LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Monday, February 22nd, 2021

    Time Event
    2:41p
    Security updates for Monday
    Security updates have been issued by Debian (chromium, libzstd, openldap, openvswitch, screen, and wpa), Fedora (dotnet5.0, subversion, and wpa_supplicant), openSUSE (mumble, python-djangorestframework, and tor), Oracle (container-tools:ol8, kernel, nodejs:10, nodejs:12, nodejs:14, subversion:1.10, and xterm), Red Hat (stunnel and xterm), and SUSE (ImageMagick, java-1_8_0-openjdk, kernel, krb5-appl, python3, tomcat, and webkit2gtk3).
    3:11p
    Kodi 19 released
    Version 19 of the Kodi "entertainment center" application is out with a long list of new features.

    For audio and music lovers, there are significant improvements across the board to metadata handling: library improvements, new tags, new displays, improvements to how Kodi handles release dates, album durations, multi-disc sets, and more. There's a new, Matrix-inspired visualisation, there are improvements to display when fetching files from a web server, and several changes to how audio decoder addons can pass information through to the Kodi player.

    For video, most of the changes are more technical, and may depend on your hardware: AV1 software decoding, HLG HDR and static HDR10 playback on Windows 10, static HDR10 and dynamic Dolby Vision HDR support on Android, and more OpenGL bicubic scalers.

    3:25p
    Garrett: Making hibernation work under Linux Lockdown
    Matthew Garrett recently posted a
    patch set     enabling hibernation on systems that are running in the UEFI
    secure-boot lockdown mode. This blog entry gets
    into the details of how it all works. "When we encrypt material with
    the TPM, we can ask it to record the PCR state. This is given back to us as
    metadata accompanying the encrypted secret. Along with the metadata is an
    additional signature created by the TPM, which can be used to prove that
    the metadata is both legitimate and associated with this specific encrypted
    data. In our case, that means we know what the value of PCR 23 was when we
    encrypted the key. That means that if we simply extend PCR 23 with a known
    value in-kernel before encrypting our key, we can look at the value of PCR
    23 in the metadata. If it matches, the key was encrypted by the kernel -
    userland can create its own key, but it has no way to extend PCR 23 to the
    appropriate value first. We now know that the key was generated by the
    kernel.    "
    11:17p
    [$] 5.12 Merge window, part 1
    The beginning of the 5.12 merge window was delayed as the result of severe
    weather in the US Pacific Northwest. Once Linus Torvalds got going, though, he
    wasted little time; as of this writing, just over 8,600 non-merge
    changesets have been pulled into the mainline repository for the 5.12
    release — over a period of about two days. As one might imagine, that work
    contains a long list of significant changes.

    << Previous Day 2021/02/22
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org