jones_supa writes: Siddhesh Poyarekar from Red Hat has taken a professional look into mathematical functions found in Glibc (the GNU C library). He has been able to provide an 8-times performance improvement to slowest path of pow() function. Other transcendentals got similar improvements since the fixes were mostly in the generic multiple precision code. These improvements already went into glibc-2.18 upstream. Siddhesh believes that a lot of the low hanging fruit has now been picked, but that this is definitely not the end of the road for improvements in the multiple precision performance. There are other more complicated improvements, like the limitation of worst case precision for exp() and log() functions, based on the results of the paper Worst Cases for Correct Rounding of the Elementary Functions in Double Precision (PDF). One needs to prove that those results apply to the Glibc multiple precision bits.

itwbennett writes In a blog post Tuesday, security service provider Alert Logic warned of a Linux vulnerability, named grinch after the well-known Dr. Seuss character, that could provide attackers with unfettered root access. The fundamental flaw resides in the Linux authorization system, which can inadvertently allow privilege escalation, granting a user full administrative access. Alert Logic warned that Grinch could be as severe as the Shellshock flaw that roiled the Internet in September. Update: 12/19 04:47 GMT by S : Reader deathcamaro points out that Red Hat and others say this is not a flaw at all, but expected behavior.

linuxscreenshot writes: The Fedora Project has announced the release of Fedora 21. "As part of the Fedora.next initiative, Fedora 21 comes in three flavors: Cloud, Server, and Workstation. Cloud is now a top-level deliverable for Fedora 21, and includes images for use in private cloud environments like OpenStack, as well as AMIs for use on Amazon, and a new "Atomic" image streamlined for running Docker containers. The Fedora Server flavor is a common base platform that is meant to run featured application stacks, which are produced, tested, and distributed by the Server Working Group. The Fedora Workstation is a new take on desktop development from the Fedora community. Our goal is to pick the best components, and integrate and polish them. This work results in a more polished and targeted system than you've previously seen from the Fedora desktop." Here are screenshots for Fedora 21: GNOME, KDE, Xfce, LXDE, and MATE.

An anonymous reader writes: The Fedora Project has been critical to the development Red Hat Enterprise Linux — RHEL version 7 was largely based off Fedora version 19. Fedora is continuing to evolve with the announcement of Fedora 21 Beta, now available from the Fedora Project website. To make the release ready for Beta testing required addressing 50 beta blocker bugs. If the Fedora Project developers are able to keep up with the final release blocker bugs, then Fedora 21 is expected to be released on December 9th. As a result, support for Fedora 19 is expected to end around the beginning of 2015. Released back in July 2013, Fedora 19 will have been supported for over 540 days by 2015. Previously, the longest a Fedora release was supported was Fedora Core 5 at 469 days. Users of Fedora 19 will be encouraged to upgrade to Fedora 20 or 21 to continue to get critical updates.

jones_supa writes: A critical flaw has been found and patched in the open source Wget file retrieval utility that is widely used on UNIX systems. The vulnerability is publicly identified as CVE-2014-4877. "It was found that wget was susceptible to a symlink attack which could create arbitrary files, directories or symbolic links and set their permissions when retrieving a directory recursively through FTP," developer Vasyl Kaigorodov writes in Red Hat Bugzilla. A malicious FTP server can stomp over your entire filesystem, tweets HD Moore, chief research officer at Rapid 7, who is the original reporter of the bug.

An anonymous reader writes Fedora 21 Alpha has been released. After encountering multiple delays, the first development version is out for the Fedora.NEXT and Fedora 21 products. Fedora 21 features improved Wayland support, GNOME 3.14, many updated packages, greater server and cloud support, and countless other improvements with Fedora 20 already being nearly one year old.

sfcrazy writes Developer Vratislav Podzimek has announced the next-gen partition manager for Fedora, blivet-gui. It is eventually going to replace GParted, the most popular GUI based partition manager, found in all major distros. The new tool is named blivet-gui after the blivet python library (originally Anaconda's storage management and configuration tool). The need of a new partition manager stems from the fact that none of the existing GUI partitioning tools supports all modern storage technologies. Fedora's Anaconda base supports all, though, and is hence chosen as the back-end for this new tool. The application is only a few months old but is already looking nice and useful. Features like RAID and BTRFS support are being worked on. Vojtech Trefny is the other developer working with Vratislav on blivet-gui. Here's the announcement.

Czech37 writes SELinux lead Dan Walsh wrote last month that Docker "containers do not contain" and that the host system isn't completely protected. Today, Walsh details the steps that Docker, Red Hat, and the open source community are taking to make Docker more secure: "Basically, we want to put in as many security barriers to break out as possible. If a privileged process can break out of one containment tool, we want to block them with the next. With Docker, we are want to take advantage of as many security components of Linux as possible. If "Docker" isn't a familiar word, the project's website is informative; the very short version is that it's a Linux-based "open platform for developers and sysadmins to build, ship, and run distributed applications"; Wikipedia has a good explanation, too.

darthcamaro (735685) writes Since November of 2001, Brian Stevens has been the CTO of Red Hat. As of August 28, that's no longer the case. Under Stevens' tenure, Red Hat transformed its business, adding Red Hat Enterprise Linux, acquiring JBoss, Qumranet, Gluster and Ceph as well as joining (and now leading) the OpenStack Foundation. So why did he leave? No official word, but apparently it is to pursue a new opportunity that Stevens just could not pass up.

snydeq writes: Developers are embracing a range of open source technologies, writes Matt Asay, virtually none of which are supported or sold by Red Hat, the purported open source leader. "Ask a CIO her choice to run mission-critical workloads, and her answer is a near immediate 'Red Hat.' Ask her developers what they prefer, however, and it's Ubuntu. Outside the operating system, according to AngelList data compiled by Leo Polovets, these developers go with MySQL, MongoDB, or PostgreSQL for their database; Chef or Puppet for configuration; and ElasticSearch or Solr for search. None of this technology is developed by Red Hat. Yet all of this technology is what the next generation of developers is using to build modern applications. Given that developers are the new kingmakers, Red Hat needs to get out in front of the developer freight train if it wants to remain relevant for the next 20 years, much less the next two."

ashshy (40594) writes Red Hat CEO Jim Whitehurst likes to post "state of the union" addresses at the end of every year. Last December, he said that open source innovation is going mainstream in 2014. In an interview with The Motley Fool, Whitehurst matches up his expectations against mid-year progress. Spoiler alert: It's mostly good news.

ectoman (594315) writes Opensource.com has a summary of an interview with Michael Tiemann, co-founder of Cygnus Solutions and one of the world's first open source entrepreneurs. Now VP of Open Source Affairs at Red Hat, Tiemann offers an historical perspective on what makes open source businesses successful, and shares how he dealt with the open source movement's early skeptics. "A lot of the skepticism is a response to the abstract; it's a response to the unknown," Tiemann says, "And when you bring a concrete success story with just absolutely stellar credentials that doesn't just outperform the field, but embarrasses the field, then the skeptics begin to look like they're on the wrong side." The full audio interview on Hacker Public radio (~1 hour).

An anonymous reader writes: Yesterday, word came down that Microsoft was starting to lay off some 18,000 workers. As of June 5th, Microsoft reported a total employee headcount of 127,005, so they're cutting about 15% of their jobs. That's actually a pretty huge percentage, even taking into account the redundancies created by the Nokia acquisition. Obviously, there's an upper limit to how much of your workforce you can let go at one time, so I'm willing to bet Microsoft's management thinks thousands more people aren't worth keeping around. How many employees does Microsoft realistically need? The company is famous for its huge teams that don't work together well, and excessive middle management. But they also have a huge number of software projects, and some of the projects, like Windows and Office, need big teams to develop. How would we go about estimating the total workforce Microsoft needs? (Other headcounts for reference: Apple: 80,000, Amazon: 124,600, IBM: 431,212, Red Hat: 5,000+, Facebook: 6,800, Google: 52,000, Intel: 104,900.)

An anonymous reader writes "Today, CentOS project unveiled CentOS Linux 7 for 64 bit x86 compatible machines. CentOS conforms fully with Red Hat's redistribution policy and aims to have full functional compatibility with the upstream product released in last month. The new version includes systemd, firewalld, GRUB2, LXC, docker, xfs instead of ext4 filesystem by default. The Linux kernel updated to 3.10.0, support for Linux Containers, 3d graphics drivers out of the box, OpenJDK 7, support for 40G Ethernet cards, installations in UEFI secure Boot mode on compatible hardware and more. See the complete list of features here and here. You can grab this release by visiting the official mirror site or via torrents. On a related note there is also a CentOS Linux 7 installation screencast here."

ectoman (594315) writes The U.S. Supreme Court issued a groundbreaking decision concerning software patents, claiming that abstract ideas are not by themselves patentable. The ruling was a cause for celebration among those opposed to software patent abuse, like Red Hat's Vice President and Assistant General Counsel, Rob Tiller. Here, Tiller analyzes and offers some context for the Court's ruling, which "uses the traditional common law methodology of comparing one case to previous similar cases and harmonizing with those most similar."

An anonymous reader writes: Today, Red Hat unveiled Red Hat Enterprise Linux 7, with new features designed to meet both modern datacenter and next-generation IT requirements for cloud, Linux Containers, and big data. The new version includes Linux containers (LXC), which let Linux users easily create and manage system or application containers, improved MS Active Directory / Identity Management (IdM) integration, XFS as the default file system, scaling to 500 TB (additional file system choices such as btrfs, ext{3,4} and others are available), a new and improved installation experience, managing Linux servers with OpenLMI, enhancements to both NFS and GFS2, optimized network management, bandwidth, the use of KVM Virtualization technology and more. See the complete list of features here (PDF). CentOS 7 shouldn't be lagging too far behind due to recent cooperation between Red Hat and CentOS project.

A new flaw has been discovered in the GnuTLS cryptographic library that ships with several popular Linux distributions and hundreds of software implementations. According to the bug report, "A malicious server could use this flaw to send an excessively long session id value and trigger a buffer overflow in a connecting TLS/SSL client using GnuTLS, causing it to crash or, possibly, execute arbitrary code." A patch is currently available, but it will take time for all of the software maintainers to implement it. A lengthy technical analysis is available. "There don't appear to be any obvious signs that an attack is under way, making it possible to exploit the vulnerability in surreptitious "drive-by" attacks. There are no reports that the vulnerability is actively being exploited in the wild."

darthcamaro (735685) writes "Barely a week after Robyn Bergeron announced her intention to step down, Red Hat today announced that Matthew Miller is now the new Fedora Project Leader. Miller is the guy that came up with the whole Fedora.next proposal which is now reshaping Red Hat's community Linux project. Miller has a clear view of how his leadership will work in the cat-herding world of open source: 'As the FPL, you've got the responsibility, but no actual authority to tell anyone to do things,' Miller said. 'So you have to find people that have an interest and are aligned with the direction you want to go.'"

colinneagle (2544914) writes "The Wall Street Journal recently reported that, based on documents it reviewed, Red Hat "has chosen not to provide support to its commercial Linux customers if they use rival versions of OpenStack." But the big question is: Why would customers have expected that in the first place? Gartner analyst Lydia Leong told Network World that Red Hat isn't really doing anything wrong here. Customers shouldn't have an expectation that Red Hat would support competitors' software. "The norm would be to expect that non-Red Hat software is treated like any other third-party software," Leong says. If Red Hat has done anything wrong, it's that it has not clearly articulated its positioning and support for non-Red Hat OpenStack distros. Red Hat did not immediately respond to a question asking for a clarification on its support policy. The complication in all this comes from the fact that OpenStack is an open source project and there are misconceived notions that all OpenStack clouds are interoperable with one another. But Leong says just because OpenStack is open source doesn't change the expectations around vendors supporting competitors' products."

An anonymous reader writes "Red Hat announced their pending acquisition of Inktank this morning. Sage Weil and a team of researchers at University of California Santa Cruz first published the architecture in 2007. Sage joined DreamHost after college and continued development on Ceph until DreamHost spun off a Inktank, a company focused solely on Ceph. In Sage's blog post on the acquisition, he says 'In particular, joining forces with the Red Hat team will improve our ability to address problems at all layers of the storage stack, including in the kernel.' Sage goes on to announce that Inktank's proprietary management tools for Ceph will now be open sourced, citing Red Hat's pure open source development and business models.

Ceph has seen wide adoption in OpenStack customer deployments, alongside Red Hat's existing Gluster system." Ceph looks pretty cool if you're doing serious storage: CERN has a 3 Petabyte "prototype" cluster in use now (Only tangentially related, but still interesting, is how CERN does storage in general).