RHSA-2018:1827-1: Critical: flash-plugin security update

Red Hat Enterprise Linux: An update for flash-plugin is now available for Red Hat Enterprise Linux 6
Supplementary.

Red Hat Product Security has rated this update as having a security impact of
Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2018-4945, CVE-2018-5000, CVE-2018-5001, CVE-2018-5002

Read More

RHSA-2018:1825-1: Important: chromium-browser security update

Red Hat Enterprise Linux: An update for chromium-browser is now available for Red Hat Enterprise Linux 6
Supplementary.

Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2018-6148

Read More

RHSA-2018:1820-1: Important: Red Hat Virtualization security, bug fix, and enhancement update

Red Hat Enterprise Linux: An update for imgbased, redhat-release-virtualization-host, and
redhat-virtualization-host is now available for Red Hat Virtualization 4 for
RHEL-7.

Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2018-1124, CVE-2018-1126

Read More

The Lustre Filesystem Dropped from the Linux 4.18 Kernel

It’s now official: the latest RC1 pull request for the Linux 4.18 will not
host the nearly 15-year-old Lustre filesystem.

Greg Kroah-Hartman has been growing weary of the team developing its source
code not pushing cleaner and fixed code to the staging tree. The removal was
committed on June 5, 2018:
with the following notes:

The Lustre filesystem has been in the kernel tree for over 5 years now. While
it has been an endless source of enjoyment for new kernel developers learning
how to do basic coding style cleanups, as well as a semi-entertaining source
of bewilderment from the vfs developers any time they have looked into the
codebase to try to figure out how to port their latest api changes to this
filesystem, it has not really moved forward into the “this is in shape to get
out of staging” despite many half-completed attempts.

And getting code out of staging is the main goal of that portion of the
kernel tree. Code should not stagnate, and it feels like having this code in
staging is only causing the development cycle of the filesystem to take
longer than it should. There is a whole separate out-of-tree copy of this
codebase where the developers work on it, and then random changes are thrown
over the wall at staging at some later point in time. This dual-tree
development model has never worked, and the state of this codebase is proof
of that.

So, let’s just delete the whole mess. Now the lustre developers can go off
and work in their out-of-tree codebase and not have to worry about providing
valid changelog entries and breaking their patches up into logical pieces.
They can take the time they have spent doing those types of housekeeping
chores and get the codebase into a much better shape, and it can be submitted
for inclusion into the real part of the kernel tree when ready.

Honestly, I do not blame him. The staging tree is primarily intended for
unstable and less than mature code, which ideally should move to the mainline
within a short time of further development. It’s a temporary (that is,
staging) location. It’s not that I don’t appreciate the Lustre
filesystem. In fact, I once wrote about it for Linux Journal in the past.

For those who are less familiar with this filesystem: Lustre (or Linux
Cluster) is a distributed filesystem typically deployed in large-scale
cluster computing environments. Lustre is designed to be both performant and
to scale to tens of thousands of nodes and to petabytes of storage. And as
what may have just been alluded to already, a distributed filesystem allows
access to files from multiple hosts sharing a computer network.

Read More

Andrew Hutton of the OLS Needs Your Help, US Debuts World's Fastest Supercomputer, FCC's Repeal of Net Neutrality Goes into Effect Today and More

News briefs for June 11, 2018.

Andrew Hutton organized and ran the Linux Symposium for years (otherwise
known as OLS). He is one of the people who helped put Linux on the map
through his sheer determination, perseverance and enthusiasm for Linux.
Several months ago, Andrew suffered a heart attack and now needs our help.
Please remember, a donation of any amount helps tremendously.

Court orders Open Source Security, Inc, and Bradley Spengler to pay
$259,900.50 to Bruce Perens’ attorneys
. See Bruce
Perens’ blog post
for more details on the lawsuit against him, which
sought $3 million “because they
disagreed with my blog posts and Slashdot comments which expressed my
opinions that their policies regarding distribution of their Grsecurity
product could violate the GPL and lead to liability for breach of contract
and copyright infringement.”

The US now has the world’s fastest supercomputer, named Summit, reclaiming its
“speediest computer on earth” title from China and its Sunway TaihuLight
system, OMG
Ubuntu reports
. And of course, the Summit, which boasts 200 petaflops at
peak performance, runs Linux—RHEL to be exact. See the U.S.
Department of Energy’s Oak Ridge National Laboratory’s post
for more
details.

Jarek Duda, inventor of a new compression technique called asymmetric numeral
systems (ANS) a few years ago, which he dedicated to the public domain,
claims that Google is now seeking a patent that would give it broad rights
over the use of ANS for video compression, Ars
Technica
reports
. Google denies it’s attempting to patent Duda’s work,
but “Duda says he suggested the exact technique Google is trying to patent in
a 2014
email exchange
with Google engineers’—a view largely endorsed by a
preliminary
ruling
in February by European patent authorities.”

ownCloud recently announced
“the introduction of the Virtual File System within
the ownCloud Desktop Client”. This allows users to
synchronize with the end device only when needed, which will require
significantly less local storage space and improve ownCloud user experience.
You can download it here.

The FCC’s repeal of net neutrality officially goes into effect today. See the
New
York Times
story on how this could affect you, and see also
the
story on Wired
for more information on the fight.

Read More

America Unveils the World’s Fastest Supercomputer (And Yes: It Runs Linux)

The Summit SupercomputerAmerica’s new star-spangled Summit supercomputer is twice as fast as China’s Sunway supercomputer and runs on Red Hat Enterprise Linux. The supercomputer cost $200 million to build.

This post, America Unveils the World’s Fastest Supercomputer (And Yes: It Runs Linux), was written by Joey Sneddon and first appeared on OMG! Ubuntu!.

Read More

OpenStreetMap Should Be a Priority for the Open Source Community

Why open source needs an open geographic dataset.

Open source has won. The fact that free software now dominates
practically every sector of computing (with the main exception of the
desktop) is proof of that. But there is something even more important
than the victory of open source itself, and that is the wider success of
the underlying approach it embodies. People often forget just how radical
the idea of open, collaborative development seemed when it appeared in
the 1990s. Although it is true that this philosophy was the norm in
the very earliest days of the field, that culture was soon forgotten
with the rapid rise of commercial computing, which swept everything
before it in the pursuit of handsome profits. There, a premium was
placed on maintaining trade secrets and of excluding competitors.
But the appearance of GNU and Linux, along with the other open software
projects that followed, provided repeated proof that the older approach
was better for reasons that are obvious upon reflection.

Open, collaborative development allows people to build on the work of
others, instead of wastefully re-inventing the wheel, and it enables the best
solutions to be chosen on technical, rather than commercial, grounds.
The ability to work on areas of personal interest, rather than on those
assigned by managers, encourages new talent to join projects in order
to pursue their passions, while the non-discriminatory global reach of
the open method means that the pool of contributors is much larger than
for conventional approaches. However, none of those advantages is tied
to software: they can be applied to many fields. And that is precisely
what has happened in the last two decades, with the ideas underlying
free software producing astonishing results elsewhere.

Read More