Index
LWN.netLWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Matt Godbolt announces GCC explorer, a web-based tool for exploring how code tweaks change the machine code emitted by the compiler. "Particularly with some of the newer features of C++11 — lambdas, move constructors, threading primitives etc — it’s nice to be able to see how your elegant code becomes beautiful (and maybe even fairly optimal) machine code." The GCC explorer code is on github for those who want to set up their own instance.
The LWN.net Weekly Edition for May 24, 2012 is available.
Groklaw has the news: the jury in Oracle v. Google has found that Google did not infringe any of Oracle's patents.
The H covers
an announcement by the Open Source Initiative that Simon Phipps is the
new president of the organization. "Phipps has already been spearheading an OSI reform process, working with the rest of the board to open up the organisation. That process has led to the creation of Open Source Initiative affiliation, bringing the Apache Software Foundation, FreeBSD, Eclipse, Mozilla, Debian, and Creative Commons, along with other organisations, on board as affiliates. "There will be further developments in that scheme soon, and we'll have much more to announce in other areas as the year progresses" said Phipps by email."
Mandriva has updated 2011.0: wireshark (denial of service).
Oracle has updated postgresql, postgresql84 (OL6; OL5: multiple vulnerabilities), OL5: postgresql (multiple vulnerabilities), OL5: kvm (multiple vulnerabilities), and OL6: bind-dyndb-ldap (denial of service).
Red Hat has updated RHEL5&6: flash-plugin (code execution).
SUSE has updated SLE10 SP4: openssl (exploitable vulnerabilities).
Ubuntu has updated 12.04: feedparser (denial of service).
Version 3.1 of the LLVM compiler suite is out. "This release represents approximately 6 months of development over
LLVM 3.0, delivers a vast range of improvements and new features.
Some of the most visible features include greatly expanded C++'11
support in Clang (including lambdas, initializer lists, constexpr,
user-defined literals, and atomics); AddressSanitizer, a fast memory
error detection tool which uses instrumentation to find bugs;
"instruction bundles" support in the late code generator, allowing
much better support for VLIW targets; an ARM integrated assembler
which speeds up ARM compile time and enables new features for the ARM
target; major enhancements to the MIPS backend (including support for
MIPS64); a new port for the Qualcomm Hexagon VLIW processor, Python
bindings, and much much more." See the release
notes for details.
For those interested in complex exploits: the Chromium Blog describes
how a sequence of six independent bugs was exploited to execute code
within the Chromium browser. "Even though Chrome’s renderers execute
inside a stricter sandbox than the GPU process, there is a special class of
renderers that have IPC interfaces with elevated permissions. These
renderers are not supposed to be navigable by web content, and are used for
things like extensions and settings pages. However, Pinkie found another
bug (117417) that allowed an unprivileged renderer to trigger a navigation
to one of these privileged renderers, and used it to launch the extension
manager. So, all he had to do was jump on the extension manager’s IPC
channel before it had a chance to connect."
Mageia 2 has been released. "Mageia 2 is available as Live CDs,
install DVDs and a netinstall CD, and is available in various languages for
easy download, from FTP, HTTP, or torrents." The release notes are
here. LWN
previewed this release last April.
Paul Gortmaker has released stable kernel 2.6.34.12. If you are running a 2.6.34.x
kernel you'll want this release.
![[uTouch diagram]](http://lwn.net/images/2012/utouch-grail-sm.png)
As the Linux desktop increases in popularity, the user interface experience
has become increasingly important. For example, most laptops today have
multitouch
capabilities that have yet to be fully exposed and exploited in the free
software ecosystem. Soon we will be carrying around multitouch tablets with
a traditional Linux desktop or similar foundation. In order to provide a
high-quality and rich experience we must fully exploit multitouch gestures. The
uTouch stack developed by Canonical aims to provide a foundation for
gestures on the Linux desktop.
Click below (subscribers only) for an overview of the architecture of
uTouch contributed by uTouch hacker Chase Douglas.
CentOS has updated C5: kvm (multiple
vulnerabilities), C5: postgresql (multiple
vulnerabilities), C5: postgresql84
(multiple vulnerabilities), C6: postgresql
(multiple vulnerabilities), and C6:
bind-dyndb-ldap (denial of service).
Fedora has updated perl-config-inifiles (F16; F15: insecure temporary files) and F16: moodle (many vulnerabilities).
Oracle has updated enterprise kernel (OL6; OL5: denial of service), enterprise kernel (OL6; OL5: denial of service), and OL6: kernel (denial of service).
Red Hat has updated RHEL5: kvm (multiple vulnerabilities), RHEL5: postgresql (multiple vulnerabilities), RHEL5: postgresql84 & RHEL6: postgresql (multiple vulnerabilities), and RHEL6: bind-dyndb-ldap (denial of service).
Scientific Linux has updated SL5: kvm (multiple vulnerabilities), SL5: postgresql (multiple vulnerabilities), SL5: postgresql84 & SL6: postgresql (multiple vulnerabilities), and SL6: bind-dyndb-ldap (denial of service).
Ubuntu has updated libxml2 (code
execution) and 12.04: kernel (multiple
vulnerabilities).
Version 4 of the ownCloud "personal cloud" system is out. "ownCloud
4 – built through active community support – adds innovative features like
file versioning, – which actively saves files, allowing users to "rollback"
to previous versions – and a new API — giving developers an easy, stable
and supported way to develop applications on top of ownCloud
capabilities." It also adds support for direct opening of ODF
documents and mounting of external filesystems like Dropbox or an FTP
server. See the release
announcement for more information.
Tim Waugh has announced
(on May 10)
the existence of the printerd project, meant to be a new print spooling
subsystem for Linux. "It is a polkit-enabled D-Bus system service,
written using the GLib object system. Although modeled on concepts from
IPP (Internet Printing Protocol), printerd is not in itself an IPP
server. Its only interface is D-Bus, although the aim is to be able to
implement an IPP server on top of the D-Bus API as a separate
process. Having a D-Bus interface means that applications wanting to print
automatically get to use printerd asynchronously."
Version 6 of the nmap network scanner is out. "It includes a more powerful Nmap
Scripting Engine, 289 new scripts, better web scanning, full IPv6
support, the Nping packet prober, faster scans, and much more." See
the release notes for details.
