prisoninmate writes: As some of you may know, Linux 4.3 was not an LTS (Long Term Support) release, so the last maintenance build is now Linux kernel 4.3.6, as announced earlier by Greg Kroah-Hartman, a renowned kernel developer and maintainer. While he's telling users of the Linux 4.3 series to update to the 4.3.6 point release, he also urges them, especially OS vendors, to move to the most advanced stable series, in this case, Linux kernel 4.4 LTS, which just received its second point release the other day. However, it appears that Linux kernel 4.3.6 is quite an update, as it changes a total of 197 files, with 2310 insertions and 963 deletions, bringing some much-needed improvements.

prisoninmate writes: Ubuntu 14.04.4 LTS (Long-Term Support) builds are available for download in the form of Live and Installable ISO images for Desktop, Server, Cloud, and Core products, on both 64-bit and 32-bit platforms, and that existing Ubuntu 14.04.3 LTS users can now update their systems. But not only Ubuntu 14.04 LTS (Trusty Tahr) users can update, as all the official flavors have been updated as well, so users of Kubuntu 14.04 LTS, Edubuntu 14.04 LTS, Xubuntu 14.04 LTS, Lubuntu 14.04 LTS, Ubuntu Studio 14.04 LTS, Mythbuntu 14.04 LTS, Ubuntu GNOME 14.04 LTS, and Ubuntu Kylin 14.04 LTS can also update their systems today or grab the new ISOs.

DeviceGuru writes: The Linux Foundation has launched the Zephyr Project, to foster an open source, small footprint, modular, scalable, connected, real-time OS for IoT devices. The Zephyr Project's RTOS implements both a small footpoint microkernel and an even tinier nanokernel, and is the result of Wind River contributing its Rocket RTOS kernel to the Zephyr Project. (Wind's Rocket RTOS will now become a downstream commercial distribution based on Zephyr sources.) To get a sense of Zephyr's benefit, its nanokernel is said to be able to run in as little as 10KB of RAM on 32-bit microcontrollers, whereas a minimalistic Linux implementation like uClinux needs upwards of 200KB. The Linux Foundation hopes to see cross-project collaboration between the Zephyr and Linux communities. Technical details are at the Zephyr site.

msm1267 writes: The glibc vulnerability disclosed this week has some experts on edge because of how DNS can leveraged in exploits. Dan Kaminsky said that while man-in-the-middle attacks are one vector, it would appear that it's also possible to exploit the bug and attack most Linux servers via DNS caching-only servers. 'This would be substantially worse if it went through the caching ecosystem; 99 percent of attack vectors go through that system,' Kaminsky said. Glibc, or the GNU C library, is used by most flavors of Linux and also a number of popular web services and frameworks, giving attacks potentially massive horizontal scale. The major Linux distros have patched and pushed updates to servers; source code is also available for homegrown Linux builds.

LichtSpektren writes: Ubuntu developer Dustin Kirkland has posted on his blog that Canonical plans to officially support the ZFS file system for the next Ubuntu LTS release, 16.04 "Xenial Xerus." The file system, which originates in Solaris UNIX, is renowned for its feature set (Kirkland touts "snapshots, copy-on-write cloning, continuous integrity checking against data corruption, automatic repair, efficient data compression") and its stability. "You'll find zfs.ko automatically built and installed on your Ubuntu systems. No more DKMS-built modules!" N.B. ext4 will still be the default file system due to the unresolved licensing conflict between Linux's GPLv2 and ZFS's CDDL.

Last week you asked questions of Ubuntu Unleashed author Matthew Helmke, about everything from system D to the future of Ubuntu and Canonical; he's responded, at length. Read on for Matthew's answers.

An anonymous reader writes: Today Google's online security team publicly disclosed a severe vulnerability in the Gnu C Library's DNS client. Due to the ubiquity of Glibc, this affects an astounding number of machines and software running on the internet, and raises questions about whether Glibc ought to still be the preferred C library when alternatives like musl are gaining maturity. As one example of the range of software affected, nearly every Bitcoin implementation is affected. Reader msm1267 adds some information about the vulnerability, discovered independently by security researchers at Red Hat as well as at Google, which has since been patched: The flaw, CVE-2015-7547, is a stack-based buffer overflow in the glibc DNS client-side resolver that puts Linux machines at risk for remote code execution. The flaw is triggered when the getaddrinfo() library function is used, Google said today in its advisory. "A back of the envelope analysis shows that it should be possible to write correctly formed DNS responses with attacker controlled payloads that will penetrate a DNS cache hierarchy and therefore allow attackers to exploit machines behind such caches," Red Hat said in an advisory. It's likely that all Linux servers and web frameworks such as Rails, PHP and Python are affected, as well as Android apps running glibc.

An anonymous reader writes: If an application can embed fonts with special characters, then it's probably using the Graphite font processing library. This library has several security issues which an attacker can leverage to take control of your OS via remote code execution scenarios. The simple attack would be to deliver a malicious font via a Web page's CSS. The malformed font loads in Firefox, triggers the RCE exploit, and voila, your PC has a hole inside through which malware can creep in.

An anonymous reader writes: In late 2014 NVIDIA announced their GPUs would begin requiring signed firmware images before the open-source driver could enable hardware acceleration. That led the Nouveau developers to call the latest GPUs "very open-source unfriendly", but that criticism can now be laid to rest as NVIDIA has finally released the signed firmware and basic open-source driver code. The open-source driver can now move on with its open-source 3D enablement for Maxwell GPUs and the NVIDIA developer is hoping it will be ready for the next kernel cycle (Linux 4.6).

The Linux Foundation is announcing FD.io ("Fido"), a Linux Foundation Project. FD.io is an open source project to provide an IO services framework for the next wave of network and storage software. Early support for FD.io comes from founding members 6WIND, Brocade, Cavium, Cisco, Comcast, Ericsson, Huawei, Inocybe Technologies, Intel Corporation, Mesophere, Metaswitch Networks (Project Calico), PLUMgrid and Red Hat.

Architected as a collection of sub-projects, FD.io provides a modular, extensible user space IO services framework that supports rapid development of high-throughput, low-latency and resource-efficient IO services. The design of FD.io is hardware, kernel, and deployment (bare metal, VM, container) agnostic.

jones_supa writes: Software developer Pavlo Rudyi has written a blog post about his experiences with the various desktop environments currently supporting Wayland. The results are not a big surprise, but nevertheless it is great to see the continued interest in Wayland and the ongoing work by many different parties in ensuring that Wayland will eventually be able to dominate the Linux desktop. To summarize, Pavlo found Weston to be "good," GNOME is "perfect," KDE is "bad," and Enlightenment is "good." He also created a video from his testing. Have you done any testing? What's your experience?

An anonymous reader writes: The popular Linux process viewer htop got a new major revision, and now runs natively on FreeBSD, OpenBSD and Mac OS X. The author discussed the process of making the tool cross-platform earlier this year at FOSDEM. Htop also got some new features, including mouse wheel support via ncurses 6 and listing process environment variables.

JG0LD writes with this news from Network World: A breach-of-contract and copyright lawsuit filed nearly 13 years ago by a successor company to business Linux vendor Caldera International against IBM may be drawing to a close at last, after a U.S. District Court judge issued an order in favor of the latter company earlier this week.
Here's the decision itself (PDF). Also at The Register.

An anonymous reader writes: With this month's Raspbian OS update, the Debian-based operating system for the Raspberry Pi ships experimental OpenGL driver support. This driver has been developed over the past two years by a former Intel developer with having a completely open and mainline DRM kernel driver and Mesa Gallium driver to open up the Pi as a replacement to the proprietary GPU driver.

New submitter Iamthecheese points to an article which says that a patch published on the Linux Kernel Mailing List indicates that AMD's forthcoming Zen processors will have as many as 32 cores per socket, but notes that while the article's headline says "Confirms," "the article text doesn't bear that out." Still, he writes, There are hints of such from last year. A leaked patch for the 14 nanometer AMD Zeppelin (Family 17h, Model 00h) reveals support for up to 32 cores. Another blog says pretty much the same thing. We recently discussed an announced 4+8 core AMD chip, but nothing like this.

New submitter Tenebrousedge writes: Docker container sizes continue a race to the bottom with a couple of environments weighing in at less than 10MB. Following on the heels of this week's story regarding small images based on Alpine Linux, it appears that the official Docker images will be moving from Debian/Ubuntu to Alpine Linux in the near future. How low will they go?

An anonymous reader writes: Tests were carried out at Phoronix of all Ubuntu Long-Term Support releases from the 6.06 "Dapper Drake" release to 16.04 "Xenial Xerus," looking at the long-term performance of (Ubuntu) Linux using a dual-socket AMD Opteron server. Their benchmarks of Ubuntu's LTS releases over 10 years found that the Radeon graphics performance improved substantially, the disk performance was similar while taking into account the switch from EXT3 to EXT4, and that the CPU performance had overall improved for many workloads thanks to the continued evolution of the GCC compiler.

jones_supa writes: Paolo Valente from University of Modena has submitted a Linux kernel patchset which replaces CFQ (Completely Fair Queueing) I/O scheduler with the last version of BFQ (Budget Fair Queuing, a proportional-share scheduler). This patchset first brings CFQ back to its state at the time when BFQ was forked from CFQ. Paolo explains: "Basically, this reduces CFQ to its engine, by removing every heuristic and improvement that has nothing to do with any heuristic or improvement in BFQ, and every heuristic and improvement whose goal is achieved in a different way in BFQ. Then, the second part of the patchset starts by replacing CFQ's engine with BFQ's engine, and goes on by adding current BFQ improvements and extra heuristics." He provides a link to the thread in which it is agreed on this idea, and a direct link to the e-mail describing the steps.

darthcamaro writes: Docker is about to get some real competition in the container runtime space, thanks to the lofficial aunch of rkt 1.0. CoreOS started building rkt in 2014 and after more than a year of security, performance and feature improvement are now ready to declare it 'production-ready.' While rkt is a docker runtime rival, docker apps will run in rkt, giving using a new runtime choice: "rkt will remain compatible with the Docker-specific image format, as well as its own native App Container Image (ACI). That means developers can build containers with Docker and run those containers with rkt. In addition, CoreOS will support the growing ecosystem of tools based around the ACI format."

Matthew Helmke (personal blog) is the author of the newly published 11th edition of Ubuntu Unleashed (published by Pearson); this updated edition of the book will cover the OS through Ubuntu's 15.10 and (forthcoming) 16.04 releases. Helmke is also a former Ubuntu Forum administrator, a musician, an entrepreneur, and a long-time Slashdot reader who now leads a "nice quiet life in Iowa." Ask Matthew about what it's like to be a Linux book author and community leader, and his thoughts on Canonical, the goods and bads of modern Linux distributions, and the future of Ubuntu -- especially relevant with the upcoming release of the first Ubuntu-based tablet. (Remember, Matthew isn't responsible for gripes you may have with either Ubuntu or Canonical, but he might have some good solutions to particular problems.) Ask as many questions as you'd like; we just ask that you keep them on-topic, and please stick to one question per post.