LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Friday, February 26th, 2021

    Time Event
    3:13p
    Security updates for Friday
    Security updates have been issued by Debian (python-pysaml2 and redis), Fedora (buildah, containernetworking-plugins, containers-common, libmysofa, libpq, podman, postgresql, skopeo, xen, and xterm), openSUSE (nghttp2), Oracle (firefox and thunderbird), SUSE (glibc, ImageMagick, python-Jinja2, and salt), and Ubuntu (python2.7, python2.7, python3.4, python3.5, python3.6, python3.8, and tiff).
    3:29p
    GNU poke 1.0 released
    Version 1.0 of GNU poke is out.
    "GNU poke (http://www.jemarch.net/poke) is an interactive, extensible
    editor for binary data. Not limited to editing basic entities such
    as bits and bytes, it provides a full-fledged procedural,
    interactive programming language designed to describe data
    structures and to operate on them.    "
    3:43p
    Stable kernels 5.11.2, 5.10.19, and 5.4.101
    Greg Kroah-Hartman has released the 5.11.2,
    5.10.19, and
    5.4.101 stable kernels. These all contain
    a relatively small pile of important fixes; as usual, users should upgrade.
    6:45p
    [$] Lockless patterns: relaxed access and partial memory barriers
    The first article in this series provided
    an introduction to lockless algorithms and the happens before
    relationship that allows us to reason about them. The next step is to look
    at the concept of a "data race" and the primitives that exist to prevent
    data races. We continue in that direction with a look at relaxed accesses, memory
    barriers, and how they can be used to implement the kernel's seqcount
    mechanism.
    7:55p
    West: Post-Spectre web development
    Mike West has posted a detailed exploration
    of what is really required to protect sensitive information in web
    applications from speculative-execution exploits. "Spectre-like
    side-channel attacks inexorably lead to a model in which active web content
    (JavaScript, WASM, probably CSS if we tried hard enough, and so on) can
    read any and all data which has entered the address space of the process
    which hosts it. While this has deep implications for user agent
    implementations' internal hardening strategies (stack canaries, ASLR, etc),
    here we’ll remain focused on the core implication at the web platform
    level, which is both simple and profound: any data which flows into a
    process hosting a given origin is legible to that origin. We must design
    accordingly.    "
    10:36p
    Mageia 8 has been released
    The Mageia distribution has announced
    the release of Mageia 8. It comes with the usual array of new
    packages, including a 5.10.16 kernel, Plasma 5.20.4,
    GNOME 3.38, Firefox 78, Chromium 88, LibreOffice 7.0.4.2, and more.
    "ARM support has continued to develop, with both AArch64 and ARMv7
    now having all packages built and being close to primary architectures
    now. Support for Wi-Fi installation in the classical installer using WPA2
    encryption has been added, as well as improved support for newer
    filesystems allowing installations on F2FS. Support for NILFS, XFS, exFAT
    and Windows 10 NTFS has been improved to allow for better partition
    management. The Live installer has also had significant development. Boot
    times have been greatly reduced with the use of Zstd compression and
    improved hardware detection and the support for installing updates as a
    final step of the installation has been added. Zstd compression has also
    been applied to the rescue mode, allowing for faster startup, support for
    encrypted LVM/LUKS has also been added.    "

    << Previous Day 2021/02/26
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org