Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Rust Implements An IDE Protocol From Red Hat's Collaboration With Microsoft and Codenvy ( 42

An anonymous reader quotes InfoWorld: Developers of Mozilla's Rust language, devised for fast and safe system-level programming, have unveiled the first release of the Rust Language Service, a project that provides IDEs and editors with live, contextual information about Rust code. RLS is one of the first implementations of the Language Server Protocol, co-developed by Microsoft, Codenvy, and Red Hat to standardize communications between IDEs and language runtimes.

It's another sign of Rust's effort to be an A-list language across the board -- not only by providing better solutions to common programming problems, but also cultivating first-class, cutting-edge tooling support from beyond its ecosystem...

The Rust Language Service is "pre-alpha", and the whole Language Service Protocol is only currently supported by two IDEs -- Eclipse and Microsoft's Visual Studio Code. Earlier InfoWorld described it as "a JSON-based data exchange protocol for providing language services consistently across different code editors and IDEs," and one of the Rust developers has already developed a sample RLS client for Visual Studio Code.

'Most Serious' Linux Privilege-Escalation Bug Ever Is Under Active Exploit ( 107

Reader operator_error shares an ArsTechnica report: A serious vulnerability that has been present for nine years in virtually all versions of the Linux operating system is under active exploit, according to researchers who are advising users to install a patch as soon as possible. While CVE-2016-5195, as the bug is cataloged, amounts to a mere privilege-escalation vulnerability rather than a more serious code-execution vulnerability, there are several reasons many researchers are taking it extremely seriously. For one thing, it's not hard to develop exploits that work reliably. For another, the flaw is located in a section of the Linux kernel that's a part of virtually every distribution of the open-source OS released for almost a decade. What's more, researchers have discovered attack code that indicates the vulnerability is being actively and maliciously exploited in the wild.

"It's probably the most serious Linux local privilege escalation ever," Dan Rosenberg, a senior researcher at Azimuth Security, told Ars. "The nature of the vulnerability lends itself to extremely reliable exploitation. This vulnerability has been present for nine years, which is an extremely long period of time." The underlying bug was patched this week by the maintainers of the official Linux kernel. Downstream distributors are in the process of releasing updates that incorporate the fix. Red Hat has classified the vulnerability as "important."


Systemd Rolls Out Its Own Mount Tool ( 541

An anonymous Slashdot reader writes: I'm surprised this hasn't surfaced on Slashdot already, but yesterday Phoronix reported that systemd will soon be handling file system mounts, along with all the other stuff that systemd has encompassed. The report generated the usual systemd arguments over on with Lennart Poettering, systemd developer and architect, chiming in with a few clarifications.
Lennart argued it will greatly improve the handling of removable media like USB sticks.
Open Source

Microsoft PowerShell Goes Open Source and Lands On Linux and Mac ( 400

Microsoft announced on Thursday that it is open sourcing PowerShell, its system administration, scripting, and configuration management tool that has been a default part of Windows for several years. The company says it will soon release PowerShell on Mac and Linux platforms. PCWorld reports: The company is also releasing alpha versions of PowerShell for Linux (specifically Ubuntu, Centos and Redhat) and Mac OS X. A new PowerShell GitHub page gives people the ability to download binaries of the software, as well as access to the app's source code. PowerShell on Linux and Mac will let people who have already built proficiency with Microsoft's scripting language take those skills and bring them to new platforms. Meanwhile, people who are used to working on those platforms will have access to a new and very powerful tool for getting work done. It's part of Microsoft's ongoing moves to open up products that the company has previously kept locked to platforms that it owned. The company's open sourcing of its .NET programming frameworks in 2014 paved the way for this launch, by making the building blocks of PowerShell available on Linux and OS X. By making PowerShell available on Linux, Microsoft has taken the skills of Windows administrators who are already used to the software, and made them more marketable. It has also made it possible for hardcore Linux users to get access to an additional set of tools that they can use to manage a variety of systems.
Red Hat Software

Red Hat Exec Marries A Couple At Red Hat Summit ( 62

On the second day of the Red Hat Summit this week, attendees found themselves invited to a wedding during one of the general sessions. The groom was Matt Hargrave, a Red Hat client from Texas, and, it probably goes without saying, a huge fan of the company. The bride was Shannon Montague, a sign language interpreter, and "maybe the most understanding bride ever," jokes Slashdot reader itwbennett: "Pushing a commit to github isn't the same as committing to a life partner. There is no forking this project," Red Hat EVP Paul Cormier told a Texas couple, as he united them in holy matrimony... Red Hat CEO Jim Whitehurst was ring bearer. You can watch the ceremony on YouTube.
"After today your relationship will have newly architected infrastructure. And, of course, collaboration is...critical." I'm wondering if Slashdot readers can suggest more geeky marriage vows -- or have any other geeky wedding stories to share.

.NET Core 1.0 Released, Now Officially Supported By Red Hat ( 123

Microsoft on Monday announced the release of .NET Core, the open source .NET runtime platform. Finally! (It was first announced in 2014). The company also released ASP.NET Core 1.0, the open-source version of Microsoft's Web development stack. ArsTechnica reports:Microsoft picked an unusual venue to announce the release: the Red Hat Summit. One of the purposes of .NET Core was to make Linux and OS X into first-class supported platforms, with .NET developers able to reach Windows, OS X, Linux, and (with Xamarin) iOS and Android, too. At the summit today, Red Hat announced that this release would be actively supported by the company on Red Hat Enterprise Linux.

KDE Bug Fixed After 13 Years ( 118

About 50 KDE developers met this week in the Swiss Alps for the annual Randa Meetings, "seven days of intense in-person work, pushing KDE technologies forward and discussing how to address the next-generation demands for software systems." Christoph Cullmann, who maintains the Kate editor, blogs that during this year's sprint, they finally fixed a 13-year-old bug. He'd filed the bug report himself -- back in 2003 -- and writes that over the next 13 years, no one ever found the time to fix it. (Even though the bug received 333 "importance" votes...) After finally being marked Resolved, the bug's tracking page at began receiving additional comments marveling at how much time had passed. Just think, when this bug was first reported:
-- The current Linux Kernel was 2.6.31...
-- Windows XP was the most current desktop verison. Vista was still 3 years away.
-- Top 2 Linux verions? Mandrake and Redhat (Fedora wouldn't be released for another 2 months, Ubuntu's first was more than a year away.)


Ubuntu Linux Continues To Dominate OpenStack and Other Clouds ( 23

An anonymous reader quotes a report from ZDNet: One reason Ubuntu is increasing its lead is that Jujo, Canonical's application modeling and deployment DevOps tool, has been gaining in popularity. In the latest OpenStack user survey, we see that OpenStack is finally gaining real momentum in private clouds. We also see that Ubuntu Linux is continuing to dominate OpenStack. As Canonical cloud marketing manager Bill Bauman said, "Ubuntu OpenStack continues to dominate the majority of deployments with 55 percent of production OpenStack clouds. The previous survey showed Ubuntu OpenStack at 33 percent of production clouds. Ubuntu has seen almost 67 percent growth in an area where Ubuntu was already the market leader. These numbers are a huge testament to the community support Ubuntu OpenStack receives every day." The Cloud Market's latest analysis of operating systems on the Amazon Elastic Compute Cloud (EC2) shows Ubuntu with just over 215,000 instances. Ubuntu is followed by Amazon's own Amazon Linux Amazon Machine Image (AMI), with 86,000 instances. Further back, you'll find Windows with 26,000 instances. In fourth and fifth place, respectively, you'll find Red Hat Enterprise Linux (RHEL) with 16,500 instances and then CentOS with 12,500 instances.
Red Hat Software

Red Hat Expands Red Hat Developer Program With No-Cost Red Hat Enterprise Linux ( 50

An anonymous reader shares a report on BetaNews: Red Hat -- fresh from celebrating a historic $2 billion in annual revenue -- releases a developer-focused gift to the world. The Red Hat Enterprise Linux Developer Suite is totally free, including an RHEL license and valuable developer tools, like the JBoss Middleware portfolio. This is through the Red Hat Developer Program. If you want to take advantage of this amazing offer, you can sign up through the company's website Red Hat seems a bit late to the party. Many argue that the company should've made its update-only subscription for individuals free from the beginning -- especially considering it isn't a major source of revenue for the company. Exciting time for developers, nonetheless.
Open Source

Red Hat Becomes First $2 Billion Open-Source Company ( 116

An anonymous reader quotes a report from ZDNet: Red Hat just became the first open-source company to make a cool 2 billion bucks. Not bad considering Red Hat became the first billion dollar Linux company only four years ago. Red Hat did it the old-fashioned way: They earned the money instead of playing upon the gullibility of venture capitalists. Red Hat's total revenue for its fourth quarter was $544 million. That's up 17 percent in U.S. dollars year-over-year, or 21 percent measured constant currency. Subscription revenue for the quarter was $480 million, up 18 percent in U.S. dollars year-over-year, or 22 percent measured in constant currency. Subscription revenue in the quarter was 88 percent of total revenue. Analysts estimated Red Hat would make $534 million. Looking ahead for its 2016 FY Red Hat expects to see between $2.380 billion to $2.420 billion. At this rate, Red Hat should easily become the first $3 billion open-source company.
While Red Hat's president and CEO Jim Whitehurst credits the "hybrid cloud infrastructures," Red Hat's subscription revenue can largely be ascribed to Red Hat's flagship product: Red Hat Enterprise Linux. Still, RHEL, which is now available on Microsoft Azure, is becoming a prominent cloud operating system.

One Solution to MITRE's Overworked CVE System: Build a New One ( 47

An anonymous reader writes: For the last 17 years, the American not-for-profit MITRE Corporation has been editing and maintaining the list of Common Vulnerabilities and Exposures (CVEs). According to a number of researchers, MITRE has lately been doing a lousy job when it comes to assigning these numbers, forcing researchers to do without them or to delay public disclosure of vulnerabilities indefinitely. The problem is getting worse by the day, and the situation has spurred Kurt Seifried, a "Red Hat Product Security Cloud guy" and a CVE Editorial Board member, to create a complementary system for numbering vulnerabilities.

Microsoft Brings SQL Server To Linux ( 314

Mark Wilson writes: The new Microsoft has place an increased importance on the cloud, and with other companies following suit, reliance on server solutions has increased. Today the company announces that it is bringing SQL Server to Linux. Both cloud and on-premises versions will be available, and the news has been welcomed by the likes of Red Hat and Canonical. Although the Linux port of SQL Server is not due to make an appearance until the middle of next year, a private preview version is being available to testers starting today. While the full launch of SQL Server for Linux is not due until the middle of 2017, SQL Server 2016 is expected to launch later this year.

Wayland Isn't Ready For the Fedora 24 Desktop ( 120

An anonymous reader writes: There was much hope that Fedora 24 would be the first major Linux distribution using Wayland by default in place of an X.Org Server, that didn't pan out with Fedora 24 Workstation developers deciding not to use Wayland by default but it will remain a log-in time option. Fedora Wayland has made a lot of progress but functionality like on-screen keyboard, accessibility, remote displays, USB display hot-plugging, and other functionality is incomplete for the Fedora 24 timeline. At least there are many other Fedora 24 features that made it for this next release due out in June. Wayland will turn eight years old this year.
GNU is Not Unix

Guix Gets Grafts: Timely Delivery of Security Updates 13

paroneayea writes: GNU Guix, the functional package manager (and with GuixSD, distribution) got a nice feature yesterday: timely delivery of security updates with grafts. Guix's new grafts feature recursively produces re-linked packages as dependencies without waiting for all to compile when a time-sensitive security upgrade is an issue. This came just in time for this week's OpenSSL security issues, and has been successfully tested by the community. It worked so well that it was able to reproduce the ABI break issue that other traditional distributions experienced also!

Red Hat, Google Disclose Severe Glibc DNS Vulnerability; Patched But Widespread 121

An anonymous reader writes: Today Google's online security team publicly disclosed a severe vulnerability in the Gnu C Library's DNS client. Due to the ubiquity of Glibc, this affects an astounding number of machines and software running on the internet, and raises questions about whether Glibc ought to still be the preferred C library when alternatives like musl are gaining maturity. As one example of the range of software affected, nearly every Bitcoin implementation is affected. Reader msm1267 adds some information about the vulnerability, discovered independently by security researchers at Red Hat as well as at Google, which has since been patched: The flaw, CVE-2015-7547, is a stack-based buffer overflow in the glibc DNS client-side resolver that puts Linux machines at risk for remote code execution. The flaw is triggered when the getaddrinfo() library function is used, Google said today in its advisory. "A back of the envelope analysis shows that it should be possible to write correctly formed DNS responses with attacker controlled payloads that will penetrate a DNS cache hierarchy and therefore allow attackers to exploit machines behind such caches," Red Hat said in an advisory. It's likely that all Linux servers and web frameworks such as Rails, PHP and Python are affected, as well as Android apps running glibc.

North Korea's Operating System Analyzed ( 98

Bruce66423 points out an analysis at The Guardian of North Korea's Red Star Linux-based OS, based on a presentation Sunday to the Chaos Communication Congress in Berlin : The features of their Fedora based OS include a watermarking system to enable tracking of files — even if unopened. The operating system is not just the pale copy of western ones that many have assumed, said Florian Grunow and Niklaus Schiess of the German IT security company ERNW, who downloaded the software from a website outside North Korea and explored the code in detail. ... This latest version, written around 2013, is based on a version of Linux called Fedora and has eschewed the previous version’s Windows XP feel for Apple’s OS X – perhaps a nod to the country’s leader Kim Jong-un who, like his father, has been photographed near Macs. The OS, unsurprisingly, allowed only tightly fettered access to web sites, using a whitelist approach that gives access to government-controlled or approved sites.

Red Hat and Microsoft Partner On Azure ( 130

An anonymous reader writes: Satya Nadella has made some interesting reforms to Microsoft. Today, Red Hat and Microsoft announced that they will partner to deliver Red Hat's product suite in Azure. Red Hat will also support .NET core in RHEL. Additionally, Red Hat's CloudForms product will now work with Hyper-V/Azure, RHEV, VMware, and AWS. Microsoft has certainly come a long way from the Halloween Memos. Here are Red Hat's blog post and Microsoft's blog post about the announcement
Open Source

Fedora 23 Released ( 57

An anonymous reader writes: Today marks the release of Fedora 23 for all three main editions: Workstation, Cloud, and Server. This release brings GNOME 3.18, Libre Office 5.0, and Fedora Spins — alternate desktops that provide a different experience. Fedora 23 also includes a version optimized for running on ARM-based systems. You can read the full release notes on their website. "Fedora 23 also has important under-the-hood security improvements, with increased hardening for all compiled software and with insecure SSL3 and RC4 protocols disabled. We've also updated all of the software installed by default in Fedora Cloud Base Image and Fedora Workstation to use Python version 3, and the Mono .NET compatible framework is now at version 4. Perhaps most importantly, Unicode 8.0 support now enables the crucial U1F32D character."
Red Hat Software

Report: Red Hat Buying DevOps Startup Ansible ( 78

An anonymous reader writes: According to VentureBeat Red Hat Inc is about to buy the company behind the automation and orchestration software Ansible. The move is seen as a good acquisition, since Ansible, other than being almost universally expanding, is also used by Red Hat's own cloud and system platforms. It could probably use some strong backing for the extra services it wishes to offer. The question remains whether this will have consequences in the future direction of the Python-based, open source platform itself (on GitHub). It's one of the most trivial to implement (compared to cfengine, ever-changing puppet or Chef) yet very powerful, and Red Hat may want to optimize it for their own purposes. Update: 10/16 15:39 GMT by S : Red Hat has confirmed the acquisition and explained their reasons for doing so.
Open Source

Fedora 23 Final May Release As Planned On October 27 65

An anonymous reader writes: Updating a full OS distribution is no small task so it is usually no surprise that even a 5-6 month schedule may tend to get pushed back to address issues. However, the Fedora 23 release schedule made it through the Alpha, Beta and Final freeze periods so far on time. This has been accomplished despite having to address plenty of Alpha Blocker and Beta Blocker bugs. Now all that is left is to clear existing and future Final Blocker bugs in the next two weeks. The release of Fedora 23 will provide some nice incremental updates and should result in the end of life of Fedora 21 around the end of November.

Slashdot Top Deals