LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
업데이트: 6분 7초 지남
목, 2024/03/21 - 6:07오전
Version 46 of the GNOME desktop
has been released. "GNOME 46 is code-named 'Kathmandu', in recognition
of the amazing work done by the organizers of GNOME.Asia 2023."
Significant changes include a new global search feature, enhancements to
the Files app, improved remote login support, and more.
목, 2024/03/21 - 2:53오전
Cockpit is an interesting
project for web-based Linux administration that has received
relatively little attention over the years. Part of that may be due to
the project's strategy of minor releases roughly every two weeks,
rather than larger releases with many new features. While the strategy
has done little to garner headlines, it has delivered a useful and
extensible tool to observe, manage, and troubleshoot Linux servers.
목, 2024/03/21 - 1:42오전
The Python project has announced three security releases, 3.10.14,
3.9.19,
and 3.8.19.
In addition to the security fixes, these releases are notable for two reasons;
they are the first to make use of GitHub Actions to perform
public builds instead of building artifacts "on a local computer of one
of the release managers", and the first since Python became a
CVE Numbering Authority (CNA).
Python release team member Łukasz Langa said
that being a CNA means Python is able to "ensure the quality of the vulnerability
reports is high, and that the severity estimates are accurate." It also
allows Python to coordinate CVE announcements with the patched versions of
Python, as it has with two CVEs addressed in these releases. CVE-2023-6597
describes a flaw in CPython's zipfile module that made it vulnerable to a zip-bomb exploit. CVE-2024-0450 is an
issue with Python's tempfile.TemporaryDirectory class which could be
exploited to modify permissions of files referenced by symbolic links.
Users of affected versions should upgrade soon.
수, 2024/03/20 - 9:51오후
Security updates have been issued by Debian (fontforge and imagemagick), Fedora (firefox), Mageia (cherrytree, python-django, qpdf, and sqlite3), Red Hat (bind, cups, emacs, fwupd, gmp, kernel, libreoffice, libX11, nodejs, opencryptoki, postgresql-jdbc, postgresql:10, postgresql:13, and ruby:3.1), Slackware (gnutls and mozilla), and Ubuntu (firefox, linux, linux-bluefield, linux-gcp, linux-gkeop, linux-hwe-5.4, linux-ibm,
linux-ibm-5.4, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-aws, linux-aws-5.4, linux-aws, linux-aws-6.5, and linux-oracle, linux-oracle-5.15).
수, 2024/03/20 - 6:18오전
There are a number of different language-enhancement ideas that crop up
with some
regularity in
the Python community; many of them have been debated and shot down multiple
times over the years. When one inevitably arises anew, it can sometimes be
difficult to tamp it down, even if it is unlikely that the idea will go
any further than the last N times it cropped up. A recent discussion about
"real" anonymous functions follows a somewhat predictable path, but there
are still reasons to participate in vetting these "new" ideas, despite the
tiresome, repetitive
nature of the exercise—examples of
recurring feature ideas that were eventually adopted
definitely exist.
수, 2024/03/20 - 1:57오전
Version
124.0 of the Firefox browser is out. Changes include support for
"caret browsing mode" in the PDF viewer and the ability to control the
sorting of tabs in the Firefox View screen.
수, 2024/03/20 - 1:55오전
Security updates have been issued by Debian (cacti, postgresql-11, and zfs-linux), Fedora (freeimage, mingw-expat, and mingw-freeimage), Mageia (apache-mod_security-crs, expat, and multipath-tools), Oracle (.NET 7.0 and kernel), Red Hat (kernel, kernel-rt, and kpatch-patch), and Ubuntu (bash, kernel, linux, linux-aws, linux-hwe, linux-kvm, linux-oracle, linux, linux-aws, linux-kvm, linux-lts-xenial, and vim).
화, 2024/03/19 - 10:39오후
Man Yue Mo
explains
how to compromise a Pixel 8 phone even when the Arm
memory-tagging extension is in use, by taking
advantage of the Mali GPU.
So, by using the GPU to access physical addresses directly, I'm
able to completely bypass the protection that MTE
offers. Ultimately, there is no memory safe code in the code that
manages memory accesses. At some point, physical addresses will
have to be used directly to access memory.
화, 2024/03/19 - 12:17오전
Kernel developers have long been told that any attempt to allocate memory
might fail, so their code must be prepared for memory to be unavailable.
Informally, though, the kernel's memory-management subsystem implements a
policy whereby requests below a certain size will not fail (in process
context, at least), regardless of
how tight memory may be. A recent discussion on the linux-mm list has
looked at the idea of making
the "too small to
fail" rule a policy that developers can rely on.
월, 2024/03/18 - 11:17오후
Security updates have been issued by Debian (curl, spip, and unadf), Fedora (chromium, iwd, opensc, openvswitch, python3.6, shim, shim-unsigned-aarch64, and shim-unsigned-x64), Mageia (batik, imagemagick, irssi, jackson-databind, jupyter-notebook, ncurses, and yajl), Oracle (.NET 7.0, .NET 8.0, and dnsmasq), Red Hat (postgresql:10), SUSE (chromium, kernel, openvswitch, python-rpyc, and tiff), and Ubuntu (openjdk-8).
토, 2024/03/16 - 5:05오전
Cranelift is an Apache-2.0-licensed
code-generation backend being developed as part
of the Wasmtime runtime for
WebAssembly.
In October 2023, the Rust project made Cranelift available as an optional
component in its nightly toolchain.
Users can now use Cranelift as the code-generation backend for debug builds of
projects written in Rust,
making it an opportune time to look at what makes Cranelift different.
Cranelift is designed to compete with existing compilers by generating
code more quickly than they can, thanks to a stripped-down design that prioritizes
only the most important optimizations.
토, 2024/03/16 - 4:49오전
Zach Mitchell has announced the 1.0 release of Flox, a tool that lets its users install packages from nixpkgs inside portable virtual environments, and share those virtual environments with others as an alternative to Docker-style containers. Flox is based on Nix but allows users to skip learning how to work with the Nix language:
With Flox we're providing a substantially better user experience. We provide the suite of package manager functionality with install, uninstall, etc, but we also provide an entire new suite of functionality with the ability to share environments via flox push, flox pull, and flox activate --remote.
Flox is GPLv2-licensed, and releases are available as RPMs and Debian packages for x86_64 and arm64 systems.
금, 2024/03/15 - 10:12오후
Security updates have been issued by Debian (composer and node-xml2js), Fedora (baresip), Mageia (fonttools, libgit2, mplayer, open-vm-tools, and packages), Red Hat (dnsmasq, gimp:2.8, and kernel-rt), and SUSE (389-ds, gdb, kernel, python-Django, python3, python36-pip, spectre-meltdown-checker, sudo, and thunderbird).
금, 2024/03/15 - 12:00오전
As of this writing, just over 4,900 non-merge changesets have been pulled
into the mainline for the 6.9 release. This work includes the usual array
of changes all over the kernel tree; read on for a summary of the most
significant work merged during the first part of the 6.9 merge window.
목, 2024/03/14 - 11:06오후
Security updates have been issued by Debian (chromium and openvswitch), Fedora (chromium, python-multipart, thunderbird, and xen), Mageia (java-17-openjdk and screen), Red Hat (.NET 7.0, .NET 8.0, kernel-rt, kpatch-patch, postgresql:13, and postgresql:15), Slackware (expat), SUSE (glibc, python-Django, python-Django1, sudo, and vim), and Ubuntu (expat, linux-ibm, linux-ibm-5.4, linux-oracle, linux-oracle-5.4, linux-lowlatency, linux-raspi, python-cryptography, texlive-bin, and xorg-server).
목, 2024/03/14 - 9:17오전
The LWN.net Weekly Edition for March 14, 2024 is available.
목, 2024/03/14 - 3:08오전
Kaitlyn Abdo of Fedora's AI/ML
SIG opened an issue with the
Fedora Engineering Steering Committee (FESCo) recently that carried a few tricky
questions about packaging machine-learning (ML) models for Fedora.
Specifically, the SIG is looking for guidance on whether pre-trained weights for
PyTorch constitute code or content. And, if the models are released under a
license approved by the
Open Source Initiative (OSI),
does it matter what data the models were trained on? The issue was quickly
tossed over to Fedora's legal
mailing list and sparked an interesting discussion about how to
handle these items, and a temporary path forward.
수, 2024/03/13 - 9:54오후
Security updates have been issued by Fedora (edk2, freeipa, kernel, and liblas), Oracle (kernel), Red Hat (docker, edk2, kernel, kernel-rt, and kpatch-patch), SUSE (axis, fontforge, gnutls, java-1_8_0-openjdk, kernel, python3, sudo, and zabbix), and Ubuntu (dotnet7, dotnet8, libgoogle-gson-java, openssl, and ovn).
수, 2024/03/13 - 5:20오후
The
pidfd abstraction is a Linux-specific
way of referring to processes that avoids the race conditions inherent in
Unix process ID numbers. Since a pidfd is a file descriptor, it needs a
filesystem to implement the usual operations performed on files. As the
use of pidfds has grown, they have stressed the limits of the simple
filesystem that was created for them. Christian Brauner has
created
a new filesystem for pidfds that seems likely to debut in the 6.9
kernel, but it ran into a little bump along the way, demonstrating that
things you cannot see can still hurt you.
페이지