LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
업데이트: 1시간 37분 지남
수, 2024/01/31 - 11:33오후
Security updates have been issued by Debian (bind9 and glibc), Fedora (ncurses), Gentoo (containerd, libaom, and xorg-server, xwayland), Mageia (python-pillow and zlib), Oracle (grub2 and tomcat), Red Hat (avahi, c-ares, container-tools:3.0, curl, firefox, frr, kernel, kernel-rt, kpatch-patch, libfastjson, libmicrohttpd, linux-firmware, oniguruma, openssh, perl-HTTP-Tiny, python-pip, python-urllib3, python3, rpm, samba, sqlite, tcpdump, thunderbird, tigervnc, and virt:rhel and virt-devel:rhel modules), SUSE (python-Pillow, slurm, slurm_20_02, slurm_20_11, slurm_22_05, slurm_23_02, and xen), and Ubuntu (libde265, linux-nvidia, mysql-8.0, openldap, pillow, postfix, and xorg-server, xwayland).
수, 2024/01/31 - 6:29오전
EmacsConf 2023 was, like its
recent predecessors, an online conference with lots of talks about various
aspects of the
Emacs
editor—though, of course, it is way more than just an editor. Last year's
edition was held in early December. One of the
talks that looked interesting was
on Emacs
development, which was given live by John Wiegley. In it, he briefly
described some
of the biggest features coming in Emacs 30, which is the next major version
coming for the tool.
수, 2024/01/31 - 1:01오전
The eBPF Foundation has published a glossy document called
The
State of eBPF; it seems mostly concerned with how a small number of
large companies are using and developing this technology.
No doubt, eBPF will become the new layer in the new cloud native
infrastructure stack, impacting the observability, performance,
reliability, networking, and security of all applications,
supporters say. Platform engineers will cobble together
eBPF-powered infrastructure building blocks to create platforms
that developers then deploy software on, adding business logic to
the mix, and replacing aging Linux kernel internals that cannot
keep up with today’s digital and, increasingly, cloud native world.
화, 2024/01/30 - 11:26오후
Security updates have been issued by Debian (pillow, postfix, and redis), Fedora (python-templated-dictionary and selinux-policy), Red Hat (gnutls, kpatch-patch, libssh, and tomcat), and Ubuntu (amanda, ceph, linux-azure, linux-azure-4.15, linux-kvm, and tinyxml).
화, 2024/01/30 - 2:22오전
In December, the Rust project released
a call for proposals for inclusion in the 2024 edition. Rust handles
backward incompatible changes by using
Editions,
which permit projects to specify a single stable edition for their code
and allow libraries written
in different editions to be linked together. Proposals for Rust 2024 are
now in, and have until the end of February to be debated and decided on. Once
the proposals are accepted, they have until May to be implemented in time for
the 2024 edition to be released in the second half of the year.
화, 2024/01/30 - 1:04오전
Security updates have been issued by CentOS (gstreamer-plugins-bad-free, java-1.8.0-openjdk, java-11-openjdk, kernel, LibRaw, python-pillow, and xorg-x11-server), Debian (gst-plugins-bad1.0, libspreadsheet-parsexlsx-perl, mariadb-10.3, and slurm-wlm), Fedora (atril, dotnet8.0, gnutls, prometheus-podman-exporter, python-jinja2, sudo, and vips), Oracle (frr, kernel, php:8.1, python-urllib3, python3.9, rpm, sqlite, and tomcat), Slackware (pam), SUSE (cpio, rear23a, rear27a, sevctl, and xorg-x11-server), and Ubuntu (exim4 and firefox).
월, 2024/01/29 - 11:03오전
Linus has released
6.8-rc2 for testing.
"So go out and test. It's safe now. You trust me, right?"
토, 2024/01/27 - 12:41오전
While the mathematical realm of numbers is infinite, computers are only
able to represent a finite subset of them. That can lead to problems when
arithmetic operations would create numbers that the computer is unable to
store as the intended type. This condition, called "overflow" or
"wraparound" depending on the
context, can be the source of bugs, including unpleasant security
vulnerabilities, so it is worth avoiding.
This patch
series from Kees Cook is intended to improve the kernel's handling of
these situations, but it is running into a bit of resistance.
금, 2024/01/26 - 11:49오후
Security updates have been issued by Debian (xorg-server), Fedora (chromium, dotnet8.0, firefox, freeipa, and thunderbird), Red Hat (avahi, c-ares, curl, edk2, expat, freetype, frr, git, gnutls, grub2, kernel, kernel-rt, libcap, libfastjson, libssh, libtasn1, libxml2, linux-firmware, ncurses, oniguruma, openssh, openssl, perl-HTTP-Tiny, protobuf-c, python-urllib3, python3, python3.9, rpm, samba, shadow-utils, sqlite, tcpdump, tomcat, and virt:rhel and virt-devel:rhel modules), SUSE (cpio, jasper, rear23a, thunderbird, and xorg-x11-server), and Ubuntu (jinja2, kernel, linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke,
linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15,
linux-kvm, linux-lowlatency-hwe-5.15, linux-raspi, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4,
linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4,
linux-ibm, linux-ibm-5.4, linux-iot, linux-oracle, linux-oracle-5.4,
linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp, linux, linux-aws, linux-aws-6.2, linux-azure, linux-azure-6.2,
linux-azure-fde-6.2, linux-gcp, linux-hwe-6.5, linux-laptop,
linux-lowlatency, linux-lowlatency-hwe-6.5, linux-oem-6.5, linux-oracle,
linux-raspi, linux-starfive, linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe,
linux-kvm, linux-oracle, linux, linux-aws, linux-kvm, linux-lts-xenial, linux-aws, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-oem-6.1, and mariadb, mariadb-10.3, mariadb-10.6).
금, 2024/01/26 - 12:53오전
The free-software community has managed to build a body of software that is
worth, by most estimates, many billions of dollars; all of this code is
freely available to anybody who wants to use or modify it. It is an
unparalleled example of independent actors working cooperatively on a
common resource. Free software is certainly a success story, but all is
not perfect. One of the community's greatest strengths — convincing
companies to contribute to this common resource — is also part of one of
its biggest weaknesses.
금, 2024/01/26 - 12:10오전
The AdaCore blog
describes
some hardening features contributed to GCC for the GCC 14 release.
With -fharden-control-flow-redundancy, the compiler now verifies,
at the end of functions, whether the traversed basic blocks align
with a legitimate execution path. The purpose of this protective
measure is to detect and thwart attacks attempting to infiltrate
the middle of functions, thereby enhancing the overall security
posture of the compiled code.
목, 2024/01/25 - 11:18오후
Security updates have been issued by Debian (chromium, firefox-esr, php-phpseclib, phpseclib, thunderbird, and zabbix), Fedora (dotnet7.0, firefox, fonttools, and python-jinja2), Mageia (avahi and chromium-browser-stable), Oracle (java-1.8.0-openjdk, java-11-openjdk, LibRaw, openssl, and python-pillow), Red Hat (gnutls, kpatch-patch, php:8.1, and squid:4), SUSE (apache-parent, apache-sshd, bluez, cacti, cacti-spine, erlang, firefox, java-11-openjdk, opera, python-Pillow, tomcat, tomcat10, and xwayland), and Ubuntu (paramiko and puma).
목, 2024/01/25 - 9:23오전
The LWN.net Weekly Edition for January 25, 2024 is available.
목, 2024/01/25 - 7:19오전
Python packaging discussions seem like they often just go around and
around, ending up where they started and recapitulating many of the points that
have come up before. A recent discussion revolves around the
pip package installer, as they
often do. The central role that is occupied by pip has both
good points and bad. There is a clear need for
something that
can install from the
Python Package Index
(PyPI) immediately after Python itself is installed. Whether there
should be additional features, including project management, that come
"inside the box", as well,
is much less clear—not unlike the question of
which project management
"style" should be chosen.
수, 2024/01/24 - 11:46오후
Security updates have been issued by Debian (jinja2, openjdk-11, ruby-httparty, and xorg-server), Fedora (ansible-core and mingw-jasper), Gentoo (GOCR, Ruby, and sudo), Oracle (gstreamer-plugins-bad-free, java-17-openjdk, java-21-openjdk, python-cryptography, and xorg-x11-server), Red Hat (kernel, kernel-rt, kpatch-patch, LibRaw, python-pillow, and python-pip), Slackware (mozilla), SUSE (python-Pillow, rear118a, and redis7), and Ubuntu (libapache-session-ldap-perl and pycryptodome).
페이지