|
Navigation
Search
Top: LWN.net
|
PC / Tech. > LWN.net
Wednesday March 19, 2025. 03:48 PM
A security company called Fenrisk has posted an overview of a pair of claimed successful supply-chain attacks on the Fedora and openSUSE distributions. We successfully identified vulnerabilities in the Pagure, the Git forge used by Fedora to store their package...
Security updates have been issued by Debian (tzdata), Fedora (expat and tigervnc), Red Hat (kernel, kernel-rt, thunderbird, and webkit2gtk3), SUSE (dcmtk), and Ubuntu (restrictedpython and uriparser).
Tuesday March 18, 2025. 05:49 PM
If all goes according to plan, the Ubuntu project will soon be replacing many of the traditional GNU utilities with implementations written in Rust, such as those created by the uutils project, which we covered in February. Wholesale replacement of core utilities at the...
Security updates have been issued by Debian (freetype and rails), Fedora (mosquitto and python-django4.2), Mageia (libarchive, libreoffice, php, and quictls), Red Hat (webkit2gtk3), SUSE (erlang, nethack, python312, and wpa_supplicant), and Ubuntu (freetype and plantuml).
Monday March 17, 2025. 11:34 PM
The long-awaited GIMP 3.0 release is now available. Major changes in 3.0 include non‑destructive editing for most commonly‑used filters, improved text creation, better color space management, and an update to GTK 3. This is the end result of seven years of hard work by...
Version 12.00 of the SystemRescue live Linux system has been released. SystemRescue is an Arch Linux based bootable toolkit for repairing systems in the event of a crash. Notable changes in this release include an update to Linux 6.12.19, support for bcachefs, and a number...
One of the many important tasks that the kernel's memory-management subsystem must handle is keeping track of how pages of memory are mapped into the address spaces of the processes running on the system. As long as mappings to a given page exist, that page must be kept in...
Security updates have been issued by Debian (opensaml and php8.2), Fedora (chromium, ctk, dcmtk, expat, ffmpeg, firefox, fscrypt, gdcm, InsightToolkit, kitty, libssh2, libxml2, linux-firmware, man2html, nextcloud, OpenImageIO, php, podman-tui, python-django, python-django5,...
Linus has released the seventh (and probably last) prepatch for the 6.14 release. 'Things continue to look quite calm, and I expect to release the final 6.14 next weekend unless something very surprising happens'.
Friday March 14, 2025. 07:27 PM
Version 2.49.0 of the Git source-code management system has been released. This release comprises 460 non-merge commits since 2.48.0, with contributions from 89 people, including 24 new contributors. There is a long list of improvements and bug fixes; see the highlights blog ...
Organizations relying on open-source software have a wide range of tools, scorecards, and methodologies to try to assess security, legal, and other risks inherent in their so-called supply chain. However, Max Mehl argued recently in a short talk at FOSS Backstage in Berlin...
Security updates have been issued by Fedora (iniparser, thunderbird, trafficserver, and xorg-x11-server), Mageia (opensc), Oracle (.NET 8.0,.NET 9.0, gcc, kernel, and libxml2), Red Hat (firefox, grub2, and krb5), Slackware (libxslt), SUSE (amazon-ssm-agent, bsdtar, build,...
Thursday March 13, 2025. 07:10 PM
Charles Choi has announced the release of the Casual Make: a menu-driven interface, implemented as part of the Casual suite of tools, for Makefile Mode in GNU Emacs. Emacs supports makefile editing with make-mode which has a mix of useful and half-baked (though thankfully...
When the 6.14 kernel is released later this month, it will include the usual set of internal changes that users should never notice, with the possible exception of changes that bring performance improvements. One of those changes is frozen pages, a memory-management...
Greg Kroah-Hartman has announced the release of the 6.13.7, 6.12.19, 6.6.83, 6.1.131, 5.15.179, 5.10.235, and 5.4.291 stable kernels. They all contain a relatively large number of important fixes throughout the kernel tree.
Security updates have been issued by Debian (chromium), Fedora (ffmpeg, qt6-qtwebengine, tigervnc, and xorg-x11-server-Xwayland), Red Hat (fence-agents and libxml2), SUSE (amazon-ssm-agent, ark, chromium, fake-gcs-server, gerbera, google-guest-agent, google-osconfig-agent,...
Inside this week's LWN.net Weekly Edition: Front: PyPI terms of service; Zig 0.14; Matrix; Timer IDs and ABI; Module integrity checking; Capability analysis. Briefs: Path traversal; Below vulnerability; Ubuntu 25.04; Flang; Gstreamer 1.26.0; Framework Mono 6.14.0;...
Wednesday March 12, 2025. 06:22 PM
On February 25, the Python Software Foundation (PSF), which runs the Python Package Index (PyPI), announced new terms of service (ToS) for the repository. That has led to some questions about the new ToS, and the process of coming up with them. For one thing, the previous...
Damien Neil has written an article for the Go Blog about path traversal vulnerabilities and the os.Root API added in Go 1.24 to help prevent them. Root permits relative path components and symlinks that do not escape the root. For example, root.Open('a/../b') is permitted....
The Zig project has announced the release of the 0.14 version of the language, including changes from more than 250 contributors. Zig is a low-level, memory-unsafe programming language that aims to compete with C instead of depending on it. Even though the language has not...
|
25 sources
Current Date
Jun, Thu 5 - 19:40 CEST
|
