Odprtokodni pogled

Opensource view

LWN.net

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Posodobljeno: 10 min 52 sec nazaj

Four more stable kernel updates

Sre, 12/21/2022 - 18:39
The 6.1.1, 6.0.15, 5.15.85, and 5.10.161 stable kernel updates have been released. Each contains a relatively small set of important fixes.

Security updates for Wednesday

Sre, 12/21/2022 - 14:48
Security updates have been issued by Debian (xorg-server), Fedora (samba, snakeyaml, thunderbird, xorg-x11-server, and xrdp), Slackware (libksba and sdl), and SUSE (cni, cni-plugins, java-1_7_1-ibm, kernel, openssl-3, and supportutils).

[$] Beyond microblogging with ActivityPub

Tor, 12/20/2022 - 17:59
ActivityPub-enabled microblogs are gaining popularity as a replacement for Twitter, but ActivityPub is for more than just microblogging. Many other popular services also have open-source alternatives that speak ActivityPub. Proprietary services operated by commercial interests usually deliberately limit interoperability, but users of any ActivityPub-enabled service should be able to communicate with each other, even if they are using different services. This promise of interoperability is often limited in practice, though; while ActivityPub specifies how multiple types of content can be published, the kinds of content that can be displayed or interacted with vary from project to project.

GnuPG 2.4.0 released

Tor, 12/20/2022 - 15:50
Version 2.4.0 of the GNU Privacy Guard has been released. "Exactly 25 years ago the very first release of GnuPG was published. We are pleased to take this opportunity to announce the availability of a new stable GnuPG release: version 2.4.0." Changes in this release include full support for the key database daemon, some performance improvements, a change to AES256 as the default cipher, and much more.

Security updates for Tuesday

Tor, 12/20/2022 - 15:46
Security updates have been issued by Fedora (mujs) and SUSE (kernel and thunderbird).

Linux Mint 21.1 ("Vera") released

Tor, 12/20/2022 - 14:54
Linux Mint has announced the release of version 21.1 of the distribution in three editions: Cinnamon (what's new), MATE (what's new), and Xfce (what's new). Mint 21.1 is based on Ubuntu 22.04 and uses kernel version 5.15. Linux Mint 21.1 is a long term support release which will be supported until 2027. It comes with updated software and brings refinements and many new features to make your desktop even more comfortable to use.

[$] Enabling non-executable memfds

Pon, 12/19/2022 - 17:01
The memfd interface is a bit of a strange and Linux-specific beast; it was initially created to support the secure passing of data between cooperating processes on a single system. It has since gained other roles, but it may still come as a surprise to some to learn that memory regions created for memfds, unlike almost any other data area, have the execute permission bit set. That can facilitate attacks; this patch set from Jeff Xu proposes an addition to the memfd API to close that hole.

Stable kernels 6.0.14, 5.15.84, 5.10.160, and 5.4.228

Pon, 12/19/2022 - 15:51
Greg Kroah-Hartman has announced the release of the 6.0.14, 5.15.84, 5.10.160, and 5.4.228 stable kernels. They contain a relatively small number of important fixes throughout the tree.

Security updates for Monday

Pon, 12/19/2022 - 15:29
Security updates have been issued by Debian (chromium and thunderbird), Fedora (keylime, libarchive, libtasn1, pgadmin4, rubygem-nokogiri, samba, thunderbird, wireshark, and xorg-x11-server-Xwayland), Gentoo (curl, libreoffice, nss, unbound, and virtualbox), Mageia (advancecomp, couchdb, firefox, freerdp, golang, heimdal, kernel, kernel-linus, krb5, leptonica, libetpan, python-slixmpp, thunderbird, and xfce4-settings), Oracle (firefox, nodejs:16, and thunderbird), Scientific Linux (firefox and thunderbird), Slackware (samba), SUSE (chromium and kernel), and Ubuntu (linux-oem-5.17).

Apache SpamAssassin 4.0.0 released

Ned, 12/18/2022 - 21:06
Version 4.0.0 of the Apache SpamAssassin spam filter has been released.

Apache SpamAssassin 4.0.0 contains numerous tweaks and bug fixes over the past releases. In particular, it includes major changes that significantly improve the handling of text in international language.

As with any major release, there are countless functional patches and improvements to upgrade to 4.0.0. Apache SpamAssassin 4.0.0 includes several years of fixes that significantly improve classification and performance. It has been thoroughly tested in production systems. We strongly recommend upgrading as soon as possible.

OCaml 5.0.0 released

Sob, 12/17/2022 - 12:23
Version 5.0.0 of the OCaml programming language is out.

The highlight of this new major version of OCaml is the long-awaited runtime support for shared memory parallelism and effect handlers. This multicore support is the culmination of more than 8 years of effort, and required a full rewrite of the OCaml runtime environment. Consequently, OCaml 5.0.0 is expected to be a more experimental version of OCaml than the usual OCaml releases.

[$] The intersection of shadow stacks and CRIU

Pet, 12/16/2022 - 14:45
Shadow stacks are one of the methods employed to enforce control-flow integrity and thwart attackers; they are a mechanism for fine-grained, backward-edge protection. Most of the time, applications are not even aware that shadow stacks are in use. As is so often the case, though, life gets more complicated when the Checkpoint/Restore in Userspace (CRIU) mechanism is in use. Not breaking CRIU turns out to be one of the big challenges facing developers working to get user-space shadow-stack support into the kernel.

Security updates for Friday

Pet, 12/16/2022 - 13:52
Security updates have been issued by Debian (firefox-esr, libde265, php7.3, and thunderbird), Fedora (firefox, freeradius, freerdp, and xorg-x11-server), Oracle (firefox, prometheus-jmx-exporter, and thunderbird), Red Hat (firefox, nodejs:16, prometheus-jmx-exporter, and thunderbird), and SUSE (ceph and chromium).

Xfce 4.18 released

Čet, 12/15/2022 - 15:51
Version 4.18 of the Xfce desktop environment has been released.

Since Xfce 4.16 a lot of major development happened. Our team added multiple nice new features, did a gazillion of bug fixes and did various minor improvements. Finally, all that is going to be released for your pleasure.

See the announcement for a long list of new features.

[$] 6.2 Merge window, part 1

Čet, 12/15/2022 - 15:37
Once upon a time, Linus Torvalds would try to set a pace of about 1,000 changesets pulled into the mainline each day during the early part of the merge window. For 6.2, though, the situation is different; no less than 9,278 non-merge changesets were pulled during the first two days. Needless to say, these commits affect the kernel in numerous ways, even though there are fewer fundamental changes than were seen in 6.1.

Security updates for Thursday

Čet, 12/15/2022 - 14:52
Security updates have been issued by Debian (firefox-esr and git), Slackware (mozilla and xorg), SUSE (apache2-mod_wsgi, capnproto, xorg-x11-server, xwayland, and zabbix), and Ubuntu (emacs24, firefox, linux-azure, linux-azure-5.15, linux-azure-fde, linux-oem-6.0, and xorg-server, xorg-server-hwe-18.04, xwayland).

The Linux kernel contribution maturity model

Čet, 12/15/2022 - 09:18
Ted Ts'o, in collaboration with the Linux Foundation Technical Advisory Board, has put together a document called the Linux kernel contribution maturity model to help companies improve their participation in the kernel development process.

The goal is to encourage, in a management-friendly way, companies to allow their engineers to contribute with the upstream Linux Kernel development community, so we can grow the "talent pipeline" for contributors to become respected leaders, and eventually kernel maintainers.

Another set of stable kernel updates

Čet, 12/15/2022 - 08:34
The 6.0.13, 5.15.83, 5.10.159, 5.4.227, 4.19.269, 4.14.302, and 4.9.336 stable kernel updates have all been released; each contains another set of important fixes.

[$] LWN.net Weekly Edition for December 15, 2022

Čet, 12/15/2022 - 01:43
The LWN.net Weekly Edition for December 15, 2022 is available.

[$] Troubles with triaging syzbot reports

Sre, 12/14/2022 - 19:20
A report from the syzbot kernel fuzz-testing robot does not usually spawn a vitriolic mailing-list thread, but that is just what happened recently. While the invective is regrettable, the underlying issue is important. The dispute revolves around how best to report bugs to affected subsystems and, ultimately, how not to waste maintainers' time.
sfy39587f05