| |||||||||||||
Welcome to LWN.netHeadlines for May 18, 2013[$] PostgreSQL 9.3 beta: Federated databases and more
[Development] Posted May 14, 2013 20:04 UTC (Tue) by jake
In Berkeley, California — the birthplace of PostgreSQL — it's spring: plum and cherry blossoms, courting finches and college students, new plans for the summer, and the first beta release of the database system. Every year, the first beta of the next PostgreSQL version comes out in April or May, for a final release in September. PostgreSQL 9.3 beta 1 was released to the public on May 13th, and contains a couple dozen new features both for database administrators and application developers. Subscribers can click below for a look at some of the new features by guest author Josh Berkus.
Extended stable support for the 3.8 kernel
[Kernel] Posted May 14, 2013 19:46 UTC (Tue) by corbet
Canonical has announced that the Ubuntu kernel team will be providing stable updates for the 3.8 kernel now that Greg Kroah-Hartman has moved on. This support will last as long as support for the Ubuntu 13.04 release: through August 2014. "We welcome any feedback and contribution to this effort. We will be posting the first review cycle patch set in a week or two."
Stable kernel 3.2.45
[Kernel] Posted May 14, 2013 18:30 UTC (Tue) by ris
Ben Hutchings has released stable kernel 3.2.45 with lots of important fixes throughout the tree.
Tuesday's security updates
[Security] Posted May 14, 2013 18:27 UTC (Tue) by ris
CentOS has updated httpd (C6; C5: multiple vulnerabilities). Fedora has updated php-geshi (F18; F17: multiple vulnerabilities) and libtiff (F18: multiple vulnerabilities). Oracle has updated httpd (OL6; OL5: multiple vulnerabilities). Red Hat has updated httpd (multiple vulnerabilities). Scientific Linux has updated httpd (multiple vulnerabilities). SUSE has updated kernel (multiple vulnerabilities).
Go language 1.1 released
[Development] Posted May 13, 2013 23:19 UTC (Mon) by corbet
Version 1.1 of the "Go" programming language has been released. The bulk of the work seems to be in performance improvements, but there's a number of new features as well, including a race detector and an expanded library. See the release notes for details.
Security advisories for Monday
[Security] Posted May 13, 2013 18:22 UTC (Mon) by ris
CentOS has updated hypervkvpd (C5: denial of service). Debian has updated xen (multiple vulnerabilities) and mysql (multiple vulnerabilities). Fedora has updated plexus-archiver (F18; F17: denial of service) and php-sabredav-Sabre_DAV (F18; F17: local file exposure). Mageia has updated telepathy-idle (certificate validation error) and kdelibs (username and password disclosure). Mandriva has updated mesa (code execution). openSUSE has updated strongswan (12.2; 12.1: authentication bypass), xorg-x11-server (information disclosure), java-1_6_0-openjdk (multiple vulnerabilities), and python-httplib2 (SSL certificate verification failure). Oracle has updated enterprise kernel (OL6; OL5: multiple vulnerabilities).
PostgreSQL 9.3 Beta 1 released
[Development] Posted May 13, 2013 16:36 UTC (Mon) by corbet
The first PostgreSQL 9.3 beta is out for testing. There are plenty of new features in this release, including writable foreign tables, automatically updatable VIEWs, lateral joins, indexed regular expression searches, checksums to detect filesystem-induced data corruption, and more. "In 9.3, PostgreSQL has greatly reduced its requirement for SysV shared memory, changing to mmap(). This allows easier installation and configuration of PostgreSQL, but means that we need our users to rigorously test and ensure that no memory management issues have been introduced by the change."
Kernel prepatch 3.10-rc1
[Kernel] Posted May 12, 2013 1:09 UTC (Sun) by corbet
Linus has announced the 3.10-rc1 kernel prepatch and the closure of the merge window for this development cycle. All told, nearly 12,000 changesets were pulled into the mainline during the merge window, making it the busiest such ever. See this article (subscribers only) for a summary of changes merged since last week's merge window update.
A new set of stable kernel updates
[Kernel] Posted May 11, 2013 22:57 UTC (Sat) by corbet
The 3.9.2, 3.8.13, 3.4.45, and 3.0.78 stable updates are out with the usual collection of important fixes. Greg says: "NOTE, this is the LAST 3.8.y kernel release, please move to the 3.9.y kernel series at this time. It is end-of-life, dead, gone, buried, and put way behind us never to be spoken of again. Seriously, move on, it's just not worth it anymore."
Gawk 4.1.0 released
[Development] Posted May 11, 2013 16:41 UTC (Sat) by corbet
Version 4.1.0 of Gawk (the GNU Awk interpreter) is out. There's lots of new features, including high-precision arithmetic, a completely reworked dynamic extension interface, and more.
Results of the Apache OpenOffice 4.0 Logo Survey
[Development] Posted May 10, 2013 18:30 UTC (Fri) by n8willis
Rob Weir has posted an analysis of the logo contest recently held for Apache OpenOffice. The main blog post showcases the leading vote-getters, but the real meat comes in the detailed report, which breaks down the survey by demographics and examines various ways of interpreting what boils down to a set of individual personal preferences. "With an ordinal interpretation we can look at histograms (counts of scores), at the mode (most frequent response), median (the middle value) and the variation ratio (fraction of scores not in the mode). With an interval interpretation we would assign each point on the scale a numeric value, e.g., 1 for Strongly Dislike to 5 for Strongly Like. Then we could take these scores and calculate means and standard deviations." The logo-selection process now moves to revisions by the leading candidates, aiming for the upcoming 4.0 release.
A proposal for an always-releasable Debian
[Distributions] Posted May 10, 2013 14:33 UTC (Fri) by corbet
Lars Wirzenius and Russ Allbery have posted an essay calling for changes in how the Debian release cycle works; it is mostly aimed at reducing the length of freezes to something close to zero. "The fundamental change is to start keeping our "testing" branch as close to releasable as possible, at all times. For individual projects, this corresponds to keeping the master or trunk branch in version control ready to be released. Practitioners of agile development models, for example, do this quite successfully, by applying continuous integration, automatic testing, and by having a development culture that if there's a severe bug in master, fixing that gets highest priority."
Friday's security updates
[Security] Posted May 10, 2013 14:29 UTC (Fri) by n8willis
Fedora has updated owncloud (multiple vulnerabilities). Mageia has updated mesa (code execution). Oracle has updated hypervkvpd (denial of service). Red Hat has updated hypervkvpd (denial of service) and openstack-keystone (password disclosure). Scientific Linux has updated hypervkvpd (denial of service). Ubuntu has updated gpsd (code execution).
PacketFence 4.0 released
[Development] Posted May 10, 2013 13:36 UTC (Fri) by corbet
PacketFence is a free network access control system — the system that decides whether you get to use the local WiFi network, for example. Version 4.0 is now available. "Packet Fence 4.0 introduces a brand new modern, fast and responsive web administrative interface. It also simplifies the definition of authentication sources in one place and allows dynamic computation of roles. The portal profiles can now be entirely managed from the web interface, simplifying their definitions and eliminating possible configuration mistakes."
Fedora account system (FAS) potential information disclosure
[Distributions] Posted May 9, 2013 22:51 UTC (Thu) by jake
Fedora project leader Robyn Bergeron has announced an information disclosure bug in the Fedora account system that may have exposed certain types of information (hashed passwords, security questions and encrypted answers, etc.) from unapproved members. It has been present since 2008, but could only be exploited by authenticated users, furthermore:
Review of logs has shown no cases where this bug was used in our
production account system, however our staging version was also
vulnerable and we are unable to confirm the information was not
accessed there. Moving forward, additional logging will be added to our
staging infrastructure.
We recommend (but do not require) that all users take this time to change their passwords, update their security questions/answers and review their other account information.
Three Ubuntu releases reach end of life
[Distributions] Posted May 9, 2013 22:32 UTC (Thu) by jake
Three releases of Ubuntu reached their end of life on May 9, 2013, which means they will no longer receive updates of any kind. Users of Ubuntu 8.04 LTS ("Hardy Heron"), Ubuntu 10.04 LTS Desktop ("Lucid Lynx"), and Ubuntu 11.10 ("Oneiric Ocelot") should upgrade.
New Zealand Government Announces That Software Will No Longer Be Patentable (Forbes)
[Announcements] Posted May 9, 2013 21:04 UTC (Thu) by jake
Forbes is reporting that the New Zealand government has banned patents on software. "In doing this, New Zealand is essentially taking the position that existing laws provides enough protection to software as it is; patents only serve to stifle innovation because of the ever-looming threat of being sued by so-called patent troll companies. [...] During its consideration of the bill, the committee received many submissions opposing the granting of patents for computer programs on the grounds it would stifle innovation and restrict competition. Internet New Zealand said [Commerce Minister Craig] Foss' decision to amend the Patents Bill drew to a close 'years of wrangling between software developers, ICT players and multinational heavyweights over the vexed issue of patentability of software'."
PyPy 2.0 released
[Development] Posted May 9, 2013 20:04 UTC (Thu) by corbet
The PyPy 2.0 release is available; PyPy is a performance-oriented reimplementation of the Python 2 interpreter. "This is a stable release that brings a swath of bugfixes, small performance improvements and compatibility fixes. PyPy 2.0 is a big step for us and we hope in the future we'll be able to provide stable releases more often." Headline features include stackless and greenlet support, a new interface to C modules, and more.
Raspberry Pi operating systems: 5 reviewed and rated (Techradar)
[Distributions] Posted May 9, 2013 17:56 UTC (Thu) by jake
Those looking for alternative distributions (or even operating systems) for their Raspberry Pi may want to take a peek at Techradar's review of five choices for the diminutive ARM-based computer. The article looks at Raspbian, Risc OS, Plan 9, Android, and Arch; it evaluates and rates each one on a variety of criteria:
The areas we're looking at are installation, default software, media playback (out-of-the-box), looks and usability, the community behind the OS and their respective attitudes toward software freedom. Basically, the very stuff that makes a Linux user decide on what system to use.
We also want to gauge this from the point of view of someone who's not as familiar with Linux as others are, so they can jump into the project without too much hassle, and not end up leaving it feeling disheartened.
Security updates for Thursday
[Security] Posted May 9, 2013 15:36 UTC (Thu) by jake
Fedora has updated phpmyadmin (F17; F18: two remote code execution flaws). Mageia has updated ffmpeg (multiple vulnerabilities), wordpress (three vulnerabilities), ekiga, opal3, ptlib (denial of service), nrpe (code execution), x11-server (keystroke capture), glibc (two denial of service flaws), and libtiff (two vulnerabilities). Ubuntu has updated telepathy-idle (13.04, 12.10, 12.04: certificate validation botch).
|
|||||||||||||