outrageously so, and
not something that worries me."
Ned, 05/01/2022 - 21:24
The
5.15.37 and
4.19.241
stable kernel updates have been released; each contains a relatively small
number of important fixes.
Pet, 04/29/2022 - 16:09
TechRepublic has published
an
interview with Fedora project leader Matthew Miller.
Basically, every modern language provides a lot of building blocks
that usually come from other smaller open-source projects. These
are libraries, and they do things like format text, handle images,
connect to databases and deal with talking across the
internet. Projects like Fedora or Debian used to work to try to
package up every such library in our own format, made to work
nicely with everything else.
Now, every new language — Rust, for example — comes with its own
tools to manage these, and they don’t work nicely together with our
old way. The sheer scale is overwhelming — for Rust alone, as I
checked just now there are 81,541 such libraries. We can’t keep up
with repackaging all of that into our own format, let alone that
plus all of the other languages. We need to approach this
differently in order to still provide a good solution to software
developers.
I think a lot of that will need machine learning and automation …
we’ll need to keep adjusting so we can provide the value that Linux
distributions give users in trust, security and coherent
integration at an exponential scale.
Pet, 04/29/2022 - 14:58
One of the changes merged for the 5.18 kernel was
a specialized memory allocator for BPF
programs that have been loaded into the kernel. Since then, though, this
feature has
run into a fair amount of turbulence and will almost certainly be disabled
in the final 5.18 release. This outcome is partly a result of bugs in the
allocator itself, but this work also had the bad luck to trip some older
and deeper bugs within the kernel's memory-management subsystem.
Pet, 04/29/2022 - 14:12
Security updates have been issued by Fedora (dhcp, gzip, podman, rsync, and usd), Mageia (firefox/nss/rootcerts, kernel, kernel-linus, and thunderbird), Oracle (container-tools:2.0, container-tools:3.0, mariadb:10.3, and zlib), Red Hat (Red Hat OpenStack Platform 16.2 (python-twisted), xmlrpc-c, and zlib), SUSE (glib2, nodejs12, nodejs14, python-paramiko, python-pip, and python-requests), and Ubuntu (curl, ghostscript, libsdl1.2, libsdl2, mutt, networkd-dispatcher, and webkit2gtk).
Čet, 04/28/2022 - 14:42
There is a long and growing list of options for getting information out of
the kernel but, in the real world, print statements still tend to be the
tool of choice. The kernel's
printk()
function
often comes up short, despite the fact that it provides a set of
kernel-specific features, so there has, for some time, been interest in
better APIs for textual output from the kernel. The
"printbuf"
proposal from Kent Overstreet is one step in that direction, but will
need some changes to make it work well with features the kernel already
has.
Čet, 04/28/2022 - 13:44
Security updates have been issued by Debian (chromium, golang-1.7, and golang-1.8), Fedora (bettercap, chisel, containerd, doctl, gobuster, golang-contrib-opencensus-resource, golang-github-appc-docker2aci, golang-github-appc-spec, golang-github-containerd-continuity, golang-github-containerd-stargz-snapshotter, golang-github-coredns-corefile-migration, golang-github-envoyproxy-protoc-gen-validate, golang-github-francoispqt-gojay, golang-github-gogo-googleapis, golang-github-gohugoio-testmodbuilder, golang-github-google-containerregistry, golang-github-google-slothfs, golang-github-googleapis-gnostic, golang-github-googlecloudplatform-cloudsql-proxy, golang-github-grpc-ecosystem-gateway-2, golang-github-haproxytech-client-native, golang-github-haproxytech-dataplaneapi, golang-github-instrumenta-kubeval, golang-github-intel-goresctrl, golang-github-oklog, golang-github-pact-foundation, golang-github-prometheus, golang-github-prometheus-alertmanager, golang-github-prometheus-node-exporter, golang-github-prometheus-tsdb, golang-github-redteampentesting-monsoon, golang-github-spf13-cobra, golang-github-xordataexchange-crypt, golang-gopkg-src-d-git-4, golang-k8s-apiextensions-apiserver, golang-k8s-code-generator, golang-k8s-kube-aggregator, golang-k8s-sample-apiserver, golang-k8s-sample-controller, golang-mongodb-mongo-driver, golang-storj-drpc, golang-x-perf, gopass, grpcurl, onionscan, shellz, shhgit, snowcrash, stb, thunderbird, and xq), Oracle (gzip, kernel, and polkit), Slackware (curl), SUSE (buildah, cifs-utils, firewalld, golang-github-prometheus-prometheus, libaom, and webkit2gtk3), and Ubuntu (nginx and thunderbird).
Čet, 04/28/2022 - 02:12
The LWN.net Weekly Edition for April 28, 2022 is available.
Sre, 04/27/2022 - 21:56
Running code from inside a cloned Git repository is potentially risky, but
normally just inspecting such a repository is considered to be safe. As a
recent posting to the Git mailing list shows, however, there are still
risks lurking inside these repositories; code that lives in them can be
triggered in unexpected ways. In particular, malicious "bare" repositories
can be added as a subdirectory of a repository; they can be configured to run
code whenever Git commands are executed there, which is something that can
happen in surprising ways. There is now an effort
underway to try to address the problem in Git, without breaking the
legitimate need for including bare repositories into a Git tree.
Sre, 04/27/2022 - 15:19
As was recently
reported here, the Fedora
project has been considering dropping support for legacy BIOS systems in
upcoming releases. The idea was controversial at best, and the
minutes from the April 26 FESCo meeting
show that it has been rejected, for now at least. The BIOS SIG will be
asked for a new plan for BIOS support in Fedora.
Sre, 04/27/2022 - 15:11
Version 4.0 of the
Yocto
Project distribution builder is out. Changes
include a move to the 5.15 kernel, reproducibility fixes, improved
overlayfs support, numerous security updates, and a long list of new recipes.
Sre, 04/27/2022 - 14:11
Security updates have been issued by Mageia (virtualbox), Red Hat (container-tools:2.0, container-tools:3.0, gzip, kernel, kernel-rt, kpatch-patch, mariadb:10.3, mariadb:10.5, maven-shared-utils, polkit, vim, xmlrpc-c, and zlib), Scientific Linux (maven-shared-utils), SUSE (ant, go1.17, go1.18, kernel, and xen), and Ubuntu (fribidi, git, libcroco, libsepol, linux, linux-gcp, linux-ibm, linux-lowlatency, openjdk-17, and openjdk-lts).
Tor, 04/26/2022 - 23:23
Python's
super()
built-in function can be somewhat confusing, as highlighted by a huge
python-ideas thread that we
started looking
at last week. It is used by methods in class hierarchies to access
methods and attributes in a parent class, but exactly
which class
that super() resolves to is perhaps a bit unclear in multiple-inheritance hierarchies.
The discussion in the second "half" of the thread further highlighted some
lesser-known parts of the language.
Tor, 04/26/2022 - 13:05
Version 19 of the
Android-based LineageOS distribution has been released.
With that said, we have been working extremely hard since Android
12’s release last October to port our features to this new version
of Android. Thanks to our hard work adapting to Google’s fairly
large changes in Android 11, we were able to rebase our changes
onto Android 12 much more efficiently. This led to a lot of time to
spend on cool new features, as well as adapt our additions to
Android 12’s new Material You design language!
Beyond the move to Android 12, this release includes improvements to a lot
of apps, a new setup wizard, and more. Less happily, this release has had
to leave a lot of older devices behind; a device must be able to run a 4.9
or newer kernel to be able to run LineageOS 19.
Tor, 04/26/2022 - 13:04
Security updates have been issued by Debian (ffmpeg), Fedora (htmldoc, moby-engine, plantuml, and zchunk), Oracle (java-1.8.0-openjdk, java-17-openjdk, and kernel), Red Hat (java-1.8.0-openjdk), Scientific Linux (java-1.8.0-openjdk), Slackware (freerdp), SUSE (kernel, mutt, SUSE Manager Client Tools, and xen), and Ubuntu (barbican and git).
Pon, 04/25/2022 - 15:41
The kernel
gained support for the TLS
protocol in the 4.13 release, which came out in September 2017. That
support is incomplete, though, in that it does not provide the kernel with
a way to initiate a TLS connection on its own. Instead, user space creates
a socket and performs the TLS handshake before handing the socket to the
kernel, which can then transfer data using TLS. The situation may be about
to change as a result of
this
patch series from Chuck Lever — though user space will still need to
remain in the picture.