LWN.net

Anthony Shaw describesthe new copy-and-patch JIT that has been proposed for Python 3.13.

Version 4.5("Resilience") of the Solus distribution has been released. "Thisrelease brings updated applications and kernels, refreshed software stacks,a new installer, and a new ISO edition featuring the XFCE desktopenvironment."

Security updates have been issued by Debian (squid), Fedora (podman), Mageia (dropbear), SUSE (eclipse-jgit, jsch, gcc13, helm3, opusfile, qt6-base, thunderbird, and wireshark), and Ubuntu (clamav, libclamunrar, and qemu).

The 6.7 kernel was releasedon January7 after a ten-week development cycle. This was, as itturns out, the busiest cycle ever with regard to the number of changesetsmerged. The time has come for our usual look at where all those changesetscame from, with a side trip into how long kernel developers tend to stickaround.

Greg Kroah-Hartman has announced the release of the 5.4.266, 4.19.304, and 4.14.335 stable kernels. They containimportant fixes throughout the kernel tree.

Security updates have been issued by Debian (exim4), Fedora (chromium, perl-Spreadsheet-ParseExcel, python-aiohttp, python-pysqueezebox, and tinyxml), Gentoo (Apache Batik, Eclipse Mosquitto, firefox, R, Synapse, and util-linux), Mageia (libssh2 and putty), Red Hat (squid), SUSE (libxkbcommon), and Ubuntu (gnutls28).

Linus has released the 6.7 kernel.

Kernel developers often go out of their way to reduce the memory used bythe kernel itself; that memory is not available for the workloads thatpeople are actually interested in running on their systems. Lower memoryusage also tends to lead to better performance overall. But there aretimes when the expenditure of some extra memory can make the system faster.The replication of the kernel's text (executable code) and read-only dataacross a NUMA system may be a case in point; patch sets have been postedadding that capability to two architectures.

The 6.6.10, 6.1.71, 5.15.146, and 5.10.206 stable kernels have been released.They contain numerous important fixes, as usual.

Security updates have been issued by Debian (asterisk, chromium, exim4, netatalk, and tomcat9), Fedora (chromium), Gentoo (BlueZ, c-ares, CUPS filters, RDoc, and WebKitGTK+), Oracle (firefox, squid:4, thunderbird, and tigervnc), SUSE (python-aiohttp and python-paramiko), and Ubuntu (linux-intel-iotg).

The saga of the None-aware (or null-coalescing) operators for Pythoncontinues. We last looked in on the topica little over a year ago and noted that either adoption or a clearrejection of the idea might help tamp down its regular recurrence. Thathas not happened, so, predictably, it was raised again-and does not lookany closer to resolution this time around.

ITWire coversthe passing of Niklaus Wirth.

Security updates have been issued by Oracle (firefox, gstreamer1-plugins-bad-free, thunderbird, tigervnc, and xorg-x11-server), Red Hat (squid:4), SUSE (exim, libcryptopp, and proftpd), and Ubuntu (openssh and sqlite3).

The LWN.net Weekly Edition for January 4, 2024 is available.

Normally, when a new vulnerability is discovered and releases arecoordinated with those affected, the announcement is done ata convenient time-not generally right before the end-of-year holidays, forexample. The SMTPSmuggling vulnerability has taken a different path, however, with itsannouncement landing on December18. That may well have beenunpleasant for some administrators that had not yet updated, but it wasparticularly problematic for some projects that had not been made aware of the vulnerability atall-though it was known to affect several open-source mailers.

On his blog, Luc Lenotre introducesMaestro, "a Unix-like kernel and operating system written fromscratch in Rust". Maestro is intended to be"lightweight and compatible-enough with Linux to be usable in everydaylife". The project began, in C, back in 2018, but switched over toRust after a year-and-a-half. The current status:

Version 9.1 of theVim editor has been released. "This release is dedicated to BramMoolenaar, Vim's lead developer for more than 30 years, who passed away halfa year ago. The Vim project wouldn't exist without his work". Changesinclude new support for classes and objects in the scripting language,smooth scrolling support, an EditorConfig plugin, and more.

Security updates have been issued by Debian (kernel), Fedora (slurm), Oracle (kernel and postgresql:15), Red Hat (firefox, gstreamer1-plugins-bad-free, thunderbird, tigervnc, and xorg-x11-server), SUSE (polkit, postfix, putty, w3m, and webkit2gtk3), and Ubuntu (nodejs).

The calendar has flipped over into 2024 - another year has begun. Here atLWN, we do not have a better idea of what this year will bring than anybodyelse does, but that doesn't keep us from going out on a shaky limb andmaking predictions anyway. Here, for the curious, are a few things that wethink may be in store for 2024.

Security updates have been issued by Gentoo (Joblib), Red Hat (firefox and thunderbird), SUSE (gstreamer-plugins-bad, libssh2_org, and webkit2gtk3), and Ubuntu (firefox and thunderbird).

Greg Kroah-Hartman has announced the release of the 6.6.9 and 6.1.70 stable kernels. As usual, they containimportant fixes throughout the kernel tree.

One might not think that much could be said about a simple macro defining aconstant integer value. But the kernel is special, it seems. A change tothe definition of MAX_ORDER has had a number of follow-on effects,and the task of cleaning up after this change is not done yet. So perhapsa look at MAX_ORDER is in order.

Version 1.6.0 of the Scribusdesktop-publishing application has been released. Thelist of new features is rather long and includes a user interface overhaul,improvements for HiDPI screens, new scripting commands, lots oftypographical improvements and features, a new picture browser forgraphical asset management, support for more gradient types, and much more.

Security updates have been issued by Debian (ansible, asterisk, cjson, firefox-esr, kernel, libde265, libreoffice, libspreadsheet-parseexcel-perl, php-guzzlehttp-psr7, thunderbird, tinyxml, and xerces-c), Fedora (podman-tui, proftpd, python-asyncssh, squid, and xerces-c), Mageia (libssh and proftpd), and SUSE (deepin-compressor, gnutls, gstreamer, libreoffice, opera, proftpd, and python-pip).

Linus has released 6.7-rc8 for testing.

The Julia programming language project has released Juliav1.10. It is mainly a performance release, with only two new language features mentioned in the release notes: "JuliaSyntax.jl is now used as the default parser, providing better diagnostics and faster parsing." and the addition of two Unicode symbols for use as binary operators: "(U+297A, \leftarrowsubset) and (U+2977, \leftarrowless)". Package-loading time has been improved further and the mark phase of garbage collection has been parallelized, among other improvements.

Version 6.0 of the Gnuplot plotting systemhas been released.

Gentoo Linux is the prototypical source-based distribution, but there isnow abinary installation option available as well.

Version1.75.0 of the Rust language has been released. Notable changes include"asyncfn and -> impl Trait in traits", a pointer byte-offsetAPI, some compiler performance improvements, and a number of stabilized APIs.

Displaying an application's graphical output onto the screen requirescompositing and mode setting that are correctly synchronized among the various pieces,with low overhead.In this second and final article in the series, we will look atthose pieces of the Linux graphics stack. In the first installment, we followed the path of graphics from the application, through Mesa, whileusing the memory-management features of the kernel's DirectRendering Manager (DRM) subsystem.We ended up with an application's graphics data stored in an output buffer,so nowit's time to display the image to the user.

Security updates have been issued by Debian (haproxy, libssh, and nodejs), Fedora (filezilla and minizip-ng), Gentoo (Git, libssh, and OpenSSH), and SUSE (gstreamer, postfix, webkit2gtk3, and zabbix).

The Debian project has completed ageneral-resolution vote, adopting a statement expressing concern aboutthe Cyber Resilience Act (CRA) pending in the European Union.

Security updates have been issued by Debian (curl, openssh, osslsigncode, and putty), Fedora (chromium, filezilla, libfilezilla, mingw-gstreamer1, mingw-gstreamer1-plugins-bad-free, mingw-gstreamer1-plugins-base, mingw-gstreamer1-plugins-good, opensc, thunderbird, unrealircd, and xorg-x11-server-Xwayland), Gentoo (Ceph, FFmpeg, Flatpak, Gitea, and SABnzbd), Mageia (chromium-browser-stable), Slackware (kernel and postfix), and SUSE (cppcheck, distribution, gstreamer-plugins-bad, jbigkit, and ppp).

As is the tradition for the Ruby programming language, December25 is the date for new major releases; this year, Ruby3.3.0 was released. It comes with a new parser called "Prism" that is "both a C library that will be used internally by CRuby and a Ruby gem that can be used by any tooling which needs to parse Ruby code". The release also has many performance improvements, especially in the YJIT (Yet another Ruby JIT) just-in-time compiler. Ruby3.3 adds a new Ruby-based JIT, RJIT, that targets x86_64, which is available for experimental purposes. There are lots of other improvements and new features described in the announcement.

The 6.7-rc7 kernel prepatch is out fortesting.

The 5.15.145 stable kernel has beenreleased. It consists mostly of fixes to the ksmbd subsystem, which hasbeen marked as broken due to (until now) a lack of support for the 5.15.xkernels.

Version4.6.0 of the darktable photo editor has been released. Changes includea new "rgb primaries" module that "can be used for delicate colorcorrections as well as creative color grading", enhancements to thesigmoid module, some performance improvements, and more. (LWN looked at darktable in 2022).

Security updates have been issued by Debian (bluez, chromium, gst-plugins-bad1.0, openssh, and thunderbird), Fedora (chromium, firefox, kernel, libssh, nss, opensc, and thunderbird), Gentoo (Arduino, Exiv2, LibRaw, libssh, NASM, and QtWebEngine), Mageia (gstreamer), and SUSE (gnutls, gstreamer-plugins-bad, libcryptopp, libqt5-qtbase, ppp, tinyxml, xorg-x11-server, and zbar).

Unsurprisingly, Linus Torvalds has letit be known that he will do a 6.7-rc8 release (rather than 6.7 final)on December31, thus avoiding opening the 6.8 merge window on NewYear's Day.

Tooling for profiling the effects of memory usage and layout has alwayslagged behind that for profiling processor activity, so Namhyung Kim's patch set for data-type profilingin perf is a welcome addition. It provides aggregated breakdowns ofmemory accesses by data type that can inform structure layout and accesspattern changes. Existing tools have either, like heaptrack, focused onprofiling allocations, or, like perf mem, on accounting memoryaccesses only at the address level. This new work builds on the latter,using DWARF debugging information to correlate memory operations with theirsource-level types.

The Rust Blog announcesthe stabilization of a couple of trait features aimed at improving supportfor async code:

Security updates have been issued by Debian (firefox-esr), Fedora (kernel), Mageia (bluez), Oracle (fence-agents, gstreamer1-plugins-bad-free, opensc, openssl, postgresql:10, and postgresql:12), Red Hat (postgresql:15 and tigervnc), Slackware (proftpd), and SUSE (docker, rootlesskit, firefox, go1.20-openssl, go1.21-openssl, gstreamer-plugins-bad, libreoffice, libssh2_org, poppler, putty, rabbitmq-server, wireshark, xen, xorg-x11-server, and xwayland).

The LWN.net Weekly Edition for December 21, 2023 is available.

Version 8.2.0 ofthe QEMU emulator is out. Changes include new emulations for virtio-sounddevices, universal flash storage devices, Xilinx Versal boards, and muchmore.

Yet another year has come to an end. Much to our dismay, 2023 did not, infact, happen exactly as we predicted back inJanuary. So it seems that, once again, we will have to go through theprocess of looking at the predictions that we made and mocking each inturn, before getting into what was missed altogether. A lot happened in2023, not all of which was predictable.

The 2024 Linux Storage, Filesystem, Memory-Management, and BPF Summit willbe held May13 to15 in Salt Lake City, Utah, USA. The callfor proposals has already gone out, with a deadline of March1."LSF/MM/BPF is an invitation-only technical workshop to map outimprovements to the Linux storage, filesystem, BPF, and memory managementsubsystems that will make their way into the mainline kernel within thecoming years."

The6.6.8,6.1.69,5.15.144,5.10.205,5.4.265,4.19.303, and4.14.334stable kernel updates have all been released; each contains another set ofimportant fixes.Note that 5.15.145is already in the review process, with a due date of December22. Itconsists almost exclusively of ksmbd patches in a flurry of backportingthat was seemingly inspired by the recent markingof ksmbd as broken in 5.15.

Security updates have been issued by Fedora (ansible and ansible-core), Gentoo (Minecraft Server and thunderbird), Mageia (fusiondirectory), Red Hat (gstreamer1-plugins-bad-free, opensc, and openssl), Slackware (libssh and mozilla), SUSE (avahi, firefox, ghostscript, gstreamer-plugins-bad, mariadb, openssh, openssl-1_1-livepatches, python-aiohttp, python-cryptography, xorg-x11-server, and xwayland), and Ubuntu (libssh and openssh).

Linux graphics developers often speak of modern Linux graphicswhen they refer to a number of individual software components and how theyinteract with each other.Among other things, it's a mix of kernel-managed display resources, Wayland for compositing, accelerated 3D rendering, and decidedly not X11.In a two-part series, we will take a fast-paced journeythrough the graphics code to see how it converts application datato pixel data and displays it on the screen. In this installment, we lookat application rendering, Mesa internals, and thenecessary kernel features.

Version 4.2.0 of the Qubes OS distribution has been released; changesinclude a switch to Xfce for the Fedora and Debian templates, a number ofrewritten graphical applications, PipeWire support, and more. See the releasenotes for details. (QubesOS was last covered here in 2021).