Security updates have been issued by Arch Linux (flashplugin, lib32-flashplugin, lib32-gnutls, libdwarf, nginx, nginx-mainline, and tor), Debian (spice and undertow), Fedora (bind, bind-dyndb-ldap, chromium-native_client, dnsperf, expat, flatpak, GraphicsMagick, httpd, jetty, libdb, libsndfile, mingw-LibRaw, mosquitto, php-horde-Horde-Image, qt5-qtwebengine, xen, and yara), Oracle (httpd and kernel), Red Hat (flash-plugin, httpd, and kernel), Scientific Linux (httpd and kernel), and SUSE (spice).
The Git source-code management system is widely known for its flexibility and for the distributed development model that it supports. Its reputation for ease of use is ... less well established. There should, thus, be an opening for front-end systems that can make Git easier to use. One of the most comprehensive Git front ends, Magit, works within the Emacs editor and has a wide following. But Magit has run into some turbulence within the Emacs development community that is blocking its wider distribution.
The Power Management and Energy-awareness microconference has been accepted for this year's Linux Plumber's Conference, which runs September 13-15 in Los Angeles, CA. "The agenda this year will focus on a range of topics including CPUfreq core improvements and schedutil governor extensions, how to best use scheduler signals to balance energy consumption and performance and user space interfaces to control capacity and utilization estimates. We'll also discuss selective throttling in thermally constrained systems, runtime PM for ACPI, CPU cluster idling and the possibility to implement resume from hibernation in a bootloader."
Security updates have been issued by Debian (jetty8, tiff, and tiff3) and Slackware (libtirpc and rpcbind).
The Fedora 26 release is out. "First, of course, we have thousands improvements from the various upstream software we integrate, including new development tools like GCC 7, Golang 1.8, and Python 3.6. We’ve added a new partitioning tool to Anaconda (the Fedora installer) — the existing workflow is great for non-experts, but this option will be appreciated by enthusiasts and sysadmins who like to build up their storage scheme from basic building blocks. F26 also has many under-the-hood improvements, like better caching of user and group info and better handling of debug information. And the DNF package manager is at a new major version (2.5), bringing many new features." More details can be found in the release notes.
The 4.13 merge window is in progress, and, as usual, LWN is watching the commit stream. Click below (subscribers only) for the first report on what has been merged for the 4.13 release. It appears that this will be another busy development cycle.
Encrypted Media Extensions (EME) have been under review by the W3C Advisory Committee since last March. This report from the committee addresses comments and objections to EME. "After consideration of the issues, the Director reached a decision that the EME specification should move to W3C Recommendation. The Encrypted Media Extensions specification remains a better alternative for users than other platforms, including for reasons of security, privacy, and accessibility, by taking advantage of the Web platform. While additional work in some areas may be beneficial for the future of the Web Platform, it remains appropriate for the W3C to make the EME specification a W3C Recommendation. Formal publication of the W3C Recommendation will happen at a later date. We encourage W3C Members and the community to work in both technical and policy areas to find better solutions in this space."
The Free Software Foundation's Defective by Design campaign opposes EME arguing that it infringes on Web users' control of their own computers, and weakens their security and privacy. "Opponents' last opportunity to stop EME is an appeal by the Advisory Committee of the World Wide Web Consortium (W3C), the body which Tim Berners-Lee heads. Requiring 5% of the Committee's 475 members (corporate, nonprofit, and educational institutions) to sign on within a two-week period, the appeal would then trigger a vote from the whole Committee to make a final decision to ratify or reject EME."
Software in the Public Interest (SPI) has announced the availability of its 2016 Annual Report [PDF], covering the 2016 calendar year. "We’ve seen a lot of change this year. Several long-term board members retired from the board, including Bdale Garbee who served as SPI’s President for many years. There was a lot of interest in SPI’s board election and several new contributors joined the board. The board met in person in February to discuss outstanding issues and work on long-term plans."
Security updates have been issued by Debian (bind9, jetty, mpg123, phpldapadmin, sqlite3, and xorg-server), Fedora (bind, bind99, dhcp, drupal7, GraphicsMagick, httpd, irssi, jetty, jetty-alpn, jetty-test-helper, libdb, libgcrypt, mosquitto, ocaml, pius, qt5-qtwebkit, tomcat, xen, and zabbix), Gentoo (feh, gajim, game-music-emu, jasper, libcroco, libsndfile, man-db, nm-applet, openslp, phpmyadmin, roundcube, virglrenderer, and vlc), openSUSE (irssi, kernel, libgcrypt, and xen), Slackware (irssi and php), and Ubuntu (poppler).
The Qubes OS project has announced a program for the certification of "reasonably secure" laptops, but users will have to wait to get such a machine: "So far, no third-party manufacturers have produced a computer that satisfies these requirements. However, ITL has entered initial talks with a promising partner with whom we can foresee creating a true Reasonably Secure Laptop."
On his blog, Richard WM Jones describes work he has done on an automated patch testing system that is similar to the kernel 0-day test service. "Today I thought I’d write something like this, partly to reinvent the wheel, but mostly to learn more about the RabbitMQ message broker. You see, if you have to receive emails, run large tests, and send more emails, then at least two and possibly more machines and going to be involved, and as soon as you are using two or more machines, you are writing a distributed system and you need to use the right tools. Message brokers and RabbitMQ in particular make writing distributed systems easy — trust me, I’ll show you how!"
In what seems to be an acknowledgment of the status quo, rather than a big change, GNU C library (glibc) founder and maintainer Roland McGrath has stepped down from the project. This is not caused by any "big news with me", he said, just a recognition that he has drifted away from the project. "This summer marks 30 years since I began writing the GNU C Library. (That's two thirds of my lifespan so far.) It's long enough. So, I'm hereby declaring myself maintainer emeritus and withdrawing from direct involvement in the project. These past several months, if not the last few years, have proven that you don't need me any more. You'll make good decisions, as you've already made good decisions. You'll actually get around to implementing some of the things I've been suggesting or meaning to do (or saying I would do) for years, as you've already made progress on some of those ideas in recent months. If I stayed around to give advice, you'd ignore my advice to be more paranoid and more cautious, plow ahead anyway, ship it, and then have to redress the problem when the practical issues manifested, as you've already done and had to do. :-) All in all, I have no doubt at all that the job you're doing now and will do in the future maintaining glibc is better than I ever did that job myself and at least as good as my presence in the project might ever make it." As several responses to the post have already indicated, McGrath will be missed.
There are many ways to attempt to subvert an operating-system kernel. One particularly effective way, if it can be arranged, is to attack the operations that copy data between user-space and kernel-space memory. If the kernel can be fooled into copying too much data back to user space, the result can be an information-disclosure vulnerability. Errors in the other direction can be even worse, overwriting kernel memory with attacker-controlled data. The kernel has gained some defenses against this sort of attack in recent development cycles, but there is more work yet to be merged.
Security updates have been issued by Fedora (webkitgtk4), Mageia (ffcall,clisp and libffi), openSUSE (apache2, bind, clamav, dovecot22, GraphicsMagick, libICE, libquicktime, libXdmcp, libxml2, php7, and vim), Red Hat (ansible), and SUSE (ncurses and xen).
Over at Opensource.com, Pratyush Anand looks at dynamic tracing for both user space programs and the kernel. He gives an introduction to using uprobes and kprobes directly as well as using them via the perf tool. "We can insert kprobe within most of the symbols in /proc/kallsyms; other symbols have been blacklisted in the kernel. A kprobe insertion into the kprobe_events file for the symbols that aren't compatible with a kprobe insertion should result in a write error. A probe can be inserted at some offset from the symbol base, as well. Like uprobe, we can also trace the return of a function using kretprobe. The value of a local variable can also be printed in trace output."
Security updates have been issued by CentOS (bind and qemu-kvm), Debian (jabberd2, libclamunrar, libgcrypt11, radare2, and tiff), Fedora (bind, bind-dyndb-ldap, dnsperf, kdepim4, kf5-messagelib, kmail, and php-horde-Horde-Image), Oracle (bind and qemu-kvm), SUSE (ncurses), and Ubuntu (ntp, samba, and thunderbird).
The LWN.net Weekly Edition for July 6, 2017 is available.
Inside this week's LWN.net Weekly Edition
A recent paper [PDF] by a group of eight cryptography researchers shows, once again, how cryptographic breakthroughs are made. They often start small, with just a reduction in the strength of a cipher or key search space, say, but then grow over time to reach the point of a full-on breaking of a cipher or the implementation of one. In this case, the RSA implementation in Libgcrypt for 1024-bit keys has been fully broken using a side-channel attack against the operation of the library—2048-bit keys are also susceptible, but not with the same reliability, at least using this exact technique.
Here is a detailed summary of undefined behavior in C and C++ programs — and the tools that can be used to detect such behavior — by Pascal Cuoq and John Regehr. "The state of the art in debugging tools for strict aliasing violations is weak. Compilers warn about some easy cases, but these warnings are extremely fragile. libcrunch warns that a pointer is being converted to a type “pointer to thing” when the pointed object is not, in fact, a 'thing.' This allows polymorphism though void pointers, but catches misuses of pointer conversions that are also strict aliasing violations."
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds