LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
Posodobljeno: 29 min 48 sec nazaj
Pon, 01/23/2023 - 15:51
Security updates have been issued by Debian (powerline-gitstatus, tiff, and trafficserver), Fedora (dotnet6.0, firefox, git, kernel, libXpm, rust, sudo, upx, and yarnpkg), Mageia (kernel and kernel-linus), Red Hat (firefox, java-11-openjdk, and sudo), Slackware (mozilla and seamonkey), SUSE (cacti, cacti-spine, samba, and tor), and Ubuntu (firefox, php7.2, php7.4, php8.1, and python-setuptools, setuptools).
Ned, 01/22/2023 - 16:53
The
6.2-rc5 kernel prepatch is out.
Ok, so I thought we were back to normal after the winter holidays
at rc4. Now, a week later, I think I was mistaken - we have fairly
sizable rc5, so I suspect there was still pent up testing and fixes
from people being off.
Anyway, I am expecting to do an rc8 this release regardless, just
because we effectively had a lost week or two in the early rc's, so
a sizable rc5 doesn't really worry me. I do hope we're done with
the release candidates growing, though.
Pet, 01/20/2023 - 16:04
The kernel project does not host much user-space code in its repository,
but there are exceptions. One of those, currently found in the
tools/include/nolibc
directory, has only been present since the 5.1 release. The nolibc project
aims to provide minimal C-library emulation for small, low-level workloads.
Read on for an overview of nolibc, its history, and future direction
written by its principal contributor.
Pet, 01/20/2023 - 15:53
Security updates have been issued by Debian (lava and libitext5-java), Oracle (java-11-openjdk, java-17-openjdk, and libreoffice), SUSE (firefox, git, mozilla-nss, postgresql-jdbc, and sudo), and Ubuntu (git, linux-aws-5.4, linux-gkeop, linux-hwe-5.4, linux-oracle, linux-snapdragon, linux-azure, linux-gkeop, linux-intel-iotg, linux-lowlatency,
linux-lowlatency-hwe-5.15, linux-oracle-5.15, and linux-bluefield).
Čet, 01/19/2023 - 20:34
The Google Project Zero page
shows
how to compromise the kernel by using a NULL pointer to repeatedly
force an oops and overflow a reference count.
Back when the kernel was able to access userland memory without
restriction, and userland programs were still able to map the zero
page, there were many easy techniques for exploiting null-deref
bugs. However with the introduction of modern exploit mitigations
such as SMEP and SMAP, as well as mmap_min_addr preventing
unprivileged programs from mmap’ing low addresses, null-deref bugs
are generally not considered a security issue in modern kernel
versions. This blog post provides an exploit
technique demonstrating that treating these bugs as universally
innocuous often leads to faulty evaluations of their relevance to
security.
This is the sort of vulnerability that the
oops-limit patch is meant to block.
Čet, 01/19/2023 - 16:26
Code that is added to the kernel can stay there for a long time; there is
code in current kernels that has been present for over 30 years.
Nothing is forever, though. The kernel development community is currently
discussing the removal of two architectures and one filesystem, all of
which seem to have mostly fallen out of use. But, as we will see, removal
of code from the kernel is not easy and is subject to reconsideration even
after it happens.
Čet, 01/19/2023 - 15:47
Version 3.0 of the Pandoc
document-conversion tool has been released; the list of new features is
quite long, including "chunked" HTML output, support for complex figures,
and much more.
Čet, 01/19/2023 - 15:31
Security updates have been issued by Debian (firefox-esr, libitext5-java, sudo, and webkit2gtk), Fedora (firefox and qemu), Red Hat (java-11-openjdk and java-17-openjdk), Slackware (sudo), SUSE (sudo), and Ubuntu (python-urllib3 and sudo).
Čet, 01/19/2023 - 02:05
The LWN.net Weekly Edition for January 19, 2023 is available.
Sre, 01/18/2023 - 23:17
On today's Fedora systems, a reboot cycle—for a kernel update,
say—is normally a fairly quick affair, but that is not always true. The
system will
wait for services to shut down cleanly and will wait for up to two minutes
before killing a service and moving on. A recent proposal to change the
default timeout to 15 seconds, while still allowing some services to
require more time, ran into more opposition than was perhaps anticipated.
Not everyone was comfortable shortening the timeout period, though the
decision has now been made to reduce it, but not as far as was proposed.
Sre, 01/18/2023 - 15:03
Security updates have been issued by Fedora (awstats), Oracle (dpdk, libxml2, postgresql:10, systemd, and virt:ol and virt-devel:rhel), Red Hat (kernel), Slackware (git, httpd, libXpm, and mozilla), SUSE (libzypp-plugin-appdata), and Ubuntu (git, libxpm, linux-ibm-5.4, linux-oem-5.14, and ruby2.3).
Tor, 01/17/2023 - 21:44
Over the past several months, there have been wide-ranging discussions in
the Python community about difficulties users have with installing packages
for the language. There is a bewildering array of options for
package-installation tools and Python distributions focused on particular use
cases (e.g. scientific computing); many of those options do not
interoperate well—or at all—so they step on each others' toes.
The discussions have focused on where solutions might be found to make it
easier on users, but lots of history and entrenched use cases need to be
overcome in order to get there—or even to make progress in that direction.
Tor, 01/17/2023 - 21:11
Git 2.39.1 has been released with a set of security fixes; there are also
updated versions of many older Git releases available. A pair of integer
overflow vulnerabilities can lead to code execution in some scenarios; see
the announcement and
this
GitHub blog entry for more information.
Tor, 01/17/2023 - 16:53
Version
109.0 of the Firefox browser has been released. The headline feature
this time is the enabling of
Manifest
Version 3 support — a new extension mechanism that, among other
things, gives a higher degree of control over what extensions can do.
MV3 also ushers an exciting user interface change in the form of
the new extensions button (already available on Firefox
Nightly). This will give users direct control over which extensions
can access specific web sites.
Users are able to review, grant, or revoke MV3 extension access to
any website.
Tor, 01/17/2023 - 16:00
Security updates have been issued by Debian (tor) and SUSE (python-setuptools, python36-setuptools, and tor).
Pon, 01/16/2023 - 16:48
It is rare to see an extensive and unhappy discussion over the selection of
compiler options used to build a distribution, but it does happen. A case
in point is the debate over whether Fedora should be built with frame
pointers or not. It comes down to a tradeoff between a performance loss on
current systems and hopes for gains that exceed that loss in the future —
and some
disagreements over how these decisions should be made within the Fedora
community.
Pon, 01/16/2023 - 16:27
Dave Täht
describes
the Flent network-testing tool and its use in great detail.
With flent - in the 110 tests in it - in a matter of minutes you
can replicate any network stress test “out there” and compare
networking results across an extraordinary number of variables,
over time, across many tests. Before Toke Høiland-Jørgensen
developed flent, it would take days to set up a single test and
single plot. Now you can be deluged in data, graph it quickly, and
can investigate network behaviors in minutes that take other
support staff, engineers and SREs months, plot accurately, over
each change you make, with comparable results in a standardized
file format, and a zillion useful plot types.
Pon, 01/16/2023 - 15:54
Security updates have been issued by Debian (chromium, lava, libapreq2, net-snmp, node-minimatch, and openvswitch), Fedora (jpegoptim, kernel, kernel-headers, kernel-tools, and python2.7), Mageia (ctags, ffmpeg, minetest, python-gitpython, w3m, and xrdp), Oracle (kernel), Red Hat (dpdk and libxml2), Slackware (netatalk), SUSE (apptainer, chromium, libheimdal, python-wheel, python310-setuptools, and SDL2), and Ubuntu (linux-aws, linux-gcp-4.15, maven, and net-snmp).
Pon, 01/16/2023 - 01:17
The
fourth 6.2 kernel prepatch is out for
testing.
So here's another -rc release, this time with pretty much everybody
back from winter holidays, and so things should be back to
normal. And you can see that in the size, this is pretty much bang
in the middle of a regular rc size for this time in the merge
window.