Linux Weekly News

The LWN.net Weekly Edition for December 3, 2020 is available.

A way to specify multiply branched conditionals in the Python language—akin to the C switch statement—has been a longtime feature request. Over the years, various proposals have been mooted, but none has ever crossed the finish line and made it into the language. A highly ambitious […]

Let's Encrypt has announced that, as of today, the TLS certificates issued by the Let's Encrypt certificate authority are using a new intermediate certificate. "While LE will start using their new _roots_ next year, the change today is using a _variant_ of their "R3" certificate which is […]

Stable kernels 5.9.12, 5.4.81, 4.19.161, 4.14.210, 4.9.247, and 4.4.247 have been released with important fixes. Users should upgrade.

Security updates have been issued by Debian (brotli, jupyter-notebook, and postgresql-9.6), Fedora (perl-Convert-ASN1 and php-pear), openSUSE (go1.15, libqt5-qtbase, mutt, python-setuptools, and xorg-x11-server), Oracle (firefox, kernel, libvirt, and thunderbird), Red Hat […]

Alexander Popov describes his kernel heap-quarantine patches designed to protect the system against use-after-free vulnerabilities. "In July 2020, I got an idea of how to break this heap spraying technique for UAF exploitation. In August I found some time to try it out. I extracted the slab […]

Xorg-server 1.20.10 has been released. This version fixes security issues that could lead to privilege escalation, or other problems.

As an ever-growing number of workloads are being moved to the cloud, CPU vendors have begun to roll out purpose-built hardware features to isolate virtual machines (VMs) from potentially hostile parties. These processor features, and their extensions, enable the notion of "secure VMs" (or […]

Security updates have been issued by Debian (libxstream-java, musl, mutt, pdfresurrect, vips, and zsh), Fedora (libuv, nodejs, thunderbird, and xen), openSUSE (libssh2_org, mutt, neomutt, and thunderbird), Oracle (firefox and thunderbird), Red Hat (firefox, rh-nodejs12-nodejs, rh-php73-php, and […]

The Arm processor architecture has pushed the boundaries in a number of ways, some of which have required significant kernel changes in response. For example, the big.LITTLE architecture placed fast (but power-hungry) and slower (but more power-efficient) CPUs in the same system-on-chip (SoC); […]

The Python Packaging Authority has announced the release of pip 20.3. There is some potential for disruption with this release. "The new resolver is now *on by default*. It is significantly stricter and more consistent when it receives incompatible instructions, and reduces support for certain […]

Security updates have been issued by Arch Linux (c-ares, libass, raptor, rclone, and swtpm), Debian (libproxy, qemu, tcpflow, and x11vnc), Fedora (asterisk, c-ares, microcode_ctl, moodle, pam, tcpdump, and webkit2gtk3), Mageia (jruby and webkit2), openSUSE (buildah, c-ares, ceph, fontforge, […]

Version 8.0.0 of the PHP language has been released. New features include union types, named arguments, match expressions, a just-in-time compiler, and more; see this article for more information.

The 5.10-rc6 kernel prepatch is out. "So I'm feeling pretty good about 5.10, and I hope I won't be proven wrong about that. But please do test."

Security updates have been issued by Arch Linux (go, libxml2, postgresql, and wireshark-cli), Debian (drupal7 and lxml), Fedora (drupal7, java-1.8.0-openjdk-aarch32, libxml2, pacemaker, slurm, and swtpm), openSUSE (c-ares, ceph, chromium, dash, firefox, go1.14, java-1_8_0-openjdk, kernel, krb5, […]