Odprtokodni pogled

Opensource view

LWN.net

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Posodobljeno: 54 min 14 sec nazaj

Security updates for Tuesday

Tor, 03/21/2023 - 15:03
Security updates have been issued by Debian (apache2), Oracle (firefox, nss, and openssl), Slackware (curl and vim), SUSE (dpdk, firefox, grafana, oracleasm, python-cffi, python-Django, and qemu), and Ubuntu (ruby2.7, sox, and tigervnc).

coreutils-9.2 released

Pon, 03/20/2023 - 22:39
Version 9.2 of the GNU coreutils collection — the home of common tools like cp, mv, ls, rm, and more — is out. The changes are mostly minor; numerous bugs have been fixed and a few new command-line options have been added.

[$] Reducing direct-map fragmentation with __GFP_UNMAPPED

Pon, 03/20/2023 - 17:15
The kernel's direct map makes all of a system's physical memory available to the kernel within its address space — on 64-bit systems, at least. This seemingly simple feature has proved to be hard to maintain, in the face of the requirements faced by current systems, while keeping good performance. The latest attempt to address this issue is this patch set from Mike Rapoport adding more direct-map awareness to the kernel's page allocator.

Security updates for Monday

Pon, 03/20/2023 - 16:54
Security updates have been issued by Debian (firefox-esr, imagemagick, sox, thunderbird, and xapian-core), Fedora (chromium, containernetworking-plugins, guile-gnutls, mingw-python-OWSLib, pack, pypy3.7, sudo, thunderbird, tigervnc, and vim), Mageia (apache, epiphany, heimdal, jasper, libde265, libtpms, liferea, mysql-connector-c++, perl-HTML-StripScripts, protobuf, ruby-git, sqlite3, woodstox-core, and xfig), Oracle (kernel), Red Hat (firefox, nss, and openssl), SUSE (apache2, docker, drbd, kernel, and oracleasm), and Ubuntu (curl, python2.7, python3.10, python3.5, python3.6, python3.8, and vim).

25 Years of curl

Pon, 03/20/2023 - 15:08
Daniel Stenberg observes the 25th anniversary of the curl project.

We really have no idea exactly how many users or installations of libcurl there are now. It is easy to estimate that it runs in way more than ten billion installations purely based on the fact that there are 7 billion smart phones and 1 billion tablets in the world , and we know that each of them run at least one, but likely many more curl installs.

Curl 8.0.0 has also been released (quickly followed by 8.0.1).

Kernel prepatch 6.3-rc3

Pon, 03/20/2023 - 01:22
The 6.3-rc3 kernel prepatch is out for testing. "So rc3 is fairly big, but that's not hugely usual: it's when a lot of the fixes tick up as it takes a while before people find and start reporting issues."

LLVM 16.0.0 released

Ned, 03/19/2023 - 16:49
Version 16.0.0 of the LLVM compiler suite has been released. As usual, the list of changes is long; see the specific release notes for LLVM, Clang, Libc++, and others linked from the announcement.

The FSF's Free Software Awards

Ned, 03/19/2023 - 16:39
The Free Software Foundation has announced the recipients of this year's Free Software Awards:

  • Eli Zaretskii (advancement of free software)
  • Tad (SkewedZeppelin) (outstanding new free software contributor)
  • GNU Jami (project of social benefit)

[$] Generic iterators for BPF

Pet, 03/17/2023 - 14:44
BPF programs destined to be loaded into the kernel are generally written in C but, increasingly, the environment in which those programs run differs significantly from the C environment. The BPF virtual machine and associated verifier make a growing set of checks in an attempt to make BPF code safe to run. The proposed addition of an iterator mechanism to BPF highlights the kind of features that are being added — as well as the constraints placed on programmers by BPF.

New stable kernels

Pet, 03/17/2023 - 13:04
The 6.2.7, 6.1.20, 5.15.103, 5.10.175, 5.4.237, 4.19.278, and 4.14.310 stable kernels have been released. As usual, they contain important fixes throughout the kernel tree; users should upgrade.

Security updates for Friday

Pet, 03/17/2023 - 12:55
Security updates have been issued by Debian (sox and thunderbird), Fedora (containerd, libtpms, mingw-binutils, mingw-LibRaw, mingw-python-werkzeug, stargz-snapshotter, and tkimg), Slackware (mozilla and openssh), SUSE (apache2, firefox, hdf5, jakarta-commons-fileupload, kernel, perl-Net-Server, python-PyJWT, qemu, and vim), and Ubuntu (abcm2ps, krb5, and linux-intel-iotg).

Amazon Linux 2023 released

Čet, 03/16/2023 - 17:44
Amazon has released a new version of its vaguely Fedora-based, cloud-optimized distribution.

Last—and this policy is by far my favorite—Amazon Linux provides you with deterministic updates through versioned repositories, a flexible and consistent update mechanism. The distribution locks to a specific version of the Amazon Linux package repository, giving you control over how and when you absorb updates. By default, and in contrast with Amazon Linux 2, a dnf update command will not update your installed packages.

SFC: John Deere's ongoing GPL violations: What's next

Čet, 03/16/2023 - 17:26
The Software Freedom Conservancy calls out John Deere for failure to comply with the GPL and preventing farmers from repairing their own equipment.

This is a serious issue that goes far beyond one person wanting to fix their printer software, or install an alternative firmware on a luxury device. It has far-reaching implications for all farmers' livelihoods, for food security throughout the world, and for how we as a society choose to reward those who make our lives better, or stand in the way of empowering everyone to improve the world.

OpenSSH 9.3 released

Čet, 03/16/2023 - 15:30
OpenSSH 9.3 has been released. It includes a couple of security fixes, as well as adding an option for hash-algorithm selection to ssh-keygen and an option that allows configuration checking without actually loading any private keys.

[$] Zero-copy I/O for ublk, three different ways

Čet, 03/16/2023 - 15:22
The ublk subsystem enables the creation of user-space block drivers that communicate with the kernel using io_uring. Drivers implemented this way show some promise with regard to performance, but there is a bottleneck in the way: copying data between the kernel and the user-space driver's address space. It is thus not surprising that there is interest in implementing zero-copy I/O for ublk. The mailing lists have recently seen three different proposals for how this could be done.

Security updates for Thursday

Čet, 03/16/2023 - 12:56
Security updates have been issued by Debian (firefox-esr and pcre2), Oracle (nss), Red Hat (kpatch-patch and nss), SUSE (java-11-openjdk, kernel, and python310), and Ubuntu (emacs24, ffmpeg, firefox, imagemagick, libphp-phpmailer, librecad, and openjpeg2).

[$] LWN.net Weekly Edition for March 16, 2023

Čet, 03/16/2023 - 03:16
The LWN.net Weekly Edition for March 16, 2023 is available.

[$] Rules as code for more responsive governance

Sre, 03/15/2023 - 21:53
Using rules as code to help bridge the gaps between policy creation, its implementation, and its, often unintended, effects on people was the subject of a talk by Pia Andrews on the first day of the inaugural Everything Open conference in Melbourne, Australia. She has long been exploring the space of open government, and her talk was a report on what she and others have been working on over the last seven years. Everything Open is the successor to the long-running, well-regarded linux.conf.au (LCA); Andrews (then Pia Waugh) gave the opening keynote at LCA 2017 in Hobart, Tasmania, and helped organize the 2007 event in Sydney.

Debian project leader elections 2023

Sre, 03/15/2023 - 14:22
The 2023 election for the Debian project leader looks to be a relatively unexciting affair: incumbent leader Jonathan Carter is running unopposed for a fourth term. His platform lays out his hopes and plans for that term.

Security updates for Wednesday

Sre, 03/15/2023 - 14:05
Security updates have been issued by Debian (node-sqlite3 and qemu), Fedora (libmemcached-awesome, manifest-tool, sudo, and vim), Red Hat (gnutls, kernel, kernel-rt, lua, and openssl), Slackware (mozilla), SUSE (amanda, firefox, go1.19, go1.20, jakarta-commons-fileupload, java-1_8_0-openjdk, nodejs18, peazip, perl-Net-Server, python, python-cryptography, python-Django, python3, rubygem-rack, and xorg-x11-server), and Ubuntu (ipython, linux-ibm, linux-ibm-5.4, and linux-kvm).
sfy39587f05