Subscribe: LWN.net
http://lwn.net//headlines/newrss
Added By: Feedage Forager Feedage Grade A rated
Language: English
Tags:
debian  java openjdk  kernel  linux  lwn net  net  postgresql postgresql  postgresql  red hat  security updates  security  trust  updates 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: LWN.net

LWN.net



LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.



 



Kernel prepatch 4.15-rc3

2017-12-11T02:36:34+00:00

The 4.15-rc3 kernel prepatch is out. "I'm not thrilled about how big the early 4.15 rc's are, but rc3 is often the biggest rc because it's still fairly early in the calming-down period, and yet people have had some time to start finding problems. That said, this rc3 is big even by rc3 standards. Not good." 489 changesets were merged since 4.15-rc2.



Let's Encrypt looks forward to 2018

2017-12-08T20:51:09+00:00

The Let's Encrypt project, working to encrypt as much web traffic as possible, looks forward to the coming year. "First, we’re planning to introduce an ACME v2 protocol API endpoint and support for wildcard certificates along with it. Wildcard certificates will be free and available globally just like our other certificates. We are planning to have a public test API endpoint up by January 4, and we’ve set a date for the full launch: Tuesday, February 27."




Fedora council elections canceled

2017-12-08T20:24:09+00:00

The Fedora Project's currently underway elections for the Fedora Council, FESCo, and the Mindshare committee have been canceled due to some glitches in making the interview material available. The project plans to get its act together and retry the elections in early January.



Security updates for Friday

2017-12-08T15:20:48+00:00

Security updates have been issued by Arch Linux (chromium and vlc), Debian (erlang), Mageia (ffmpeg, tor, and wireshark), openSUSE (chromium, opensaml, openssh, openvswitch, and php7), Oracle (postgresql), Red Hat (chromium-browser, postgresql, rh-postgresql94-postgresql, rh-postgresql95-postgresql, and rh-postgresql96-postgresql), SUSE (firefox, java-1_6_0-ibm, opensaml, and xen), and Ubuntu (kernel, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux, linux-raspi2, linux-azure, linux-gcp, linux-hwe, linux-lts-trusty, linux-lts-xenial, linux-aws, and rsync).



[$] Kernel support for HDCP

2017-12-07T23:18:13+00:00

High-bandwidth Digital Content Protection (or HDCP) is an Intel-designed copy-protection mechanism for video and audio streams. It is a digital rights management (DRM) system of the type disliked by many in the Linux community. But does that antipathy mean that Linux should not support HDCP? That question is being answered — probably in favor of support — in a conversation underway on the kernel mailing lists.



Is blockchain a security topic? (Opensource.com)

2017-12-07T21:40:56+00:00

At Opensource.com, Mike Bursell looks at blockchain security from the angle of trust. Unlike cryptocurrencies, which are pseudonymous typically, other kinds of blockchains will require mapping users to real-life identities; that raises the trust issue. "What's really interesting is that, if you're thinking about moving to a permissioned blockchain or distributed ledger with permissioned actors, then you're going to have to spend some time thinking about trust. You're unlikely to be using a proof-of-work system for making blocks—there's little point in a permissioned system—so who decides what comprises a "valid" block that the rest of the system should agree on? Well, you can rotate around some (or all) of the entities, or you can have a random choice, or you can elect a small number of über-trusted entities. Combinations of these schemes may also work. If these entities all exist within one trust domain, which you control, then fine, but what if they're distributors, or customers, or partners, or other banks, or manufacturers, or semi-autonomous drones, or vehicles in a commercial fleet? You really need to ensure that the trust relationships that you're encoding into your implementation/deployment truly reflect the legal and IRL [in real life] trust relationships that you have with the entities that are being represented in your system. And the problem is that, once you've deployed that system, it's likely to be very difficult to backtrack, adjust, or reset the trust relationships that you've designed."



Security updates for Thursday

2017-12-07T14:00:07+00:00

Security updates have been issued by CentOS (firefox, java-1.7.0-openjdk, kernel, liblouis, qemu-kvm, sssd, and thunderbird), Debian (heimdal and nova), openSUSE (shibboleth-sp), Oracle (java-1.7.0-openjdk), Red Hat (Red Hat OpenShift Enterprise), Scientific Linux (openafs), SUSE (kernel), and Ubuntu (rsync).



[$] LWN.net Weekly Edition for December 7, 2017

2017-12-07T00:12:52+00:00

The LWN.net Weekly Edition for December 7, 2017 is available.



[$] Mozilla releases tools and data for speech recognition

2017-12-06T22:54:32+00:00

Voice computing has long been a staple of science fiction, but it has only relatively recently made its way into fairly common mainstream use. Gadgets like mobile phones and "smart" home assistant devices (e.g. Amazon Echo, Google Home) have brought voice-based user interfaces to the masses. The voice processing for those gadgets relies on various proprietary services "in the cloud", which generally leaves the free-software world out in the cold. There have been FOSS speech-recognition efforts over the years, but Mozilla's recent announcement of the release of its voice-recognition code and voice data set should help further the goal of FOSS voice interfaces.




[$] Who should see Python deprecation warnings?

2017-12-06T20:43:46+00:00

As all Python developers discover sooner or later, Python is a rapidly evolving language whose community occasionally makes changes that can break existing programs. The switch to Python 3 is the most prominent example, but minor releases can include significant changes as well. The CPython interpreter can emit warnings for upcoming incompatible changes, giving developers time to prepare their code, but those warnings are suppressed and invisible by default. Work is afoot to make them visible, but doing so is not as straightforward as it might seem.



[$] Container IDs for the audit subsystem

2017-12-06T17:56:31+00:00

Linux containers are something of an amorphous beast, at least with respect to the kernel. There are lots of facilities that the kernel provides (namespaces, control groups, seccomp, and so on) that can be composed by user-space tools into containers of various shapes and colors; the kernel is blissfully unaware of how user space views that composition. But there is interest in having the kernel be more aware of containers and for it to be able to distinguish what user space considers to be a single container. One particular use case for the kernel managing container identifiers is the audit subsystem, which needs unforgeable IDs for containers that can be associated with audit trails.




Announcing sources.debian.org

2017-12-06T16:18:45+00:00

The Debian project has announced the launch of sources.debian.org, a site that enables browsing of the source code for every package shipped with the Debian distribution. "You may already know this service as previously hosted at sources.debian.net . We took the move to Debian hardware as the opportunity to officially announce it here."



Security updates for Wednesday

2017-12-06T16:12:26+00:00

Security updates have been issued by CentOS (samba4), Mageia (libxcursor and libxfont/libxfont2), openSUSE (exim, GraphicsMagick, graphviz, pdns, and pdns-recursor), Oracle (firefox and liblouis), Red Hat (java-1.7.0-openjdk), Scientific Linux (java-1.7.0-openjdk), SUSE (firefox, shibboleth-sp, and xen), and Ubuntu (linux-firmware).



[$] Trying Tryton

2017-12-05T22:56:07+00:00

The quest to find a free-software replacement for the QuickBooks accounting tool continues. In this episode, your editor does his best to put Tryton through its paces. Running Tryton proved to be a trying experience, though; this would not appear to be the accounting tool we are searching for.



Stable kernel updates

2017-12-05T15:59:44+00:00

Stable kernels 4.14.4, 4.9.67, 4.4.104, and 3.18.86 have been released. They all contain important fixes and users should upgrade.