Odprtokodni pogled

Opensource view

LWN.net

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Posodobljeno: 35 min 28 sec nazaj

Google announces 2024 season of docs

Čet, 02/08/2024 - 21:14

On February 2, Google announced this year's "Season of Docs", a program complementing its Summer of Code program by providing funding to open source projects to hire technical writers to improve their documentation. Interested projects have until April 2 to apply.

Google Season of Docs provides direct grants to open source projects to improve their documentation and gives professional technical writers an opportunity to gain experience in open source. Together we raise awareness of open source, of docs, and of technical writing.

Google announces 2024 season of docs

Čet, 02/08/2024 - 21:14

On February 2, Google announced this year's "Season of Docs", a program complementing its Summer of Code program by providing funding to open source projects to hire technical writers to improve their documentation. Interested projects have until April 2 to apply.

Google Season of Docs provides direct grants to open source projects to improve their documentation and gives professional technical writers an opportunity to gain experience in open source. Together we raise awareness of open source, of docs, and of technical writing.

Brennan: What's Inside a Linux Kernel Core Dump

Čet, 02/08/2024 - 20:53
Stephen Brennan describes kernel core dumps in excruciating detail.

Kernel core dumps are complex. They are not simply copies of system memory; they contain plenty of extra metadata which is critical to understanding their contents. And like any other type of data, the design of the file formats can enable lots of flexibility and power. However, due to the broad variety of tools out there, the diversity of dump formats is overwhelming, and the lack of documentation or specifications compounds the problem.

Brennan: What's Inside a Linux Kernel Core Dump

Čet, 02/08/2024 - 20:53
Stephen Brennan describes kernel core dumps in excruciating detail.

Kernel core dumps are complex. They are not simply copies of system memory; they contain plenty of extra metadata which is critical to understanding their contents. And like any other type of data, the design of the file formats can enable lots of flexibility and power. However, due to the broad variety of tools out there, the diversity of dump formats is overwhelming, and the lack of documentation or specifications compounds the problem.

A new CEO for Mozilla

Čet, 02/08/2024 - 16:27
Mitchell Baker has announced that she is stepping down from the role of Mozilla CEO, effective immediately. Laura Chambers will be the new CEO "for the remainder of the year".

We’re at a critical juncture where public trust in institutions, governments, and the fabric of the internet has reached unprecedented lows. There’s a tectonic shift underway as everyone battles to own the future of AI. It is Mozilla’s opportunity and imperative to forge a better future. I’m excited about Laura’s day-to-day involvement and the chance for Mozilla to achieve more. Our power lies in the collective effort of people contributing to something better and I’m eager for Mozilla to meet the needs of this era more fully.

A new CEO for Mozilla

Čet, 02/08/2024 - 16:27
Mitchell Baker has announced that she is stepping down from the role of Mozilla CEO, effective immediately. Laura Chambers will be the new CEO "for the remainder of the year".

We’re at a critical juncture where public trust in institutions, governments, and the fabric of the internet has reached unprecedented lows. There’s a tectonic shift underway as everyone battles to own the future of AI. It is Mozilla’s opportunity and imperative to forge a better future. I’m excited about Laura’s day-to-day involvement and the chance for Mozilla to achieve more. Our power lies in the collective effort of people contributing to something better and I’m eager for Mozilla to meet the needs of this era more fully.

[$] Pitchforks for RDSEED

Čet, 02/08/2024 - 16:09
The generation of random (or, at least, unpredictable) numbers is key to many security technologies. For this reason, the provision of random data as a CPU feature has drawn a lot of attention over the years. A proper hardware-based random-number generator can address the problems that make randomness hard to obtain in some systems, but only if the manufacturer can be trusted to not have compromised that generator in some way. A recent discussion has brought to light a different problem, though: what happens if a hardware random-number generator can be simply driven into exhaustion?

[$] Pitchforks for RDSEED

Čet, 02/08/2024 - 16:09
The generation of random (or, at least, unpredictable) numbers is key to many security technologies. For this reason, the provision of random data as a CPU feature has drawn a lot of attention over the years. A proper hardware-based random-number generator can address the problems that make randomness hard to obtain in some systems, but only if the manufacturer can be trusted to not have compromised that generator in some way. A recent discussion has brought to light a different problem, though: what happens if a hardware random-number generator can be simply driven into exhaustion?

Glibc becomes a CVE Numbering Authority

Čet, 02/08/2024 - 16:07
The GNU C Library project has been accepted as a CVE Numbering Authority (CNA), meaning that the project is now in control of the CVE numbers assigned to its code.

As a CNA the glibc security team will be working to improve the quality and response time of security advisories and mitigations.

Over the coming months, the glibc security team will define the process for the CNA and establish best practices that can also be used by the rest of the GNU Toolchain.

See this article for some background on this change.

Glibc becomes a CVE Numbering Authority

Čet, 02/08/2024 - 16:07
The GNU C Library project has been accepted as a CVE Numbering Authority (CNA), meaning that the project is now in control of the CVE numbers assigned to its code.

As a CNA the glibc security team will be working to improve the quality and response time of security advisories and mitigations.

Over the coming months, the glibc security team will define the process for the CNA and establish best practices that can also be used by the rest of the GNU Toolchain.

See this article for some background on this change.

Security updates for Thursday

Čet, 02/08/2024 - 15:40
Security updates have been issued by Debian (chromium), Red Hat (gimp, kernel, kernel-rt, and runc), Slackware (expat), SUSE (libavif), and Ubuntu (linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-kvm, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp, and linux, linux-aws, linux-gcp, linux-hwe-6.5, linux-laptop, linux-lowlatency, linux-lowlatency-hwe-6.5, linux-oem-6.5, linux-oracle, linux-raspi, linux-starfive).

Security updates for Thursday

Čet, 02/08/2024 - 15:40
Security updates have been issued by Debian (chromium), Red Hat (gimp, kernel, kernel-rt, and runc), Slackware (expat), SUSE (libavif), and Ubuntu (linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-kvm, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp, and linux, linux-aws, linux-gcp, linux-hwe-6.5, linux-laptop, linux-lowlatency, linux-lowlatency-hwe-6.5, linux-oem-6.5, linux-oracle, linux-raspi, linux-starfive).

[$] LWN.net Weekly Edition for February 8, 2024

Čet, 02/08/2024 - 01:19
The LWN.net Weekly Edition for February 8, 2024 is available.

Please welcome Joe Brockmeier to LWN

Sre, 02/07/2024 - 20:58
At the beginning of November, we let it be known that we were looking to hire a writer/editor to augment the LWN team. In past attempts, we have found it difficult to attract writers who could produce the kind of content that LWN readers expect. This time around, as we have said before, was different; we had a number of candidates who could have filled the bill and were forced to make some difficult choices.

While "hire them all" was an attractive idea, it was not one that our budget would support. We did conclude, however, that we could stretch to a second hire. So we are pleased to announce that the opportunity to bring Joe Brockmeier on board was too good to pass up — so we didn't. You will start to see his work return to LWN within the next few days.

Go 1.22 released

Sre, 02/07/2024 - 17:20
Go 1.22, the most recent version of the Go programming language, has been released. It comes with two language changes to for loops: a fix for a longstanding "gotcha" with accidentally sharing loop variables between iterations and adding the ability to range over integer values. There are also additions to the standard library, improved performance, and more. See the release notes for further information.

[$] So you think you understand IP fragmentation?

Sre, 02/07/2024 - 17:06
What is IP fragmentation, why is it important, and do people understand it? The answer to that last question is "not as well as they think". This article will also answer the rest of those questions and introduce fragquiz, a game that I wrote to allow players to guess how IP packets will behave when they are too large for the network. As evidence that IP fragmentation is not well-understood, a room full of networking experts played fragquiz and got a score that was nowhere close to perfect. In addition, I will describe a new algorithm for fragmentation avoidance, which some colleagues and I developed, that helped motivate development of fragquiz.

Security updates for Wednesday

Sre, 02/07/2024 - 15:32
Security updates have been issued by Red Hat (gimp) and Ubuntu (firefox, linux-oracle, linux-oracle-5.15, and python-django).

[$] GNU C Library version 2.39

Tor, 02/06/2024 - 22:32

The GNU C Library (glibc) released version 2.39 on January 31, including several new features. Notable highlights include new functions for spawning child processes, support for shadow stacks on x86_64, new security features, and the removal of libcrypt. The glibc maintainers had also hoped to include improvements to qsort(), which ended up not making it into this release. Glibc releases are made every six months.

Security updates for Tuesday

Tor, 02/06/2024 - 15:34
Security updates have been issued by CentOS (firefox, gstreamer1-plugins-bad-free, and tigervnc), Debian (ruby-sanitize), Fedora (kernel, kernel-headers, qt5-qtwebengine, and runc), Oracle (gnutls, kernel, libssh, rpm, runc, and tigervnc), Red Hat (runc), and SUSE (bouncycastle, jsch, python, and runc).

Three new stable kernels

Pon, 02/05/2024 - 21:37
Greg Kroah-Hartman has announced the release of the 6.7.4, 6.6.16, and 6.1.77 stable kernels. As usual, they contain important fixes all over the kernel tree.
sfy39587f05