Advertisement
Front, Kernel, Security, Distributions, Development. See your byline here on LWN.net.
| |||||||||||||
|
| |||||||||||||
Welcome to LWN.netHeadlines for May 30, 2012The Design of LLVM (Dr. Dobb's)
[Development] Posted May 30, 2012 14:25 UTC (Wed) by corbet
Dr. Dobb's has a moderately detailed overview of the design of LLVM by Chris Lattner. "In particular, LLVM IR is both well specified and the only interface to the optimizer. This property means that all you need to know to write a front end for LLVM is what LLVM IR is, how it works, and the invariants it expects. Since LLVM IR has a first-class textual form, it is both possible and reasonable to build a front end that outputs LLVM IR as text, then uses UNIX pipes to send it through the optimizer sequence and code generator of your choice. It might be surprising, but this is actually a pretty novel property to LLVM and one of the major reasons for its success in a broad range of different applications. Even the widely successful and relatively well-architected GCC compiler does not have this property: its GIMPLE mid-level representation is not a self-contained representation."
What's new in Fedora 17 (The H)
[Distributions] Posted May 29, 2012 23:41 UTC (Tue) by ris
The H has a nice summary of the new features in Fedora 17. "Of the many changes made, the two that stand out are software rendering for GNOME Shell and the sandbox function for isolating applications. These, and many other changes, are likely to find their way into other distributions soon. Time will tell whether that will also be the case for the much-discussed filesystem reorganisation."
Google launches Chromebook, Chromebox and gets it right (GigaOm)
[Announcements] Posted May 29, 2012 20:39 UTC (Tue) by corbet
GigaOm reviews the new Chromebook from Samsung, along with the associated desktop "Chromebox" device. "The ChromeOS and the devices based on the OS have reached a point in maturity where they can be used as an 'optional' or second computer. It is also benefiting from the fact that most of us have become used to living and working inside the browser."
Security updates for Tuesday
[Security] Posted May 29, 2012 20:26 UTC (Tue) by ris
Fedora has updated php (F16; F15: code execution), php-eaccelerator (F16; F15: code execution), maniadrive (F16; F15: code execution), ikiwiki (F17; F16; F15: cross-site scripting), xinetd (F16; F15: service disclosure flaw), F17: sudo (privilege escalation), F17: openssl (denial of service), F17: python-tornado (HTTP header injection), F16: kernel (denial of service), F16: dokuwiki (cross-site scripting/request forgery), and F16: libreoffice (code execution). Gentoo has updated chromium, v8 (multiple vulnerabilities). Mandriva has updated pidgin (multiple vulnerabilities), util-linux-ng (denial of service), and ncpfs (/etc/mtab truncation). openSUSE has updated sudo (privilege escalation), python-django (multiple vulnerabilities), jakarta-poi (denial of service), cobbler (remote code execution), chromium, v8 (multiple vulnerabilities), wireshark (denial of service), net-snmp (denial of service), and mailman (information disclosure). Ubuntu has updated 11.10: kernel (multiple vulnerabilities), 10.04 LTS: ec2 kernel (multiple vulnerabilities), 8.04 LTS: kernel (denial of service).
Fedora 17 released
[Distributions] Posted May 29, 2012 14:44 UTC (Tue) by corbet
The Fedora 17 release is out. "Frankly, we believe this is the beefiest release ever -- chock full of condiments, more commonly known as Features, to customize your experience to your tastes. We take pride in our toppings, and in our fine ingredients; Fedora 17 includes both over- and under-the-bun improvements that show off the power and flexibility of the advancing state of free (range) software." Details can be found in the Fedora 17 feature list.
SFC expands compliance efforts to Samba and the Linux kernel
[Announcements] Posted May 29, 2012 14:09 UTC (Tue) by jake
The Software Freedom Conservancy has announced that the Samba project (which, like BusyBox, is another of SFC's member projects) will be engaging in license compliance efforts with the organization. In addition, it announced a new "GPL Compliance Project for Linux Developers" that is working with seven Linux kernel copyright holders to work on compliance for their copyrights in the kernel. "Matthew Garrett, an accomplished Linux kernel developer, was the first to put forward his copyrights as part of the GPL Compliance Project for Linux Developers, and was quickly joined by six other individuals. In a statement today, Matthew noted: 'For some time, many Linux kernel copyright holders have offered our moral support to the BusyBox enforcement efforts through Conservancy, but didn't have the ability to formalize that support. I'm glad to put my copyrights forward for this new initiative, and welcome any Linux kernel copyright holders who wish to join us to reach out to Conservancy via <compliance@sfconservancy.org>.'"
[$] Relicensing and rebasing LibreOffice
[Front] Posted May 28, 2012 16:53 UTC (Mon) by corbet
Projects the size of LibreOffice often tend to get a little unwieldy; the size of the code is such that even seemingly trivial tasks like removing dead code can take a long time. Considering the sheer size of the project and the fact that its copyright ownership is distributed, it would be natural to doubt the sanity of anybody proposing to simultaneously move 1.5 years worth of work to a new base and adopt a new license. But that is just what LibreOffice has in mind. Click below (subscribers only) for the full report.
This Cadillac Is Powered by Linux (Wired)
[Announcements] Posted May 25, 2012 19:03 UTC (Fri) by jake
Wired is impressed with the Linux-powered in-vehicle infotainment (IVI) system in the most recent Cadillac XTS. "While the XTS’ spate of processors and controllers isn’t running the open source offspring of Linus Torvalds, the game-changing infotainment intender known as the Cadillac User Experience (CUE) is. [...] Buried deep within the dash is a three-core ARM 11 processor, powering two displays: one eight-inch capacitive touch screen — the first non-resistive display to come to a production car — and a second, 12.3-inch fully configurable instrument cluster mounted behind the steering wheel. Two of those cores adapt on the fly to handle voice commands powered by the same Nuance technology used by many automakers, along with Apple’s personal assistant, Siri. But with CUE, everything is processed on board."
Friday's security advisories
[Security] Posted May 25, 2012 18:21 UTC (Fri) by jake
Debian has updated request-tracker3.8 (multiple vulnerabilities). openSUSE has updated cobbler (two vulnerabilities). Ubuntu has updated openssl (multiple vulnerabilities).
Fedora 17 ARM Beta Release
[Distributions] Posted May 25, 2012 16:24 UTC (Fri) by jake
A Fedora 17 beta for ARM is now available. There are a number of images provided for various targets ("QEMU, Trimslice, Beagleboard XM and iMX based hardware platforms.") "We invite you to take part in making Fedora 17 for ARM a solid release by downloading, testing, and providing your valuable feedback. Please join us on the IRC in #fedora-arm on Freenode or send feedback and comments to the ARM mailing list."
Android Malware Genome Project launched (The H)
[Security] Posted May 24, 2012 22:34 UTC (Thu) by n8willis
The H covers the debut of the Android Malware Genome Project by researchers from North Carolina State University. The team "has already collected more than 1,200 samples of Android malware, including GingerMaster and DroidKungFu, and has organised them into various malware families. [Xuxian] Jiang told Dark Reading that 'the purpose is to engage the research community to better our understanding of mobile threats and develop effective solutions against them.'" Access to the data set, however, is restricted.
RPM 4.10 released
[Development] Posted May 24, 2012 19:39 UTC (Thu) by n8willis
Panu Matilainen announces the release of RPM 4.10.0. Most of the changes targeted robustness and correctness, but a few new features crept in as well, including support for parsing the tilde (~) operator in package version numbers.
Thursday's security updates
[Security] Posted May 24, 2012 18:18 UTC (Thu) by n8willis
Debian has updated sudo (privilege escalation) and libxml2 (arbitrary code execution). Mandriva has updated ES 5.0 firefox (multiple vulnerabilities). Ubuntu has updated net-snmp (denial of service).
SSL fix flags forged certificates before they're accepted by browsers (Ars Technica)
[Security] Posted May 24, 2012 14:57 UTC (Thu) by n8willis
Over at Ars Technica, Dan Goodin writes about Trust Assertions for Certificate Keys (TACK), a proposed extension to SSL/TLS designed to discover fake certificates before they are accepted. "The opt-in system works by allowing SSL sites to sign valid SSL certificates, the domain name, and an expiration date with a TACK key. Once an end user has visited the site a few times using a TACK-compatible browser, a 'pin' for that site is activated on the user's computer. If the end user later encounters a forged certificate for that same site—as was the case when DigiNotar was breached—the browser will reject the session and return a warning to the user." One of TACK's co-creators is Moxie Marlinspike, who proposed the Convergence alternative certificate-management framework in 2011.
GCC Explorer - an interactive take on compilation
[Development] Posted May 24, 2012 13:23 UTC (Thu) by corbet
Matt Godbolt announces GCC explorer, a web-based tool for exploring how code tweaks change the machine code emitted by the compiler. "Particularly with some of the newer features of C++11 — lambdas, move constructors, threading primitives etc — it’s nice to be able to see how your elegant code becomes beautiful (and maybe even fairly optimal) machine code." The GCC explorer code is on github for those who want to set up their own instance.
[$] LWN.net Weekly Edition for May 24, 2012
Posted May 24, 2012 1:24 UTC (Thu)The LWN.net Weekly Edition for May 24, 2012 is available. Inside this week's LWN.net Weekly Edition
Google wins patent case against Oracle
[Announcements] Posted May 23, 2012 18:22 UTC (Wed) by corbet
Groklaw has the news: the jury in Oracle v. Google has found that Google did not infringe any of Oracle's patents.
Simon Phipps is the new OSI President (The H)
[Announcements] Posted May 23, 2012 17:54 UTC (Wed) by ris
The H covers an announcement by the Open Source Initiative that Simon Phipps is the new president of the organization. "Phipps has already been spearheading an OSI reform process, working with the rest of the board to open up the organisation. That process has led to the creation of Open Source Initiative affiliation, bringing the Apache Software Foundation, FreeBSD, Eclipse, Mozilla, Debian, and Creative Commons, along with other organisations, on board as affiliates. "There will be further developments in that scheme soon, and we'll have much more to announce in other areas as the year progresses" said Phipps by email."
Wednesday's security updates
[Security] Posted May 23, 2012 17:43 UTC (Wed) by ris
Mandriva has updated 2011.0: wireshark (denial of service). Oracle has updated postgresql, postgresql84 (OL6; OL5: multiple vulnerabilities), OL5: postgresql (multiple vulnerabilities), OL5: kvm (multiple vulnerabilities), and OL6: bind-dyndb-ldap (denial of service). Red Hat has updated RHEL5&6: flash-plugin (code execution). SUSE has updated SLE10 SP4: openssl (exploitable vulnerabilities). Ubuntu has updated 12.04: feedparser (denial of service).
LLVM 3.1 released
[Development] Posted May 23, 2012 15:00 UTC (Wed) by corbet
Version 3.1 of the LLVM compiler suite is out. "This release represents approximately 6 months of development over LLVM 3.0, delivers a vast range of improvements and new features. Some of the most visible features include greatly expanded C++'11 support in Clang (including lambdas, initializer lists, constexpr, user-defined literals, and atomics); AddressSanitizer, a fast memory error detection tool which uses instrumentation to find bugs; "instruction bundles" support in the late code generator, allowing much better support for VLIW targets; an ARM integrated assembler which speeds up ARM compile time and enables new features for the ARM target; major enhancements to the MIPS backend (including support for MIPS64); a new port for the Qualcomm Hexagon VLIW processor, Python bindings, and much much more." See the release notes for details.
|
|
||||||||||||