LWN.net

The 5.10.3 stable kernel update is out withanother set of important fixes.

Ruby 3.0.0 has been released. "From2015 we developed hard toward Ruby 3, whose goal is performance,concurrency, and Typing. [...] With Optcarrot benchmark, which measures single thread performance based on NES’s game emulation workload, it achieved 3x faster performance than Ruby 2.0!"

Its existence may come as a bit of a surprise to some, but the GnuCOBOL project has released version 3.1.2 as a successor to GnuCOBOL 2.2 after three years of improvements. "GnuCOBOL is a free, modern COBOL compiler.It translates COBOL into intermediate C and compiles the code using a native C compiler (preferably GCC, but not limited to it). [...] some of the highlights: Huge improvements for compatibility to different COBOL dialects, better error handling and adjustable exceptions per COBOL 2002; more modern format for diagnostic messages (especially useful when used in an integrated development environment possible in Emacs, Vim, VSCodium and others) and improved source-level debugging." More information about the new features in the release can be found in the NEWS file, which is attached to the release announcement below.

The Tor project is mourning Karsten Loesing, who died on December 18. "Karsten was part of the Tor community for 13 years and an amazing, smart, thoughtful, and gentle person who has touched us all. Over the course of these years we saw him not only grow as a colleague at Tor but as a father to his family. His positive, attentive, and kind presence helped us grow as people as well.Dr. Karsten Loesing joined Tor in 2007 as a Google Summer of Code student to work on Distributed Tor Directory, and earned his PhD in Computer Science at Germany’s University of Bamberg in 2009 on a Tor-related topic, 'Distributed Storage for Tor Hidden Service Descriptors [PDF]'."

After more than a year's work, Xfce has announced the 4.16 release of the desktop. Highlights include window manager improvements, a new statustray panel plugin, fractional scaling, settings manager improvements, and lots more. "One of the corner-stones of the non-code changes concerns our migration to GitLab, which is a change in development workflow and a huge step forward in terms of becoming more contributor-friendly and welcoming. In parts, the humungous changelog of Xfce 4.16 can be attributed to new contributors proposing merge requests (288 merge requests were merged or closed against our core components alone!)."

Security updates have been issued by Fedora (xen) and SUSE (flac and openexr).

Security updates have been issued by Debian (spip and sympa), Gentoo (c-ares, cherokee, curl, dbus, firefox, gdk-pixbuf, haproxy, libass, nss, openssl, pdns, pdns-recursor, php, samba, tomcat, and webkit-gtk), and SUSE (java-1_8_0-ibm, openexr, and python3).

The LWN.net Weekly Edition for December 24, 2020 is available.

A recent blogpost from Purism—the company that developed PureOS to run on its security-focusedhardware—celebrates three years of FSF endorsementof the Linux distribution. While this endorsement is an achievement that is not ashighly valued by our communities as one might think, the work done toobtain and maintain that endorsement is useful even to those who disdainthe FSF or disagree with its definition of what makes a distribution "free". WhilePurism and PureOS have been on our radarfor a few years now, it seems worth a look at where things have gone withthe distribution—and the company behind it.

Security updates have been issued by Debian (awstats and mediawiki), Fedora (mbedtls and pngcheck), openSUSE (firefox and thunderbird), Oracle (gnutls, go-toolset:ol8, pacemaker, postgresql:10, postgresql:12, and postgresql:9.6), and SUSE (clamav, groovy, jetty-minimal, and xen).

The Perl project has announcedthe election of the first steering council to serve under the project's newgovernance rules. Eight candidates put their names in; the winners wereRicardo Signes, Neil Bowers, and Sawyer X.

On November 29, version 1.7 of SymPy, a Python library forsymbolic mathematics, was released. The new version brings a large numberof enhancements and bug fixes, and some minor backwardincompatibilities. While these are enumerated in detail in the releasenotes, we will take advantage of this opportunity to look at some ofthe things that can be done with SymPy and explore its interface optionsthrough several detailed examples.

Security updates have been issued by CentOS (kernel and thunderbird), Debian (openjdk-8 and webkit2gtk), Fedora (gdm, mingw-openjpeg2, and openjpeg2), Mageia (compat-openssl10, golang-googlecode-net, mbedtls, openssl, and virtualbox), openSUSE (ovmf and xen), Red Hat (kernel, mariadb-connector-c, mariadb:10.3, postgresql:10, and postgresql:9.6), and SUSE (ardana-cassandra, ardana-mq, ardana-osconfig, ardana-tempest, crowbar-core, crowbar-openstack, grafana, influxdb, openstack-cinder, openstack-heat, openstack-heat-gbp, openstack-heat-templates, openstack-horizon-plugin-gbp-ui, openstack-ironic-python-agent, openstack-manila, openstack-neutron, openstack-neutron-gbp, openstack-neutron-vpnaas, openstack-nova, python-Jinja2, python-pysaml2, python-pytest, python-urllib3, release-notes-suse-openstack-cloud, spark, ceph, crowbar-core, crowbar-openstack, grafana, influxdb, openstack-heat-templates, openstack-nova, python-Jinja2, firefox, java-1_7_0-ibm, java-1_7_1-ibm, PackageKit, and thunderbird).

Predictions are hard, as they say, especially when they are about thefuture. So perhaps your editor can be forgiven for not anticipating that2020 would be the sort of year that makes one think nostalgically abouttrips to the dentist, waiting in a crowded motor-vehicle office, orcrossing the Pacific in a row-47 middle seat. If only we had known howgood we had it. Be that as it may, this year is finally coming to an end.Read on for a look back at the year, starting with the ill-advised predictions made in January.

Stable kernels 5.10.2, 5.9.16, and 5.4.85 have been released with importantfixes. This is the last 5.9.y kernel, users should move to 5.10.y at thistime.

Security updates have been issued by Debian (curl, influxdb, lxml, node-ini, php-pear, and postsrsd), Fedora (chromium, curl, firefox, matrix-synapse, mingw-jasper, phpldapadmin, and thunderbird), Mageia (openjpeg2), openSUSE (gcc7, openssh, PackageKit, python-urllib3, slurm_18_08, and webkit2gtk3), Oracle (fapolicydbug, firefox, nginx:1.16, nodejs:12, and thunderbird), Red Hat (libpq, openssl, and thunderbird), and SUSE (curl, firefox, openssh, ovmf, slurm_17_11, slurm_18_08, slurm_20_02, and xen).

Karsten Wade, who has served on the CentOS board among other things, hasposted ablog entry on the CentOS change and its effects on users."Providing our community with a solid, reliable distro that is good-enough for your workloads is a strong part of the CentOS brand. We’re confident that CentOS Stream can do this.And while I’m certain now that CentOS Linux cannot do what CentOS Streamcan to solve the openness gap, I am confident that CentOS Stream can cover95% (or so) of current user workloads stuck on the various sides of theavailability gap. I believe that Red Hat will make solutions available aswell that can cover other sides of the gap without too much user heartburnin the end." He is asking for input on what those solutions shouldlook like.

When Linus Torvalds releasedthe 5.10 kernel, he noted that the 5.11 merge window would run upagainst the holidays. He indicated strongly that maintainers should sendhim pull requests early as a result. Maintainers appear to have listened;over 10,000 non-merge changesets were pulled into the mainline in the firstthree days of the 5.11 merge window. Read on for a summary of the mostsignificant changes in that flood of patches.

Security updates have been issued by Arch Linux (blueman, chromium, gdk-pixbuf2, hostapd, lib32-gdk-pixbuf2, minidlna, nsd, pam, and unbound), CentOS (gd, openssl, pacemaker, python-rtslib, samba, and targetcli), Debian (kernel, lxml, and mediawiki), Fedora (mbedtls), openSUSE (clamav and openssl-1_0_0), Oracle (firefox and openssl), Red Hat (openssl, postgresql:12, postgresql:9.6, and thunderbird), Scientific Linux (openssl and thunderbird), and SUSE (cyrus-sasl, openssh, slurm_18_08, and webkit2gtk3).

Device drivers usually live within a single kernel subsystem. Sometimes,however, developers need to handle functionalities outside of this model.Consider, for example, a network interface card (NIC) exposing both Ethernet andRDMA functionalities. There is one hardware block, but two drivers for thetwo functions. Those drivers need to work within their respectivesubsystems, but they must also share access to the same hardware. There isno standard way in current kernels to connect those drivers together, sodevelopers invent ad-hoc methods to handle the interaction betweenthem. Recently, Dave Ertman posteda patch set introducing a new type of a bus, called the "auxiliary bus", toaddress this problem.

Security updates have been issued by Debian (firefox-esr, sympa, thunderbird, tomcat8, and xerces-c), Fedora (fprintd, kernel, libfprint, and synergy), Mageia (bitcoin, dpic, firefox, jasper, jupyter-notebook, sam2p, thunderbird, and x11-server), Oracle (firefox, gd, kernel, net-snmp, openssl, python-rtslib, samba, and targetcli), Red Hat (fapolicyd, openshift, Red Hat Virtualization, and web-admin-build), SUSE (xen), and Ubuntu (unzip).

The LWN.net Weekly Edition for December 17, 2020 is available.

Python, at least in the CPython reference implementation, is not aparticularly speedy language. That is not at all surprising to anyone who has used it—the language is optimized forunderstandability and development speed, instead. There have been lots ofefforts over the years to speed up various parts of the interpreter,compiler, and virtual-machine bytecode execution, though no comprehensiveoverhaul has been merged into CPython. An interesting new proposal couldperhaps change that, though it is unclear at this point if it will take off.

Version 4.0 of the GTK toolkit has been released. "It isimpossible to summarize 4 years of development in a single post. We’vewritten detailed articles about many of the new things in this release overthe past year: Datatransfers, Eventcontrollers, Layoutmanagers, Rendernodes, Mediaplayback, Scalablelists, Shaders, Accessibility." GTK 2 has reached the end of its life.

Stable kernels 5.9.15 and 5.4.84 have been released. They both containimportant fixes and users should upgrade.

Security updates have been issued by Debian (firefox-esr), Fedora (mingw-openjpeg2, openjpeg2, and synergy), openSUSE (audacity and gdm), Oracle (libexif, libpq, and thunderbird), Red Hat (firefox, gnutls, go-toolset:rhel8, java-1.7.1-ibm, java-1.8.0-ibm, kernel, kernel-rt, linux-firmware, mariadb-connector-c, mariadb:10.3, memcached, net-snmp, nginx:1.16, nodejs:12, openssl, pacemaker, postgresql:10, python-django-horizon, python-XStatic-Bootstrap-SCSS, python-XStatic-jQuery, and python-XStatic-jQuery224), Scientific Linux (gd, kernel, pacemaker, python-rtslib, samba, and targetcli), SUSE (openssh, PackageKit, spice, and spice-gtk), and Ubuntu (firefox and imagemagick).

Hans Petter Jansson has done ananalysis of contributions to the GNOME project, raising some concernsabout how well the project is doing at bringing in new developers for thelong haul. "According to this, GNOME peaked at slightly above 1,400contributors in 2010 and went into decline with the GNOME 3.0 release thefollowing year. However, 2020 saw the most contributors in a long time,even with preliminary data — there’s still two weeks to go. Who knows ifit’s an anomaly or not. It’s been an atypical year across theboard."

On November 26, version 6.1 of GNU Octave, a language andenvironment for numerical computing, was released. There are several newfeatures and enhancements in this release, including improvements tographics output, better communication with web services, and over 40 newfunctions. We will take a look at where Octave fits into the landscape ofnumerical tools for scientists and engineers, and recount some of its longhistory.

Firefox 84.0 has been released. This version includes an acceleratedrendering pipeline for Linux/GNOME/X11 users and improved performance andcompatibility with Docker. This is the final release to support AdobeFlash. The release noteshave additional details.Firefox 78.6.0 ESR has also been released, with various stability,functionality, and security fixes. See the releasenotes for more information.

CloudLinux has put out a press release stating that it will commit over$1 million per year toward the creation and maintenance of a CentOSreplacement distribution. "CloudLinux is sponsoring Project Lenix, which will create a free, open-source, community-driven,1:1 binary compatible fork of RHEL 8 (and future releases). It will provide an uninterrupted way toconvert existing CentOS servers with absolutely zero downtime. Entire server fleets will be able tobe converted with a single command with no reinstallation and no reboots required."

Security updates have been issued by Debian (libxstream-java and xen), Fedora (curl), openSUSE (curl, kernel, mariadb, and openssl-1_1), Oracle (kernel, libexif, thunderbird, and xorg-x11-server), Red Hat (curl, gd, kernel, kernel-rt, linux-firmware, net-snmp, openssl, pacemaker, python-rtslib, samba, targetcli, and xorg-x11-server), Scientific Linux (libexif, thunderbird, and xorg-x11-server), and SUSE (clamav, gdm, and kernel).

Linus Torvalds releasedthe 5.10 kernel on December 13 at the end of a typical nine-week development cycle.At that point, 16,174 non-merge changesets had been pulled into themainline; that makes 5.10 a larger cycle than 5.9, but it falls just shortof the record set by 5.8, which ended with 16,308 changesets. For the mostpart 5.10 is just another routine kernel release, but there are a couple of interestingthings to be seen in the overall statistics.

The 5.10.1 stable kernel update has beenreleased on an expedited schedule; it contains reverts for a couple oflate-arriving 5.10 patches that turned out not to be as good an idea as itfirst seemed.

Security updates have been issued by Debian (lxml, openexr, openssl, and openssl1.0), Fedora (libpri, libxls, mediawiki, nodejs, opensc, php-wikimedia-assert, php-zordius-lightncandy, squeezelite, and wireshark), openSUSE (curl, openssh, openssl-1_0_0, python-urllib3, and rpmlint), Red Hat (libexif, libpq, and thunderbird), Slackware (p11), SUSE (kernel, Kubernetes, etcd, helm, openssl, openssl-1_0_0, and python), and Ubuntu (linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-snapdragon, and linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oracle, linux-raspi).

Linus has released the 5.10 kernel."I pretty much always wish that the last week was even calmer than itwas, and that's true here too. There's a fair amount of fixes in here,including a few last-minute reverts for things that didn't get fixed,but nothing makes me go 'we need another week'. Things look fairlynormal."Significant changes in this release includesupport for the Arm memory taggingextension,restricted rings for io_uring,sleepable BPF programs,the process_madvise()system call,ext4 "fast commits",and more. See the LWN merge-window summaries (part 1, part 2) and the KernelNewbies 5.10 pagefor more details.

The 5.9.14, 5.4.83, 4.19.163, 4.14.212, 4.9.248, and 4.4.248 stable kernelshave been released by Greg Kroah-Hartman. As usual, they contain importantfixes throughout the tree; users should upgrade.

Kernel development is a constant exercise in reducing overhead; anyresources taken by the kernel are not available for the workload that usersactually want to run. As part of this, the pagestructure used to manage memory has been kept as small as possible.Even so, page structures typically take up just over 1.5% of theavailable memory, which is too much for some users. LWN recently looked at DMEMFS as one approach to reducethis overhead, but that is not the only work happening in this area. Twodevelopers are currently working independently on patches to reduce theoverhead associated with huge pages in particular.

Security updates have been issued by Debian (minidlna and x11vnc), Fedora (pam), openSUSE (chromium, minidlna, nsd, openssl-1_1, and pngcheck), SUSE (gcc7 and kernel), and Ubuntu (lxml and squirrelmail).

For years, the CentOS distribution hasbeen a reliable resource for anybody wanting to deploy systems with astable, maintained Linux base that "just works". At one point, it was reportedto be the platform on which 30% of all web servers were run. CentOS hashad its ups and downs over the years; for many, the December 8 announcementthat CentOS will be "shifting focus" will qualify as the final"down". Regardless of whether this change turns out to be a good thing, itcertainly marks the end of an era that began in 2004.

The OpenWrt project has released two updates:18.06.9 and19.07.5.Both contain a number of important fixes, including a few with CVE numbersattached. Also notable is that 18.06.9 is the last update for 18.06; userswill need up upgrade to 19.07 for continued support.

Security updates have been issued by Arch Linux (ant, cimg, containerd, libproxy, libproxy-mozjs, libproxy-webkit, libslirp, python-lxml, tomcat8, tomcat9, and xorg-server), CentOS (firefox and thunderbird), Debian (apt, linux-4.19, python-apt, and sqlite3), Fedora (ceph, chromium, containerd, matrix-synapse, mingw-openjpeg2, openjpeg2, python-authlib, python-canonicaljson, and spice-gtk), Mageia (chromium-browser-stable), openSUSE (chromium and pngcheck), Slackware (curl), SUSE (clamav, curl, openssh, openssl-1_0_0, openssl-1_1, openssl1, python-pip, python-scripttest, python-urllib3, and xen), and Ubuntu (apt, curl, and python-apt).

The LWN.net Weekly Edition for December 10, 2020 is available.

There can be no doubt that general-purpose computing has been a boon to theworld. The ability to run different kinds of programs, from varioussources, including bought from companies, written from scratch, and, well,built from source, is something that we take for granted on many—most—ofthe computing devices that we own.But that model seems to be increasingly disappearing in many kinds of devices,including personal computers, as a recent kerfluffle in the Apple worldhelps to demonstrate.

Security updates have been issued by Debian (golang-golang-x-net-dev, python-certbot, and xorg-server), Fedora (resteasy, scap-security-guide, and vips), openSUSE (chromium, python, and rpmlint), SUSE (kernel), and Ubuntu (aptdaemon, curl, gdk-pixbuf, lxml, and openssl, openssl1.0).

GNU Autoconf 2.70 is out. "Noteworthy changes include support for the2011 revisions of the C and C++ standards, support for reproduciblebuilds, improved support for cross-compilation, improved compatibilitywith current compilers and shell utilities, more efficient generatedshell code, and many bug fixes." See this article for more information on what hasbeen happening with Autoconf.

Fedora has long had Workstation and Server editions and, back inAugust, added an edition for Internet of Things (IoT) devices. Those editions target different use cases forthe distribution, as does the CoreOS "spin" (or "emergingedition"), which targets cloud and Kubernetes deployments. A proposal toelevate Fedora CoreOS to a full edition as part of Fedora 34 wasrecently discussed on the Fedora devel mailing list. As part of that, whatit means for a distribution to be part of Fedora was discussed as well.

Stable kernels 5.9.13, 5.4.82, 4.19.162, and 4.14.211 have been released. They containimportant fixes and users should upgrade.

Security updates have been issued by Debian (minidlna, openssl, and trafficserver), Mageia (oniguruma, php-pear, python, python3, and x11vnc), openSUSE (minidlna), Oracle (kernel and net-snmp), Red Hat (kernel, mariadb-galera, microcode_ctl, and net-snmp), Slackware (seamonkey), SUSE (thunderbird and xen), and Ubuntu (xorg-server).

Red Hat has announcedan end to the CentOS distribution as we know it. CentOS will be replacedby "CentOS Stream", which looks like a sort of beta test for changes goinginto Red Hat Enterprise Linux. Support for CentOS 7 will continue asscheduled, but support for CentOS 8 will go away at the end of 2021."When CentOS Linux 8 (the rebuild of RHEL8) ends, your best optionwill be to migrate to CentOS Stream 8, which is a small delta from CentOSLinux 8, and has regular updates like traditional CentOS Linux releases. Ifyou are using CentOS Linux 8 in a production environment, and are concernedthat CentOS Stream will not meet your needs, we encourage you to contactRed Hat about options."More information can be found in this FAQ. "CentOS Streamwill be getting fixes and features ahead of RHEL. Generally speaking, weexpect CentOS Stream to have fewer bugs and more runtime features than RHELuntil those packages make it into the RHEL release."Update: see also thisblog post from Chris Wright.

Version 6.0 of the Qtinterface framework is available. "Qt 6.0 is a starting point forthe next generation of Qt. It is not yet as feature-complete as 5.15, butwe will fill the gaps within the months to come. We've done a lot ofimportant work in laying out the foundations of the next version ofQt. Many of those changes might not be immediately visible, but I firmlybelieve they will help keep Qt competitive in the years to come."Changes include moving to C++17, the completion of the Unicode transition,a move away from OpenGL to a new internal rendering interface, additional3D capabilities, and more.