LWN.net

The Mastodon project has announcedthat founder Eugen Rochko will be transferring "key Mastodonecosystem and platform components (including name and copyrights,among other assets)" to a new non-profit organization:

TuxFamily is aFrench free-software-hosting service that has been in operation since1999. It is a non-profit that accepts "any projectreleased under a free license", whether that is a software licenseor a free-content license, such as CC-BY-SA. It is also,unfortunately, slowly dying due to hardware failures and lack ofinterest. For example, the site's download servers are currentlyoffline with no plan to restore them.

The ptrace()system call allows a suitably privileged process to modify another in alarge number of ways. Among other things, ptrace() can interceptsystem calls and make changes to them, but such operations can be fiddlyand architecture-dependent. This patch series fromDmitry Levin seeks to improve that situation by adding a newptrace() operation to make changes to another process's systemcalls in an architecture-independent manner.

Security updates have been issued by AlmaLinux (kernel, NetworkManager, and thunderbird), Fedora (golang-github-aws-sdk-2, golang-github-aws-smithy, golang-github-ncw-swift-2, rclone, and thunderbird), Mageia (ceph, firefox, and thunderbird), Oracle (kernel, NetworkManager, and thunderbird), Red Hat (fence-agents and raptor2), SUSE (dpdk, firefox, frr, grafana, operator-sdk, perl-Module-ScanDeps, proftpd, python311-mistune, redis, thunderbird, valkey, and yq), and Ubuntu (hplip and webkit2gtk).

Hans de Goede has posted anupdate about his work to support IPU6 cameras on Fedora andsubmitting fixes upstream.

Chimera Linux is a new distributiondesigned to be "simple, transparent, and easy to pick up". Thedistribution is built from scratch, andrecently announced its first beta release. While the documentation andinstallation process are both a bit rough, the project already provides ausable desktop with plenty of useful software - one built primarily ontools adopted from BSD.

The blog of the SeaMonkeyproject, which develops an all-in-one internet application suite basedon Mozilla code, has reported the sad news of the suddenpassing of Bill Gianopoulos ("WG9s")on January 6 (obituary). He was a core developer andrelease engineer for the project.

Security updates have been issued by AlmaLinux (dpdk, firefox, iperf3, thunderbird, and webkit2gtk3), Debian (firefox-esr, gnuchess, node-mocha, openafs, python-django, and thunderbird), Fedora (libxmp, python-jinja2, suricata, thunderbird, and xen), Mageia (avahi, libjxl, opencontainers-runc, radare2, rizin, and tinyproxy), Oracle (cups, dpdk, firefox, iperf3, kernel, thunderbird, and webkit2gtk3), SUSE (apptainer, chromedriver, dnsmasq, govulncheck-vulndb, gstreamer, gstreamer-plugins-base, gstreamer-plugins-good, logback, and python311-slixmpp), and Ubuntu (libxmltok, linux-realtime, roundcube, and snapd).

Linus has released 6.13-rc7 for testing."So unless something odd happens the upcoming week, I expect to releasea final 6.13 next week as per the normal schedule". Read the fullannouncement for your details on how to get a free guitar pedal assembledby Linus himself.

Version2.48.0 of the Git source-code management system has beenreleased. There is a long list of incremental improvements and bugfixes; see the announcement and the highlightsblog from GitHub for details.

We have just now received word of thepassing of Paolo Mantegazza, the driving force behind the Real Time Application Interface projectand a key figure in the development of realtime Linux.

The death of Bram Moolenaar, Vimfounder and benevolent dictator for life (BDFL), in 2023 sent a shockthrough the community, and raised concern about the future of theproject. At VimConf 2024 inNovember, current Vim maintainer Christian Brabandt delivered akeynote on "the new Vim project" that detailed how thecommunity has reorganized itself to continue maintaining Vim and whatthe future looks like.

Automattic has announcedthat it is reallocating its resources away from contributing to theWordPress project as a response to the WPEngine lawsuit:

After yesterday's stable kernel releases, ChrisClayton reported a build problem with 6.6.70, which prompted Greg Kroah-Hartmanto release 6.6.71 to fix it.

Security updates have been issued by Fedora (chromium and mingw-poppler), Red Hat (dpdk, thunderbird, and webkit2gtk3), SUSE (firefox, govulncheck-vulndb, gstreamer, gstreamer-plugins-base, gstreamer-plugins-good, libmfx, openjpeg2, python310, python312, python39, tomcat, and webkit2gtk3), and Ubuntu (golang-golang-x-net).

Version1.84.0 of the Rust language has been released. Changes includeimproved version selection for dependencies in Cargo, the beginning of themigration to a new trait solver, and some updated pointer-provenance APIs.

The Software Freedom Conservancy is reportingthat AVM has released the full source and installation scripts for itsrouters in response to a lawsuit, filed by Sebastian Steck, based on LesserGNU Public License rights.

Attacks on the kernel can take many forms; one popular exploitation path isto find a way to overwrite some memory with attacker-supplied data. If theright memory can be targeted, one well-targeted stray write is all that isneeded to take control of the system. Since the system's page tablesregulate access to memory, they are an attractive target for this type ofattack. This patch set from Kevin Brodsky is an attempt to protect page tables (and,eventually, other data structures) using the "memory protection keys"feature provided by a number of CPU architectures.

The 6.12.9, 6.6.70, 6.1.124, 5.15.176, 5.10.233, and 5.4.289 stable kernels have been released.As usual, they contain important fixes all over the kernel tree.

Security updates have been issued by AlmaLinux (cups, kernel, and kernel-rt), Debian (chromium, firefox-esr, and webkit2gtk), Fedora (curl, firefox, gimp, mupdf, openjpeg2, and valkey), Red Hat (389-ds-base, cups, firefox, iperf3, kernel, kernel-rt, libreswan, python3.11-urllib3, thunderbird, and webkit2gtk3), Slackware (firefox, seamonkey, and thunderbird), SUSE (apptainer, firefox-esr, libopenjp2-7, libruby3_4-3_4, openjpeg2, and tomcat10), and Ubuntu (firefox, linux-azure, linux-azure, linux-azure-4.15, linux-azure, linux-azure-6.8, linux-azure, linux-intel-iotg-5.15, linux-azure-5.15, python2.7, thunderbird, and xfpt).

Inside this week's LWN.net Weekly Edition:

TheSequoia OpenPGP library has been in development for some time. LWNcovered the library in 2020. Now the project'scommand-line interface hasbeen released. The sq tool offers apromising alternative to the venerableGNU Privacy Guard (GPG) tool - albeit one with adifferent interface, set of terminology, and approach to the web oftrust. Several distributions are making increasing use of the toolbehind the scenes.

The Tor Project has published areview of major milestones from 2024, including merging withthe Tails project, work to enable human-friendly .onionaddresses, and the launch of WebTunnel:

The pkgsrc developers haveannounced the 2024Q4 branch of the pkgsrc cross-platformpackaging system. It is the default package manager for NetBSD, SmartOS, and is available forLinux as well. This marks the 85th quarterly release of pkgsrc:

Security updates have been issued by Fedora (firefox, mupdf, and php-tcpdf), SUSE (etcd, file-roller, gtk3, kernel, python-django-ckeditor, rubygem-json-jwt, and tomcat10), and Ubuntu (ffmpeg, HTMLDOC, linux-aws, linux-raspi, linux-gke, linux-hwe-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, and tinyproxy).

Kernel networking maintainer Jakub Kicinski reviews progress inthe networking subsystem in 2024.

Gentoo Linux has published a projectretrospective that looks at the major improvements and news from2024, the Gentoo Foundation's finances, and contributions to Gentoo bythe numbers.

In the past, LWN had a tradition of publishing a timeline ofnotable events from the previous year in early January. We thought wemight try reviving that tradition in 2025 to see if our readers findit useful. While we have covered these events as theyhappened, it's interesting to see how much has taken place in just12 months.

Version 134.0 of the Firefox browser has been released. Changes include support for touchpad hold gestures on Linux, a refreshed layout for the New Tab page for users in the US and Canada, and improved support for debugging web extensions.

Security updates have been issued by AlmaLinux (python-requests), Oracle (python-requests), SUSE (python-Jinja2 and rizin), and Ubuntu (ceph, linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux, linux-lts-xenial, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-hwe-5.15, linux-nvidia, linux-oracle, linux-raspi, linux-aws, linux-kvm, linux-hwe-6.8, linux-intel-iotg, linux-oem-6.11, linux-raspi-5.4, and salt).

During EmacsConf2024, whichwas held online in early December2024, Ramin Honary gave a talk about ProjectGypsum, which is his effort to rewrite Emacs in Scheme. Unlike most other Emacs clones,which simply replicate the key bindings, Gypsum is also implementing EmacsLisp (or Elisp). Honary is initially targeting Guile, which is animplementation of Scheme, but wants to make the code portableto any implementation of R7RS Scheme.

From the Ubuntu Discourse instance comes thesad news that longtime Debian and Ubuntu contributor Steve Langasek haspassed away.

Security updates have been issued by Fedora (ofono and webkitgtk), Mageia (ruby and virtualbox & kmod-virtualbox), Red Hat (oci-seccomp-bpf-hook and runc), SUSE (corepack22, dpdk, libpoppler-cpp1, pcp, python-Jinja2, and sysstat), and Ubuntu (tinyproxy).

Linus has released 6.13-rc6 for testing.

ThePony programming language is dedicated toexploring how to make high-performanceactor-based systems. Started in 2014,the language's most notable feature is probablyreference capabilities, a system of pointer annotations that gives the developerfine manual control over how data is shared between actors, while simultaneouslyensuring that Pony programs don't have data races. The language is not likely toovertake other more popular programming languages, but its ideas could be useful forother languages or frameworks struggling with concurrent data access.

Security updates have been issued by Debian (linux-6.1), Fedora (iwd and libell), Red Hat (python-requests), and SUSE (velero).

We are reliably informed by the calendar that yet another year has begun.That can only mean one thing: the time has come to go out on a limb with aseries of ill-advised predictions that are almost certainly not howthe year will actually go. We have to try; it's traditional, after all.Read on for our view of what's coming and how it may play out.

Greg Kroah-Hartman has announced the release of the 6.12.8, 6.6.69, and 6.1.123 stable kernels. They containimportant fixes throughout the kernel tree, as usual.

Security updates have been issued by Red Hat (container-tools:rhel8) and SUSE (liboqs, oqs-provider and python-Jinja2).

While some people are focused on new and trendy languages, Jose Marchesihas, instead, gifted the world with a GCC frontend for the Algol 68 language.

Security updates have been issued by Debian (python-django and python-tornado), Fedora (libxml2), and Red Hat (python-virtualenv and python36:3.6).

Version 22.1 of theAndroid-based LineageOS distribution is out.

Security updates have been issued by Debian (debootstrap) and SUSE (assimp-devel, grpc, libQt6Pdf6, and poppler).

Kees Cook describeshis work resulting in a kernel documentation commit whose ID shares thesame first 12 characters as the initial commit in the kernel's repository.

The origins of the TCP and UDP network protocols can be traced back a full50years. Even though networks and their use have changed radicallysince those protocols were designed, they can still be found behind mostnetworking applications. Unsurprisingly, these protocols are not optimalfor all situations, so there is ongoing interest in the development ofalternatives. One such is the Homatransport protocol, developed by John Ousterhout (of Tcl/Tk and Raft fame, among other accomplishments),which is aimed at data-center applications. Ousterhout is currently tryingto get aminimal Homa implementation into the kernel.

Security updates have been issued by Debian (gst-plugins-good1.0 and opensc), Fedora (iwd and libell), and SUSE (chromium, govulncheck-vulndb, and poppler).

The 6.13-rc5 kernel prepatch is out fortesting. Linus says: "It's been another week, but I'm happy to reportthat clearly most people actually seem to have been enjoying the holidays,because rc5 is tiny"

Greg Kroah-Hartman has posted three new stable kernel updates:6.12.7,6.6.68, and6.1.122. As usual, he warns that all users ofstable kernels must upgrade, although for many systems that seems unlikely tohappen until January.

Security updates have been issued by Debian (node-postcss), Fedora (age, dr_libs, incus, libxml2, moodle, and python-sql), and SUSE (poppler and python-grpcio).

Continuing its tradition of yearly major releases on December 25, the Ruby programming-language projecthas releasedRuby 3.4.0 (followed quickly by 3.4.1,which simply updates the version number). Ruby 3.4 includes lots ofchanges, including the addition of it as aless-confusing shorthand for _1 as a block parameter, switching toPrism as the defaultparser, adding the Happy Eyeballsversion2 algorithm to the socket library,just-in-time (JIT) compiler (YJIT) improvements, garbage-collectionmodularization, and more.