All posts by coogle

Knauth elected Free Software Foundation president; Bénassy joins board

Post Syndicated from coogle original https://lwn.net/Articles/828314/rss

The Free Software Foundation (FSF) has announced that Geoffrey Knauth has been elected president, and free software activist and developer Odile Bénassy has been appointed to the board of directors. Knauth is replacing Richard Stallman who resigned last year. In Knauth’s statement, he said: “The FSF board chose me at this moment as a servant leader to help the community focus on our shared dedication to protect and grow software that respects our freedoms. It is also important to protect and grow the diverse membership of the community.

Security updates for Friday

Post Syndicated from coogle original https://lwn.net/Articles/828309/rss

Security updates have been issued by CentOS (firefox, java-1.8.0-openjdk, java-11-openjdk, libvncserver, postgresql-jdbc, and thunderbird), Debian (firejail and gupnp), Fedora (cutter-re, postgresql-jdbc, radare2, and webkit2gtk3), openSUSE (chromium, firefox, kernel, and python-rtslib-fb), Oracle (container-tools:ol8, kernel, and nss and nspr), Red Hat (Red Hat OpenShift Jaeger 1.17.6 container images, Red Hat OpenShift Service Mesh, and Red Hat OpenShift Service Mesh 3scale-istio-adapter-rhel8-container), Scientific Linux (thunderbird), and SUSE (firefox, kernel, postgresql10 and postgresql12, python-ipaddress, and xen).

[$] PHP struggles with attributes syntax

Post Syndicated from coogle original https://lwn.net/Articles/828175/rss

PHP 8.0 is on the horizon, and the project has imposed a feature-freeze for the release. There’s one exception to the feature-freeze, though: the new attributes syntax. An attribute is syntactical metadata for PHP code, identical to what is called an “annotation” in other languages. Even though attributes have been voted on multiple times by the community, major contributor and creator of XDebug Derick Rethans threw a wrench into the works days before the feature-freeze by challenging the current syntax. The ensuing discussion lead to the fourth attributes proposal for the year, with a special feature-freeze exception being made by release manager Sara Golemon. This exception gives Rethans one more opportunity to convince the community to change how attributes work up to the Beta 3 release, scheduled for September 3.

[$] Checking out FreeCAD

Post Syndicated from coogle original https://lwn.net/Articles/828037/rss

Our look at running a CNC milling machine
using open-source software led me to another tool worth looking at: FreeCAD. I wasn’t previously familiar with
the program, so I decided to check it out. In this article I will walk
through my experiences with using FreeCAD for the first time to do a variety
of CNC-related tasks I normally would have used a commercial product for. I
had varying degrees of success in my endeavors, but in the end came away with
a positive opinion.

X.org security fixes address potential ASLR bypass, heap corruption

Post Syndicated from coogle original https://lwn.net/Articles/827701/rss

The X.Org project has announced two security advisories that impact Xserver and libX11. The first advisory for X server is regarding uninitialized memory in AllocatePixmap() that could lead to address space layout randomization bypass. The second, impacting libX11, is a heap corruption caused by integer overflows and signed/unsigned comparisons.

[$] Open-source CNCing

Post Syndicated from coogle original https://lwn.net/Articles/827240/rss

Last year Sienci Labs finished its Kickstarter campaign for the open-source LongMill Benchtop CNC Router — its second successful open-source CNC machine Kickstarter campaign. CNC routers allow users to mill things (like parts) from raw materials (like a block of aluminum) based on a 3D-model. The LongMill is a significant improvement over the original sold-out Mill One and makes professional-quality machining based entirely on open-source technology a reality. As an owner of a LongMill, I will walk through the various open-source technologies that make this tool a cornerstone of my home workshop.

[$] A look at Dart

Post Syndicated from coogle original https://lwn.net/Articles/826315/rss

Dart is a BSD-licensed programming language from Google with a mature open-source community supporting the project. It works with multiple architectures, is capable of producing native machine-code binaries, and can also produce JavaScript versions of its applications. Dart version 1.0 was released in 2013, with the most recent version, 2.8, released on June 3 (2.9 is currently in public beta). Among the open-source projects using Dart is the cross-device user-interface (UI) toolkit Flutter. We recently covered the Canonical investment in Flutter to help drive more applications to the Linux desktop, and Dart is central to that story.

[$] TLS gets a boost from Arduino for IoT devices

Post Syndicated from coogle original https://lwn.net/Articles/826757/rss

Arduino devices are a favorite among do-it-yourself (DIY) enthusiasts to create, among other things, Internet of Things (IoT) devices. We have previously covered the Espressif ESP8266 family of devices that can be programmed using the Arduino SDK, but the Arduino project itself also provides WiFi-enabled devices such as the Arduino MKR WiFi 1010 board. Recently, the Arduino Security Team raised the problem of security shortcomings of IoT devices in a post, and how the Arduino project is working to make improvements. We will take the opportunity to share some interesting things from that, and also look at the overall state of TLS support in the Arduino and Espressif SDK projects.

[$] Mycroft: an open-source voice assistant

Post Syndicated from coogle original https://lwn.net/Articles/826625/rss

Mycroft is a free and open-source software project aimed at providing voice-assistant technology, licensed under the Apache 2.0 license. It is an interesting alternative to closed-source commercial offerings such as Amazon Alexa, Google Home, or Apple Siri. Use of voice assistants has become common among consumers, but the privacy concerns surrounding them are far-reaching. There have been multiple instances of law enforcement’s interest in the data these devices produce for use against their owners. Mycroft claims to offer a privacy-respecting, open-source alternative, giving users a choice on how much of their personal data is shared and with whom.

Linux Foundation announces COVID-19 exposure notification application initiative (TechRepublic)

Post Syndicated from coogle original https://lwn.net/Articles/826627/rss

TechRepublic reports that the Linux Foundation has announced the Linux Foundation Public Health initiative (LFPH). Using projects based on the Google Apple Exposure Notification system, the initiative’s goal according to LFPH general manager Dan Kohn is “building a global community of leading technology and consulting companies, public health authorities, epidemiologists, and other public health specialists, privacy and security experts, and individual developers.” With this announcement is the launch of two open-source projects: COVID Shield and COVID Green.

[$] Ubuntu invests in Google’s Flutter and Dart

Post Syndicated from coogle original https://lwn.net/Articles/826124/rss

Flutter is Google’s open-source toolkit to build cross-device (and cross-platform) applications. Based on the Dart programming language released by the company in 2013, Flutter promises developers the ability to write and maintain a single application that runs on all of a user’s devices. Flutter applications support deployment on Android, iOS, Web browsers via JavaScript, macOS, and now Canonical and Google have teamed up to support Flutter applications in Linux. Promises of native speed, rapid development, and a growing community make it an interesting technology to take a look at.

[$] Linux Mint drops Ubuntu Snap packages

Post Syndicated from coogle original https://lwn.net/Articles/825005/rss

The Linux Mint project has made good on previous threats to actively prevent Ubuntu Snap packages from being installed through the APT package-management system without the user’s consent. This move is the result of “major worries” from Linux Mint on Snap’s impact with regard to user choice and software freedom. Ubuntu’s parent company, Canonical, seems open to finding a solution to satisfy the popular distribution’s concerns — but it too has interests to consider.

[$] Home Assistant improves performance in 0.112 release

Post Syndicated from coogle original https://lwn.net/Articles/825004/rss

The Home Assistant project has released version 0.112 of the open-source home automation hub we have previously covered, which is the eighth release of the project this year. While previous releases have largely focused on new integrations and enhancements to the front-end interface, in this release the focus has shifted more toward improving the performance of the database. It is important to be aware that there are significant database changes and multiple potential backward compatibility breaks to understand before attempting an upgrade to take advantage of the improvements.

[$] Netflix releases open-source crisis-management tool

Post Syndicated from coogle original https://lwn.net/Articles/824739/rss

Earlier this year, Netflix developed and released a new Apache-licensed project named Dispatch. It is designed to coordinate the response to and the resolution of security-related incidents, but the project aims for more than just that. Rather, it hopes to be valuable for any type of one-off incident that needs coordination across an organization, such as a service outage.

[$] First PHP 8 alpha released

Post Syndicated from coogle original https://lwn.net/Articles/824738/rss

The PHP project has released the first alpha of PHP 8, which is slated for general availability in November 2020. This initial test release includes many new features such as just-in-time (JIT) compilation, new constructs like Attributes, and more. One of twelve planned releases before the general availability release, it represents a feature set that is still subject to change.