The LWN.net Weekly Edition for April 10, 2014 is available.
Recently, an interaction problem between systemd and the kernel was
reported. After a calm discussion, developers of both projects found ways
in which behavior could be improved and set about coding up the solutions.
The technical press was filled with glowing reports on another success of
collaborative problem solving... or, perhaps, most of the preceding text is
entirely fictional and the systemd "debug flag" problem spiraled out of
control in several ways at once.
Fedora has not yet issued updates for CVE-2014-0160, aka
"Heartbleed", however there are updated, unsigned, OpenSSL packages
available for F19 and F20. There are also signed packages available.
2.6 of the MongoDB document database system is available. "We
re-wrote the entire query execution engine to improve scalability, and took
our first step in building a sophisticated query planner by introducing
index intersection. We’ve made the codebase easier to maintain, and made it
easier to implement new features.
This page has extensive information on
CVE-2014-0160, an information disclosure vulnerability in OpenSSL otherwise
known as the "heartbleed bug." "The Heartbleed bug allows anyone on
the Internet to read the memory of the systems protected by the vulnerable
versions of the OpenSSL software. This compromises the secret keys used to
identify the service providers and to encrypt the traffic, the names and
passwords of the users and the actual content.
Jasper St. Pierre writes about the
Xwayland back end, which has been merged into the X server core sooner
than had been expected. "So, why did it succeed so fast? To put it
simply, Xwayland has been completely rearchitected to be leaner, cleaner,
faster, and better than ever before. It’s not done yet; direct rendering
(e.g. games using OpenGL) and by extension 2D acceleration aren't supported
yet, but it’s in the pipeline." Lots of details can be found in