LWN.net Weekly Edition for October 30, 2008 [LWN.net]

Directions for GNOME 3.0

October 29, 2008

This article was contributed by Jonathan Roberts

Earlier this year at the Gnome Users and Developers Conference, it was announced that there would be a Gnome 3.0 and discussions about how to make the transition are now open. Since then, there has been another gathering of Gnome developers, discussing and making plans about how they would like to modernize the interface. Over the past few days, a number of blog posts have appeared on Planet Gnome discussing some of the happenings at this five day event, and I felt a summary of the ideas so far might be useful to everyone concerned.

The Journal

The idea that has perhaps received the clearest exposition, along with some concrete work on beginning to make it a reality, is a refreshed way to handle day to day file management based on the OLPC's journal concept. Federico Mena-Quintero posted to his blog reporting his teams brainstorming session. What's wrong with how we handle file management today? Federico says:

Let's consider a very common workflow: download an image from a web site, make some modifications to it, and attach it to an e-mail. When you do "save image as" in your web browser, it will default to ~/Downloads or even ~/Desktop. When you do "file/open" in the GIMP, it will default to the last directory you used in the GIMP, even if it was from days ago (on my machine right now, the GIMP defaulted to look at files from ~/src/some-random-directory) ... The end result is that your workflow gets shattered to pieces, as programs try to be helpful within themselves, but they totally fail at being helpful within your workflow.

So, programs contribute to having files scattered around everywhere, and there is no easy way to look at everything together.

To solve this problem, they began from the premise that humans are fairly good at knowing when they did things: "I started typing my homework last Monday, because I knew it was due on my Thursday class" and "I mailed you that photo two weeks ago, right after my birthday party" were the examples given. From here, the argument is that if we can present users with a journal view of what they did, they can forget about where they put a file and just browse through a time line to find what they were looking for.

The journal would not only keep track of files you created, but websites you visited, IM conversations you had, and even allow you to make notes about particular entries. An example of this final kind of functionality might be noting down reference numbers from receipts or customer service representatives.The other two major features of the journal would be the ability to star important items, so they're kept in a separate section, along with the ability to create files from directly within the journal, allowing it to act as a kind of scrap book.

As well as Federico's own proof of concept implementation, you can also find similar ideas in Mayanna's timeline, a fork of Gimmie, and the Nemo file manager.

Task Orientation

This post didn't arise out of the User Experience Hackfest, but from GUADEC earlier in the year. Karl Lattimer has posited that the application centric workflow is broken, and that people don't use a computer with the intention of using a particular application, but with the intention of completing a particular task. Obviously tasks rarely stand on their own, but often form part of a larger project.

Karl comments that he believes Federico is making moves in the right direction with the journal, providing users with the capacity to track what they did and when - perhaps a kind of project management framework - but he believes that we also need to provide users with the ability to track why things were done, gathering metadata about the tasks and building a picture of the relationships between them. The example he uses is that of an email received from a colleague asking us to update a file by a certain deadline: from this we could extract the file, the deadline, who sent it to us, and possibly even what needs doing to the file, all of which could be fed into the journal or other interface. This obviously has some practical challenges when it comes to considering how it could be implemented, but if realized could deliver an automated task list that's closely linked with templates for commonly performed tasks, doing away with the idea of static workspaces and applications for ever.

Karl sums up his thoughts nicely in this paragraph:

For us to get there we need to invent some cool stuff, semantics is one part, organising the data by what it is rather than where it is, especially when the user has a tendency to loose things in the jungle of file systems. Journals and revision control are another part of it, remembering what we've been doing and when, but also templates and schema's are part of it too, hiding the notion of an application behind the tasks you want to achieve and the things you want to get done.

The Desktop Shell

During this hackfest session, the team tried to forget about the current Gnome interface and focus on what makes sense for users; ironically, Vincent Untz decided to start his post, about how the team forgot about the current Gnome interface, with some observations of the current Gnome interface. The problems he identified in the current interface were four-fold. Firstly, finding the window you want can be difficult when using the default applet, particularly if you have more than a few windows open, and particularly if you have a smaller screen. Secondly, few people make use of the multiple workspaces idea, largely because they were just unaware of their existence. Thirdly, application menus are a slow and inefficient way to open up new applications; some take advantage of launchers or the run dialog to improve on this, but most don't know how to do this. And finally, the current panel is certainly very powerful, but its power is wasted in unneeded flexibility such as being able to position the panel in the middle of the screen.

Perhaps the most controversial proposal to fix these problems so far is to restrict Gnome to a single static panel: by removing one panel we'd be saving valuable screen real estate, and by having a layout we can depend on we'd be able to use "hot corners" more effectively, allowing users to easily set their presence, as well as to launch a new "activities overlay mode". While the idea of a single panel hasn't raised too much concern, the static point has: Mathias Hasselmann responds with "Static Panel Nonsense", suggesting that many Gnome users, himself included, as well as Mac OS and Windows users, heavily customize the layout of their panels with custom launchers, and to improve something by removing existing functionality is not a good approach.

The most promising proposal from my point of view, and what seems to be a common OLPC inspired train of thought amongst Gnome's community, is the notion of activities. An activity is essentially what Karl Lattimer described as a project, made up of individual tasks, and what many Gnome users organize into separate work spaces in the current environment. In the current Gnome environment, Vincent argues, activities and work spaces are static: a user configures 8 desktops and sticks with them. His proposal is that activities should be far more flexible, and if a user wants to start a new one then we should help them by creating a new desktop automatically.

Where Next

Reportedly the release team are busy preparing a plan for how we can move from Gnome 2.x to 3.0, with the current plan appearing to be that what would have been called 2.30 will become 3.0. In this time frame, the very least of what we can expect to see is a revamped Gtk+, but what changes the user can expect to see is far harder to tell as there are no known plans for a radical interface overhaul like that seen during the development of KDE 4. Instead, it appears that the Gnome release team are planning on sticking to their current principles with regard to what features will become a core part of the desktop stack: adoption by popular distributions, stability, and a proven track record will all be required for features to make it in. This may seem like it rules out huge amounts of innovation, but there are a number of existing frameworks in Gnome that are very exciting (PolicyKit, PackageKit, Clutter, GVFS, desktop search, D-Conf, online desktop), and perhaps the 3.0 development cycle will see these mature and finally deliver on their promise of revolutionizing the user experience, with many of these technologies forming the backbone of the ideas discussed in this article.

Comments (45 posted)

Debian's election season: old firmware and new contributors

By Jonathan Corbet
October 29, 2008

Longtime LWN readers will be aware of your editor's tendency toward the publishing of wild predictions at the beginning of each year. The 2007 predictions irritated some Debian developers and users by suggesting that, after getting the Etch release out the door, the project would go back to arguing about firmware issues. At the end of the year, it became necessary to acknowledge that this prediction, like so many others, had failed to come to pass. In retrospect, the error in this prediction was obvious: the Debian Project traditionally saves the firmware argument for the end of the release process. After all, they need to find some way to delay a release once it's looking close to ready.

The problem with firmware, of course, is that it is a binary blob lacking the corresponding source, and, sometimes, even a license allowing its distribution. Many developers and users see that blob as being part of the hardware; as long as the blob is distributable, it does not bother them. Others, though, regard firmware blobs as proprietary software and their incorporation into the kernel as a GPL violation. The Debian Project, which promises to deliver a 100% free distribution to its users, houses many developers from the latter camp. These developers, who see firmware distribution as a violation of the project's social contract, can be counted upon to raise the issue each release cycle.

In 2004, the project responded by passing a general resolution suspending some social contract provisions through September 1 of that year on the reasoning that it would be long enough to get the Sarge release done. Putting a date on a Debian release tends to be a mistake, though; Sarge was not finished until June, 2005. By unspoken consensus, that date was somehow deemed to have fallen before September 1, 2004. In 2006, the project voted again on firmware. Having learned from experience, the exception they allowed this time lacked a date, simply saying that the presence of binary-only firmware in the Etch release was something the project was willing to tolerate.

The 2008 discussion started when Ben Finney pointed out that a number of firmware-related entries in the Debian bug tracking system had been quietly marked "lenny-ignore" - not relevant to the upcoming Lenny release. This action, many have subsequently argued, runs counter to the social contract and constitution, which do not allow the shipping of non-free software to be swept under the carpet in this way. They would, instead, like to see the kernel team remove the (relatively few) firmware blobs remaining in the kernel. Such a change, it is said, should be relatively easy; recent changes within the kernel are helpful in this regard - though said changes became available in 2.6.27, which is not the kernel expected to be shipped with the Lenny release. For the 2.6.26 kernel used by Lenny, Ben Hutchings reports that he has done the necessary work to excise the remaining firmware.

On the other side, there are developers who are more concerned about (1) getting the Lenny release out as quickly as possible, and (2) making sure that hardware Just Works for Lenny users. They would rather that the process of removing firmware continue independently of (and without delaying) the Lenny release.

This is Debian that we're talking about, so the issue will probably be decided by way of a general resolution. There are currently two sets of resolutions being circulated, though neither has reached a final state for voting. The first set addresses the Lenny question, providing two options: either delay Lenny until the firmware removal work is complete, or accept that - just once more, really this time, honest - a major Debian release will include some firmware in its kernel. (The "ship Lenny" option is actually two options, one allowing firmware and one allowing Debian Free Software Guidelines violations in general). What the project will decide once this resolution comes to a vote is unclear - but Debian's developers have always voted to get the release out in the past.

The second proposal addresses what happens after the Lenny release; it says that any package which violates the Debian Free Software Guidelines for more than 180 days will be forced into the non-free repository. The clear hope here is to ensure that this tiresome discussion doesn't happen yet again in the next release cycle. By the time the next release is getting close to ready, any non-compliant packages will have long since been banished to the non-free wasteland. If it ever comes down to moving the kernel to non-free, though, one can assume that the discussion will resume with a vengeance.

Developers, Members, Maintainers, and Contributors

Meanwhile, a different disagreement is headed toward - you guessed it - a general resolution. Long-time Debian watchers have noted that another recurring topic of debate is the acceptance of new developers. The new maintainer process involves long delays, tests of ideological purity, and more. Even when it works smoothly (which seems to generally be the case in recent years) it requires a certain amount of patience and determination on the part of an aspiring Debian Developer.

The difficulty of the process is a design feature; Debian developers occupy a position of some trust, and the project wants to make sure that applicants are serious. Over time, though, it has become clear that this process is costing the project the time and energy of talented contributors who do not wish to jump through all the hoops. In response, the project created a "Debian maintainer" designation which allows the uploading of packages, but withholds many of the other privileges enjoyed by full developers. This change appears to have been successful in enabling a larger group of developers to contribute to Debian.

More recently, Joerg Jaspert has proposed lowering the bar to certain types of contribution even further. The proposal reads:

Debian is about developing a free operating system, but there's more in an operating system than just software and packages. If we want translators, documentation writers, artists, free software advocates, et al. to get endorsed by the project and feel proud for it, we need some way to acknowledge that.

To that end, Joerg would create a new "Debian Contributor" classification. Contributors would be those doing translations or documentation; the proposal doesn't say that contributors don't touch code, but one gets that sense. Contributors would still have to jump through some hoops, but they would be fewer. They would not be able to upload packages on their own. The proposal also changes the Debian Maintainer standards, making that designation a little bit harder to get. Finally, the proposal states that all new applicants to the project would become Contributors or Maintainers. Only after a six-month period would they be able to apply for full Debian Developer or Debian Member status -- "Debian Member" being another new category that, while being equivalent to Debian Developer in almost all respects, would not have package upload privileges.

Interestingly, there has not been much discussion of the substance of this proposal. But there has been a fair amount of debate over how it is being done. It would appear that some developers see this change as being imposed by a single project official without the debate that Debian changes normally require. Martin Krafft has further asserted that this kind of change goes beyond Joerg's authority as Debian account manager, a claim that Joerg denies.

So now there are proposed general resolutions being circulated. An early version simply decreed that the proposed changes were "suspended" in favor of changes to be made through a more consensus-oriented process. Later versions soften the language somewhat, and thank Joerg for his effort in this area - but still require a "consensus or general resolution" before changes are adopted. In any form, the clear point of the resolution is to slow down the process and open it up for a wider discussion.

Again, voting has not begun on any specific resolution, so we don't yet know what will even be voted on, much less how it will come out. But we can expect that, as a certain presidential election process finally (thankfully) comes to a close, activity will be picking up on a different set of votes.

Comments (11 posted)

Networking change causes distribution headaches

By Jake Edge
October 28, 2008

A seemingly innocuous change to the networking code that went into the 2.6.27 kernel is now causing trouble for various distributions. Ubuntu, Fedora, and openSUSE are all buttoning up their packages for a release in the near future—with Ubuntu's due this week—so kernel changes are not particularly welcome. Unfortunately, if the problem is not addressed, some users may never be able to download a fix because their TCP/IP won't interoperate with some broken equipment on the internet.

The problem stems from changes that were made to clean up the TCP option code that were merged back in July as part of the 2.6.27 merge window. TCP options are a mechanism to expand the functionality of the protocol as conditions change. There are a handful of commonly used options that the two endpoints of a connection can agree to use, for things like maximum segment size (MSS), window scaling, selective acknowledgment (SACK), and timestamps. Options have been added over time to provide more internet robustness and performance as well as to support higher-bandwidth physical connections.

A perfectly reasonable, if unintended, consequence of the code change was that the the options were put into the header in a slightly different order. According to the relevant RFCs, options can appear in any order in the option section of the TCP header. But, some home and/or internet routers seem to expect a fixed order; refusing to make connections if the order is "wrong". In particular, it would seem that the MSS option needs to appear before the SACK option.

The bug was reported to Ubuntu Launchpad in early September, but not a lot of progress was made until it was added to the kernel.org bugzilla in early October. It seems to have only affected a relatively small number of users—Red Hat's Dave Jones said that there were no reports from users of the rawhide 2.6.27 kernel—as it was rather hardware-specific. This made it difficult to track down for the majority of folks who couldn't reproduce it. Ubuntu user Aldo Maggi, who filed the kernel bug, sets a marvelous example of how to work with the kernel hackers to track down the problem as can be seen in the bugzilla entry.

Eventually, the option re-ordering problem was discovered and a patch was submitted by Ilpo Järvinen that restored the order of the options. Along the way, with help from Mandriva, it was discovered that turning off TCP timestamps by way of:

    sysctl -w net.ipv4.tcp_timestamps=0

worked around the problem without changing the kernel—at the cost of losing the TCP timestamp functionality.

So it would seem that the problem has been solved—the patch has been merged into Linus Torvalds's tree for 2.6.28—but there are still a few unresolved issues. The three distributions that are preparing new releases are all based on 2.6.27, but as yet, there has not been a -stable kernel release that picks up the patch, though it is likely to come fairly soon.

In the meantime, Fedora has added the patch to its kernel in rawhide, so Fedora 10 (and eventually Fedora 9 when it gets rebased on 2.6.27) will have the fix. openSUSE is waiting a bit to see what gets submitted by the kernel networking developers to the -stable team. As Novell/SUSE kernel hacker Greg Kroah-Hartman puts it: "We still have a while to go before the final 11.1 kernel is released, so we feel no pressure here." Unfortunately, Ubuntu got caught very late in its release cycle as 8.10 (or Intrepid Ibex) is due on October 30.

The original plan as outlined by Debian/Ubuntu hacker Steve Langasek was to note the problem in the release notes for 8.10, but not address the underlying problem until after the release:

The kernel fix is known upstream; implementing it requires kernel uploads and installer rebuilds, which it's just not possible to fit in between the release candidate and the release. We will certainly want to include this fix in a kernel update as soon as possible after the release, but this is unfortunately in a class of bugs that we can't fix the week of release (even turning timestamps off requires a kernel upload, unless we want to permanently disable tcp timestamp support for Ubuntu 8.10).

That led many in the Launchpad bug thread to note that it was going to be a real mess, especially for the least technical of users. Nick Lowe sums up the problem:

[...] You should really delay for this if you need more time...

RC shouldn't mean Release ComeHellOrHighWater

The users who are most likely to hit this are home users behind their aged/unmaintained consumer routers who are highly unlikely to understand why they can't access the Web and will just go elsewhere...

Certainly, the release notes are not the first place an affected user would go if they ran into the problem. More than likely, they would just decide that Ubuntu—by extension Linux—is simply broken, so it is a relief to see that Ubuntu eventually relented. For 8.10, the procps package has been changed to work around the problem by turning off timestamps. Once a new kernel package is released with the re-ordering patch included, timestamps can presumably be restored.

This kind of problem—where affected users may not be able to retrieve an update to fix it—should really be part of the definition of a show-stopping (i.e. release date slipping) problem. It was rather galling to some that Ubuntu would consider shipping with this known issue, simply to make its 8.10 release in the 10th month of 2008 (which is how Ubuntu releases are numbered).

Ubuntu is justifiably proud of its record of shipping releases on time, but it cannot do that at the expense of its users. While the workaround that was implemented was suboptimal, perhaps, it does ensure that users—especially non-technical users—won't find that web surfing doesn't work in Linux. It should also allow Ubuntu to release on schedule.

[ Thanks to Nick Lowe for giving us a heads-up about this issue. ]

Comments (62 posted)

Page editor: Jonathan Corbet

Security

Another kind of cookie

By Jake Edge
October 29, 2008

It has become increasingly difficult to use the web without some kind of Flash player, but a little-known "feature" of Flash is causing some privacy concerns. In some ways, Local Shared Objects (LSOs aka Flash cookies) are similar to browser cookies, but there are a number of significant differences as well. In addition, because the dominant Flash player is closed-source, one must depend on Adobe's ability to faithfully implement the security model. In all, Flash cookies are something that web users should be cognizant of.

At its core, an LSO is a chunk of data that is stored on a user's disk based on the domain that the Flash program was downloaded from. Only Flash programs from that domain should have access to the data and, unlike browser cookies, much more data can be stored. By default, 100K bytes can be used per domain, which is a sizable increase from the 4K available for browser cookies. The amount of storage for a Flash cookie can be increased with the assent of the user, or decreased via the management interface.

Another major difference from the now-familiar browser cookies is that the interface for managing them is less-than-obvious. From a given Flash application, there is a "Settings" menu that allows control of the LSOs from that site. To see the sites that have stored Flash cookies or to have more global control over them, one must visit Adobe's site. There are also third-party applications and browser add-ons that will allow more control. A user can also resort to the ultimate control—removing them from the filesystem (~/.macromedia/Flash_Player/#SharedObjects).

There are many benign things that a Flash application might do with a bit of local storage—caching data, storing preferences, etc.—but they can also be used to track users in much the same way that browser cookies are used. Because Flash cookies are less well-known, and harder to manage, though, they may be more effective because they are removed or restricted less often.

Another important thing to note is that there is no requirement that there be a visible Flash application on the web site. A site could embed a Flash application with no visible elements simply to store a cookie. Unless the user has a browser add-on like NoScript, they will get no indication that anything has happened.

Assuming that there aren't any holes in Adobe's implementation of the Flash security model, Flash cookies aren't much different—or more dangerous—than browser cookies. But that assumption is a bit worrisome. For Firefox or other free software browsers, the code can be inspected to verify correct behavior. Either Flash or Firefox could have some flaw that allowed cross-site cookie access (which would be a rather nasty information disclosure vulnerability), but for Flash, we can only take Adobe's word.

Privacy advocates have been successful in getting the idea of deleting browser cookies into the consciousness of concerned users, but Flash cookies seem to have flown below the radar. A recent blog posting that was widely reported has helped to raise the profile of Flash cookies so that users will, hopefully, know that they exist. Those with a desire to strictly control their privacy will be better able to do so. With luck, it may also lead Adobe to provide an easier and more visible interface to manage them as well.

Comments (6 posted)

New vulnerabilities

cman: insecure temp file

Package(s):

cman

CVE #(s):

CVE-2008-4192

Created:

October 23, 2008

Updated:

February 16, 2011

Description:

cman has an insecure temp file vulnerability. From the Red Hat bug report:

A malicious user could precreate a symlink, pointing to the file /tmp/eglog, Subsequent run of the '/sbin/egenera' command would destroy / truncate the target of this link to zero length.

Alerts:

Red Hat	RHSA-2011:0266-01	2011-02-16
Ubuntu	USN-875-1	2009-12-18
Fedora	FEDORA-2008-9458	2008-11-07
Fedora	FEDORA-2008-9458	2008-11-07
Fedora	FEDORA-2008-9458	2008-11-07
Fedora	FEDORA-2008-9042	2008-10-23

Comments (none posted)

cman: insecure temp file

Package(s):

cman

CVE #(s):

CVE-2008-4579

Created:

October 23, 2008

Updated:

February 16, 2011

Description:

cman has an insecure temp file vulnerability. From the Red Hat bug report:

The fence_apc and fence_apc_snmp programs, as used in fence 2.02.00-r1 and possibly cman, when running in verbose mode, allows local users to append to arbitrary files via a symlink attack on the apclog temporary file.

Alerts:

Red Hat	RHSA-2011:0266-01	2011-02-16
Gentoo	201009-09	2010-09-29
Ubuntu	USN-875-1	2009-12-18
CentOS	CESA-2009:1341	2009-09-15
Red Hat	RHSA-2009:1341-02	2009-09-02
Fedora	FEDORA-2008-9458	2008-11-07
Fedora	FEDORA-2008-9458	2008-11-07
Fedora	FEDORA-2008-9458	2008-11-07
Fedora	FEDORA-2008-9042	2008-10-23

Comments (none posted)

emacs: arbitrary code execution

Package(s):

emacs

CVE #(s):

CVE-2008-3949

Created:

October 28, 2008

Updated:

February 24, 2009

Description:

From the CVE entry: Emacs 22.1 and 22.2 imports Python script from the current working directory during editing of a Python file, which allows local users to execute arbitrary code via a Trojan horse Python file.

Alerts:

Gentoo	200902-06	2009-02-23
Mandriva	MDVSA-2008:216	2008-10-27

Comments (none posted)

flash-plugin: several vulnerabilities

Package(s):

flash-plugin

CVE #(s):

CVE-2008-3873 CVE-2008-4401 CVE-2008-4503

Created:

October 28, 2008

Updated:

November 14, 2008

Description:

From the Red Hat advisory:

A flaw was found in the way Adobe Flash Player wrote content to the clipboard. A malicious SWF file could populate the clipboard with a URL that could cause the user to mistakenly load an attacker-controlled URL. (CVE-2008-3873)

A flaw was found which allowed Adobe Flash Player's ActionScript to initiate file uploads and downloads without user interaction. FileReference.browse and FileReference.download calls can now only be initiated via user interaction, such as mouse-clicks or key-presses on the keyboard. (CVE-2008-4401)

A flaw was found in Adobe Flash Player's display of the Settings Manager content. A malicious SWF file could trick the user into unknowingly clicking a link or dialog. This could then give the malicious SWF file permission to access the local machine's camera or microphone. (CVE-2008-4503)

Alerts:

SuSE	SUSE-SR:2008:025	2008-11-14
Red Hat	RHSA-2008:0980-02	2008-11-12
Red Hat	RHSA-2008:0945-01	2008-10-28

Comments (none posted)

kernel: restriction bypass

Package(s):

kernel

CVE #(s):

CVE-2008-4554

Created:

October 23, 2008

Updated:

June 8, 2009

Description:

The kernel has a restriction bypass vulnerability. From the Red Hat bug report:

Miklos Szeredi reported that splice() to files opened with O_APPEND are ignored, which allows users to bypass the append-only restriction.

Alerts:

SuSE	SUSE-SA:2009:030	2009-06-08
CentOS	CESA-2008:1017	2008-12-17
Red Hat	RHSA-2008:1017-01	2008-12-16
Debian	DSA-1687-1	2008-12-15
Debian	DSA-1681-1	2008-12-04
Ubuntu	USN-679-1	2008-11-27
Mandriva	MDVSA-2008:224-1	2008-11-07
Mandriva	MDVSA-2008:224	2008-11-04
Fedora	FEDORA-2008-8929	2008-10-23
Fedora	FEDORA-2008-8980	2008-10-23
Red Hat	RHSA-2009:0009-02	2009-01-22
SuSE	SUSE-SA:2009:003	2009-01-20

Comments (none posted)

kernel: denial of service

Package(s):

kernel

CVE #(s):

CVE-2008-4410

Created:

October 23, 2008

Updated:

October 29, 2008

Description:

The kernel has a denial of service vulnerability. From the CVE description:

The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry was intended, which allows local users to cause a denial of service (persistent application failure) via crafted function calls, related to the Java Runtime Environment (JRE) experiencing improper LDT selector state, a different vulnerability than CVE-2008-3247.

Alerts:

SuSE	SUSE-SA:2008:053	2008-10-27
Fedora	FEDORA-2008-8929	2008-10-23
Fedora	FEDORA-2008-8980	2008-10-23

Comments (none posted)

kernel: multiple vulnerabilities

Package(s):

kernel

CVE #(s):

CVE-2008-3911 CVE-2008-4618

Created:

October 27, 2008

Updated:

January 22, 2009

Description:

From the SUSE advisory:

CVE-2008-3911: The proc_do_xprt function in net/sunrpc/sysctl.c in the Linux kernel 2.6.26.3 does not check the length of a certain buffer obtained from user space, which allows local users to overflow a stack-based buffer and have unspecified other impact via a crafted read system call for the /proc/sys/sunrpc/transports file.

CVE-2008-4618: Fixed a kernel panic in SCTP while process protocol violation parameter.

Alerts:

Debian	DSA-1681-1	2008-12-04
Ubuntu	USN-679-1	2008-11-27
SuSE	SUSE-SA:2008:053	2008-10-27
Red Hat	RHSA-2009:0009-02	2009-01-22

Comments (none posted)

ktorrent: multiple vulnerabilities

Package(s):

ktorrent

CVE #(s):

Created:

October 27, 2008

Updated:

November 6, 2008

Description:

From the Fedora advisory:

Another bugfix release for the 3.1 series is out. This fixes several bugs : * A crash caused by a SIGBUS, when diskspace preallocation is disabled * High CPU usage when DNS lookups fail in the UDP tracker code * Several security issues in the webinterface plugin

Alerts:

Fedora	FEDORA-2008-9267	2008-11-06
Fedora	FEDORA-2008-9167	2008-10-24

Comments (none posted)

libspf2: buffer overflow

Package(s):

libspf2

CVE #(s):

CVE-2008-2469

Created:

October 24, 2008

Updated:

October 31, 2008

Description:

From the Debian advisory: Dan Kaminsky discovered that libspf2, an implementation of the Sender Policy Framework (SPF) used by mail servers for mail filtering, handles malformed TXT records incorrectly, leading to a buffer overflow condition

Alerts:

Gentoo	200810-03	2008-10-30
Debian	DSA-1659-1	2008-10-23

Comments (none posted)

lynx: multiple vulnerabilities

Package(s):

lynx

CVE #(s):

CVE-2008-4690 CVE-2006-7234

Created:

October 27, 2008

Updated:

September 14, 2009

Description:

From the Red Hat advisory:

An arbitrary command execution flaw was found in the Lynx "lynxcgi:" URI handler. An attacker could create a web page redirecting to a malicious URL that could execute arbitrary code as the user running Lynx in the non-default "Advanced" user mode. (CVE-2008-4690)

A flaw was found in a way Lynx handled ".mailcap" and ".mime.types" configuration files. Files in the browser's current working directory were opened before those in the user's home directory. A local attacker, able to convince a user to run Lynx in a directory under their control, could possibly execute arbitrary commands as the user running Lynx. (CVE-2006-7234)

Alerts:

Gentoo	200909-15	2009-09-12
Fedora	FEDORA-2008-9952	2008-12-03
Fedora	FEDORA-2008-9550	2008-12-03
Fedora	FEDORA-2008-9597	2008-12-03
Mandriva	MDVSA-2008:217	2008-10-28
CentOS	CESA-2008:0965	2008-10-27
Red Hat	RHSA-2008:0965-01	2008-10-27
SuSE	SUSE-SR:2009:002	2009-01-19

Comments (none posted)

squirrelmail: session hijacking vulnerability

Package(s):

squirrelmail

CVE #(s):

CVE-2008-3663

Created:

October 23, 2008

Updated:

May 13, 2009

Description:

squirrelmail is vulnerable to session hijacking. From the Red Hat bug report:

Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

Alerts:

Mandriva	MDVSA-2009:053	2009-02-24
SuSE	SUSE-SR:2009:004	2009-02-17
CentOS	CESA-2009:0010	2009-01-12
Red Hat	RHSA-2009:0010-01	2009-01-12
SuSE	SUSE-SR:2008:028	2008-12-16
Fedora	FEDORA-2008-9071	2008-10-24
Fedora	FEDORA-2008-8559	2008-10-23

Comments (none posted)

wireshark: multiple vulnerabilities

Package(s):

wireshark

CVE #(s):

CVE-2008-4680 CVE-2008-4681 CVE-2008-4682 CVE-2008-4683 CVE-2008-4684 CVE-2008-4685

Created:

October 27, 2008

Updated:

June 30, 2009

Description:

From the CVE entries:

CVE-2008-4680: packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a malformed USB Request Block (URB).

CVE-2008-4681: Unspecified vulnerability in the Bluetooth RFCOMM dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via unknown packets.

CVE-2008-4682: wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application abort) via a malformed Tamos CommView capture file (aka .ncf file) with an "unknown/unexpected packet type" that triggers a failed assertion.

CVE-2008-4683: The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a packet with an invalid length, related to an erroneous tvb_memcpy call.

CVE-2008-4684: packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post dissector.

CVE-2008-4685: Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via certain packets that trigger an exception.

Alerts:

Gentoo	200906-05	2009-06-30
CentOS	CESA-2009:0313	2009-03-05
Red Hat	RHSA-2009:0313-01	2009-03-04
rPath	rPSA-2008-0336-1	2008-12-11
Debian	DSA-1673-1	2008-11-29
SuSE	SUSE-SR:2009:001	2009-01-12
Mandriva	MDVSA-2008:215	2008-10-27

Comments (none posted)

Page editor: Jake Edge

Kernel development

Brief items

Kernel release status

The current 2.6 development kernel is 2.6.28-rc2, released by Linus on October 26. It adds a mere 22 changesets to 2.6.28-rc1, which came out on the 23rd. This kernel is now known as the "Killer Bat of Doom."

As of this writing, almost 200 changesets have been merged into the mainline since 2.6.28-rc2. They are mostly fixes, but there is also a driver for Elantech (EeePC) touchpads, support for MIPS-based NXP Semiconductors STB220 development boards, and a number of large ftrace changes.

The current stable 2.6 kernel is 2.6.27.4, released with a number of important fixes on October 25. Previously, 2.6.25.19, 2.6.26.7, and 2.6.27.3 were released on October 22. There will probably only be one more stable update for the 2.6.25 and 2.6.26 kernels, so users who are dependent on those updates may want to start thinking about moving to 2.6.27.

Comments (none posted)

Kernel development news

Quotes of the week

I look at Linux VT's and their kernel complexity with a mixture of awe and stupefaction that so much effort has gone in that direction....

-- Jim Gettys

I actually think it's a bit of an insult if people think of Motorola's EZX or MAGX (and now Android) phones as "Linux phones". Because all the freedoms of Linux (writing native applications against native Linux APIs that Linux developers know and love, being able to do Linux [kernel] development) are stripped.

In the end, to what good is Linux in those devices? Definitely not to any benefit of the user. It's to the benefit of the handset maker, who can skip a pretty expensive Windows Mobile licensing fee. Oh and, yes, they get better memory management than on Symbian ;)

That's the brave new world. It makes me sick.

-- Harald Welte

The actual problem is that if the kernel grows by 12k every time a developer says "what's the big deal?" the kernel will become very large indeed.

-- Matt Mackall

So it had sat in the mainline kernel for 4 years. During those years _nobody_ had ever tried to compile it. Nonetheless, there had been patches affecting it - including such exciting stuff as removal of trailing whitespaces, which had certainly greatly improved the damn thing.

-- Al Viro

Comments (17 posted)

Interview videos from the Kernel Summit

The Linux Foundation has produced a whole pile of video interviews with kernel developers from this year's Kernel Summit. Short 5-10 minute interviews with 15 different kernel developers are available. You can watch interviews with Linus Torvalds, Ted Ts'o, Greg Kroah-Hartman, and many others including LWN Executive Editor Jonathan Corbet. Videos are available in both Ogg and Flash formats.

Comments (6 posted)

Closing out the 2.6.28 merge window

By Jonathan Corbet
October 27, 2008

About 1000 changesets were merged after the previous summary was posted here. Much of those came from architecture-specific trees. Other changes merged this time around include:

There are new drivers for Mellanox ConnectX 10GbE network adapters, PowerPC PPC40x and PPC44x GPIO controllers, Panasonic "Let's Note" laptop special keys, Sharp SL-6000 backlight and LCD devices, Dialog Semiconductor DA9030/DA9034 backlight devices, Tabletkiosk Sahara Touch-iT backlight devices, and Toshiba TX4939 SoC ATA controllers.
One more not-ready-for-prime-time driver was merged via the staging tree; this one supports Redrapids Pocket Change cardbus devices. The staging tree also brought an extensive set of fixes to the drivers added earlier in the merge window.
The kernel has gained support for ultra-wideband protocol stacks. UWB can be used for normal networking, but the immediate application is wireless USB, which will be supported in 2.6.28.
The ACPI docking station code has gained support for bay and battery hotplug events.
The IA64 architecture now supports Xen. Also added to IA64 is support for DMA remapping devices (IOMMUs).
Support for kdump has been added to the PowerPC architecture.
The 9P (Plan9) filesystem now has RDMA support.

Changes visible to kernel developers include:

There is a new core_param() macro:
```
    core_param(name, var, type, perm);
```
Its purpose is to define "core" parameters and let them be represented in /sys/module/kernel/parameters.
It is now possible to create a workqueue running at realtime priority with:
```
    struct workqueue_struct *create_rt_workqueue(const char *name);
```

The block driver API has changed considerably, with the inode and file parameters being removed from most block device operations. The new API looks like this:

    struct block_device_operations {
	int (*open) (struct block_device *bdev, fmode_t mode);
	int (*release) (struct gendisk *gd, fmode_t mode);
	int (*locked_ioctl) (struct block_device *bdev, fmode_t mode, 
	    		     unsigned cmd, unsigned long arg);
	int (*ioctl) (struct block_device *bdev, fmode_t mode, 
	    	      unsigned cmd, unsigned long arg);
	int (*compat_ioctl) (struct block_device *bdev, fmode_t mode, 
	    		     unsigned cmd, unsigned long arg);
	int (*direct_access) (struct block_device *bdev, sector_t sector,
			      void **kaddr, unsigned long *pfn);
	int (*media_changed) (struct gendisk *gd);
	int (*revalidate_disk) (struct gendisk *gd);
	int (*getgeo)(struct block_device *bdev, struct hd_geometry *geo);
	struct module *owner;
    };

The new prototypes do away with the file and inode structure pointers which were passed in previous kernels. Note that the ioctl() method is now called without the big kernel lock; code needing BKL protection must explicitly define a locked_ioctl() function instead.

The range timer API has been merged; callers can now specify a time period in which they would like the timeout to be delivered. The kernel can then take advantage of the range to coalesce wakeups and keep the processor idle for longer periods.

This time around, linux-next maintainer Stephen Rothwell has put together a list of linux-next patches which did not get into 2.6.28. Perhaps the biggest omission was the credentials work, which seemed poised to go in this time around. Other changes which failed to get merged include the message catalog code (which looks like it will need a change of approach) and TOMOYO Linux (which seems to be caught up in the same old "new security module with pathname-based rules" swamp).

Now the stabilization period starts. Linus, perhaps, was trying to set the tone for this development cycle when he released a much smaller and earlier 2.6.28-rc2 than would have normally been expected. By way of comparison: 2.6.25-rc2 had 359 patches applied since 2.6.25-rc1. For 2.6.26-rc2, 446 changesets were merged, and, for 2.6.27-rc2, the count was 780. For 2.6.28-rc2, instead, a total of 22 changes went in. Says Linus:

And hey, maybe we can even _continue_ the nice model of "just small fixes after -rc1". I know, it sounds insane, but it's a real pleasure to do an -rc2 with just a handful of fixes for real problems that real people see. What a concept!

Should this pattern hold, it may well be that 2.6.28 will stabilize more quickly and successfully than its predecessors. It will, in any case, be interesting to watch.

Comments (1 posted)

Tracking tbench troubles

By Jonathan Corbet
October 29, 2008

Kernel developers tend to have a mixed view of benchmarks. A benchmarking tool can do an effective job of quantifying specific aspects of system performance. But benchmarks are not real workloads; optimizing for a benchmark can often distort a system in ways which are detrimental to real applications. Since kernel hackers do not always see benchmark optimization as their top priority, they can sometimes assign a lower priority to benchmark regressions as well. But, sometimes, benchmark problems indicate a real problem in the kernel.

The tbench benchmark is meant to measure networking performance; it consists of a collection of processes quickly making lots of small requests from a server process. Since the requests are small, there is not much time spent actually moving data; it's all a matter of shifting small packets around - and scheduling between the processes. Back in August, Christoph Lameter reported that tbench performance in the mainline kernel had been declining for some time. His system was able to move 3208 MB/sec with a 2.6.22 kernel, but only 2571 MB/sec with a 2.6.27-rc kernel. Each of the releases in between showed a decline from the one which came before, with 2.6.25 showing an especially big hit. Others were able to reproduce the results, and they engaged in various rounds of speculation on where the problem might be, but it seems that, initially, nobody actually dug into the system to see what was going on.

At linux.conf.au 2007, Andi Kleen gave a talk describing various types of kernel hackers. One of those was the "Russian mathematician" who, he suspected, was often a room full of talented developers operating under a single name. Evgeniy Polyakov can only have reinforced that view when, in early October, he tracked down the biggest offending commit through a process which, he says, involved "just [a] couple of hundreds of compilations." In the process, he put together a plot of tbench performance which, he says, is suitable for scaring children. Through a massive amount of work, he was able to point the finger at a scheduler patch - not something in the networking stack at all.

In particular, Evgeniy found that the patch adding high-resolution preemption ticks was the problem. The idea behind this patch was to make time slices more accurate by scheduling preemption at just the right time. It makes sense; once the regular clock tick has been eliminated, there is no reason not to arrange for preemption to happen when the scheduling algorithm says it should. Unfortunately, it seems that this change also adds sufficient overhead to slow down tbench performance considerably; when Evgeniy backed it out, his performance went from 373 MB/sec to 455 MB/sec. That would seem to be a pretty clear indication that something is amiss with high-resolution preemption ticks.

At this point, the public discussion went quiet, though it appears that a number of developers were working on it off-list. David Miller eventually tracked down the worst of the trouble to the wakeup code, something he was rather vocally unhappy about having had to do. Eventually a patch was merged (for 2.6.28-rc2) disabling the high-resolution preemption tick feature. Since the discussion is private, it's not quite clear why this change took as long as it did. But there's a couple of plausible reasons. One is that this particular feature is disabled by default anyway, so most users will not encounter the performance problem it creates.

But there is also the question of weighing the benchmark result against the effects on other, "real" workloads. Ingo Molnar said:

But it's a difficult call with no silver bullets. On one hand we have folks putting more and more stuff into the context-switching hotpath on the (mostly valid) point that the scheduler is a slowpath compared to most other things. On the other hand we've got folks doing high-context-switch ratio benchmarks and complaining about the overhead whenever something goes in that improves the quality of scheduling of a workload that does not context-switch as massively as tbench. It's a difficult balance and we cannot satisfy both camps.

So, by this view, performance on scheduler-intensive benchmarks must be weighed against the wider value of other scheduler enhancements. David Miller has a different view of the situation, though:

If we now think it's ok that picking which task to run is more expensive than writing 64 bytes over a TCP socket and then blocking on a read, I'd like to stop using Linux. :-) That's "real work" and if the scheduler is more expensive than "real work" we lose.

In David's view, scheduler performance has been getting consistently worse since the switch to the completely fair scheduler in 2.6.23. He would like to see some energy put into recovering some of the performance of the pre-CFS scheduler; in particular, he thinks that Ingo and company should work to fix (what he sees as) a regression that they caused.

For the time being, the worst performance regression has been "fixed" by disabling the high-resolution preemption tick feature; Ingo says that the feature will not come back until it can be supported without slowing things down. But the scheduler seems to have gotten slower in a number of other ways as well. Your editor will make a prediction here: now that the issue has been called out in such clear terms, somebody will find the time to fix these problems to the point that the CFS scheduler will be faster than the O(1) scheduler which preceded it.

Beyond that, there are suggestions that the scheduler cannot take the blame for all of the observed regressions in tbench results. So developers will have to look at the rest of the system to figure out what's going on. The good news is that this is a clear challenge with an objective way to measure success. Once a problem reaches that level of clarity, it's usually just a matter of some hacking.

Comments (6 posted)

Squashfs submitted for the mainline

By Jake Edge
October 29, 2008

The Squashfs compressed filesystem is used in everything from Live CDs to embedded devices. Many or most distributions ship it in such situations, but squashfs has been maintained outside of the mainline kernel for years. That appears to be changing as it was recently submitted for inclusion in the mainline by Phillip Lougher. The reaction has been generally favorable, with Andrew Morton requesting that Lougher move it forward: "Please prepare a tree for linux-next inclusion and unless serious problems are pointed out I'd suggest shooting for a 2.6.29 merge." So it seems like a good time to take a look at some of the features and capabilities of Squashfs.

The basic idea behind Squashfs is to generate a compressed image of a filesystem or directory hierarchy that can be mounted as a read-only filesystem. This can be done to archive a set of directories or to store them on a smaller capacity device than would normally be required. The latter is used by both Live CDs and embedded devices to squeeze more into less.

It has been nearly four years since Squashfs was last submitted to linux-kernel. Since that time, it has been almost completely rewritten based on comments from that attempt. In addition, it has gone through two filesystem layout revisions in part to allow for 64-bit sizes for files and filesystems. Another major change is to make the filesystem little-endian, so that it can be read on any architecture, regardless of endian-ness.

The mksquashfs utility is used to create the image, which can then be mounted either via loopback (from a file) or from a regular block device. One of the features added since the original attempt to mainline Squashfs—to address complaints made at that time—is the ability to export a Squashfs filesystem via NFS.

Squashfs uses gzip compression on filesystem data and metadata, achieving sizes roughly one-third that of an ext3 filesystem with the same data. The performance is quite good as well, even when compared with the simpler cramfs—a compressed read-only filesystem already available with the kernel. According to Lougher, these performance numbers were gathered a number of years ago, with older versions of the code; newer numbers should be even better.

Previously, some kernel developers were resistant to adding another compressed filesystem to the kernel, so Lougher outlines a number of reasons that Squashfs is superior to cramfs. Certainly support for larger files and filesystems is compelling, but the fact that cramfs is orphaned and unmaintained will likely also play a role. In addition, Squashfs supports many more "normal" Linux filesystem features like real inode numbers, hard links, and exportability.

Morton had a laundry list of overall suggestions for making Squashfs better in the email referenced above, but documentation is certainly one of the areas that is somewhat lacking. In particular, Squashfs maintains its own cache, which puzzles Morton:

Why not just decompress these blocks into pagecache and let the VFS handle the caching??

The real bug here is that this rather obvious question wasn't answered anywhere in the patch submission (afaict). How to fix that?

Methinks we need a squashfs.txt which covers these things.

One of the reasons that Squashfs doesn't use the page cache is that it allows for multiple block sizes, from 4K up to 1M, with a default of 128K. Better compression ratios can be achieved with a larger block size, but that doesn't work well with the page cache as Jörn Engel notes: "One of the problems seems to be that your blocksize can exceed page size and there really isn't any infrastructure to deal with such cases yet."

Lougher has moved the code into a git repository, presumably in preparation to get it into linux-next. He notes that the CE Linux Forum has been instrumental in providing funding over the last four months to allow him to work on getting Squashfs into the mainline. With the additional testing that will come from being included in linux-next, it seems quite possible we could see Squashfs in 2.6.29.

Comments (13 posted)

Patches and updates

Kernel trees

Linus Torvalds: Linux 2.6.28-rc2. (October 27, 2008)

Andrew Morton: 2.6.28-rc2-mm1. (October 29, 2008)

Linus Torvalds: Linux 2.6.28-rc1. (October 24, 2008)

Greg KH: Linux 2.6.27.4. (October 26, 2008)

Greg KH: Linux 2.6.27.3. (October 23, 2008)

Greg KH: Linux 2.6.26.7. (October 23, 2008)

Greg KH: Linux 2.6.25.19. (October 23, 2008)

Core kernel code

Keith Packard: Adding kmap_atomic_prot_pfn (was: [git pull] drm patches for 2.6.27-rc1). (October 24, 2008)

Joern Engel: B+Tree library. (October 26, 2008)

Ulrich Drepper: reintroduce accept4. (October 27, 2008)

Rusty Russell: work_on_cpu: helper for doing task on a CPU.. (October 27, 2008)

Mike Travis: cpumask: Replace cpumask_t with struct cpumask. (October 27, 2008)

Manfred Spraul: rcu-state. (October 28, 2008)

Dave Hansen: Filesystem-based checkpoint. (October 28, 2008)

Development tools

Lai Jiangshan: new probes manager. (October 23, 2008)

Johannes Berg: Timer sync lock checking. (October 24, 2008)

Mathieu Desnoyers: LTTng 0.44 and LTTV 0.11.3. (October 24, 2008)

Steven Rostedt: ftrace: function oprofiler. (October 25, 2008)

Steven Rostedt: trace: profile likely and unlikely annotations. (October 28, 2008)

Tom Zanussi: relay revamp v8. (October 27, 2008)

Andy Whitcroft: checkpatch: update to versoin 0.25. (October 27, 2008)

Arnaldo Carvalho de Melo: blktrace: conversion to tracepoints. (October 29, 2008)

Device drivers

Keith Packard: Add io-mapping functions to dynamically map large device apertures. (October 23, 2008)

Jesse Barnes: GTT mapping support for GEM. (October 23, 2008)

Ira Snyder: net: add PCINet driver. (October 24, 2008)

John Linn: [powerpc] GPIO: Adding new Xilinx driver. (October 25, 2008)

Trent Piepho: OpenFirmware GPIO LED driver. (October 25, 2008)

Arjan van de Ven: RFC: [PATCH] resource: ensure MMIO exclusivity for device drivers. (October 27, 2008)

Kuninori Morimoto: Add ov772x driver. (October 27, 2008)

=?iso-8859-2?Q?Micha=B3_Miros=B3aw?=: RFC: Driver for CB710/720 memory card reader (MMC part) - v3. (October 29, 2008)

Filesystems and block I/O

Al Viro: vfs patches. (October 23, 2008)

Al Viro: bdev API series. (October 23, 2008)

Evgeniy Polyakov: POHMELFS: the new release. Extended attributes.. (October 23, 2008)

Jan Kara: 64-bit quotas and preparations for OCFS2 quotas. (October 27, 2008)

ngupta@google.com: Priorities in Anticipatory I/O scheduler. (October 28, 2008)

npiggin@suse.de: writeback data integrity and other fixes (take 3). (October 28, 2008)

Theodore Ts'o: ext4: Add support for non-native signed/unsigned htree hash algorithms. (October 28, 2008)

Phillip Lougher: Squashfs: compressed read-only filesystem. (October 29, 2008)

Janitorial

Arjan van de Ven: getting rid of __cpuinit. (October 25, 2008)

Marcin Slusarz: Rename DECLARE_MUTEX to DEFINE_SEMAPHORE. (October 26, 2008)

Networking

Harvey Harrison: printk: add %pM format specifier for MAC addresses. (October 28, 2008)

Architecture-specific

David Daney: Add Cavium OCTEON processor support (v2).. (October 28, 2008)

Security-related

Jari Ruusu: Announce loop-AES-v3.2d file/swap crypto package. (October 28, 2008)

Eric Paris: SECURITY: new capable_noaudit interface. (October 29, 2008)

Virtualization and containers

Eric W. Biederman: netns: Coexist with the sysfs limitations. (October 23, 2008)

Bharata B Rao: Add hierarchical accounting to cpu accounting controller. (October 23, 2008)

Serge E. Hallyn: User namespaces: set of cleanups (v2). (October 25, 2008)

Benchmarks and bugs

Rafael J. Wysocki: 2.6.28-rc1-git1: Reported regressions from 2.6.27. (October 26, 2008)

Rafael J. Wysocki: 2.6.28-rc1-git1: Reported regressions 2.6.26 -> 2.6.27. (October 26, 2008)

Miscellaneous

Frank Ch. Eigler: notes for linux plumbers conference talk on systemtap. (October 24, 2008)

Stephen Rothwell: linux-next: left over things in linux-next after 2.6.28-c1. (October 25, 2008)

Pablo Neira Ayuso: conntrack-tools 0.9.8 released. (October 27, 2008)

Jozsef Kadlecsik: ipset-2.4.3 released. (October 27, 2008)

Hans de Goede: libv4l release: 0.5.3. (October 27, 2008)

Jackson Yee: Testing Requested: Python Bindings for Video4linux2. (October 28, 2008)

Daniel Lezcano: New version 0.4.0 of the Linux Container. (October 29, 2008)

Page editor: Jonathan Corbet

Distributions

News and Editorials

DebXO for the XO laptop

By Rebecca Sobol
October 29, 2008

The XO laptop was developed for the One Laptop Per Child (OLPC) project. Two weeks ago the XO Software Release 8.2.0 was announced. This week the DebXO project has taken off, with the goal of providing a Debian-based alternative for the XO laptop. Work has been in progress for at least a couple of months, but versions 0.2 and 0.3 were announced this week.

As of this writing, Andres "dilinger" Salomon has released three versions, the debxo-latest symlink points to the latest release. According to the version 0.2 announcement DebXO has EXT3 images for booting from USB and/or SD; and while DebXO 0.1 only had a GNOME desktop, 0.2 includes KDE, LXDE, Sugar, Awesome and GNOME desktops. Version 0.3 provides some important bug fixes for problems found in 0.2.

This project is obviously still in its infancy, but it seems like a good start on an alternative for the XO laptop. If you have an XO and are interested in helping out you could start by testing the current versions. There is a git repository with the code, which has a web interface, or just use git clone to grab the code.

Comments (1 posted)

New Releases

Debian GNU/Linux 4.0 updated

The Debian project has announced the fifth update of it's stable distribution Debian GNU/Linux 4.0 (codename etch). "This update mainly adds corrections for security problems to the stable release, along with a few adjustment to serious problems. Please note that this update does not constitute a new version of Debian GNU/Linux 4.0 but only updates some of the packages included. There is no need to throw away 4.0 CDs or DVDs but only to update via an up-to-date Debian mirror after an installation, to cause any out of date packages to be updated."

Comments (none posted)

Fedora 10 Snapshot 3

Fedora has released the final snapshot before the devel freeze and subsequent preview release. It's available by torrent with only one known bug listed in the announcement (click below). Check it out and report any bugs you find.

LWN.net Weekly Edition for October 30, 2008

The Journal

Task Orientation

The Desktop Shell

Where Next

Developers, Members, Maintainers, and Contributors

cman: insecure temp file

cman: insecure temp file

emacs: arbitrary code execution

flash-plugin: several vulnerabilities

kernel: restriction bypass

kernel: denial of service

kernel: multiple vulnerabilities

ktorrent: multiple vulnerabilities

libspf2: buffer overflow

lynx: multiple vulnerabilities

squirrelmail: session hijacking vulnerability

wireshark: multiple vulnerabilities

Events: November 6, 2008 to January 5, 2009