LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
Posodobljeno: 23 min 7 sec nazaj
Čet, 10/20/2022 - 16:13
Ubuntu
22.10 has been released. "Codenamed 'Kinetic Kudu', this interim
release improves the experience of enterprise developers and IT
administrators. It also includes the latest toolchains and applications
with a particular focus on the IoT ecosystem." See
the
release notes for details.
Čet, 10/20/2022 - 15:15
Security updates have been issued by Debian (firefox-esr), Red Hat (java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, OpenShift Container Platform 4.9.50 bug fix and, and rh-nodejs14-nodejs), SUSE (buildah, clone-master-clean-up, go1.18, go1.19, helm, jasper, libostree, nodejs16, php8, qemu, and xen), and Ubuntu (libxdmcp, linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15,
linux-gcp, linux-gcp-5.15, linux-gke, linux-gke-5.15, linux-gkeop,
linux-hwe-5.15, linux-ibm, linux-kvm, linux-lowlatency,
linux-lowlatency-hwe-5.15, linux-oem-5.14, linux-oracle, linux-raspi, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4,
linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gke, linux-gkeop,
linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle,
linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-oem-5.17, and perl).
Čet, 10/20/2022 - 01:00
The LWN.net Weekly Edition for October 20, 2022 is available.
Sre, 10/19/2022 - 16:45
Unlike many other architectures, x86 systems support atomic operations that
affect more than one cache line. This support comes at a cost, though, in
terms of overall system performance and, even, security. Over the last few
years, kernel developers have worked to discourage the use of this sort of
"split-lock" operation. Now, though, one group of users is feeling
a little too discouraged, leading to a discussion of how much misery can
appropriately be inflicted upon users who use problematic but
architecturally legal operations.
Sre, 10/19/2022 - 15:05
Security updates have been issued by Debian (bcel, kernel, node-xmldom, and squid), Mageia (chromium-browser-stable, dhcp, dokuwiki, firefox, golang, python-joblib, sos, and unzip), Oracle (nodejs and nodejs:16), Red Hat (firefox, kernel, kernel-rt, nodejs, nodejs:14, and thunderbird), Scientific Linux (firefox and thunderbird), Slackware (git and mozilla), SUSE (amazon-ssm-agent, caasp-release, cri-o, patchinfo, release-notes-caasp, skuba, enlightenment, libreoffice, netty, nodejs12, nodejs14, nodejs16, pngcheck, postgresql-jdbc, python-waitress, rubygem-activesupport-5_1, and tcl), and Ubuntu (frr, git, libksba, and linux-azure-4.15).
Tor, 10/18/2022 - 16:18
Since its inclusion in the Linux kernel, the
WireGuard VPN tunnel has become
increasingly popular. In general, WireGuard is simpler to configure than
other VPNs, but the approach that it takes to authentication can present
some challenges. Each node in a WireGuard network has a cryptographic key
that serves as the node's identity;
nodes that do not know each other's keys cannot directly communicate.
Keeping
track of these keys and distributing them to the other nodes
in a mesh network quickly becomes a chore as the network grows.
Fortunately, there are now
several open-source
tools that can automate the management of these keys and make using
WireGuard easier for both administrators and end users.
Tor, 10/18/2022 - 15:11
Version
106.0 of the Firefox browser has been released. There are several new
features, including PDF editing,
Firefox
View (an overview of recently closed tabs), and a set of new color
schemes.
Tor, 10/18/2022 - 14:54
Security updates have been issued by Debian (glibc and libksba), Fedora (dhcp and kernel), Red Hat (.NET 6.0, .NET Core 3.1, compat-expat1, kpatch-patch, and nodejs:16), Slackware (xorg), SUSE (exiv2, expat, kernel, libreoffice, python, python-numpy, squid, and virtualbox), and Ubuntu (linux-azure and zlib).
Pon, 10/17/2022 - 19:28
Version
5.5 of the Tor-centered Tails distribution is out. The biggest change
appears to be a significant update to the Thunderbird email client.
Thunderbird 102 is a major update with many changes to the
navigation, folder icons, and address book.
Thunderbird 102 also includes important usability improvements to
the OpenPGP feature. When composing an email, you can now see
whether it will be encrypted or not. If encryption is impossible, a
key assistant helps you solve key issues.
Pon, 10/17/2022 - 17:58
The
5.10.149 and
5.4.219
stable kernel updates have been released. These small updates contain only a
few more WiFi fixes and one revert.
Pon, 10/17/2022 - 15:45
Linus Torvalds
released
6.1-rc1 and closed the 6.1 merge window on
October 16; at that point, 11,537 non-merge changesets had been pulled
into the mainline repository. That is considerably less than the 13,543
changesets pulled during the 6.0 merge window, but quantity is not
everything: there were quite a few significant changes brought in this time
around. Many of those were part of the nearly 5,800 changesets pulled
since
our first 6.1 merge window summary;
read on for a look at some of the work done in the latter part of this
merge window.
Pon, 10/17/2022 - 15:29
Version 2.3.8 of the GNU Privacy Guard is out. It contains a few new
features but the real purpose is to fix
CVE-2022-3515,
an integer overflow vulnerability that can be exploited remotely for code
execution via a, for example, malicious S/MIME attachment. Note that the
actual vulnerability is in the
libksba library, which is
normally packaged separately on Linux systems.
Pon, 10/17/2022 - 14:59
Security updates have been issued by Arch Linux (kernel, linux-hardened, linux-lts, and linux-zen), Debian (python-django), Fedora (apptainer, kernel, python3.6, and vim), Gentoo (assimp, deluge, libvirt, libxml2, openssl, rust, tcpreplay, virglrenderer, and wireshark), Slackware (zlib), SUSE (chromium, python3, qemu, roundcubemail, and seamonkey), and Ubuntu (linux-aws-5.4 and linux-ibm).
Pon, 10/17/2022 - 00:05
Linus has
released 6.1-rc1 and closed the
merge window for this development cycle.
This isn't actually shaping up to be a particularly large release:
we "only" have 11.5k non-merge commits during this merge window,
compared to 13.5k last time around. So not exactly tiny, but
smaller than the last few releases. At least in number of commits.
That said, we've got a few core things that have been brewing for a
long time, most notably the multi-gen LRU VM series, and the
initial Rust scaffolding (no actual real Rust code in the kernel
yet, but the infrastructure is there).
Ned, 10/16/2022 - 18:26
Google has
announced
the existence of yet another new operating system, called KataOS, aimed at
the creation of secure embedded systems.
As the foundation for this new operating system, we chose seL4 as
the microkernel because it puts security front and center; it is
mathematically proven secure, with guaranteed confidentiality,
integrity, and availability. Through the seL4 CAmkES framework,
we're also able to provide statically-defined and analyzable system
components. KataOS provides a verifiably-secure platform that
protects the user's privacy because it is logically impossible for
applications to breach the kernel's hardware security protections
and the system components are verifiably secure. KataOS is also
implemented almost entirely in Rust, which provides a strong
starting point for software security, since it eliminates entire
classes of bugs, such as off-by-one errors and buffer overflows.
Pet, 10/14/2022 - 16:04
Software patents affect our systems in many ways, but perhaps most
strongly in the area of codecs — code that creates or plays back audio
or video that has been compressed using covered algorithms. For this
reason, certain formats have simply been unplayable on many Linux
distributions — especially those backed by companies that are big
enough to be worth suing — without installing add-on software from
third-party repositories. One might think that this problem could be
worked around by purchasing hardware that implements the patented algorithms,
but recent activity in the Fedora and openSUSE communities shows that life
is not so simple.
Pet, 10/14/2022 - 14:51
Security updates have been issued by Debian (chromium), Fedora (dbus, dhcp, expat, kernel, thunderbird, vim, and weechat), Mageia (libofx, lighttpd, mediawiki, and python), Oracle (.NET 6.0 and .NET Core 3.1), Slackware (python3), SUSE (chromium, kernel, libosip2, python-Babel, and python-waitress), and Ubuntu (gThumb, heimdal, linux-aws, linux-gcp-4.15, linux-aws-hwe, linux-gcp, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, postgresql-9.5, and xmlsec1).
Čet, 10/13/2022 - 15:36
It would appear that there is
a set of
memory-related vulnerabilities in the kernel's WiFi stack that can be
exploited over the air via malicious packets; five CVE numbers have been
assigned to the set. Fixes are headed toward the
mainline and should show up in stable updates before too long; anybody who
uses WiFi on untrusted networks should probably keep an eye out for the
relevant updates.
Čet, 10/13/2022 - 14:42
There have been a lot of significant changes merged into the mainline for
the 6.1 release, but one of the changes that has received the most
attention will also have the least short-term effect for users of the
kernel: the introduction of support for the Rust programming language. No
system with a production 6.1 kernel will be running any Rust code, but this
change does give kernel developers a chance to play with the language in
the kernel context and get a sense for how Rust development feels. Perhaps
the most likely conclusion for most developers, though, will be that there
isn't yet enough Rust in the kernel to do much of anything interesting.