Welcome to LWN.net

LWN featured content

Owners of Android handsets can be forgiven for feeling frustration over how long it took to get an update from the 2.3 "gingerbread" release. Google's flat-out effort to improve tablet support led to a 3.0 ("honeycomb") release that was not deemed suitable for handset use—or for open-source release. It was only with the 4.0 "Ice Cream Sandwich" cycle that all that new code became available for handsets—sort of. Six months after the 4.0 release, your editor finally got his hands on a device that can run it; what follows is a review of sorts.

Full Story (comments: 101)

The PostgreSQL project has just released a beta of its next major version, 9.2. As usual with its annual release, this version includes many new features, most of which are targeted at improving database performance. The developers have been hard at work improving response times, increasing multicore scalability, and providing for more efficient queries on large data. They also found time to include some other major features, so let's explore a few of the things 9.2 beta has to offer.

Guest author Josh Berkus does just that in the full article from this week's edition.

Full Story (comments: 13)

Bcache is a mechanism for using a solid-state drive as a fast cache for one or more slower drives. LWN last looked at bcache almost two years ago. Since then, the project has been relatively quiet, but development has continued. Click below (subscribers only) for an update on bcache from this week's Kernel Page.

Full Story (comments: 34)

Attentive long-time readers of LWN may remember that this business is based entirely on free software with one distressing exception: our business accounting is still done using the proprietary "QuickBooks Pro" package. QuickBooks does not lack for aggravations, but the task of replacing it has never quite attained a high enough priority for something to actually happen. Good replacements in the free software community are hard to come by, accounting is boring, our accountant deals easily (and cheaply) with QuickBooks files, and the existing solution, for the most part, simply works. Or, at least, it used to simply work.

Full Story (comments: 69)

LWN is pleased to post the first article from our latest guest author: Dave Phillips. Dave writes: "My jet lag is gone, I've finally come back to ground, and at last I can start to sort out my experiences at the 10th annual Linux Audio Conference, held this year at CCRMA, the Center For Computer Research In Music And Acoustics at Stanford University in Palo Alto, California USA. It was the first time the event had been held in the States, and the organizers obviously intended to make a good impression. I'll cut to the spoiler right now to let you know that they succeeded, with honors." Click below (subscribers only) for the full report.

Full Story (comments: 7)

One of the few hard rules of kernel development is that breaking the user-space binary interface is not acceptable. If there is user-space code that depends on specific behavior, that behavior must be maintained regardless of how inconvenient that may be. But what is to be done if two different programs depend on mutually-incompatible behaviors, so that it is seemingly impossible to keep them both working? The answer may be to violate another rule by putting an ugly hack into the kernel—or to do something rather more tricky.

Click below (subscribers only) for the full article from this week's Kernel Page.

Full Story (comments: 57)

Concurrency tends to make programming hard. Kernel development obviously involves dealing with a lot of concurrency, but there is also a lot of multi-threaded user-space development that suffers from the same issues. It would be nice if the computer could help developers avoid race conditions and other problems that arise in concurrent environments. Some developers at Google have been working on just such a project for some time, but they have just relocated the project from GCC to the LLVM Clang compiler, saying that GCC is not suited to the work they want to do. The result has been a sort of wake-up call for GCC developers. Is the GCC compiler suite not well suited to the creation of static analysis tools?

Full Story (comments: 75)

The core library that sits between user space and the kernel, the GNU C library (or GLIBC), has undergone some changes recently in its governance, at least partly to make it a more inclusive project. On the last day of the Linux Foundation Collaboration Summit, Carlos O'Donell gave an update on the project, the way it will be governed moving forward, and its plans for the future. GLIBC founder Roland McGrath was on hand to contribute his thoughts as well. Click below (subscribers only) for the full report.

Full Story (comments: 8)

Messages from the kernel are created by humans, usually using one of the many variants of the printk() function. But, increasingly, those messages are read by machines in the form of log file parsers, automated management systems, and so on. The machines have, for some time, struggled to make sense out of those human-created messages which, often as not, are unpredictable in their organization, lacking important information, and subject to change. So it is not surprising that there has been ongoing interest in adding some structure to kernel log messages; the subject was recently raised by the audience at the Collaboration Summit kernel panel. At about the same time, a new attempt to improve kernel logging was posted to the linux-kernel mailing list; click below (subscribers only) for a report from next week's Kernel Page.

Full Story (comments: 68)

Keith Packard has been working on the X window system since the early days, but more recently has been doing lots of work to enable its replacement. X has long held the position as the way that graphics is done on Linux (and other Unix) systems, but that is changing. He came to the Linux Foundation Collaboration Summit, which was held April 3-5 in San Francisco, to talk about the Wayland protocol and the Weston server, and how they could interoperate with X. Wayland looks to be an interesting change for desktop graphics on Linux.

Full Story (comments: 180)

Current news

Michael Larabel at Phoronix explores how the X.org developer community is grappling with its patch-review process. ""David Airlie commented on the developers' mailing list about the lack of patch review for the new API patches, he wonders how he's 'going to get the next 50 patches in at this rate some time this year.' Alan Coopersmith then responded with how there seems to be a harder time overall in getting patch reviews done. Coopersmith says, 'I've got no ideas how to fix this quickly, but we need to get it fixed.'"

Comments (2 posted)

Martin Davis of the JTS Topology Suite project points readers to an article in Nature arguing that open source software should be a standard requirement for peer-reviewed science. "The paper raises the argument for open source software to a higher plane, that of being a necessary component of scientific proof. It points out that the increasing use of computational science as a basis for scientific discovery implies that open source must become a standard requirement for documentation. Apparently some journals such as Science already require source code to be supplied along with submissions of articles."

Comments (9 posted)

Debian has updated openssl (integer underflow).

Fedora has updated F16: pidgin-otr (format string vulnerability), F16: drupal6-og (upstream security update).

Ubuntu has updated 10.04: kernel (multiple vulnerabilities), backuppc (cross-site scripting), and update-manager (multiple vulnerabilities).

Comments (none posted)

Fedora Project Leader Robyn Bergeron announced that the release of Fedora 17 has been delayed by one week, to May 29. "GA [General Availability] for F17 is now scheduled for 2012-05-29. Adjustments to the schedule and wiki will be completed later today. We will be meeting again next Thursday, 2012-05-24, for another Go/No-Go meeting." The decision was reached in order to close four outstanding blockers. A second F17 release candidate (RC2) will be spun in the interim.

Comments (19 posted)

The Mandriva Blog contains a short posting stating Mandriva SA's intent to hand control of the distribution over to the community. "This means that the future of the distribution will not be arbitrary decided by the Mandriva company anymore, but we intend to let the distribution evolve in and under the caring responsibility of the community. Mandriva SA will of course be a part of this entity and will support it with direct contributions." How the governance of this community will work is to be worked out.

Comments (5 posted)

Over at the Guardian, Cory Doctorow writes about two problems that govern the relationship between politics and technically oriented folks ("nerds" in Doctorow-speak): "nerd determinism" and "nerd fatalism". "But, while it's true that geeks can get around this sort of thing – and other bad network policies, such as network-level censorship, or vendor locks on our tablets, phones, consoles, and computers – this isn't enough to protect us, let alone the world. It doesn't matter how good your email provider is, or how secure your messages are, if 95% of the people you correspond with use a free webmail service with a lawful interception backdoor, and if none of those people can figure out how to use crypto, then nearly all your email will be within reach of spooks and control-freaks and cops on fishing expeditions."

Comments (13 posted)

Debian has updated openoffice.org (code execution) and ikiwiki (cross-site scripting).

Mandriva has updated imagemagick (2010.1, ES 5.0; 2011.: multiple vulnerabilities).

SUSE has updated openssl (SLE 11: two vulnerabilities).

Ubuntu has updated sudo (privilege escalation).

Comments (none posted)

The H reports on a vulnerability in sudo when it is configured for IP-based restrictions on users (typically only for centrally managed sudoers files). "When the developers added IPv6 support, they inadvertently made the matching routine used for IPv4 networks call the IPv6 matching routines when no IPv4 match was found. Because the IPv6 fields would be uninitialised, it was possible for the system to think it had found a match where there wasn't one. Finding a match would, in turn, mean permission would be granted for whatever command the rule was controlling, even when the system was on a different network."

Comments (none posted)

IBM has announced that the paperwork has been signed and that the contribution of the Lotus Symphony code to OpenOffice will happen shortly. "The successful delivery of Apache OpenOffice 3.4 has enabled us to finalize our grant with the the Apache Software Foundation and initiate this new phase of effort within the community. This is about envisioning a future for Apache OpenOffice that builds on the best code we can offer together with the best developers who have mastered it." For those wondering about what this code offers, there is a Symphony Contribution wiki page describing the most interesting features.

Full Story (comments: 48)

CentOS has updated C6: kernel (denial of service).

Debian has updated gridengine (privilege escalation).

Fedora has updated bind-dyndb-ldap (F16; F15: denial of service), F16: samba4 (remote code execution), F15: kernel (unfiltered netdev rio_ioctl access by users), and F15: expat (denial of service).

Gentoo has updated connman (code execution).

Red Hat has updated RHEL6: kernel (denial of service) and MRG2.1: kernel-rt (multiple vulnerabilities).

Comments (none posted)

--> More news items