new stories - click to show



LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.




Tech → Linux


2.8 items/day

[$] Sticky groups in the shadows

Group membership is normally used to grant access to some resource; examples might include using groups to control access to a shared directory, a printer, or the ability to use tools like sudo . It is possible, though, to use group membership to deny access to a resource instead, and some administrators make use of that feature. But groups only work as a negative credential if the user cannot shed them at will. Occasionally, some way to escape a group has turned up, resulting in vulnerabilit...

Stable kernels 5.12.4, 5.11.21, 5.10.37, and 5.4.119

Greg Kroah-Hartman has announced the release of the 5.12.4 , 5.11.21 , 5.10.37 , and 5.4.119 stable kernels. These are enormous updates, with changes throughout the kernel tree; users should upgrade.

Security updates for Friday

Security updates have been issued by Debian (jetty9, libgetdata, and postgresql-11), openSUSE (java-11-openjdk), SUSE (dtc, ibsim, ibutils, ipvsadm, and kernel), and Ubuntu (awstats and glibc).

[$] Calling kernel functions from BPF

The kernel's BPF virtual machine allows programs loaded from user space to be safely run in the kernel's context. That functionality would be of limited use, however, without the ability for those programs to interact with the rest of the kernel. The interface between BPF and the kernel has been kept narrow for a number of good reasons, including safety and keeping the kernel in control of the system. The 5.13 kernel, though, contains a feature that could, over time, widen that interface cons...

Security updates for Thursday

Security updates have been issued by Debian (graphviz and redmine), Fedora (dom4j, kernel, kernel-headers, kernel-tools, mariadb, php, php-phpmailer6, and redis), openSUSE (kernel and nagios), and Ubuntu (mysql-5.7, mysql-8.0 and python-django).

[$] Holes in the WiFi

The discoverer of the KRACK attacks against WPA2 encryption in WiFi is back with a new set of flaws in the wireless-networking protocols. FragAttacks is a sizable group of WiFi vulnerabilities that (ab)use the fragmentation and aggregation (thus "Frag") features of the standard. The fixes have been coordinated over a nine-month period, which has allowed security researcher Mathy Vanhoef time to create multiple papers, some slide decks, a demo video, patches, and, of course, a web site and log...

GNU Guix 1.3.0 released

GNU Guix, the transactional package manager and distribution, has released version 1.3.0 . This released adds new features, refines the user experience, and improves performance. Support for the POWER9 platform is now offered as technological preview.

New stable kernels

Stable kernels 5.12.3 and 5.11.20 have been released with important fixes throughout the tree. Users should upgrade.

Security updates for Wednesday

Security updates have been issued by Debian (composer, hivex, lz4, and rails), Fedora (chromium, community-mysql, djvulibre, dom4j, firefox, php, php-phpmailer6, python-django, and redis), Mageia (mariadb, nagios, and pngcheck), openSUSE (opera, syncthing, and vlc), SUSE (kernel, openvpn, openvpn-openssl1, shim, and xen), and Ubuntu (flatpak, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-h...

[$] Pyodide: Python for the browser

Python in the browser has long been an item on the wish list of many in the Python community. At this point, though, JavaScript has well-cemented its role as the language embedded into the web and its browsers. The Pyodide project provides a way to run Python in the browser by compiling the existing CPython interpreter to WebAssembly and running that binary within the browser's JavaScript environment. Pyodide came about as part of Mozilla's Iodide project , which has fallen by the wayside, bu...

Why Sleep Apnea Patients Rely on a CPAP Machine Hacker (Vice)

Vice takes a look at the SleepyHead system for the management of CPAP machines. The free, open-source, and definitely not FDA-approved piece of software is the product of thousands of hours of hacking and development by a lone Australian developer named Mark Watkins, who has helped thousands of sleep apnea patients take back control of their treatment from overburdened and underinvested doctors. The software gives patients access to the sleep data that is already being generated by their CPAP...

Making eBPF work on Windows (Microsoft Open Source Blog)

The Microsoft Open Source Blog takes a look at implementing eBPF support in Windows. " Although support for eBPF was first implemented in the Linux kernel, there has been increasing interest in allowing eBPF to be used on other operating systems and also to extend user-mode services and daemons in addition to just the kernel. Today we are excited to announce a new Microsoft open source project to make eBPF work on Windows 10 and Windows Server 2016 and later. The ebpf-for-windows project aims...

Announcing coreboot 4.14

The coreboot firmware project has released version 4.14 . " These changes have been all over the place, so that there's no particular area to focus on when describing this release: We had improvements to mainboards, to chipsets (including much welcomed work to open source implementations of what has been blobs before), to the overall architecture. "

Two stable kernels

Stable kernels 5.10.36 and 5.4.118 have been released. They both contain important fixes throughout the tree. Users should upgrade.
© 2000-2021 ANNECA s.r.o., Klíšská 977/77, 400 01 Ústí nad Labem, Tel: +420 478571021, Email: info@hearea.com, Twitter: @hreader