A new set of stable kernels
Greg Kroah-Hartman has announced the release of the 6.8.9, 6.6.30,
6.1.90, 5.15.158, 5.10.216, 5.4.275, and 4.19.313 stable kernels. As is the norm, they
contain lots of important fixes throughout the kernel tree. ⌘ Read more
[$] Inheritable credentials for directory file descriptors
In Unix-like systems, an open file descriptor carries the right to access
the opened object in specific ways. As a general rule, that file
descriptor does not enable access to any other objects. The
recently merged BPF token feature runs
counter to this practice by creating file descriptors that carry specific
BPF-related access rights. A similar but different approach to
capability-carrying file descriptors, in the form of directory file
… ⌘ Read more
Rust 1.78.0 released
Version\
1.78.0 of the Rust language has been released. Changes include a new
mechanism for diagnostic attributes, changes to how assertions around
unsafe blocks are handled, and more.
Rust now supports a #[diagnostic] attribute namespace to
influence compiler error messages. These are treated as hints which
the compiler is not required to use, and it is also not an error to
provide a diagnostic that the compiler doesn’t recognize. This
flexi … ⌘ Read more
Security updates for Thursday
Security updates have been issued by Debian (chromium and distro-info-data), Fedora (et, php-tcpdf, python-aiohttp, python-openapi-core, thunderbird, tpm2-tools, and tpm2-tss), Red Hat (nodejs:16 and podman), and Ubuntu (firefox). ⌘ Read more
[$] LWN.net Weekly Edition for May 2, 2024
The LWN.net Weekly Edition for May 2, 2024 is available. ⌘ Read more
GNU nano 8.0 released
Version 8.0 of the terminal text editor GNU nano has been
released. This update includes several changes to keybindings to be
more newcomer-friendly, such as remapping Ctrl-F to forward-search and
adding an option for modern bindings:
Command-line option –modernbindings (-/) makes ^Q quit, ^X cut,
^C copy, ^V paste, ^Z undo, ^Y redo, ^O open a file, ^W write a
file, ^R replace, ^G find again, ^D find again backwards, ^A set
the mark, ^T jump to a line, ^P show the posi … ⌘ Read more
[$] A look at Ubuntu Desktop LTS 24.04
Ubuntu 24.04 LTS, code-named “Noble Numbat”, was released on April 25. This release includes GNOME 46, installer updates,
security enhancements, a lot of updated packages, and a new App Center
that puts a heavy emphasis on using Snaps to install software. It is not an ambitious release, but it brings enough to the table that it’s a worthwhile update. ⌘ Read more
Dolstra steps down from NixOS Foundation board
The NixOS Foundation board
announced on April 30 that Eelco Dolstra is stepping down from the board
following the recent calls for his resignation.
Eelco is the principal author of Nix and undoubtedly a central figure in the
ecosystem that grew around it. We confirm that Eelco showed no intention to be
perceived as or act like the BDFL [Benevolent Dictator … ⌘ Read more
Security updates for Wednesday
Security updates have been issued by Debian (nghttp2 and qtbase-opensource-src), Mageia (cjson, freerdp, guava, krb5, libarchive, and mediawiki), Oracle (container-tools:4.0 and container-tools:ol8), Red Hat (bind, buildah, container-tools:3.0, container-tools:rhel8, expat, gnutls, golang, grafana, kernel, kernel-rt, libreswan, libvirt, linux-firmware, mod_http2, pcp, pcs, podman, python-jwcrypto, rhc-worker-script, shadow-utils, skopeo, sssd, tigervnc, unbound, and yajl), SUSE (kern … ⌘ Read more
[$] Security patterns and anti-patterns in embedded development
When it comes to security, telling developers to do (or not do)
something can be ineffective. Helping them understand the why behind
instructions, by illustrating good and bad practices using stories, can be
much more effective. With several such stories Marta
Rybczyńska fashioned an interesting talk
about patterns … ⌘ Read more
Yocto Project 5.0 released
Version
5.0 of the Yocto Project
distribution builder has been released. The list of new features is long;
see the\
release notes for the details. ⌘ Read more
“run0” as a sudo replacement
This\
Mastodon stream from Lennart Poettering describes a sudo
replacement — called run0 — that will be part of the upcoming
systemd 256 release. It takes a rather different approach to the execution
of privileged commands, avoiding the use of setuid (which he calls “SUID”)
permissions entirely.
So, in my ideal world, we’d have an OS entirely without SUID. Let’s
throw out the concept of SUID on the dump of UNIX’ bad ideas. An
execution contex … ⌘ Read more
Git 2.45.0 released
Version 2.45.0 of the Git
source-code management system has been released. Changes include a new
list command for git reflog, a couple of new
configuration variables for git diff, the ability to drop
redundant commits while cherry-picking, a number of performance
improvements, and more. ⌘ Read more
Security updates for Tuesday
Security updates have been issued by Debian (org-mode), Oracle (shim and tigervnc), Red Hat (ansible-core, avahi, buildah, container-tools:4.0, containernetworking-plugins, edk2, exfatprogs, fence-agents, file, freeglut, freerdp, frr, grub2, gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, harfbuzz, httpd, ipa, kernel, libjpeg-turbo, libnbd, LibRaw, libsndfile, libssh, libtiff, libvirt, libX11, libXpm, mingw components, mingw-glib2, mingw-pixman, mod_http2, mod_j … ⌘ Read more
Amarok 3.0 “Castaway” released
The Amarok music player project
has announced
the release of version 3.0, which is codenamed “Castaway”. It is the first
stable version using Qt 5 and KDE Frameworks 5, and the first stable
release since the final Qt-4-based 2.9.0 in 2018.
The road to 3.0 has not been a short one. Much of the Qt5/KF5 porting was done in 2015 already, but finishing and polishing everything up has been a slow, sometimes ong … ⌘ Read more
[$] A leadership crisis in the Nix community
On April 21, a group of anonymous authors and non-anonymous signatories published
a lengthy open letter to the
Nix community
and Nix founder Eelco Dolstra calling for his resignation from the project. They
claimed ongoing problems with the project’s leadership, primarily focusing on the
way his actions have allegedly
undermined people nominally empowered to perform various
moderation and governance tasks. Since its release, the letter … ⌘ Read more
Security updates for Monday
Security updates have been issued by AlmaLinux (buildah, go-toolset:rhel8, golang, java-11-openjdk, java-21-openjdk, libreswan, thunderbird, and tigervnc), Debian (chromium, emacs, frr, mediawiki, ruby-rack, trafficserver, and zabbix), Fedora (chromium, grub2, python-idna, and python-reportlab), Mageia (chromium-browser-stable, firefox, opencryptoki, and thunderbird), Red Hat (container-tools:4.0, container-tools:rhel8, git-lfs, and shim), SUSE (frr, java-11-openjdk, java-1_8_0-ope … ⌘ Read more
McQueen: Update from the GNOME board
Robert McQueen has posted a message\
from the GNOME Foundation board describing the current financial
situation, plans to improve it, and an increase in the size of the board.
The Foundation has a reserves policy which specifies a minimum
amount of money we have to keep in our accounts. This is so that if
there is a significant interruption to our usual income, we can
preserve our core operations while we work on new funding
… ⌘ Read more
Kernel prepatch 6.9-rc6
The 6.9-rc6 kernel prepatch is out for
testing.
Things continue to look pretty normal, and nothing here really
stands out. The biggest single change that stands out in the
diffstat is literally a documentation update, everything else looks
pretty small and spread out. ⌘ Read more
Four weekend stable kernel releases
The
6.8.8,
6.6.29,
6.1.88, and
5.15.157
stable kernels have been released; each contains another set of important
fixes. ⌘ Read more
[$] Giving Rust a chance for in-kernel codecs
Video playback is undeniably one of the most important features in modern
consumer devices. Yet, surprisingly, users are by and large unaware of the
intricate engineering involved in the compression and decompression of
video data, with codecs being left to find a delicate balance between image
quality, bandwidth, and power consumption. In response to constant
performance pressure, video codecs have become complex and hardware
implementations are now common, but programming these devices i … ⌘ Read more
[$] Support for the TSO memory model on Arm CPUs
At the CPU level, a memory model describes, among other things, the amount
of freedom the processor has to reorder memory operations. If low-level
code does not take the memory model into account, unpleasant surprises are
likely to follow. Naturally, different CPUs offer different memory models,
complicating the portability of certain types of concurrent software. To
make life easier, some Arm CPUs offer the ability to emulate the x86 memory
model, but efforts to make that feature avail … ⌘ Read more
Security updates for Friday
Security updates have been issued by Debian (knot-resolver, pdns-recursor, and putty), Fedora (xen), Mageia (editorconfig-core-c, glibc, mbedtls, webkit2, and wireshark), Oracle (buildah), Red Hat (buildah and yajl), Slackware (libarchive), SUSE (dcmtk, openCryptoki, php7, php74, php8, python-gunicorn, python-idna, qemu, and thunderbird), and Ubuntu (cryptojs, freerdp2, nghttp2, and zabbix). ⌘ Read more
[$] Python JIT stabilization
On April 11, Brandt Bucher posted
PEP 744 (“JIT Compilation”),
which summarizes the current state of Python’s new copy-and-patch just-in-time (JIT) compiler. The JIT is currently
experimental, but the PEP proposes some criteria for the circumstances under which it
should become a non-experimental part of Python.
The discussion of the PEP hasn’t
reached a conclusion, but
seve … ⌘ Read more
Ubuntu 24.04 LTS (Noble Numbat) released
Version 24.04 LTS of the Ubuntu distribution is out.
This release continues Ubuntu’s proud tradition of integrating the
latest and greatest open source technologies into a high-quality,
easy-to-use Linux distribution. The team has been hard at work
through this cycle, together with the community and our partners,
to introduce new features and fix bugs.
The list of changes and enhancements is long; click below for some details.
More information can be found in [the\
release notes … ⌘ Read more