Welcome to LWN.net

The newest update to the Krita digital painting application has been released. Version 2.9 introduces several new user-interface features, updates to the layers system, and a variety of tool and rendering improvements. The 2.9 development cycle was also the project's first to be centered around a crowdfunding campaign.

Full Story (comments: none)

A traditional feature of the tools track at the Linux Foundation's Collaboration Summit is an update from the developers of the GNU C Library (glibc); that tradition was upheld in fine form at the 2015 event. Glibc developer Roland McGrath noted that while the project is a critical component in vast numbers of Linux installations, it does not have a lot of developers working on it. Still, even with a relatively small developer base, some real progress has been made over the last year.

Full Story (comments: 38)

When one thinks about the PHP language, terms like "strong typing" and "strict checking" do not normally come to mind. But, as the project works toward its next major release (to be called PHP 7), it has become embroiled in a fierce debate over the proposed addition of some simple typing features to the language. To some, PHP is growing up into a safer, better-defined language, while others see the changes as possibly destroying the character of a historically freewheeling language.

Click below (subscribers only) for the full article.

Full Story (comments: 143)

The free-software community has frequently advocated the development of new decentralized, federated network services—for example, promoting XMPP as an alternative to AOL Instant Messenger, StatusNet as an alternative to Twitter, or Diaspora as an alternative to Facebook. The recently launched Matrix project takes on a different service: IRC-like multi-user chat.

Full Story (comments: 45)

The Inkscape project released version 0.91 at the end of January, a release culminating more than four years of development. The new release incorporates a lengthy list of improvements from that time period: new tools, performance enhancements, and fixes to several longstanding bugs. Just as importantly, though, it also lays the groundwork for a 1.0 release that will signify an important milestone: full SVG 1.1 support. Over the years, though, Inkscape has evolved to be more than just an SVG editor—as version 0.91 demonstrates.

Full Story (comments: 11)

Thus far, this series has looked at Linux distributions that are optimized for network-attached storage (NAS) deployments. This installment will take a slightly different turn: the system under review (FreeNAS) is indeed a free distribution for NAS applications, but it is based on FreeBSD rather than Linux. In many ways it looks like the Linux-based systems reviewed previously, but there are some interesting differences.

Full Story (comments: 100)

At linux.conf.au 2015 in Auckland, Rusty Russell presented a talk about his personal side-project, Pettycoin. Russell had announced Pettycoin at LCA 2014; at that time it represented an untested concept: a way to attach a separate, Bitcoin-like network to the existing Bitcoin blockchain. Pettycoin's goal was originally to offer a simpler and faster "side network" that periodically reconnected to Bitcoin. In the intervening year, Russell made a lot of progress, but other new innovations in the Bitcoin arena have led him to question parts of the Pettycoin approach and consider a reimplementation.

Full Story (comments: 7)

One of the defining moments of LCA 2005 was Eben Moglen's keynote, which was mostly focused on the dangers that software patents presented to our community. Ten years later, Eben returned to LCA for another keynote address. While he had some things to say about software patents, it is clear that Eben thinks that the largest threats to our community — and our freedom in general — come from elsewhere.

Full Story (comments: 23)

Bob Young, known to the free-software community as the co-founder of Red Hat, founder of the print-on-demand service Lulu, and creator of the non-profit Center For The Public Domain, delivered the morning keynote address on the first full day of linux.conf.au (LCA) 2015 in Auckland. Although Young confessed several times to not being as plugged-in to the Linux and free-software economy as he once was, he had plenty of wisdom to dispense to the crowd.

Click below (subscribers only) for the full report from LCA 2015.

Full Story (comments: 9)

This is the second article in a short series on distributions designed for use in a network-attached storage (NAS) box. The first was a look at OpenMediaVault, a fairly traditional NAS distribution. The subject this time around — Rockstor — is a different beast; its purpose is to make the features of the Btrfs filesystem available behind an easy-to-use, web-oriented management interface.

Full Story (comments: 14)

Version 2.2.0 of the VLC media player has been released. According to the announcement, highlights in the new version include automatic, hardware-accelerated rotation of portrait-orientation videos such as those shot on smartphones, resuming playback at the last point watched in the previous session, in-application download and installation of extensions, support for interactive Blu-Ray menus, and "compatibility with a very large number of unusual codecs." The release is available for Linux, Android, and Android TV, plus various Windows and Apple platforms.

Comments (2 posted)

Version 3.6 of the LLVM compiler suite is out. Changes include "many many bug fixes, optimization improvements, support for more proposed C++1z features in Clang, better native Windows compatibility, embedding LLVM IR in native object files, Go bindings, and more." Details can be found in the LLVM 3.6 release notes and the Clang 3.6 release notes.

Full Story (comments: none)

Greg Kroah-Hartman has released the latest stable kernels: 3.18.8, 3.14.34, and 3.10.70. All contain important updates and fixes.

Comments (none posted)

Debian has updated request-tracker4 (multiple vulnerabilities).

Debian-LTS has updated cups (code execution) and request-tracker3.8 (multiple vulnerabilities).

Oracle has updated openssl (O5: multiple vulnerabilities).

SUSE has updated Samba (SLES11: code execution).

Ubuntu has updated cups (code execution) and eglibc, glibc (multiple vulnerabilities).

Comments (none posted)

Ars Technica takes a look at Linux gaming and at what effect SteamOS has had already for gaming on Linux. The article also considers the future and where SteamOS might (or might not) take things. "This all brings up another major question for SteamOS followers: how long is this "beta" going to last, exactly? While Valve has unquestionably built a viable Linux gaming market from practically nothing, the company's lackadaisical development timeline might be holding the market back from growing even more. In the last year, the initial excitement behind the SteamOS beta launch seems to have given way to "Valve Time" malaise in some ways."

Comments (12 posted)

CentOS has updated thunderbird (C6; C5: multiple vulnerabilities).

Debian has updated cups (code execution), iceweasel (multiple vulnerabilities), kfreebsd-9 (denial of service), and libgtk2-perl (code execution).

Fedora has updated libhtp (F20: denial of service).

Gentoo has updated samba (multiple vulnerabilities, some from 2012 and 2013).

Mageia has updated apache-poi (denial of service), cabextract (privilege escalation), e2fsprogs (two code execution flaws), firefox, thunderbird (multiple vulnerabilities), and sympa (information disclosure).

openSUSE has updated cups (13.2, 13.1: code execution) and snack (13.2, 13.1: code execution from 2012).

Oracle has updated firefox (OL5: multiple vulnerabilities) and thunderbird (OL6: multiple vulnerabilities).

Red Hat has announced that RHEL 5.9 support will end on March 31.

Scientific Linux has updated firefox (multiple vulnerabilities) and thunderbird (SL6, SL5: multiple vulnerabilities).

Slackware has updated thunderbird (multiple vulnerabilities) and firefox (multiple vulnerabilities).

SUSE has updated java-1_5_0-ibm (SLE10SP4: many vulnerabilities) and java-1_6_0-ibm (SLE11SP2: two unspecified vulnerabilities).

Ubuntu has updated EC2 kernel (10.04: two vulnerabilities), firefox (14.10, 14.04, 12.04: many vulnerabilities), kernel (14.10; 14.04; 12.04; 10.04: multiple vulnerabilities), linux-lts-trusty (12.04: multiple vulnerabilities), linux-lts-utopic (14.04: multiple vulnerabilities), and linux-ti-omap4 (12.04: multiple vulnerabilities).

Comments (none posted)

CentOS has updated firefox (C7; C6; C5: multiple vulnerabilities).

Debian-LTS has updated openjdk-6 (multiple vulnerabilities).

Fedora has updated dump (F21; F20: code execution) and samba (F21; F20: root code execution).

Gentoo has updated grep (denial of service).

Mageia has updated freetype2 (many vulnerabilities) and samba (root code execution).

openSUSE has updated samba (13.2, 13.1: two vulnerabilities).

Oracle has updated firefox (OL7; OL6: multiple vulnerabilities).

Red Hat has updated firefox (RHEL5,6,7: multiple vulnerabilities) and thunderbird (RHEL5,6: multiple vulnerabilities).

SUSE has updated Samba (SLE11 SP3: root code execution).

Ubuntu has updated freetype (many vulnerabilities).

Comments (none posted)

Mozilla has released Firefox 36.0. The release notes mention a few new features, including support for the full HTTP/2 protocol. This version will no longer accept insecure RC4 ciphers whenever possible and certificates with 1024-bit RSA keys will be phased out. See the release notes for more information.

Comments (32 posted)

Videos from FOSDEM sessions are available in mp4 format. WebM versions will become available later. (Thanks to Scott Dowdle)

Comments (8 posted)

Debian has updated kernel (multiple vulnerabilities).

Debian-LTS has updated samba (root code execution).

Fedora has updated php (F21: two vulnerabilities), sox (F21: code execution), sudo (F20: information disclosure), and unzip (F20: multiple vulnerabilities).

Oracle has updated samba (OL7; OL6: root code execution), samba3x (OL5: root code execution), and samba4 (OL6: root code execution).

Red Hat has updated libyaml (RHEL6: denial of service), samba (RHEL7; RHEL6.2, 6.4, 6.5; RHEL6: root code execution), samba3x (RHEL5; RHEL5.6, 5.9: root code execution), and samba4 (RHEL6; RHEL6.4, 6.5: root code execution).

Scientific Linux has updated samba (SL7; SL6,7; SL5: root code execution) and samba4 (SL6: root code execution).

SUSE has updated php5 (SLE12: multiple vulnerabilities).

Ubuntu has updated ca-certificates (certificate update), e2fsprogs (code execution), and samba (14.10, 14.04, 12.04: root code execution).

Comments (none posted)