Linux Weekly News

Subscribe to Linux Weekly News feed is a comprehensive source of news and opinions from and about the Linux community. This is the main feed, listing all articles which are posted to the site front page.
Updated: 1 hour 3 min ago

Debian reproducible builds project update

Sun, 07/23/2017 - 22:59
Debian's reproducible builds project has posted an update of what it has accomplished over the last few years. "On our website there are nice colourful graphs showing our progress in numerical terms. In particular, let us point to the stretch/amd64 graph: since our slow start ~3 years ago we have been steadily improving the reproducibility of our archive, reaching a staggering 94% at the time of writing!"

Kernel prepatch 4.13-rc2

Sun, 07/23/2017 - 20:16
The 4.13-rc2 kernel prepatch is out for testing. "Changes all over, although the diffstat is dominated by the new vboxvideo staging driver. I shouldn't have let it through, but Greg, as we all know, is 'special'. Also, Quod licet Iovi, and all that jazz - Greg gets to occasionally break some rules."

The Document Foundation 2016 annual report

Fri, 07/21/2017 - 12:38
The Document Foundation has put out an extensive annual report [PDF] describing its activities in 2016. "According to Google Trends, LibreOffice surpassed all other free office suites in early 2016 in terms of user interest, winning a race that started in early 2011. At the end of the year, Datamation confirmed the leading position, with the first article about alternatives to LibreOffice" The report is also available in German [PDF].

New stable kernels released

Fri, 07/21/2017 - 09:59

Five new stable kernels were announced by Greg Kroah-Hartman on July 21: 4.12.3, 4.11.12, 4.9.39, 4.4.78, and 3.18.62. As usual, they contain important fixes throughout the tree and users should upgrade. Note that this is the last release in the 4.11 series, users should move to 4.12.x.

Security updates for Friday

Fri, 07/21/2017 - 09:40
Security updates have been issued by Debian (php5 and ruby-mixlib-archive), Fedora (knot, knot-resolver, and spice), Oracle (graphite2 and java-1.8.0-openjdk), Red Hat (graphite2, java-1.6.0-sun, java-1.7.0-oracle, java-1.8.0-openjdk, and java-1.8.0-oracle), Scientific Linux (java-1.8.0-openjdk), and Ubuntu (kernel, linux, linux-raspi2, linux-hwe, and mysql-5.5, mysql-5.7).

[$] The ORCs are coming

Thu, 07/20/2017 - 15:22
There are a few reasons for wanting the ability to get proper stack traces out of the kernel, including profiling, tracing, and debugging kernel crashes. Historically, the kernel's tracebacks have been unreliable for a number of reasons, most of which have been fixed in recent years. Now it seems likely that the 4.14 kernel will include a new mechanism that should put our traceback problems behind us — for now.

Security updates for Thursday

Thu, 07/20/2017 - 10:13
Security updates have been issued by CentOS (freeradius), Debian (memcached), Fedora (irssi and putty), openSUSE (catdoc), Red Hat (collectd), and Ubuntu (expat, openldap, spice, and tiff).

[$] Weekly Edition for July 20, 2017

Wed, 07/19/2017 - 20:33
The Weekly Edition for July 20, 2017 is available.

[$] Ideas versus implementation

Wed, 07/19/2017 - 18:01

A short sub-thread on the python-ideas mailing list provides some "food for thought" about the purpose and scope of that list, but also some things to perhaps be considered more widely. When discussing new features and ideas, it is common for the conversation to be somewhat hypothetical, but honing in on something that could be implemented takes a fair amount of work for those participating. If the feature is proposed and championed by someone who has no intention of actually implementing it, should the thread come with some kind of warning?

[$] 32-Bit x86 support in Fedora

Wed, 07/19/2017 - 15:27

An under-the-radar proposal to stop building i686 kernels for Fedora led to a discussion about dropping support for 32-bit x86 hardware. Any of the hardware that needs these kernels is quite old, but participants in a thread on the Fedora devel mailing list noted that those systems still exist—some run Fedora. As the discussion progressed, though, it became clear that the Fedora i686 kernel has been in rough shape for some time now.

[$] Rationalizing Python's APIs

Wed, 07/19/2017 - 11:40

CPython is the reference implementation of Python, so it is, unsurprisingly, the target for various language-extension modules. But the API and ABI it provides to those extensions ends up limiting what alternative Python implementations—and even CPython itself—can do, since those interfaces must continue to be supported. Beyond that, though, the interfaces are not clearly delineated, so changes can unexpectedly affect extensions that have come to depend on them. A recent thread on the python-ideas mailing list looks at how to clean that situation up.

Libgcrypt 1.8.0 released

Wed, 07/19/2017 - 11:29
The GnuPG Project has announced the availability of Libgcrypt 1.8.0. "This is a new stable version of Libgcrypt with full API and ABI compatibility to the 1.7 series. Its main features are support Blake-2, XTS mode, an improved RNG, and performance improvements for the ARM architecture."

Security updates for Wednesday

Wed, 07/19/2017 - 11:14
Security updates have been issued by Arch Linux (c-ares, freeradius, gvim, lib32-libtiff, libtiff, pcre, rkhunter, and vim), Debian (apache2, evince, imagemagick, unattended-upgrades, and vim), Fedora (openldap, php, and poppler), Oracle (freeradius), SUSE (evince and systemd, dracut), and Ubuntu (apport, icu, and libtasn1-3).

[$] Apache disallows the Facebook BSD+patent license

Tue, 07/18/2017 - 14:35
Software patents may not have brought about the free-software apocalypse that some have feared over the years, but they remain a minefield for the software industry as a whole. A small-scale example of this can be seen in the recent decision by the Apache Software Foundation (ASF) to move a license with patent-related terms to its "Category-X" list of licenses that cannot be used by ASF projects. A number of projects will be scrambling to replace software dependencies on a short timeline, all because Facebook wanted to clarify its patent-licensing terms.

Google’s OSS-Fuzz Tool Helps Secure Open Source Projects (

Tue, 07/18/2017 - 13:41 takes a look at Google's OSS-Fuzz threat detection tool. "Google also announced that it is expanding its existing Patch Rewards program to include rewards for the integration of fuzz targets into OSS-Fuzz. To qualify for these rewards, a project needs to have a large user base and/or be critical to global IT infrastructure. Eligible projects will receive $1,000 for initial integration, and up to $20,000 for ideal integration (the final amount is at Google’s discretion). Project leaders have the option of donating these rewards to charity instead, and Google will double the amount." LWN covered OSS-Fuzz last January.

End of the line for Remix OS

Tue, 07/18/2017 - 13:07
Remix OS was an effort to bring Android to the PC, which included a kickstarter campaign to build products using Remix OS. Now Jide Technology, makers of Remix OS, have announced a change in focus that leaves Remix OS out of the picture. "We’ll be restructuring our approach to Remix OS and transitioning away from the consumer space. As a result, development on all existing products such as Remix OS for PC as well as products in our pipeline such as Remix IO and IO+ will be discontinued. Full refunds will be issued to ALL BACKERS via Kickstarter for both Remix IO and Remix IO+. In addition any purchases made via our online store that has remained unfulfilled will also be fully refunded. This requires no action from you as we will begin issuing refunds starting August 15th."

Security updates for Tuesday

Tue, 07/18/2017 - 11:45
Security updates have been issued by Debian (libmtp), Fedora (kernel), Red Hat (freeradius and kernel), Scientific Linux (freeradius), and Ubuntu (libgcrypt11).

Security updates for Monday

Mon, 07/17/2017 - 11:32
Security updates have been issued by Arch Linux (apache, evince, and mosquitto), Debian (apache2, evince, heimdal, and knot), Fedora (c-ares, cacti, evince, GraphicsMagick, httpd, jabberd, libgcrypt, openvas-cli, openvas-gsa, openvas-libraries, openvas-manager, openvas-scanner, poppler, qt5-qtwebengine, qt5-qtwebkit, spatialite-tools, and sqlite), openSUSE (gnutls, ncurses, qemu, and xorg-x11-server), Slackware (mariadb and samba), SUSE (cryptctl), and Ubuntu (heimdal and samba).

Mageia 6 released

Sun, 07/16/2017 - 13:49
Version 6 of the Mageia distribution is available. "Though Mageia 6’s development was much longer than anticipated, we took the time to polish it and ensure that it will be our greatest release so far." Highlights include KDE Plasma 5, the DNF package manager as an alternative to urpmi, and an experimental ARM port. Details can be found in the release notes.

[$] 4.13 Merge window, part 2

Sun, 07/16/2017 - 11:06
By the end of the 4.13 merge window, 11,258 non-merge changesets had been pulled into the mainline repository — about 3,600 since the first half of this series was written. That is nowhere near the 12,920 changesets that landed during the 4.12 merge window, but it still makes for a typically busy development cycle. What follows is a summary of the more interesting changes found in those last 3,600+ changesets.