LWN.net

The Design of LLVM (Dr. Dobb's)

corbet — 2012-05-30T14:25:29+00:00

Dr. Dobb's has a moderately detailed overview of the design of LLVM by Chris Lattner. "In particular, LLVM IR is both well specified and the only interface to the optimizer. This property means that all you need to know to write a front end for LLVM is what LLVM IR is, how it works, and the invariants it expects. Since LLVM IR has a first-class textual form, it is both possible and reasonable to build a front end that outputs LLVM IR as text, then uses UNIX pipes to send it through the optimizer sequence and code generator of your choice. It might be surprising, but this is actually a pretty novel property to LLVM and one of the major reasons for its success in a broad range of different applications. Even the widely successful and relatively well-architected GCC compiler does not have this property: its GIMPLE mid-level representation is not a self-contained representation."

What's new in Fedora 17 (The H)

ris — 2012-05-29T23:41:24+00:00

The H has a nice summary of the new features in Fedora 17. "Of the many changes made, the two that stand out are software rendering for GNOME Shell and the sandbox function for isolating applications. These, and many other changes, are likely to find their way into other distributions soon. Time will tell whether that will also be the case for the much-discussed filesystem reorganisation."

Google launches Chromebook, Chromebox and gets it right (GigaOm)

corbet — 2012-05-29T20:39:29+00:00

GigaOm reviews the new Chromebook from Samsung, along with the associated desktop "Chromebox" device. "The ChromeOS and the devices based on the OS have reached a point in maturity where they can be used as an 'optional' or second computer. It is also benefiting from the fact that most of us have become used to living and working inside the browser."

Security updates for Tuesday

ris — 2012-05-29T20:26:38+00:00

Fedora has updated php (F16; F15: code execution), php-eaccelerator (F16; F15: code execution), maniadrive (F16; F15: code execution), ikiwiki (F17; F16; F15: cross-site scripting), xinetd (F16; F15: service disclosure flaw), F17: sudo (privilege escalation), F17: openssl (denial of service), F17: python-tornado (HTTP header injection), F16: kernel (denial of service), F16: dokuwiki (cross-site scripting/request forgery), and F16: libreoffice (code execution).

Gentoo has updated chromium, v8 (multiple vulnerabilities).

Mandriva has updated pidgin (multiple vulnerabilities), util-linux-ng (denial of service), and ncpfs (/etc/mtab truncation).

openSUSE has updated sudo (privilege escalation), python-django (multiple vulnerabilities), jakarta-poi (denial of service), cobbler (remote code execution), chromium, v8 (multiple vulnerabilities), wireshark (denial of service), net-snmp (denial of service), and mailman (information disclosure).

Ubuntu has updated 11.10: kernel (multiple vulnerabilities), 10.04 LTS: ec2 kernel (multiple vulnerabilities), 8.04 LTS: kernel (denial of service).

Fedora 17 released

corbet — 2012-05-29T14:44:32+00:00

The Fedora 17 release is out. "Frankly, we believe this is the beefiest release ever -- chock full of condiments, more commonly known as Features, to customize your experience to your tastes. We take pride in our toppings, and in our fine ingredients; Fedora 17 includes both over- and under-the-bun improvements that show off the power and flexibility of the advancing state of free (range) software." Details can be found in the Fedora 17 feature list.

SFC expands compliance efforts to Samba and the Linux kernel

jake — 2012-05-29T14:09:28+00:00

The Software Freedom Conservancy has announced that the Samba project (which, like BusyBox, is another of SFC's member projects) will be engaging in license compliance efforts with the organization. In addition, it announced a new "GPL Compliance Project for Linux Developers" that is working with seven Linux kernel copyright holders to work on compliance for their copyrights in the kernel. "Matthew Garrett, an accomplished Linux kernel developer, was the first to put forward his copyrights as part of the GPL Compliance Project for Linux Developers, and was quickly joined by six other individuals. In a statement today, Matthew noted: 'For some time, many Linux kernel copyright holders have offered our moral support to the BusyBox enforcement efforts through Conservancy, but didn't have the ability to formalize that support. I'm glad to put my copyrights forward for this new initiative, and welcome any Linux kernel copyright holders who wish to join us to reach out to Conservancy via <compliance@sfconservancy.org>.'"

[$] Relicensing and rebasing LibreOffice

corbet — 2012-05-28T16:53:17+00:00

Projects the size of LibreOffice often tend to get a little unwieldy; the size of the code is such that even seemingly trivial tasks like removing dead code can take a long time. Considering the sheer size of the project and the fact that its copyright ownership is distributed, it would be natural to doubt the sanity of anybody proposing to simultaneously move 1.5 years worth of work to a new base and adopt a new license. But that is just what LibreOffice has in mind. Click below (subscribers only) for the full report.

This Cadillac Is Powered by Linux (Wired)

jake — 2012-05-25T19:03:11+00:00

Wired is impressed with the Linux-powered in-vehicle infotainment (IVI) system in the most recent Cadillac XTS. "While the XTS’ spate of processors and controllers isn’t running the open source offspring of Linus Torvalds, the game-changing infotainment intender known as the Cadillac User Experience (CUE) is. [...] Buried deep within the dash is a three-core ARM 11 processor, powering two displays: one eight-inch capacitive touch screen — the first non-resistive display to come to a production car — and a second, 12.3-inch fully configurable instrument cluster mounted behind the steering wheel. Two of those cores adapt on the fly to handle voice commands powered by the same Nuance technology used by many automakers, along with Apple’s personal assistant, Siri. But with CUE, everything is processed on board."

Friday's security advisories

jake — 2012-05-25T18:21:40+00:00

Debian has updated request-tracker3.8 (multiple vulnerabilities).

openSUSE has updated cobbler (two vulnerabilities).

Ubuntu has updated openssl (multiple vulnerabilities).

Fedora 17 ARM Beta Release

jake — 2012-05-25T16:24:29+00:00

A Fedora 17 beta for ARM is now available. There are a number of images provided for various targets ("QEMU, Trimslice, Beagleboard XM and iMX based hardware platforms.") "We invite you to take part in making Fedora 17 for ARM a solid release by downloading, testing, and providing your valuable feedback. Please join us on the IRC in #fedora-arm on Freenode or send feedback and comments to the ARM mailing list."

Android Malware Genome Project launched (The H)

n8willis — 2012-05-24T22:34:50+00:00

The H covers the debut of the Android Malware Genome Project by researchers from North Carolina State University. The team "has already collected more than 1,200 samples of Android malware, including GingerMaster and DroidKungFu, and has organised them into various malware families. [Xuxian] Jiang told Dark Reading that 'the purpose is to engage the research community to better our understanding of mobile threats and develop effective solutions against them.'" Access to the data set, however, is restricted.

RPM 4.10 released

n8willis — 2012-05-24T19:39:03+00:00

Panu Matilainen announces the release of RPM 4.10.0. Most of the changes targeted robustness and correctness, but a few new features crept in as well, including support for parsing the tilde (~) operator in package version numbers.

Thursday's security updates

n8willis — 2012-05-24T18:18:21+00:00

Debian has updated sudo (privilege escalation) and libxml2 (arbitrary code execution).

Mandriva has updated ES 5.0 firefox (multiple vulnerabilities).

Ubuntu has updated net-snmp (denial of service).

SSL fix flags forged certificates before they're accepted by browsers (Ars Technica)

n8willis — 2012-05-24T14:57:12+00:00

Over at Ars Technica, Dan Goodin writes about Trust Assertions for Certificate Keys (TACK), a proposed extension to SSL/TLS designed to discover fake certificates before they are accepted. "The opt-in system works by allowing SSL sites to sign valid SSL certificates, the domain name, and an expiration date with a TACK key. Once an end user has visited the site a few times using a TACK-compatible browser, a 'pin' for that site is activated on the user's computer. If the end user later encounters a forged certificate for that same site—as was the case when DigiNotar was breached—the browser will reject the session and return a warning to the user." One of TACK's co-creators is Moxie Marlinspike, who proposed the Convergence alternative certificate-management framework in 2011.

GCC Explorer - an interactive take on compilation

corbet — 2012-05-24T13:23:00+00:00

Matt Godbolt announces GCC explorer, a web-based tool for exploring how code tweaks change the machine code emitted by the compiler. "Particularly with some of the newer features of C++11 — lambdas, move constructors, threading primitives etc — it’s nice to be able to see how your elegant code becomes beautiful (and maybe even fairly optimal) machine code." The GCC explorer code is on github for those who want to set up their own instance.