LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
Posodobljeno: 10 min 9 sec nazaj
Sre, 04/26/2023 - 14:54
Version
13.1 of the GCC compiler suite has been released.
This release integrates a frontend for the Modula-2 language which
was previously available separately and lays foundation for a
frontend for the Rust language which will be available in a future
release.
Other changes include the removal of support for the STABS
debugging-information format, addition of a number of C++23 features, a
number of static-analyzer improvements, support for a number of recent CPU
features, and more. See this page for details.
Sre, 04/26/2023 - 14:51
Security updates have been issued by Fedora (chromium, lilypond, and lilypond-doc), Oracle (java-1.8.0-openjdk), Red Hat (emacs, java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, kernel, kernel-rt, pesign, and virt:rhel, virt-devel:rhel), Scientific Linux (java-1.8.0-openjdk and java-11-openjdk), Slackware (git), SUSE (fwupd, git, helm, and runc), and Ubuntu (firefox, golang-1.18, linux-hwe-5.15, and openssl, openssl1.0).
Tor, 04/25/2023 - 23:15
Static-site generators are tools that generate
HTML pages from source
files, often written in
Markdown or
another markup language. They have built-in templates and themes, which allows
developers to create lightweight and secure web sites that can be easily
maintained using version control. One of these tools is
Nikola, written in Python.
Tor, 04/25/2023 - 18:19
There is
a new
stable Git release containing fixes for three separate security
vulnerabilities. The fixes have also been backported to the older v2.39.3,
v2.38.5, v2.37.7, v2.36.6, v2.35.8, v2.34.8, v2.33.8, v2.32.7, v2.31.8, and
v2.30.9 releases. Sites using Git in untrusted environments — or with
untrusted input — should probably upgrade soon.
Tor, 04/25/2023 - 15:03
Philip Herron and Arthur Cohen have posted
an
update on the status of gccrs — the GCC frontend for the Rust language
— and why it will not be a part of the upcoming GCC 13 release.
While all of this appears like a lot of work, we are confident in
our progress and hope to get closer and closer to getting the
core crate working in the next few months. There is also a
lot of important work remaining in order to produce a valid Rust
compiler, which is why we will spend the coming months focusing on
the core crate as well as a borrow-checker implementation,
and the development of the necessary tooling to allow us to try and
pass the Rust 1.49 testsuite.
We aim to distribute the Rust 1.49 version of the standard library
with our compiler in the next major GCC release, GCC 14, and hope
to backport enough changes to the GCC 13 branch to get the core
crate working in time for the GCC 13.2 release. This will enable
users to easily start experimenting with the compiler for
#![no_std] Rust programs and, hopefully, some embedded
targets.
Tor, 04/25/2023 - 14:32
Security updates have been issued by CentOS (firefox, java-11-openjdk, and thunderbird), Debian (apache2), Fedora (kernel), Oracle (emacs), Red Hat (emacs, haproxy, java-1.8.0-openjdk, kernel, kernel-rt, kpatch-patch, pcs, pki-core:10.6, and qatzip), and SUSE (avahi, cdi-apiserver-container, cdi-cloner-container, cdi- controller-container, cdi-importer-container, cdi-operator-container, cdi- uploadproxy-container, cdi-uploadserver-container, cont, giflib, kernel, kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools- container, virt-operator-container, ovmf, and protobuf-c).
Tor, 04/25/2023 - 00:10
The 6.3 kernel was
released
on April 24 after a nine-week development cycle. As is the case with
all mainline releases, this is a
major kernel release with a lot of changes and a big pile of new features.
The time has come, yet again, for a look at where that work came from and
who supported it.
Pon, 04/24/2023 - 15:43
Security updates have been issued by Debian (389-ds-base, chromium, connman, curl, redis, and thunderbird), Fedora (ceph, doctl, dr_libs, ffmpeg, freeimage, golang-github-digitalocean-godo, insight, libreswan, mingw-binutils, mingw-freeimage, mingw-freetype, openvswitch, rnp, suricata, webkitgtk, and wireshark), Mageia (dnsmasq, emacs, openimageio, php-smarty, redis, squirrel/supertux, and tcpdump), Red Hat (emacs), and SUSE (avahi, chromium, dmidecode, indent, jettison, openssl, openstack-cinder, openstack-nova, python-oslo.utils, and ovmf).
Ned, 04/23/2023 - 21:35
Linus has
released the 6.3 kernel as
expected.
It's been a calm release this time around, and the last week was
really no different. So here we are, right on schedule, with the
6.3 release out and ready for your enjoyment.
That doesn't mean that something nasty couldn't have been lurking
all these weeks, of course, but let's just take things at face
value and hope it all means that everything is fine, and it really
was a nice controlled release cycle. It happens.
Significant changes in this release include
the removal of a lot of obsolete Arm board files and drivers,
ongoing improvements to the (still minimal) Rust language support,
red-black trees for BPF programs,
ID-mapped mounts for tmpfs filesystems,
BIG TCP support for IPv4,
support for non-executable memfds,
the hwnoise
jitter-measurement tool,
and a lot more. See the LWN merge-window summaries
(part 1,
part 2) and the (in-progress) KernelNewbies 6.3 page for
more information.
Pet, 04/21/2023 - 20:12
This ten days old but hopefully better late than never: the Python Software
Foundation has put out
an
article describing how the proposed European "cyber resilience act"
threatens the free-software community.
Under the current language, the PSF could potentially be
financially liable for any product that includes Python code, while
never having received any monetary gain from any of these
products. The risk of huge potential costs would make it impossible
in practice for us to continue to provide Python and PyPI to the
European public.
The Internet Systems Consortium has also recently put out
a statement on the proposal.
Pet, 04/21/2023 - 20:12
This ten days old but hopefully better late than never: the Python Software
Foundation has put out
an
article describing how the proposed European "cyber resilience act"
threatens the free-software community.
Under the current language, the PSF could potentially be
financially liable for any product that includes Python code, while
never having received any monetary gain from any of these
products. The risk of huge potential costs would make it impossible
in practice for us to continue to provide Python and PyPI to the
European public.
The Internet Systems Consortium has also recently put out
a statement on the proposal.
Pet, 04/21/2023 - 14:55
The concept of movable memory was initially designed for hot-pluggable
memory on server-class systems, but it would now appear that this mechanism
is finding a new use in consumer-electronics devices as well. The
designated movable block patch set was first
submitted
by Doug Berger in September 2022. By adding more flexibility around the
configuration and use of movable memory, this work will, it is hoped, improve how
Linux performs on resource-constrained systems.
Pet, 04/21/2023 - 14:52
The
Python Package Index (PyPI) has, like
many language-specific repositories, had
ongoing problems with malicious uploads. PyPI
is now launching an authentication mechanism called
trusted
publishers in an attempt to fight this problem.
Instead, PyPI maintainers can configure PyPI to trust an identity
provided by a given OpenID Connect Identity Provider (IdP). This
allows allows PyPI to verify and delegate trust to that identity,
which is then authorized to request short-lived, tightly-scoped API
tokens from PyPI. These API tokens never need to be stored or
shared, rotate automatically by expiring quickly, and provide a
verifiable link between a published package and its source.
Pet, 04/21/2023 - 14:46
Security updates have been issued by Debian (golang-1.11 and libxml2), Fedora (chromium, dr_libs, frr, ruby, and runc), Oracle (java-11-openjdk and java-17-openjdk), Red Hat (emacs, httpd and mod_http2, kpatch-patch, and webkit2gtk3), SUSE (libmicrohttpd, nodejs16, ovmf, and wireshark), and Ubuntu (kauth and patchelf).
Čet, 04/20/2023 - 22:06
GNOME is, of course, a widely-used
desktop
environment for Linux
systems; on March 22, the project released
GNOME 44,
codenamed "Kuala Lumpur". This version features enhancements to the
settings panels, quick settings, the files application, and an updated file
chooser with a grid view, among others. The full list of changes can
be seen in the
release
notes available on the GNOME website.
Čet, 04/20/2023 - 18:46
The Ubuntu 23.04 release is out. Headline features include a new
installer, GNOME 44, Azure Active Directory authentication, and more.
The newest Edubuntu, Kubuntu, Lubuntu, Ubuntu Budgie, Ubuntu
Cinnamon, Ubuntu Kylin, Ubuntu MATE, Ubuntu Studio, Ubuntu Unity,
and Xubuntu are also being released today.
See the
release notes for more information.
Čet, 04/20/2023 - 15:31
Distributors have been enabling the SELinux security module for nearly
20 years now, and many administrators have been disabling it on their
systems for almost as long. There are a few ways in which SELinux can be
disabled on any given system, including command-line options, a run-time
switch, or simply not loading a policy after boot. One of those ways,
however, is about to be disabled itself.
Čet, 04/20/2023 - 14:54
Security updates have been issued by Debian (golang-1.11), Fedora (chromium, golang-github-cenkalti-backoff, golang-github-cli-crypto, golang-github-cli-gh, golang-github-cli-oauth, golang-github-gabriel-vasile-mimetype, libpcap, lldpd, parcellite, tcpdump, thunderbird, and zchunk), Red Hat (java-11-openjdk, java-17-openjdk, and kernel), SUSE (chromium, dnsmasq, ImageMagick, nodejs16, openssl-1_0_0, openssl1, ovmf, and python-Flask), and Ubuntu (dnsmasq, libxml2, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp,
linux-gcp-5.4, linux-gke, linux-gkeop, linux-hwe-5.4, linux-ibm,
linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi,
linux-raspi-5.4, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15,
linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm,
linux-oracle, linux-raspi2, linux-oem-5.17, linux-oem-6.0, linux-oem-6.1, and linux-snapdragon).