User: Password:
Subscribe / Log in / New account

Welcome to is a reader-supported news site dedicated to producing the best coverage from within the Linux and free software development communities. See the LWN FAQ for more information, and please consider subscribing to gain full access and support our activities.

[$] The ORCs are coming
[Kernel] Posted Jul 20, 2017 19:22 UTC (Thu) by corbet

There are a few reasons for wanting the ability to get proper stack traces out of the kernel, including profiling, tracing, and debugging kernel crashes. Historically, the kernel's tracebacks have been unreliable for a number of reasons, most of which have been fixed in recent years. Now it seems likely that the 4.14 kernel will include a new mechanism that should put our traceback problems behind us — for now.

Full Story (comments: 5)

The Document Foundation 2016 annual report
[Development] Posted Jul 21, 2017 16:38 UTC (Fri) by corbet

The Document Foundation has put out an extensive annual report [PDF] describing its activities in 2016. "According to Google Trends, LibreOffice surpassed all other free office suites in early 2016 in terms of user interest, winning a race that started in early 2011. At the end of the year, Datamation confirmed the leading position, with the first article about alternatives to LibreOffice" The report is also available in German [PDF].

Comments (4 posted)

[$] Weekly Edition for July 20, 2017
Posted Jul 20, 2017 0:33 UTC (Thu)

The Weekly Edition for July 20, 2017 is available.

Inside this week's Weekly Edition

  • Front: Ideas vs. implementation; Facebook BSD+patent license; Stack Clash again; The rest of the 4.13 merge window; Fedora and i686; Python's C API.
  • Briefs: OSS-Fuzz; ext4 max mount count; Mageia 6; Remix OS; Drupal/Garfield; Libgcrypt 1.8; Quotes.
  • Announcements: Newsletters, events, security advisories, kernel patches, ...
Read more

New stable kernels released
[Kernel] Posted Jul 21, 2017 13:59 UTC (Fri) by jake

Five new stable kernels were announced by Greg Kroah-Hartman on July 21: 4.12.3, 4.11.12, 4.9.39, 4.4.78, and 3.18.62. As usual, they contain important fixes throughout the tree and users should upgrade. Note that this is the last release in the 4.11 series, users should move to 4.12.x.

Comments (none posted)

[$] Ideas versus implementation
[Development] Posted Jul 19, 2017 22:01 UTC (Wed) by jake

A short sub-thread on the python-ideas mailing list provides some "food for thought" about the purpose and scope of that list, but also some things to perhaps be considered more widely. When discussing new features and ideas, it is common for the conversation to be somewhat hypothetical, but honing in on something that could be implemented takes a fair amount of work for those participating. If the feature is proposed and championed by someone who has no intention of actually implementing it, should the thread come with some kind of warning?

Full Story (comments: 23)

Security updates for Friday
[Security] Posted Jul 21, 2017 13:40 UTC (Fri) by jake

Security updates have been issued by Debian (php5 and ruby-mixlib-archive), Fedora (knot, knot-resolver, and spice), Oracle (graphite2 and java-1.8.0-openjdk), Red Hat (graphite2, java-1.6.0-sun, java-1.7.0-oracle, java-1.8.0-openjdk, and java-1.8.0-oracle), Scientific Linux (java-1.8.0-openjdk), and Ubuntu (kernel, linux, linux-raspi2, linux-hwe, and mysql-5.5, mysql-5.7).

Full Story (comments: none)

[$] 32-Bit x86 support in Fedora
[Distributions] Posted Jul 19, 2017 19:27 UTC (Wed) by jake

An under-the-radar proposal to stop building i686 kernels for Fedora led to a discussion about dropping support for 32-bit x86 hardware. Any of the hardware that needs these kernels is quite old, but participants in a thread on the Fedora devel mailing list noted that those systems still exist—some run Fedora. As the discussion progressed, though, it became clear that the Fedora i686 kernel has been in rough shape for some time now.

Full Story (comments: 17)

Security updates for Thursday
[Security] Posted Jul 20, 2017 14:13 UTC (Thu) by jake

Security updates have been issued by CentOS (freeradius), Debian (memcached), Fedora (irssi and putty), openSUSE (catdoc), Red Hat (collectd), and Ubuntu (expat, openldap, spice, and tiff).

Full Story (comments: none)

[$] Rationalizing Python's APIs
[Development] Posted Jul 19, 2017 15:40 UTC (Wed) by jake

CPython is the reference implementation of Python, so it is, unsurprisingly, the target for various language-extension modules. But the API and ABI it provides to those extensions ends up limiting what alternative Python implementations—and even CPython itself—can do, since those interfaces must continue to be supported. Beyond that, though, the interfaces are not clearly delineated, so changes can unexpectedly affect extensions that have come to depend on them. A recent thread on the python-ideas mailing list looks at how to clean that situation up.

Full Story (comments: none)

Libgcrypt 1.8.0 released
[Development] Posted Jul 19, 2017 15:29 UTC (Wed) by ris

The GnuPG Project has announced the availability of Libgcrypt 1.8.0. "This is a new stable version of Libgcrypt with full API and ABI compatibility to the 1.7 series. Its main features are support Blake-2, XTS mode, an improved RNG, and performance improvements for the ARM architecture."

Full Story (comments: none)

[$] Apache disallows the Facebook BSD+patent license
[Front] Posted Jul 18, 2017 18:35 UTC (Tue) by corbet

Software patents may not have brought about the free-software apocalypse that some have feared over the years, but they remain a minefield for the software industry as a whole. A small-scale example of this can be seen in the recent decision by the Apache Software Foundation (ASF) to move a license with patent-related terms to its "Category-X" list of licenses that cannot be used by ASF projects. A number of projects will be scrambling to replace software dependencies on a short timeline, all because Facebook wanted to clarify its patent-licensing terms.

Full Story (comments: 31)

Security updates for Wednesday
[Security] Posted Jul 19, 2017 15:14 UTC (Wed) by ris

Security updates have been issued by Arch Linux (c-ares, freeradius, gvim, lib32-libtiff, libtiff, pcre, rkhunter, and vim), Debian (apache2, evince, imagemagick, unattended-upgrades, and vim), Fedora (openldap, php, and poppler), Oracle (freeradius), SUSE (evince and systemd, dracut), and Ubuntu (apport, icu, and libtasn1-3).

Full Story (comments: none)

[$] 4.13 Merge window, part 2
[Kernel] Posted Jul 16, 2017 15:06 UTC (Sun) by corbet

By the end of the 4.13 merge window, 11,258 non-merge changesets had been pulled into the mainline repository — about 3,600 since the first half of this series was written. That is nowhere near the 12,920 changesets that landed during the 4.12 merge window, but it still makes for a typically busy development cycle. What follows is a summary of the more interesting changes found in those last 3,600+ changesets.

Full Story (comments: 10)

Google’s OSS-Fuzz Tool Helps Secure Open Source Projects (
[Security] Posted Jul 18, 2017 17:41 UTC (Tue) by ris takes a look at Google's OSS-Fuzz threat detection tool. "Google also announced that it is expanding its existing Patch Rewards program to include rewards for the integration of fuzz targets into OSS-Fuzz. To qualify for these rewards, a project needs to have a large user base and/or be critical to global IT infrastructure. Eligible projects will receive $1,000 for initial integration, and up to $20,000 for ideal integration (the final amount is at Google’s discretion). Project leaders have the option of donating these rewards to charity instead, and Google will double the amount." LWN covered OSS-Fuzz last January.

Comments (none posted)

[$] Rethinking the Stack Clash fix
[Kernel] Posted Jul 13, 2017 18:31 UTC (Thu) by corbet

It has been nearly one month since the Stack Clash vulnerability was disclosed and some hardening measures were rushed into the 4.12 kernel release. Since then, a fair amount of work has gone into fixing problems caused by those measures and porting the result back to stable kernel releases. Now, it seems, the kernel developers are considering taking a different approach entirely.

Full Story (comments: 16)

End of the line for Remix OS
[Distributions] Posted Jul 18, 2017 17:07 UTC (Tue) by ris

Remix OS was an effort to bring Android to the PC, which included a kickstarter campaign to build products using Remix OS. Now Jide Technology, makers of Remix OS, has announced a change in focus that leaves Remix OS out of the picture. "We’ll be restructuring our approach to Remix OS and transitioning away from the consumer space. As a result, development on all existing products such as Remix OS for PC as well as products in our pipeline such as Remix IO and IO+ will be discontinued. Full refunds will be issued to ALL BACKERS via Kickstarter for both Remix IO and Remix IO+. In addition any purchases made via our online store that has remained unfulfilled will also be fully refunded. This requires no action from you as we will begin issuing refunds starting August 15th."

Comments (4 posted) Weekly Edition for July 13, 2017
Posted Jul 13, 2017 0:02 UTC (Thu)

The Weekly Edition for July 13, 2017 is available.

Inside this week's Weekly Edition

  • Front: Magit; User=0day in systemd; OpenBSD KARL; 4.13; Hardened usercopy whitelisting; Fedora 26.
  • Briefs: LSS schedule; Fedora 26; Qubes laptop; McGrath bows out; EME; SPI annual report; Quotes; ...
  • Announcements: Newsletters, events, security updates, kernel patches, ...
Read more

Security updates for Tuesday
[Security] Posted Jul 18, 2017 15:45 UTC (Tue) by ris

Security updates have been issued by Debian (libmtp), Fedora (kernel), Red Hat (freeradius and kernel), Scientific Linux (freeradius), and Ubuntu (libgcrypt11).

Full Story (comments: none)

OpenBSD kernel address randomized link
[Security] Posted Jul 12, 2017 21:52 UTC (Wed) by jake

A less than two-month-old project for OpenBSD, kernel address space randomized link (KARL), has turned the kernel into an object that is randomized on every boot. Instead of the code being stored in the same location for every boot of a given kernel, each boot will be unique. Unlike Linux's kernel address space layout randomization (KASLR), which randomizes the base address for all of the kernel code on each boot, KARL individually randomizes the object files that get linked into the binary. That means that a single information leak of a function address from the kernel does not leak information about the location of all other functions.

Full Story (comments: 17)

Security updates for Monday
[Security] Posted Jul 17, 2017 15:32 UTC (Mon) by ris

Security updates have been issued by Arch Linux (apache, evince, and mosquitto), Debian (apache2, evince, heimdal, and knot), Fedora (c-ares, cacti, evince, GraphicsMagick, httpd, jabberd, libgcrypt, openvas-cli, openvas-gsa, openvas-libraries, openvas-manager, openvas-scanner, poppler, qt5-qtwebengine, qt5-qtwebkit, spatialite-tools, and sqlite), openSUSE (gnutls, ncurses, qemu, and xorg-x11-server), Slackware (mariadb and samba), SUSE (cryptctl), and Ubuntu (heimdal and samba).

Full Story (comments: none)

--> More news items

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds