LWN.net |
Popis: LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
|
||||||
[$] Gentoo bans AI-created contributions17:52 Gentoo Council member MichaÅ Górny posted an RFC to the gentoo-dev mailing list in late February about banning " 'AI'-backed (LLM/GPT/whatever) contributions " to the Gentoo Linux project. Górny wrote that the spread of the " AI bubble " indicated a need for Gentoo to formally take a stand on AI tools. After a lengthy discussion, the Gentoo Council voted unanimously this week to adopt his proposal and ban contributions generated with AI/ML tools. [$] Warning about WARN_ON()16:25 Kernel developers, like conscientious developers for many projects, will often include checks in the code for conditions that are never expected to occur, but which would indicate a serious problem should that expectation turn out to be incorrect. For years, developers have been encouraged (to put it politely) to avoid using assertions that crash the machine for such conditions unless there is truly no alternative. Increasingly, though, use of the kernel's WARN_ON() family of macros, which deve… Security updates for Thursday16:25 Security updates have been issued by Debian (firefox-esr, jetty9, libdatetime-timezone-perl, tomcat10, and tzdata), Fedora (cockpit, filezilla, and libfilezilla), Red Hat (firefox, gnutls, java-1.8.0-openjdk, java-17-openjdk, kernel, kernel-rt, less, mod_http2, nodejs:18, rhc-worker-script, and shim), Slackware (mozilla), SUSE (kernel), and Ubuntu (apache2, glibc, and linux-xilinx-zynqmp). [$] Managing to-do lists on the command line with Taskwarrior17.dubna Managing to-do lists is something of a universal necessity. While some people handle them mentally or on paper, others resort to a web-based tool or a mobile application. For those preferring the command line, the MIT-licensed Taskwarrior offers a flexible solution with a healthy community and lots of extensions. Four more stable kernels17.dubna Security updates for Wednesday17.dubna Security updates have been issued by Debian (apache2 and cockpit), Fedora (firefox, kernel, mbedtls, python-cbor2, wireshark, and yyjson), Mageia (nghttp2), Red Hat (kernel, kernel-rt, opencryptoki, pcs, shim, squid, and squid:4), Slackware (firefox), SUSE (emacs, firefox, and kernel), and Ubuntu (linux-aws, linux-aws-5.15, linux-aws-6.5, linux-raspi, and linux-iot). [$] Identifying dependencies used via dlopen()16.dubna The recent XZ backdoor has sparked a lot of discussion about how the open-source community links and packages software. One possible security improvement being discussed is changing how projects like systemd link to dynamic libraries that are only used for optional functionality: using dlopen() to load those libraries only when required. This could shrink the attack surface exposed by dependencies, but the approach is not without downsides â most prominently, it makes discovering which dynami… [$] Fedora 40 firms up for release16.dubna Fedora 40 Beta was released on March 26, and the final release is nearing completion. So far, the release is coming together nicely with major updates for GNOME, KDE Plasma, and the usual cavalcade of smaller updates and enhancements. As part of the release, the project also scuttled Delta RPMs and OpenSSL 1.1 . PuTTY 0.81 security release16.dubna Version 0.81 of the PuTTY SSH client is out with a fix for CVE-2024-31497 ; some users will want to update and generate new keys: PuTTY 0.81, released today, fixes a critical vulnerability CVE-2024-31497 in the use of 521-bit ECDSA keys (ecdsa-sha2-nistp521). If you have used a 521-bit ECDSA private key with any previous version of PuTTY, consider the private key compromised: remove the public key from authorized_keys files, and generate a new key pair. However, this only affects that one algor… Security updates for Tuesday16.dubna Security updates have been issued by Debian (php7.4 and php8.2), Fedora (c-ares), Mageia (python-pillow and upx), Oracle (bind and dhcp, bind9.16, httpd:2.4/mod_http2, kernel, rear, and unbound), SUSE (eclipse, maven-surefire, tycho, emacs, kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t, nodejs16, nodejs18, nodejs20, texlive, vim, webkit2gtk3, and xen), and Ubunt… OpenSSF and OpenJS warn about social-engineering attacks15.dubna The Open Source Security Foundation and the OpenJS Foundation have jointly posted a warning about XZ-like social-engineering attacks after OpenJS was seemingly targeted. The OpenJS Foundation Cross Project Council received a suspicious series of emails with similar messages, bearing different names and overlapping GitHub-associated emails. These emails implored OpenJS to take action to update one of its popular JavaScript projects to "address any critical vulnerabilities," yet cited no specific… [$] Cleaning up after BPF exceptions15.dubna Kumar Kartikeya Dwivedi has been working to add support for exceptions to BPF since mid-2023. In July, Dwivedi posted the first patch set in this effort, which adds support for basic stack unwinding. In February 2024, he posted the second patch set aimed at letting the kernel release resources held by the BPF program when an exception occurs. This makes exceptions usable in many more contexts. Security updates for Monday15.dubna Security updates have been issued by AlmaLinux (bind, bind and dhcp, bind9.16, gnutls, httpd:2.4/mod_http2, squid:4, and unbound), Debian (kernel, trafficserver, and xorg-server), Fedora (chromium, kernel, libopenmpt, and rust-h2), Mageia (apache-mod_jk, golang, indent, openssl, perl-HTTP-Body, php, rear, ruby-rack, squid, varnish, and xfig), Oracle (bind, squid, unbound, and X.Org server), Red Hat (bind and dhcp and unbound), Slackware (less and php), SUSE (gnutls, python-Pillow, webkit2gtk3, … Kernel prepatch 6.9-rc414.dubna The 6.9-rc4 kernel prepatch is out for testing. " Nothing particularly unusual going on this week - some new hw mitigations may stand out, but after a decade of this I can't really call it 'unusual' any more, can I? " |