Odprtokodni pogled

Opensource view

LWN.net

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Posodobljeno: 32 min 46 sec nazaj

[$] The rest of the 6.11 merge window

Pon, 07/29/2024 - 14:54
The release of 6.11-rc1 marked the end of the 6.11 merge window on July 28. By that time, 12,102 non-merge changesets had been pulled into the mainline repository; about 8,000 of those came in after the first-half summary was written. Quite a few significant changes were to be found in those changesets; there is also one big change that did not make it.

Security updates for Monday

Pon, 07/29/2024 - 14:14
Security updates have been issued by AlmaLinux (java-11-openjdk), Debian (bind9), Fedora (darkhttpd, mod_http2, and python-scrapy), Red Hat (python3.11, rhc-worker-script, and thunderbird), SUSE (assimp, gh, opera, python-Django, and python-nltk), and Ubuntu (edk2, linux, linux-aws, linux-gcp, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-nvidia-6.5, linux-oracle, linux-raspi, and lua5.4).

Kernel prepatch 6.11-rc1

Ned, 07/28/2024 - 23:36
Linus Torvalds has released 6.11-rc1 and closed the merge window for this development cycle. "The merge window felt pretty normal, and the stats all look pretty normal too. I was expecting things to be quieter because of summer vacations, but that (still) doesn't actually seem to have been the case."

Note that the extensible scheduler class ("sched_ext") was not merged, even though Torvalds had said he would back in June. Sched_ext, it seems, will need another development cycle out of tree.

Stable kernel updates for Saturday

Sob, 07/27/2024 - 15:35
The 6.10.2, 6.9.12, 6.6.43, 6.1.102, 5.15.164, 5.10.223, 5.4.281, and 4.19.319 stable kernel updates have all been released; each contains a relatively small set of important fixes, at least one of which appears to close a minor security hole.

[$] May the FOLL_FORCE not be with you

Pet, 07/26/2024 - 15:19
One of the simplest hardening concepts to understand is that memory should never be both writable and executable, otherwise an attacker can use it to load and run arbitrary code. That rule is generally followed in Linux systems, but there is a glaring loophole that is exploitable from user space to inject code into a running process. Attackers have duly exploited it. A new effort to close the hole ran into trouble early in the merge window, but a solution may yet be found in time for the 6.11 kernel release.

Security updates for Friday

Pet, 07/26/2024 - 14:47
Security updates have been issued by AlmaLinux (linux-firmware and squid), Debian (bind9), Fedora (kubernetes, thunderbird, and tinyproxy), Oracle (containernetworking-plugins, cups, edk2, httpd, httpd:2.4, kernel, kernel-container, libreoffice, libuv, libvirt, python3, and runc), Red Hat (freeradius:3.0, httpd, and squid), and SUSE (giflib and python-dnspython).

[$] What became of getrandom() in the vDSO

Čet, 07/25/2024 - 17:19
In the previous episode of the vgetrandom() story, Jason Donenfeld had put together a version of the getrandom() system call that ran in user space, significantly improving performance for applications that need a lot of random data while retaining all of the guarantees provided by the system call. At that time, it seemed that a consensus had built around the implementation and that it was headed toward the mainline in that form. A few milliseconds after that article was posted, though, a Linus-Torvalds-shaped obstacle appeared in its path. That obstacle has been overcome and this work has now been merged for the 6.11 kernel, but its form has changed somewhat.

[$] More informative kernel panics for Fedora

Čet, 07/25/2024 - 16:34

On July 12, Jocelyn Falempe proposed a change to the configuration options that Fedora sets for its kernels, in order to make kernel panics easier to report. Falempe would like to enable the kernel's recently added DRM-panic feature, which adds a graphical crash screen that is reminiscent of the infamous Windows "blue screen of death" for kernel panics. The feature introduces a few tradeoffs, including currently limited driver support, so the proposal spawned a good deal of discussion.

Rust 1.80.0 released

Čet, 07/25/2024 - 15:59
Version 1.80.0 of the Rust language has been released. Changes include the new LazyCell and LazyLock types (which delay data initialization until the first access), the stabilization of the exclusive-range syntax for match patterns, and more.

Three new stable kernels

Čet, 07/25/2024 - 15:19
The 6.9.11, 6.6.42, and 6.1.101 stable kernels have been released. As usual, they contain important fixes throughout the tree.

Security updates for Thursday

Čet, 07/25/2024 - 15:03
Security updates have been issued by AlmaLinux (containernetworking-plugins, cups, edk2, httpd, httpd:2.4, libreoffice, libuv, libvirt, python3, and runc), Fedora (exim, python-zipp, xdg-desktop-portal-hyprland, and xmedcon), Red Hat (cups, fence-agents, freeradius, freeradius:3.0, httpd:2.4, kernel, kernel-rt, nodejs:18, podman, and resource-agents), Slackware (htdig and libxml2), SUSE (exim), and Ubuntu (ocsinventory-server, php-cas, and poppler).

Linux Mint 22 "Wilma" released

Čet, 07/25/2024 - 14:53

Linux Mint has announced version 22 of the distribution in three editions: Cinnamon, MATE, and Xfce. Mint 22 is based on Ubuntu 24.04 and uses kernel version 6.8.0:

Linux Mint 22 is a long term support release which will be supported until 2029. It comes with updated software and brings refinements and many new features to make your desktop even more comfortable to use.

LWN covered the Linux Mint 22 beta in early July. See the new features page and release notes for more information on this release.

[$] LWN.net Weekly Edition for July 25, 2024

Čet, 07/25/2024 - 03:01
The LWN.net Weekly Edition for July 25, 2024 is available.

Stable kernel update 6.10.1

Sre, 07/24/2024 - 18:02

Greg Kroah-Hartman has released the 6.10.1 stable kernel update. This release contains a small number of seemingly urgent regression fixes. Users of this kernel series are advised to upgrade.

OpenMandriva ROME 24.07 released

Sre, 07/24/2024 - 17:25

Updated installation images for the OpenMandriva ROME rolling release Linux distribution are now available. Notable features in the 24.07 snapshot include KDE Plasma 6 as the default desktop, the addition of Proton and Proton experimental packages for playing Windows games on Linux, as well as GNOME 46.3 and LXQt 2.0.0 spins.

OpenSSL announces new governance structure

Sre, 07/24/2024 - 16:58

OpenSSL has announced that it has adopted a new governance framework:

The OpenSSL Management Committee (OMC) has been dissolved, and two boards of directors have been elected for the Foundation and the Corporation. Each organization has ten voting members. These boards share all the responsibilities and authorities of the former OMC co-equally.

To further engage our communities, we are establishing two advisory committees for each entity: a Business Advisory Committee (BAC) and a Technical Advisory Committee (TAC). The communities will elect the members of the BACs and TACs, creating a direct channel for community input in roadmap development and reflecting the diverse perspectives of OpenSSL's communities.

OpenSSL has also announced that two projects have adopted the OpenSSL Mission and become OpenSSL projects: Bouncy Castle, which provides cryptographic APIs for Java and C#, and the cryptlib security software development toolkit. See the announcement for full details.

[$] Large folios, swap, and FS-Cache

Sre, 07/24/2024 - 16:28
David Howells wanted to discuss swap handling in light of multi-page folios in a combined storage, filesystem, and memory-management session at the 2024 Linux Storage, Filesystem, Memory Management, and BPF Summit. Swapping has always been done with a one-to-one mapping of memory pages to swap slots, he said, but swapping multi-page folios breaks that assumption. He wondered if it would make sense to use filesystem techniques to track swapped-out folios.

[$] Lessons from the death and rebirth of Thunderbird

Sre, 07/24/2024 - 15:38

Ryan Sipes told the audience during his keynote at GUADEC 2024 in Denver, Colorado that the Thunderbird mail client "probably shouldn't still be alive". Thunderbird, however, is not only alive—it is arguably in better shape than ever before. According to Sipes, the project's turnaround is a result of governance, storytelling, and learning to be comfortable asking users for money. He would also like it quite a bit if Linux distributions stopped turning off telemetry.

Let's Encrypt plans to drop support for OCSP

Sre, 07/24/2024 - 14:19

Let's Encrypt has announced that it intends to end support "as soon as possible" for the Online Certificate Status Protocol (OCSP) over privacy concerns. OCSP was developed as a lighter-weight alternative to Certificate Revocation Lists (CRLs) that did not involve downloading the entire CRL in order to check whether a certificate was valid. Let's Encrypt will continue supporting OCSP as long as it is a requirement for Microsoft's Trusted Root Program, but hopes to discontinue it soon:

We plan to end support for OCSP primarily because it represents a considerable risk to privacy on the Internet. When someone visits a website using a browser or other software that checks for certificate revocation via OCSP, the Certificate Authority (CA) operating the OCSP responder immediately becomes aware of which website is being visited from that visitor's particular IP address. Even when a CA intentionally does not retain this information, as is the case with Let's Encrypt, CAs could be legally compelled to collect it. CRLs do not have this issue.

People using Let's Encrypt as their CA should, for the most part, not need to change their setups. All modern browsers support CRLs, so end-users shouldn't notice an impact either.

Security updates for Wednesday

Sre, 07/24/2024 - 13:59
Security updates have been issued by Fedora (ghostscript and xmedcon), Gentoo (Dmidecode, ExifTool, and Freenet), Red Hat (containernetworking-plugins, cups, edk2, httpd, httpd:2.4, kernel, kernel-rt, krb5, libreoffice, libuv, libvirt, linux-firmware, nghttp2, nodejs, openssh, python3, runc, thunderbird, and tpm2-tss), Slackware (aaa_glibc, bind, and mozilla), SUSE (postgresql14, python-sentry-sdk, and shadow), and Ubuntu (activemq, bind9, haproxy, nova, provd, python-zipp, squid, squid3, and tomcat).
sfy39587f05