LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
업데이트: 19분 59초 지남
14시간 26분 지남
Version 24.0
of the Arch-based Manjaro distribution is now available with
the 6.9 kernel, GNOME 46, Xfce 4.18, and an update to the
Pamac package
installer. This is also the project's first release with KDE Plasma 6:
The Plasma edition comes with the latest Plasma 6.0 series and KDE
Gear 24.02. It brings exciting new improvements to your desktop.
With Plasma 6, KDE's technology stack has undergone major upgrades:
a transition to the latest version of application framework, Qt, and
an improved graphics platform when Wayland is used. These changes are
as smooth and unnoticeable to the users as possible. You will see the
same familiar desktop environment that you know and love. But these
under-the-hood upgrades benefit Plasma's security, efficiency, and
performance, and improve support for modern hardware. Thus Plasma
delivers an overall more reliable user experience, while paving the
way for many more improvements in the future.
The project also offers minimal install images with the 6.6 LTS
and 6.1 LTS kernels to support older hardware.
16시간 44분 지남
Large language models (LLMs) have been the subject of much discussion and
scrutiny recently. Of particular interest to open-source enthusiasts are the
problems with running LLMs on one's own hardware — especially when doing so
requires NVIDIA's proprietary CUDA toolkit, which remains unavailable in many
environments.
Mozilla has developed
llamafile as a
potential solution to these problems. Llamafile can compile LLM weights
into portable, native executables for easy integration, archival, or
distribution. These executables can take advantage of supported GPUs when
present, but do not require them.
화, 2024/05/14 - 10:06오후
Security updates have been issued by Debian (glib2.0 and shim), Fedora (glib2, gnome-shell, tcpdump, tpm2-tools, tpm2-tss, and uriparser), Mageia (mutt), Oracle (git-lfs, glibc, kernel, kernel-container, nodejs:18, nodejs:20, and pcp), SUSE (apache2, opensc, openssl-1_1, openssl-3, perl, python-Pillow, python-pyOpenSSL, python-Werkzeug, SUSE Manager Client Tools Beta, tpm2-0-tss, and tpm2.0-tools), and Ubuntu (sqlparse and strongswan).
화, 2024/05/14 - 2:28오전
The 6.9 kernel was
released
on May 12 after a typical nine-week development cycle. Once again,
this is a major release containing a lot of changes and new features. Our
merge-window summaries (
part 1,
part 2) covered those changes; now that
the development cycle is complete, the time has come to look at where all
that work came from — and to introduce a new and experimental LWN feature
for readers interested in this kind of information.
화, 2024/05/14 - 12:35오전
Maintainers of open-source projects sometimes have disagreements with
contributors over how contributions are reviewed, modified, merged, and
credited. A written policy describing how contributions are handled can
help maintainers set reasonable expectations for potential contributors.
In turn, that can make the maintainer's job easier because it can help
reduce a source of friction in the project. A guide to help create this
kind of policy for a project has recently been developed.
월, 2024/05/13 - 10:07오후
Security updates have been issued by AlmaLinux (nodejs:18 and shim), Debian (atril and chromium), Fedora (chromium, glib2, gnome-shell, mediawiki, php-wikimedia-cdb, php-wikimedia-utfnormal, stb, and tcpdump), Gentoo (Kubelet, PoDoFo, Rebar3, and thunderbird), Mageia (glibc and libnbd), Oracle (kernel), Red Hat (bind and dhcp and varnish), and SUSE (chromium, cpio, freerdp, giflib, gnutls, opera, python-Pillow, python-Werkzeug, tinyproxy, and tpm2-0-tss).
월, 2024/05/13 - 7:20오전
Linus has
released the 6.9 kernel.
"So 6.9 is now out, and last week has looked quite stable (and the
whole release has felt pretty normal)."
Significant changes in this release include
the ability to create
pidfds for individual
threads,
the
BPF arena subsystem,
the
BPF token security mechanism,
truncate() support in
io_uring,
support for the Rust language on 64-bit Arm systems,
weighted interleaving in the
memory-management subsystem,
the
device-mapper
virtual data optimizer target,
initial
FUSE passthrough support,
and more.
See the LWN merge-window summaries
(
part 1,
part 2) for more information.
토, 2024/05/11 - 1:08오전
In April, the Gentoo Linux project banned the use of
generative AI/ML tools due to copyright, ethical, and quality
concerns. This means contributors cannot use tools like ChatGPT or GitHub Copilot to
creating content for the distribution such as code, documentation,
bug reports, forum posts. A proposal for Debian to adopt a similar
policy revealed a distinct lack of love for those kinds of tools,
though it would also seem few contributors support
banning them outright.
금, 2024/05/10 - 10:02오후
Security updates have been issued by AlmaLinux (container-tools:4.0, container-tools:rhel8, git-lfs, glibc, libxml2, nodejs:18, and nodejs:20), Debian (dav1d and libpgjava), Fedora (kernel and pypy), Red Hat (glibc and nodejs:16), SUSE (ffmpeg, ffmpeg-4, ghostscript, go1.21, go1.22, less, python-python-jose, python-Werkzeug, and sssd), and Ubuntu (fossil, glib2.0, and libspreadsheet-parsexlsx-perl).
목, 2024/05/09 - 11:17오후
The extensible scheduler class (or "sched_ext") is a comprehensive
framework that enables the implementation of CPU schedulers as a set of BPF
programs that can be loaded at run time. Despite having attracted a fair
amount of interest from the development community, sched_ext has run into
considerable opposition and seems far from acceptance into the mainline.
The posting by Tejun Heo of
a new
version of the sched_ext series at the beginning of May has restarted
this long-running discussion, but it is not clear what the end result will
be.
목, 2024/05/09 - 10:31오후
Security updates have been issued by AlmaLinux (ansible-core, avahi, bind, buildah, containernetworking-plugins, edk2, fence-agents, file, freeglut, freerdp, frr, git-lfs, gnutls, golang, grafana, grafana-pcp, gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, harfbuzz, httpd, ipa, libjpeg-turbo, libnbd, LibRaw, libreswan, libsndfile, libssh, libtiff, libvirt, libX11, libXpm, mingw components, mingw-glib2, mingw-pixman, mod_http2, mod_jk and mod_proxy_cluster, motif, mutt, openssl and openssl-fips-provider, osbuild-composer, pam, pcp, perl, pmix, podman, python-jinja2, python-jwcrypto, python3.11, python3.11-cryptography, python3.11-urllib3, qemu-kvm, qt5-qtbase, runc, skopeo, sssd, systemd, tcpdump, tigervnc, toolbox, webkit2gtk3, xorg-x11-server, xorg-x11-server-Xwayland, and zziplib), CentOS (firefox, grub2, kernel, squid, thunderbird, tigervnc, and xorg-x11-server), Debian (chromium, glib2.0, python-idna, webkit2gtk, and wordpress), Fedora (freerdp, freerdp2, and pypy), Mageia (chromium-browser-stable, exfatprogs, freeglut, libtiff, libvirt, libxml2, openpmix, php-tcpdf, ruby, tpm2-tools, tpm2-tss, traceroute, and zziplib), Oracle (bind, buildah, git-lfs, gnutls, golang, grafana, grafana-pcp, libreswan, libvirt, libxml2, mod_http2, podman, python-jwcrypto, skopeo, sssd, and tigervnc), Red Hat (nodejs:18, nodejs:20, and squid:4), and SUSE (avahi, ghostscript, go1.21, go1.22, python-pymongo, python-Werkzeug, and sssd).
목, 2024/05/09 - 9:03오전
The LWN.net Weekly Edition for May 9, 2024 is available.
목, 2024/05/09 - 1:11오전
The so-called software supply chain starts with source code. But most security measures and tooling
don't kick in until source is turned into an artifact—a source
tarball, binary build, container image, or other method of delivering a
release to users. The gittuf project
is an attempt to provide a security layer for Git that can handle key management,
enforce security policies for repositories, and guard against attacks
at the version-control layer. At Open Source Summit North America (OSSNA), Aditya Sirish A
Yelgundhalli and Billy Lynch presented
an introduction to gittuf with an overview of its goals and
status.
목, 2024/05/09 - 12:53오전
Fedora Magazine reports
that the Fedora Asahi
Remix for Apple Arm hardware, based on Fedora
40, is now available:
Fedora Asahi Remix offers
KDE Plasma 6 as our flagship desktop
experience. It also features a custom Calamares-based initial setup
wizard. A GNOME variant is also available, featuring GNOME 46, with
both desktop variants matching what Fedora Linux offers. Fedora Asahi
Remix also provides a Fedora Server variant for server workloads and
other types of headless deployments. Finally, we offer a Minimal image
for users that wish to build their own experience from the ground up.
See the installation
guide to get started with the Asahi Remix.
수, 2024/05/08 - 10:46오후
Security updates have been issued by Debian (glib2.0 and php7.3), Gentoo (Commons-BeanUtils, Epiphany, glibc, MariaDB, Node.js, NVIDIA Drivers, qtsvg, rsync, U-Boot tools, and ytnef), Oracle (kernel), Red Hat (git-lfs and kernel), SUSE (flatpak, less, python311, rpm, and sssd), and Ubuntu (libde265, libvirt, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp,
linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4,
linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi,
linux-raspi-5.4, linux-xilinx-zynqmp, linux, linux-azure, linux-azure-5.15, linux-azure-fde,
linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop,
linux-gkeop-5.15, linux-ibm, linux-ibm-5.15, linux-kvm, linux-lowlatency,
linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15, linux-oem-6.5, and nghttp2).
수, 2024/05/08 - 6:46오전
A proposal to switch the default desktop for Fedora Workstation from GNOME
to KDE Plasma largely went over like the proverbial lead balloon—unsurprisingly.
But the
conversation about the proposal did surface some areas where the
distribution could
perhaps be more inclusive with regard to the other desktop choices
available. The project believes that it
benefits from being opinionated and not requiring users to make
multiple decisions before they can even install the distribution, but there
is a balance
to be found.
수, 2024/05/08 - 12:50오전
The
systemd project is preparing for a new release.
Version 256-rc1 was released
on April 25 with a large number of changes and new features. Most of the
changes relate to security, easier configuration, unprivileged access to system
resources, or all three of these. Users of systemd will find setting up
containers — even without root access — much simpler and more secure.
화, 2024/05/07 - 9:57오후
Version
14.1 of the GCC compiler suite has been released. The list of changes
is long; it includes support for more C++26 features, preparation for
Fortran 2023 support, a new -fhardened flag to enable
security-hardening features, vectorizer improvements, and a number of
static-analyzer improvements. See
the release notes for
details.
화, 2024/05/07 - 9:46오후
The Go Blog has
a detailed
article on the new, more secure random-number generator implemented for
the 1.22 release.
For example, when Go 1.20 deprecated math/rand's Read, we heard
from developers who discovered (thanks to tooling pointing out use
of deprecated functionality) they had been using it in places where
crypto/rand's Read was definitely needed, like generating key
material. Using Go 1.20, that mistake is a serious security problem
that merits a detailed investigation to understand the
damage. Where were the keys used? How were the keys exposed? Were
other random outputs exposed that might allow an attacker to derive
the keys? And so on. Using Go 1.22, that mistake is just a mistake.
화, 2024/05/07 - 9:29오후
Security updates have been issued by Debian (kernel), Gentoo (libjpeg-turbo, xar, and Xpdf), Red Hat (bind, dhcp and glibc), and SUSE (bouncycastle, curl, flatpak, less, and xen).
페이지