LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Tuesday, November 12th, 2019

    Time Event
    2:17a
    [$] Debian reconsiders init-system diversity
    Many community-based Linux distributions have made the decision to switch
    to systemd, and most of those decisions were accompanied by lengthy,
    sometimes acrimonious mailing-list discussions. No distribution had a
    harder time of it than Debian, though, where arguments raged through much
    of 2013 before the Debian Technical Committee decided on systemd in early 2014. Thereafter,
    it is fair to say,
    appetite for renewing the init-system discussion has been low. Now,
    though, the topic has returned to the fore and
    it would appear that the project is heading toward a new general
    resolution to decide at what level init systems other than systemd should
    be supported.
    3:54p
    Security updates for Tuesday
    Security updates have been issued by Fedora (community-mysql, crun, java-latest-openjdk, and mupdf), openSUSE (libssh2_org), and SUSE (go1.12, libseccomp, and tar).
    8:45p
    Stable kernel updates
    Stable kernels 5.3.11, 4.19.84, 4.14.154, 4.9.201, and 4.4.201 have been released. They all contain
    important fixes and users should upgrade.
    8:48p
    This week's hardware vulnerabilities
    A set of patches has just been pushed into the mainline repository (and stable updates) for yet another set of hardware vulnerabilities. "TSX async abort" (or TAA) exposes information through the usual side channels by way of internal buffers used with the transactional memory (TSX) instructions. Mitigation is done by disabling TSX or by clearing the relevant buffers when switching between kernel and user mode. Given that this is not the first problem with TSX, disabling it entirely is recommended; a microcode update may be needed to do so, though. This commit contains documentation on this vulnerability and its mitigation.

    There are also fixes for another vulnerability: it seems that accessing a memory address immediately after the size of the page containing it was changed (from a regular to a huge page, for example) can cause the processor to lock up. This behavior is considered undesirable by many. The vulnerability only exists for pages marked as executable; the mitigation is to force all executable pages to be the regular, 4K page size.

    << Previous Day 2019/11/12
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org