[$] LWN.net Weekly Edition for May 9, 2024
The LWN.net Weekly Edition for May 9, 2024 is available. ⌘ Read more

[$] Securing Git repositories with gittuf
The so-called software supply chain starts with source code. But most security measures and tooling
don’t kick in until source is turned into an artifact—a source
tarball, binary build, container image, or other method of delivering a
release to users. The gittuf project
is an attempt to provide a security layer for Git that can handle key management,
enforce security policies for repositories, and guard against attacks
at the version-control laye … ⌘ Read more

Fedora Asahi Remix 40 is now available
Fedora Magazine reports
that the Fedora Asahi\
Remix for Apple Arm hardware, based on Fedora\
40, is now available:

Fedora Asahi Remix offers KDE Plasma 6 as our flagship desktop
experience. It also features a custom Calamares-based initial setup
wizard. A GNOME variant is also … ⌘ Read more

Security updates for Wednesday
Security updates have been issued by Debian (glib2.0 and php7.3), Gentoo (Commons-BeanUtils, Epiphany, glibc, MariaDB, Node.js, NVIDIA Drivers, qtsvg, rsync, U-Boot tools, and ytnef), Oracle (kernel), Red Hat (git-lfs and kernel), SUSE (flatpak, less, python311, rpm, and sssd), and Ubuntu (libde265, libvirt, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp,
linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4,
linux-iot, linux-kvm, linux-or … ⌘ Read more

[$] A proposal to switch Fedora Workstation’s desktop
A proposal to switch the default desktop for Fedora Workstation from GNOME
to KDE Plasma largely went over like the proverbial lead balloon—unsurprisingly.
But the
conversation about the proposal did surface some areas where the
distribution could
perhaps be more inclusive with regard to the other desktop choices
available. The project believes that it
benefits from being opinionated and not requiring users to make
multiple decisions before they can even install the distribution, b … ⌘ Read more

[$] Systemd heads for a big round-number release
The
systemd project is preparing for a new release.
Version 256-rc1 was released
on April 25 with a large number of changes and new features. Most of the
changes relate to security, easier configuration, unprivileged access to system
resources, or all three of these. Users of systemd will find setting up
containers — even without root access — much simpler and more secure. ⌘ Read more

GCC 14.1 released
Version\
14.1 of the GCC compiler suite has been released. The list of changes
is long; it includes support for more C++26 features, preparation for
Fortran 2023 support, a new -fhardened flag to enable
security-hardening features, vectorizer improvements, and a number of static-analyzer improvements. See the release notes for
details. ⌘ Read more

Secure Randomness in Go 1.22 (Go Blog)
The Go Blog has a detailed\
article on the new, more secure random-number generator implemented for
the 1.22 release.

For example, when Go 1.20 deprecated math/rand’s Read, we heard
from developers who discovered (thanks to tooling pointing out use
of deprecated functionality) they had been using it in places where
crypto/rand’s Read was definitely needed, like generating key
material. Using Go 1.20, that mistake is a serious security problem
t … ⌘ Read more

Security updates for Tuesday
Security updates have been issued by Debian (kernel), Gentoo (libjpeg-turbo, xar, and Xpdf), Red Hat (bind, dhcp and glibc), and SUSE (bouncycastle, curl, flatpak, less, and xen). ⌘ Read more

2023 PSF annual impact report
The Python Software\
Foundation (PSF) has announced
its annual\
impact report for 2023. The report includes updates from PSF staff
as well as summaries of the foundation’s activities, financials, and
infrastructure. The PSF celebrated the
20th anniversary of PyCon US, distributed more than $370,000 in grants, and
enjoyed impressive traf … ⌘ Read more

Stenberg: I survived curl up 2024
Daniel Stenberg has
posted a report about the recent curl up conference about
curl development. It was held over two days in
Stockholm. The report has short summaries of the talks with links to the
recordings.

curl up is never a big meeting/conference but we have in the past
sometimes been around twenty-five attendees. This year’s amount of
fifteen was the smallest so far, but in this small set of people we
… ⌘ Read more

[$] Modernizing accessibility for desktop Linux
In some aspects, such as in gaming, the Linux desktop has made
enormous strides in the past few years. In others, such as
accessibility, things have stagnated. At Open Source Summit North America (OSSNA), Matt Campbell spoke
about the need for, and an approach to, modernizing accessibility for
desktop … ⌘ Read more

The 2023 FSF Free Software Awards
The Free Software Foundation has announced
the recipients of its 2023 Free Software Awards: Bruno Haible for work on
gnulib, Nick Logozzo as
the “outstanding new free software contributior”, and code.gouv.fr for projects of social
benefit.

When presenting the award to Haible, FSF executive director Zoë
Kooyman c … ⌘ Read more

Security updates for Monday
Security updates have been issued by Debian (glibc, intel-microcode, less, libkf5ksieve, and ruby3.1), Fedora (chromium, gdcm, httpd, and stalld), Gentoo (Apache Commons BCEL, borgmatic, Dalli, firefox, HTMLDOC, ImageMagick, MediaInfo, MediaInfoLib, MIT krb5, MPlayer, mujs, Pillow, Python, PyPy3, QtWebEngine, Setuptools, strongSwan, and systemd), Oracle (grub2 and shim), Red Hat (git-lfs, kpatch-patch, unbound, and varnish), and SUSE (avahi, grafana and mybatis, java-11-openjdk, java … ⌘ Read more

Kernel prepatch 6.9-rc7
The 6.9-rc7 kernel prepatch is out for
testing. “The stats for 6.9 continue to look very normal, and nothing
looks particularly alarming.” ⌘ Read more