Feed lwn LWN.net

Favorite IconLWN.net

Link https://lwn.net/
Feed http://lwn.net/headlines/rss
Updated 2024-03-28 23:00
Julia 1.10 released
The Julia programming language project has released Juliav1.10. It is mainly a performance release, with only two new language features mentioned in the release notes: "JuliaSyntax.jl is now used as the default parser, providing better diagnostics and faster parsing." and the addition of two Unicode symbols for use as binary operators: "(U+297A, \leftarrowsubset) and (U+2977, \leftarrowless)". Package-loading time has been improved further and the mark phase of garbage collection has been parallelized, among other improvements.
Gnuplot 6.0 released
Version 6.0 of the Gnuplot plotting systemhas been released.
Gentoo in binary form
Gentoo Linux is the prototypical source-based distribution, but there isnow abinary installation option available as well.
Rust 1.75.0 released
Version1.75.0 of the Rust language has been released. Notable changes include"asyncfn and -> impl Trait in traits", a pointer byte-offsetAPI, some compiler performance improvements, and a number of stabilized APIs.
[$] The Linux graphics stack in a nutshell, part2
Displaying an application's graphical output onto the screen requirescompositing and mode setting that are correctly synchronized among the various pieces,with low overhead.In this second and final article in the series, we will look atthose pieces of the Linux graphics stack. In the first installment, we followed the path of graphics from the application, through Mesa, whileusing the memory-management features of the kernel's DirectRendering Manager (DRM) subsystem.We ended up with an application's graphics data stored in an output buffer,so nowit's time to display the image to the user.
Security updates for Thursday
Security updates have been issued by Debian (haproxy, libssh, and nodejs), Fedora (filezilla and minizip-ng), Gentoo (Git, libssh, and OpenSSH), and SUSE (gstreamer, postfix, webkit2gtk3, and zabbix).
Debian statement on the Cyber Resilience Act
The Debian project has completed ageneral-resolution vote, adopting a statement expressing concern aboutthe Cyber Resilience Act (CRA) pending in the European Union.
Security updates for Tuesday
Security updates have been issued by Debian (curl, openssh, osslsigncode, and putty), Fedora (chromium, filezilla, libfilezilla, mingw-gstreamer1, mingw-gstreamer1-plugins-bad-free, mingw-gstreamer1-plugins-base, mingw-gstreamer1-plugins-good, opensc, thunderbird, unrealircd, and xorg-x11-server-Xwayland), Gentoo (Ceph, FFmpeg, Flatpak, Gitea, and SABnzbd), Mageia (chromium-browser-stable), Slackware (kernel and postfix), and SUSE (cppcheck, distribution, gstreamer-plugins-bad, jbigkit, and ppp).
Ruby 3.3.0 Released
As is the tradition for the Ruby programming language, December25 is the date for new major releases; this year, Ruby3.3.0 was released. It comes with a new parser called "Prism" that is "both a C library that will be used internally by CRuby and a Ruby gem that can be used by any tooling which needs to parse Ruby code". The release also has many performance improvements, especially in the YJIT (Yet another Ruby JIT) just-in-time compiler. Ruby3.3 adds a new Ruby-based JIT, RJIT, that targets x86_64, which is available for experimental purposes. There are lots of other improvements and new features described in the announcement.
Kernel prepatch 6.7-rc7
The 6.7-rc7 kernel prepatch is out fortesting.
Stable kernel 5.15.145
The 5.15.145 stable kernel has beenreleased. It consists mostly of fixes to the ksmbd subsystem, which hasbeen marked as broken due to (until now) a lack of support for the 5.15.xkernels.
Darktable 4.6.0 released
Version4.6.0 of the darktable photo editor has been released. Changes includea new "rgb primaries" module that "can be used for delicate colorcorrections as well as creative color grading", enhancements to thesigmoid module, some performance improvements, and more. (LWN looked at darktable in 2022).
Security updates for Friday
Security updates have been issued by Debian (bluez, chromium, gst-plugins-bad1.0, openssh, and thunderbird), Fedora (chromium, firefox, kernel, libssh, nss, opensc, and thunderbird), Gentoo (Arduino, Exiv2, LibRaw, libssh, NASM, and QtWebEngine), Mageia (gstreamer), and SUSE (gnutls, gstreamer-plugins-bad, libcryptopp, libqt5-qtbase, ppp, tinyxml, xorg-x11-server, and zbar).
The 6.7 kernel will be released on January 7
Unsurprisingly, Linus Torvalds has letit be known that he will do a 6.7-rc8 release (rather than 6.7 final)on December31, thus avoiding opening the 6.8 merge window on NewYear's Day.
[$] Data-type profiling for perf
Tooling for profiling the effects of memory usage and layout has alwayslagged behind that for profiling processor activity, so Namhyung Kim's patch set for data-type profilingin perf is a welcome addition. It provides aggregated breakdowns ofmemory accesses by data type that can inform structure layout and accesspattern changes. Existing tools have either, like heaptrack, focused onprofiling allocations, or, like perf mem, on accounting memoryaccesses only at the address level. This new work builds on the latter,using DWARF debugging information to correlate memory operations with theirsource-level types.
Announcing `async fn` and return-position `impl Trait` in traits (Rust Blog)
The Rust Blog announcesthe stabilization of a couple of trait features aimed at improving supportfor async code:
Security updates for Thursday
Security updates have been issued by Debian (firefox-esr), Fedora (kernel), Mageia (bluez), Oracle (fence-agents, gstreamer1-plugins-bad-free, opensc, openssl, postgresql:10, and postgresql:12), Red Hat (postgresql:15 and tigervnc), Slackware (proftpd), and SUSE (docker, rootlesskit, firefox, go1.20-openssl, go1.21-openssl, gstreamer-plugins-bad, libreoffice, libssh2_org, poppler, putty, rabbitmq-server, wireshark, xen, xorg-x11-server, and xwayland).
[$] LWN.net Weekly Edition for December 21, 2023
The LWN.net Weekly Edition for December 21, 2023 is available.
QEMU 8.2.0 released
Version 8.2.0 ofthe QEMU emulator is out. Changes include new emulations for virtio-sounddevices, universal flash storage devices, Xilinx Versal boards, and muchmore.
[$] Looking back at 2023
Yet another year has come to an end. Much to our dismay, 2023 did not, infact, happen exactly as we predicted back inJanuary. So it seems that, once again, we will have to go through theprocess of looking at the predictions that we made and mocking each inturn, before getting into what was missed altogether. A lot happened in2023, not all of which was predictable.
LSFMM+BPF 2024 call for proposals
The 2024 Linux Storage, Filesystem, Memory-Management, and BPF Summit willbe held May13 to15 in Salt Lake City, Utah, USA. The callfor proposals has already gone out, with a deadline of March1."LSF/MM/BPF is an invitation-only technical workshop to map outimprovements to the Linux storage, filesystem, BPF, and memory managementsubsystems that will make their way into the mainline kernel within thecoming years."
Seven stable kernels
The6.6.8,6.1.69,5.15.144,5.10.205,5.4.265,4.19.303, and4.14.334stable kernel updates have all been released; each contains another set ofimportant fixes.Note that 5.15.145is already in the review process, with a due date of December22. Itconsists almost exclusively of ksmbd patches in a flurry of backportingthat was seemingly inspired by the recent markingof ksmbd as broken in 5.15.
Security updates for Wednesday
Security updates have been issued by Fedora (ansible and ansible-core), Gentoo (Minecraft Server and thunderbird), Mageia (fusiondirectory), Red Hat (gstreamer1-plugins-bad-free, opensc, and openssl), Slackware (libssh and mozilla), SUSE (avahi, firefox, ghostscript, gstreamer-plugins-bad, mariadb, openssh, openssl-1_1-livepatches, python-aiohttp, python-cryptography, xorg-x11-server, and xwayland), and Ubuntu (libssh and openssh).
[$] The Linux graphics stack in a nutshell, part1
Linux graphics developers often speak of modern Linux graphicswhen they refer to a number of individual software components and how theyinteract with each other.Among other things, it's a mix of kernel-managed display resources, Wayland for compositing, accelerated 3D rendering, and decidedly not X11.In a two-part series, we will take a fast-paced journeythrough the graphics code to see how it converts application datato pixel data and displays it on the screen. In this installment, we lookat application rendering, Mesa internals, and thenecessary kernel features.
Qubes OS 4.2.0 released
Version 4.2.0 of the Qubes OS distribution has been released; changesinclude a switch to Xfce for the Fedora and Debian templates, a number ofrewritten graphical applications, PipeWire support, and more. See the releasenotes for details. (QubesOS was last covered here in 2021).
OpenSSH 9.6 released
OpenSSH9.6 has been released. It includes some minor improvements and a fixfor the so-called Terrapinattack.
Firefox 121.0 released
Version121.0 of the Firefox browser is out. Along with the usual pile ofsecurity fixes, this release add the ability to force links to be renderedwith underlines and use of Wayland by default if it is available: "Thisbrings support for touchpad & touchscreen gestures, swipe-to-nav,per-monitor DPI settings, better graphics performance, and more."
Security updates for Tuesday
Security updates have been issued by Debian (webkit2gtk), Fedora (rdiff-backup and xorg-x11-server-Xwayland), Mageia (cjose and ghostscript), Oracle (avahi), Red Hat (postgresql:10), and SUSE (avahi, freerdp, libsass, and ncurses).
[$] The intersection of mlx5, netdev, and lockdown
The NVIDIA Mellanox ConnectX HW family of adapters is a complex beast,supporting networking, InfiniBand, RDMA, and more. As a result, the mlx5kernel driver that supports this hardware is also complex, as is theinterface that it provides to user space. The mlx5 developers have, for awhile now, been proposingthe addition of a new control interface, in the form of a separate virtualdevice exported by the kernel, that would make vast amounts of debugginginformation available. This driver has encountered some significantopposition on its way toward the mainline, though, raising a number ofquestions about appropriate interfaces and when subsystem maintainers haveveto power over submissions.
Security updates for Monday
Security updates have been issued by Debian (freeimage, ghostscript, intel-microcode, spip, and xorg-server), Fedora (chromium, perl, perl-Devel-Cover, perl-PAR-Packer, polymake, PyDrive2, seamonkey, and vim), Gentoo (Leptonica), Mageia (audiofile, gimp, golang, and poppler), Oracle (buildah, containernetworking-plugins, gstreamer1-plugins-bad-free, kernel, kernel-container, libxml2, pixman, podman, postgresql, postgresql:15, runc, skopeo, tracker-miners, and webkit2gtk3), and SUSE (fish).
Kernel prepatch 6.7-rc6
Linus has released 6.7-rc6 for testing."Please do give this a test in between the last-minute xmas shopping orwhatever else is going on ..."
Min: sched_ext: a BPF-extensible scheduler class (Part 1)
Changwoo Min providesan introduction to the sched_ext scheduling class:
DeMaio: Insights from the openSUSE Logo Contest
In response to the expressed unhappiness over the recent logo-selectionprocess in the openSUSE project (covered in this article), the project has announcedthat there will be a new vote:
[$] Progress toward a GCC-based Rust compiler
The gccrs project is an ambitiouseffort started in 2014 to implement a Rust compiler within The GNU CompilerCollection (GCC). Even though the task is far from complete, progress hasbeen made since LWN's previous coverage,according to reports from the project. Meanwhile, another hybrid and moremature approach to GCC Rust code generation is available in rustc_codegen_gcc.
Security updates for Friday
Security updates have been issued by Debian (bluez and haproxy), Fedora (curl, dotnet6.0, dotnet7.0, tigervnc, and xorg-x11-server), Red Hat (avahi and gstreamer1-plugins-bad-free), Slackware (bluez), SUSE (cdi-apiserver-container, cdi-cloner-container, cdi- controller-container, cdi-importer-container, cdi-operator-container, cdi- uploadproxy-container, cdi-uploadserver-container, cont, cosign, curl, gstreamer-plugins-bad, haproxy, ImageMagick, kernel, kernel-firmware, libreoffice, tiff, traceroute, tracker-miners, webkit2gtk3, and xrdp), and Ubuntu (audiofile, budgie-extras, libreoffice, strongswan, vim, and yajl).
25 years of Postfix
Wietse Venema posted a note to the postfix-users mailing list about the 25th anniversary of the Postfix mail server. As can be seen, it had a pivotal role in bringing more awareness of open-source software to IBM. Beyond that, of course, it is an excellent piece of software in its own right.
[$] Ext4 data corruption hits the stable kernels
The kernel's stable-update process is intended to produce kernels that are,well, stable; when that promise is lived up to, users can update to newerstable updates without fear. By any account, a bug that corrupts data onext4 filesystems constitutes a failure to hold to that promise. As is sooften the case, this problem is the result of a chain of failures in asystem that works well most of the time.
Security updates for Thursday
Security updates have been issued by Debian (chromium and rabbitmq-server), Fedora (chromium, kernel, perl-CryptX, and python-jupyter-server), Mageia (curl), Oracle (curl and postgresql), Red Hat (gstreamer1-plugins-bad-free, linux-firmware, postgresql, postgresql:10, and postgresql:15), Slackware (xorg), SUSE (catatonit, containerd, runc, container-suseconnect, gimp, kernel, openvswitch, poppler, python-cryptography, python-Twisted, python3-cryptography, qemu, squid, tiff, webkit2gtk3, xorg-x11-server, and xwayland), and Ubuntu (xorg-server and xorg-server, xwayland).
[$] LWN.net Weekly Edition for December 14, 2023
The LWN.net Weekly Edition for December 14, 2023 is available.
[$] Logo and trademark issues for openSUSE
A contest for new logosfor the openSUSE project and forfour separate distributions of it, Tumbleweed, Leap, Slowroll, and Kalpa, has turned into abit of an uproar in that community. A votehas been held on the candidates and winners have been announced, butsome are questioning why there is a need to change the existing logo (the"Geeko" chameleon) at all. In addition, there are questions about whether thenew logo will be trademarked (as previous ones have been)-and how manyyears that will take.
More stable kernel updates
The6.6.7,6.1.68,5.15.143,5.10.204,5.4.264,4.19.302, and4.14.333stable kernel updates have all been released; each contains another set ofimportant fixes.
Rust for Linux — in space
The Rust for Linux (RFL) project may not have (yet) resulted in user-visiblechanges to the Linux kernel, but it seems the wider world has taken notice.Hongyu Li has announcedthat the Rust for Linux code is now part of a satellite just launchedout of China. The satellite is running a system called RROS, which follows the oldRTLinux pattern of running a realtime kernel alongside Linux. The realtimecore is written in Rust, using the RFL groundwork.
OpenPGP for application developers
A new book called OpenPGP for applicationdevelopers has been released under the Creative Commons BY-SA license.
Security updates for Wednesday
Security updates have been issued by Debian (debian-security-support and xorg-server), Fedora (java-17-openjdk, libcmis, and libreoffice), Mageia (fish), Red Hat (buildah, containernetworking-plugins, curl, fence-agents, kernel, kpatch-patch, libxml2, pixman, podman, runc, skopeo, and tracker-miners), SUSE (kernel, SUSE Manager 4.3.10 Release Notes, and SUSE Manager Client Tools), and Ubuntu (gnome-control-center, linux-gcp, linux-kvm, linux-gkeop, linux-gkeop-5.15, linux-hwe-6.2, linux-lowlatency-hwe-6.2, linux-nvidia-6.2, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, netatalk, and pydantic).
The end of vger.kernel.org
Konstantin Ryabitsev has announcedthat the movement of kernel mailing lists away from the venerablevger.kernel.org system is nearly complete:
Graber: LXD now re-licensed and under a CLA
The story of Canonical's takeover of the LXD container manager, and thesubsequent creation of the Incus fork, has beensimmering for a while. Now Incus developer Stephane Graber reportsthat Canonical has changed the license and contribution terms for LXD:
[$] Project Bluefin: A customized Fedora Silverblue desktop image
So-called "immutable" Linux distributions have been in development forsome time, but (unless you count Chrome OS) haven't gained much traction. Project Bluefin, is a heavilycustomized set of FedoraSilverblue images coming from the Universal Blue community; they aredesigned to deliver a reliable Linux desktop that's as easy to use as aChromebook but more customizable. Bluefin's mission is to change upthe desktop experience and attract a new generation of open-sourcecontributors with a "cloud-native"take on developing and delivering the operating system.
Security updates for Tuesday
Security updates have been issued by Debian (libreoffice and webkit2gtk), Fedora (java-1.8.0-openjdk and seamonkey), Oracle (apr, edk2, kernel, and squid:4), Red Hat (postgresql:12, tracker-miners, and webkit2gtk3), SUSE (curl, go1.20, go1.21, hplip, openvswitch, opera, squid, and xerces-c), and Ubuntu (binutils, ghostscript, libreoffice, linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gke, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-kvm, linux-nvidia, linux-oracle, linux-oracle-5.15, linux-raspi, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-xilinx-zynqmp, postfixadmin, python3.11, and webkit2gtk).
Bottomley: Solving the Looming Developer Liability Problem
James Bottomley writesthat open-source developers are increasingly likely to be held liable forflaws in their code and suggests a solution:
[$] Some recent and notable changes to Rust
The Rust project makes incremental releases every sixweeks, a fact that makes it easy to overlook some of theinteresting changes coming to the language, such as newABIs, better debugger support, asynchronous traits, andsupport for C strings.The end of the year provides an opportunity to look backover the past several months of updates, and to lookforward to what to expect in 2024.
...234567891011...