LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
업데이트: 1시간 49분 지남
월, 2024/05/06 - 11:55오후
The Free Software Foundation has
announced
the recipients of its 2023 Free Software Awards: Bruno Haible for work on
gnulib, Nick Logozzo as
the "outstanding new free software contributior", and
code.gouv.fr for projects of social
benefit.
When presenting the award to Haible, FSF executive director Zoë
Kooyman commented on the significance of Haible's work, saying that
Haible's work enabled free software programmers around the world to
focus on the main, innovative portions of their program, thus
facilitating the development of more and more free software.
월, 2024/05/06 - 11:37오후
Security updates have been issued by Debian (glibc, intel-microcode, less, libkf5ksieve, and ruby3.1), Fedora (chromium, gdcm, httpd, and stalld), Gentoo (Apache Commons BCEL, borgmatic, Dalli, firefox, HTMLDOC, ImageMagick, MediaInfo, MediaInfoLib, MIT krb5, MPlayer, mujs, Pillow, Python, PyPy3, QtWebEngine, Setuptools, strongSwan, and systemd), Oracle (grub2 and shim), Red Hat (git-lfs, kpatch-patch, unbound, and varnish), and SUSE (avahi, grafana and mybatis, java-11-openjdk, java-17-openjdk, skopeo, SUSE Manager Client Tools, SUSE Manager Salt Bundle, and SUSE Manager Server 4.3).
월, 2024/05/06 - 8:07오전
The
6.9-rc7 kernel prepatch is out for
testing. "The stats for 6.9 continue to look very normal, and nothing
looks particularly alarming."
토, 2024/05/04 - 12:56오전
Kernel developers are encouraged to send their changes in small batches as
a way of making life easier for reviewers. So when a longtime developer
and maintainer hits the list with a 437-patch series touching 859 files,
eyebrows are certain to head skyward. Specifically,
this series
from Jens Axboe is cleaning up one of the core abstractions that has
been part of the Linux kernel almost since the beginning; authors of device
drivers (among others) will have to take note.
토, 2024/05/04 - 12:29오전
Security updates have been issued by Fedora (chromium, grub2, httpd, kernel, libcoap, matrix-synapse, python-pip, and rust-pythonize), Red Hat (kernel and libxml2), SUSE (kernel), and Ubuntu (eglibc, glibc and php7.4, php8.1, php8.2).
금, 2024/05/03 - 12:10오전
In Unix-like systems, an open file descriptor carries the right to access
the opened object in specific ways. As a general rule, that file
descriptor does
not enable access to any other objects. The
recently merged
BPF token feature runs
counter to this practice by creating file descriptors that carry specific
BPF-related access rights. A similar but different approach to
capability-carrying file descriptors, in the form of directory file
descriptors that include their own credentials, is currently under
consideration in the kernel community.
목, 2024/05/02 - 11:43오후
Version
1.78.0 of the Rust language has been released. Changes include a new
mechanism for diagnostic attributes, changes to how assertions around
unsafe blocks are handled, and more.
Rust now supports a #[diagnostic] attribute namespace to
influence compiler error messages. These are treated as hints which
the compiler is not required to use, and it is also not an error to
provide a diagnostic that the compiler doesn't recognize. This
flexibility allows source code to provide diagnostics even when
they're not supported by all compilers, whether those are different
versions or entirely different implementations.
목, 2024/05/02 - 11:22오후
Security updates have been issued by Debian (chromium and distro-info-data), Fedora (et, php-tcpdf, python-aiohttp, python-openapi-core, thunderbird, tpm2-tools, and tpm2-tss), Red Hat (nodejs:16 and podman), and Ubuntu (firefox).
목, 2024/05/02 - 10:11오전
The LWN.net Weekly Edition for May 2, 2024 is available.
목, 2024/05/02 - 2:54오전
Version 8.0 of the terminal text editor GNU nano has been
released. This update includes several changes to keybindings to be
more newcomer-friendly, such as remapping Ctrl-F to forward-search and
adding an option for modern bindings:
Command-line option --modernbindings (-/) makes ^Q quit, ^X cut,
^C copy, ^V paste, ^Z undo, ^Y redo, ^O open a file, ^W write a
file, ^R replace, ^G find again, ^D find again backwards, ^A set
the mark, ^T jump to a line, ^P show the position, and ^E execute.
The release also provides access to 14 levels of gray scale in xterm (up
from four), as well as many bug fixes.
목, 2024/05/02 - 2:00오전
Ubuntu 24.04 LTS, code-named "Noble Numbat", was released on April 25. This release includes GNOME 46, installer updates,
security enhancements, a lot of updated packages, and a new App Center
that puts a heavy emphasis on using Snaps to install software. It is not an ambitious release, but it brings enough to the table that it's a worthwhile update.
수, 2024/05/01 - 11:19오후
The NixOS Foundation board
announced on April 30 that Eelco Dolstra is stepping down from the board
following the recent calls for his resignation.
Eelco is the principal author of Nix and undoubtedly a central figure in the
ecosystem that grew around it. We confirm that Eelco showed no intention to be
perceived as or act like the BDFL [Benevolent Dictator for Life]
of the Nix ecosystem, or the Nix code base. To
commit to that in a timely manner, he has decided to formally step down from the
board.
The board also announced its intent to set up new, explicit governance for the
project, answerable to the community:
We will appoint a constitutional assembly within the next 14 days.
Its task will be to set up a new governance structure, run by the
community, that is capable of serving the community's needs. Once
established, we will delegate our power to institutions within that
new structure. This entire process will take place in a public space,
such that it's traceable for anyone concerned. We are committed to
listening to everyone who may help with solving the problems the
community is facing.
수, 2024/05/01 - 10:36오후
Security updates have been issued by Debian (nghttp2 and qtbase-opensource-src), Mageia (cjson, freerdp, guava, krb5, libarchive, and mediawiki), Oracle (container-tools:4.0 and container-tools:ol8), Red Hat (bind, buildah, container-tools:3.0, container-tools:rhel8, expat, gnutls, golang, grafana, kernel, kernel-rt, libreswan, libvirt, linux-firmware, mod_http2, pcp, pcs, podman, python-jwcrypto, rhc-worker-script, shadow-utils, skopeo, sssd, tigervnc, unbound, and yajl), SUSE (kernel and python311), and Ubuntu (gerbv and node-json5).
수, 2024/05/01 - 12:11오전
When it comes to security, telling developers to do (or not do)
something can be ineffective. Helping them understand the why behind
instructions, by illustrating good and bad practices using stories, can be
much more effective. With several such stories Marta
Rybczyńska fashioned an interesting talk
about patterns and anti-patterns in embedded Linux security at the
Embedded
Open Source Summit (EOSS), co-located with Open
Source Summit North America (OSSNA), on April 16 in Seattle, Washington.
화, 2024/04/30 - 11:53오후
Version
5.0 of the
Yocto Project
distribution builder has been released. The list of new features is long;
see
the
release notes for the details.
화, 2024/04/30 - 11:01오후
This
Mastodon stream from Lennart Poettering describes a sudo
replacement — called run0 — that will be part of the upcoming
systemd 256 release. It takes a rather different approach to the execution
of privileged commands, avoiding the use of setuid (which he calls "SUID")
permissions entirely.
So, in my ideal world, we'd have an OS entirely without SUID. Let's
throw out the concept of SUID on the dump of UNIX' bad ideas. An
execution context for privileged code that is half under the
control of unprivileged code and that needs careful manual clean-up
is just not how security engineering should be done in 2024
anymore.
화, 2024/04/30 - 10:41오후
Version 2.45.0 of the Git
source-code management system has been released. Changes include a new
list command for git reflog, a couple of new
configuration variables for git diff, the ability to drop
redundant commits while cherry-picking, a number of performance
improvements, and more.
화, 2024/04/30 - 10:35오후
Security updates have been issued by Debian (org-mode), Oracle (shim and tigervnc), Red Hat (ansible-core, avahi, buildah, container-tools:4.0, containernetworking-plugins, edk2, exfatprogs, fence-agents, file, freeglut, freerdp, frr, grub2, gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, harfbuzz, httpd, ipa, kernel, libjpeg-turbo, libnbd, LibRaw, libsndfile, libssh, libtiff, libvirt, libX11, libXpm, mingw components, mingw-glib2, mingw-pixman, mod_http2, mod_jk and mod_proxy_cluster, motif, mutt, openssl and openssl-fips-provider, osbuild and osbuild-composer, pam, pcp, pcs, perl, pmix, podman, python-jinja2, python3.11, python3.11-cryptography, python3.11-urllib3, qemu-kvm, qt5-qtbase, runc, skopeo, squashfs-tools, systemd, tcpdump, tigervnc, toolbox, traceroute, webkit2gtk3, wpa_supplicant, xorg-x11-server, xorg-x11-server-Xwayland, and zziplib), SUSE (docker, ffmpeg, ffmpeg-4, frr, and kernel), and Ubuntu (anope, freerdp3, and php7.0, php7.2, php7.4, php8.1).
화, 2024/04/30 - 5:30오전
The
Amarok music player project
has
announced
the release of version 3.0, which is codenamed "Castaway". It is the first
stable version using Qt 5 and KDE Frameworks 5, and the first stable
release since the final Qt-4-based 2.9.0 in 2018.
The road to 3.0 has not been a short one. Much of the Qt5/KF5 porting was done in 2015 already, but finishing and polishing everything up has been a slow, sometimes ongoing and sometimes stalled process ever since. 3.0 Alpha was released in February 2021 and has been since used by many people, as have been nightly builds of git master available for various distributions. Now in the past few months, an effort was made to get everything ready for a proper 3.0 release.
Common usecases should work quite well, and in addition to fixing KF5 port
related regressions reported in pre-releases, 3.0 features many bugfixes
and implemented features for longstanding issues, the oldest such
documented being from 2009. However, with more than 20 years of development
history, it is likely that not every feature Amarok has been tested
thoroughly in the new release, and specifically some Internet services that
have changed their API in recent years are not available, at least for
now. It might well be that getting them in better state wouldn't require
huge effort, however, so if you know your way with Qt and KDE Frameworks
and your favourite Internet music service does not work with Amarok 3.0,
you are extremely welcome to join in and help!
페이지