Advertisement
GStreamer Conference 2013, 22-23 Oct, Edinburgh
GStreamer, Embedded Linux, Android, VoD, Smooth Streaming, DRM, RTSP, HEVC, PulseAudio, OpenGL. Register now to attend.
| |||||||||||||
Welcome to LWN.netHeadlines for October 7, 2013GStreamer 1.2 released
[Development] Posted Sep 25, 2013 1:00 UTC (Wed) by n8willis
Version 1.2 of the GStreamer multimedia framework has been released. Packages for GStreamer Core and GStreamer Plugins are available. The 1.2 release is API- and ABI-backwards-compatible with GStreamer 1.0, however there are several new features introduced. Several new plugins are included, including support for DASH adaptive streaming, JPEG2000 images, VP9 and Daala video, and decoding-only support for WebP. There is also a new command-line playback tool called gst-play-1.0 (designed for testing purposes), as well as numerous bugfixes and improvements.
A perf ABI fix
[Kernel] Posted Sep 24, 2013 18:14 UTC (Tue) by corbet
It is often said that the kernel developers are committed to avoiding ABI breaks at almost any cost. But ABI problems can, at times, be hard to avoid. Some have argued that the perf events interface is particularly subject to incompatible ABI changes because the perf tool is part of the kernel tree itself; since perf can evolve with the kernel, there is a possibility that developers might not even notice a break. So the recent discovery of a perf ABI issue is worth looking at as an example of how compatibility problems are handled in that code.
Tuesday's security updates
[Security] Posted Sep 24, 2013 16:07 UTC (Tue) by ris
Debian has updated icedove (multiple vulnerabilities). Fedora has updated proftpd (F18; F19: denial of service). Gentoo has updated apache (multiple vulnerabilities) and subversion (multiple vulnerabilities). openSUSE has updated tiff (multiple vulnerabilities) and wireshark (multiple vulnerabilities). Ubuntu has updated libraw (denial of service) and pyopenssl (certificate spoofing).
NVIDIA to provide documentation for Nouveau
[Kernel] Posted Sep 24, 2013 7:12 UTC (Tue) by corbet
Nouveau is the reverse-engineered driver for NVIDIA GPUs; it has been developed for a number of years with no assistance from NVIDIA. Now, though, an NVIDIA developer has surfaced on the Nouveau list with an offer to help: "NVIDIA is releasing public documentation on certain aspects of our GPUs, with the intent to address areas that impact the out-of-the-box usability of NVIDIA GPUs with Nouveau. We intend to provide more documentation over time, and guidance in additional areas as we are able." This would appear to be a big step in the right direction.
Kernel prepatch 3.12-rc2
[Kernel] Posted Sep 24, 2013 7:01 UTC (Tue) by corbet
The second 3.12 kernel prepatch is out. Linus said: "Things have been fairly quiet, probably because lots of people were traveling for LinuxCon and Linux Plumbers conference last week. So nothing very exciting stands out. It's mainly driver updates/fixes (gpu drivers stand out, but there's networking too, and smaller stuff all over). Apart from drivers there's arch updates (tile/arm/mips) and some filesystem noise (mainly btrfs)."
Valve launches SteamOS
[Distributions] Posted Sep 23, 2013 17:39 UTC (Mon) by corbet
Valve has announced the launch of a new gaming-oriented operating system. "As we’ve been working on bringing Steam to the living room, we’ve come to the conclusion that the environment best suited to delivering value to customers is an operating system built around Steam itself. SteamOS combines the rock-solid architecture of Linux with a gaming experience built for the big screen. It will be available soon as a free stand-alone operating system for living room machines." There is little in the way of details available at this time.
Garrett: Implementing UEFI Boot to Zork
[Kernel] Posted Sep 23, 2013 17:39 UTC (Mon) by corbet
Matthew Garrett has finally implemented what we all really wanted in the first place: direct boot into the Zork game from UEFI. "But despite having a set of functionality that makes it look much more like an OS than a boot environment, UEFI doesn't actually expose a standard C library. The EFI Application Development Kit solves this particular design decision."
Security advisories for Monday
[Security] Posted Sep 23, 2013 16:15 UTC (Mon) by ris
Fedora has updated firefox (F19: multiple vulnerabilities), glpi (F19; F18: multiple vulnerabilities), hplip (F19: authorization bypass), icedtea-web (F19: code execution), kernel (F18: privilege escalation), mediawiki (F18; F19: multiple vulnerabilities), moodle (F19; F18: man-in-the-middle attack), polarssl (19; F18: denial of service), polkit (F19; F18: privilege escalation), pyOpenSSL (F19; F18: certificate spoofing), rubygems (F18; F19: denial of service), systemd (F18; F19: authorization bypass), tinyproxy (F19: access restriction bypass), and xulrunner (F19: multiple vulnerabilities). SUSE has updated kernel (SLE 11 SP3; SLE 11 SP2: multiple vulnerabilities).
Ten years of Fedora
[Distributions] Posted Sep 23, 2013 8:19 UTC (Mon) by corbet
It has been ten years since Michael K. Johnson announced: "Red Hat and Fedora Linux are pleased to announce an alignment of their mutually complementary core proficiencies leveraging them synergistically in the creation of the Fedora Project, a paradigm shift for Linux technology development and rolling early deployment models." One decade and nearly twenty releases later, Fedora has clearly accomplished quite a bit; it will be interesting to see what the next ten years will bring.
Security advisories for Friday
[Security] Posted Sep 20, 2013 16:46 UTC (Fri) by ris
CentOS has updated hplip (C6: authorization bypass), libvirt (C6: multiple vulnerabilities), polkit (C6: privilege escalation), and spice-gtk (C6: authorization bypass). Debian has updated puppet (multiple vulnerabilities). Fedora has updated hplip (F19: authorization bypass). Mageia has updated glpi (multiple vulnerabilities). Oracle has updated hplip (OL6: authorization bypass), libvirt (OL6: multiple vulnerabilities), polkit (OL6: privilege escalation), and spice-gtk (OL6: authorization bypass). Red Hat has updated hplip (RHEL6: authorization bypass), libvirt (RHEL6: multiple vulnerabilities), polkit (RHEL6: privilege escalation), and spice-gtk (RHEL6: authorization bypass). Scientific Linux has updated hplip (SL6: authorization bypass), libvirt (SL6: multiple vulnerabilities), polkit (SL6: privilege escalation), and spice-gtk (SL6: authorization bypass).
Tails 0.20.1
[Distributions] Posted Sep 19, 2013 23:04 UTC (Thu) by ris
The Amnesic Incognito Live System (Tails) has announced the release of Tails 0.20.1 which fixes numerous security issues. All users should upgrade as soon as possible.
openSUSE 13.1 Beta 1 ready
[Distributions] Posted Sep 19, 2013 17:31 UTC (Thu) by ris
OpenSUSE 13.1 Beta 1 is ready for testing. "It's pretty solid as it received an extra amount of automated checks via openQA. Nevertheless there's still quite some work to be done to get the quality we need for the final release. So please help testing and file bug reports!"
Thursday's security updates
[Security] Posted Sep 19, 2013 17:07 UTC (Thu) by ris
Fedora has updated kernel (F19: privilege escalation) and xen (F18; F19: privilege escalation). Mageia has updated freeswitch (code execution), lightdm (information leak), moodle (sql injection), python-django (MG2; MG3: directory traversal), wireshark (MG2; MG3: multiple vulnerabilities), wordpress (multiple vulnerabilities), and firefox, thunderbird (multiple vulnerabilities). Mandriva has updated wireshark (multiple vulnerabilities) and wordpress (multiple vulnerabilities). Oracle has updated firefox (OL5: multiple vulnerabilities). Ubuntu has updated apt-xapian-index (authorization bypass), hplip (authorization bypass), jockey (authorization bypass), language-selector (authorization bypass), libvirt (multiple vulnerabilities), policykit-1 (privilege escalation), rtkit (authorization bypass), software-properties (authorization bypass), systemd (authorization bypass), thunderbird (multiple vulnerabilities), ubuntu-system-service (authorization bypass), and usb-creator (authorization bypass).
LWN.net Weekly Edition for September 19, 2013
Posted Sep 19, 2013 0:25 UTC (Thu)The LWN.net Weekly Edition for September 19, 2013 is available. Inside this week's LWN.net Weekly Edition
Asteroid "mining" with Linux and FOSS
[Front] Posted Sep 18, 2013 22:23 UTC (Wed) by jake
Planetary Resources is a company with a sky-high (some might claim "pie in the sky") goal: to find and mine asteroids for useful minerals and other compounds. It is also a company that uses Linux and lots of free software. So two of the engineers from Planetary Resources, Ray Ramadorai and Marc Allen, gave a presentation at LinuxCon North America to describe how and why the company uses FOSS—along with a bit about what it is trying to do overall. Subscribers can read the full account of the talk from this week's edition.
Cyanogen Inc.
[Announcements] Posted Sep 18, 2013 19:21 UTC (Wed) by corbet
CyanogenMod founder Steve Kondik has disclosed that he and sixteen others are now doing their CyanogenMod work as part of a company founded for that purpose — and that they have been doing so since April. "You have probably seen the pace of development pick up drastically over the past few months. More devices supported, bigger projects such as CM Account, Privacy Guard, Voice+, a new version of Superuser, and secure messaging. We vastly improved our infrastructure. We’re doing more bug fixes, creating more features, and improving our communication. We think that the time has come for your mobile device to truly be yours again, and we want to bring that idea to everybody." The first new thing will be an easier installer, but there is very little information on what the business model will be.
Slackware 14.1 beta
[Distributions] Posted Sep 18, 2013 19:20 UTC (Wed) by ris
From the September 18 entry in the Slackware changelog: "Hey folks, I'm calling this a beta! Really, it's been better than beta quality for a while. There will probably still be a few more updates here and there (and certainly updates to the docs). Enjoy, and please test."
Security advisories for Wednesday
[Security] Posted Sep 18, 2013 16:36 UTC (Wed) by ris
CentOS has updated firefox (C5; C6: multiple vulnerabilities) and thunderbird (C5; C6: multiple vulnerabilities). Debian has updated chrony (two vulnerabilities), iceweasel (multiple vulnerabilities), and python-django (denial of service). Fedora has updated graphite-web (F19; F18: unspecified vulnerability), libtiff (F18: code execution), and roundcubemail (F19; F18: two cross-site scripting flaws). Mageia has updated chromium-browser-stable (multiple vulnerabilities), flash-player-plugin (multiple vulnerabilities), mediawiki (multiple vulnerabilities), python-OpenSSL (certificate spoofing), python-setuptools (code execution), and subversion (privilege escalation). Mandriva has updated firefox (multiple vulnerabilities). openSUSE has updated python (11.4: man in the middle attack) and python3 (11.4: man in the middle attack). Oracle has updated firefox (OL6: multiple vulnerabilities), thunderbird (OL6: multiple vulnerabilities), and enterprise kernel (OL6; OL5: multiple vulnerabilities). Red Hat has updated firefox (multiple vulnerabilities), kernel-rt (multiple vulnerabilities), and thunderbird (multiple vulnerabilities). Scientific Linux has updated firefox (multiple vulnerabilities) and thunderbird (multiple vulnerabilities). Slackware has updated glibc (password disclosure), firefox (multiple vulnerabilities), and thunderbird (multiple vulnerabilities). SUSE has updated flash-player (multiple vulnerabilities). Ubuntu has updated firefox (multiple vulnerabilities).
IBM Announces $1 Billion Linux Investment for Power Systems
[Announcements] Posted Sep 17, 2013 18:11 UTC (Tue) by ris
IBM has announced plans to invest $1 billion over the next five years in new Linux and open source technologies for IBM's Power Systems servers. "Two immediate initiatives announced, a new client center in Europe and a Linux on Power development cloud, focus on rapidly expanding IBM's growing ecosystem supporting Linux on Power Systems which today represents thousands of independent software vendor and open source applications worldwide."
The OpenZFS project launches
[Kernel] Posted Sep 17, 2013 16:50 UTC (Tue) by corbet
The OpenZFS project has announced its existence. "ZFS is the world's most advanced filesystem, in active development for over a decade. Recent development has continued in the open, and OpenZFS is the new formal name for this open community of developers, users, and companies improving, using, and building on ZFS. Founded by members of the Linux, FreeBSD, Mac OS X, and illumos communities, including Matt Ahrens, one of the two original authors of ZFS, the OpenZFS community brings together over a hundred software developers from these platforms."
|
|||||||||||||