LWN.net

Version1.81.0 of the Rust language has been released. Changes include thestabilization of the Error trait in core, some new sortalgorithms, some linting improvements, and more.

OpenSnitch is an"interactive application firewall". Like other firewalls, it uses aseries of rules to decide what network traffic should be permitted. Unlikemany other firewalls, though, OpenSnitch does not ask the user to create a list of rulesahead of time. Instead, the list of rules can be built upincrementally as applications make connections - and the user can peruse boththe rules that have built up over time, and statistics on the connections thathave been attempted.

Version 4.21.0 of the Samba Windows interoperability suite has beenreleased. Changes include some authentication hardening, a number of LDAPimprovements, per-user and per-group veto and hide files, group-managedservice accounts, and quite a bit more.

Security updates have been issued by AlmaLinux (bubblewrap and flatpak, containernetworking-plugins, fence-agents, ghostscript, krb5, orc, podman, python3.11, python3.9, resource-agents, runc, and wget), Debian (chromium, cinder, glance, gnutls28, nova, nsis, python-oslo.utils, ruby-sinatra, and setuptools), Fedora (kernel), Oracle (bubblewrap and flatpak, buildah, containernetworking-plugins, fence-agents, ghostscript, gvisor-tap-vsock, kernel, krb5, libndp, nodejs:18, orc, podman, postgresql, python-urllib3, python3.11, python3.12, python3.9, runc, skopeo, and wget), SUSE (hdf5, netcdf, trilinos), and Ubuntu (firefox, imagemagick, ironic, openssl, python-django, vim, and znc).

The LWN.net Weekly Edition for September 5, 2024 is available.

The call for candidateshas gone out for the 2024 election of members of the Linux FoundationTechnical Advisory Board:

Version 4.0 of the Tellico collection-managementsoftware has been released. This is the first release to use theKDEFrameworks6 and Qt6 libraries, with a fallbackavailable for Frameworks5 and Qt5. Other notable changes in 4.0include importing video collections from file metadata and correctlyimporting multi-disc album data from Discogs, MusicBrainz, and iTunes. Usersof prior versions are advised to make a backup of their data before upgrading.

Much of the early Rust code for the kernel has taken the form ofreimplementations of existing drivers as a proof of concept. One project,though, is entirely new: the driver for Apple GPUs written by Asahi Lina.This driver has shipped with AsahiLinux for some time and, by many accounts, is stable, usable, and ashining example of how Rust can be used in a complex kernel subsystem.That driver remains outside of the mainline kernel, though, and mergingcurrently looks like a distant prospect. The reasons for that state ofaffairs highlight some of the difficulties inherent in integrating a newlanguage (and its associated development style) into the Linux kernel.

The 6.10.8, 6.6.49, 6.1.108, 5.15.166, 5.10.225, 5.4.283, and 4.19.321 stable kernel updates have allbeen released. As usual, they contain important fixes throughout thetree. Users of those kernels should upgrade.

Security updates have been issued by AlmaLinux (buildah, gvisor-tap-vsock, nodejs:18, python-urllib3, and skopeo), Debian (firefox-esr and openssl), Fedora (apr and seamonkey), Red Hat (podman), Slackware (mozilla and seamonkey), SUSE (bubblewrap and flatpak, buildah, docker, dovecot23, ffmpeg, frr, go1.21-openssl, graphviz, java-1_8_0-openj9, kubernetes1.26, kubernetes1.27, kubernetes1.28, openssl-1_0_0, openssl-3, perl-DBI, python-aiohttp, python-Django, python-WebOb, thunderbird, tiff, ucode-intel, unbound, webkit2gtk3, and xen), and Ubuntu (drupal7 and twisted).

Version130.0 of the Firefox browser has been released. Notable in thisrelease is the addition of a Firefox Labs tab in FirefoxSettings. This allows users to easily enable experimental features,such as the ability to translate selected text portions to differentlanguages after a full-page translation, and addan AI chatbot to the sidebar. Firefox 130 also addresses severalsecurity issues, adds 11 new languages to its translation support,and more.

One of the joys of writing about technology is the opportunity tocover interesting talks on opensource and freesoftware topics. Oneof the pains is creating transcriptions of said talks, or continuallyreferring back to a recording, to be able to write aboutthem. Speech Note is anopen-source application that uses machine-learning models, running locally, totranslate speech to text and take the pain out of transcription. Italso handles text to speech, and language translations. While notperfect, its transcriptions are better than one might expect, even whenhandling jargon, accents, and less-than-perfect audio.

Security updates have been issued by AlmaLinux (python3.12), Debian (calibre, exfatprogs, frr, git, libtommath, nbconvert, ruby-nokogiri, ruby-tzinfo, and webkit2gtk), Fedora (flatpak, lua-mpack, and python3.12), Red Hat (389-ds-base, 389-ds:1.4, buildah, fence-agents, gvisor-tap-vsock, httpd:2.4, kernel, kernel-rt, nodejs:18, orc, postgresql, postgresql:12, postgresql:13, postgresql:15, python-urllib3, python3.12, and skopeo), SUSE (389-ds, bubblewrap and flatpak, cacti, cacti-spine, curl, glib2, kernel-firmware, libqt5-qt3d, libqt5-qtquick3d, opera, python39, qemu, unbound, xen, and zziplib), and Ubuntu (ffmpeg, linux-raspi-5.4, and python-webob).

At this year's GUADEC in Denver, Colorado, Behdad Esfahbod and Matthias Clasenpresented a two-part talk on a topic that's deeply important to desktopenvironments: fonts. Esfahbod covered advances in fonttechnology that are making their way to becoming standards, and Clasen brieflydiscussed improvements in GTK text rendering. The talk presented somefascinating insights into the problems around accurately renderingwriting systems on the desktop, and where font technologies may begoing in the near future.

Security updates have been issued by AlmaLinux (postgresql:16), Debian (dovecot, pymatgen, ruby2.7, systemd, and webkit2gtk), Fedora (microcode_ctl, python3.11, vim, and xen), Oracle (kernel, postgresql:12, postgresql:13, postgresql:15, and python39:3.9 and python39-devel:3.9), Slackware (libpcap), SUSE (cacti, cacti-spine, python-Django, and trivy), and Ubuntu (dovecot).

Linus has released 6.11-rc6 for testing."Things look pretty normal, although we have perhaps unusually manyfilesystem fixes here, spread out over smb, xfs, bcachefs and netfs."

Reading an established open-source project's developer mailing listmay leave new contributors wishing they had a decoder ring. GregSabino Mullane has written up a valuable explainerfor those new to the PostgreSQL hackers (pgsql-hackers)mailing list that may also be useful for decoding other lists as well:

Here is a piece of advice for anybody wanting an easy and frustration-freelife: do not run your own email system. While there are numerous advantages tokeeping some control over your communications, there is also a long list ofthings that can go wrong. A recent failure of spam filtering on the LWNemail system illustrated one of those ways, as well as shining a light onhow even a seemingly independent email system is tied to other servicesacross the net.

Back in 2021, the ElasticSearch search engine and Kibana visualizationplatform were relicensed under the non-freeServer Side Public License (SSPL). Now, Elastic (the company owning thoseprojects) has announcedthat those projects will also be distributable under the Affero GPL license.

Dave Airlie makesan analogy between the stages of road building and those of adding Rustto the Linux kernel.

The venerable AnandTech site has announcedits closing after 27years of technology-industry coverage.

Security updates have been issued by AlmaLinux (libvpx, postgresql, postgresql:12, postgresql:13, postgresql:15, and python39:3.9 and python39-devel:3.9), Debian (chromium and ghostscript), Fedora (python3.13), and SUSE (chromium and podman).

The KDE project plans to directlyask for donations in the Plasma desktop starting with version6.2. According to thisblog post by Nate Graham, users will see asystem notification once per year (in December) asking for adonation to the non-profit KDEe.V.:

Version 5.0.0 of GNUScreen hasbeen released. Notable changes in this release includenew commands for authentication, input into multiple windows at thesame time, and to turn on/off truecolor support.

Greg Kroah-Hartman has announced the release of the 6.10.7, 6.6.48, and 6.1.107 stable kernels. They all containimportant fixes throughout the kernel tree, as is the norm.

Plasma Mobile is an open-sourceuser interface for mobile devices, developed by the KDE community. It'sbuilt on the same foundations as Plasma Desktop, including KDE Frameworks and the KWin windowmanager. Much like its desktop counterpart, Plasma Mobile caters toadvanced users by offering extensive customizability. It is offered as anoption on phones with various mobile Linuxdistributions.

Security updates have been issued by AlmaLinux (bind and bind-dyndb-ldap and postgresql:16), Fedora (less and python3.6), Mageia (nodejs & yarnpkg), Oracle (libvpx and postgresql:16), Red Hat (edk2, git, kernel, openldap, postgresql:15, postgresql:16, python3, and python39:3.9 and python39-devel:3.9), SUSE (apache2, python-setuptools, and python3-setuptools), and Ubuntu (linux-oracle).

Wedson Almeida Filho, one of the key developers driving the Rust-for-Linux project, has retired from theproject.

The LWN.net Weekly Edition for August 29, 2024 is available.

Immutable data makes concurrent access easier, since iteliminates the data-race conditions that can plague multithreaded programs. AtPyCon2024, Yury Selivanovintroduced an early-stage project called MemHive, which uses Pythonsubinterpreters and immutable data toovercome the problems of thread serialization that are caused by thelanguage's Global Interpreter Lock (GIL). Recent developments in the Python world have openedup different strategies for avoiding the longstanding problems with theGIL.

Achieving consensus among Debian Developers on technical topics andprocedures can be, to put it mildly, challenging. Nevertheless, thatis exactly what Otto Kekalainen has tried to do with a proposal thatwould set up "principles all Debian packages should follow to beopen for collaboration in package maintenance". In the near term,it seems unlikely that the proposal will be accepted, but thediscussion may be effective at improving collaboration nonetheless.

Security updates have been issued by Fedora (calibre, dotnet8.0, dovecot, webkit2gtk4.0, and webkitgtk), Oracle (nodejs:20), Red Hat (bind, bind and bind-dyndb-ldap, postgresql:16, and squid), Slackware (kcron and plasma), SUSE (keepalived and webkit2gtk3), and Ubuntu (drupal7).

The Mono project was started in 2001 to develop a .NET environment forLinux systems. Microsoft has owned that project since 2016, but has notmade a major release since 2019. The company has now announced that Mono is beinghanded over to the WineHQ organization, which will maintain the repository goingforward. Microsoft, meanwhile, is steering users toward its "modernfork" that it continues to maintain.

KDE developer Carl Schwan has announcedthe release of Calligra Officeversion 4.0. The most significant changes in this release include a "majoroverhaul" of the office suite's user interface, and a transition to Qt6 and KDEFrameworks6.

Nominations are nowopen for people interested in joining the UbuntuCommunity Council, "the highest governance body of the Ubuntuproject". Any Ubuntu Member canapply from now until Sunday, September 22 at 23:59 UTC.

On August 13, the US National Institute of Standards and Technology (NIST)published the final form of its new post-quantum cryptographic standards. Onekey-exchange mechanism and two digital-signature schemes are now officiallysanctioned by the institute. Adopting the new standards should be fairlypainless for most developers, but the overhead added by the schemes could posechallenges for some applications.

Security updates have been issued by AlmaLinux (nodejs:20), Debian (python3.11), Fedora (dotnet8.0), Red Hat (bind, krb5, libreoffice, linux-firmware, orc, orc:0.4.28, and orc:0.4.31), SUSE (mariadb and openssl-3), and Ubuntu (linux-aws-5.4).

The developers of the Pidgin chat programhave announced thata malicious plugin had been listed on its third-party plugins list for overone month. This plugin included a key logger and could capturescreenshots.

The FreeBSD Foundation has announced that Germany's Sovereign TechFund (STF) has agreed to invest 686,400 toward improvements in theFreeBSD project's infrastructure, security, regulatory compliance, anddeveloper experience:

The genksyms tool has long been buried deeply within the kernel'sbuild system; it is one of the two C-code parsers shipped with the kernel(the other being thehorrifying kernel-doc script). It is a key part of how thekernel's module-loading infrastructure works. While genksyms hasquietly done its job for decades, that period may soon be coming to an end.It would seem that genksyms is not up to the task of handling Rustcode, so Sami Tolvanen is proposinga new tool to handle this task going forward.

Security updates have been issued by Debian (chromium, python-html-sanitizer, and trafficserver), Fedora (nginx, nginx-mod-fancyindex, nginx-mod-modsecurity, nginx-mod-naxsi, nginx-mod-vts, python-webob, python3-docs, python3.11, python3.12, python3.9, and zabbix), Red Hat (bind, bind and bind-dyndb-ldap, bind9.16, httpd, kernel, kernel-rt, and nodejs:20), SUSE (caddy, chromium, chromium, gn, rust-bindgen, cockpit, fetchmail, gdcm, gh, keybase-client, libhtp, libofx, nano, plasma5-workspace, python-nltk, python-notebook, xen, and znc), and Ubuntu (linux-azure, linux-azure-4.15, linux-azure-5.4, and linux-oracle-5.15).

The 6.11-rc5 kernel prepatch is out fortesting. "Other than the timing, there's not a whole lot unusualhere. The diffstat looks fairly flat, which means 'mostly pretty smallchanges'." Linus Torvalds added anote that today marks the 33rd anniversary of the first Linuxannouncement; "A third of a century. And it *still* isn't ready".

On the second day of DebConf24in Busan, South Korea, Holger Levsen provided a history lesson on the"first 11 years" of the Reproducible Builds project.He has been involved in the project for most of that time and has been aDebian user since the mid-1990s, contributor since 2001, and a Debianmember since 2007; "I love Debian". Meanwhile, his aim is to make all freesoftware be reproducible, so that anyone can check that a binary programcomes from the source code it purports to.

The Forgejo project has announced that, starting from version 9.0, Forgejo will be released under the GPLv3 license (or a later version). Older versions of the software forge remain MIT-licensed.

Security updates have been issued by Fedora (community-mysql, iaito, and radare2), Oracle (python3.12-setuptools and tomcat), Red Hat (krb5 and podman), Slackware (ffmpeg), SUSE (apache2, expat, firefox, webkit2gtk3, and xen), and Ubuntu (imagemagick and libxstream-java).

Version24.8 of the LibreOffice office suite has been released. Changesinclude the ability to filter identifying information from exported files,easier creation of cross reference, better control over hyphenation, anumber of new spreadsheet functions, accessibility improvements, and more.

On July 30, Al Viro senta patch set to the linux-fsdevel mailing list with acomprehensive cover letter explaining hisrecent work on ensuring that the kernel's internal representation offile descriptors are used correctly in the kernel.File descriptors are ubiquitous; many system callsneed to handle them. Viro's reviewidentified a few existing bugs, and may prevent more in the future. He also hadsuggestions for ways to keep uses consistent throughout the kernel.

Matthew Garrett describesthe role of the Secure Boot Advanced Targeting mechanism and how itplayed into the recent Windows upgrade problems.

Security updates have been issued by AlmaLinux (.NET 8.0, bind, bind9.16, curl, edk2, firefox, gnome-shell, grafana, jose, krb5, libreoffice, mod_auth_openidc:2.3, orc, pcs, poppler, python-setuptools, python-urllib3, python3.11-setuptools, python3.12-setuptools, thunderbird, tomcat, and wget), Fedora (webkitgtk), SUSE (apache2, glib2, and roundcubemail), and Ubuntu (kernel, linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-raspi, linux, linux-aws, linux-azure, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-xilinx-zynqmp, linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-ibm, linux-lowlatency, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle, linux-raspi, linux, linux-aws, linux-kvm, linux-lts-xenial, linux, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-aws, linux-aws-hwe, linux-bluefield, linux-hwe-5.15, linux-raspi-5.4, and qemu).

The LWN.net Weekly Edition for August 22, 2024 is available.