# Twtxt is an open, distributed microblogging platform that # uses human-readable text files, common transport protocols, # and free software. # # Learn more about twtxt at https://github.com/buckket/twtxt # # This is an automated Yarn.social feed running feeds v0.1.0@72e53a9 # Learn more about Yarn.social at https://yarn.social # # nick = lwn-net # url = https://feeds.twtxt.net/lwn-net/twtxt.txt # type = rss # source = https://lwn.net/headlines/newrss # avatar = # description = # updated_at = 2023-03-24T19:39:29Z # 2022-06-20T14:10:52Z **Security updates for Monday**
Security updates have been issued by **Debian** (cyrus-imapd, exo, sleuthkit, slurm-wlm, vim, and vlc), **Fedora** (golang-github-docker-libnetwork, kernel, moby-engine, ntfs-3g-system-compression, python-cookiecutter, python2.7, python3.6, python3.7, python3.8, python3.9, rubygem-mechanize, and webkit2gtk3), **Mageia** (bluez, dnsmasq, exempi, halibut, and php), **Oracle** (.NET 6.0, .NET Core 3.1, and xz), **SUSE** (chafa, firejail, kernel, python-Twisted, and tensorflow2), and **Ubuntu** (intel-microcode ... ⌘ [Read more](https://lwn.net/Articles/898413/) 2022-06-20T20:35:19Z **[$] NFS: the early years**
I recently had cause to reflect on the changes to the [NFS (Network File\
System)](https://en.wikipedia.org/wiki/Network_File_System) protocol over the years and found that it was a story worth
telling. It would be easy for such a story to become swamped by the
details, as there are many of those, but one idea does stand out from
the rest. The earliest version of NFS has been described as a
"stateless" protocol, a term I still hear used occasionally. Much of
the story of NFS follows the growth in the acknowled ... ⌘ [Read more](https://lwn.net/Articles/897917/) 2022-06-20T21:00:42Z **Meta: Transparent memory offloading**
[This\
Meta blog post](https://engineering.fb.com/2022/06/20/data-infrastructure/transparent-memory-offloading-more-memory-at-a-fraction-of-the-cost-and-power/) by Johannes Weiner and Dan Schatzberg describes a set of
memory-management changes used there that they call "transparent memory
offloading".

> Transparent Memory Offloading (TMO) is Meta’s solution for
> heterogeneous data center environments. It introduces a new Linux
> kernel mechanism that measures the lost work due to resource
> sho ... ⌘ [Read more](https://lwn.net/Articles/898454/) 2022-06-21T13:31:57Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (tzdata), **Oracle** (cups), and **SUSE** (atheme, golang-github-prometheus-alertmanager, golang-github-prometheus-node\_exporter, node\_exporter, python36, release-notes-susemanager, release-notes-susemanager-proxy, SUSE Manager 4.1.15 Release Notes, SUSE Manager Client Tools, and SUSE Manager Server 4.2). ⌘ [Read more](https://lwn.net/Articles/898504/) 2022-06-21T16:40:26Z **[$] Disabling an extent optimization**
In the final filesystem session at the
[2022 Linux Storage,\
Filesystem, Memory-management and BPF Summit](https://events.linuxfoundation.org/lsfmm/) (LSFMM), David Howells led
a discussion on a filesystem optimization that is causing various kinds of
problems. Extent-based filesystems have data structures that sometimes do
not reflect the holes
that exist in files. Reads from holes in sparse files (i.e. files with
holes) must return zeroes, but filesystems are not obligated to maintain knowledge o ... ⌘ [Read more](https://lwn.net/Articles/898029/) 2022-06-22T13:43:36Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (exo and ntfs-3g), **Fedora** (collectd, golang-github-cli-gh, grub2, qemu, and xen), **Red Hat** (httpd:2.4, kernel, and postgresql), **SUSE** (drbd, fwupdate, neomutt, and trivy), and **Ubuntu** (apache2, openssl, openssl1.0, and qemu). ⌘ [Read more](https://lwn.net/Articles/898605/) 2022-06-22T14:29:02Z **Four stable kernel updates**
The
[5.18.6](https://lwn.net/Articles/898621/),
[5.15.49](https://lwn.net/Articles/898622/),
[5.10.124](https://lwn.net/Articles/898623/), and
[5.4.200](https://lwn.net/Articles/898624/)
stable kernel updates have been released; each contains another set of
important fixes. ⌘ [Read more](https://lwn.net/Articles/898620/) 2022-06-22T18:21:23Z **[$] Introducing PyScript**
In a keynote at [PyCon 2022](https://us.pycon.org/2022/) in Salt
Lake City, Utah, Peter Wang introduced another entrant in the field of
in-browser Python interpreters. The Python community has long sought a way
to be able to write Python—instead of JavaScript—to run in web browsers, and there
have been various efforts to do so over the years. Wang announced [PyScript](https://pyscript.net/) as a new framework, built atop
one of those earlier projects, to allow
Python scripting directly within the browser; thos ... ⌘ [Read more](https://lwn.net/Articles/898452/) 2022-06-22T20:21:22Z **Wielaard: Sourceware – GNU Toolchain Infrastructure roadmap**
Mark Wielaard [writes\
about improvements at Sourceware](https://gnu.wildebeest.org/blog/mjw/2022/06/22/sourceware-gnu-toolchain-infrastructure-roadmap/), the site that holds the repository
for many projects in the GNU toolchain and beyond.

> Although email based git workflows are great for real patch
> discussions, they do not always make tracking the state of patches
> easy. Just like our other services, such as bugzilla, mailinglists
> and git repos, we like to provide ... ⌘ [Read more](https://lwn.net/Articles/898655/) 2022-06-23T00:21:24Z **[$] LWN.net Weekly Edition for June 23, 2022**
The LWN.net Weekly Edition for June 23, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/898157/) 2022-06-23T12:31:11Z **Security updates for Thursday**
Security updates have been issued by **Debian** (chromium, firejail, and request-tracker4), **Fedora** (ghex, golang-github-emicklei-restful, and openssl1.1), **Oracle** (postgresql), **Scientific Linux** (postgresql), **Slackware** (openssl), **SUSE** (salt and tor), and **Ubuntu** (apache2 and squid, squid3). ⌘ [Read more](https://lwn.net/Articles/898720/) 2022-06-23T13:50:18Z **[$] Whatever happened to SHA-256 support in Git?**
The news has been [proclaimed](https://duo.com/decipher/sha-1-fully-and-practically-broken-by-new-collision)
loudly and often: the SHA-1 hash algorithm is terminally broken and should
not be used in any situation where security matters. Among other things,
this news gave some impetus to [the longstanding\
effort](https://lwn.net/Articles/811068/) to support a more robust hash algorithm in the Git source-code
management system. As time has passed, though, that work seems to have
slowed t ... ⌘ [Read more](https://lwn.net/Articles/898522/) 2022-06-23T16:19:31Z **DeVault: GitHub Copilot and open source laundering**
Drew DeVault [takes\
issue](https://drewdevault.com/2022/06/23/Copilot-GPL-washing.html) with GitHub's "Copilot" offering and [the licensing issues](https://lwn.net/Articles/862769/) that it raises:

> GitHub’s Copilot is trained on software governed by these terms,
> and it fails to uphold them, and enables customers to accidentally
> fail to uphold these terms themselves. Some argue about the risks
> of a “copyleft surprise”, wherein someone incorporates a GPL
> licensed work in ... ⌘ [Read more](https://lwn.net/Articles/898772/) 2022-06-24T13:03:29Z **Security updates for Friday**
Security updates have been issued by **Fedora** (ntfs-3g and ntfs-3g-system-compression), **SUSE** (389-ds, chafa, containerd, mariadb, php74, python3, salt, and xen), and **Ubuntu** (apache2). ⌘ [Read more](https://lwn.net/Articles/898925/) 2022-06-24T13:47:34Z **[$] NFS: the new millennium**
The network filesystem (NFS) protocol has been with us for nearly 40 years.
While defined initially as a stateless protocol, NFS implementations have
always had to manage state, and that need has been increasingly built into
the protocol over successive revisions. The early days of NFS were
discussed, with a focus on state management, in the [first part of this series](https://lwn.net/Articles/897917/). This article
completes the job with a look at the evolution of NFS since, approximately,
the beginning of ... ⌘ [Read more](https://lwn.net/Articles/898262/) 2022-06-26T17:49:11Z **Another set of stable kernel updates**
The
[5.18.7](https://lwn.net/Articles/899092/),
[5.15.50](https://lwn.net/Articles/899091/),
[5.10.125](https://lwn.net/Articles/899090/),
[5.4.201](https://lwn.net/Articles/899089/),
[4.19.249](https://lwn.net/Articles/899086/),
[4.14.285](https://lwn.net/Articles/899087/), and
[4.9.320](https://lwn.net/Articles/899088/)
stable updates have all been released. The 5.x updates are relatively
small, but the 4.x updates contain a fair number of backported
random-number-generator improvements along wit ... ⌘ [Read more](https://lwn.net/Articles/899085/) 2022-06-26T22:45:32Z **Kernel prepatch 5.19-rc4**
The [5.19-rc4](https://lwn.net/Articles/899107/) kernel prepatch is out for
testing.

> So we've had a couple of fairly small rc releases, and here we finally
> start to see an uptick in commits in rc4. Not what I really want to
> see in the middle of the release cycle, but not entirely surprising
> considering how quiet it's been so far. ⌘ [Read more](https://lwn.net/Articles/899108/) 2022-06-27T13:43:13Z **Security updates for Monday**
Security updates have been issued by **Debian** (openssl), **Fedora** (dotnet6.0, mediawiki, and python2.7), **Mageia** (389-ds-base, chromium-browser-stable, exo, and libtiff), **Oracle** (httpd:2.4 and microcode\_ctl), **SUSE** (dbus-broker, drbd, kernel, liblouis, mariadb, openssl, openssl-1\_1, openSUSE kernel modules, oracleasm, php7, php72, python39, salt, and wdiff), and **Ubuntu** (linux, linux-hwe, mozjs91, and vim). ⌘ [Read more](https://lwn.net/Articles/899158/) 2022-06-27T14:05:27Z **Ojeda: Memory Safety for the World’s Largest Software Project**
Miguel Ojeda has posted [an\
update on the Rust-for-Linux project](https://www.memorysafety.org/blog/memory-safety-in-linux-kernel/).

> This second year since the RFC we are looking forward to several
> milestones which hopefully we will achieve:
>
> - More users or use cases inside the kernel, including example drivers – this is pretty important to get merged into the kernel.
>
> - Splitting the kernel crate and managing dependencies to allow better development.
>
> - Ex ... ⌘ [Read more](https://lwn.net/Articles/899164/) 2022-06-27T14:11:39Z **KDE Apps Mid-Year Update (KDE.news)**
Here's [an\
update on recent KDE application development](https://dot.kde.org/2022/06/25/kde-apps-mid-year-update) on KDE.news:

> KStars is probably the most feature-rich free astronomy software around and the 3.5.9
> release adds some exciting new features.
>
> HiPS (Hierarchical Progressive Surveys) is a technology that provides
> progressive high resolution images of the sky at different zoom
> levels. KStars fully supports online HiPS where data is downloaded from
> online servers and cached to ... ⌘ [Read more](https://lwn.net/Articles/899167/) 2022-06-27T14:55:07Z **[$] Two memory-tiering patch sets**
Once upon a time, computers just had one type memory, so memory within
a given system was interchangeable. The arrival of non-uniform
memory access (NUMA) systems complicated the situation significantly; now
some memory was faster to access than the rest, and memory-management
algorithms had to adapt or performance would suffer. But NUMA was just the
start; today's tiered-memory systems, which may include several tiers of
memory with different performance characteristics, are adding new
challenges. A ... ⌘ [Read more](https://lwn.net/Articles/898766/) 2022-06-27T21:45:58Z **Git 2.37.0 released**
[Version 2.37.0](https://lwn.net/ml/git/xmqqy1xinf00.fsf@gitster.g/) of the Git
source-code management system has been released. Highlights include a new
object-pruning mechanism called " [cruft packs](https://git-scm.com/docs/cruft-packs)", full
integration of the [sparse\
index](https://github.blog/2021-11-10-make-your-monorepo-feel-small-with-gits-sparse-index/), and more; see [this GitHub\
blog post](https://github.blog/2022-06-27-highlights-from-git-2-37/) for more information. ⌘ [Read more](https://lwn.net/Articles/899201/) 2022-06-28T13:22:47Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (nodejs and squid), **Fedora** (uboot-tools), **Red Hat** (kernel-rt, kpatch-patch, and python), **SUSE** (drbd, openssl-1\_0\_0, oracleasm, and rubygem-rack), and **Ubuntu** (curl). ⌘ [Read more](https://lwn.net/Articles/899239/) 2022-06-28T15:13:00Z **Firefox 102.0 released**
[Version\
102.0](https://www.mozilla.org/en-US/firefox/102.0/releasenotes/) of the Firefox browser is out. Changes include the ability to
disable the download panel that otherwise materializes on every download
and the [stripping\
of certain query parameters](https://groups.google.com/a/mozilla.org/g/firefox-dev/c/osQQROd2jKA) in [extended\
tracking protection mode](https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop). The stripping will be the default for
private browsing in the ne ... ⌘ [Read more](https://lwn.net/Articles/899264/) 2022-06-28T19:20:46Z **[$] A "fireside" chat**
In something of an Open Source Summit tradition, Linus Torvalds and Dirk
Hohndel sit down for a discussion on various topics related to open source
and, of course, the Linux kernel. [Open\
Source Summit North America](https://events.linuxfoundation.org/open-source-summit-north-america/) (OSSNA) 2022 in Austin, Texas was no
exception, as they reprised their keynote on the first day of the
conference. The headline-grabbing part of the chat was Torvalds's
declaration that [Rust for\
Linux](https://github.com/Rust-fo ... ⌘ [Read more](https://lwn.net/Articles/899182/) 2022-06-28T21:06:40Z **Vim 9.0 released**
[Version 9.0](https://www.vim.org/vim90.php) of the Vim text
editor has been released. The biggest change would appear to be the
addition of the "Vim9 Script" language for editor customization:

> The main goal of Vim9 script is to drastically improve
> performance. This is accomplished by compiling commands into
> instructions that can be efficiently executed. An increase in
> execution speed of 10 to 100 times can be expected.
>
> A secondary goal is to avoid Vim-specific constructs and get closer
> to commonly ... ⌘ [Read more](https://lwn.net/Articles/899302/) 2022-06-29T13:05:18Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (blender, libsndfile, and maven-shared-utils), **Fedora** (openssl), **Red Hat** (389-ds-base, kernel, kernel-rt, kpatch-patch, and python-virtualenv), **Scientific Linux** (389-ds-base, kernel, python, and python-virtualenv), and **Slackware** (curl, mozilla, and openssl). ⌘ [Read more](https://lwn.net/Articles/899364/) 2022-06-29T13:09:39Z **Thunderbird 102 released**
[Version\
102](https://blog.thunderbird.net/2022/06/thunderbird-102-released-a-serious-upgrade-to-your-communication/) of the Thunderbird email client has been released.

> It features refreshed icons, color folders, and quality-of-life
> upgrades like the redesigned message header. It ushers in a brand
> new Address Book to bring you closer than ever to the people you
> communicate with. Plus useful new tools to help you manage your
> data, navigate the app faster, and boost your productivity. We’re
> ev ... ⌘ [Read more](https://lwn.net/Articles/899365/) 2022-06-29T13:34:58Z **Four more stable kernel updates**
The
[5.18.8](https://lwn.net/Articles/899369/),
[5.15.51](https://lwn.net/Articles/899370/),
[5.10.127](https://lwn.net/Articles/899371/), and
[5.4.202](https://lwn.net/Articles/899372/)
stable kernel updates have been released; each contains another set of
important fixes. ⌘ [Read more](https://lwn.net/Articles/899368/) 2022-06-29T14:17:11Z **A Rust-in-GCC update**
Philip Herron has posted an update on the status of the GCC front-end
compiler for the Rust language.

> For some context, my current project plan brings us to November
> 2022 where we (unexpected events permitting) should be able to
> support valid Rust code targeting Rustc version ~1.40 and reuse
> libcore, liballoc and libstd. This date does not account for the
> borrow checker feature and the proc macro crate, which we have a
> plan to implement, but this will be a further six-month project. ⌘ [Read more](https://lwn.net/Articles/899385/) 2022-06-29T18:44:03Z **Collabora Online developer edition 22.05 released**
[CODE\
22.05](https://www.collaboraoffice.com/press-releases/code-22-05-released-with-powerful-new-features-like-grammar-checks-sparklines-and-jumbo-spreadsheets/) has been released; this is the "developer edition" of the
Collabora Online offering formerly known as LibreOffice Online.

> CODE 22.05 is preceding the next major release of our long-term
> supported business suite Collabora Online. This free developer
> version includes all features and enhancements that will be
> avail ... ⌘ [Read more](https://lwn.net/Articles/899404/) 2022-06-29T22:42:52Z **[$] System call interception for unprivileged containers**
On the first day of the 2022 [Linux\
Security Summit North America](https://events.linuxfoundation.org/linux-security-summit-north-america/) (LSSNA) in Austin, Texas, Stéphane Graber
and Christian Brauner gave a presentation on using system-call interception
for container security purposes. The idea is to allow unprivileged
containers, those without elevated privileges on the host, to still
accomplish their tasks, some of which require privileges. A fair amount of
work has been ... ⌘ [Read more](https://lwn.net/Articles/899281/) 2022-06-30T00:58:02Z **[$] LWN.net Weekly Edition for June 30, 2022**
The LWN.net Weekly Edition for June 30, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/898729/) 2022-06-30T13:27:27Z **Security updates for Thursday**
Security updates have been issued by **Debian** (firefox-esr, firejail, and ublock-origin), **Fedora** (chromium, firefox, thunderbird, and vim), **Mageia** (kernel and kernel-linus), **Oracle** (389-ds-base and python-virtualenv), **SUSE** (chromium), and **Ubuntu** (cloud-init). ⌘ [Read more](https://lwn.net/Articles/899483/) 2022-06-30T14:30:07Z **[$] A BPF-specific memory allocator**
The kernel does not lack for memory allocators, so one might well question
the need for yet another one. As [this\
patch set](https://lwn.net/ml/bpf/20220623003230.37497-1-alexei.starovoitov@gmail.com/) from Alexei Starovoitov makes clear, though, the BPF
subsystem feels such a need. The proposed new allocator is intended to
increase the reliability of allocations made within BPF programs, which might
be run in just about any execution context. ⌘ [Read more](https://lwn.net/Articles/899274/) 2022-06-30T17:36:36Z **Rust 1.62.0 released**
[Version\
1.62.0](https://blog.rust-lang.org/2022/06/30/Rust-1.62.0.html) of the Rust language has been released. Changes include a new
cargo add command, default enum variants, an improved Linux
mutex implementation, a number of stabilized APIs, and more. ⌘ [Read more](https://lwn.net/Articles/899521/) 2022-06-30T20:24:48Z **Software Freedom Conservancy: Give Up GitHub: The Time Has Come!**
The [Software Freedom Conservancy](https://sfconservancy.org/) (SFC) has issued a [strong call](https://sfconservancy.org/blog/2022/jun/30/give-up-github-launch/) for free software projects to [give up GitHub](https://sfconservancy.org/GiveUpGitHub/) and to move their repositories elsewhere. There are a number of problems that SFC has identified with the GitHub code-hosting service and, in particular, with its [Copilot](https://github.com/features/copilot) AI-based code- ... ⌘ [Read more](https://lwn.net/Articles/899530/) 2022-07-01T13:30:43Z **Security updates for Friday**
Security updates have been issued by **Debian** (firefox-esr, isync, kernel, and systemd), **Fedora** (chromium, curl, firefox, golang-github-vultr-govultr-2, and xen), **Mageia** (openssl, python-bottle, and python-pyjwt), **Red Hat** (compat-openssl10, curl, expat, firefox, go-toolset-1.17 and go-toolset-1.17-golang, go-toolset:rhel8, kernel, kpatch-patch, libarchive, libgcrypt, libinput, libxml2, pcre2, php:7.4, php:8.0, qemu-kvm, ruby:2.6, thunderbird, and vim), and **Ubuntu** (curl, libjpeg6b, and vim) ... ⌘ [Read more](https://lwn.net/Articles/899701/) 2022-07-01T14:36:55Z **[$] Removing the scheduler's energy-margin heuristic**
The CPU scheduler's job has never been easy; it must find a way to allocate
CPU time to all tasks in the system that is fair, allows all tasks to
progress, and maximizes the throughput of the system as a whole. More
recently, it has been called upon to satisfy another constraint: minimizing
the system's energy consumption. There is currently [a\
patch set](https://lwn.net/ml/linux-kernel/20220621090414.433602-1-vdonnefort@google.com/) in circulation, posted by Vincent Donnefort with ... ⌘ [Read more](https://lwn.net/Articles/899303/) 2022-07-02T16:02:41Z **Stable kernels for the weekend**
The
[5.18.9](https://lwn.net/Articles/899787/),
[5.15.52](https://lwn.net/Articles/899788/),
[5.10.128](https://lwn.net/Articles/899789/),
[5.4.203](https://lwn.net/Articles/899790/),
[4.19.250](https://lwn.net/Articles/899791/),
[4.14.286](https://lwn.net/Articles/899792/), and
[4.9.321](https://lwn.net/Articles/899793/)
stable kernel updates have all been released; each contains yet another set
of important fixes. ⌘ [Read more](https://lwn.net/Articles/899786/) 2022-07-02T20:12:27Z **Darktable 4.0.0 released**
[Version\
4.0.0](https://www.darktable.org/2022/07/darktable-4.0.0-released/) of the darktable raw photo editor has been released.
"The UI has been completely revamped again to improve look and
consistency. Padding, margins, color, contrast, alignment, and icons have
been reworked throughout". Other changes include new exposure and
color-calibration modules, a reworked "filmic" color-mapping module, guided
laplacian highlight reconstruction, and more. (LWN [looked at darktable](https://lwn.net/Articles/881853/ ... ⌘ [Read more](https://lwn.net/Articles/899805/) 2022-07-04T13:01:59Z **Kernel prepatch 5.19-rc5**
The [5.19-rc5](https://lwn.net/Articles/899886/) kernel prepatch is out for
testing. "So everything looks ok - we certainly have some issues still
being looked at, but on the whole 5.19 looks normal, and nothing
particularly bad seems to be going on". ⌘ [Read more](https://lwn.net/Articles/899887/) 2022-07-04T14:12:20Z **Security updates for Monday**
Security updates have been issued by **Debian** (gnupg2 and kernel), **Fedora** (golang-github-apache-beam-2, golang-github-etcd-io-gofail, golang-github-intel-goresctrl, golang-github-spf13-cobra, golang-k8s-pod-security-admission, and vim), **Oracle** (.NET 6.0, compat-openssl10, compat-openssl11, cups, curl, expat, firefox, go-toolset:ol8, grub2,, gzip, java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, kernel, libarchive, libgcrypt, libinput, libxml2, pcre2, postgresql, python, rsync, rsyslog, ruby:2 ... ⌘ [Read more](https://lwn.net/Articles/899963/) 2022-07-04T16:39:50Z **Debian 9 Long Term Support reaching end-of-life**
The Debian Long Term Support (LTS) team has announced that Debian 9 ("stretch") has "reached its end-of-life on July 1, 2022,
five years after its initial release on June 17, 2017". There will be further updates for a subset of the packages in the release through the [Extended LTS project](https://wiki.debian.org/LTS/Extended). Meanwhile, the LTS team is moving on to Debian 10 ("buster"):

> The LTS Team will prepare the transition to Debian 10 buster, which is the
> current oldstable re ... ⌘ [Read more](https://lwn.net/Articles/899962/) 2022-07-04T17:45:59Z **[$] The end of CONFIG_ANDROID**
The kernel has thousands of configuration options, many of which can change
the kernel's behavior in subtle or surprising ways. Among those options is
[CONFIG\_ANDROID](https://elixir.bootlin.com/linux/v5.18.8/source/drivers/android/Kconfig),
which one might expect to be relatively straightforward; its description
reads, in its entirety: "Enable support for various drivers needed on
the Android platform". It turns out that this option does more than
that, to the surprise of some users. That has led to a p ... ⌘ [Read more](https://lwn.net/Articles/899743/) 2022-07-05T14:02:05Z **Amazon's CodeWhisperer**
There has been a fair amount of concern recently about Microsoft's Copilot
system, which many see as possibly putting its users in violation of free-software
licenses. But, naturally, Copilot is not the only offering of this type;
Amazon has put out a preview version of " [CodeWhisperer](https://aws.amazon.com/codewhisperer/)", which is
also a machine-learning-based coding tool that was trained on (unspecified)
open-source code. From [the FAQ](https://aws.amazon.com/codewhisperer/faqs/):

> CodeWhisperer’s refer ... ⌘ [Read more](https://lwn.net/Articles/900045/) 2022-07-05T14:19:56Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (blender and thunderbird), **SUSE** (ImageMagick, qemu, and sysstat), and **Ubuntu** (php7.0). ⌘ [Read more](https://lwn.net/Articles/900064/) 2022-07-05T20:12:08Z **[$] An Ubuntu kernel bug causes container crashes**
Some system administrators running Ubuntu 20.04 had a rough time on
June 8, when Ubuntu published kernel packages containing a [particularly\
nasty bug](https://bugs.launchpad.net/ubuntu/+source/linux-aws-5.13/+bug/1977919) that was caused by an [Ubuntu-specific\
patch to the kernel](https://kernel.ubuntu.com/git/ubuntu/ubuntu-impish.git/commit/?id=9680f5f6d8f93a82abfcc5e2c66faada3d4f2ef5). The bug led to a kernel panic whenever a Docker container
was started. Fixed packages were made ... ⌘ [Read more](https://lwn.net/Articles/899420/) 2022-07-06T13:16:51Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (ldap-account-manager), **Fedora** (openssl1.1, thunderbird, and yubihsm-connector), **Mageia** (curl, cyrus-imapd, firefox, ruby-git, ruby-rack, squid, and thunderbird), **Oracle** (firefox, kernel, and thunderbird), **Slackware** (openssl), **SUSE** (dpdk, haproxy, and php7), and **Ubuntu** (gnupg2 and openssl). ⌘ [Read more](https://lwn.net/Articles/900172/) 2022-07-06T22:30:06Z **[$] The 2022 embedded Linux update**
A regular feature of the [Embedded\
Linux Conference](https://events.linuxfoundation.org/open-source-summit-north-america/about/embedded-linux-conference/) (ELC) has been an update on the state of embedded Linux from
conference organizer Tim Bird. It has been quite a few years since I had
the opportunity to sit in on one, so I took one at the
2022 [Open\
Source Summit North America](https://events.linuxfoundation.org/open-source-summit-north-america/) (OSSNA) in Austin, Texas. OSSNA is an
umbrella co ... ⌘ [Read more](https://lwn.net/Articles/899742/) 2022-07-07T01:46:11Z **[$] LWN.net Weekly Edition for July 7, 2022**
The LWN.net Weekly Edition for July 7, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/899484/) 2022-07-07T13:29:48Z **Security updates for Thursday**
Security updates have been issued by **Debian** (intel-microcode), **Fedora** (dotnet3.1 and gnupg2), **Oracle** (grub2, kernel, php:7.4, php:8.0, and qemu-kvm), **SUSE** (389-ds, apache2, crash, curl, expat, firefox, fwupd, fwupdate, ImageMagick, ldb, samba, liblouis, librttopo, openssl, openssl-1\_0\_0, openssl-1\_1, openssl-3, oracleasm, php7, php8, python-Twisted, python310, rsyslog, s390-tools, salt, thunderbird, and xen), and **Ubuntu** (linux-lts-xenial, linux-kvm and openssl). ⌘ [Read more](https://lwn.net/Articles/900286/) 2022-07-07T13:59:56Z **[$] The trouble with symbolic links**
At the [2022 sambaXP conference](https://sambaxp.org/archive),
Jeremy Allison gave a talk titled "The UNIX Filesystem API is
profoundly broken: What to do about it?". LWN regulars may recall hints of
these talks in a recent [comment\
thread](https://lwn.net/Articles/882177/). He started his talk with the problems that symbolic links
("symlinks")
cause for application developers, then discussed how the solutions to
the problems posed by symlinks led to substantial increases in the
complexity of the A ... ⌘ [Read more](https://lwn.net/Articles/899543/) 2022-07-07T16:37:16Z **Another crop of stable kernels**
The [5.18.10](https://lwn.net/Articles/900320/), [5.15.53](https://lwn.net/Articles/900321/), [5.10.129](https://lwn.net/Articles/900322/), [5.4.204](https://lwn.net/Articles/900323/), [4.19.251](https://lwn.net/Articles/900324/), [4.14.287](https://lwn.net/Articles/900325/), and [4.9.322](https://lwn.net/Articles/900326/) stable kernels have been released. As
usual, they contain important fixes throughout the tree. ⌘ [Read more](https://lwn.net/Articles/900319/) 2022-07-08T14:17:15Z **Security updates for Friday**
Security updates have been issued by **Fedora** (direnv, golang-github-mattn-colorable, matrix-synapse, pypy3.7, pypy3.8, and pypy3.9), **Oracle** (squid), **SUSE** (curl, openssl-1\_1, pcre, python-ipython, resource-agents, and rsyslog), and **Ubuntu** (nss, php7.2, and vim). ⌘ [Read more](https://lwn.net/Articles/900443/) 2022-07-08T15:31:56Z **[$] Distributors entering Flatpakland**
Linux distributions have changed quite a bit over the last 30 years, but
the way that they package software has been relatively static. While the
.deb and RPM formats (and others) have evolved with time, their current
form would not be unrecognizable to their creators. Distributors are
pushing for change, though. Both the Fedora and openSUSE projects are
moving to reduce the role of the venerable RPM format and switch to [Flatpak](https://flatpak.org/) for much of their software
distribution; some ... ⌘ [Read more](https://lwn.net/Articles/900210/) 2022-07-10T23:56:26Z **Kernel prepatch 5.19-rc6**
The [5.19-rc6](https://lwn.net/Articles/900627/) kernel prepatch is out for
testing.

> Perhaps somewhat unusually, I picked up a few fixes that were
> pending in trees that haven't actually hit upstream yet. It's
> already rc6, and I wanted to close out a few of the regression
> reports and not have to wait for another (possibly last, knock
> wood) rc to have them in the tree. ⌘ [Read more](https://lwn.net/Articles/900628/) 2022-07-11T13:08:49Z **Security updates for Monday**
Security updates have been issued by **Debian** (php7.4), **Fedora** (gerbv, kernel, openssl, and podman-tui), **Oracle** (squid:4), **Slackware** (wavpack), and **SUSE** (apache2, chafa, containerd, docker and runc, fwupd, fwupdate, libqt5-qtwebengine, oracleasm, and python). ⌘ [Read more](https://lwn.net/Articles/900670/) 2022-07-11T13:21:37Z **Ronacher: Congratulations: We Now Have Opinions on Your Open Source Contributions**
On his blog, Armin Ronacher [comments](https://lucumr.pocoo.org/2022/7/9/congratulations/) about a recent [security key giveaway](https://pypi.org/security-key-giveaway/) by the [Python Package Index](https://pypi.org/) (PyPI) to provide [two-factor authentication](https://en.wikipedia.org/wiki/Multi-factor_authentication) (2FA) tokens to the maintainers of the "critical" projects on the index. While (eventually) requiring maintainers to use 2FA before b ... ⌘ [Read more](https://lwn.net/Articles/900671/) 2022-07-11T13:30:06Z **Calibre 6.0 released**
[Version 6.0](https://calibre-ebook.com/new-in/fifteen) of the
calibre ebook management system is out.

> It has been a year and a half since calibre 5.0. The headline
> feature is Full text search, calibre can now optionally index all
> the books in your library so you can search your entire library for
> a word or phrase.

Other changes introduced since 5.0 include 64-bit Arm support, the removal
of 32-bit support, and an update to Qt 6. ⌘ [Read more](https://lwn.net/Articles/900674/) 2022-07-11T15:17:42Z **[$] Kernel support for hardware-based control-flow integrity**
Once upon a time, a simple stack overflow was enough to mount a
code-injection attack on a running system. In modern systems, though,
stacks are not executable and, as a result, simple overflow-based attacks
are no longer possible. In response, attackers have shifted to
control-flow attacks that make use of the code already present in the
target system. Hardware vendors have added a number of features intended to
thwart control-flow attacks; some of these features have bette ... ⌘ [Read more](https://lwn.net/Articles/900099/) 2022-07-11T15:32:42Z **Rust frontend approved for GCC**
The GCC steering committee has [approved](https://lwn.net/ml/gcc/CAGWvnym7--36T6L6XhhVhQmafR-w3g1NE1Zh9qTbjcC325Us1Q@mail.gmail.com/)
the contribution of the Rust frontend to the compiler suite. "We look
forward to including a preliminary, beta version of GCC Rust in GCC 13 as a
non-default language". ⌘ [Read more](https://lwn.net/Articles/900721/) 2022-07-12T13:13:12Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (chromium), **Mageia** (openssl and webkit2), **Slackware** (seamonkey), **SUSE** (crash, curl, freerdp, ignition, libnbd, and python3), and **Ubuntu** (dovecot and python-ldap). ⌘ [Read more](https://lwn.net/Articles/900855/) 2022-07-12T14:53:11Z **Garrett: Responsible stewardship of the UEFI secure boot ecosystem**
Matthew Garrett [grumbles](https://mjg59.dreamwidth.org/60248.html) about an
apparent Microsoft policy change making it harder to boot Linux on some
systems.

> So, to have Microsoft, the self-appointed steward of the UEFI
> Secure Boot ecosystem, turn round and say that a bunch of binaries
> that have been reviewed through processes developed in negotiation
> with Microsoft, implementing technologies designed to make
> management of revocation easier for Microsoft ... ⌘ [Read more](https://lwn.net/Articles/900886/) 2022-07-12T16:59:19Z **The latest stable kernel updates**
The
[5.18.11](https://lwn.net/Articles/900912/),
[5.15.54](https://lwn.net/Articles/900911/),
[5.10.130](https://lwn.net/Articles/900910/),
[5.4.205](https://lwn.net/Articles/900908/),
[4.19.252](https://lwn.net/Articles/900907/),
[4.14.288](https://lwn.net/Articles/900906/), and
[4.9.323](https://lwn.net/Articles/900905/)
stable kernel updates have been released; each contains another set of
important fixes. ⌘ [Read more](https://lwn.net/Articles/900904/) 2022-07-12T17:11:12Z **The "Retbleed" speculative execution vulnerabilities**
Some researchers at ETH Zurich have [disclosed](https://comsec.ethz.ch/research/microarch/retbleed/) a
new set of speculative-execution vulnerabilities known as "Retbleed". In
short, the retpoline defenses added when Spectre was initially disclosed
turn out to be insufficient on x86 machines because return instructions,
too, can be speculatively executed.

> ​Kernel and hypervisor developers have developed mitigations in
> coordination with Intel and AMD. Mitigating Retbleed in the ... ⌘ [Read more](https://lwn.net/Articles/900917/) 2022-07-12T21:51:06Z **[$] Native Python support for units?**
Back in April, there was an interesting discussion on the python-ideas
mailing list that started as a query about adding support for [custom\
literals](https://en.cppreference.com/w/cpp/language/user_literal), a la C++, but branched off from there. Custom literals are
frequently used for handling units and unit conversion in C++, so the
Python discussion fairly quickly focused on that use case. While ideas about a
possible feature were batted about, it does not seem like anything that is
being purs ... ⌘ [Read more](https://lwn.net/Articles/900739/) 2022-07-13T13:12:25Z **Security updates for Wednesday**
Security updates have been issued by **Fedora** (xen), **Mageia** (x11-server), **SUSE** (chromium, kernel, pcre, pcre2, squid, and xorg-x11-server), and **Ubuntu** (gnupg, gnupg2, uriparser, xorg-server, xorg-server-hwe-16.04, and xorg-server, xorg-server-hwe-18.04, xwayland). ⌘ [Read more](https://lwn.net/Articles/901029/) 2022-07-13T21:01:52Z **[$] "Critical" projects and volunteer maintainers**
Over the last five decades or so, free and open-source software (FOSS) has
gone from an almost unknown
quantity available to only the most technically savvy to underpinning much
of the infrastructure we rely on today. Much like software itself, FOSS is
"eating the world". But that has changed—is changing—the role of the
maintainers of all of that code; when "critical" infrastructure uses code
from a FOSS project, suddenly, and perhaps without warning, that code
itself becomes critical. ... ⌘ [Read more](https://lwn.net/Articles/900953/) 2022-07-14T03:33:08Z **[$] LWN.net Weekly Edition for July 14, 2022**
The LWN.net Weekly Edition for July 14, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/900299/) 2022-07-14T13:34:40Z **Security updates for Thursday**
Security updates have been issued by **Debian** (request-tracker4), **Fedora** (kernel and vim), **Mageia** (gerbv, gnupg2, pgadmin4, and python-coookiecutter), **Slackware** (xorg), **SUSE** (cifs-utils, gmp, gnutls, libnettle, kernel, libsolv, libzypp, zypper, logrotate, openssl-1\_1, opera, squid, and virglrenderer), and **Ubuntu** (ca-certificates, git, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon, li ... ⌘ [Read more](https://lwn.net/Articles/901190/) 2022-07-14T14:18:49Z **[$] Long-lived kernel pointers in BPF**
The [BPF](https://lwn.net/Articles/740157/) subsystem allows
programmers to write programs that can run safely in kernel space. All
memory accesses and function calls in BPF programs are statically checked
for safety using the in-kernel verifier, which
analyzes programs in their entirety before allowing them to be loaded.
While this allows the kernel to safely run BPF programs, it heavily
restricts what those programs are able to do. Among these
constraints is a rule that programs cannot store poi ... ⌘ [Read more](https://lwn.net/Articles/900749/) 2022-07-14T17:31:51Z **The US military wants to understand the most important software on Earth (MIT
Technology Review)**
The MIT Technology Review has posted [an\
article](https://www.technologyreview.com/2022/07/14/1055894/us-military-sofware-linux-kernel-open-source/) on a program within the US Defense Advanced Research Projects
Agency to identify threats to open-source code.

> The ultimate goal is to detect and counteract any malicious
> campaigns to submit flawed code, launch influence operations,
> sabotage development, or even take control of open-s ... ⌘ [Read more](https://lwn.net/Articles/901254/) 2022-07-14T18:11:40Z **Tunney: Porting OpenBSD pledge() to Linux**
Justine Tunney has created [an\
implementation of the OpenBSD pledge() system call](https://justine.lol/pledge/) for Linux.

> OpenBSD limits security to a small pond, but makes it easy. Linux
> is a big tent, but makes it impossibly hard. SECCOMP BPF might as
> well be the Traditional Chinese of programming languages, since
> only a small number of people who've devoted the oodles of time it
> takes to understand code like what you see above have actually been
> able to benefit from it. ⌘ [Read more](https://lwn.net/Articles/901264/) 2022-07-14T19:40:35Z **Rocky Linux 9.0 released**
[Version\
9.0](https://rockylinux.org/news/rocky-linux-9-0-ga-release/) of Rocky Linux, a Red Hat Enterprise Linux clone, has been
released. There are a lot of changes, of course; see [the release notes](https://docs.rockylinux.org/release_notes/9_0/)
for an overview. ⌘ [Read more](https://lwn.net/Articles/901289/) 2022-07-15T13:15:24Z **Stable kernel updates delayed**
The stable kernel updates that were due on July 14 have been delayed for
several days, [according to Greg\
Kroah-Hartman](https://lwn.net/ml/linux-kernel/YtFPN7ctriCPVNWs@kroah.com/), due to problems that have come up with the Retbleed
mitigation patches.

> The problems are purely due to the fact that we were forced to do
> this type of work "in private" with very limited ability for
> testing by the normal larger kernel community like we rely on. We
> don't have fancy or huge private testing labs whe ... ⌘ [Read more](https://lwn.net/Articles/901367/) 2022-07-15T13:38:36Z **Security updates for Friday**
Security updates have been issued by **Debian** (webkit2gtk and wpewebkit), **Fedora** (curl, kernel, openssl1.1, php, subversion, xorg-x11-server, and xorg-x11-server-Xwayland), **Oracle** (grub2), **SUSE** (gnutls, kernel, logrotate, oracleasm, p11-kit, and python-PyJWT), and **Ubuntu** (libhttp-daemon-perl and python2.7, python3.10, python3.4, python3.5, python3.6, python3.8, python3.9). ⌘ [Read more](https://lwn.net/Articles/901412/) 2022-07-15T14:14:26Z **[$] Sharing page tables with msharefs**
A page-table entry (PTE) is relatively small, requiring just eight bytes to refer to a
4096-byte page on most systems. It thus does not seem like a worrisome
level of overhead, and little effort has been made over the kernel's
history to reduce page-table memory consumption. Those eight bytes can
hurt, though, if they are replicated across a sufficiently large set of
processes. The [msharefs\
patch set](https://lwn.net/ml/linux-mm/cover.1656531090.git.khalid.aziz@oracle.com/) from Khalid Aziz is a ... ⌘ [Read more](https://lwn.net/Articles/901059/) 2022-07-17T23:19:05Z **Kernel prepatch 5.19-rc7**
The [5.19-rc7](https://lwn.net/Articles/901580/) kernel prepatch is out for
testing.

> We obviously had that whole "Retbleed" thing, and it does show up
> in both the diffstat and the shortlog, and rc7 is definitely bigger
> than usual. And also as usual, when we've had one of those
> embargoed hw issues pending, the patches didn't get the open
> development, and then as a result missed all the usual sanity
> checking by all the automation build and test infrastructure we
> have. So no surprise - there' ... ⌘ [Read more](https://lwn.net/Articles/901581/) 2022-07-18T13:45:08Z **Security updates for Monday**
Security updates have been issued by **Debian** (mat2 and xen), **Fedora** (butane, caddy, clash, direnv, geoipupdate, gitjacker, golang-bug-serial-1, golang-github-a8m-envsubst, golang-github-apache-beam-2, golang-github-aws-lambda, golang-github-cespare-xxhash, golang-github-chromedp, golang-github-cloudflare, golang-github-cloudflare-redoctober, golang-github-cockroachdb-pebble, golang-github-cucumber-godog, golang-github-dreamacro-shadowsocks2, golang-github-dustinkirkland-petname, golang-github-etcd-io ... ⌘ [Read more](https://lwn.net/Articles/901699/) 2022-07-18T14:56:55Z **Conill: How efficient can cat(1) be?**
Ariadne Conill [explores](https://ariadne.space/2022/07/17/how-efficient-can-cat1-be/)
ways to make the Unix cat utility more efficient on
Linux.

> The first possible option is the venerable sendfile syscall, which
> was originally added to improve the file serving performance of web
> servers. Originally, sendfile required the destination file
> descriptor to be a socket, but this restriction was removed in
> Linux 2.6.33. Unfortunately, sendfile is not perfect: because it
> only supports fi ... ⌘ [Read more](https://lwn.net/Articles/901707/) 2022-07-18T15:36:11Z **[$] The BPF panic function**
One of the key selling points of the BPF subsystem is that loading a BPF
program is safe: the BPF verifier ensures that the program cannot hurt the
kernel before allowing the load to occur. That guarantee is perhaps
losing some of its force as more
capabilities are made available to BPF programs but, even so, it may be a
bit surprising to see [this\
proposal from Artem Savkov](https://lwn.net/ml/linux-kernel/20220711083220.2175036-1-asavkov@redhat.com/) adding a BPF helper that is explicitly designed to
cras ... ⌘ [Read more](https://lwn.net/Articles/901284/) 2022-07-18T23:03:24Z **Ubuntu 21.10 no longer supported**
The Ubuntu 21.10 ("Impish Indri") release is no longer supported as of
July 14; users who are on that version will want to look into
upgrading soon.

> This is a follow-up to the End of Life warning sent earlier to confirm
> that as of July 14, 2022, Ubuntu 21.10 is no longer supported. No more
> package updates will be accepted to 21.10, and it will be archived to
> old-releases.ubuntu.com in the coming weeks. ⌘ [Read more](https://lwn.net/Articles/901755/) 2022-07-19T13:46:12Z **Security updates for Tuesday**
Security updates have been issued by **Fedora** (buildah), **SUSE** (dovecot23 and nodejs12), and **Ubuntu** (harfbuzz, libhttp-daemon-perl, tiff, and webkit2gtk). ⌘ [Read more](https://lwn.net/Articles/901787/) 2022-07-19T15:37:21Z **Tom Lord RIP**
From Berkeley comes [the\
sad news](https://berkeleydailyplanet.com/issue/2022-06-26/article/49837) of the passing of Tom Lord, a longtime free-software developer
and the original author of [GNU Arch](https://www.gnu.org/software/gnu-arch/). He will be
missed. ⌘ [Read more](https://lwn.net/Articles/901807/) 2022-07-19T16:41:28Z **[$] Android apps on Linux with Waydroid**
It is not uncommon for users to want to run a program targeted to one
operating system on another type of system. With the increasing prevalence of
smartphones, Android has become the world's most widely used operating
system. So users may want to run Android apps on Linux systems in order
to get access to a game or other app that is not available in a
Linux version or to develop mobile apps on their desktop system.
The [Waydroid](https://waydro.id/) project provides a way to run those
apps on L ... ⌘ [Read more](https://lwn.net/Articles/901459/) 2022-07-19T20:49:22Z **Cirq 1.0 released**
Google has released [Cirq\
1.0](https://opensource.googleblog.com/2022/07/Cirq-Turns-1.0.html) for developers working with leading-edge computers:

> Cirq is a Python framework for writing, running, and analyzing the
> results of quantum computer programs. It was designed for near-term
> quantum computers, those with a few hundred qubits and few
> thousands of quantum gates. The significance of the 1.0 release is
> that Cirq has support for the vast majority of workflows for these
> systems and is considered to ... ⌘ [Read more](https://lwn.net/Articles/901832/) 2022-07-20T12:38:05Z **Security updates for Wednesday**
Security updates have been issued by **Fedora** (golang-github-gosexy-gettext, golang-github-hub, oci-seccomp-bpf-hook, and popub), **Oracle** (kernel and kernel-container), **SUSE** (python2-numpy), and **Ubuntu** (check-mk and pyjwt). ⌘ [Read more](https://lwn.net/Articles/901879/) 2022-07-20T14:26:25Z **Heinz: It's Time to Say Goodbye to These Obsolete Python Libraries**
Martin Heinz [encourages Python\
developers](https://martinheinz.dev/blog/77) to move on to a number of newer modules.

> Using os.urandom isn't actually the problem here though,
> the reason the secrets module got introduced is because
> people were using the random module for generating
> passwords and such, even though the random module doesn't
> produce cryptographically safe tokens. ⌘ [Read more](https://lwn.net/Articles/901887/) 2022-07-20T15:37:31Z **[$] Leaving python-dev behind**
It was not all that long ago that Python began its [experiment](https://lwn.net/Articles/768487/) with
replacing one of its mailing lists with a forum on its [Discourse discussion site](https://discuss.python.org/). Over
time, the Discourse instance has become more and more popular within the
Python community. It would seem that another mailing list will soon be
subsumed within Discourse as the Python steering council is planning to
effectively retire the venerable python-dev mailing list soon. ⌘ [Read more](https://lwn.net/Articles/901744/) 2022-07-21T00:04:25Z **[$] LWN.net Weekly Edition for July 21, 2022**
The LWN.net Weekly Edition for July 21, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/901196/) 2022-07-21T13:17:09Z **Security updates for Thursday**
Security updates have been issued by **Mageia** (kernel and kernel-linus), **SUSE** (dovecot23), and **Ubuntu** (freetype, libxml-security-java, and linux-oem-5.17). ⌘ [Read more](https://lwn.net/Articles/902011/) 2022-07-21T14:36:18Z **[$] Living with the Rust trademark**
The intersection of free software and trademark law has not always been
smooth. Free-software licenses have little to say about trademarks but,
sometimes, trademark licenses can appear to take away some of the freedoms
that free-software licenses grant. The Firefox browser has often [been the focal point](https://lwn.net/Articles/546678/) for trademark-related
controversy; happily, those problems appear to be in the past now. Instead,
the increasing popularity of the [Rust\
language](https://www.rust ... ⌘ [Read more](https://lwn.net/Articles/901816/) 2022-07-21T21:12:07Z **Six new stable kernels**
The [5.15.56](https://lwn.net/Articles/902101/), [5.10.132](https://lwn.net/Articles/902102/), [5.4.207](https://lwn.net/Articles/902103/), [4.19.253](https://lwn.net/Articles/902104/), [4.14,289](https://lwn.net/Articles/902105/), and [4.9.324](https://lwn.net/Articles/902107/) stable kernels have been released.
The [5.18.13 stable kernel](https://lwn.net/ml/linux-kernel/20220721182818.743726259%40linuxfoundation.org/) has been delayed due to some problems found during review; [5.18.13-rc3](https://lwn.net/ml/l ... ⌘ [Read more](https://lwn.net/Articles/902099/) 2022-07-22T12:10:34Z **Security updates for Friday**
Security updates have been issued by **Fedora** (gnupg2, oci-seccomp-bpf-hook, suricata, and vim), **Oracle** (java-11-openjdk), **Slackware** (net), and **SUSE** (kernel, nodejs16, rubygem-rack, and webkit2gtk3). ⌘ [Read more](https://lwn.net/Articles/902184/) 2022-07-22T14:14:59Z **[$] Stuffing the return stack buffer**
" [Retbleed](https://comsec.ethz.ch/research/microarch/retbleed/)"
is the name given to a class of speculative-execution vulnerabilities
involving return instructions. Mitigations for Retbleed have found their
way into the mainline kernel but, as of this writing, some remaining
problems have kept them from the stable update releases. Mitigating
Retbleed can impede performance severely, especially on some Intel
processors. Thomas Gleixner and Peter Zijlstra think they have found [a better\
way](http ... ⌘ [Read more](https://lwn.net/Articles/901834/) 2022-07-24T13:48:40Z **Stable kernels 5.18.14 and 5.15.57**
The
[5.18.14](https://lwn.net/Articles/902318/) and
[5.15.57](https://lwn.net/Articles/902317/)
stable kernels have been released; these consist almost entirely of the
Retbleed hardware-vulnerability mitigations.

The [5.10.133](https://lwn.net/ml/linux-kernel/20220723095224.302504400@linuxfoundation.org/)
update will be next to get those fixes; it is in the review process and is
due on July 25. ⌘ [Read more](https://lwn.net/Articles/902316/) 2022-07-24T21:29:39Z **Kernel prepatch 5.19-rc8**
The [5.19-rc8](https://lwn.net/Articles/902348/) kernel prepatch is out for
testing. "There's nothing really surprising in here - a few smaller fixups for
the retbleed mess as expected, and the usual random one-liners
elsewhere." ⌘ [Read more](https://lwn.net/Articles/902349/) 2022-07-25T14:01:06Z **Debian.community domain name seized**
The Debian project, Debian.ch, and Software in the Public Interest recently
filed a WIPO action to take control of the "debian.community" domain name,
which has been used by Daniel Pocock to [attack\
the Debian project](https://lwn.net/Articles/814508/) and its members. Red Hat had made [a similar attempt](https://lwn.net/Articles/887931/) to take control of
WeMakeFedora.org earlier this year, but that attempt failed. The Debian
action succeeded, though; on July 19, WIPO [decided\
in favor of the ac ... ⌘ [Read more](https://lwn.net/Articles/902373/) 2022-07-25T14:06:33Z **Security updates for Monday**
Security updates have been issued by **Debian** (chromium, djangorestframework, gsasl, and openjdk-11), **Fedora** (giflib, openssl, python-ujson, and xen), **Mageia** (virtualbox), **SUSE** (git, gpg2, java-1\_7\_1-ibm, java-1\_8\_0-ibm, java-1\_8\_0-openjdk, mozilla-nspr, mozilla-nss, mozilla-nss, python-M2Crypto, and s390-tools), and **Ubuntu** (php8.1). ⌘ [Read more](https://lwn.net/Articles/902400/) 2022-07-25T14:23:39Z **[$] Support for Intel's Linear Address Masking**
A 64-bit pointer can address a lot of memory — far more than just about any
application could ever need. As a result, there are bits within that pointer that
are not really needed to address memory, and which might be put to other
needs. Storing a few bits of metadata within a pointer is a common enough
use case that multiple architectures are adding support for it at the
hardware level. Intel is no exception; support for its "Linear Address
Masking" (LAM) feature has been slowly making i ... ⌘ [Read more](https://lwn.net/Articles/902094/) 2022-07-25T14:36:03Z **Fedora to disallow CC0-licensed code**
The [Creative\
Commons CC0 license](https://creativecommons.org/publicdomain/zero/1.0/legalcode) is essentially a public-domain declaration (or as
close as is possible in jurisdictions that lack a public domain). The
Fedora project has allowed the distribution of code under this license,
but, as [announced\
by Richard Fontana](https://lwn.net/ml/fedora-legal/CAC1cPGw1xScGAXo-0NRs92zFB7ptRxTt=oCYi0BxfZDfAgUtYQ@mail.gmail.com/), that policy is changing and CC0 will no longer be
allowed for code:

> T ... ⌘ [Read more](https://lwn.net/Articles/902410/) 2022-07-26T13:13:08Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (spip), **Mageia** (libtiff and logrotate), **Oracle** (java-1.8.0-openjdk and java-11-openjdk), **SUSE** (gpg2, logrotate, and phpPgAdmin), and **Ubuntu** (python-bottle). ⌘ [Read more](https://lwn.net/Articles/902547/) 2022-07-26T17:02:24Z **[$] Docker and the OCI container ecosystem**
[Docker](https://www.docker.com/) has transformed the way
many people develop and deploy software. It wasn't the first
implementation of containers on Linux, but Docker's ideas about how
containers should be structured and managed were different from its
predecessors. Those ideas matured into industry standards, and an
ecosystem of software has grown around them. Docker continues to be a
major player in the ecosystem, but it is no longer the only whale in the
sea — Red Hat has also done a lot ... ⌘ [Read more](https://lwn.net/Articles/902049/) 2022-07-27T12:58:50Z **Nethercote: Twenty years of Valgrind**
Nicholas Nethercote [marks](https://nnethercote.github.io/2022/07/27/twenty-years-of-valgrind.html)
the 20th anniversary of the Valgrind 1.0 release.

> It’s both delightful and surreal to see that Valgrind is still in
> wide use today. Julian [Seward’s] original goal was to raise the
> bar when it came to correctness for C and C++ programs. This has
> clearly been a huge success. Memcheck has found countless bugs in
> countless programs, and is a standard part of the testing setup for
> many ... ⌘ [Read more](https://lwn.net/Articles/902643/) 2022-07-27T12:53:40Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (kernel and openjdk-17), **Fedora** (ceph, lua, and moodle), **Oracle** (java-1.8.0-openjdk), **Red Hat** (grafana), **SUSE** (git, kernel, libxml2, nodejs16, and squid), and **Ubuntu** (imagemagick, protobuf-c, and vim). ⌘ [Read more](https://lwn.net/Articles/902642/) 2022-07-27T13:22:28Z **Vetter: Locking Engineering Principles**
Daniel Vetter [offers some\
advice](https://blog.ffwll.ch/2022/07/locking-engineering.html) for developers of locking schemes in the kernel.

> Validating locking by hand against all the other locking designs
> and nesting rules the kernel has overall is nigh impossible,
> extremely slow, something only few people can do with any chance of
> success and hence in almost all cases a complete waste of time. We
> need tools to automate this, and in the Linux kernel this is
> lockdep.
>
>
> There ... ⌘ [Read more](https://lwn.net/Articles/902645/) 2022-07-27T22:08:11Z **[$] Digital autonomy and the GNOME desktop**
While GUADEC, the GNOME community's annual conference, has always been held
in Europe (or online-only) since it began in 2000, [this year's edition](https://events.gnome.org/event/77/)
was held in North America, specifically in Guadalajara, México,
July 20-25. Rob McQueen gave a talk on the first day of the
conference about providing solutions that bring some level of digital
safety and
autonomy to users—and how GNOME can help make that happen. McQueen
is the CEO of the [Endless OS\
Foundatio ... ⌘ [Read more](https://lwn.net/Articles/902463/) 2022-07-28T01:09:08Z **[$] LWN.net Weekly Edition for July 28, 2022**
The LWN.net Weekly Edition for July 28, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/901997/) 2022-07-28T13:48:25Z **Security updates for Thursday**
Security updates have been issued by **Debian** (firefox-esr), **Fedora** (chromium, gnupg1, java-17-openjdk, osmo, and podman), **Oracle** (grafana and java-17-openjdk), **Red Hat** (389-ds:1.4, container-tools:rhel8, grafana, java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, kernel, kernel-rt, kpatch-patch, pandoc, squid, and squid:4), **Slackware** (samba), and **SUSE** (crash, mariadb, pcre2, python-M2Crypto, virtualbox, and xen). ⌘ [Read more](https://lwn.net/Articles/902795/) 2022-07-28T14:29:28Z **[$] Security requirements for new kernel features**
The relatively new [io\_uring subsystem](https://lwn.net/Articles/776703/) has
changed the way asynchronous I/O is done on Linux systems and improved
performance significantly. It has also, however, begun to run up a record
of disagreements with the kernel's security community. A recent
discussion about security hooks for the new uring\_cmd mechanism
shows how easily requirements can be overlooked in a complex system with no
overall supervision. ⌘ [Read more](https://lwn.net/Articles/902466/) 2022-07-29T14:27:00Z **[$] Direct host system calls from KVM**
As a general rule, virtualization mechanisms are designed to provide strong
isolation between a host and the guest systems that it runs. The guests
are not trusted, and their ability to access or influence anything outside
of their virtual machines must be tightly controlled. So a patch series
allowing guests to execute arbitrary system calls in the host context might
be expected to be the cause of significantly elevated eyebrows across the
net. Andrei Vagin has posted [such a\
series](https://lwn ... ⌘ [Read more](https://lwn.net/Articles/902585/) 2022-07-29T14:26:19Z **Security updates for Friday**
Security updates have been issued by **Fedora** (xorg-x11-server and xorg-x11-server-Xwayland), **SUSE** (aws-iam-authenticator, ldb, samba, libguestfs, samba, and u-boot), and **Ubuntu** (firefox, intel-microcode, libtirpc, linux, linux-aws, linux-kvm, linux-lts-xenial, linux-azure, linux-bluefield, linux-gcp-5.4, linux-gke-5.4, mysql-5.7, and mysql-5.7, mysql-8.0). ⌘ [Read more](https://lwn.net/Articles/902913/) 2022-07-29T16:11:07Z **Seven new stable kernels**
Greg Kroah-Hartman has announced the release of the [5.18.15](https://lwn.net/Articles/902916/), [5.15.58](https://lwn.net/Articles/902917/), [5.10.134](https://lwn.net/Articles/902918/), [5.4.208](https://lwn.net/Articles/902919/), [4.19.254](https://lwn.net/Articles/902921/), [4.14.290](https://lwn.net/Articles/902922/), and [4.9.325](https://lwn.net/Articles/902923/) stable kernels. As usual, these
kernels contain important fixes throughout the tree. Note that the
Retbleed mitigations have not been backport ... ⌘ [Read more](https://lwn.net/Articles/902915/) 2022-07-31T19:57:28Z **Kicinski: TLS 1.3 Rx improvements in Linux 5.20**
Jakub Kicinski [provides\
an overview](https://people.kernel.org/kuba/tls-1-3-rx-improvements-in-linux-5-20) of some changes to the in-kernel TLS implementation coming
in the next development cycle:

> The first implementation of kTLS was designed in the good old days
> of TLS 1.2. When TLS 1.3 came into the picture the interest in kTLS
> had slightly diminished and the implementation, although
> functional, was rather simple and did not retain all the
> benefits. This post covers de ... ⌘ [Read more](https://lwn.net/Articles/903026/) 2022-07-31T20:56:46Z **Linux Mint 21 released**
Version 21 of the Ubuntu-based Linux Mint distribution is out; it is
available in the
[Cinnamon](https://blog.linuxmint.com/?p=4358),
[MATE](https://blog.linuxmint.com/?p=4359), and
[Xfce](https://blog.linuxmint.com/?p=4360) flavors.
This is a
long-term-support release that will receive updates until 2027. ⌘ [Read more](https://lwn.net/Articles/903031/) 2022-07-31T22:29:22Z **The 5.19 kernel is out**
Linus has [released the 5.19 kernel](https://lwn.net/Articles/903033/).

> On a personal note, the most interesting part here is that I did
> the release (and am writing this) on an arm64 laptop. It's
> something I've been waiting for for a \_loong\_ time, and it's
> finally reality, thanks to the Asahi team. We've had arm64 hardware
> around running Linux for a long time, but none of it has really
> been usable as a development platform until now.

He also notes that the next kernel is likely to be 6.0.

S ... ⌘ [Read more](https://lwn.net/Articles/903023/) 2022-08-01T13:25:45Z **Security updates for Monday**
Security updates have been issued by **Debian** (booth, libpgjava, and thunderbird), **Fedora** (3mux, act, age, antlr4-project, apache-cloudstack-cloudmonkey, apptainer, aquatone, aron, asnip, assetfinder, astral, bettercap, buildah, butane, caddy, cadvisor, cheat, chisel, clash, clipman, commit-stream, containerd, cri-o, darkman, deepin-gir-generator, direnv, dnscrypt-proxy, dnsx, docker-distribution, doctl, douceur, duf, ffuf, fzf, geoipupdate, git-lfs, git-octopus, git-time-metric, glide, gmailctl, gnut ... ⌘ [Read more](https://lwn.net/Articles/903455/) 2022-08-01T16:54:50Z **The 2022 Linux Plumbers Conference schedule is out**
The [2022 Linux Plumbers Conference](https://lpc.events/event/16/page/169-lpc-2022-overview) (LPC) has [announced](https://lpc.events/blog/2022/index.php/2022/07/29/lpc-2022-schedule-is-posted/) its schedule. The conference will be held in Dublin, Ireland, September 12-14.

> The schedule for when the miniconferences and tracks are going to occur is now posted at: [https://lpc.events/event/16/timetable/#all](https://lpc.events/event/16/timetable/#all)
>
> The runners for the miniconfe ... ⌘ [Read more](https://lwn.net/Articles/903481/) 2022-08-01T17:23:12Z **[$] Some 5.19 development statistics**
The 5.19 kernel was [released](https://lwn.net/ml/linux-kernel/CAHk-=wgrz5BBk=rCz7W28Fj_o02s0Xi0OEQ3H1uQgOdFvHgx0w@mail.gmail.com/),
after a one-week delay to deal with the fallout from the Retbleed
mitigations, on July 31. By that time, 16,399 commits (15,134
non-merge and 1,265 merges) had found their way into the mainline
repository, making this development cycle the busiest since 5.13 (16,030
non-merge changesets and 1,157 merges). Tradition dictates that now is the time for a look
at where the ... ⌘ [Read more](https://lwn.net/Articles/902854/) 2022-08-02T12:59:37Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (curl and jetty9), **Fedora** (dovecot), **Gentoo** (vault), **Scientific Linux** (java-1.8.0-openjdk, java-11-openjdk, and squid), **SUSE** (booth, dovecot22, dwarves and elfutils, firefox, gimp, java-11-openjdk, kernel, and oracleasm), and **Ubuntu** (linux, linux-hwe-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, net-snmp, and samba). ⌘ [Read more](https://lwn.net/Articles/903555/) 2022-08-02T13:11:49Z **GNU C Library 2.36 released**
[Version\
2.36](https://lwn.net/ml/libc-alpha/9174a0aa-cb9b-aafa-a4cd-e0ccdee65d98@redhat.com/) of the GNU C Library has been released. Changes include support
for the new DT\_RELR relocation format,
wrappers for the
[process\_madvise()](https://lwn.net/Articles/810076/),
[process\_mrelease()](https://lwn.net/Articles/864184/),
[pidfd\_open()](https://lwn.net/Articles/789023/),
[pidfd\_getfd()](https://lwn.net/Articles/808997/), and
[pidfd\_send\_signal()](https://lwn.net/Articles/794707/) system calls,
wra ... ⌘ [Read more](https://lwn.net/Articles/903556/) 2022-08-02T18:09:45Z **Go 1.19 released**
[Version 1.19](https://go.dev/doc/go1.19) of the Go programming
language has been released. "Most of its changes are in the
implementation of the toolchain, runtime, and libraries. As always, the
release maintains the Go 1 promise of compatibility. We expect almost all
Go programs to continue to compile and run as before". This release
includes some memory-model tweaks, a LoongArch port, improvements in the
documentation-comment mechanism, and more. ⌘ [Read more](https://lwn.net/Articles/903585/) 2022-08-02T20:32:25Z **[$] Crosswords for GNOME**
Jonathan Blandford, who is a
longtime GNOME contributor—and a [cruciverbalist](https://www.merriam-webster.com/dictionary/cruciverbalist)
for longer still—thought it was time for GNOME to have a
[crossword puzzle](https://en.wikipedia.org/wiki/Crossword)
application. So he set out to create one, which turned
into something of a [yak-shaving](https://en.wiktionary.org/wiki/yak_shaving) exercise,
but also, ultimately, into [Crosswords](https://gitlab.gnome.org/jrb/crosswords/). Blandford
came to [GUADEC 2022](ht ... ⌘ [Read more](https://lwn.net/Articles/903475/) 2022-08-03T12:45:39Z **Security updates for Wednesday**
Security updates have been issued by **CentOS** (389-ds-base, firefox, java-1.8.0-openjdk, java-11-openjdk, kernel, postgresql, python, python-twisted-web, python-virtualenv, squid, thunderbird, and xz), **Fedora** (ceph, firefox, java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, java-latest-openjdk, and kubernetes), **Oracle** (firefox, go-toolset and golang, libvirt libvirt-python, openssl, pcre2, qemu, and thunderbird), **SUSE** (connman, drbd, kernel, python-jupyterlab, samba, and seamonkey), and ... ⌘ [Read more](https://lwn.net/Articles/903676/) 2022-08-03T13:42:04Z **Vetter: Locking engineering hierarchy**
Daniel Vetter [continues his\
series](https://blog.ffwll.ch/2022/08/locking-hierarchy.html) on locking in the kernel.

> This part goes through a pile of locking pattern and designs, from
> most favourable and easiest to adjust and hence resulting in a long
> term maintainable code base, to the least favourable since hardest
> to ensure it works correctly and stays that way while the code
> evolves. For convenience even color coded, with the dangerous
> levels getting progressively more crisp ... ⌘ [Read more](https://lwn.net/Articles/903681/) 2022-08-03T13:59:11Z **Four more stable kernel updates**
The [5.18.16](https://lwn.net/Articles/903687/),
[5.15.59](https://lwn.net/Articles/903688/),
[5.10.135](https://lwn.net/Articles/903689/), and
[5.4.209](https://lwn.net/Articles/903690/)
stable kernel updates have been released; each contains another set of
important fixes. ⌘ [Read more](https://lwn.net/Articles/903686/) 2022-08-03T20:29:38Z **[$] Oaxaca, Endless OS, and indigenous languages**
A rural Mexican state was the setting for an initiative to use
 the GNOME-based [Endless OS](https://endlessos.com/home/) to
improve
education in indigenous
communities. Over the last several
years, the [Endless OS Foundation](https://www.endlessos.org/)
has teamed up with the [Fundación Alfredo Harp\
Helú Oaxaca](https://fahho.mx/) (FAHHO) to deliver offline-first computers to those
communities, but also to assist these communities in preserving their native
languages. In a talk at [GU ... ⌘ [Read more](https://lwn.net/Articles/903597/) 2022-08-04T01:45:44Z **[$] LWN.net Weekly Edition for August 4, 2022**
The LWN.net Weekly Edition for August 4, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/902796/) 2022-08-04T13:18:37Z **Security updates for Thursday**
Security updates have been issued by **Fedora** (lua), **Oracle** (kernel), **Red Hat** (389-ds:1.4, django, firefox, go-toolset and golang, go-toolset-1.17 and go-toolset-1.17-golang, go-toolset:rhel8, java-1.8.0-ibm, java-17-openjdk, kernel, kernel-rt, kpatch-patch, mariadb:10.5, openssl, pcre2, php, rh-mariadb105-galera and rh-mariadb105-mariadb, ruby:2.5, thunderbird, vim, and virt:rhel and virt-devel:rhel), **Scientific Linux** (firefox and thunderbird), **SUSE** (drbd, java-17-openjdk, java-1\_8\_0- ... ⌘ [Read more](https://lwn.net/Articles/903816/) 2022-08-04T13:47:16Z **Mena Quintero: Paying technical debt in our accessibility infrastructure**
On his blog, Federico Mena Quintero [posted a transcript](https://viruta.org/paying-technical-debt-transcript.html) of his recent talk at [GUADEC 2022](https://events.gnome.org/event/77/) on the technical debt in the GNOME accessibility infrastructure—and what he has been doing to help pay that down. He began the talk by describing the infrastructure and how it came about:

> Gnome-shell implements its own toolkit, St, which stands for "shell toolkit". It is made ... ⌘ [Read more](https://lwn.net/Articles/903822/) 2022-08-04T14:10:12Z **[$] A security-module hook for user-namespace creation**
The Linux Security Module (LSM) subsystem works by way of an extensive set
of hooks placed strategically throughout the kernel. Any specific security
module can attach to the hooks for the behavior it intends to govern and be
consulted whenever a decision needs to be made. The placement of LSM hooks
often comes with a bit of controversy; developers have been known to object
to the
performance cost of hooks in hot code paths, and sometimes there are [misunderstandings](https://lwn. ... ⌘ [Read more](https://lwn.net/Articles/903580/) 2022-08-04T20:28:23Z **GitLab plans to delete dormant projects in free accounts (Register)**
The Register [reports](https://www.theregister.com/2022/08/04/gitlab_data_retention_policy/)
that GitLab is planning to start deleting repositories belonging to free
accounts if they have been inactive for at least a year.

> GitLab is aware of the potential for angry opposition to the plan,
> and will therefore give users weeks or months of warning before
> deleting their work. A single comment, commit, or new issue posted
> to a project during a 12-month period w ... ⌘ [Read more](https://lwn.net/Articles/903858/) 2022-08-05T13:56:22Z **Security updates for Friday**
Security updates have been issued by **CentOS** (firefox, thunderbird, and xorg-x11-server), **Debian** (xorg-server), **Gentoo** (Babel, go, icingaweb2, lib3mf, and libmcpp), **Oracle** (389-ds:1.4, go-toolset:ol8, httpd, mariadb:10.5, microcode\_ctl, and ruby:2.5), **Red Hat** (xorg-x11-server), **Scientific Linux** (xorg-x11-server), **SUSE** (buildah, go1.17, go1.18, harfbuzz, python-ujson, qpdf, u-boot, and wavpack), and **Ubuntu** (gnutls28, libxml2, mod-wsgi, openjdk-8, openjdk-8, openjdk-lts, openjd ... ⌘ [Read more](https://lwn.net/Articles/903997/) 2022-08-05T14:01:30Z **[$] 6.0 Merge window, part 1**
The merge window for the kernel that will probably be called "6.0" has
gotten off to a strong start, with 6,820 non-merge changesets pulled into
the mainline repository in the first few days. The work pulled so far
makes changes all over the kernel tree; read on for a summary of what has
happened in the first half of this merge window. ⌘ [Read more](https://lwn.net/Articles/903487/) 2022-08-07T17:53:18Z **OpenSUSE considers dropping reiserfs**
As Jeff Mahoney notes in [this\
message to the openSUSE factory list](https://lwn.net/ml/opensuse-factory/b24b565f-b538-8efd-e1e3-5ecae5190150@suse.com/), the reiserfs filesystem has been
unmaintained for years and lacks many of the features that users have come
to expect. He has thus proposed removing reiserfs from openSUSE Tumbleweed
immediately.

> I recognize that there may be people out there with disks
> containing reiserfs file systems. If these are in active use, I
> would seriously encou ... ⌘ [Read more](https://lwn.net/Articles/904101/) 2022-08-08T14:34:52Z **Security updates for Monday**
Security updates have been issued by **Debian** (chromium, libtirpc, and xorg-server), **Fedora** (giflib, mingw-giflib, and teeworlds), **Mageia** (chromium-browser-stable, kernel, kernel-linus, mingw-giflib, osmo, python-m2crypto, and sqlite3), **Oracle** (httpd, php, vim, virt:ol and virt-devel:ol, and xorg-x11-server), **SUSE** (caddy, crash, dpkg, fwupd, python-M2Crypto, and trivy), and **Ubuntu** (gdk-pixbuf, libjpeg-turbo, and phpliteadmin). ⌘ [Read more](https://lwn.net/Articles/904191/) 2022-08-08T14:48:57Z **[$] An io_uring-based user-space block driver**
The addition of the ublk driver during the 6.0 merge window would have been
easy to miss; it was buried deeply within an io\_uring pull request and is
entirely devoid of any sort of documentation that might indicate why it
merits a closer look. Ublk is intended to facilitate the implementation of
high-performance block drivers in user space; to that end, it uses [io\_uring](https://lwn.net/Articles/776703/)
for its communication with the kernel. This driver is considered
experimental for n ... ⌘ [Read more](https://lwn.net/Articles/903855/) 2022-08-09T13:04:45Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (gnutls28 and unzip), **Fedora** (dovecot and net-snmp), **Red Hat** (kernel-rt and vim), and **Ubuntu** (gst-plugins-good1.0). ⌘ [Read more](https://lwn.net/Articles/904271/) 2022-08-09T23:50:07Z **[$] Adding auditing to pip**
A tool to discover known security vulnerabilities in the Python packages installed on
a system or required by a project, called [pip-audit](https://pypi.org/project/pip-audit/), was recently
discussed on the [Python discussion\
forum](https://discuss.python.org/). The developers of pip-audit [raised\
the idea](https://discuss.python.org/t/towards-a-pip-audit-subcommand-for-vulnerability-analysis-management/17681) of adding the functionality directly into the [pip package installer](https://pip.pypa.io/en/sta ... ⌘ [Read more](https://lwn.net/Articles/904197/) 2022-08-10T13:33:48Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (gst-plugins-good1.0), **Fedora** (firefox and ghostscript), **Gentoo** (consul, firefox, libass, libraw, lxml, mdbtools, pam\_u2f, spice, and thunderbird), **Oracle** (kernel, kernel-container, and vim), **Red Hat** (galera, mariadb, and mysql-selinux, kernel, and kernel-rt), **Scientific Linux** (kernel), **SUSE** (bind, java-11-openjdk, kernel, mokutil, ncurses, and u-boot), and **Ubuntu** (epiphany-browser, libcdio, linux, linux-aws, linux-azure-4.15, l ... ⌘ [Read more](https://lwn.net/Articles/904374/) 2022-08-10T22:03:55Z **[$] Kolibri and GNOME**
Offline computing and learning was something of a theme at [GUADEC 2022](https://events.gnome.org/event/77/) as there
were multiple talks by people from the
[Endless OS Foundation](https://www.endlessos.org/), which
targets that use case. Dylan McCall and Manuel Quiñones had a talk on day
two about a switch that Endless has made over the last few years away from
its home-rolled "knowledge apps" to apps based on the [Kolibri learning\
platform](https://learningequality.org/kolibri/). While Endless has its roots in ... ⌘ [Read more](https://lwn.net/Articles/904302/) 2022-08-11T00:00:24Z **[$] LWN.net Weekly Edition for August 11, 2022**
The LWN.net Weekly Edition for August 11, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/903818/) 2022-08-11T13:43:13Z **Security updates for Thursday**
Security updates have been issued by **Gentoo** (aiohttp, faac, isync, motion, and nextcloud), **Red Hat** (.NET 6.0), **SUSE** (libnbd, oracleasm, python-codecov, rubygem-tzinfo, sssd, and thunderbird), and **Ubuntu** (http-parser, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4,
 linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4,
 linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4,
 linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 ... ⌘ [Read more](https://lwn.net/Articles/904457/) 2022-08-11T13:56:58Z **New stable kernels**
Greg Kroah-Hartman has announced the release of the [5.19.1](https://lwn.net/Articles/904459/), [5.18.17](https://lwn.net/Articles/904460/), [5.15.60](https://lwn.net/Articles/904461/), [5.10.136](https://lwn.net/Articles/904462/), [5.4.210](https://lwn.net/Articles/904463/), and [4.19.255](https://lwn.net/Articles/904464/) stable kernels.
They contain a fairly small set of important fixes; users should upgrade. ⌘ [Read more](https://lwn.net/Articles/904458/) 2022-08-11T14:10:11Z **[$] The trouble with 64-bit DMA**
We live in a 64-bit world, to the point that many distributors want to stop
supporting 32-bit systems at all. However, lurking within our 64-bit
kernels is a subsystem that has not really managed to move past 32-bit
addresses. The quick merge-window failure of an attempt to use
64-bit addresses in the I/O memory-management unit (IOMMU) subsystem shows
how hard it can be to leave all of one's 32-bit history behind. ⌘ [Read more](https://lwn.net/Articles/904210/) 2022-08-11T15:12:09Z **The quantum state of Linux kernel garbage collection (Project Zero)**
The Project Zero blog has posted [a\
detailed look at CVE-2021-0920](https://googleprojectzero.blogspot.com/2022/08/the-quantum-state-of-linux-kernel.html) in the first of a two-part series on how
this bug created a vulnerability that was subsequently exploited.

> Google's Threat Analysis Group (TAG) discovered Samsung browser
> exploit chains being used in the wild. TAG then performed root
> cause analysis and discovered that this vulnerability,
> CVE-2021-0920, ... ⌘ [Read more](https://lwn.net/Articles/904472/) 2022-08-11T15:42:34Z **Rust 1.63.0 released**
[Version\
1.63.0](https://blog.rust-lang.org/2022/08/11/Rust-1.63.0.html) of the Rust language has been released. Changes include the
addition of scoped threads, a new ownership model for raw file descriptors,
and the completion of the borrow-checker transition:

> As detailed in [this\
> blog post](https://blog.rust-lang.org/2022/08/05/nll-by-default.html), we've fully removed the previous lexical borrow
> checker from rustc across all editions, fully enabling the
> non-lexical, new, version of the borrow chec ... ⌘ [Read more](https://lwn.net/Articles/904486/) 2022-08-12T13:20:35Z **Security updates for Friday**
Security updates have been issued by **Debian** (gnutls28, libtirpc, postgresql-11, and samba), **Fedora** (microcode\_ctl, wpebackend-fdo, and xen), **Oracle** (.NET 6.0, galera, mariadb, and mysql-selinux, and kernel), **SUSE** (dbus-1 and python-numpy), and **Ubuntu** (booth). ⌘ [Read more](https://lwn.net/Articles/904549/) 2022-08-12T14:38:35Z **[$] A fuzzy issue of responsible disclosure**
Fuzz testing is the process of supplying a program with random inputs and
watching to see what breaks; it has been responsible for the identification
of vast numbers of bugs in recent years — and the fixing of many of them.
Developers generally appreciate bug reports, but they can sometimes be a
bit less enthusiastic about a flood of reports from automated fuzzing
systems. A recent discussion around filesystem fuzzing highlighted two
points of view on whether the current fuzz-testing activit ... ⌘ [Read more](https://lwn.net/Articles/904293/) 2022-08-15T00:00:39Z **Kernel prepatch 6.0-rc1**
Linus has [released 6.0-rc1](https://lwn.net/Articles/904681/) and closed the
merge window for this release.

> I actually was hoping that we'd get some of the first rust
> infrastructure, and the multi-gen LRU VM, but neither of them
> happened this time around. There's always more releases. But
> there's a lot of continued development pretty much all over the
> place.

The codename has also been changed to "Hurr durr I'ma ninja sloth". ⌘ [Read more](https://lwn.net/Articles/904680/) 2022-08-15T13:46:02Z **Security updates for Monday**
Security updates have been issued by **Debian** (trafficserver), **Fedora** (freeciv, gnutls, kernel, libldb, mingw-gdk-pixbuf, owncloud-client, rust-ffsend, samba, thunderbird, and zlib), **Gentoo** (apache, binutils, chromium, glibc, gstreamer, libarchive, libebml, nokogiri, puma, qemu, xen, and xterm), **Mageia** (golang, libtiff, poppler, python-django, and ruby-sinatra), **Red Hat** (.NET 6.0 and .NET Core 3.1), **SUSE** (chromium, cifs-utils, kernel, open-iscsi, and trousers), and **Ubuntu** (webkit2g ... ⌘ [Read more](https://lwn.net/Articles/904741/) 2022-08-15T15:41:38Z **[$] 6.0 Merge window, part 2**
Linus Torvalds [released\
6.0-rc1](https://lwn.net/ml/linux-kernel/CAHk-=wgRFjPHV-Y_eKP9wQMLFDgG+dEUHiv5wC17OQHsG5z7BA@mail.gmail.com/) and closed the merge window on
August 14, as expected; by then, 13,543 non-merge changesets
had found their way into the mainline repository. Just over half of those
were pulled after [our first 6.0 merge-window\
summary](https://lwn.net/Articles/903487/) was written. The latter part of the merge window tends to be
more focused on fixes than new features, but there were st ... ⌘ [Read more](https://lwn.net/Articles/904032/) 2022-08-15T18:56:38Z **Android 13 released**
Version 13 of the Android system has [landed\
in the Android Open Source Project](https://android-developers.googleblog.com/2022/08/android-13-is-in-aosp.html); the list of changes is long.

> To help users focus on the notifications that are most important to
> them, Android 13 introduces a new notifications runtime
> permission. Apps now need to request the notification permission
> from the user before posting notifications. ⌘ [Read more](https://lwn.net/Articles/904771/) 2022-08-16T13:43:37Z **Security updates for Tuesday**
Security updates have been issued by **CentOS** (kernel), **Debian** (kernel), **Fedora** (webkit2gtk3), **Oracle** (.NET 6.0, .NET Core 3.1, kernel, and kernel-container), **Slackware** (rsync), and **SUSE** (canna, ceph, chromium, curl, kernel, opera, python-Twisted, and seamonkey). ⌘ [Read more](https://lwn.net/Articles/904842/) 2022-08-16T21:34:27Z **[$] From late-bound arguments to deferred computation, part 1**
Back in November, we [looked](https://lwn.net/Articles/875441/) at a Python proposal
to have function arguments with defaults that get
evaluated when the function is called, rather than when it is defined.
The article suggested that the discussion surrounding the proposal was
likely to continue on for a ways—which it did—but it had died down by the
end of last year. That all changed in mid-June, when the already voluminous
discussion of the feature picked up again; once aga ... ⌘ [Read more](https://lwn.net/Articles/904777/) 2022-08-17T13:39:12Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (epiphany-browser, net-snmp, webkit2gtk, and wpewebkit), **Fedora** (python-yara and yara), **Red Hat** (kernel and kpatch-patch), **SUSE** (ceph, compat-openssl098, java-1\_8\_0-openjdk, kernel, python-Twisted, rsync, and webkit2gtk3), and **Ubuntu** (pyjwt and unbound). ⌘ [Read more](https://lwn.net/Articles/904955/) 2022-08-17T13:46:10Z **Three big stable kernel updates**
The massive
[5.19.2](https://lwn.net/Articles/904957/) (1,157 patches),
[5.18.18](https://lwn.net/Articles/904958/) (1,094 patches), and
[5.15.61](https://lwn.net/Articles/904959/) (778 patches)
stable updates have been released; each contains a lot of important
fixes. ⌘ [Read more](https://lwn.net/Articles/904956/) 2022-08-17T22:18:16Z **[$] Tornado Cash and collateral damage**
On August 8, the US government [sanctioned](https://home.treasury.gov/news/press-releases/jy0916)
the [Tornado Cash](https://en.wikipedia.org/wiki/Tornado_Cash)
cryptocurrency
mixer for money laundering. The sanction means that no US citizen or
company can interact with Tornado Cash in any way, all assets of the
organization are to be reported so that they can be seized, and more. But
at the core of Tornado Cash is a chunk of open-source code for " [smart contracts](https://en.wikipedia.org/wiki/ ... ⌘ [Read more](https://lwn.net/Articles/904960/) 2022-08-18T01:17:56Z **[$] LWN.net Weekly Edition for August 18, 2022**
The LWN.net Weekly Edition for August 18, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/904453/) 2022-08-18T13:32:33Z **Julia 1.8 released**
[Version\
1.8](https://julialang.org/blog/2022/08/julia-1.8-highlights/) of the Julia language has been released. Changes include typed
globals, a new default thread scheduler, some new profiling tools, and
more. ⌘ [Read more](https://lwn.net/Articles/905071/) 2022-08-18T13:30:35Z **Security updates for Thursday**
Security updates have been issued by **Debian** (chromium, epiphany-browser, freecad, and schroot), **Fedora** (freeciv, microcode\_ctl, qemu, and rsync), **Oracle** (httpd), **SUSE** (aws-efs-utils, python-ansi2html, python-py, python-pytest-html, python-pytest-metadata, python-pytest-rerunfailures, python-coverage, python-oniconfig, python-unittest-mixins, bluez, curl, gnutls, kernel, ntfs-3g\_ntfsprogs, podman, and ucode-intel), and **Ubuntu** (zlib). ⌘ [Read more](https://lwn.net/Articles/905072/) 2022-08-18T13:39:52Z **Krita 5.1.0 released**
[Version 5.1.0](https://krita.org/en/krita-5-1-release-notes/)
of the Krita painting program is out. "Krita 5.1 comes with a ton of
smaller improvements and technical polish. This release sees updates to
usability across the board, improved file format handling, and a whole lot
of changes to the selection and fill tools." ⌘ [Read more](https://lwn.net/Articles/905075/) 2022-08-18T14:19:20Z **LibreOffice 7.4 Community released**
[The Document Foundation](https://www.documentfoundation.org/) has [announced](https://blog.documentfoundation.org/blog/2022/08/18/libreoffice-7-4-community/) the release of LibreOffice 7.4 Community, which is the community-supported version of the open-source office suite. Version 7.4 comes with new features for the suite as a whole (WebP and EMZ/WMZ support, ...), the Writer word-processor (better change tracking and hyphenation settings, ...), the Calc spreadsheet (16K columns, ...), and more. "De ... ⌘ [Read more](https://lwn.net/Articles/905088/) 2022-08-18T14:26:21Z **[$] The growing image-processor unpleasantness**
There was a time when care had to be taking when buying hardware if the
goal was to run Linux on it. The situation has improved considerably in
recent decades, and unsupported hardware is more the exception than the
rule. That has, for many years, been especially true of Intel hardware;
that company has made a point of ensuring that its offerings work with
Linux. So it is a bit surprising that the IPU6 image processor shipped
with [Alder Lake](https://en.wikipedia.org/wiki/Alder_Lake) CPU ... ⌘ [Read more](https://lwn.net/Articles/904776/) 2022-08-19T13:43:19Z **Security updates for Friday**
Security updates have been issued by **Debian** (ruby-tzinfo), **Mageia** (nvidia-current and nvidia390), **SUSE** (python-PyYAML, ucode-intel, and zlib), and **Ubuntu** (linux-aws, postgresql-10, postgresql-12, postgresql-14, and rsync). ⌘ [Read more](https://lwn.net/Articles/905265/) 2022-08-19T14:28:29Z **[$] The ABI status of ELF hash tables**
It is fair to say that some projects are rather more concerned about
preserving ABI compatibility than others; the [GNU C Library](https://www.gnu.org/software/libc/) (glibc) project
stands out even among those that put a lot of effort into preserving
interface stability,
So it may be a bit surprising that a recent glibc change is being
blamed for breaking a number of applications, most of which are proprietary
games. There is, it seems, a class of glibc changes that can break
applications, but wh ... ⌘ [Read more](https://lwn.net/Articles/904892/) 2022-08-22T00:29:48Z **A set of stable kernels.**
The
[5.19.3](https://lwn.net/Articles/905531/),
[5.18.19](https://lwn.net/Articles/905532/),
[5.15.62](https://lwn.net/Articles/905533/), and
[5.10.137](https://lwn.net/Articles/905534/)
stable kernel updates have been released; each contains more important
fixes. The 5.18.x series ends with 5.18.19. ⌘ [Read more](https://lwn.net/Articles/905530/) 2022-08-22T00:58:07Z **Kernel prepatch 6.0-rc2**
The [second 6.0 kernel prepatch](https://lwn.net/Articles/905544/) is out for
testing. "The most noticeable fix in here is likely the virtio reverts that
fixed the problem people had with running tests on the google cloud
VMs, which was the 'pending issue' that we had noticed just as the
merge window was closing". ⌘ [Read more](https://lwn.net/Articles/905545/) 2022-08-22T13:47:01Z **Security updates for Monday**
Security updates have been issued by **Debian** (jetty9 and kicad), **Fedora** (community-mysql and trafficserver), **Gentoo** (chromium, gettext, tomcat, and vim), **Mageia** (apache-mod\_wsgi, libitrpc, libxml2, teeworlds, wavpack, and webkit2), **Red Hat** (podman), **Slackware** (vim), **SUSE** (java-1\_8\_0-openjdk, nodejs10, open-iscsi, rsync, and trivy), and **Ubuntu** (exim4). ⌘ [Read more](https://lwn.net/Articles/905590/) 2022-08-22T15:09:21Z **[$] LRU-list manipulation with DAMON**
The [DAMON](https://www.kernel.org/doc/html/latest/admin-guide/mm/damon/)
subsystem, which entered the
kernel during the 5.15 release cycle, uses various heuristics to determine
which pages of memory are in active use. Since the beginning, the intent
has been to use this information to influence memory management. The 6.0
kernel contains another step in this direction, giving DAMON the ability to
actively reorder pages on the kernel's least-recently-used (LRU) lists. ⌘ [Read more](https://lwn.net/Articles/905370/) 2022-08-22T17:13:58Z **public-inbox 1.9.0 released**
Version 1.9.0 of the public-inbox email archive manager has been released.
Improvements include a POP3 server, a new multi-protocol "superserver",
some search improvements, and performance improvements. (LWN [looked at public-inbox](https://lwn.net/Articles/748184/) in 2018). ⌘ [Read more](https://lwn.net/Articles/905628/) 2022-08-22T22:54:12Z **Linux Foundation TAB election: call for nominees**
The 2022 election for members of the Linux Foundation Technical Advisory
Board (TAB) will be held during the [Linux\
Plumbers Conference](https://lpc.events), September 12 to 14. The TAB represents
the kernel-development community to the Linux Foundation (and beyond) and
holds a seat on the Foundation's board of directors. The [call for nominees](https://lwn.net/ml/linux-kernel/87ilmj6gtt.fsf@meer.lwn.net/)
for this year's election has gone out; the deadline for nominations is
September ... ⌘ [Read more](https://lwn.net/Articles/905651/) 2022-08-23T03:47:13Z **EFF: Code, Speech, and the Tornado Cash Mixer**
The Electronic Frontier Foundation has [announced](https://www.eff.org/deeplinks/2022/08/code-speech-and-tornado-cash-mixer) that it is representing cryptography professor Matthew Green, who has [chosen to republish](https://twitter.com/matthew_d_green/status/1561813046338748417) the [sanctioned Tornado Cash open-source code](https://lwn.net/Articles/904960/) as a [GitHub repository](https://github.com/tornado-repositories).

> EFF’s most central concern about OFAC’s [US [Office of Foreign ... ⌘ [Read more](https://lwn.net/Articles/905663/) 2022-08-23T13:14:11Z **Security updates for Tuesday**
Security updates have been issued by **Oracle** (kernel and kernel-container), **SUSE** (bluez, gimp, rubygem-rails-html-sanitizer, systemd-presets-common-SUSE, and u-boot), and **Ubuntu** (libxslt). ⌘ [Read more](https://lwn.net/Articles/905730/) 2022-08-23T16:39:31Z **[$] The container orchestrator landscape**
[Docker and other container\
engines](https://lwn.net/Articles/902049/) can greatly simplify many aspects of deploying a server-side
application, but numerous applications consist of more than one container.
Managing a group of containers only gets harder as additional applications
and services are deployed; this has led to the development of a class of
tools called container orchestrators. The best-known of these by far is [Kubernetes](https://kubernetes.io); the history of container
orchestra ... ⌘ [Read more](https://lwn.net/Articles/905164/) 2022-08-23T21:22:36Z **Firefox 104 released**
[Version\
104](https://www.mozilla.org/en-US/firefox/104.0/releasenotes/) of the Firefox browser has been released. The most interesting
new feature, perhaps, is the ability to analyze a web site's power usage —
but that feature is not available on Linux. ⌘ [Read more](https://lwn.net/Articles/905788/) 2022-08-24T13:11:06Z **Security updates for Wednesday**
Security updates have been issued by **Fedora** (vim), **SUSE** (cosign, dpdk, freeciv, gfbgraph, kernel, nim, p11-kit, perl-HTTP-Daemon, python-lxml, and python-treq), and **Ubuntu** (linux-oem-5.14, open-vm-tools, and twisted). ⌘ [Read more](https://lwn.net/Articles/905853/) 2022-08-24T13:59:40Z **The future of NGINX**
[This\
blog post](https://www.nginx.com/blog/future-of-nginx-getting-back-to-open-source-roots/) on the NGINX corporate site describes the plans for this web
server project in the coming year.

> For the core NGINX Open Source software, we continue to add new
> features and functionality and to support more operating system
> platforms. Two critical capabilities for security and scalability
> of web applications and traffic, HTTP3 and QUIC, are coming in the
> next version we ship. ⌘ [Read more](https://lwn.net/Articles/905855/) 2022-08-24T14:16:32Z **[$] From late-bound arguments to deferred computation, part 2**
Discussion on [PEP 671](https://www.python.org/dev/peps/pep-0671/) ("Syntax
for late-bound function argument defaults") has been going on—in fits and
starts—since it was [introduced last\
October](https://lwn.net/Articles/875441/). The idea is to provide a way
to specify the default for a function argument that is evaluated in the
scope of the function
call, which will allow more concise, and visible, defaults. But there has
been a persistent complaint that what the
languag ... ⌘ [Read more](https://lwn.net/Articles/904900/) 2022-08-25T00:53:16Z **[$] LWN.net Weekly Edition for August 25, 2022**
The LWN.net Weekly Edition for August 25, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/905044/) 2022-08-25T13:56:12Z **Security updates for Thursday**
Security updates have been issued by **Debian** (firefox-esr, libxslt, and open-vm-tools), **Fedora** (dotnet6.0 and firefox), **Oracle** (curl, firefox, rsync, and thunderbird), **Red Hat** (curl, firefox, php:7.4, rsync, systemd, and thunderbird), **SUSE** (bluez, chromium, freerdp, glibc, gnutls, kernel, postgresql10, raptor, rubygem-rails-html-sanitizer, and spice), and **Ubuntu** (firefox, linux, linux-kvm, linux-lts-xenial, linux-aws, linux-azure-fde, open-vm-tools, and varnish). ⌘ [Read more](https://lwn.net/Articles/906055/) 2022-08-25T14:08:03Z **Stable kernel updates**
Greg Kroah-Hartman has released the [5.19.4](https://lwn.net/Articles/906060/),
[5.15.63](https://lwn.net/Articles/906061/), [5.10.138](https://lwn.net/Articles/906062/), [5.4.211](https://lwn.net/Articles/906063/), [4.19.256](https://lwn.net/Articles/906064/), [4.14.291](https://lwn.net/Articles/906065/), and [4.9.326](https://lwn.net/Articles/906066/) stable kernels. They all contain
important fixes throughout the kernel tree; users should upgrade. ⌘ [Read more](https://lwn.net/Articles/906059/) 2022-08-25T15:17:58Z **[$] Ushering out strlcpy()**
With all of the complex problems that must be solved in the kernel, one
might think that copying a string would draw little attention. Even with
the hazards that C strings present, simply moving some bytes should not be
all that hard. But string-copy functions have been a frequent subject of
debate over the years, with different variants being in fashion at times.
Now it seems that the BSD-derived [strlcpy()](https://man.openbsd.org/strlcpy.3) function
may finally be on its way out of the kernel. ⌘ [Read more](https://lwn.net/Articles/905777/) 2022-08-26T14:28:47Z **Security updates for Friday**
Security updates have been issued by **Debian** (zlib), **Fedora** (dotnet3.1, firefox, java-1.8.0-openjdk-aarch32, thunderbird, and zlib), **Mageia** (canna, chromium-browser-stable, dovecot, firefox/nss, freeciv, freetype2, gnutls, kernel, kernel-linus, kicad, ldb/samba/sssd, libgsasl, microcode, nodejs, rsync, thunderbird, and unbound), **Oracle** (php:7.4 and systemd), **Scientific Linux** (firefox, rsync, systemd, and thunderbird), **Slackware** (vim), and **SUSE** (bluez, gstreamer-plugins-good, java- ... ⌘ [Read more](https://lwn.net/Articles/906232/) 2022-08-26T14:41:53Z **[$] Toward a better definition for i_version**
Filesystems maintain a lot of metadata about the files they hold; most of
this metadata is for consumption by user space. Some metadata, though,
stays buried within the filesystem and is not visible outside of the
kernel. Once such
piece of metadata is the file version count, known as i\_version.
Current efforts to change how i\_version is managed — and to make
it visible to user space — have engendered a debate on what
i\_version actually means and what its behavior should be. ⌘ [Read more](https://lwn.net/Articles/905931/) 2022-08-28T22:40:07Z **Kernel prepatch 6.0-rc3**
The [6.0-rc3](https://lwn.net/Articles/906314/) kernel prepatch is out for
testing.

> So as some people already noticed, last week was an anniversary
> week - 31 years since the original Linux development
> announcement. How time flies.
>
> But this is not that kind of historic email - it's just the regular
> weekly RC release announcement, and things look pretty normal. ⌘ [Read more](https://lwn.net/Articles/906315/) 2022-08-29T14:03:48Z **Security updates for Monday**
Security updates have been issued by **Debian** (curl, exim4, maven-shared-utils, ndpi, puma, webkit2gtk, and wpewebkit), **Fedora** (dotnet3.1, firefox, and webkit2gtk3), **Mageia** (clamav, mariadb, net-snmp, postgresql, python-ldap, and thunderbird), **SUSE** (freeciv, gnutls, keepalived, libyang, nim, python-Django, and varnish), and **Ubuntu** (schroot). ⌘ [Read more](https://lwn.net/Articles/906355/) 2022-08-29T14:26:32Z **Two stable kernels**
Greg Kroah-Hartman has released the [5.19.5](https://lwn.net/Articles/906358/)
and [5.10.139](https://lwn.net/Articles/906359/) stable kernels to fix a [problem](https://lwn.net/ml/linux-kernel/9996285f-5a50-e56a-eb1c-645598381a20@kernel.org/)
stemming
from an incorrect merge of a [patch](https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=aac289653fa5adf9e9985e4912c1d24a3e8cbab2)
to the dummy-tools used for building kernels. ⌘ [Read more](https://lwn.net/Articles/906356/) 2022-08-29T15:10:52Z **[$] Crash recovery for user-space block drivers**
A new [user-space block driver mechanism](https://lwn.net/Articles/903855/)
entered the kernel during the 6.0 merge window. This subsystem, called
"ublk", uses [io\_uring](https://lwn.net/Articles/776703/) to communicate with
user-space drivers, resulting in some impressive performance numbers. Ublk
has a lot of interesting potential, but the current use cases for it are
not entirely clear. The recently posted [crash-recovery\
mechanism](https://lwn.net/ml/linux-kernel/20220824054744.778 ... ⌘ [Read more](https://lwn.net/Articles/906097/) 2022-08-30T13:33:02Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (thunderbird), **Fedora** (ctk, dcmtk, OpenImageIO, and varnish-modules), **Red Hat** (systemd), **SUSE** (libslirp, open-vm-tools, and opera), and **Ubuntu** (jupyter-notebook, libsdl1.2, and systemd). ⌘ [Read more](https://lwn.net/Articles/906461/) 2022-08-30T20:10:56Z **Git’s database internals II: commit history queries (GitHub blog)**
The GitHub blog has posted [a\
detailed look](https://github.blog/2022-08-30-gits-database-internals-ii-commit-history-queries/) at how Git stores the commit history to be able to
quickly answer queries.

> The commit-graph file provides a location for adding new
> information to our commits that do not exist in the commit object
> format by default. The new information that we store is called a
> _generation number_. There are multiple ways to compute a
> generatio ... ⌘ [Read more](https://lwn.net/Articles/906501/) 2022-08-30T20:20:07Z **Sourceware moving to the Software Freedom Conservancy**
[Sourceware.org](https://sourceware.org/) has long hosted the
repositories for many important free-software projects, including much of
the GNU toolchain. Frank Ch. Eigler has [posted](https://sourceware.org/pipermail/overseers/2022q3/018802.html)
about some changes coming to Sourceware:

> Red Hat has been and continues to be a generous sponsor of the
> hardware, connectivity, and the very modest employee time it
> requires. We are glad to report there are zero indications of an ... ⌘ [Read more](https://lwn.net/Articles/906502/) 2022-08-30T21:26:43Z **[$] Debian to vote on its firmware path**
Dealing with the non-free firmware that is increasingly needed to install
Debian has been a hot topic for the
distribution over the past few months. The [problem](https://lwn.net/Articles/843172/) goes [back](https://lwn.net/Articles/655519/) further
[still](https://lwn.net/Articles/304925/), of course, but Steve McIntyre [re-raised the \
issue](https://lwn.net/Articles/891767/) in April, which resulted in a predictable [lengthy discussion\
thread](https://lwn.net/ml/debian-devel/20220419002746. ... ⌘ [Read more](https://lwn.net/Articles/906380/) 2022-08-31T13:31:02Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (dpdk, net-snmp, php-horde-mime-viewer, php-horde-turba, and webkit2gtk), **Fedora** (rsync), **Oracle** (openssl and systemd), **Red Hat** (booth, kernel, kernel-rt, and openssl), **Slackware** (vim), **SUSE** (bluez, java-1\_8\_0-ibm, postgresql10, and zlib), and **Ubuntu** (kernel, linux, linux-raspi, linux-aws, and linux-oem-5.14). ⌘ [Read more](https://lwn.net/Articles/906579/) 2022-08-31T14:36:52Z **Git’s Database Internals III: File History Queries (GitHub blog)**
The GitHub blog series on how the Git database works continues with [this\
look at file-history queries](https://github.blog/2022-08-31-gits-database-internals-iii-file-history-queries/).

> If these history modes usually have the same output, then why
> wouldn’t we always use --full-history--simplify-merges? The reason is performance. Not only
> does simplified history speed up the query by skipping a large
> portion of commits, it also allows iterative output. The s ... ⌘ [Read more](https://lwn.net/Articles/906604/) 2022-08-31T16:34:48Z **A few more stable kernels**
The
[5.19.6](https://lwn.net/Articles/906629/),
[5.15.64](https://lwn.net/Articles/906630/), and
[5.10.140](https://lwn.net/Articles/906632/)
stable kernel updates have been released; each contains another set of
important fixes, as usual. ⌘ [Read more](https://lwn.net/Articles/906628/) 2022-08-31T21:14:51Z **[$] Python multi-level break and continue**
A fairly lengthy discussion of whether there should be a way to
break out of (or
continue) more than one level of nested loops in Python recently
took place in the [Ideas\
category](https://discuss.python.org/c/ideas/6) of the language's [discussion forum](https://discuss.python.org/). The idea is
attractive, at least in an abstract sense—some other languages support
jumping out of
multiple loops at once—but it seems unlikely to go anywhere for Python.
The barrier to new features is fairly hig ... ⌘ [Read more](https://lwn.net/Articles/906512/) 2022-09-01T02:16:43Z **[$] LWN.net Weekly Edition for September 1, 2022**
The LWN.net Weekly Edition for September 1, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/906067/) 2022-09-01T13:49:06Z **Security updates for Thursday**
Security updates have been issued by **Fedora** (pdns-recursor, thunderbird, and vim), **Gentoo** (firefox, thunderbird-bin, virtualbox, and webkit-gtk), **Red Hat** (convert2rhel), **SUSE** (gstreamer-plugins-good, open-vm-tools, postgresql12, rsync, and ucode-intel), and **Ubuntu** (linux-azure, linux-gcp, linux-hwe). ⌘ [Read more](https://lwn.net/Articles/906778/) 2022-09-01T14:34:49Z **[$] A framework for code tagging**
Kernel code can, at times, be quite inward looking; it often refers to
itself. To enable this introspection, the kernel has evolved several
mechanisms for identifying specific locations in the code and carrying out
actions related to those locations. The [code-tagging\
framework](https://lwn.net/ml/linux-kernel/20220830214919.53220-1-surenb@google.com/) patch set, posted by Suren Baghdasaryan and Kent Overstreet,
is an attempt to replace various _ad hoc_ implementations with a
single framework, and to ... ⌘ [Read more](https://lwn.net/Articles/906660/) 2022-09-02T12:32:23Z **Security updates for Friday**
Security updates have been issued by **CentOS** (firefox, rsync, systemd, and thunderbird), **Debian** (chromium, dpdk, and sofia-sip), **Fedora** (kernel, thunderbird, and zlib), **Red Hat** (pcs and rh-mariadb103-galera and rh-mariadb103-mariadb), **Slackware** (poppler), **SUSE** (cifs-utils, curl, dwarves and elfutils, firefox, flatpak, gnutls, gpg2, harfbuzz, ignition, kernel, ldb, samba, libslirp, libsolv, libzypp, zypper, libtirpc, logrotate, mozilla-nss, ncurses, open-vm-tools, openssl-1\_1, p11-kit ... ⌘ [Read more](https://lwn.net/Articles/906973/) 2022-09-02T14:01:02Z **[$] What's in a (type) name?**
The [kernel's manual\
pages](https://www.kernel.org/doc/man-pages/) are in a bit of an interesting position. They
are managed as a separate project, distinct from the kernel's
documentation, and have the task of documenting both the kernel's
system-call interface and the wrappers for that interface provided by the C
library. Sometimes the two objectives come into conflict, as can be seen
in a discussion that has been playing out over the course of the last year
on whether to use C standard type names to de ... ⌘ [Read more](https://lwn.net/Articles/906496/) 2022-09-02T23:23:50Z **Arti 1.0.0 released**
Arti is a reimplementation of the Tor server in Rust; [version 1.0.0](https://blog.torproject.org/arti_100_released/) has
just been released and proclaimed ready for production use.

> When we defined our set of milestones, we defined Arti 1.0.0 as
> "ready for production use": You should be able to use it in the
> real world, to get a similar degree of privacy, usability, and
> stability to what you would with a C client Tor. The APIs should be
> (more or less) stable for embedders.
>
> We believe we have achi ... ⌘ [Read more](https://lwn.net/Articles/907023/) 2022-09-04T14:22:00Z **Peter Eckersley RIP**
Peter Eckersley, one of the original founders of the [Let's Encrypt](https://letsencrypt.org/) non-profit TLS certificate authority, has died suddenly, as [reported by Seth Schoen](https://community.letsencrypt.org/t/peter-eckersley-may-his-memory-be-a-blessing/183854):

> Peter was the leader of EFF's contributions to Let's Encrypt and ACME over the course of several years during which these technologies turned from a wild idea into an important part of Internet infrastructure. He also took a lot of initiative in ... ⌘ [Read more](https://lwn.net/Articles/907114/) 2022-09-04T21:09:44Z **Kernel prepatch 6.0-rc4**
The [6.0-rc4](https://lwn.net/Articles/907126/) kernel prepatch is out for
testing. "We're up to rc4, and things mostly still look fairly
normal".

Beyond the usual fixes, 6.0-rc4 includes one feature change: [a hook](https://git.kernel.org/linus/2a5840124009) to allow
security modules to control access to the io\_uring command pass-through
mechanism. See [this article](https://lwn.net/Articles/902466/) for the
background behind this late-arriving change. ⌘ [Read more](https://lwn.net/Articles/906672/) 2022-09-05T14:24:29Z **Security updates for Monday**
Security updates have been issued by **Debian** (flac, ghostscript, libmodbus, qemu, rails, ruby-rack, and thunderbird), **Fedora** (kernel, kernel-headers, kernel-tools, libtar, qt5-qtwebengine, subscription-manager-cockpit, tcpreplay, and vim), **Mageia** (chromium-browser-stable, webkit2, and ytnef), **SUSE** (curl, firefox, freerdp, gdk-pixbuf, ImageMagick, json-c, libgda, php-composer2, and python-pyxdg), and **Ubuntu** (libzstd, linux-aws, linux-aws-5.4, linux-azure-5.4, and linux-oem-5.17). ⌘ [Read more](https://lwn.net/Articles/907201/) 2022-09-05T14:52:52Z **Seven new stable kernels**
Monday's crop of stable kernels consists of [5.19.7](https://lwn.net/Articles/907203/), [5.15.65](https://lwn.net/Articles/907204/), [5.10.141](https://lwn.net/Articles/907205/), [5.4.212](https://lwn.net/Articles/907206/), [4.19.257](https://lwn.net/Articles/907207/), [4.14.292](https://lwn.net/Articles/907208/), and [4.9.327](https://lwn.net/Articles/907209/). They are relatively small updates,
but still contain important fixes in various parts of the kernel tree;
users of those series should upgrade. ⌘ [Read more](https://lwn.net/Articles/907202/) 2022-09-05T15:05:19Z **[$] Concurrent page-fault handling with per-VMA locks**
The kernel is, in many ways, a marvel of scalability, but there is a
longstanding pain point in the memory-management subsystem that has
resisted all attempts at elimination: the mmap\_lock. This lock
was [inevitably a topic](https://lwn.net/Articles/893906/) at the [2022 Linux\
Storage, Filesystem, Memory-Management and BPF Summit](https://lwn.net/Articles/lsfmm2022/) (LSFMM), where the idea of
using per-VMA locks was raised. Suren Baghdasaryan has [posted\
an implementation of th ... ⌘ [Read more](https://lwn.net/Articles/906852/) 2022-09-06T07:10:11Z **OpenWrt 22.03.0 released**
[Version\
22.03.0](https://openwrt.org/releases/22.03/notes-22.03.0) of the OpenWrt distribution for routers (and beyond) has been
released. "It incorporates over 3800 commits since branching the
previous OpenWrt 21.02 release and has been under development for about one
year". Changes include a new firewall implementation using nftables,
year-2032 readiness, dark mode in the LuCI web-based administration tool,
and support for many more devices. ⌘ [Read more](https://lwn.net/Articles/907238/) 2022-09-06T08:46:50Z **Security updates for Tuesday**
Security updates have been issued by **Red Hat** (pcs), **SUSE** (389-ds and firefox), and **Ubuntu** (linux-hwe-5.4 and linux-oracle). ⌘ [Read more](https://lwn.net/Articles/907275/) 2022-09-06T08:51:46Z **Gawk 5.2.0 released**
Version 5.2.0 of the GNU Awk implementation is out. The biggest change,
perhaps, is the addition of "persistent memory" support that allows gawk to
keep values around between runs. Old-timers will be disappointed by
the removal of VAX/VMS support. ⌘ [Read more](https://lwn.net/Articles/907278/) 2022-09-06T16:27:14Z **[$] A look at Linux Mint 21**
[Linux Mint](https://linuxmint.com) 21 "Vanessa" was released
on July 31. There are no real headline-grabbing features that come
with the new release, as the project generally seeks to make incremental
changes, rather than larger, potentially disruptive ones.
Changes in this release include a new Bluetooth manager that brings several
improvements, driverless printing and scanning
by default, a process monitor to inform the user
about resource-intensive background tasks, new functionality for the
Timeshift s ... ⌘ [Read more](https://lwn.net/Articles/906859/) 2022-09-07T09:40:56Z **Security updates for Wednesday**
Security updates have been issued by **Fedora** (curl, protobuf-c, and vim) and **SUSE** (gimp, java-1\_8\_0-openj9, libostree, openvswitch, python-bottle, python-Flask-Security-Too, and zabbix). ⌘ [Read more](https://lwn.net/Articles/907382/) 2022-09-07T16:33:37Z **[$] Lazy imports for Python**
Starting a Python application typically results in a flurry of imports as
modules from various locations (and the modules they import) get added
into the application process. All of that occurs before the application
even gets started doing whatever it is the user actually launched it for;
that delay can be significant—and annoying. Beyond that, many of those
imports may not be necessary at all for the code path being followed, so
eagerly doing the import is purely wasted time. A proposal back in May
would ... ⌘ [Read more](https://lwn.net/Articles/907226/) 2022-09-08T00:06:16Z **[$] LWN.net Weekly Edition for September 8, 2022**
The LWN.net Weekly Edition for September 8, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/906796/) 2022-09-08T13:59:07Z **Security updates for Thursday**
Security updates have been issued by **Debian** (libgoogle-gson-java), **Fedora** (autotrace, insight, and open-vm-tools), **Oracle** (open-vm-tools), **Red Hat** (open-vm-tools, openvswitch2.13, openvswitch2.15, openvswitch2.16, openvswitch2.17, ovirt-host, and rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon), **Scientific Linux** (open-vm-tools), **Slackware** (python3), **SUSE** (clamav, gdk-pixbuf, gpg2, icu, ImageMagick, java-1\_8\_0-ibm, libyajl, mariadb, udisks2, webkit2gtk3, and yast2-samba-prov ... ⌘ [Read more](https://lwn.net/Articles/907508/) 2022-09-08T18:25:29Z **[$] The transparent huge page shrinker**
Huge pages are a mechanism implemented by the CPU that allows the management
of memory in larger chunks. Use of huge pages can increase performance
significantly, which is why the kernel has a "transparent huge page"
mechanism to try to create them when possible. But a huge page will only
be helpful if most of the memory contained within it is actually in use;
otherwise it is just an expensive waste of memory. [This patch\
set](https://lwn.net/ml/linux-kernel/cover.1661461643.git.alexlzhu@fb.com/ ... ⌘ [Read more](https://lwn.net/Articles/906511/) 2022-09-08T19:52:44Z **New stable kernels**
Greg Kroah-Hartman has announced the release of the [5.19.8](https://lwn.net/Articles/907523/), [5.15.66](https://lwn.net/Articles/907524/), and [5.10.142](https://lwn.net/Articles/907525/). As usual, those contain important
fixes throughout the kernel tree. Immediately thereafter, he released
[5.15.67](https://lwn.net/Articles/907526/) to fix a permissions problem on a
kernel build script. ⌘ [Read more](https://lwn.net/Articles/907522/) 2022-09-09T12:20:44Z **Security updates for Friday**
Security updates have been issued by **Fedora** (mediawiki), **SUSE** (libEMF, libnl-1\_1, libnl3, mariadb, nodejs16, php8-pear, postgresql12, and rubygem-rake), and **Ubuntu** (linux-raspi, linux-raspi-5.4, and tiff). ⌘ [Read more](https://lwn.net/Articles/907573/) 2022-09-09T13:46:55Z **[$] Compiling Rust with GCC: an update**
While the Rust language has appeal for kernel development, many developers are
concerned by the fact that there is only one compiler available; there are
many reasons why a second implementation would be desirable. At the 2022
[Kangrejos](https://kangrejos.com/) gathering, three developers
described projects to build Rust
programs with GCC in two different ways. A fully featured, GCC-based Rust
implementation is still going to take some time, but rapid progress is
being made. ⌘ [Read more](https://lwn.net/Articles/907405/) 2022-09-12T06:56:46Z **Kernel prepatch 6.0-rc5**
Linus has released [6.0-rc5](https://lwn.net/Articles/907730/) for testing.
"Nothing looks particularly scary, so jump right in". ⌘ [Read more](https://lwn.net/Articles/907729/) 2022-09-12T10:55:26Z **Security updates for Monday**
Security updates have been issued by **Debian** (gdk-pixbuf, libxslt, linux-5.10, paramiko, and zlib), **Fedora** (webkit2gtk3), **Mageia** (gstreamer1.0-plugins-good, jupyter-notebook, kernel, and rpm), **Slackware** (vim), **SUSE** (bluez, clamav, freetype2, frr, gdk-pixbuf, keepalived, libyang, nodejs16, python-PyYAML, qpdf, samba, and vim), and **Ubuntu** (linux-azure-fde and tiff). ⌘ [Read more](https://lwn.net/Articles/907770/) 2022-09-12T11:47:59Z **[$] A pair of Rust kernel modules**
The idea of being able to write kernel code in the Rust language has a
certain appeal, but it is hard to judge how well that would actually work
in the absence of examples to look at. Those examples, especially for
modules beyond the "hello world" level of complexity, have been somewhat
scarce, but that is beginning to change. At the 2022 Kangrejos gathering
in Oviedo, Spain, two developers presented the modules they have developed
and some lessons that have been learned from this exercise. ⌘ [Read more](https://lwn.net/Articles/907685/) 2022-09-13T14:23:44Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (connman and python-oslo.utils), **Fedora** (libapreq2), **Red Hat** (booth, gnupg2, kernel, kernel-rt, mariadb:10.3, nodejs:14, nodejs:16, python3, ruby:2.7, and ruby:3.0), **SUSE** (chromium, opera, python2-numpy, and rubygem-kramdown), and **Ubuntu** (poppler). ⌘ [Read more](https://lwn.net/Articles/907869/) 2022-09-13T17:10:36Z **[$] LXC and LXD: a different container story**
[OCI containers](https://lwn.net/Articles/902049/) are the most popular type
of Linux container, but they are not the only type, nor were they the
first. [LXC](https://linuxcontainers.org/) (short for "LinuX
Containers") predates Docker by several years, though it was also not the
first. LXC dates back to its first release in 2008; the [earliest version of\
Docker](https://github.com/moby/moby/tree/v0.1.0), which was tagged in 2013, was actually a wrapper around LXC.
The LXC project is stil ... ⌘ [Read more](https://lwn.net/Articles/907613/) 2022-09-14T11:31:37Z **Security updates for Wednesday**
Security updates have been issued by **CentOS** (open-vm-tools), **Debian** (freecad and sqlite3), **Fedora** (qt5-qtwebengine and vim), **SUSE** (firefox, kernel, libzapojit, perl, postgresql14, and samba), and **Ubuntu** (dotnet6, dpdk, gdk-pixbuf, rust-regex, and systemd). ⌘ [Read more](https://lwn.net/Articles/907983/) 2022-09-14T11:38:57Z **[$] A Python security fix breaks (some) bignums**
Typically, an urgent security release of a project is not for a
two-year-old CVE, but such is the case for a [recent\
Python release](https://discuss.python.org/t/python-versions-3-10-7-3-9-14-3-8-14-3-7-14-now-available/18844/1) of four versions of the language. The bug is a
denial of service (DoS) that can be caused by converting enormous numbers to
strings—or vice versa—but it was not deemed serious enough to fix
when it
was first
reported. Evidently more recent reports, including a r ... ⌘ [Read more](https://lwn.net/Articles/907572/) 2022-09-14T17:45:15Z **Unicode 15 released**
[Version\
15](https://blog.unicode.org/2022/09/announcing-unicode-standard-version-150.html) of the Unicode standard has been released.

> This version adds 4,489 characters, bringing the total to 149,186
> characters. These additions include two new scripts, for a total of
> 161 scripts, along with 20 new emoji characters, and 4,193 CJK
> (Chinese, Japanese, and Korean) ideographs. ⌘ [Read more](https://lwn.net/Articles/908032/) 2022-09-14T23:12:40Z **[$] LWN.net Weekly Edition for September 15, 2022**
The LWN.net Weekly Edition for September 15, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/907454/) 2022-09-15T12:42:04Z **Security updates for Thursday**
Security updates have been issued by **Debian** (nova, pcs, and rails), **Fedora** (firejail, moby-engine, and pspp), **Oracle** (.NET 6.0, gnupg2, kernel, python3, and rsyslog rsyslog7), **Red Hat** (.NET 6.0 and .NET Core 3.1), **SUSE** (kernel), and **Ubuntu** (intel-microcode, poppler, and webkit2gtk). ⌘ [Read more](https://lwn.net/Articles/908137/) 2022-09-15T12:54:57Z **New stable kernels**
Greg Kroah-Hartman has announced the release of the [5.19.9](https://lwn.net/Articles/908139/), [5.15.68](https://lwn.net/Articles/908140/), [5.10.143](https://lwn.net/Articles/908141/), [5.4.213](https://lwn.net/Articles/908142/), [4.19.258](https://lwn.net/Articles/908143/), [4.14.293](https://lwn.net/Articles/908144/), and [4.9.328](https://lwn.net/Articles/908145/) stable kernels. As usual, they
contain important fixes throughout the kernel tree; users of those series
should upgrade. ⌘ [Read more](https://lwn.net/Articles/908138/) 2022-09-15T13:42:18Z **[$] The perils of pinning**
Parts of the Rust language may look familiar to C programmers, but the two
languages differ in fundamental ways. One difference that turns out to be
problematic for kernel programming is the stability of data in memory — or
the lack thereof. A challenging session at the [2022 Kangrejos](https://kangrejos.com) conference wrestled with
ways to deal with objects that should not be moved behind the programmer's
back. ⌘ [Read more](https://lwn.net/Articles/907876/) 2022-09-16T11:53:15Z **Security updates for Friday**
Security updates have been issued by **Debian** (bzip2, chromium, glib2.0, libraw, mariadb-10.3, and mod-wsgi), **Fedora** (kdiskmark, wordpress, and zlib), **Oracle** (.NET 6.0, .NET Core 3.1, mariadb:10.3, nodejs:14, nodejs:16, ruby:2.7, and ruby:3.0), **Red Hat** (.NET 6.0, php:7.4, and webkit2gtk3), **SUSE** (389-ds, flatpak, kernel, libgit2, and thunderbird), and **Ubuntu** (sqlite3, vim, and wayland). ⌘ [Read more](https://lwn.net/Articles/908297/) 2022-09-16T12:05:28Z **[$] The road to Zettalinux**
Nobody should need more memory than a 64-bit pointer can address — or so
developers tend to think. The range covered by a pointer of that size
seems to be nearly infinite. During the Kernel Summit track at the [2022 Linux Plumbers Conference](https://lpc.events/), Matthew
Wilcox took the stage to make the point that 64 bits may turn out to
be too few — and sooner than we think. It is not too early to start
planning for 128-bit Linux systems, which he termed "ZettaLinux", and we
don't want to find ourselves w ... ⌘ [Read more](https://lwn.net/Articles/908026/) 2022-09-19T06:07:53Z **Kernel prepatch 6.0-rc6**
The [6.0-rc6](https://lwn.net/Articles/908559/) kernel prepatch is out for
testing.

> So this is an artificially small -rc release, because this past
> week we had the Maintainers' Summit in Dublin (along with OSS EU
> and LPC 2022), so we've had a lot of maintainers traveling.
>
> Or - putting my ridiculously optimistic hat on - maybe things are
> just so nice and stable that there just weren't all that many
> fixes? ⌘ [Read more](https://lwn.net/Articles/908560/) 2022-09-19T06:25:42Z **An X11 Apologist Tries Wayland (artemis.sh)**
The artemis.sh blog has [a\
detailed review](https://artemis.sh/2022/09/18/wayland-from-an-x-apologist.html) of the state of Wayland compared to X.org.

> It feels fantastic. It even made my software cursor
> not feel so softwarey, which I’ve never experienced with a software
> cursor before. I have a pretty bad GPU, but on a higher end card
> you’d get a huge benefit to this in games. If your card can render
> the game many times faster than your monitor refresh rate, you can
> unlock ... ⌘ [Read more](https://lwn.net/Articles/908561/) 2022-09-19T13:43:09Z **Security updates for Monday**
Security updates have been issued by **Debian** (connman and e17), **Fedora** (curl, open-vm-tools, pcs, and python-lxml), **Mageia** (curl, dpkg, freecad, gimp, libtar, libtiff, mediawiki, ostree, python-lxml, schroot, SDL12, sdl2, wireshark, and zlib), **Oracle** (kernel and php:7.4), **Red Hat** (php:7.4), **Slackware** (vim), **SUSE** (chromium, kernel, libarchive, libtirpc, mupdf, python-rsa, ruby2.5, and virtualbox), and **Ubuntu** (linux-intel-iotg). ⌘ [Read more](https://lwn.net/Articles/908627/) 2022-09-19T16:56:33Z **[$] The 2022 Linux Kernel Maintainers Summit**
After a two-year hiatus, the 2022 Linux Kernel Maintainers Summit returned
to an in-person format in Dublin, Ireland on September 15. Around 30
kernel developers discussed a number of process-related issues relating to
the kernel community. LWN had the privilege of being there and is able,
once again, to report from the event. This years sessions included
discussions of regression handling, the imminent merging of Rust support,
BPF, the kernel development process, and more. ⌘ [Read more](https://lwn.net/Articles/908320/) 2022-09-20T13:26:16Z **Another round of stable kernel updates**
The
[5.19.10](https://lwn.net/Articles/908781/),
[5.15.69](https://lwn.net/Articles/908782/),
[5.10.144](https://lwn.net/Articles/908783/),
[5.4.214](https://lwn.net/Articles/908784/),
[4.19.259](https://lwn.net/Articles/908785/),
[4.14.294](https://lwn.net/Articles/908786/), and
[4.9.329](https://lwn.net/Articles/908787/)
stable kernel updates have all been released; each contains another set of
important fixes. ⌘ [Read more](https://lwn.net/Articles/908780/) 2022-09-20T13:22:58Z **Security updates for Tuesday**
Security updates have been issued by **Fedora** (dokuwiki and rizin), **SUSE** (libcontainers-common, permissions, sqlite3, and wireshark), and **Ubuntu** (tiff, vim, and xen). ⌘ [Read more](https://lwn.net/Articles/908779/) 2022-09-20T21:08:20Z **[$] Introducing io_uring_spawn**
The traditional mechanism for launching a program in a new process on Unix
systems—forking and execing—has been with us for decades, but it is not
really the most efficient of operations. Various alternatives have been
tried along the way but have not supplanted the traditional approach. A new
mechanism created by Josh Triplett adds process creation
to the [io\_uring asynchronous I/O API](https://lwn.net/Articles/776703/) and
shows great promise; he came to the [2022\
Linux Plumbers Conference](https://l ... ⌘ [Read more](https://lwn.net/Articles/908268/) 2022-09-20T23:09:35Z **Debian's firmware vote**
The Debian project [has begun voting](https://lwn.net/ml/debian-vote/YyZXnYNs1rXDCDY0@roeckx.be/) on
changes to its approach to firmware needed to install a working
distribution. The original ballot option described in [this article](https://lwn.net/Articles/906380/) is still there, but this is
Debian so there are several others as well. Some of the additions include
changes to the Debian Social Contract that explicitly allow the shipping of
firmware needed to use Debian on hardware requiring that firmware. ⌘ [Read more](https://lwn.net/Articles/908825/) 2022-09-21T13:26:33Z **Security updates for Wednesday**
Security updates have been issued by **Fedora** (libconfuse, moodle, rizin, and thunderbird), **Oracle** (ELS kernel, gnupg2, ruby, and webkit2gtk3), **Red Hat** (booth, dbus-broker, gnupg2, kernel, kernel-rt, kpatch-patch, mysql, nodejs, nodejs-nodemon, ruby, and webkit2gtk3), **Slackware** (expat and mozilla), **SUSE** (kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container and vsftpd), and **Ubu ... ⌘ [Read more](https://lwn.net/Articles/908893/) 2022-09-21T14:24:35Z **Rendered linux-next documentation on kernel.org**
Konstantin Ryabitsev has [announced](https://lwn.net/ml/linux-doc/20220919210403.jxvql3lwpeyhz7h4@meerkat.local/)
the availability of [rendered\
documentation from linux-next](https://docs.kernel.org/next/) on kernel.org. This will be useful for
anybody wanting to see what the documentation for the next kernel release
will look like. ⌘ [Read more](https://lwn.net/Articles/908911/) 2022-09-21T18:11:11Z **GNOME 43 released**
Version 43 of the GNOME desktop environment has been released; see [the release notes](https://release.gnome.org/43/) for details.

> This latest GNOME release comes with improvements across the board,
> ranging from a new quick settings menu, a redesigned Files app, and
> hardware security integration. GNOME 43 continues the trend of
> GNOME apps migrating from GTK 3 to GTK 4, and includes many other
> smaller enhancements. ⌘ [Read more](https://lwn.net/Articles/908928/) 2022-09-21T22:41:03Z **[$] Two visions for the future of sourceware.org**
Public hosting systems for free software have come and gone over the years
but one of them, [Sourceware](https://sourceware.org/), has been
supporting the development of most of the GNU toolchain for nearly
25 years.
Recently, [an application](https://lwn.net/Articles/906502/) was made to bring
Sourceware under the umbrella of the Software Freedom Conservancy (SFC), at least for
fundraising purposes. It turns out that there is a separate initiative,
developed in secret until now, with a ... ⌘ [Read more](https://lwn.net/Articles/908638/) 2022-09-22T01:14:49Z **[$] LWN.net Weekly Edition for September 22, 2022**
The LWN.net Weekly Edition for September 22, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/908080/) 2022-09-22T13:25:27Z **Security updates for Thursday**
Security updates have been issued by **Debian** (e17, fish, mako, and tinygltf), **Fedora** (mingw-poppler), **Mageia** (firefox, google-gson, libxslt, open-vm-tools, redis, and sofia-sip), **Oracle** (dbus-broker, kernel, kernel-container, mysql, and nodejs and nodejs-nodemon), **Slackware** (bind), **SUSE** (cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-imp ... ⌘ [Read more](https://lwn.net/Articles/909051/) 2022-09-22T14:51:42Z **Rust 1.64.0 released**
[Version\
1.64.0](https://blog.rust-lang.org/2022/09/22/Rust-1.64.0.html) of the Rust language has been released. Changes include the
stabilization of the [IntoFuture\
trait](https://doc.rust-lang.org/std/future/trait.IntoFuture.html), easier access to C-compatible types, the availability of
[rust-analyzer](https://rust-analyzer.github.io/) via
rustup, and more. ⌘ [Read more](https://lwn.net/Articles/909085/) 2022-09-22T22:45:32Z **[$] Safer flexible arrays for the kernel**
At the 2022 [Linux\
Security Summit Europe](https://events.linuxfoundation.org/linux-security-summit-europe/) (LSS EU), Gustavo A. R. Silva reported in on
work he has been doing on "flexible" arrays in the kernel. While these
arrays provide some ... flexibility ... they are also a source of bugs,
which
can often result in security vulnerabilities. He has been working on ways
to make the use of flexible arrays safer in the kernel. ⌘ [Read more](https://lwn.net/Articles/908817/) 2022-09-23T13:54:17Z **Security updates for Friday**
Security updates have been issued by **Debian** (bind9, expat, firefox-esr, mediawiki, and unzip), **Fedora** (qemu and thunderbird), **Oracle** (webkit2gtk3), **SUSE** (ardana-ansible, ardana-cobbler, ardana-tempest, grafana, openstack-heat-templates, openstack-horizon-plugin-gbp-ui, openstack-neutron-gbp, openstack-nova, python-Django1, rabbitmq-server, rubygem-puma, ardana-ansible, ardana-cobbler, grafana, openstack-heat-templates, openstack-murano, python-Django, rabbitmq-server, rubygem-puma, dpdk, fre ... ⌘ [Read more](https://lwn.net/Articles/909208/) 2022-09-23T14:09:02Z **Three new stable kernels**
The [5.19.11](https://lwn.net/Articles/909211/), [5.15.70](https://lwn.net/Articles/909212/), and [5.10.145](https://lwn.net/Articles/909213/) stable kernels are now available. As
usual, they contain important fixes throughout the kernel tree. ⌘ [Read more](https://lwn.net/Articles/909210/) 2022-09-23T14:50:57Z **[$] BPF as a safer kernel programming environment**
For better or worse, C is the _lingua franca_ in the world of kernel
engineering. The core logic of the Linux kernel is written entirely in
C (with a bit of assembly), as are its drivers and modules. While C is
rightfully celebrated for
its powerful yet simple semantics, it is an older language that lacks
many of the features present in modern languages such as
[Rust](https://lwn.net/Articles/907685/). The
[BPF](https://lwn.net/Articles/599755/) subsystem, on the other hand,
provides a ... ⌘ [Read more](https://lwn.net/Articles/909095/) 2022-09-23T15:06:12Z **Arch Linux drops Python 2**
Arch Linux has [announced](https://archlinux.org/news/removing-python2-from-the-repositories/)
that Python 2 is being removed from the distribution's repositories.
"If you still require the python2 package you can keep it around, but
please be aware that there will be no security updates." ⌘ [Read more](https://lwn.net/Articles/909226/) 2022-09-25T22:16:59Z **Kernel prepatch 6.0-rc7**
The [6.0-rc7](https://lwn.net/Articles/909391/) kernel prepatch is out for
testing.

> So I was thinking rc7 might end up larger than usual due to travel
> hitting rc6, but it doesn't really seem to have happened.
>
> Yeah, maybe it's marginally bigger than the historical average for
> this time of the release cycle, but it definitely isn't some
> outlier, and it looks fairly normal. Which is all good, and makes
> me think that the final release will happen right on schedule next
> weekend, unless something un ... ⌘ [Read more](https://lwn.net/Articles/909392/) 2022-09-26T13:35:01Z **Security updates for Monday**
Security updates have been issued by **Debian** (expat and poppler), **Fedora** (dokuwiki), **Gentoo** (fetchmail, grub, harfbuzz, libaacplus, logcheck, mrxvt, oracle jdk/jre, rizin, smarty, and smokeping), **Mageia** (tcpreplay, thunderbird, and webkit2), **SUSE** (dpdk, permissions, postgresql14, puppet, and webkit2gtk3), and **Ubuntu** (linux-gkeop and sosreport). ⌘ [Read more](https://lwn.net/Articles/909439/) 2022-09-26T14:31:27Z **[$] BPF for HID drivers**
The [Human\
Interface Device](https://en.wikipedia.org/wiki/Human_interface_device) (HID) standard dates back to the Windows 95 era.
It describes how devices like mice and keyboards present themselves to the
host computer, and has created a world where a single driver can handle a
wide variety of devices from multiple manufacturers. Or it would have, if
there weren't actual device manufacturers involved. In the real world,
devices stretch and break the standard, each in its own special way. At
the [2022 Linux P ... ⌘ [Read more](https://lwn.net/Articles/909109/) 2022-09-26T20:04:04Z **[$] Supporting CHERI capabilities in GCC and glibc**
The [CHERI\
architecture](https://www.cl.cam.ac.uk/research/security/ctsrd/cheri/) is the product of a research program to extend common
CPU architectures
in a way that prevents many types of memory-related bugs (and
vulnerabilities). At the [2022 GNU Tools Cauldron](https://gcc.gnu.org/wiki/cauldron2022),
Alex Coplan and Szabolcs Nagy described the work that has been done to
bring GCC and the GNU C Library (glibc) to this architecture. CHERI is a fundamentally
different approach to h ... ⌘ [Read more](https://lwn.net/Articles/909265/) 2022-09-27T13:22:13Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (dovecot and firefox-esr), **Fedora** (firefox and grafana), **Red Hat** (firefox and thunderbird), **Slackware** (dnsmasq and vim), **SUSE** (dpdk, firefox, kernel, libarchive, libcaca, mariadb, openvswitch, opera, permissions, podofo, snakeyaml, sqlite3, unzip, and vsftpd), and **Ubuntu** (expat, libvpx, linux-azure-fde, linux-oracle, squid, squid3, and webkit2gtk). ⌘ [Read more](https://lwn.net/Articles/909576/) 2022-09-27T13:53:46Z **Wuyts: Why async Rust**
Yoshua Wuyts gives [an overview of async\
Rust](https://blog.yoshuawuyts.com/why-async-rust/) and why it is interesting.

> Conversations around "why async" often focus on performance - a
> topic which is highly dependent on workloads, and results with
> people wholly talking past each other. While performance is not a
> bad reason to choose async Rust, we often we only notice
> performance when we experience a lack of it. So I want to instead
> on which features async Rust provides which aren't present in
> ... ⌘ [Read more](https://lwn.net/Articles/909578/) 2022-09-27T14:37:54Z **Bash 5.2 released**
Version 5.2 of the bash shell has been released.

> The most notable new feature is the rewritten command substitution
> parsing code, which calls the bison parser recursively. This
> replaces the ad-hoc parsing used in previous versions, and allows
> better syntax checking and catches syntax errors much earlier. The
> shell attempts to do a much better job of parsing and expanding
> array subscripts only once; this has visible effects in the \`unset'
> builtin, word expansions, conditional commands, and other ... ⌘ [Read more](https://lwn.net/Articles/909596/) 2022-09-27T16:50:33Z **LXD 5.6 released**
[Version\
5.6](https://discuss.linuxcontainers.org/t/lxd-5-6-has-been-released/15191) of the LXD container manager is out. Changes include the ability
to stream log messages to a Grafana Loki server, Infiniband support for
virtual machines, a restricted network access mode, and more. ⌘ [Read more](https://lwn.net/Articles/909604/) 2022-09-27T22:54:14Z **[$] Finding bugs with sanitizers**
Andrey Konovalov began his 2022 [Linux\
Security Summit Europe](https://events.linuxfoundation.org/linux-security-summit-europe/) (LSS EU) talk with a bold statement: "fuzzing is
useless". As might be guessed, he qualified that assertion quickly by
adding "without dynamic bug detectors". These bug detectors include
"sanitizers" of various sorts, such as the [Kernel Address\
Sanitizer](https://google.github.io/kernel-sanitizers/KASAN) (KASAN), but there are others. Konovalov looked in detail at KASAN
an ... ⌘ [Read more](https://lwn.net/Articles/909245/) 2022-09-28T13:14:26Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (gdal, maven-shared-utils, thunderbird, webkit2gtk, and wpewebkit), **Fedora** (firefox and libofx), **SUSE** (dpdk, firefox, flatpak, grafana, kernel, libcaca, and opera), and **Ubuntu** (ghostscript and linux-gcp-5.15). ⌘ [Read more](https://lwn.net/Articles/909676/) 2022-09-28T13:18:09Z **A pile of stable kernel updates**
The
[5.19.12](https://lwn.net/Articles/909678/),
[5.15.71](https://lwn.net/Articles/909679/),
[5.10.146](https://lwn.net/Articles/909680/),
[5.4.215](https://lwn.net/Articles/909681/),
[4.19.260](https://lwn.net/Articles/909682/),
[4.14.295](https://lwn.net/Articles/909684/), and
[4.9.330](https://lwn.net/Articles/909685/)
stable kernel updates have all been released; each contains another set of
important fixes. ⌘ [Read more](https://lwn.net/Articles/909677/) 2022-09-28T13:35:13Z **ALP prototype 'Les Droites' is to be expected later this week (openSUSE News)**
The openSUSE News site is [looking\
forward](https://news.opensuse.org/2022/09/26/alp-les-droites/) to the imminent preview release of the openSUSE ALP
distribution:

> As far as “Les Droites” goes, users can look forward to a SLE Micro
> like HostOS with self-healing abilities contributing to our
> OS-as-a-Service/ZeroTouch story. The Big Idea is that the user
> focuses on the application rather than the underlying host, which
> manages, heals, and self ... ⌘ [Read more](https://lwn.net/Articles/909687/) 2022-09-28T14:23:11Z **Announcing the GNU Toolchain Infrastructure Project**
The backers of the GNU Toolchain Infrastructure Project, which was the
subject of [an intense discussion](https://lwn.net/Articles/908638/) at the GNU
Tools Cauldron, have finally [posted\
their plans](https://sourceware.org/pipermail/overseers/2022q3/018896.html) publicly.

> Linux Foundation IT services plans for the GNU Toolchain include
> Git repositories, mailing lists, issue tracking, web sites, and
> CI/CD, implemented with strong authentication, attestation, and
> security ... ⌘ [Read more](https://lwn.net/Articles/909704/) 2022-09-28T21:35:47Z **[$] Progress for unprivileged containers**
Over the past few years, there has been quite a bit of progress in various
kernel features that can be used to create containers without requiring
privileges. Most of the containers these days run as root, which
means that a vulnerability leading to an escape from the container can
result in system compromise. Stéphane Graber gave a talk at the 2022 [Linux\
Security Summit Europe](https://events.linuxfoundation.org/linux-security-summit-europe/) (LSS EU) to fill in some of the details of work
t ... ⌘ [Read more](https://lwn.net/Articles/909627/) 2022-09-29T01:24:49Z **[$] LWN.net Weekly Edition for September 29, 2022**
The LWN.net Weekly Edition for September 29, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/909007/) 2022-09-29T15:20:50Z **Security updates for Thursday**
Security updates have been issued by **Debian** (chromium, lighttpd, and webkit2gtk), **Fedora** (firefox, gajim, libofx, and python-nbxmpp), **Gentoo** (bluez, chromium, expat, firefox, go, graphicsmagick, kitty, php, poppler, redis, thunderbird, and zutty), **Oracle** (firefox and thunderbird), **Red Hat** (kernel), **Slackware** (xorg), **SUSE** (expat, libostree, lighttpd, python3-lxml, rust1.62, slurm, slurm\_18\_08, and vsftpd), and **Ubuntu** (libxi, linux-gcp, postgresql-9.5, and sqlite3). ⌘ [Read more](https://lwn.net/Articles/909870/) 2022-09-29T15:44:11Z **[$] A call to reconsider address-space isolation**
When the kernel is running, it has access to its entire address space —
usually including all of physical memory — even
if only a small portion of that address space is actually needed. That
increases the kernel's vulnerability to speculative attacks. An [address-space\
isolation patch set](https://lwn.net/ml/linux-kernel/20220223052223.1202152-1-junaids@google.com/) aiming to change this situation has been
circulating for a few years, but has never been seriously considered for
merging ... ⌘ [Read more](https://lwn.net/Articles/909469/) 2022-09-29T19:37:09Z **[$] How to fix an ancient GDB problem**
The [GDB debugger](https://www.sourceware.org/gdb/) has a long
history; it was first created in 1986. It may thus be
unsurprising that some GDB development happens over relatively long time
frames but, even when taking that into account, the existence of an open
bug first [reported](https://sourceware.org/bugzilla/show_bug.cgi?id=9425) in
2007 may be a little surprising. At the [2022 GNU Tools Cauldron](https://gcc.gnu.org/wiki/cauldron2022),
GDB maintainer Pedro Alves talked about why this proble ... ⌘ [Read more](https://lwn.net/Articles/909496/) 2022-09-29T20:30:38Z **Weston 11.0: what's new, what's next (Collabora blog)**
Over on the Collabora blog, Marius Vlad [writes](https://www.collabora.com/news-and-blog/news-and-events/weston-11-whats-new-whats-next.html) about the recent
[Weston 11.0.0 release](https://lists.freedesktop.org/archives/wayland-devel/2022-September/042410.html). [Weston](https://gitlab.freedesktop.org/wayland/weston) is the reference compositor for the [Wayland](https://gitlab.freedesktop.org/wayland/wayland) display server protocol. Vlad looks at features of the release, includi ... ⌘ [Read more](https://lwn.net/Articles/909881/) 2022-09-30T14:07:43Z **Security updates for Friday**
Security updates have been issued by **Debian** (libsndfile and libvncserver), **Fedora** (bash), **Red Hat** (httpd24-httpd, java-1.7.1-ibm, and java-1.8.0-ibm), and **SUSE** (krb5-appl, libjpeg-turbo, python310, and slurm\_20\_02). ⌘ [Read more](https://lwn.net/Articles/909947/) 2022-09-30T14:39:35Z **[$] Hybrid scheduling gets more complicated**
Just over ten years ago, the Arm big.LITTLE architecture [posed a challenge](https://lwn.net/Articles/481055/) for the kernel's CPU
scheduler: how should processes be assigned to CPUs when not all CPUs have
the same capacity? The situation has not gotten simpler since then; new
systems bring new quirks that must be kept in mind for optimal scheduling.
At the [2022 Linux Plumbers Conference](https://lpc.events), Len
Brown and Ricardo Neri talked about Intel's hybrid systems and the work
that ... ⌘ [Read more](https://lwn.net/Articles/909611/) 2022-10-02T17:36:45Z **Debian's firmware vote results**
The [results](https://lwn.net/ml/debian-vote/E1oesY0-007xvq-Rd@vento.debian.org/) are
in on the Debian project's [general-resolution\
vote](https://www.debian.org/vote/2022/vote_003) regarding non-free firmware
in the installer image. The [winning option](https://www.debian.org/vote/2022/vote_003#texte)
allows the installer image to include firmware necessary to use the system:

> We will include non-free firmware packages from the
> "non-free-firmware" section of the Debian archive on our official
> m ... ⌘ [Read more](https://lwn.net/Articles/910065/) 2022-10-03T00:07:59Z **Kernel 6.0 released**
Linus has [released the 6.0 kernel](https://lwn.net/Articles/910086/) as
expected.

> So, as is hopefully clear to everybody, the major version number
> change is more about me running out of fingers and toes than it is
> about any big fundamental changes.
>
> But of course there's a lot of various changes in 6.0 - we've got
> over 15k non-merge commits in there in total, after all, and as
> such 6.0 is one of the bigger releases at least in numbers of
> commits in a while.

Headline features in 6.0 include
a num ... ⌘ [Read more](https://lwn.net/Articles/910087/) 2022-10-03T14:24:21Z **Security updates for Monday**
Security updates have been issued by **Debian** (chromium, gdal, kernel, libdatetime-timezone-perl, libhttp-daemon-perl, lighttpd, mariadb-10.3, node-thenify, snakeyaml, tinyxml, and tzdata), **Fedora** (enlightenment, kitty, and thunderbird), **Mageia** (expat, firejail, libjpeg, nodejs, perl-HTTP-Daemon, python-mako, squid, and thunderbird), **Scientific Linux** (firefox and thunderbird), **SUSE** (buildah, connman, cosign, expat, ImageMagick, python36, python39, slurm, and webkit2gtk3), and **Ubuntu** (l ... ⌘ [Read more](https://lwn.net/Articles/910161/) 2022-10-03T17:55:35Z **[$] Some 6.0 development statistics**
Linus Torvalds [released\
the 6.0 kernel](https://lwn.net/ml/linux-kernel/CAHk-=wiaGf66EQOq1FwM6p9c3mGOjzm9stGeUTfC5Txx4yoxgg@mail.gmail.com/) on October 2. There were 15,402 non-merge
changesets pulled into the mainline for this release, growing the kernel by
just over 1.1 million lines of code. As usual, a lot went into the
creation of this kernel release; read on for a look at where some of that
work came from. ⌘ [Read more](https://lwn.net/Articles/909625/) 2022-10-03T20:02:42Z **Netdev 0x16 accepted sessions announced**
The accepted sessions for the upcoming [Netdev 0x16](https://netdevconf.info/0x16/) have been [posted](https://netdevconf.info/0x16/accepted-sessions.html). The conference will be held virtually and in-person in Lisbon, Portugal October 24-28. In addition, early-bird registration rates have been extended to October 4.

> Netdev 0x16, like all the previous netdev conferences, is a conference of the netdev community, by the netdev community, for the netdev community. Linux kernel networking and us ... ⌘ [Read more](https://lwn.net/Articles/910210/) 2022-10-03T20:19:27Z **Git 2.38 released**
Version 2.38.0 of the [Git](https://git-scm.com/) distributed version-control system has been [released](https://lwn.net/ml/git/xmqqmtacu8bw.fsf%40gitster.g/). It comes with lots of new features and bug fixes, some of the former are described in a [GitHub blog post](https://github.blog/2022-10-03-highlights-from-git-2-38/) by Taylor Blau. Highlights include the promotion of the [scalar addition](https://devblogs.microsoft.com/devops/introducing-scalar/) for large repositories into Git core, improvements to multi-bran ... ⌘ [Read more](https://lwn.net/Articles/910213/) 2022-10-04T14:01:47Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (barbican), **Fedora** (libdxfrw, librecad, and python-oauthlib), **Oracle** (bind), **Red Hat** (bind and rh-python38-python), **SUSE** (bind, chromium, colord, libcroco, libgit2, lighttpd, nodejs12, python, python3, slurm, slurm\_20\_02, and webkit2gtk3), and **Ubuntu** (linux-azure, python-django, strongswan, and wayland). ⌘ [Read more](https://lwn.net/Articles/910300/) 2022-10-04T14:06:39Z **OpenSSH 9.1 released**
OpenSSH 9.1 has been released. It is advertised as a bug-fix release (and
it addresses a few low-priority memory-safety bugs), but
there's also a new option to set the minimum RSA key size for
authentication, a few sftp extensions, and more. ⌘ [Read more](https://lwn.net/Articles/910301/) 2022-10-04T15:43:13Z **Stable kernel update 5.19.13 released**
The [5.19.13](https://lwn.net/Articles/910314/) stable kernel update is out.
"This release is to resolve a regression on some Intel graphics
 systems that had problems with 5.19.12. If you do not have this
 problem with 5.19.12, there is no need to upgrade." ⌘ [Read more](https://lwn.net/Articles/910313/) 2022-10-04T16:33:38Z **Ekstrand: Introducing NVK**
Jason Ekstrand [announces\
a new Vulkan driver for NVIDIA hardware](https://www.collabora.com/news-and-blog/news-and-events/introducing-nvk.html) on the Collabora blog. It
seems to be off to a good start, but there is some work yet to do:

> Normally, I would have submitted the merge request long ago. There
> are far more alpha-quality drivers already in Mesa. The problem is
> that we really need a new kernel uAPI to support Vulkan properly
> and I don't want to be stuck supporting the current nouveau uAPI ... ⌘ [Read more](https://lwn.net/Articles/910319/) 2022-10-04T20:34:58Z **[$] A discussion on printk()**
The kernel's print function, printk(), has been the target of
numerous [improvement efforts](https://lwn.net/Kernel/Index/#printk) over the years for a
variety of reasons. One persistent problem with printk() has been
that its latency is unacceptably high for the realtime Linux kernel; at
this point, printk() represents the last piece needing changes
before the
RT\_PREEMPT patches can be fully merged. So there have been efforts
to rework printk() for latency and lots of other reasons, but
those have not ma ... ⌘ [Read more](https://lwn.net/Articles/909980/) 2022-10-05T14:04:26Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (barbican, mediawiki, and php-twig), **Fedora** (bash, chromium, lighttpd, postgresql-jdbc, and scala), **Mageia** (bash, chromium-browser-stable, and golang), **Oracle** (bind, bind9.16, and squid:4), **Red Hat** (bind, bind9.16, RHSSO, and squid:4), **Scientific Linux** (bind), **SUSE** (cifs-utils, libjpeg-turbo, nodejs14, and nodejs16), and **Ubuntu** (jackd2, linux-gke, and linux-intel-iotg). ⌘ [Read more](https://lwn.net/Articles/910395/) 2022-10-05T14:07:48Z **More stable kernel updates**
The
[5.19.14](https://lwn.net/Articles/910397/),
[5.15.72](https://lwn.net/Articles/910398/),
[5.10.147](https://lwn.net/Articles/910399/),
[5.4.216](https://lwn.net/Articles/910400/), and
[4.19.261](https://lwn.net/Articles/910401/)
stable kernel updates have been released; each contains another set of
important fixes. ⌘ [Read more](https://lwn.net/Articles/910396/) 2022-10-05T15:26:03Z **Al-Qudsi: Implementing truly safe semaphores in rust**
Mahmoud Al-Qudsi [provides\
extensive details](https://neosmart.net/blog/2022/implementing-truly-safe-semaphores-in-rust/) on what it takes to implement a safe semaphore type
in the Rust language.

> The problem is that with n > 1, there’s no concept of a
> “privileged” owning thread and all threads that have “obtained” the
> semaphore do so equally. Therefore, a rust semaphore can only ever
> provide read-only (&T) access to an underlying resource,
> limiting the usefulness of ... ⌘ [Read more](https://lwn.net/Articles/910417/) 2022-10-05T15:46:56Z **The Thorny Problem of Keeping the Internet’s Time (New Yorker)**
The New Yorker has [a\
lengthy article](https://www.newyorker.com/tech/annals-of-technology/the-thorny-problem-of-keeping-the-internets-time) on the Network Time Protocol and its creator David
Mills.

> Coders sometimes joke, morbidly, about the “bus factor.” How many
> people need to get hit by a bus before a given project is
> endangered? It’s difficult to determine the bus factor for N.T.P.,
> and time synchronization more broadly, especially now that
> companies su ... ⌘ [Read more](https://lwn.net/Articles/910418/) 2022-10-05T21:01:59Z **[$] NVIDIA and nouveau**
The [release of source code](https://lwn.net/Articles/894861/) for NVIDIA
graphics hardware was perhaps something of a surprise; at least at a quick
glance, it seems
like that could lead to an in-tree, officially supported driver. For many
years, though, the [nouveau\
project](https://nouveau.freedesktop.org/) has been working on an upstream driver for NVIDIA hardware, so an
obvious question is what happens with nouveau in light of the NVIDIA
announcement. Kernel graphics maintainer Dave Airlie gave a talk at th ... ⌘ [Read more](https://lwn.net/Articles/910343/) 2022-10-06T01:38:22Z **[$] LWN.net Weekly Edition for October 6, 2022**
The LWN.net Weekly Edition for October 6, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/909801/) 2022-10-06T13:20:41Z **Security updates for Thursday**
Security updates have been issued by **Debian** (bind9 and nodejs), **Red Hat** (prometheus-jmx-exporter and squid), **Slackware** (dhcp), **SUSE** (pngcheck and sendmail), and **Ubuntu** (isc-dhcp, kitty, and linux-gcp-5.4). ⌘ [Read more](https://lwn.net/Articles/910492/) 2022-10-06T17:58:27Z **[$] Fingerprinting systems with TCP source-port selection**
Back in May 2022, a mysterious set of patches titled [insufficient TCP\
source port randomness](https://lwn.net/ml/linux-kernel/20220502084614.24123-1-w@1wt.eu/) crossed the mailing lists and was subsequently
merged (at -rc6) into the 5.18 kernel. Little information was available at
the time about why significant changes to the networking stack needed to be
made so late in the development cycle. That situation has
finally changed with the publication of [this paper](https://arx ... ⌘ [Read more](https://lwn.net/Articles/910435/) 2022-10-07T14:15:43Z **Security updates for Friday**
Security updates have been issued by **Debian** (dbus, isc-dhcp, and strongswan), **Fedora** (booth, php, php-twig, php-twig2, and php-twig3), **Oracle** (expat, prometheus-jmx-exporter, and squid), **Red Hat** (expat, openvswitch2.11, and squid), **Scientific Linux** (expat and squid), **SUSE** (exiv2, LibVNCServer, postgresql-jdbc, protobuf, python-PyJWT, python3, slurm, squid, and webkit2gtk3), and **Ubuntu** (libreoffice). ⌘ [Read more](https://lwn.net/Articles/910606/) 2022-10-07T15:11:47Z **[$] The first half of the 6.1 merge window**
The 6.1 merge window is well underway: since it opened, 5,752 non-merge
changesets have been pulled into the mainline repository. That is
approximately half of the work that had piled up in linux-next and marks a
good time to look at what has been merged so far. Some long-awaited core
changes have landed for the next kernel release, but there is likely to be
more to come. ⌘ [Read more](https://lwn.net/Articles/910312/) 2022-10-07T15:49:40Z **Stable kernel 5.4.217**
Greg Kroah-Hartman has released the [5.4.217](https://lwn.net/Articles/910623/)
stable kernel with a set of important fixes, as usual. ⌘ [Read more](https://lwn.net/Articles/910622/) 2022-10-10T13:50:03Z **Security updates for Monday**
Security updates have been issued by **Debian** (knot-resolver and libpgjava), **Fedora** (booth, dotnet3.1, expat, nheko, php-twig, php-twig2, php-twig3, poppler, python-joblib, and seamonkey), **Mageia** (colord, dbus, enlightenment, kitty, libvncserver, php, python3, and unbound), **Slackware** (libksba), **SUSE** (cyrus-sasl, ImageMagick, and xmlgraphics-commons), and **Ubuntu** (nginx and thunderbird). ⌘ [Read more](https://lwn.net/Articles/910724/) 2022-10-10T14:51:33Z **[$] A deeper look into the GCC Rust front-end**
Philip Herron and Arthur Cohen [presented an\
update](https://lwn.net/Articles/907405/) on the "gccrs" GCC front end for the Rust language at the
[2022 Kangrejos](https://kangrejos.com/) conference. Less than
two weeks later — and joined by David Faust — they did it again at the [2022 GNU Tools Cauldron](https://gcc.gnu.org/wiki/cauldron2022).
This time, though, they were talking to GCC developers and refocused their
presentation accordingly; the result was an interesting look into the
cha ... ⌘ [Read more](https://lwn.net/Articles/909887/) 2022-10-11T14:05:40Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (connman, dbus, git, isc-dhcp, strongswan, and wordpress), **Fedora** (rubygem-pdfkit and seamonkey), **Red Hat** (gnutls, nettle, rh-ruby27-ruby, and rh-ruby30-ruby), **SUSE** (libgsasl, python, and snakeyaml), and **Ubuntu** (graphite2, linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15,
 linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-kvm,
 linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle, linux-raspi, linux, linux-aws, linux ... ⌘ [Read more](https://lwn.net/Articles/910828/) 2022-10-11T14:23:39Z **VirtualBox 7.0.0 released**
[Version 7.0.0](https://www.virtualbox.org/wiki/Changelog-7.0)
of the VirtualBox virtualization system is out. Changes include support
for fully encrypted virtual machines, a new performance-monitoring tool,
improved theme support, and a number of new devices. ⌘ [Read more](https://lwn.net/Articles/910833/) 2022-10-11T16:35:22Z **Patent clouds for the Opus codec**
The [Opus codec](https://opus-codec.org/) is an audio codec that
was designed from the beginning to avoid existing patents in the field and
be royalty-free for all users. It was standardized by the IETF in 2012 as
[RFC 6716](https://www.rfc-editor.org/rfc/rfc6716).
Now a company called Vectis ("a premier
full-suite IP licensing and consultancy boutique") is [collecting\
patents that are claimed to read on Opus](https://www.vectis.com/media/vectis-ip-announces-call-for-patents-essential-to-the-opus-code ... ⌘ [Read more](https://lwn.net/Articles/910848/) 2022-10-11T21:27:29Z **[$] A plan for the kernel Bugzilla**
The kernel's [Bugzilla\
instance](https://bugzilla.kernel.org/) is largely unloved and ignored, at least as a bug-reporting
tool for the bulk of the upstream kernel. At the recent Maintainers Summit,
Bugzilla was discussed during the [regression-handling session](https://lwn.net/Articles/908324/) led by Thorsten
Leemhuis. In a followup to that discussion, Leemhuis [posted](https://lwn.net/ml/ksummit-discuss/05d149a0-e3de-8b09-ecc0-3ea73e080be3@leemhuis.info/)
some ideas for improving the state of bug ... ⌘ [Read more](https://lwn.net/Articles/910740/) 2022-10-12T13:01:11Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (mediawiki and twig), **Oracle** (expat, gnutls and nettle, and kernel), **Red Hat** (expat, kernel, and kpatch-patch), and **Ubuntu** (advancecomp and dotnet6). ⌘ [Read more](https://lwn.net/Articles/910953/) 2022-10-12T13:03:31Z **Three stable kernel updates**
The
[6.0.1](https://lwn.net/Articles/910955/),
[5.19.15](https://lwn.net/Articles/910956/), and
[5.15.73](https://lwn.net/Articles/910957/)
stable kernels have been released; each contains a relatively small set of
important fixes. ⌘ [Read more](https://lwn.net/Articles/910954/) 2022-10-12T19:33:30Z **[$] (Re)moving outdated Python tools and scripts**
At the end of September, Victor Stinner [reported](https://discuss.python.org/t/remove-outdated-tools-scripts-scripts/19571)
on a [security bug\
fix](https://github.com/python/cpython/issues/97612) he had been working on for a script from the CPython
Tools/scripts directory. As part of that work, he realized
that there were 74 scripts in that directory that were potentially
outdated, unused, unmaintained, trivial, buggy, or some combination of all
of those. It
is not uncommon for projec ... ⌘ [Read more](https://lwn.net/Articles/910898/) 2022-10-13T01:55:04Z **[$] LWN.net Weekly Edition for October 13, 2022**
The LWN.net Weekly Edition for October 13, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/910503/) 2022-10-13T12:47:36Z **Security updates for Thursday**
Security updates have been issued by **Debian** (libreoffice, rexical, ruby-nokogiri, and squid), **Fedora** (wavpack), **Red Hat** (expat), **SUSE** (gdcm, orthanc, orthanc-gdcm, orthanc-webviewer and rubygem-puma), and **Ubuntu** (GMP and unzip). ⌘ [Read more](https://lwn.net/Articles/911042/) 2022-10-13T13:29:15Z **PostgreSQL 15 released**
Version 15 of the PostgreSQL database management system is out.

> PostgreSQL 15 builds on the performance improvements of recent releases with
> noticeable gains for managing workloads in both local and distributed
> deployments, including improved sorting. This release improves the developer
> experience with the addition of the popular
> [MERGE](https://www.postgresql.org/docs/15/sql-merge.html)
> command, and adds
> more capabilities for observing the state of the database.

There are a lot of changes in thi ... ⌘ [Read more](https://lwn.net/Articles/911044/) 2022-10-13T13:42:30Z **[$] A first look at Rust in the 6.1 kernel**
There have been a lot of significant changes merged into the mainline for
the 6.1 release, but one of the changes that has received the most
attention will also have the least short-term effect for users of the
kernel: the introduction of support for the Rust programming language. No
system with a production 6.1 kernel will be running any Rust code, but this
change does give kernel developers a chance to play with the language in
the kernel context and get a sense for how Rust development fee ... ⌘ [Read more](https://lwn.net/Articles/910762/) 2022-10-13T14:36:54Z **Some remotely exploitable kernel WiFi vulnerabilities**
It would appear that there is [a set of\
memory-related vulnerabilities](https://lwn.net/ml/oss-security/20221013101046.GB20615@suse.de/) in the kernel's WiFi stack that can be
exploited over the air via malicious packets; five CVE numbers have been
assigned to the set. Fixes are headed toward the
mainline and should show up in stable updates before too long; anybody who
uses WiFi on untrusted networks should probably keep an eye out for the
relevant updates. ⌘ [Read more](https://lwn.net/Articles/911062/) 2022-10-14T13:51:39Z **Security updates for Friday**
Security updates have been issued by **Debian** (chromium), **Fedora** (dbus, dhcp, expat, kernel, thunderbird, vim, and weechat), **Mageia** (libofx, lighttpd, mediawiki, and python), **Oracle** (.NET 6.0 and .NET Core 3.1), **Slackware** (python3), **SUSE** (chromium, kernel, libosip2, python-Babel, and python-waitress), and **Ubuntu** (gThumb, heimdal, linux-aws, linux-gcp-4.15, linux-aws-hwe, linux-gcp, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, postgresql-9.5, and xmlsec1). ⌘ [Read more](https://lwn.net/Articles/911168/) 2022-10-14T15:04:09Z **[$] The disabling of hardware codecs in community distributions**
Software patents affect our systems in many ways, but perhaps most
strongly in the area of codecs — code that creates or plays back audio
or video that has been compressed using covered algorithms. For this
reason, certain formats have simply been unplayable on many Linux
distributions — especially those backed by companies that are big
enough to be worth suing — without installing add-on software from
third-party repositories. One might think that this problem could be
w ... ⌘ [Read more](https://lwn.net/Articles/910978/) 2022-10-15T15:25:47Z **Saturday's stable kernel updates**
The
[6.0.2](https://lwn.net/Articles/911273/),
[5.19.16](https://lwn.net/Articles/911274/),
[5.15.74](https://lwn.net/Articles/911275/),
[5.10.148](https://lwn.net/Articles/911276/), and
[5.4.218](https://lwn.net/Articles/911277/)
stable kernel updates have all been released. Among other things, these
updates contain the fixes for the recently disclosed [WiFi vulnerabilities](https://lwn.net/Articles/911062/). ⌘ [Read more](https://lwn.net/Articles/911272/) 2022-10-16T17:26:55Z **Google launches KataOS**
Google has [announced](https://opensource.googleblog.com/2022/10/announcing-kataos-and-sparrow.html)
the existence of yet another new operating system, called KataOS, aimed at
the creation of secure embedded systems.

> As the foundation for this new operating system, we chose seL4 as
> the microkernel because it puts security front and center; it is
> mathematically proven secure, with guaranteed confidentiality,
> integrity, and availability. Through the seL4 CAmkES framework,
> we're also able to provide ... ⌘ [Read more](https://lwn.net/Articles/911332/) 2022-10-16T23:05:23Z **Kernel prepatch 6.1-rc1**
Linus has [released 6.1-rc1](https://lwn.net/Articles/911366/) and closed the
merge window for this development cycle.

> This isn't actually shaping up to be a particularly large release:
> we "only" have 11.5k non-merge commits during this merge window,
> compared to 13.5k last time around. So not exactly tiny, but
> smaller than the last few releases. At least in number of commits.
>
> That said, we've got a few core things that have been brewing for a
> long time, most notably the multi-gen LRU VM series ... ⌘ [Read more](https://lwn.net/Articles/911367/) 2022-10-17T13:59:31Z **Security updates for Monday**
Security updates have been issued by **Arch Linux** (kernel, linux-hardened, linux-lts, and linux-zen), **Debian** (python-django), **Fedora** (apptainer, kernel, python3.6, and vim), **Gentoo** (assimp, deluge, libvirt, libxml2, openssl, rust, tcpreplay, virglrenderer, and wireshark), **Slackware** (zlib), **SUSE** (chromium, python3, qemu, roundcubemail, and seamonkey), and **Ubuntu** (linux-aws-5.4 and linux-ibm). ⌘ [Read more](https://lwn.net/Articles/911461/) 2022-10-17T14:29:38Z **GnuPG 2.3.8 released**
Version 2.3.8 of the GNU Privacy Guard is out. It contains a few new
features but the real purpose is to fix [CVE-2022-3515](https://gnupg.org/blog/20221017-pepe-left-the-ksba.html),
an integer overflow vulnerability that can be exploited remotely for code
execution via a, for example, malicious S/MIME attachment. Note that the
actual vulnerability is in the [libksba](https://gnupg.org/software/libksba/) library, which is
normally packaged separately on Linux systems. ⌘ [Read more](https://lwn.net/Articles/911467/) 2022-10-17T14:45:22Z **[$] The rest of the 6.1 merge window**
Linus Torvalds [released\
6.1-rc1](https://lwn.net/ml/linux-kernel/CAHk-=wj6y5fipM2A5kEuOO9qm5PBzUY=-m9viEahhtxT09KR_g@mail.gmail.com/) and closed the 6.1 merge window on
October 16; at that point, 11,537 non-merge changesets had been pulled
into the mainline repository. That is considerably less than the 13,543
changesets pulled during the 6.0 merge window, but quantity is not
everything: there were quite a few significant changes brought in this time
around. Many of those were part of the nearly ... ⌘ [Read more](https://lwn.net/Articles/910608/) 2022-10-17T16:58:07Z **Two more stable kernel updates**
The
[5.10.149](https://lwn.net/Articles/911488/) and
[5.4.219](https://lwn.net/Articles/911489/)
stable kernel updates have been released. These small updates contain only a
few more WiFi fixes and one revert. ⌘ [Read more](https://lwn.net/Articles/911487/) 2022-10-17T18:28:05Z **Tails 5.5 released**
[Version\
5.5](https://tails.boum.org/news/version_5.5/index.en.html) of the Tor-centered Tails distribution is out. The biggest change
appears to be a significant update to the Thunderbird email client.

> Thunderbird 102 is a major update with many changes to the
> navigation, folder icons, and address book.
> Thunderbird 102 also includes important usability improvements to
> the OpenPGP feature. When composing an email, you can now see
> whether it will be encrypted or not. If encryption is impossible, a
> ... ⌘ [Read more](https://lwn.net/Articles/911494/) 2022-10-18T13:54:08Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (glibc and libksba), **Fedora** (dhcp and kernel), **Red Hat** (.NET 6.0, .NET Core 3.1, compat-expat1, kpatch-patch, and nodejs:16), **Slackware** (xorg), **SUSE** (exiv2, expat, kernel, libreoffice, python, python-numpy, squid, and virtualbox), and **Ubuntu** (linux-azure and zlib). ⌘ [Read more](https://lwn.net/Articles/911562/) 2022-10-18T14:11:31Z **Firefox 106 released**
[Version\
106.0](https://www.mozilla.org/en-US/firefox/106.0/releasenotes/) of the Firefox browser has been released. There are several new
features, including PDF editing, [Firefox\
View](https://support.mozilla.org/en-US/kb/how-set-tab-pickup-firefox-view) (an overview of recently closed tabs), and a set of new color
schemes. ⌘ [Read more](https://lwn.net/Articles/911563/) 2022-10-18T15:18:25Z **[$] Identity management for WireGuard**
Since its inclusion in the Linux kernel, the [WireGuard VPN tunnel](https://www.wireguard.com/) has become
increasingly popular. In general, WireGuard is simpler to configure than
other VPNs, but the approach that it takes to authentication can present
some challenges. Each node in a WireGuard network has a cryptographic key
that serves as the node's identity;
nodes that do not know each other's keys cannot directly communicate.
Keeping
track of these keys and distributing them to the other nodes
 ... ⌘ [Read more](https://lwn.net/Articles/910766/) 2022-10-19T14:05:39Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (bcel, kernel, node-xmldom, and squid), **Mageia** (chromium-browser-stable, dhcp, dokuwiki, firefox, golang, python-joblib, sos, and unzip), **Oracle** (nodejs and nodejs:16), **Red Hat** (firefox, kernel, kernel-rt, nodejs, nodejs:14, and thunderbird), **Scientific Linux** (firefox and thunderbird), **Slackware** (git and mozilla), **SUSE** (amazon-ssm-agent, caasp-release, cri-o, patchinfo, release-notes-caasp, skuba, enlightenment, libreoffice, netty, n ... ⌘ [Read more](https://lwn.net/Articles/911723/) 2022-10-19T15:45:08Z **[$] The search for the correct amount of split-lock misery**
Unlike many other architectures, x86 systems support atomic operations that
affect more than one cache line. This support comes at a cost, though, in
terms of overall system performance and, even, security. Over the last few
years, kernel developers have worked to discourage the use of this sort of
"split-lock" operation. Now, though, one group of users is feeling
a little too discouraged, leading to a discussion of how much misery can
appropriately be inflicted upon users who ... ⌘ [Read more](https://lwn.net/Articles/911219/) 2022-10-20T00:00:39Z **[$] LWN.net Weekly Edition for October 20, 2022**
The LWN.net Weekly Edition for October 20, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/911046/) 2022-10-20T14:15:45Z **Security updates for Thursday**
Security updates have been issued by **Debian** (firefox-esr), **Red Hat** (java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, OpenShift Container Platform 4.9.50 bug fix and, and rh-nodejs14-nodejs), **SUSE** (buildah, clone-master-clean-up, go1.18, go1.19, helm, jasper, libostree, nodejs16, php8, qemu, and xen), and **Ubuntu** (libxdmcp, linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15,
 linux-gcp, linux-gcp-5.15, linux-gke, linux-gke-5.15, linux-gkeop,
 linux-hwe-5.15, linux-ibm, linu ... ⌘ [Read more](https://lwn.net/Articles/911879/) 2022-10-20T15:13:02Z **Ubuntu 22.10 released**
[Ubuntu\
22.10](https://ubuntu.com/blog/canonical-releases-ubuntu-22-10-kinetic-kudu) has been released. "Codenamed 'Kinetic Kudu', this interim
release improves the experience of enterprise developers and IT
administrators. It also includes the latest toolchains and applications
with a particular focus on the IoT ecosystem." See [the\
release notes](https://discourse.ubuntu.com/t/kinetic-kudu-release-notes/27976) for details. ⌘ [Read more](https://lwn.net/Articles/911899/) 2022-10-20T16:55:35Z **[$] The Ghost publishing system**
Part of the early appeal of the World Wide Web was the promise that anybody
could create a site and publish interesting content to the world. A few
decades later, that promise seems to have been transformed into the ability to
provide content for a small number of proprietary platforms run by huge
corporations.
But, arguably, the dream of widespread independent publishing is enjoying a
resurgence. The [Ghost](https://ghost.org/) publishing platform
is built around the goal of making publishing technolog ... ⌘ [Read more](https://lwn.net/Articles/911601/) 2022-10-21T13:54:14Z **Stable kernel 6.0.3**
The [6.0.3](https://lwn.net/Articles/911990/) stable kernel update has been
released; it contains over 800 important fixes. ⌘ [Read more](https://lwn.net/Articles/911991/) 2022-10-21T13:52:10Z **Security updates for Friday**
Security updates have been issued by **Fedora** (poppler), **Oracle** (firefox and thunderbird), **Red Hat** (firefox, java-1.8.0-openjdk, java-11-openjdk, and java-17-openjdk), **SUSE** (bind, clone-master-clean-up, grafana, libksba, python3, tiff, and v4l2loopback), and **Ubuntu** (libreoffice). ⌘ [Read more](https://lwn.net/Articles/911989/) 2022-10-21T14:30:40Z **[$] More flexible memory access for BPF programs**
All memory accesses in a [BPF](https://lwn.net/Articles/740157/) program are
statically checked for safety using the
verifier, which analyzes the program in its
entirety before allowing it to run. While this allows BPF programs to
safely run in kernel space, it restricts how that program is able to use
pointers. Until recently, one such constraint was that the size of a memory
region referenced by a pointer in a BPF program must be statically known
when a BPF program is loaded. A [recen ... ⌘ [Read more](https://lwn.net/Articles/910873/) 2022-10-22T14:27:52Z **Mourning Wolfgang Denk**
The U-Boot list [carries\
the sad news](https://lists.denx.de/pipermail/u-boot/2022-October/497955.html) that Wolfgang Denk, the founder of the U-Boot project, has
passed away.

> Wolfgang was a pioneer and strong supporter of Open Source, in the
> time when Linux for Embedded System started its first steps. In
> many occasions he had strong discussions with customers to explain
> the advantages of Open Source, and he rejected business contracts
> if customer was going against his principles. We will miss hi ... ⌘ [Read more](https://lwn.net/Articles/912052/) 2022-10-23T23:54:39Z **Kernel prepatch 6.1-rc2**
The [second 6.1 kernel prepatch](https://lwn.net/Articles/912099/) is out for
testing. "Usually rc2 is a pretty quiet week, and it mostly started out
that way too, but then things took a turn for the strange. End result:
6.1-rc2 ended up being unusually large." ⌘ [Read more](https://lwn.net/Articles/912100/) 2022-10-24T14:03:22Z **Security updates for Monday**
Security updates have been issued by **Debian** (bluez, kernel, and lava), **Fedora** (ckeditor, drupal7, moby-engine, php-Smarty, and wavpack), **Mageia** (bind, e2fsprogs, epiphany, freerdp, kernel, kernel-linus, libconfuse, libosip2, ntfs-3g, perl-Image-ExifTool, and poppler), **Oracle** (firefox, java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, kernel, kernel-container, and thunderbird), **Scientific Linux** (firefox, java-1.8.0-openjdk, and java-11-openjdk), **SUSE** (bluez, firefox, kernel, libxm ... ⌘ [Read more](https://lwn.net/Articles/912178/) 2022-10-24T14:51:19Z **Gaynor: Buffers on the edge: Python and Rust**
Alex Gaynor [examines the\
awkwardness](https://alexgaynor.net/2022/oct/23/buffers-on-the-edge/) that comes when trying to interface Python and Rust code.

> The challenge is that if you want to pass some bytes to a Rust
> library to parse them (or do any other processing for that matter),
> the library almost certainly expects a &[u8], and
> there’s no way to turn a &[ReadOnlyCell]
> into a &[u8] safely, without allocating and
> copying. And of course, the whole point of the Pytho ... ⌘ [Read more](https://lwn.net/Articles/912181/) 2022-10-24T15:20:14Z **[$] Would you like signs with those chars?**
Among the many quirks that make the C language so charming is the set of
behaviors that
it does not define; these include whether a char variable is a
signed quantity or not. The distinction often does not make a difference,
but there are exceptions. Kernel code, which runs on many different
architectures, is where exceptions can certainly be found. A recent
attempt to eliminate the uncertain signedness of char variables
did not get far — at least not in the direction it originally attempted ... ⌘ [Read more](https://lwn.net/Articles/911914/) 2022-10-24T15:19:40Z **The final 5.19.x stable kernel release**
Greg Kroah-Hartman has announced the release of the [5.19.17](https://lwn.net/Articles/912187/) stable kernel. "Note this is the
LAST 5.19.y kernel to be released. This
branch is now
end-of-life. You should move to the 6.0.y branch at this point in time." ⌘ [Read more](https://lwn.net/Articles/912186/) 2022-10-24T21:35:11Z **Python 3.11 released**
[Version\
3.11.0](https://discuss.python.org/t/python-3-11-0-final-is-now-available/20291) of the Python language has been released.
"In the CPython release team, we have put a lot of effort into making
3.11 the best version of Python possible. Better tracebacks, faster Python,
exception groups and except\*, typing improvements and much more."
Among other things, this release claims a 1.22x speedup on the standard
benchmark suite thanks to the [Faster\
CPython work](https://docs.python.org/3.11/whatsnew/3.11.html# ... ⌘ [Read more](https://lwn.net/Articles/912216/) 2022-10-25T14:09:36Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (libbluray and wkhtmltopdf), **Fedora** (firefox, libksba, libmodsecurity, libxml2, qemu, and xmlsec1), **Red Hat** (389-ds-base, 389-ds:1.4, git-lfs, gnutls, java-1.8.0-ibm, kernel, kernel-rt, kpatch-patch, libksba, mysql:8.0, pki-core, postgresql:12, samba, sqlite, and zlib), **Scientific Linux** (389-ds-base, libksba, and pki-core), **SUSE** (bluez, firefox, jdom, kernel, libosip2, libxml2, multipath-tools, and python-Mako), and **Ubuntu** (barbican, mysql ... ⌘ [Read more](https://lwn.net/Articles/912324/) 2022-10-25T17:24:11Z **[$] Accessing QEMU storage features without a VM**
The [QEMU](https://qemu.org/) emulator has a sizable set of
storage features, including disk-image file formats like [qcow2](https://en.wikipedia.org/wiki/Qcow), snapshots,
incremental backup, and storage migration, which are available to virtual
machines. This software-defined storage functionality that is available
inside QEMU has not
been easily
accessible outside of it, however. Kevin Wolf and Stefano Garzarella
presented at
KVM Forum
2022 on the new qemu-storage-daemon program and ... ⌘ [Read more](https://lwn.net/Articles/911281/) 2022-10-25T19:50:39Z **Poettering: Brave new trusted boot world**
Lennart Poettering has posted [a\
detailed specification](https://0pointer.de/blog/brave-new-trusted-boot-world.html) for a new approach to "trusted computing"
systems.

> Central to the proposed design is the concept of a **Unified Kernel
> Image (UKI)**. These UKIs are the combination of a Linux kernel
> image, and initrd, a UEFI boot stub program (and further resources,
> see below) into one single UEFI PE file that can either be directly
> invoked by the UEFI firmware (which is useful i ... ⌘ [Read more](https://lwn.net/Articles/912370/) 2022-10-26T14:05:22Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (tomcat9), **Oracle** (389-ds-base, device-mapper-multipath, firefox, git-lfs, gnutls, kernel, kernel-container, libksba, pki-core, samba, sqlite, and zlib), **Red Hat** (device-mapper-multipath, kernel, kpatch-patch, libksba, and thunderbird), **Slackware** (expat and samba), **SUSE** (bind, buildah, curl, firefox, golang-github-prometheus-node\_exporter, grafana, icinga2, python-paramiko, python-waitress, SUSE Manager Client Tools, telnet, and xen), and * ... ⌘ [Read more](https://lwn.net/Articles/912495/) 2022-10-26T14:16:48Z **A pile of stable kernel updates**
The
[6.0.4](https://lwn.net/Articles/912499/),
[5.15.75](https://lwn.net/Articles/912500/),
[5.10.150](https://lwn.net/Articles/912501/),
[5.4.220](https://lwn.net/Articles/912502/),
[4.19.262](https://lwn.net/Articles/912503/),
[4.14.296](https://lwn.net/Articles/912504/), and
[4.9.331](https://lwn.net/Articles/912505/)
stable kernel updates have all been released; each contains a relatively
large set of important fixes. The [6.0.5](https://lwn.net/Articles/912506/)
update followed about 90 seconds lat ... ⌘ [Read more](https://lwn.net/Articles/912498/) 2022-10-26T17:00:52Z **Netfilter Workshop 2022 summary**
Arturo Borrero González has posted [a detailed\
summary](https://ral-arturo.org/2022/10/25/nfws2022.html) of the Netfilter workshop that was recently held in Seville.
"This year, the number of participants was just eight people, and this
allowed the setup to be a bit more informal. We had kind of an
un-conference style meeting, in which whoever had something prepared just
went ahead and opened a topic for debate."

(Thanks to Paul Wise). ⌘ [Read more](https://lwn.net/Articles/912540/) 2022-10-26T19:20:54Z **[$] An ordered set for Python?**
Python has lots of different options for mutable data structures, both
directly in
the language and in the standard library. Lists, dictionaries (or "dicts"), and
sets are the foundation, but two of those maintain an order based on how
the elements are added, while sets do not. A recent discussion on the [Python Discourse forum](https://discuss.python.org/) raised the
idea of adding an ordered variant of sets; while it does not look like
there is a big push to add the feature, the discussion did show som ... ⌘ [Read more](https://lwn.net/Articles/912353/) 2022-10-27T00:51:09Z **[$] LWN.net Weekly Edition for October 27, 2022**
The LWN.net Weekly Edition for October 27, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/911875/) 2022-10-27T13:37:00Z **Security updates for Thursday**
Security updates have been issued by **CentOS** (389-ds-base, bind, expat, java-1.8.0-openjdk, java-11-openjdk, libksba, and squid), **Debian** (chromium, libdatetime-timezone-perl, tzdata, and wordpress), **Fedora** (dbus, dhcp, dotnet3.1, jhead, samba, and strongswan), **Mageia** (virtualbox), **Oracle** (device-mapper-multipath), **Scientific Linux** (device-mapper-multipath and thunderbird), **Slackware** (curl), **SUSE** (container-suseconnect, curl, kernel, libmad, libtasn1, libtirpc, qemu, rubygem- ... ⌘ [Read more](https://lwn.net/Articles/912688/) 2022-10-27T14:54:37Z **Bos: Do we need a "Rust Standard"?**
Mara Bos has written [a lengthy\
blog post](https://blog.m-ou.se/rust-standard/) on whether the Rust language needs to be standardized.
The answer is "no" — but she draws a distinction between a "standard"
(maintained by some distant standards body) and a "specification".

> While no official decision has been made yet, there does seem to be
> a general agreement that we should indeed work towards having and
> maintaining an official complete Rust specification from within the
> Rust project. It’s ... ⌘ [Read more](https://lwn.net/Articles/912704/) 2022-10-27T15:27:21Z **Modern PHP features explained - PHP 8.0 and 8.1 (Laravel News)**
[This\
Laravel News article](https://laravel-news.com/modern-php-features-explained) digs into the many enhancements that have found
their way into the PHP language in the last couple of years or so.

> Lovely Enums, the savior of pointless database tables and floating
> constants across the codebases of the world. Enums have quickly
> become one of my favorite features of PHP 8.1 - I can now push my
> roles into Enums instead of keeping them in a table that never
> ch ... ⌘ [Read more](https://lwn.net/Articles/912725/) 2022-10-27T15:40:46Z **[$] Copyright notices (or the lack thereof) in kernel code**
The practice of requiring copyright assignments for contributions to
free-software projects has been in decline for years; the GNU Binutils
project may be [the\
latest domino to fall](https://sourceware.org/pipermail/binutils/2022-October/123680.html) in that regard. The Linux kernel project,
unlike some others, has always allowed contributors to retain their copyrights,
resulting in a code base that has widely distributed ownership. In such a
project, who owns the copyright t ... ⌘ [Read more](https://lwn.net/Articles/912355/) 2022-10-27T22:15:13Z **A Fedora 37 release-date slip**
Fedora releases have traditionally happened later than their target date,
though the project has done better on that score in recent years. Ben
Cotton has [announced](https://fedoramagazine.org/fedora-linux-37-update/) in
Fedora Magazine that the upcoming Fedora 37 release, initially [planned](https://communityblog.fedoraproject.org/fedora-linux-37-schedule/)
for October 25, won't be happening until November 15. The
immediate cause is [an\
impending OpenSSL update](https://lwn.net/ml/oss-security/db0d3f4e ... ⌘ [Read more](https://lwn.net/Articles/912776/) 2022-10-28T13:44:16Z **Security updates for Friday**
Security updates have been issued by **Debian** (expat, ruby-sinatra, and thunderbird), **Fedora** (glances), **Mageia** (cups, firefox, git, heimdal, http-parser, krb5-appl, minidlna, nginx, and thunderbird), **Oracle** (389-ds:1.4, device-mapper-multipath, firefox, mysql:8.0, postgresql:12, and thunderbird), **SUSE** (dbus-1, libconfuse0, libtasn1, openjpeg2, qemu, and thunderbird), and **Ubuntu** (dbus, linux-azure-fde, and tiff). ⌘ [Read more](https://lwn.net/Articles/912873/) 2022-10-28T15:25:14Z **[$] Packaging Rust for Fedora**
Linux distributions were, as a general rule, designed during an era when
most software of interest was written in C; as a result, distributions
are naturally able to efficiently package C applications and the libraries
they depend on. Modern languages, though, tend to be built around their
own package-management systems that are designed with different goals in
mind. The result is that, for years, distributors have struggled to find
the best ways to package and ship applications written in those languages ... ⌘ [Read more](https://lwn.net/Articles/912202/) 2022-10-28T20:28:22Z **Generic associated types in Rust 1.65**
The Rust Types Team [announces](https://blog.rust-lang.org/2022/10/28/gats-stabilization.html)
that the long-awaited generic associated types feature will be stable in Rust 1.65.

> At its core, generic associated types allow you to have _generics_
> (type, lifetime, or const) on _associated types_. Note that this is
> really just rounding out the places where you can put generics: for
> example, you can already have generics on freestanding type aliases
> and on functions in traits. Now you c ... ⌘ [Read more](https://lwn.net/Articles/912932/) 2022-10-29T13:34:03Z **Four new stable kernels**
The [5.10.151](https://lwn.net/Articles/912993/) kernel was released on
October 28 with a small fix to the PAHOLE\_FLAGS in the kernel
build. October 29 saw the release of the [6.0.6](https://lwn.net/Articles/912996/), [5.15.76](https://lwn.net/Articles/912997/), and
[5.4.221](https://lwn.net/Articles/912994/) stable kernels, each with the usual
collection of important fixes throughout the tree. ⌘ [Read more](https://lwn.net/Articles/912992/) 2022-10-31T00:02:33Z **Kernel prepatch 6.1-rc3**
The [6.1-rc3](https://lwn.net/Articles/913120/) kernel prepatch is out for
testing.

> So while rc2 was just \_way\_ bigger than usual, rc3 is only a bit
> larger than an average rc3 release is. But it's still on the
> largish side. I hope that things start calming down, and we'll
> start seeing the size of these rc's shrink. Please? ⌘ [Read more](https://lwn.net/Articles/913122/) 2022-10-31T15:43:34Z **GNU Make 4.4 released**
Version 4.4 of the GNU make utility is out. There is a long list of
changes and a fair number of potential compatibility issues; see the
announcement text for all the details. ⌘ [Read more](https://lwn.net/Articles/913253/) 2022-10-31T17:48:48Z **Security updates for Monday**
Security updates have been issued by **Debian** (batik, chromium, expat, libxml2, ncurses, openvswitch, pysha3, python-django, thunderbird, and tomcat9), **Fedora** (cacti, cacti-spine, curl, mbedtls, mingw-expat, and xen), **Gentoo** (apptainer, bind, chromium, exif, freerdp, gdal, gitea, hiredis, jackson-databind, jhead, libgcrypt, libksba, libtirpc, lighttpd, net-snmp, nicotine+, open-vm-tools, openexr, rpm, schroot, shadow, sofia-sip, tiff, and xorg-server), **Mageia** (libreoffice), **Oracle** (expat), ... ⌘ [Read more](https://lwn.net/Articles/913261/) 2022-10-31T18:20:25Z **[$] Still waiting for stackable security modules**
The Linux security module (LSM) mechanism was created as a result of the [first Kernel Summit](https://lwn.net/2001/features/KernelSummit/) in 2001; it was
designed to allow the development of multiple approaches to Linux security.
That goal has been met; there are several security modules available with
current kernels. The LSM subsystem was not designed, though, to allow
multiple security modules to work together on the same system. Developers
have been working to rectify that problem ... ⌘ [Read more](https://lwn.net/Articles/912775/) 2022-10-31T22:45:14Z **Systemd 252 released**
Systemd version 252 has been released. As usual, the list of changes is
long. It includes a new systemd-measure tool for the calculation of PCR
values and a bunch of infrastructure to use the result for disk encryption:

> Net effect: if you boot a properly prepared kernel, TPM-bound disk
> encryption now defaults to be locked to kernels which carry PCR
> signatures from the same key pair. Example: if a hypothetical distro
> FooOS prepares its UKIs like this, TPM-based disk encryption is now –
> by default – b ... ⌘ [Read more](https://lwn.net/Articles/913287/) 2022-11-01T14:01:50Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (python3.7), **Gentoo** (android-tools, expat, firefox, libjxl, libxml2, pjproject, sqlite, thunderbird, and zlib), **Oracle** (compat-expat1), **Slackware** (php8 and vim), **SUSE** (kernel, libtasn1, podman, and pyenv), and **Ubuntu** (libtasn1-6). ⌘ [Read more](https://lwn.net/Articles/913352/) 2022-11-01T16:01:44Z **OpenSSL 3.0.7 released**
The much-anticipated OpenSSL 3.0.7 release, which fixes some high-risk
security problems, is available. The [release\
notes](https://www.openssl.org/news/openssl-3.0-notes.html) list two vulnerabilities (CVE-2022-3786 and CVE-2022-3602) that
have not yet been documented on the [OpenSSL\
vulnerabilities page](https://www.openssl.org/news/vulnerabilities.html#CVE-2022-3786). LWN commenter mat2 has [provided the relevant information](https://lwn.net/Articles/913369/), though. It
is worth updating quickly, but many ... ⌘ [Read more](https://lwn.net/Articles/913370/) 2022-11-01T23:16:23Z **A few stable kernel updates**
The
[5.4.222](https://lwn.net/Articles/913393/),
[4.19.263](https://lwn.net/Articles/913394/), and
[4.14.297](https://lwn.net/Articles/913395/)
stable kernel updates have been released. The first two contain a single
patch for a Clang compilation error; 4.14.297, instead, has a number of
fixes and speculative-execution mitigations. ⌘ [Read more](https://lwn.net/Articles/913392/) 2022-11-01T23:14:45Z **[$] Moving past TCP in the data center, part 1**
At the recently concluded [Netdev\
0x16 conference](https://netdevconf.info/0x16/), which was held both in Lisbon, Portugal and virtually,
Stanford professor John Ousterhout gave his personal views on where
networking in data centers needs to be headed. To solve the problems that
he sees, he suggested some "fairly significant changes" to those
environments, including leaving behind the venerable—ubiquitous—TCP
transport protocol. While LWN was unable to attend the conference itself,
due t ... ⌘ [Read more](https://lwn.net/Articles/913260/) 2022-11-02T14:14:47Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (ffmpeg and linux-5.10), **Fedora** (libksba, openssl, and php), **Gentoo** (openssl), **Mageia** (curl, gdk-pixbuf2.0, libksba, nbd, php, and virglrenderer), **Red Hat** (kernel, kernel-rt, libksba, and openssl), **SUSE** (gnome-desktop, hdf5, hsqldb, kernel, nodejs10, openssl-3, php7, podofo, python-Flask-Security, python-lxml, and xorg-x11-server), and **Ubuntu** (backport-iwlwifi-dkms, firefox, ntfs-3g, and openssl). ⌘ [Read more](https://lwn.net/Articles/913504/) 2022-11-02T18:59:05Z **A new crop of malicious modules found on PyPI**
Phylum has posted [an\
article](https://blog.phylum.io/phylum-discovers-dozens-more-pypi-packages-attempting-to-deliver-w4sp-stealer-in-ongoing-supply-chain-attack) with a detailed look at a set of malicious packages discovered
by an automated system they have developed.

> Similar to this attacker’s previous attempts, this particular
> attack starts by copying existing popular libraries and simply
> injecting a malicious \_\_import\_\_ statement into an otherwise
> healthy codebase. Th ... ⌘ [Read more](https://lwn.net/Articles/913555/) 2022-11-02T21:40:00Z **[$] Modernizing Fedora's C code**
It is not often that you see a Fedora change proposal for a version of the
distribution that will not be available for 18 months or so, but that
is exactly what was recently posted to the mailing list.
The change targets the C source code in the myriad of packages that the
distribution ships; it would fix code that uses some ancient compatibility
features that were removed by the C99 standard but are still supported by
GCC. As might be guessed from the
long runway proposed, there is quite a bit of work ... ⌘ [Read more](https://lwn.net/Articles/913505/) 2022-11-02T23:55:12Z **[$] LWN.net Weekly Edition for November 3, 2022**
The LWN.net Weekly Edition for November 3, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/912698/) 2022-11-03T15:43:29Z **Rust 1.65.0 released**
[Version\
1.65.0](https://blog.rust-lang.org/2022/11/03/Rust-1.65.0.html) of the Rust language has been released. Improvements include
generic associated types, a new let...else statement, and the
ability to break from labeled blocks:

> Plain block expressions can now be labeled as a break
> target, terminating that block early. This may sound a little like
> a goto statement, but it's not an arbitrary jump, only
> from within a block to its end. This was already possible with
> loop blocks, and you may have ... ⌘ [Read more](https://lwn.net/Articles/913635/) 2022-11-03T16:10:19Z **Today's crop of stable kernels**
Greg Kroah-Hartman has announced the release of the [6.0.7](https://lwn.net/Articles/913680/), [5.15.77](https://lwn.net/Articles/913681/), [5.10.153](https://lwn.net/Articles/913682/), [5.4.223](https://lwn.net/Articles/913683/), [4.19.264](https://lwn.net/Articles/913684/), [4.14.298](https://lwn.net/Articles/913685/), and [4.9.332](https://lwn.net/Articles/913686/) stable kernels. As usual, they
contain important fixes throughout the kernel tree. ⌘ [Read more](https://lwn.net/Articles/913679/) 2022-11-03T18:38:20Z **[$] A report from the 2022 Image-Based Linux Summit**
The first Image-Based Linux Summit was
held in Berlin on October 5 and 6, 2022. The main goal of this summit was to
agree on common concepts and tooling for how to build, deploy, and run modern,
secure, image-based Linux distributions — a project that that the organizers,
Christian Brauner, Luca Boccassi, and Lennart Poettering, have been working on
for some time. The result was a more refined vision of how Linux systems
can be built and deployed securely. ⌘ [Read more](https://lwn.net/Articles/912774/) 2022-11-03T19:56:34Z **Security updates for Thursday**
Security updates have been issued by **Debian** (pypy3), **Fedora** (drupal7, git, java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, and php), **Oracle** (kernel, lua, openssl, pcs, php-pear, pki-core, python3.9, and zlib), **Red Hat** (kernel, kernel-rt, kpatch-patch, lua, openssl-container, pcs, php-pear, pki-core, python3.9, and zlib), **Scientific Linux** (kernel, pcs, and php-pear), **SUSE** (EternalTerminal, hsqldb, ntfs-3g\_ntfsprogs, privoxy, rubygem-actionview-4\_2, sqlite3, and xorg-x11-serv ... ⌘ [Read more](https://lwn.net/Articles/913771/) 2022-11-04T13:21:39Z **Security updates for Friday**
Security updates have been issued by **Debian** (clickhouse, distro-info-data, and ntfs-3g), **Fedora** (firefox), **Oracle** (kernel), **Slackware** (mozilla), and **SUSE** (python-Flask-Security-Too). ⌘ [Read more](https://lwn.net/Articles/913849/) 2022-11-04T15:08:02Z **[$] Two performance-oriented patches: epoll and NUMA balancing**
The search for better performance from the kernel never ends. Recently
there has been a stream of smaller patches that promise incremental
performance gains, at least for some types of applications. Read on for an
overview of two of those patches, which make changes to the epoll system
calls and to NUMA balancing. This work shows where developers are looking
for performance improvements — and that not everybody measures performance
the same way. ⌘ [Read more](https://lwn.net/Articles/913291/) 2022-11-04T23:32:11Z **SystemTap 4.8 released**
Version 4.8 of the SystemTap tracing tool is out. "Enhancements to this release include: kernel runtime improvements
on multi-CPU systems, python3 tapset support through python3.11,
tapset and template script for cve livepatching, bpf backend
embedded-code assembler improvements". ⌘ [Read more](https://lwn.net/Articles/913908/) 2022-11-07T04:35:10Z **Kernel prepatch 6.1-rc4**
The [6.1-rc4](https://lwn.net/Articles/913979/) kernel prepatch is out for
testing. "So as hoped for (and expected), things seem to be starting to calm
down, and rc4 is a pretty normal size for this stage in the process". ⌘ [Read more](https://lwn.net/Articles/913980/) 2022-11-07T13:44:22Z **Security updates for Monday**
Security updates have been issued by **Debian** (ffmpeg, libxml2, python-django, python-scciclient, and xen), **Fedora** (ghc-cmark-gfm, java-latest-openjdk, and vim), **Mageia** (expat, ntfs-3g, and wkhtmltopdf), **Oracle** (kernel), **Slackware** (sudo), and **SUSE** (expat, libxml2, rubygem-loofah, and xmlbeans). ⌘ [Read more](https://lwn.net/Articles/914012/) 2022-11-07T15:16:50Z **[$] Better CPU selection for timer expiration**
On the surface, the kernel's internal timer mechanism would not appear to
have changed much in a long time; the core API looks quite similar to the
one present in the 1.0 release. Underneath the API, naturally, quite a bit
of complexity has been added over the years. The implementation of this
API looks to become even more complex — but faster — if and when [this \
patch set](https://lwn.net/ml/linux-kernel/20221104145737.71236-1-anna-maria@linutronix.de/) from Anna-Maria Behnsen finds its ... ⌘ [Read more](https://lwn.net/Articles/913568/) 2022-11-08T14:30:26Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (pixman and sudo), **Fedora** (mingw-binutils and mingw-gdb), **Red Hat** (bind, bind9.16, container-tools:3.0, container-tools:4.0, container-tools:rhel8, dnsmasq, dotnet7.0, dovecot, e2fsprogs, flatpak-builder, freetype, fribidi, gdisk, grafana, grafana-pcp, gstreamer1-plugins-good, httpd:2.4, kernel, kernel-rt, libldb, libreoffice, libtiff, libxml2, mingw-expat, mingw-zlib, mutt, nodejs:14, nodejs:18, openblas, openjpeg2, osbuild, pcs, php:7.4, php:8.0, pk ... ⌘ [Read more](https://lwn.net/Articles/914119/) 2022-11-08T14:37:41Z **Texinfo 7.0 released**
Version 7.0 of Texinfo, the GNU Project's documentation system, has been
released. There are a number of changes here, the biggest of which may be
the ability to produce output in the EPUB format. ⌘ [Read more](https://lwn.net/Articles/914120/) 2022-11-08T17:49:20Z **[$] Using certificates for SSH authentication**
[SSH](https://en.wikipedia.org/wiki/Secure_Shell) is a
well-known mechanism for accessing remote computers in a
secure way; thanks to its use of cryptography, nobody can alter or
eavesdrop on the
communication. Unfortunately, SSH is somewhat
cumbersome when
connecting to a host for the first time; it's also tricky for a
server administrator to provide time-limited access to the server. SSH
certificates can solve these problems. ⌘ [Read more](https://lwn.net/Articles/913971/) 2022-11-09T14:17:04Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (vim, webkit2gtk, and wpewebkit), **Fedora** (mingw-python3, vim, webkit2gtk3, webkitgtk, and xen), **Mageia** (389-ds-base, bluez, ffmpeg, libtasn1, libtiff, libxml2, and mbedtls), **Red Hat** (kpatch-patch and linux-firmware), **SUSE** (conmon, containerized data importer, exim, expat, ganglia-web, gstreamer-0\_10-plugins-base, gstreamer-0\_10-plugins-good, gstreamer-plugins-base, gstreamer-plugins-good, kernel, kubevirt, protobuf, sendmail, and vsftpd), ... ⌘ [Read more](https://lwn.net/Articles/914221/) 2022-11-09T21:07:24Z **[$] Moving past TCP in the data center, part 2**
At the end of [our earlier article](https://lwn.net/Articles/913260/) on John
Ousterhout's talk at [Netdev 0x16](https://netdevconf.info/0x16/), he had concluded
that TCP was unsuitable for data-center environments for a variety of
reasons. He also argued that there was no way to repair TCP so that it
could serve the needs of data-center networking. In order for software to
be able
to use the full potential of today's networking hardware, TCP needs to be
replaced with a protocol that is d ... ⌘ [Read more](https://lwn.net/Articles/914030/) 2022-11-10T00:45:11Z **[$] LWN.net Weekly Edition for November 10, 2022**
The LWN.net Weekly Edition for November 10, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/913641/) 2022-11-10T14:07:54Z **Security updates for Thursday**
Security updates have been issued by **Debian** (libjettison-java and xorg-server), **Slackware** (sysstat and xfce4), **SUSE** (python3 and xen), and **Ubuntu** (firefox). ⌘ [Read more](https://lwn.net/Articles/914347/) 2022-11-10T15:15:08Z **[$] Class action against GitHub Copilot**
The [GitHub Copilot](https://github.com/features/copilot)
offering claims to assist software developers through the application of
machine-learning techniques. Since its inception, Copilot has been
followed by [controversies](https://lwn.net/Articles/862769/), mostly based on
the extensive use of free software to train the machine-learning engine. The [announcement](https://githubcopilotlitigation.com/) of a
class-action lawsuit against Copilot was thus unsurprising. The lawsuit
raises all of th ... ⌘ [Read more](https://lwn.net/Articles/914150/) 2022-11-10T18:09:24Z **A pair of new LWN site features**
We have finally added a set of **dark mode** defaults to the [customization options](https://lwn.net/MyAccount/preferences) for the site for
those who prefer the dark side. Thanks to all the readers who have asked
for this; apologies for taking so long to do it. The defaults seem good,
but we are not dark-mode users, so please let us know if you have
suggestions for improvements.

Another new feature that has been requested for some time is the ability to
receive feature articles via email. These emails ... ⌘ [Read more](https://lwn.net/Articles/914410/) 2022-11-10T20:12:23Z **A round of stable-kernel updates**
The
[5.4.224](https://lwn.net/Articles/914424/),
[4.19.265](https://lwn.net/Articles/914425/),
[4.14.299](https://lwn.net/Articles/914426/), and
[4.9.333](https://lwn.net/Articles/914427/)
stable kernel updates have been released; each contains another set of
important fixes.

Note that [6.0.8](https://lwn.net/ml/linux-kernel/20221108133354.787209461@linuxfoundation.org/),
[5.15.78](https://lwn.net/ml/linux-kernel/20221108133345.346704162@linuxfoundation.org/),
[5.10.154](https://lwn.net/ml/linux-kerne ... ⌘ [Read more](https://lwn.net/Articles/914423/) 2022-11-11T13:58:59Z **Security updates for Friday**
Security updates have been issued by **Debian** (chromium and exiv2), **Fedora** (curl, device-mapper-multipath, dotnet6.0, mediawiki, mingw-gcc, and php-pear-CAS), **Gentoo** (lesspipe), **Slackware** (php), **SUSE** (git, glibc, kernel, libarchive, python, python-rsa, python3-lxml, rpm, sudo, xen, and xwayland), and **Ubuntu** (wavpack). ⌘ [Read more](https://lwn.net/Articles/914571/) 2022-11-11T16:10:53Z **[$] Git evolve: tracking changes to changes**
The Git source-code management system exists to track changes to a set of
files; the stream of commits in a Git repository
reflects the change history of those files. What is seen in Git, though, is the
final form of those commits; the changes that the patches themselves went
through on their way toward acceptance are not shown there. That history
can have value, especially while changes are still under consideration.
The proposed [git\
evolve subcommand](https://lwn.net/ml/git/pull.1356.v2. ... ⌘ [Read more](https://lwn.net/Articles/914041/) 2022-11-13T23:51:40Z **Kernel prepatch 6.1-rc5**
Linus has released [6.1-rc5](https://lwn.net/Articles/914746/) for testing.

> But we'll see. If things don't start calming down, this may be one
> of those releases that need an extra week. It wasn't a particularly
> big merge window, but I don't particularly like how the rc's keep
> being on the bigger side. ⌘ [Read more](https://lwn.net/Articles/914747/) 2022-11-14T14:03:55Z **Security updates for Monday**
Security updates have been issued by **Debian** (dropbear, php7.4, pixman, sysstat, and xorg-server), **Fedora** (mingw-expat, mingw-libtasn1, and mingw-pixman), **Mageia** (binutils/gdb, chromium-browser-stable, exiv2, libtiff, nodejs, pcre, pixman, wayland, and webkit2), **Red Hat** (device-mapper-multipath and libksba), **SUSE** (autotrace, busybox, libmodbus, php72, python-numpy, rustup, samba, varnish, xen, and xterm), and **Ubuntu** (thunderbird). ⌘ [Read more](https://lwn.net/Articles/914811/) 2022-11-14T16:00:20Z **[$] Block-device snapshots with blksnap**
As a general rule, one need not have worked in the technology industry for
long before the value of good data backups becomes clear. Creating a
backup that is truly good, though, can be a challenge if the filesystem in
question is actively being changed while the backup process runs. Over the
years, various ways of addressing this problem have been developed, ranging
from simply shutting down the system while backups run to a variety of
snapshotting mechanisms. The kernel may be about to get ano ... ⌘ [Read more](https://lwn.net/Articles/914031/) 2022-11-14T16:10:53Z **Open-source software vs. the proposed Cyber Resilience Act (NLnet Labs)**
NLnet Labs has put up [a\
blog entry](https://blog.nlnetlabs.nl/open-source-software-vs-the-cyber-resilience-act/) warning about the possible effects of the "Cyber Resilience
Act" proposal in the European Commission.

> We feel the current proposal misses a major opportunity. At a high
> level the 'essential cybersecurity requirements' are not
> unreasonable, but the compliance overhead can range from tough to
> impossible for small, or cash-strapped developers ... ⌘ [Read more](https://lwn.net/Articles/914840/) 2022-11-15T13:51:18Z **Security updates for Tuesday**
Security updates have been issued by **Fedora** (kernel and webkit2gtk3), **Red Hat** (dhcp, dovecot, flac, freetype, fribidi, frr, gimp, grafana, guestfs-tools, httpd, kernel-rt, libtirpc, mingw-gcc, mingw-glib2, pcs, php, protobuf, python3.9, qemu-kvm, redis, speex, and swtpm), **SUSE** (chromium, containerized-data-importer, jhead, kubevirt stack, nodejs14, nodejs16, python-Werkzeug, and xen), and **Ubuntu** (golang-1.13, nginx, and vim). ⌘ [Read more](https://lwn.net/Articles/914952/) 2022-11-15T14:42:45Z **Fedora 37 released**
[Version 37](https://fedoramagazine.org/announcing-fedora-37/)
of the Fedora family of distributions has been released, a few weeks later
than originally intended.

> With Fedora Linux 37, we’re adding two new Editions. Fedora CoreOS
> is the successor to what you may remember as Atomic Host. Drawing
> from Project Atomic and the original CoreOS work, it provides an
> automatic update mechanism geared toward hosting container-based
> workloads. With atomic updates and easy rollback, it adds peace of
> mind to y ... ⌘ [Read more](https://lwn.net/Articles/914960/) 2022-11-15T21:23:58Z **[$] Scaling the KVM community**
The [scalability of Linus Torvalds](https://lwn.net/Articles/393694/) was a
recurring theme during Linux's early years; these days maintainer struggles
[are a recognized problem](https://lwn.net/Articles/712215/) within open-source
communities in general. It is thus not surprising that Sean Christopherson
gave a talk at Open Source Summit Europe (and KVM Forum) with the title
"Scaling KVM and its community". The talk mostly focused on KVM for the
x86 architecture—the largest and most mature KVM architectu ... ⌘ [Read more](https://lwn.net/Articles/914638/) 2022-11-16T14:09:50Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (grub2, nginx, and wordpress), **Red Hat** (389-ds-base, bind, buildah, curl, device-mapper-multipath, dnsmasq, dotnet7.0, dpdk, e2fsprogs, grafana-pcp, harfbuzz, ignition, Image Builder, kernel, keylime, libguestfs, libldb, libtiff, libvirt, logrotate, mingw-zlib, mutt, openjpeg2, podman, poppler, python-lxml, qt5, rsync, runc, samba, skopeo, toolbox, unbound, virt-v2v, wavpack, webkit2gtk3, xorg-x11-server, xorg-x11-server-Xwayland, and yajl), **SUSE** (3 ... ⌘ [Read more](https://lwn.net/Articles/915097/) 2022-11-16T14:15:35Z **Three more stable kernels**
The
[6.0.9](https://lwn.net/Articles/915099/),
[5.15.79](https://lwn.net/Articles/915100/), and
[5.10.155](https://lwn.net/Articles/915101/)
stable kernel updates have been released; each contains another set of
important fixes. ⌘ [Read more](https://lwn.net/Articles/915098/) 2022-11-16T15:14:16Z **Meta's Sapling source-code management system**
Meta has [announced](https://engineering.fb.com/2022/11/15/open-source/sapling-source-control-scalable/)
the open-source release of part of it's internal source-code management
system, called Sapling.

> Sapling began 10 years ago as an initiative to make our monorepo
> scale in the face of tremendous growth. Public source control
> systems were not, and still are not, capable of handling
> repositories of this size. Breaking up the repository was also out
> of the question, as it would ... ⌘ [Read more](https://lwn.net/Articles/915104/) 2022-11-16T22:19:03Z **[$] Networking and high-frequency trading**
The high-frequency-trading (HFT) industry is rather tight-lipped about what
it does
and how it does it, but PJ Waskiewicz of Jump Trading came to the [Netdev 0x16 conference](https://netdevconf.info/0x16/) to try
to demystify some of that, especially with respect to its use of
networking. He
wanted to contrast the needs of HFT with those of the traditional networking
as it is used outside of the HFT space. He also has some thoughts on what
the Linux kernel could do to help address those needs ... ⌘ [Read more](https://lwn.net/Articles/914992/) 2022-11-17T00:27:43Z **[$] LWN.net Weekly Edition for November 17, 2022**
The LWN.net Weekly Edition for November 17, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/914359/) 2022-11-17T13:57:44Z **Security updates for Thursday**
Security updates have been issued by **Debian** (firefox-esr and thunderbird), **Fedora** (expat, xen, and xorg-x11-server), **Oracle** (kernel, kernel-container, qemu, xorg-x11-server, and zlib), **Scientific Linux** (xorg-x11-server), **Slackware** (firefox, krb5, samba, and thunderbird), **SUSE** (ant, apache2-mod\_wsgi, jsoup, rubygem-nokogiri, samba, and tomcat), and **Ubuntu** (firefox and linux, linux-aws, linux-aws-hwe, linux-dell300x, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdr ... ⌘ [Read more](https://lwn.net/Articles/915245/) 2022-11-17T15:30:25Z **[$] Rust in the 6.2 kernel**
The merge window for the 6.1 release brought in [basic support](https://lwn.net/Articles/910762/) for writing kernel code in Rust
— with an emphasis on "basic". It is possible to create a "hello world"
module for 6.1, but not much can be done beyond that. There is, however, a
lot more Rust code for the kernel out there; it's just waiting for its turn to be
reviewed and merged into the mainline. Miguel Ojeda has now posted [the next\
round](https://lwn.net/ml/linux-kernel/20221110164152.26136-1-ojeda@kernel.o ... ⌘ [Read more](https://lwn.net/Articles/914458/) 2022-11-18T14:16:32Z **Security updates for Friday**
Security updates have been issued by **Debian** (asterisk, firefox-esr, php-phpseclib, phpseclib, python-django, and thunderbird), **Fedora** (grub2, samba, and thunderbird), **Mageia** (firefox, sudo, systemd, and thunderbird), **Slackware** (freerdp), **SUSE** (firefox, go1.18, go1.19, kernel, openvswitch, python-Twisted, systemd, and xen), and **Ubuntu** (expat, git, multipath-tools, unbound, and webkit2gtk). ⌘ [Read more](https://lwn.net/Articles/915378/) 2022-11-18T15:42:25Z **Open source community split over offer of 'corporate' welfare for critical
dev tools (Register)**
The Register [looks\
at the discussion](https://www.theregister.com/2022/11/16/sourceware_open_source_openssf/) around the GNU Tools Infrastructure proposal.

> Sourceware, a volunteer group that has been supporting various
> critical FOSS developer tools for more than two decades, is being
> courted by The Linux Foundation's Open Source Security Foundation
> (OpenSSF). The OpenSSF aims to improve open source software
> security by prov ... ⌘ [Read more](https://lwn.net/Articles/915385/) 2022-11-18T15:58:58Z **Review: GIMP 2.99.14 (Libre Arts)**
Libre Arts [looks at\
the GIMP](https://librearts.org/2022/11/gimp-2-99-14/) as the 3.0 release approaches.

> Releases like this are too rare to disregard and thus all the more
> to treasure. In one swift motion the team is doing away with
> floating selections and bringing strokes/outlines for text. But
> this has been a bumpy road ⌘ [Read more](https://lwn.net/Articles/915388/) 2022-11-18T16:19:53Z **[$] Averting excessive oopses**
Even a single kernel oops is never a good thing; it is an indication that something has
gone badly wrong in the system somewhere and a straightforward
recovery is not possible. But it seems that oopsing a large number
of times has the potential to be even worse. To head off problems that
might result from repeated oopsing, there
is currently work afoot to put an upper limit on the number of times that
the kernel can be allowed to oops before just giving up and rebooting. ⌘ [Read more](https://lwn.net/Articles/914878/) 2022-11-21T00:39:43Z **Kernel prepatch 6.1-rc6**
The [6.1-rc6](https://lwn.net/Articles/915546/) kernel prepatch is out for
testing.

> I'm still waffling about whether there will be an rc8 or not,
> leaning a bit towards it happening. We'll see - it will make the
> 6.2 merge window leak into the holidays, but maybe that's fine and
> just makes people make sure they have everything lined up and
> ready \*before\* the merge window opens, the way things \_should\_
> work. ⌘ [Read more](https://lwn.net/Articles/915547/) 2022-11-21T15:08:31Z **Security updates for Monday**
Security updates have been issued by **Debian** (graphicsmagick and krb5), **Fedora** (dotnet6.0, js-jquery-ui, kubernetes, and xterm), **Gentoo** (php and postgresql), **Mageia** (php-pear-CAS, sysstat, varnish, vim, and x11-server), **Red Hat** (thunderbird), **SUSE** (389-ds, binutils, dpkg, firefox, frr, grub2, java-11-openjdk, java-17-openjdk, kernel, kubevirt stack, libpano, nodejs16, openjpeg, php7, php74, pixman, python-Twisted, python39, rubygem-loofah, sccache, sudo, thunderbird, tor, and tumbler) ... ⌘ [Read more](https://lwn.net/Articles/915623/) 2022-11-22T14:10:07Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (ntfs-3g), **Fedora** (krb5 and samba), **Gentoo** (firefox-bin, ghostscript-gpl, pillow, sudo, sysstat, thunderbird-bin, and xterm), **Red Hat** (firefox, hsqldb, and thunderbird), **SUSE** (cni, cni-plugins, and krb5), and **Ubuntu** (isc-dhcp and sqlite3). ⌘ [Read more](https://lwn.net/Articles/915708/) 2022-11-22T14:31:51Z **Welcome Stéphane Guillou, new QA Analyst for LibreOffice (Document Foundation)**
The Document Foundation has [announced](https://blog.documentfoundation.org/blog/2022/11/22/welcome-stephane-guillou-new-qa-analyst-for-libreoffice/)
the hiring of a quality-assurance analyst, bringing its staff up to 13
people.

> A lot of my time will be spent on triaging the issues users report
> on Bugzilla – our bug-reporting platform. There is a lot of
> activity on Bugzilla, and classifying and testing the reports is
> fundamental for us to focus ... ⌘ [Read more](https://lwn.net/Articles/915711/) 2022-11-22T15:47:31Z **Asahi Linux November 2022 progress report**
For those who are waiting for Linux on Apple hardware, the Asahi Linux
project has put out [a detailed\
report](https://asahilinux.org/2022/11/november-2022-report/) on progress toward a working kernel and distribution.

> This kind of safety model is not new: it is already commonplace on
> Android phones, where it is usually implemented in DSP
> firmware. But of course, the desktop Linux ecosystem doesn’t even
> have a speaker EQ database framework yet, nevermind safety models!
> The eter ... ⌘ [Read more](https://lwn.net/Articles/915725/) 2022-11-23T14:58:09Z **Stable kernel 4.19.286**
The [4.19.286](https://lwn.net/Articles/915771/) stable kernel update has been
released; it consists entirely of backported fixes for
speculative-execution vulnerabilities. ⌘ [Read more](https://lwn.net/Articles/915772/) 2022-11-23T14:57:49Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (heimdal, libarchive, and nginx), **Fedora** (varnish-modules and xterm), **Red Hat** (firefox), **Scientific Linux** (firefox, hsqldb, and thunderbird), **SUSE** (Botan, colord, containerized-data-importer, ffmpeg-4, java-1\_8\_0-ibm, krb5, nginx, redis, strongswan, tomcat, and xtrabackup), and **Ubuntu** (apr-util, freerdp2, and sysstat). ⌘ [Read more](https://lwn.net/Articles/915802/) 2022-11-24T14:38:54Z **Security updates for Thursday**
Security updates have been issued by **Debian** (vim), **Fedora** (drupal7-context, drupal7-link, firefox, xen, xorg-x11-server, and xorg-x11-server-Xwayland), **Oracle** (container-tools:ol8, device-mapper-multipath, dotnet7.0, firefox, hsqldb, keylime, podman, python3.9, python39:3.9, thunderbird, and xorg-x11-server), **SUSE** (exiv2-0\_26, keylime, libarchive, net-snmp, nginx, opensc, pixman, python-joblib, strongswan, and webkit2gtk3), and **Ubuntu** (expat, imagemagick, mariadb-10.3, mariadb-10.6, a ... ⌘ [Read more](https://lwn.net/Articles/915929/) 2022-11-25T14:46:00Z **Security updates for Friday**
Security updates have been issued by **Fedora** (firefox), **Mageia** (dropbear, freerdp, java, libx11, and tumbler), **Slackware** (ruby), **SUSE** (erlang, grub2, libdb-4\_8, and tomcat), and **Ubuntu** (exim4, jbigkit, and tiff). ⌘ [Read more](https://lwn.net/Articles/915984/) 2022-11-25T22:20:31Z **More stable kernels released**
Greg Kroah-Hartman has released the [5.10.156](https://lwn.net/Articles/915992/), [5.4.225](https://lwn.net/Articles/915993/), [4.19.267](https://lwn.net/Articles/915994/), [4.14.300](https://lwn.net/Articles/915995/), and [4.9.334](https://lwn.net/Articles/915996/) stable kernels. As usual, they
contain important fixes throughout the kernel tree. ⌘ [Read more](https://lwn.net/Articles/915991/) 2022-11-27T23:03:10Z **Kernel prepatch 6.1-rc7**
The [6.1-rc7](https://lwn.net/Articles/916050/) kernel prepatch has been
released for testing.

> There is really nothing here that makes me at all worried, except
> that it's just a bit more than I'm comfortable with. It should just
> have slowed down more by now.
>
> As a result, I'm now pretty sure that this is going to be one of
> those "we'll have an extra week and I'll make an rc8"
> releases. Which then in turn means that now the next merge window
> will be solidly in the holiday season. ⌘ [Read more](https://lwn.net/Articles/916051/) 2022-11-28T15:33:24Z **Security updates for Monday**
Security updates have been issued by **Debian** (chromium, commons-configuration2, graphicsmagick, heimdal, inetutils, ini4j, jackson-databind, and varnish), **Fedora** (drupal7-i18n, grub2, kubernetes, and python-slixmpp), **Mageia** (botan, golang, kernel, kernel-linus, radare2/rizin, and xterm), **Red Hat** (krb5, varnish, and varnish:6), **SUSE** (busybox, chromium, erlang, exiv2, firefox, freerdp, ganglia-web, java-1\_8\_0-openj9, nodejs12, nodejs14, opera, pixman, python3, sudo, tiff, and xen), and ** ... ⌘ [Read more](https://lwn.net/Articles/916135/) 2022-11-28T15:49:32Z **[$] Yet another try at the BPF program allocator**
The BPF subsystem, which allows code to be loaded into the kernel from user
space and safely executed in the kernel context, is bound to create a number of
challenges for the kernel as a whole. One might not think that allocating
memory for BPF programs would be high on the list of problems, but life
(and memory management) can be surprising. The attempts to do a better job
of providing space for compiled BPF code have, to date, only been partially
successful; now Song Liu is back with ... ⌘ [Read more](https://lwn.net/Articles/915005/) 2022-11-28T15:49:03Z **A useful guide to FFmpeg**
[FFmpeg](http://ffmpeg.org/) is an indispensable tool for
working with
audio and video streams, but it can be challenging to learn to use well.
[FFmpeg — The\
Ultimate Guide](https://img.ly/blog/ultimate-guide-to-ffmpeg/), posted by Csaba Kopias, can help. "This guide
covers the ins and outs of FFmpeg starting with fundamental concepts and
moving to media transcoding and video and audio processing providing
practical examples along the way." ⌘ [Read more](https://lwn.net/Articles/916063/) 2022-11-29T12:56:24Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (frr, gerbv, mujs, and twisted), **Fedora** (nodejs and python-virtualbmc), **Oracle** (dotnet7.0, kernel, kernel-container, krb5, varnish, and varnish:6), **SUSE** (busybox, python3, tiff, and tomcat), and **Ubuntu** (harfbuzz). ⌘ [Read more](https://lwn.net/Articles/916189/) 2022-11-29T15:25:37Z **Cartier-Tilet: Emacs 29 is nigh**
Lucien Cartier-Tilet [looks\
forward](https://blog.phundrak.com/emacs-29-what-can-we-expect/) to the upcoming Emacs 29 release.

> In case you didn’t know, Emacs’ current syntax highlighting is
> currently based on a system of regexes. Although it is not the
> worst thing to use, it’s not the best either, and it can become
> quite slow on larger files.
>
> TreeSitter parses programming languages based into a concrete
> syntax tree. From there, not only can syntax highlighting can be
> done at high sp ... ⌘ [Read more](https://lwn.net/Articles/916201/) 2022-11-29T17:17:46Z **Lina: Tales of the M1 GPU**
Asahi Lina gives [a detailed\
update](https://asahilinux.org/2022/11/tales-of-the-m1-gpu/) on progress toward a graphics driver for Apple M1 hardware.

> There is still a long road ahead! The UAPI that we are using right
> now is still a prototype, and there are a lot of new features that
> need to be added or redesigned in order to support a full Vulkan
> driver in the future. Since Linux mandates that the UAPI needs to
> remain stable and backwards compatible across versions (unlike
> macOS), that mean ... ⌘ [Read more](https://lwn.net/Articles/916208/) 2022-11-29T21:11:15Z **[$] Microblogging with ActivityPub**
As of late, concerns about the future of Twitter have caused many of its
users to seek alternatives. Amid this upheaval, an open-source
microblogging service called [Mastodon](https://joinmastodon.org/) has received a great deal of
attention. Mastodon is not reliant on any single company or central
authority to run its servers; anyone can run their own. Servers communicate
with each other, allowing people on different servers to send each other
messages and follow each other's posts. Mastodon doesn't ... ⌘ [Read more](https://lwn.net/Articles/916154/) 2022-11-30T13:14:40Z **The BPF extensible scheduler class**
It was only a matter of time before somebody found a way to inject BPF into
the CPU scheduler. [This patch\
series](https://lwn.net/ml/linux-kernel/20221130082313.3241517-1-tj@kernel.org/), posted by Tejun Heo and containing work by David Vernet, Josh
Don, and Barret Rhoden, does exactly that. The cover letter covers the
motivation behind this work in detail:

> One of our main goals was to lower the barrier to entry for
> experimenting with the scheduler. sched\_ext provides ergonomic
> callbacks ... ⌘ [Read more](https://lwn.net/Articles/916291/) 2022-11-30T13:13:57Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (krb5), **Fedora** (galera, mariadb, and mingw-python3), **Red Hat** (389-ds:1.4, kernel, kernel-rt, kpatch-patch, krb5, and usbguard), **Scientific Linux** (krb5), **Slackware** (kernel), **SUSE** (binutils, dbus-1, exiv2, freerdp, git, java-1\_8\_0-ibm, kernel, libarchive, libdb-4\_8, libmspack, nginx, opencc, python, python3, rxvt-unicode, sudo, supportutils, systemd, vim, and webkit2gtk3), and **Ubuntu** (bind9, gnutls28, libsamplerate, linux-gcp-5.4, p ... ⌘ [Read more](https://lwn.net/Articles/916346/) 2022-11-30T23:49:14Z **[$] Python and hashing None**
The recent discussion of a proposed change to the Python language—the usual
fare on the
language's [Ideas\
forum](https://discuss.python.org/c/ideas/6)—was interesting, somewhat less for the actual feature under
discussion than
for the other issues raised. The change itself is a minor, convenience
feature that would provide a reproducible iteration order for certain
kinds of sets between
separate
invocations of the interpreter. That is a pretty limited use case, and one
that could perhaps be fulfilled in ot ... ⌘ [Read more](https://lwn.net/Articles/916204/) 2022-12-01T01:05:52Z **[$] LWN.net Weekly Edition for December 1, 2022**
The LWN.net Weekly Edition for December 1, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/915254/) 2022-12-01T14:51:20Z **Security updates for Thursday**
Security updates have been issued by **CentOS** (device-mapper-multipath, firefox, hsqldb, krb5, thunderbird, and xorg-x11-server), **Debian** (libraw), **Fedora** (freerdp and grub2), **SUSE** (bcel, emacs, glib2, glibc, grub2, nodejs10, and tomcat), and **Ubuntu** (linux-azure-fde and snapd). ⌘ [Read more](https://lwn.net/Articles/916443/) 2022-12-01T15:09:22Z **[$] Disunity at The Document Foundation**
[The Document Foundation](https://www.documentfoundation.org/)
(TDF) was [created in 2010](https://lwn.net/Articles/407339/) to steward and
support the development of the
LibreOffice suite, which was then a new fork of OpenOffice.org. TDF has
clearly been successful; [unlike OpenOffice](https://lwn.net/Articles/729460/),
which is currently under the Apache umbrella, LibreOffice is an actively
developed and widely
used project. But TDF has also been showing signs of stress in recent
years, and th ... ⌘ [Read more](https://lwn.net/Articles/916223/) 2022-12-02T00:00:39Z **Memory Safe Languages in Android 13 (Google security blog)**
Over on the Google security blog, Jeffrey Vander Stoep [writes](https://security.googleblog.com/2022/12/memory-safe-languages-in-android-13.html) about the impact of focusing on using memory-safe languages for new code in Android.

> As the amount of new memory-unsafe code entering Android has decreased, so too has the number of memory safety vulnerabilities. From 2019 to 2022 it has dropped from 76% down to 35% of Android’s total vulnerabilities. **2022 is the first year wher ... ⌘ [Read more](https://lwn.net/Articles/916537/) 2022-12-02T14:22:40Z **Samsung, LG, Mediatek certificates compromised to sign Android malware
(Bleeping Computer)**
Bleeping Computer [reports](https://www.bleepingcomputer.com/news/security/samsung-lg-mediatek-certificates-compromised-to-sign-android-malware/)
that the Android platform signing certificates for several manufacturers
have leaked and been used to sign malware.

> However, based on the results, even though Google said that "all
> affected parties were informed of the findings and have taken
> remediation measures to minimize the user impact," ... ⌘ [Read more](https://lwn.net/Articles/916624/) 2022-12-02T14:59:36Z **Security updates for Friday**
Security updates have been issued by **Debian** (snapd), **Fedora** (firefox, libetpan, ntfs-3g, samba, thunderbird, and xen), **SUSE** (busybox, emacs, and virt-v2v), and **Ubuntu** (linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gkeop, linux-hwe-5.15,
 linux-ibm, linux-intel-iotg, linux-kvm, linux-lowlatency,
 linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux-raspi, linux, linux-aws, linux-aws-5.4, linux-gcp, linux-gcp-5.4, linux-gkeop,
 linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-k ... ⌘ [Read more](https://lwn.net/Articles/916658/) 2022-12-02T15:47:09Z **[$] Juggling software interrupts and realtime tasks**
The software-interrupt mechanism is one of the oldest parts in the kernel;
arguably, the basic design behind it predates Linux itself. Software
interrupts can get in the way of other work so, for almost as
long as they have existed, developers have wished that they
could be made to go away. That has never happened, though, and doesn't
look imminent. Instead, Android systems have long carried a patch that
tries to minimize the impact of software interrupts, at least in some
situations ... ⌘ [Read more](https://lwn.net/Articles/915320/) 2022-12-03T14:51:35Z **Three stable kernel updates**
The
[6.0.11](https://lwn.net/Articles/916762/),
[5.15.81](https://lwn.net/Articles/916763/), and
[5.10.157](https://lwn.net/Articles/916764/)
stable kernel updates have been released; each contains another set of
important fixes. ⌘ [Read more](https://lwn.net/Articles/916761/) 2022-12-05T08:04:13Z **Kernel prepatch 6.1-rc8**
The [eighth and presumably final 6.1 kernel\
prepatch](https://lwn.net/Articles/916908/) has been released for testing. "So everything looks good,
and while the calming down may have happened later than I wished for, it
did happen. Let's hope this upcoming week is as quiet (or quieter)." ⌘ [Read more](https://lwn.net/Articles/916909/) 2022-12-05T14:11:22Z **Security updates for Monday**
Security updates have been issued by **Debian** (awstats, chromium, clamav, g810-led, giflib, http-parser, jhead, libpgjava, node-cached-path-relative, node-fetch, and vlc), **Fedora** (fastnetmon, kernel, librime, qpress, rr, thunderbird, and wireshark), **Red Hat** (kernel, kernel-rt, and kpatch-patch), **Slackware** (mozilla), **SUSE** (cherrytree and chromium), and **Ubuntu** (libbpf, libxml2, linux-gcp-5.15, linux-gke, linux-gke-5.15, and linux-gke). ⌘ [Read more](https://lwn.net/Articles/916979/) 2022-12-05T15:07:55Z **[$] Losing the magic**
The kernel project is now more than three decades old; over that time, a
number of development practices have come and gone. Once upon a time, the
use of "magic numbers" to identify kernel data structures was seen as a
good way to help detect and debug problems. Over the years, though, the
use of magic numbers has gone into decline; [this\
patch set](https://lwn.net/ml/linux-kernel/cover.1668128257.git.nabijaczleweli@nabijaczleweli.xyz/) from Ahelenia Ziemiańska may be an indication that the reign
of magic numbers ... ⌘ [Read more](https://lwn.net/Articles/915163/) 2022-12-06T08:57:16Z **A 10-minute guide to the Linux ABI (opensource.com)**
Alison Chaiken [provides an\
overview](https://opensource.com/article/22/12/linux-abi) of Linux ABI concerns on opensource.com.

> Understanding the stable ABI is a bit subtle. Consider that, while
> most of sysfs is stable ABI, the debug interfaces are guaranteed to
> be unstable since they expose kernel internals to userspace. In
> general, Linus Torvalds has pronounced that by "don't break
> userspace," he means to protect ordinary users who "just want it to
> work" rather th ... ⌘ [Read more](https://lwn.net/Articles/917052/) 2022-12-06T10:02:05Z **Security updates for Tuesday**
Security updates have been issued by **Ubuntu** (binutils and ca-certificates). ⌘ [Read more](https://lwn.net/Articles/917080/) 2022-12-06T15:35:09Z **[$] Checking page-cache status with cachestat()**
The kernel's page cache holds pages from files in RAM, allowing those
pages to be accessed without expensive trips to persistent storage.
Applications are normally entirely unaware of the page cache's operation;
it speeds things up and that is all that matters. Some applications,
though, can benefit from knowledge about how much of a given file is
present in the page cache at any given time; the [proposed\
cachestat() system call](https://lwn.net/ml/linux-kernel/20221205175140.1543229-1- ... ⌘ [Read more](https://lwn.net/Articles/917096/) 2022-12-06T21:29:00Z **KernelCI now testing Linux Rust code (Collabora blog)**
Over on the Collabora blog, Adrian Ratiu [writes](https://www.collabora.com/news-and-blog/news-and-events/kernelci-now-testing-linux-rust-code.html) about the addition of the kernel's Rust code to the [KernelCI](https://kernelci.org/) automated kernel testing project. The blog post looks at what it took to add the support and on some plans for future additions, as well.

> An interesting challenge for the rustc docker builds was the fact that the standard Rust method of installing ... ⌘ [Read more](https://lwn.net/Articles/917147/) 2022-12-07T08:44:17Z **Rust support coming to GCC**
Gccrs — the Rust front-end for GCC — has been [approved](https://lwn.net/ml/gcc-patches/CAFiYyc3jYntxW1pHExwMeNd4BDp+DVO-ZAuy0NiPtajc_s1P=A@mail.gmail.com/)
for merging into the GCC trunk. That means that the next GCC release will
be able to compile Rust, sort of; as gccrs developer Arthur Cohen [warns](https://lwn.net/ml/gcc-patches/2c820cbc-de98-7e51-f09a-e3dfa4d2fd9f@embecosm.com/):
"This is very much an extremely experimental compiler and will still get
a lot of changes in the coming weeks and months up ... ⌘ [Read more](https://lwn.net/Articles/917207/) 2022-12-07T09:03:46Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (cgal, ruby-rails-html-sanitizer, and xfce4-settings), **Red Hat** (dbus, grub2, kernel, pki-core, and usbguard), **Scientific Linux** (pki-core), **SUSE** (bcel, LibVNCServer, and xen), and **Ubuntu** (ca-certificates and u-boot). ⌘ [Read more](https://lwn.net/Articles/917208/) 2022-12-07T17:02:26Z **[$] Composefs for integrity protection and data sharing**
A read-only filesystem that will transparently share file data between disparate
directory trees, while also providing integrity verification for the data
and the
directory metadata, was recently [posted as an\
RFC](https://lwn.net/ml/linux-kernel/cover.1669631086.git.alexl@redhat.com/)
to the linux-kernel mailing list. [Composefs](https://github.com/containers/composefs) was developed
by Alexander Larsson (who posted it) and Giuseppe Scrivano for use by [podman](https://podman.i ... ⌘ [Read more](https://lwn.net/Articles/917097/) 2022-12-07T20:06:16Z **Tor Browser 12.0 released**
[Version\
12.0](https://blog.torproject.org/new-release-tor-browser-120/) of the Tor browser has been released. Changes include
multi-locale support, Apple silicon support, HTTPS-only behavior by default
on Android and more. ⌘ [Read more](https://lwn.net/Articles/917282/) 2022-12-08T00:12:36Z **[$] LWN.net Weekly Edition for December 8, 2022**
The LWN.net Weekly Edition for December 8, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/916497/) 2022-12-08T13:22:46Z **Security updates for Thursday**
Security updates have been issued by **Debian** (dlt-daemon, jqueryui, and virglrenderer), **Fedora** (firefox, vim, and woff), **Oracle** (kernel and nodejs:18), **Red Hat** (java-1.8.0-ibm and redhat-ds:11), **Slackware** (python3), **SUSE** (buildah, matio, and osc), and **Ubuntu** (heimdal and postgresql-9.5). ⌘ [Read more](https://lwn.net/Articles/917398/) 2022-12-08T13:35:24Z **Seven new stable kernels**
Greg Kroah-Hartman has released the [6.0.12](https://lwn.net/Articles/917401/),
[5.15.82](https://lwn.net/Articles/917400/), [5.10.158](https://lwn.net/Articles/917402/), [5.4.226](https://lwn.net/Articles/917403/), [4.19.268](https://lwn.net/Articles/917404/), [4.14.301](https://lwn.net/Articles/917405/), and [4.9.335](https://lwn.net/Articles/917406/) stable kernels. As is the norm, they
contain important fixes throughout the kernel tree; users of those series
should upgrade. ⌘ [Read more](https://lwn.net/Articles/917399/) 2022-12-08T17:02:44Z **[$] Bugs and fixes in the kernel history**
Each new kernel release fixes a lot of bugs, but each release also
introduces new bugs of its own. That leads to a fundamental
question: is the kernel community fixing bugs more quickly than it is adding
them? The answer is less than obvious but, if it could be found, it
would give an important indication of the long-term future of the kernel
code base. While digging into the kernel's revision history cannot give a
definitive answer to that question, it can provide some hints as to what
that an ... ⌘ [Read more](https://lwn.net/Articles/914632/) 2022-12-08T17:29:58Z **PHP 8.2.0 released**
[Version 8.2.0](https://www.php.net/releases/8.2/en.php) of the
PHP language is out.

> PHP 8.2 is a major update of the PHP language.It
> contains many new features, including readonly classes, null, false, and
> true as stand-alone types, deprecated dynamic properties, performance
> improvements and more. ⌘ [Read more](https://lwn.net/Articles/917434/) 2022-12-09T13:29:38Z **Security updates for Friday**
Security updates have been issued by **Debian** (leptonlib), **Fedora** (woff), **Red Hat** (grub2), **Slackware** (emacs), **SUSE** (busybox, chromium, java-1\_8\_0-openjdk, netatalk, and rabbitmq-server), and **Ubuntu** (gcc-5, gccgo-6, glibc, protobuf, and python2.7, python3.10, python3.6, python3.8). ⌘ [Read more](https://lwn.net/Articles/917530/) 2022-12-09T15:16:32Z **[$] mimmutable() for OpenBSD**
Virtual-memory systems provide a great deal of flexibility in how memory
can be mapped and protected. Unfortunately, memory-management flexibility
can also be useful to attackers bent on compromising a system. In the
OpenBSD world, a new system call is being added to reduce this flexibility;
it is, though, a system call that almost no code is expected to use. ⌘ [Read more](https://lwn.net/Articles/915640/) 2022-12-12T00:28:06Z **The 6.1 kernel is out**
Linus has [released](https://lwn.net/ml/linux-kernel/CAHk-%3Dwj_HcgFZNyZHTLJ7qC2613zphKDtLh6ndciwopZRfH0aQ%40mail.gmail.com/) the 6.1 kernel; he is preparing for a tricky holiday merge window:

> So here we are, a week late, but last week was nice and slow, and I'm
> much happier about the state of 6.1 than I was a couple of weeks ago
> when things didn't seem to be slowing down.
>
> Of course, that means that now we have the merge window from hell,
> just before the holidays, with me having some pre-holiday trav ... ⌘ [Read more](https://lwn.net/Articles/917504/) 2022-12-12T08:08:47Z **OpenShot 3.0 released**
[Version\
3.0](https://www.openshot.org/blog/2022/12/10/new_openshot_release_300/) of the OpenShot video editor is out.

> One of the largest and most noticeable changes to OpenShot 3.0 is
> our improved video preview, resulting in smoother video preview and
> fewer freezes and pauses during previewing. But to understand why
> things are so much smoother, we need to look deeper into our
> decoding engine. We have rearchitected our decoder to be much more
> resilient to missing packets, missing timestamps, an ... ⌘ [Read more](https://lwn.net/Articles/917646/) 2022-12-12T13:14:40Z **Security updates for Monday**
Security updates have been issued by **Debian** (cacti, grub2, hsqldb, node-eventsource, and openexr), **Fedora** (bcel, keylime, rust-capnp, rust-sequoia-octopus-librnp, xfce4-screenshooter, and xfce4-settings), **Oracle** (nodejs:18), **Scientific Linux** (grub2), **Slackware** (libarchive), **SUSE** (go1.18, go1.19, nautilus, opera, python-slixmpp, and samba), and **Ubuntu** (python2.7, python3.5, qemu, and squid3). ⌘ [Read more](https://lwn.net/Articles/917690/) 2022-12-12T14:34:28Z **[$] Development statistics for the 6.1 kernel (and beyond)**
The 6.1 kernel was [released](https://lwn.net/ml/linux-kernel/CAHk-%3Dwj_HcgFZNyZHTLJ7qC2613zphKDtLh6ndciwopZRfH0aQ%40mail.gmail.com/)
on December 11; by the time of this release, 13,942 non-merge
changesets had been pulled into the mainline, growing the kernel by 412,000
lines of code. This is thus not the busiest development cycle ever, but
neither is it the slowest, and those changesets contained a number of
fundamental changes. This release will also be the long-term-suppo ... ⌘ [Read more](https://lwn.net/Articles/915435/) 2022-12-13T08:26:08Z **Git 2.39.0 released**
[Version 2.39.0](https://lwn.net/ml/linux-kernel/xmqqlencspnl.fsf@gitster.g/)
of the Git source-code management system is out. "It is comprised of
483 non-merge commits since v2.38.0, contributed by 86 people, 31 of which
are new faces". This release seems to mostly offer incremental
improvements; see the announcement or [this GitHub\
blog post](https://github.blog/2022-12-12-highlights-from-git-2-39/) for details. ⌘ [Read more](https://lwn.net/Articles/917726/) 2022-12-13T10:24:04Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (node-tar and pngcheck), **SUSE** (colord, containerd, and tiff), and **Ubuntu** (containerd, linux-azure, linux-azure, linux-azure-5.4, linux-oem-5.17, and vim). ⌘ [Read more](https://lwn.net/Articles/917749/) 2022-12-13T13:59:30Z **Miller: Upcoming releases and more fun stuff**
[Bugzilla](https://www.bugzilla.org/) project lead Dave Miller has [posted a plan](https://www.bugzilla.org/blog/2022/12/13/upcoming-releases-and-more-fun-stuff/) for several upcoming releases of the bug-tracking tool. The post starts with: "Surprise! Bugzilla’s not dead yet. :-)". It is, in effect, an update to his [August posting](https://lists.bugzilla.org/pipermail/developers/2022-August/010231.html) to the Bugzilla developers mailing list. In the new post, he outlines the plan for rele ... ⌘ [Read more](https://lwn.net/Articles/917758/) 2022-12-13T20:44:57Z **[$] The return of lazy imports for Python**
Back in September, we [looked](https://lwn.net/Articles/907226/) at a Python
Enhancement Proposal (PEP) to add "lazy" imports to the language; the
execution of such an import would be deferred until its symbols were needed
in order to save program-startup time. While the problem of startup time
for short-running, often command-line-oriented, tools is widely
acknowledged in the Python community, and the idea of deferring imports is
generally popular, there are concerns about the effect of the f ... ⌘ [Read more](https://lwn.net/Articles/917280/) 2022-12-14T07:19:46Z **Firefox 108 released**
[Version\
108](https://www.mozilla.org/en-US/firefox/108.0/releasenotes/) of the Firefox browser has been released. The headline feature
this time around appears to be the enabling of [import maps](https://github.com/WICG/import-maps#readme) by
default, along with support for [the\
Web MIDI API](https://developer.mozilla.org/en-US/docs/Web/API/Web_MIDI_API) and the usual set of security fixes. ⌘ [Read more](https://lwn.net/Articles/917783/) 2022-12-14T08:07:17Z **A security release for xorg-server**
X.org users running in potentially hostile environments will want to look
into [the xorg-server 21.1.5 release](https://lwn.net/Articles/917789/), which
fixes [several potentially serious security\
vulnerabilities](https://lwn.net/Articles/917791/). "All theses issues can lead to local privileges
elevation on systems where the X server is running privileged and remote
code execution for ssh X forwarding sessions". ⌘ [Read more](https://lwn.net/Articles/917790/) 2022-12-14T08:25:26Z **Everything Open call for proposals**
[Everything Open](https://2023.everythingopen.au/) is,
seemingly, the future form of the conference once known as linux.conf.au;
see [this\
page](https://everythingopen.au/news/introducing-everything-open/) for a discussion of the reasoning behind the change. The
inaugural event will be held March 14 to 16 in Melbourne,
Australia, and the [call for\
proposals](https://2023.everythingopen.au/programme/proposals/) has gone out now, with a deadline of January 15.
"Our aim is to create a deeply technical ... ⌘ [Read more](https://lwn.net/Articles/917792/) 2022-12-14T10:37:27Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (pngcheck), **Fedora** (qemu), **Mageia** (admesh, busybox, emacs, libarchive, netkit-telnet, ruby, rxvt-unicode, and shadowutils), **Oracle** (bcel and kernel), **Red Hat** (389-ds-base, bcel, dbus, firefox, grub2, kernel, kernel-rt, kpatch-patch, thunderbird, and usbguard), **Scientific Linux** (bcel), **SUSE** (containerd, firefox, grafana, java-1\_8\_0-openjdk, libtpms, net-snmp, and wireshark), and **Ubuntu** (pillow). ⌘ [Read more](https://lwn.net/Articles/917839/) 2022-12-14T18:20:53Z **[$] Troubles with triaging syzbot reports**
A report from the [syzbot](https://github.com/google/syzkaller/blob/master/docs/syzbot.md)
kernel fuzz-testing robot does not usually spawn a
vitriolic mailing-list thread, but that is just what happened recently.
While the invective is regrettable, the underlying issue is important. The
dispute revolves around how best to report bugs
to affected subsystems and, ultimately, how not to waste maintainers' time. ⌘ [Read more](https://lwn.net/Articles/917762/) 2022-12-15T00:43:27Z **[$] LWN.net Weekly Edition for December 15, 2022**
The LWN.net Weekly Edition for December 15, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/917337/) 2022-12-15T07:34:21Z **Another set of stable kernel updates**
The
[6.0.13](https://lwn.net/Articles/917895/),
[5.15.83](https://lwn.net/Articles/917896/),
[5.10.159](https://lwn.net/Articles/917899/),
[5.4.227](https://lwn.net/Articles/917897/),
[4.19.269](https://lwn.net/Articles/917898/),
[4.14.302](https://lwn.net/Articles/917900/), and
[4.9.336](https://lwn.net/Articles/917901/)
stable kernel updates have all been released; each contains another set of
important fixes. ⌘ [Read more](https://lwn.net/Articles/917894/) 2022-12-15T08:18:37Z **The Linux kernel contribution maturity model**
Ted Ts'o, in collaboration with the Linux Foundation Technical Advisory
Board, has put together a document called the [Linux kernel\
contribution maturity model](https://lwn.net/ml/linux-doc/20221214185714.868374-1-tytso@mit.edu/) to help companies improve their
participation in the kernel development process.

> The goal is to encourage, in a management-friendly way, companies
> to allow their engineers to contribute with the upstream Linux
> Kernel development community, so we can grow ... ⌘ [Read more](https://lwn.net/Articles/917913/) 2022-12-15T13:52:10Z **Security updates for Thursday**
Security updates have been issued by **Debian** (firefox-esr and git), **Slackware** (mozilla and xorg), **SUSE** (apache2-mod\_wsgi, capnproto, xorg-x11-server, xwayland, and zabbix), and **Ubuntu** (emacs24, firefox, linux-azure, linux-azure-5.15, linux-azure-fde, linux-oem-6.0, and xorg-server, xorg-server-hwe-18.04, xwayland). ⌘ [Read more](https://lwn.net/Articles/917947/) 2022-12-15T14:37:28Z **[$] 6.2 Merge window, part 1**
Once upon a time, Linus Torvalds would try to set a pace of about 1,000
changesets pulled into the mainline each day during the early part of the
merge window. For 6.2, though, the situation is different; no less than
9,278 non-merge changesets were pulled during the first two days. Needless
to say, these commits affect the kernel in numerous ways, even though there
are fewer fundamental changes than were seen in 6.1. ⌘ [Read more](https://lwn.net/Articles/917733/) 2022-12-15T14:51:26Z **Xfce 4.18 released**
[Version 4.18](https://alexxcons.github.io/blogpost_8.html) of
the Xfce desktop environment has been released.

> Since Xfce 4.16 a lot
> of major development happened. Our team added multiple nice new features,
> did a gazillion of bug fixes and did various minor improvements. Finally,
> all that is going to be released for your pleasure.

See the announcement for a long list of new features. ⌘ [Read more](https://lwn.net/Articles/917949/) 2022-12-16T12:52:47Z **Security updates for Friday**
Security updates have been issued by **Debian** (firefox-esr, libde265, php7.3, and thunderbird), **Fedora** (firefox, freeradius, freerdp, and xorg-x11-server), **Oracle** (firefox, prometheus-jmx-exporter, and thunderbird), **Red Hat** (firefox, nodejs:16, prometheus-jmx-exporter, and thunderbird), and **SUSE** (ceph and chromium). ⌘ [Read more](https://lwn.net/Articles/918047/) 2022-12-16T13:45:22Z **[$] The intersection of shadow stacks and CRIU**
Shadow stacks are one of the methods employed to enforce [control-flow\
integrity](https://en.wikipedia.org/wiki/Control-flow_integrity) and thwart attackers; they are a mechanism for fine-grained,
backward-edge protection. Most of the time, applications are not even
aware that shadow stacks are in use. As is so often the case, though, life
gets more complicated when the [Checkpoint/Restore in Userspace](https://criu.org/Main_Page)
(CRIU) mechanism is in use. Not breaking CRIU turns out t ... ⌘ [Read more](https://lwn.net/Articles/915728/) 2022-12-17T11:23:51Z **OCaml 5.0.0 released**
[Version\
5.0.0](https://discuss.ocaml.org/t/ocaml-5-0-0-is-out/10974) of the OCaml programming language is out.

> The highlight of this new major version of OCaml is the
> long-awaited runtime support for shared memory parallelism and
> effect handlers. This multicore support is the culmination of more
> than 8 years of effort, and required a full rewrite of the OCaml
> runtime environment. Consequently, OCaml 5.0.0 is expected to be a
> more experimental version of OCaml than the usual OCaml releases. ⌘ [Read more](https://lwn.net/Articles/918109/) 2022-12-18T20:06:38Z **Apache SpamAssassin 4.0.0 released**
Version 4.0.0 of the Apache SpamAssassin spam filter has been released.

> Apache SpamAssassin 4.0.0 contains numerous tweaks and bug fixes over
> the past releases. In particular, it includes major changes that
> significantly improve the handling of text in international language.
>
> As with any major release, there are countless functional patches and
> improvements to upgrade to 4.0.0. Apache SpamAssassin 4.0.0 includes
> several years of fixes that significantly improve classification and
> per ... ⌘ [Read more](https://lwn.net/Articles/918145/) 2022-12-19T14:29:24Z **Security updates for Monday**
Security updates have been issued by **Debian** (chromium and thunderbird), **Fedora** (keylime, libarchive, libtasn1, pgadmin4, rubygem-nokogiri, samba, thunderbird, wireshark, and xorg-x11-server-Xwayland), **Gentoo** (curl, libreoffice, nss, unbound, and virtualbox), **Mageia** (advancecomp, couchdb, firefox, freerdp, golang, heimdal, kernel, kernel-linus, krb5, leptonica, libetpan, python-slixmpp, thunderbird, and xfce4-settings), **Oracle** (firefox, nodejs:16, and thunderbird), **Scientific Linux** (f ... ⌘ [Read more](https://lwn.net/Articles/918203/) 2022-12-19T14:51:01Z **Stable kernels 6.0.14, 5.15.84, 5.10.160, and 5.4.228**
Greg Kroah-Hartman has announced the release of the [6.0.14](https://lwn.net/Articles/918205/), [5.15.84](https://lwn.net/Articles/918206/), [5.10.160](https://lwn.net/Articles/918207/), and [5.4.228](https://lwn.net/Articles/918208/) stable kernels. They contain a
relatively small number of important fixes throughout the tree. ⌘ [Read more](https://lwn.net/Articles/918204/) 2022-12-19T16:01:41Z **[$] Enabling non-executable memfds**
The memfd interface is a bit of a strange and Linux-specific beast; it was
initially [created](https://lwn.net/Articles/593918/) to support the secure
passing of data between cooperating processes on a single system. It has
since gained other roles, but it may still come as a surprise to some to
learn that memory regions created for memfds, unlike almost any other data
area, have the execute permission bit set. That can facilitate attacks; [this\
patch set](https://lwn.net/ml/linux-kernel/20221209160 ... ⌘ [Read more](https://lwn.net/Articles/918106/) 2022-12-20T13:54:19Z **Linux Mint 21.1 ("Vera") released**
Linux Mint has announced the release of version 21.1 of the distribution in three editions: [Cinnamon](https://blog.linuxmint.com/?p=4454) ( [what's new](https://www.linuxmint.com/rel_vera_cinnamon_whatsnew.php)), [MATE](https://blog.linuxmint.com/?p=4453) ( [what's new](https://www.linuxmint.com/rel_vera_mate_whatsnew.php)), and [Xfce](https://blog.linuxmint.com/?p=4452) ( [what's new](https://www.linuxmint.com/rel_vera_xfce_whatsnew.php)).
Mint 21.1 is based on Ubuntu 22.04 and uses kernel version 5 ... ⌘ [Read more](https://lwn.net/Articles/918251/) 2022-12-20T14:50:10Z **GnuPG 2.4.0 released**
Version 2.4.0 of the GNU Privacy Guard has been released. "Exactly 25 years ago the very first release of GnuPG was published. We
are pleased to take this opportunity to announce the availability of a
new stable GnuPG release: version 2.4.0." Changes in this release
include full support for the key database daemon, some performance
improvements, a change to AES256 as the default cipher, and much more. ⌘ [Read more](https://lwn.net/Articles/918269/) 2022-12-20T14:46:15Z **Security updates for Tuesday**
Security updates have been issued by **Fedora** (mujs) and **SUSE** (kernel and thunderbird). ⌘ [Read more](https://lwn.net/Articles/918268/) 2022-12-20T16:59:15Z **[$] Beyond microblogging with ActivityPub**
[ActivityPub-enabled microblogs](https://lwn.net/Articles/916154/) are gaining
popularity as a replacement for Twitter, but ActivityPub is for more than
just microblogging. Many other popular services also have open-source
alternatives that speak ActivityPub. Proprietary services operated by
commercial interests usually deliberately limit interoperability, but users
of any ActivityPub-enabled service should be able to communicate with each
other, even if they are using different services. This ... ⌘ [Read more](https://lwn.net/Articles/918224/) 2022-12-21T13:48:21Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (xorg-server), **Fedora** (samba, snakeyaml, thunderbird, xorg-x11-server, and xrdp), **Slackware** (libksba and sdl), and **SUSE** (cni, cni-plugins, java-1\_7\_1-ibm, kernel, openssl-3, and supportutils). ⌘ [Read more](https://lwn.net/Articles/918313/) 2022-12-21T17:39:38Z **Four more stable kernel updates**
The
[6.1.1](https://lwn.net/Articles/918327/),
[6.0.15](https://lwn.net/Articles/918328/),
[5.15.85](https://lwn.net/Articles/918329/), and
[5.10.161](https://lwn.net/Articles/918330/)
stable kernel updates have been released. Each contains a relatively small
set of important fixes. ⌘ [Read more](https://lwn.net/Articles/918326/) 2022-12-21T18:12:21Z **Huang: Towards a More Open Secure Element Chip**
Andrew 'bunnie' Huang [writes](https://www.bunniestudios.com/blog/?p=6606) about his work
with Cramium to bring more openness to [secure element](https://en.wikipedia.org/wiki/Secure_element)
chips:

> In my view it’s better to compromise and have a seat at the table
> now, than to walk away from negotiations and simply cede green
> fields to proprietary technologies, hoping to retake lost ground
> only after the community has achieved consensus around a robust
> full-stack open sourc ... ⌘ [Read more](https://lwn.net/Articles/918337/) 2022-12-21T21:10:23Z **[$] Wrapping up 2022**
Yet another year is coming to a close; that can only mean that the time has
come to indulge in a longstanding LWN tradition: looking back at [the predictions we made in January](https://lwn.net/Articles/878573/) and giving
them the mocking that they richly deserve. Read on to see how those
predictions went, what was missed, and a look back at the year in general. ⌘ [Read more](https://lwn.net/Articles/917752/) 2022-12-22T01:56:28Z **[$] LWN.net Weekly Edition for December 22, 2022**
The LWN.net Weekly Edition for December 22, 2022 is available. ⌘ [Read more](https://lwn.net/Articles/917890/) 2022-12-22T14:19:03Z **Security updates for Thursday**
Security updates have been issued by **Debian** (libksba and linux-5.10), **Slackware** (mozilla), and **SUSE** (curl, java-1\_8\_0-ibm, and sqlite3). ⌘ [Read more](https://lwn.net/Articles/918379/) 2022-12-22T14:34:00Z **Second Prototype Advances ALP (openSUSE News)**
The openSUSE News site [covers\
some highlights](https://news.opensuse.org/2022/12/22/second-prototype-advances-alp/) from the [second prototype\
release](https://www.suse.com/c/alp-punta-baretti/) of the upcoming SUSE "ALP" distribution.

> The mountainous prototype has the big addition of Full Disk
> Encryption. ALP extended this Full Disk Encryption to bare metal
> servers and the use of a Trusted Platform Module will open the
> doors to leverage unattended booting while keeping syst ... ⌘ [Read more](https://lwn.net/Articles/918380/) 2022-12-22T14:38:48Z **Ryabitsev: Sending a kernel patch with b4 (part 1)**
Konstantin Ryabitsev has put up [a\
blog entry](https://people.kernel.org/monsieuricon/sending-a-kernel-patch-with-b4-part-1) showing how to use b4 to submit kernel patches
without (directly) using email.

> While b4 started out as a way for maintainers to retrieve patches
> from mailing lists, it also has contributor-oriented
> features. Starting with version 0.10 b4 can:
>
>
> - create and manage patch series and cover letters
>
> - track and auto-reroll series revisions
>
> - dis ... ⌘ [Read more](https://lwn.net/Articles/918381/) 2022-12-22T19:48:18Z **[$] Not coalescing around None-aware**
The wish for a "None-aware" operator (or operators) is
longstanding within the Python community. While there is fairly
widespread
interest in more easily handling situations where a value needs to be
tested for being None before being further processed, there is
much less agreement on how to "spell" such an operator (or construct) and
on whether the language truly needs it. But the idea never seems to go
away, with long discussions erupting every year or two—and no resolution
really in sight. ⌘ [Read more](https://lwn.net/Articles/918058/) 2022-12-22T19:47:53Z **Darktable 4.2.0 released**
[Version\
4.2.0](https://www.darktable.org/2022/12/darktable-4.2.0-released/) of the Darktable raw photo editor is out. New features include a
new display transform module, a pair of new highlight-reconstruction
algorithms, and more; see the announcement and [this Libre Arts\
article](https://librearts.org/2022/12/darktable-4-2/) for more. ⌘ [Read more](https://lwn.net/Articles/918400/) 2022-12-23T14:54:48Z **Intel posts a new "Xe" graphics driver**
Intel's graphical processors have been well supported in the mainline for
years, but it seems that the i915 driver may be approaching the end of its
development life. Matthew Brost has just posted [a new\
driver called "Xe"](https://lwn.net/ml/dri-devel/20221222222127.34560-1-matthew.brost@intel.com/) that looks to be (eventually) a replacement for
i915:

> The intention of this new driver is to have a fresh base to work
> from that is unencumbered by older platforms, whilst also taking
> the o ... ⌘ [Read more](https://lwn.net/Articles/918469/) 2022-12-23T15:19:47Z **Security updates for Friday**
Security updates have been issued by **Debian** (node-hawk and node-trim-newlines), **Fedora** (insight, ntfs-3g, and suricata), and **SUSE** (conmon, helm, kernel, and mbedtls). ⌘ [Read more](https://lwn.net/Articles/918486/) 2022-12-23T17:30:49Z **[$] SLOB nears the end of the road**
The kernel project tries hard to avoid duplicating functionality within its
code base; whenever possible, a single subsystem is made to serve all use
cases. There is one notable exception to this rule, though: there are
three object-level memory allocators ("slab allocators") in the kernel.
The desire to reduce the count has been growing stronger over the years,
and some steps have been taken in 6.2 to eliminate the least-loved
allocator — SLOB — in the relatively near future. ⌘ [Read more](https://lwn.net/Articles/918344/) 2022-12-26T05:52:27Z **Kernel prepatch 6.2-rc1**
Linus has [released 6.2-rc1](https://lwn.net/Articles/918584/) and closed the
merge window for this release. "So it's Christmas Day here, but it's also Sunday afternoon two weeks
after the 6.2 merge window opened. So holidays or not, the kernel
development show must go on." ⌘ [Read more](https://lwn.net/Articles/918585/) 2022-12-26T15:52:09Z **Security updates for Monday**
Security updates have been issued by **Debian** (kernel, libksba, and mbedtls), **Fedora** (containerd, curl, firefox, kernel, mod\_auth\_openidc, and xorg-x11-server), and **Mageia** (chromium-browser-stable). ⌘ [Read more](https://lwn.net/Articles/918607/) 2022-12-27T14:31:44Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (gerbv), **Fedora** (webkitgtk), and **SUSE** (ca-certificates-mozilla, freeradius-server, multimon-ng, vim, and vlc). ⌘ [Read more](https://lwn.net/Articles/918631/) 2022-12-27T16:15:49Z **[$] The rest of the 6.2 merge window**
The world got a special Christmas present from Linus Torvalds this year in
the form of the [6.2-rc1](https://lwn.net/ml/linux-kernel/CAHk-=wgf929uGOVpiWALPyC7pv_9KbwB2EAvQ3C4woshZZ5zqQ@mail.gmail.com/)
kernel prepatch. By the time the merge window closed, 13,687 non-merge
changesets had been pulled into the mainline for the 6.2 release. This was
the busiest merge window since 5.13 (which brought in 14.231 changesets) in
mid-2021, and quite a bit busier than 6.1 was — but comparable to the late
5.x ... ⌘ [Read more](https://lwn.net/Articles/918146/) 2022-12-28T14:48:51Z **Security updates for Wednesday**
Security updates have been issued by **Fedora** (curl) and **SUSE** (curl, freeradius-server, sqlite3, systemd, and vim). ⌘ [Read more](https://lwn.net/Articles/918655/) 2022-12-29T15:53:13Z **Security updates for Thursday**
Security updates have been issued by **Debian** (multipath-tools), **Fedora** (containerd and trafficserver), **Gentoo** (libksba and openssh), and **SUSE** (webkit2gtk3). ⌘ [Read more](https://lwn.net/Articles/918715/) 2022-12-30T15:21:05Z **Security updates for Friday**
Security updates have been issued by **Debian** (libcommons-net-java), **Fedora** (python3.6), and **SUSE** (conmon, polkit-default-privs, thunderbird, and webkit2gtk3). ⌘ [Read more](https://lwn.net/Articles/918778/) 2022-12-31T15:38:32Z **LineageOS 20 released**
[Version 20](https://lineageos.org/Changelog-27/) of the
Android-based LineageOS distribution has been released.

> We have been working extremely hard since Android 13’s release last
> October to port our features to this new version of Android. Thanks
> to our hard work adapting to Google’s largely UI-based changes in
> Android 12, and Android 13’s dead-simple device bring-up
> requirements, we were able to rebase our changes onto Android 13
> much more efficiently. This led to a lot of time to spend on co ... ⌘ [Read more](https://lwn.net/Articles/918809/) 2022-12-31T15:35:48Z **Three stable kernel updates**
The
[6.1.2](https://lwn.net/Articles/918805/),
[6.0.16](https://lwn.net/Articles/918807/), and
[5.15.86](https://lwn.net/Articles/918808/)
stable kernel updates have been released. As is typical for the first
post-rc1 updates, each of these contains a huge number of important fixes. ⌘ [Read more](https://lwn.net/Articles/918806/) 2022-12-31T15:44:46Z **Vanilla OS 22.10 released**
[Vanilla OS](https://vanillaos.org/) is a new, Ubuntu-based
distribution with an immutable(ish) core and a focus on containers. [Version\
22.10](https://vanillaos.org/2022/12/29/vanilla-os-22-10-kinetic.html), the first stable release, is out.

> Vanilla OS is not an ordinary Linux distribution, it is a project
> that sets itself many goals and is not afraid to put itself out
> there, proudly displaying its unique technologies such as the Apx
> sub-system, its own automatic update system, and ABRoot
> tra ... ⌘ [Read more](https://lwn.net/Articles/918810/) 2023-01-01T23:30:21Z **Kernel prepatch 6.2-rc2**
The [second 6.2 kernel prepatch](https://lwn.net/Articles/918832/) is out for
testing — but there isn't a lot there.

> So the week started so slow due to the holidays that I thought I
> might not have any reason to do an rc2 at all, but by the end of
> the week I did end up getting a smattering of pull requests, so
> here we are. It's tiny, even smaller than usual for an rc2, and
> honestly, I'd expect that trend to continue for rc3. ⌘ [Read more](https://lwn.net/Articles/918833/) 2023-01-02T14:35:06Z **Security updates for Monday**
Security updates have been issued by **Debian** (cacti, emacs, exuberant-ctags, libjettison-java, mplayer, node-loader-utils, node-xmldom, openvswitch, ruby-image-processing, webkit2gtk, wpewebkit, and xorg-server), **Fedora** (OpenImageIO, systemd, w3m, and webkit2gtk3), **Mageia** (curl, freeradius, libksba, libtar, python-ujson, sogo, thunderbird, and webkit2), **Red Hat** (bcel), and **SUSE** (ffmpeg, ffmpeg-4, mbedtls, opera, saphanabootstrap-formula, sbd, vlc, and webkit2gtk3). ⌘ [Read more](https://lwn.net/Articles/918883/) 2023-01-02T15:10:42Z **Nightly PyTorch builds compromised**
Anybody who installed a nightly release from the [PyTorch](https://pytorch.org/) machine-learning library between
December 25 and 30 [will\
want to uninstall it immediately](https://pytorch.org/blog/compromised-nightly-dependency/):

> At around 4:40pm GMT on December 30 (Friday), we learned about a
> malicious dependency package (torchtriton) that was uploaded to the
> Python Package Index (PyPI) code repository with the same package
> name as the one we ship on the PyTorch nightly package index. ... ⌘ [Read more](https://lwn.net/Articles/918884/) 2023-01-02T15:25:36Z **20 Years of DistroWatch**
DistroWatch Weekly [celebrates its\
1000th issue](https://distrowatch.com/weekly.php?issue=20230102) and 20 years of publication.

> How much material is in two decades of Weekly editions? It's in the
> ballpark of 2,500 articles or approximately 5,600,000 words. It's
> an overview of a few thousand news announcements, more than 13,000
> screenshots, over 6,500 stable open source operating system
> releases summarized, and more than 2,800 torrents seeded. We've
> published answers to over 470 questions fro ... ⌘ [Read more](https://lwn.net/Articles/918885/) 2023-01-02T17:17:54Z **[$] Welcome to 2023**
Yet another new year is upon us, and that can only mean one thing: the time
has come for your editor to look into his crystal ball and make some
predictions for what 2023 will hold. Said crystal ball is known to suffer
from speculative-execution problems and parity errors, but it's the best
that LWN's budget will afford. Read on for a highly unreliable look at
what's to come. ⌘ [Read more](https://lwn.net/Articles/918790/) 2023-01-03T15:20:35Z **Security updates for Tuesday**
Security updates have been issued by **Oracle** (bcel), **SUSE** (ca-certificates-mozilla, glibc, minetest, multimon-ng, nautilus, ovmf, python-Django, samba, saphanabootstrap-formula, and xrdp), and **Ubuntu** (usbredir). ⌘ [Read more](https://lwn.net/Articles/918965/) 2023-01-03T23:49:01Z **[$] Supporting unified kernel images for Fedora**
The Fedora community is currently discussing a proposal to start supporting
a [unified\
kernel image](https://github.com/uapi-group/specifications/blob/main/specs/unified_kernel_image.md) (UKI) for the distribution; these images would combine
several pieces that are generally separate today (e.g. initrd, kernel, and
kernel
command line). There are a number of
advantages to such a kernel image, at least for some kinds of systems, but
there is worry from some about where the endpoint of th ... ⌘ [Read more](https://lwn.net/Articles/918909/) 2023-01-04T15:00:30Z **Security updates for Wednesday**
Security updates have been issued by **Red Hat** (webkit2gtk3), **SUSE** (rmt-server), and **Ubuntu** (freeradius). ⌘ [Read more](https://lwn.net/Articles/919051/) 2023-01-04T15:05:23Z **Yet another three stable kernel updates**
The
[6.1.3](https://lwn.net/Articles/919053/),
[6.0.17](https://lwn.net/Articles/919054/), and
[5.10.162](https://lwn.net/Articles/919055/)
stable kernel updates have been released. Each contains a moderate set of
important fixes. ⌘ [Read more](https://lwn.net/Articles/919052/) 2023-01-04T23:33:43Z **[$] Adding system calls for Linux security modules**
The Linux security module (LSM) subsystem has long had limitations on
which modules could be combined in a given running kernel. Some parts of
the problem have been solved over the years—"smaller" LSMs can be combined
at will with a single, more complex LSM—but combining (or "stacking")
SELinux with, say, Smack or AppArmor has never been possible. Back in
October, we [looked](https://lwn.net/Articles/912775/) at the most recent
attempt to add that ability, which resulted in patches to ... ⌘ [Read more](https://lwn.net/Articles/919059/) 2023-01-05T00:40:37Z **[$] LWN.net Weekly Edition for January 5, 2023**
The LWN.net Weekly Edition for January 5, 2023 is available. ⌘ [Read more](https://lwn.net/Articles/918367/) 2023-01-05T14:40:57Z **Security updates for Thursday**
Security updates have been issued by **Fedora** (binwalk), **Oracle** (kernel and webkit2gtk3), **Red Hat** (webkit2gtk3), **Slackware** (vim), and **Ubuntu** (libksba and nautilus). ⌘ [Read more](https://lwn.net/Articles/919112/) 2023-01-05T15:44:23Z **[$] Per-extent encrypted keys for fscrypt**
The kernel's [fscrypt\
subsystem](https://docs.kernel.org/filesystems/fscrypt.html) enables filesystems to store files and
directories in encrypted form, protecting them against offline attacks. A
few filesystems support encryption with fscrypt currently, but Btrfs is an
exception, despite a number of attempts to add this feature. The problem
is that, as so often seems to be the case, Btrfs works differently and does
not fit well with one of the key assumptions in the design of fscrypt. With [ ... ⌘ [Read more](https://lwn.net/Articles/918893/) 2023-01-06T14:17:14Z **Hutterer: X servers no longer allow byte-swapped clients**
Peter Hutterer [writes](http://who-t.blogspot.com/2023/01/x-servers-no-longer-allow-byte-swapped.html)
about the disabling of support for byte-swapped clients in the X.org server
and the reasons why this was done.

> These days, encountering a Big Endian host is increasingly niche,
> letting it run an X client that connects to your local
> little-endian X server is even more niche. I think the only
> regular real-world use-case for this is running X clients on an
> s390x, co ... ⌘ [Read more](https://lwn.net/Articles/919192/) 2023-01-06T14:20:15Z **Security updates for Friday**
Security updates have been issued by **Debian** (libetpan and smarty3), **SUSE** (libksba, rpmlint-mini, tcl, and xrdp), and **Ubuntu** (curl, firefox, and linux-oem-5.14). ⌘ [Read more](https://lwn.net/Articles/919202/) 2023-01-06T16:13:35Z **[$] A vDSO implementation of getrandom()**
Most developers probably do not see the generation of random numbers as
being a performance bottleneck for their programs, but there are seemingly
exceptions. Over the last few years, Jason Donenfeld has brought a new
level of energy to the development of the kernel's random-number generator;
he is now directing his efforts toward improving performance for user space
with [this patch\
series](https://lwn.net/ml/linux-kernel/20230101162910.710293-1-Jason@zx2c4.com/) that provides an implementati ... ⌘ [Read more](https://lwn.net/Articles/919008/) 2023-01-07T14:52:14Z **Three stable kernels; 4.9 at an end**
The
[6.1.4](https://lwn.net/Articles/919327/),
[6.0.18](https://lwn.net/Articles/919328/), and
[4.9.337](https://lwn.net/Articles/919329/)
stable kernel updates have been released; each contains another set of
important fixes.
Greg Kroah-Hartman has also [let it be known](https://lwn.net/ml/linux-kernel/Y7lbu6%2F0P7Q%2FP3oj@kroah.com/)
that 4.9.337 is the end of the line for the 4.9 kernel, which was released
just over six years ago. "This kernel is now END-OF-LIFE and you should move to 4.14.y at t ... ⌘ [Read more](https://lwn.net/Articles/919326/) 2023-01-09T01:25:49Z **Kernel prepatch 6.2-rc3**
Linus has released [6.2-rc3](https://lwn.net/Articles/919387/) for testing.
"Here we are, another week done, and things are starting to look a lot
more normal after that very quiet holiday week that made rc2 so very
small". ⌘ [Read more](https://lwn.net/Articles/919388/) 2023-01-09T15:19:57Z **Security updates for Monday**
Security updates have been issued by **Fedora** (python2.7), **SUSE** (ca-certificates-mozilla, libksba, and ovmf), and **Ubuntu** (linux, linux-aws, linux-aws-5.4, linux-gcp, linux-gcp-5.4, linux-gke,
 linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm,
 linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15,
 linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm,
 linux-oracle, linux-raspi2, linux-snapdragon, linu ... ⌘ [Read more](https://lwn.net/Articles/919422/) 2023-01-09T16:16:20Z **[$] Memory-management short topics: page-table sharing and working sets**
The kernel's memory-management developers have been busy before and during
the holidays; the result is a number of patch sets making significant
changes to that subsystem. It is time for a quick look at three of those
projects. Two of them aim to increase the sharing of page tables between
processes, while the third takes advantage of the [multi-generational LRU](https://lwn.net/Articles/894859/) to create a better
picture of what a process's working set actually ... ⌘ [Read more](https://lwn.net/Articles/919143/) 2023-01-10T14:05:57Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (libtasn1-6), **Fedora** (nautilus), **Oracle** (kernel, kernel-container, nodejs:14, tigervnc, and xorg-x11-server), **Red Hat** (grub2, nodejs:14, tigervnc, and xorg-x11-server), **Scientific Linux** (tigervnc and xorg-x11-server), **SUSE** (systemd), and **Ubuntu** (firefox, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure, w3m, and webkit2gtk). ⌘ [Read more](https://lwn.net/Articles/919543/) 2023-01-10T16:39:49Z **PEP 703: Making the Python global interpreter lock optional**
In late 2021, LWN [covered a plan](https://lwn.net/Articles/872869/) to
eliminate the Python global interpreter lock (GIL), thus improving the
language's thread-level concurrency. This plan has now been codified as [PEP 703](https://peps.python.org/pep-0703/), which includes
an extensive discussion of the changes that would be made.

> The global interpreter lock will remain the default for CPython
> builds and python.org downloads. A new build configuration flag,
> --witho ... ⌘ [Read more](https://lwn.net/Articles/919563/) 2023-01-10T21:36:35Z **[$] Formalizing f-strings**
Python's formatted strings, or "f-strings", came relatively late to the
language, but have become a popular feature. F-strings allow a compact
representation for the common task of interpolating program data into
strings, often in order to output them in some fashion. Some
restrictions were placed on f-strings to simplify the implementation of
them, but those restrictions are not really needed anymore and, in
fact, are complicating the CPython parser. That has led to a Python
Enhancement Proposal (PEP) to for ... ⌘ [Read more](https://lwn.net/Articles/919426/) 2023-01-11T14:18:25Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (exiv2, hsqldb, libjettison-java, ruby-sinatra, and viewvc), **Fedora** (golang-github-docker, mbedtls, and vim), **Gentoo** (alpine, commons-text, jupyter\_core, liblouis, mbedtls, ntfs3g, protobuf-java, scikit-learn, and twisted), **Red Hat** (kernel and kpatch-patch), **SUSE** (rubygem-activerecord-5.2, tiff, and webkit2gtk3), and **Ubuntu** (dotnet6, linux-azure-5.4, linux-azure-fde, linux-gcp, linux-oracle, linux-ibm, and linux-oem-5.17, linux-oem-6.0) ... ⌘ [Read more](https://lwn.net/Articles/919649/) 2023-01-11T21:20:58Z **Discourse 3.0 released**
[Version\
3.0](https://blog.discourse.org/2023/01/discourse-3-0-is-here/) of the Discourse forum platform is out.

> We are bringing our customers and users some major new capabilities
> to enable communities to have thoughtful, purposeful discussions
> online. This new release includes real-time chat and user status to
> enable more informal communication, a customizable sidebar for
> easier access to the things each user cares about most, and a new
> notifications interface that makes it easier to decide ... ⌘ [Read more](https://lwn.net/Articles/919691/) 2023-01-11T23:17:51Z **[$] PyTorch and the PyPI supply chain**
The [PyTorch\
compromise](https://pytorch.org/blog/compromised-nightly-dependency/) that happened right at the end of 2022 was rather ugly, but
its impact was not widespread—seemingly, at least. The incident does
highlight some of
the perils of relying on an external "supply chain" for the components that
are used to build one's software. It also would appear to be another
case of "security researchers" run amok, though perhaps that part of the story
is only meant to cover the tracks—or ass—of the ... ⌘ [Read more](https://lwn.net/Articles/919588/) 2023-01-12T00:50:44Z **[$] LWN.net Weekly Edition for January 12, 2023**
The LWN.net Weekly Edition for January 12, 2023 is available. ⌘ [Read more](https://lwn.net/Articles/919118/) 2023-01-12T14:29:51Z **Security updates for Thursday**
Security updates have been issued by **Debian** (emacs, libxstream-java, and netty), **Fedora** (mingw-binutils, pgadmin4, phoronix-test-suite, vim, and yarnpkg), **Red Hat** (.NET 6.0, dbus, expat, java-1.8.0-ibm, kernel, kernel-rt, kpatch-patch, libreoffice, libtasn1, libtiff, postgresql:10, sqlite, systemd, usbguard, and virt:rhel and virt-devel:rhel), and **SUSE** (net-snmp, openstack-barbican, openstack-barbican, openstack-heat-gbp, openstack-horizon-plugin-gbp-ui, openstack-neutron, openstack-neutro ... ⌘ [Read more](https://lwn.net/Articles/919785/) 2023-01-12T14:49:34Z **Three new stable kernels**
Greg Kroah-Hartman has announced the release of the [6.1.5](https://lwn.net/Articles/919791/), [6.0.19](https://lwn.net/Articles/919792/),
and [5.15.87](https://lwn.net/Articles/919793/) stable kernels. As usual, they
contain lots of important fixes all over the kernel tree; users should
upgrade. This is also the last release in the 6.0.y kernel series: "All
users must move to the
6.1.y branch at this point in time, as this branch is now end-of-life." ⌘ [Read more](https://lwn.net/Articles/919790/) 2023-01-12T15:51:30Z **[$] Six years with the 4.9 kernel**
The release of the [4.9.337](https://lwn.net/ml/linux-kernel/167309164122758@kroah.com/) stable
kernel update on January 7 marked the end of an era: after just over
six years of maintenance, the 4.9.x series will receive no more updates. This
kernel saw a lot of change after Linus Torvalds made the "final" release
and left the building; it's time for a look at the "stable" portion of this
kernel's life to see what can be learned. ⌘ [Read more](https://lwn.net/Articles/919570/) 2023-01-12T20:17:55Z **Rust to be allowed for Chromium development**
The Chromium browser project has [announced](https://security.googleblog.com/2023/01/supporting-use-of-rust-in-chromium.html)
that it will be integrating support for third-party libraries written in Rust.

> Our goal in bringing Rust into Chromium is to provide a simpler
> (no IPC) and safer (less complex C++ overall, no memory safety
> bugs in a sandbox either) way to satisfy the rule of two, in order
> to speed up development (less code to write, less design docs,
> less security revie ... ⌘ [Read more](https://lwn.net/Articles/919830/) 2023-01-13T14:48:20Z **Security updates for Friday**
Security updates have been issued by **Fedora** (cacti, cacti-spine, mbedtls, postgresql-jdbc, and rust), **Oracle** (.NET 6.0, dbus, expat, grub2, kernel, kernel-container, libtasn1, libtiff, sqlite, and usbguard), **Red Hat** (rh-postgresql10-postgresql), **SUSE** (php7), and **Ubuntu** (heimdal, linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-gcp, linux-gcp-5.15, linux-hwe-5.15, linux-ibm, linux-kvm, linux-oracle, linux-raspi,, linux, linux-aws, linux-aws-hwe, linux-azure, linux-az ... ⌘ [Read more](https://lwn.net/Articles/919907/) 2023-01-13T16:19:48Z **[$] Support for Intel's LASS**
Speculative-execution vulnerabilities come about when the CPU, while executing
speculatively, is able to access memory that would otherwise be denied to
it. Most of these vulnerabilities would go away if the CPU were always
constrained by the established memory protections. An obvious way to fix
these problems would be to make CPUs behave that way, but doing that
without destroying performance is not an easy task. So, instead, Intel
has developed a feature called "linear address-space separation" (LASS) to ... ⌘ [Read more](https://lwn.net/Articles/919683/) 2023-01-14T21:28:52Z **Three more stable kernels**
The
[6.1.6](https://lwn.net/Articles/920011/),
[5.15.88](https://lwn.net/Articles/920012/), and
[5.10.163](https://lwn.net/Articles/920013/)
stable kernel updates have been released; each contains another set of
important fixes. ⌘ [Read more](https://lwn.net/Articles/920010/) 2023-01-15T16:05:15Z **2023 in preview (Libre Arts)**
Libre Arts [looks\
forward](https://librearts.org/2023/01/year-in-preview/) to progress in a long list of creative-art projects this year.

> 2022 was a really busy year for the [GIMP]: late binding for CMYK,
> text outlines, Align/Distribute revamp, floating selections gone,
> linked layers replaced with layer sets, all the file format support
> updates… Phew!
>
> There is very little left to do before version 3.0 can be
> released. The last major change is rewriting the menus code because
> the old wa ... ⌘ [Read more](https://lwn.net/Articles/920035/) 2023-01-16T00:17:32Z **Kernel prepatch 6.2-rc4**
The [fourth 6.2 kernel prepatch](https://lwn.net/Articles/920050/) is out for
testing.

> So here's another -rc release, this time with pretty much everybody
> back from winter holidays, and so things should be back to
> normal. And you can see that in the size, this is pretty much bang
> in the middle of a regular rc size for this time in the merge
> window. ⌘ [Read more](https://lwn.net/Articles/920051/) 2023-01-16T14:54:47Z **Security updates for Monday**
Security updates have been issued by **Debian** (chromium, lava, libapreq2, net-snmp, node-minimatch, and openvswitch), **Fedora** (jpegoptim, kernel, kernel-headers, kernel-tools, and python2.7), **Mageia** (ctags, ffmpeg, minetest, python-gitpython, w3m, and xrdp), **Oracle** (kernel), **Red Hat** (dpdk and libxml2), **Slackware** (netatalk), **SUSE** (apptainer, chromium, libheimdal, python-wheel, python310-setuptools, and SDL2), and **Ubuntu** (linux-aws, linux-gcp-4.15, maven, and net-snmp). ⌘ [Read more](https://lwn.net/Articles/920120/) 2023-01-16T15:27:12Z **Täht: Flaws and features in the Flent network testing tool**
Dave Täht [describes\
the Flent network-testing tool](http://blog.cerowrt.org/post/flaws_in_flent/) and its use in great detail.

> With flent - in the 110 tests in it - in a matter of minutes you
> can replicate any network stress test “out there” and compare
> networking results across an extraordinary number of variables,
> over time, across many tests. Before Toke Høiland-Jørgensen
> developed flent, it would take days to set up a single test and
> single plot. Now yo ... ⌘ [Read more](https://lwn.net/Articles/920121/) 2023-01-16T15:48:15Z **[$] Fedora's tempest in a stack frame**
It is rare to see an extensive and unhappy discussion over the selection of
compiler options used to build a distribution, but it does happen. A case
in point is the debate over whether Fedora should be built with frame
pointers or not. It comes down to a tradeoff between a performance loss on
current systems and hopes for gains that exceed that loss in the future —
and some
disagreements over how these decisions should be made within the Fedora
community. ⌘ [Read more](https://lwn.net/Articles/919940/) 2023-01-17T15:00:15Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (tor) and **SUSE** (python-setuptools, python36-setuptools, and tor). ⌘ [Read more](https://lwn.net/Articles/920217/) 2023-01-17T15:53:22Z **Firefox 109 released**
[Version\
109.0](https://www.mozilla.org/en-US/firefox/109.0/releasenotes/) of the Firefox browser has been released. The headline feature
this time is the enabling of [Manifest\
Version 3 support](https://blog.mozilla.org/addons/2022/11/17/manifest-v3-signing-available-november-21-on-firefox-nightly/) — a new extension mechanism that, among other
things, gives a higher degree of control over what extensions can do.

> MV3 also ushers an exciting user interface change in the form of
> the new extensions button (a ... ⌘ [Read more](https://lwn.net/Articles/920219/) 2023-01-17T20:11:31Z **Git 2.39.1 (and more) released**
Git 2.39.1 has been released with a set of security fixes; there are also
updated versions of many older Git releases available. A pair of integer
overflow vulnerabilities can lead to code execution in some scenarios; see
the announcement and [this\
GitHub blog entry](https://github.blog/2023-01-17-git-security-vulnerabilities-announced-2/) for more information. ⌘ [Read more](https://lwn.net/Articles/920256/) 2023-01-17T20:44:29Z **[$] A survey of the Python packaging landscape**
Over the past several months, there have been wide-ranging discussions in
the Python community about difficulties users have with installing packages
for the language. There is a bewildering array of options for
package-installation tools and Python distributions focused on particular use
cases (e.g. scientific computing); many of those options do not
interoperate well—or at all—so they step on each others' toes.
The discussions have focused on where solutions might be found to make it
ea ... ⌘ [Read more](https://lwn.net/Articles/920132/) 2023-01-18T14:03:06Z **Security updates for Wednesday**
Security updates have been issued by **Fedora** (awstats), **Oracle** (dpdk, libxml2, postgresql:10, systemd, and virt:ol and virt-devel:rhel), **Red Hat** (kernel), **Slackware** (git, httpd, libXpm, and mozilla), **SUSE** (libzypp-plugin-appdata), and **Ubuntu** (git, libxpm, linux-ibm-5.4, linux-oem-5.14, and ruby2.3). ⌘ [Read more](https://lwn.net/Articles/920318/) 2023-01-18T14:06:25Z **Six stable kernel updates**
The
[6.1.7](https://lwn.net/Articles/920320/),
[5.15.89](https://lwn.net/Articles/920321/),
[5.10.164](https://lwn.net/Articles/920322/),
[5.4.229](https://lwn.net/Articles/920323/),
[4.19.270](https://lwn.net/Articles/920324/), and
[4.14.303](https://lwn.net/Articles/920325/)
stable kernels have all been released; each contains another big set of
important fixes. ⌘ [Read more](https://lwn.net/Articles/920319/) 2023-01-18T22:17:53Z **[$] Changing Fedora's shutdown timeouts**
On today's Fedora systems, a reboot cycle—for a kernel update,
say—is normally a fairly quick affair, but that is not always true. The
system will
wait for services to shut down cleanly and will wait for up to two minutes
before killing a service and moving on. A recent proposal to change the
default timeout to 15 seconds, while still allowing some services to
require more time, ran into more opposition than was perhaps anticipated.
Not everyone was comfortable shortening the timeout period, tho ... ⌘ [Read more](https://lwn.net/Articles/920333/) 2023-01-19T01:05:48Z **[$] LWN.net Weekly Edition for January 19, 2023**
The LWN.net Weekly Edition for January 19, 2023 is available. ⌘ [Read more](https://lwn.net/Articles/919786/) 2023-01-19T14:31:03Z **Security updates for Thursday**
Security updates have been issued by **Debian** (firefox-esr, libitext5-java, sudo, and webkit2gtk), **Fedora** (firefox and qemu), **Red Hat** (java-11-openjdk and java-17-openjdk), **Slackware** (sudo), **SUSE** (sudo), and **Ubuntu** (python-urllib3 and sudo). ⌘ [Read more](https://lwn.net/Articles/920478/) 2023-01-19T14:47:26Z **Pandoc 3.0 released**
[Version 3.0](https://pandoc.org/releases.html) of the Pandoc
document-conversion tool has been released; the list of new features is
quite long, including "chunked" HTML output, support for complex figures,
and much more. ⌘ [Read more](https://lwn.net/Articles/920480/) 2023-01-19T15:26:09Z **[$] Kernel code on the chopping block**
Code that is added to the kernel can stay there for a long time; there is
code in current kernels that has been present for over 30 years.
Nothing is forever, though. The kernel development community is currently
discussing the removal of two architectures and one filesystem, all of
which seem to have mostly fallen out of use. But, as we will see, removal
of code from the kernel is not easy and is subject to reconsideration even
after it happens. ⌘ [Read more](https://lwn.net/Articles/920259/) 2023-01-19T19:34:29Z **Exploiting null-dereferences in the Linux kernel (Project Zero)**
The Google Project Zero page [shows\
how to compromise the kernel](https://googleprojectzero.blogspot.com/2023/01/exploiting-null-dereferences-in-linux.html) by using a NULL pointer to repeatedly
force an oops and overflow a reference count.

> Back when the kernel was able to access userland memory without
> restriction, and userland programs were still able to map the zero
> page, there were many easy techniques for exploiting null-deref
> bugs. However with the intr ... ⌘ [Read more](https://lwn.net/Articles/920544/) 2023-01-20T14:53:19Z **Security updates for Friday**
Security updates have been issued by **Debian** (lava and libitext5-java), **Oracle** (java-11-openjdk, java-17-openjdk, and libreoffice), **SUSE** (firefox, git, mozilla-nss, postgresql-jdbc, and sudo), and **Ubuntu** (git, linux-aws-5.4, linux-gkeop, linux-hwe-5.4, linux-oracle, linux-snapdragon, linux-azure, linux-gkeop, linux-intel-iotg, linux-lowlatency,
 linux-lowlatency-hwe-5.15, linux-oracle-5.15, and linux-bluefield). ⌘ [Read more](https://lwn.net/Articles/920646/) 2023-01-20T15:04:37Z **[$] Nolibc: a minimal C-library replacement shipped with the kernel**
The kernel project does not host much user-space code in its repository,
but there are exceptions. One of those, currently found in the [tools/include/nolibc](https://elixir.bootlin.com/linux/v6.2-rc4/source/tools/include/nolibc)
directory, has only been present since the 5.1 release. The nolibc project
aims to provide minimal C-library emulation for small, low-level workloads.
Read on for an overview of nolibc, its history, and future direction
written by its princip ... ⌘ [Read more](https://lwn.net/Articles/920158/) 2023-01-22T15:53:01Z **Kernel prepatch 6.2-rc5**
The [6.2-rc5](https://lwn.net/Articles/920741/) kernel prepatch is out.

> Ok, so I thought we were back to normal after the winter holidays
> at rc4. Now, a week later, I think I was mistaken - we have fairly
> sizable rc5, so I suspect there was still pent up testing and fixes
> from people being off.
>
> Anyway, I am expecting to do an rc8 this release regardless, just
> because we effectively had a lost week or two in the early rc's, so
> a sizable rc5 doesn't really worry me. I do hope we're done with
> ... ⌘ [Read more](https://lwn.net/Articles/920742/) 2023-01-23T14:51:25Z **Security updates for Monday**
Security updates have been issued by **Debian** (powerline-gitstatus, tiff, and trafficserver), **Fedora** (dotnet6.0, firefox, git, kernel, libXpm, rust, sudo, upx, and yarnpkg), **Mageia** (kernel and kernel-linus), **Red Hat** (firefox, java-11-openjdk, and sudo), **Slackware** (mozilla and seamonkey), **SUSE** (cacti, cacti-spine, samba, and tor), and **Ubuntu** (firefox, php7.2, php7.4, php8.1, and python-setuptools, setuptools). ⌘ [Read more](https://lwn.net/Articles/920829/) 2023-01-23T15:31:37Z **The return of the Linux Kernel Podcast**
After a brief break of ... a dozen years or so ... Jon Masters has [announced](https://kernelpodcast.org/2023/01/21/s2e1-2023-01-21/)
the return of his kernel podcast:

> This time around, I’m not committing to any specific cadence –
> let’s call it “periodic” (every few weeks). In each episode, I will
> aim to broadly summarize the latest happenings in the “plumbing” of
> the Linux kernel, and occasionally related bits of userspace
> “plumbing” (glibc, systemd, etc.), as well as impactful to ... ⌘ [Read more](https://lwn.net/Articles/920831/) 2023-01-23T15:46:19Z **Zawinski: mozilla.org's 25th anniversary**
Jamie Zawinski [reminds\
us](https://www.jwz.org/blog/2023/01/mozilla-orgs-25th-anniversary/) that the 25th anniversary of the Netscape open-source announcement —
a crucial moment in free-software history — has just passed.

> On January 20th, 1998, Netscape laid off a lot of people. One of
> them would have been me, as my "department", such as it was, had
> been eliminated, but I ended up mometarily moving from "clienteng"
> over to the "website" division. For about 48 hours I thought that ... ⌘ [Read more](https://lwn.net/Articles/920833/) 2023-01-23T16:11:17Z **[$] Hiding a process's executable from itself**
Back in 2019, a [high-profile container\
vulnerability](https://lwn.net/Articles/781013/) led to the adoption of some complex workarounds and a
frenzy of patching. The immediate problem was
fixed, but the incident was severe enough that security-conscious
developers have continued to look for ways to prevent similar
vulnerabilities in the future. [This\
patch set](https://lwn.net/ml/linux-kernel/20230119170718.3129938-1-gscrivan@redhat.com/) from Giuseppe Scrivano takes a rather simpler ap ... ⌘ [Read more](https://lwn.net/Articles/920384/) 2023-01-24T14:58:55Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (kernel and spip), **Fedora** (kernel), **Mageia** (chromium-browser-stable, docker, firefox, jpegoptim, nautilus, net-snmp, phoronix-test-suite, php, php-smarty, samba, sdl2, sudo, tor, viewvc, vim, virtualbox, and x11-server), **Red Hat** (bash, curl, dbus, expat, firefox, go-toolset, golang, java-1.8.0-openjdk, java-17-openjdk, kernel, kernel-rt, kpatch-patch, libreoffice, libtasn1, libtiff, libxml2, libXpm, nodejs, nodejs-nodemon, pcs, postgresql-jdbc, sq ... ⌘ [Read more](https://lwn.net/Articles/921024/) 2023-01-24T15:02:50Z **Six stable kernel updates**
The
[6.1.8](https://lwn.net/Articles/921028/),
[5.15.90](https://lwn.net/Articles/921029/),
[5.10.165](https://lwn.net/Articles/921030/),
[5.4.230](https://lwn.net/Articles/921031/),
[4.19.271](https://lwn.net/Articles/921032/), and
[4.14.304](https://lwn.net/Articles/921033/)
stable kernel updates have all been released; each contains another set of
important fixes. ⌘ [Read more](https://lwn.net/Articles/921027/) 2023-01-24T16:32:10Z **A security audit of Git**
The Open Source Technology Improvement Fund has [announced](https://ostif.org/the-audit-of-git-is-complete/) the
completion of a security audit of the Git source.

> For this portion of the research a total of 35 issues were
> discovered, including 2 critical severity findings and a high
> severity finding. Additionally, because of this research, a number
> of potentially catastrophic security bugs were discovered and
> resolved internally by the git security team.

See [the\
full report](https://www.x41-ds ... ⌘ [Read more](https://lwn.net/Articles/921067/) 2023-01-24T18:06:59Z **WINE 8.0 released**
[Version 8.0](https://www.winehq.org/announce/8.0) of the WINE
Windows compatibility layer has been released. The headline feature
appears to be the conversion to PE ("portable executable") modules:

> After 4 years of work, the PE conversion is finally complete: all
> modules can be built in PE format. This is an important milestone
> on the road to supporting various features such as copy protection,
> 32-bit applications on 64-bit hosts, Windows debuggers, x86
> applications on ARM, etc.

Other changes include ... ⌘ [Read more](https://lwn.net/Articles/921078/) 2023-01-24T23:25:18Z **[$] Python packaging, visions, and unification**
The Python community is currently struggling with a longtime difficulty in
its ecosystem: how to develop, package, distribute, and maintain libraries
and applications. The current situation is sub-optimal in several
dimensions due, at least in part, to the existence of multiple,
non-interoperable mechanisms and tools to handle some of those needs. Last
week, we had an [overview of Python\
packaging](https://lwn.net/Articles/920132/) as a prelude to starting to dig into the discussions. In ... ⌘ [Read more](https://lwn.net/Articles/920832/) 2023-01-25T14:22:41Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (libde265, nodejs, and swift), **Fedora** (nautilus), **Oracle** (bash, bind, curl, dbus, expat, firefox, go-toolset, golang, java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, libreoffice, libtiff, libxml2, libXpm, nodejs, nodejs-nodemon, postgresql-jdbc, qemu, ruby:2.5, sqlite, sssd, sudo, and usbguard), **Red Hat** (bind, go-toolset-1.18, go-toolset:rhel8, kernel, kernel-rt, kpatch-patch, pcs, sssd, and virt:rhel, virt-devel:rhel), **Scientific Linux* ... ⌘ [Read more](https://lwn.net/Articles/921194/) 2023-01-25T17:54:03Z **OpenSUSE Leap 15.3 has reached end of life**
Users of the openSUSE Leap 15.3 distribution will want to be looking at
moving on; support for that release has come to an end. "The currently
maintained stable release is openSUSE Leap 15.4, which will be maintained
until around end of 2023 (same lifetime as SLES 15 SP4 regular
support)". ⌘ [Read more](https://lwn.net/Articles/921236/) 2023-01-25T18:34:32Z **A history of the FFmpeg project**
Kostya Shishkov has just posted [the\
concluding installment](https://codecs.multimedia.cx/2023/01/ffhistory-conclusion/) of an extensive history of the FFmpeg project:

> See, unlike many people I don’t regard FFmpeg as something unique
> (in the sense that it’s a project only Fabrice Bellard could
> create). It was nice to have around and it helped immeasurably but
> without it something else would fill the niche. There were other
> people working on similar tasks after all (does anybody remember
 ... ⌘ [Read more](https://lwn.net/Articles/921247/) 2023-01-25T18:42:13Z **A pair of Free Software Foundation governance changes**
The Free Software Foundation has [announced](https://www.fsf.org/news/fsf-board-adopts-updated-by-laws-to-protect-copyleft)
a bylaw change requiring a 66% vote by the FSF board for any new or revised
copyright licenses. The FSF has also [announced](https://www.fsf.org/news/fsf-now-accepting-board-nominations-from-associate-members)
an expansion of its board of directors and a call for nominations from
among its associate members. ⌘ [Read more](https://lwn.net/Articles/921248/) 2023-01-25T21:22:27Z **[$] X clients and byte swapping**
While there are still systems with both [byte orders](https://en.wikipedia.org/wiki/Endianness),
little-endian has
largely "won" the battle at this point since the vast majority of today's
systems store data with the least-significant byte first (at the lowest
address). But when the X11 protocol was developed in the 1980s, there were
lots of systems of each byte order, so the X protocol allowed either order
and the server (display side) would swap the bytes to its byte order as
needed. Over time,
the co ... ⌘ [Read more](https://lwn.net/Articles/921196/) 2023-01-26T02:37:59Z **[$] LWN.net Weekly Edition for January 26, 2023**
The LWN.net Weekly Edition for January 26, 2023 is available. ⌘ [Read more](https://lwn.net/Articles/920484/) 2023-01-26T14:19:50Z **Security updates for Thursday**
Security updates have been issued by **Debian** (git), **Fedora** (libXpm and redis), **Oracle** (bind, firefox, grub2, java-1.8.0-openjdk, java-11-openjdk, kernel, libtasn1, libXpm, and sssd), **Red Hat** (thunderbird), **SUSE** (freeradius-server, kernel, libzypp-plugin-appdata, python-certifi, and xen), and **Ubuntu** (bind9, krb5, linux-raspi, linux-raspi-5.4, and privoxy). ⌘ [Read more](https://lwn.net/Articles/921345/) 2023-01-26T14:59:59Z **McKenney: What Does It Mean To Be An RCU Implementation?**
Paul McKenney [looks at\
a couple of Rust crates](https://paulmck.livejournal.com/69622.html) in an attempt to determine whether they
actually implement the read-copy-update algorithm; in the process, he gives
an overview of the numerous RCU variants in the kernel.

> Except that the first RCU crate, rcu\_clean, throws a monkey wrench
> into the works. It does not have any grace-period primitives, but
> instead a clean() function that takes a reference to a
> RCU-protected da ... ⌘ [Read more](https://lwn.net/Articles/921351/) 2023-01-26T15:48:59Z **[$] Reconsidering BPF ABI stability**
The BPF subsystem exposes many aspects of the kernel's internal algorithms
and data structures; this naturally leads to concerns about maintaining
interface stability as the kernel changes. The longstanding position that
BPF offers no interface-stability guarantees to user space has always
seemed a little questionable; kernel developers have, in the past, found
themselves having to maintain interfaces that were not intended to be
stable. Now the BPF community is starting to think about what it might ... ⌘ [Read more](https://lwn.net/Articles/921088/) 2023-01-27T14:54:16Z **Security updates for Friday**
Security updates have been issued by **Debian** (bind9, chromium, and modsecurity-apache), **Fedora** (libgit2, mediawiki, and redis), **Oracle** (go-toolset:ol8, java-1.8.0-openjdk, systemd, and thunderbird), **Red Hat** (java-1.8.0-openjdk and redhat-ds:12), **SUSE** (apache2, bluez, chromium, ffmpeg-4, glib2, haproxy, kernel, libXpm, podman, python-py, python-setuptools, samba, xen, xrdp, and xterm), and **Ubuntu** (samba). ⌘ [Read more](https://lwn.net/Articles/921477/) 2023-01-27T15:48:53Z **Rust 1.67.0 released**
[Version\
1.67.0](https://blog.rust-lang.org/2023/01/26/Rust-1.67.0.html) of the Rust language has been released. The list of new
features is relatively short; it includes support for #[must\_use]
on async functions and a new multi-producer, single-consumer channel
implementation. ⌘ [Read more](https://lwn.net/Articles/921487/) 2023-01-27T15:46:03Z **[$] GFP flags and the end of GFP_ATOMIC**
Memory allocation within the kernel is a complex business. The amount of
physical memory available on any given system will be strictly limited,
meaning that an allocation request can often only be satisfied by taking
memory from somebody else, but some of the options for reclaiming memory
may not be available when a request is made. Additionally,
some allocation requests have
requirements dictating where that memory can be placed or how quickly the
allocation must be made. The kernel's
memory-a ... ⌘ [Read more](https://lwn.net/Articles/920891/) 2023-01-29T23:11:32Z **Kernel prepatch 6.2-rc6**
The [6.2-rc6](https://lwn.net/Articles/921558/) kernel prepatch is out for
testing.

> It's suspiciously small, but who am I to look a gift horse in the
> mouth? I'll take it and hope it's not an aberration, but instead a
> sign that 6.2 is shaping up nicely. Call me optimistic, call me
> naive, but let's enjoy it and hope the trend continues.

The plan is still to do an -rc8, though, meaning that the final 6.2 release
can be expected on February 19. ⌘ [Read more](https://lwn.net/Articles/921559/) 2023-01-30T14:52:28Z **Security updates for Monday**
Security updates have been issued by **Debian** (curl, dojo, git, lemonldap-ng, libapache-session-browseable-perl, libapache-session-ldap-perl, libzen, node-object-path, openjdk-11, sofia-sip, tiff, tor, and varnish), **Fedora** (libgit2, open62541, pgadmin4, rubygem-git, rust-bat, rust-cargo-c, rust-git-delta, rust-gitui, rust-libgit2-sys, rust-libgit2-sys0.12, rust-pore, rust-pretty-git-prompt, rust-rd-agent, rust-rd-hashd, rust-resctl-bench, rust-resctl-demo, rust-silver, and rust-tokei), **Scientific Li ... ⌘ [Read more](https://lwn.net/Articles/921620/) 2023-01-30T16:01:27Z **[$] The Linux SVSM project**
If legacy networks are like individual homes with a few doors
where a handful of people have the key, then cloud-based environments are like
apartment complexes that offer both higher density and greater flexibility,
but which include more key holders and potential entry points. The importance
of protecting virtual machines (VMs) running in these environments — from
both the host and other tenants — has become increasingly clear.
The [Linux Secure VM Service\
Module (SVSM)](https://github.com/AMDESE/linux-sv ... ⌘ [Read more](https://lwn.net/Articles/921266/) 2023-01-30T16:28:53Z **Maintainer confidential: Opportunities and challenges of the ubiquitous but under-resourced Yocto Project (Linux.com)**
Over at Linux.com, [Yocto Project](https://www.yoctoproject.org/) architect Richard Purdie [writes](https://www.linux.com/audience/maintainer-confidential-opportunities-and-challenges-of-the-ubiquitous-but-under-resourced-yocto-project/) about various kinds of problems that the project is experiencing, some of which stem from its success and growth. It is a story that will likely resonate with other open-source project ... ⌘ [Read more](https://lwn.net/Articles/921646/) 2023-01-31T15:18:34Z **Security updates for Tuesday**
Security updates have been issued by **CentOS** (bind, firefox, java-1.8.0-openjdk, java-11-openjdk, kernel, libXpm, pki-core, sssd, sudo, thunderbird, tigervnc, and xorg-x11-server), **Debian** (cinder, glance, libarchive, libhtml-stripscripts-perl, modsecurity-crs, node-moment, node-qs, nova, ruby-git, ruby-rack, and tiff), **Fedora** (java-17-openjdk, rust-bat, rust-cargo-c, rust-git-delta, rust-gitui, rust-pore, rust-silver, rust-tokei, and seamonkey), **Oracle** (libksba), **Red Hat** (kernel, kernel- ... ⌘ [Read more](https://lwn.net/Articles/921765/) 2023-01-31T18:07:18Z **[$] Using low-cost wireless sensors in the unlicensed bands**
When it comes to home automation, people often end up with devices
supporting the [Zigbee](https://csa-iot.org/all-solutions/zigbee/) or [Z-Wave](https://www.z-wave.com) protocols, but those devices are
relatively expensive. When I was looking for a way to keep an eye on the
temperature at home a few years ago, I bought a bunch of cheap
temperature and humidity sensors emitting radio signals in the unlicensed
ISM (Industrial, Scientific, and Medical) frequency bands instead. ... ⌘ [Read more](https://lwn.net/Articles/921497/) 2023-01-31T21:54:03Z **Cook: Bounded flexible arrays in C**
Kees Cook has posted [a\
detailed document](https://people.kernel.org/kees/bounded-flexible-arrays-in-c) describing the work to improve safety of
flexible-length arrays
in the kernel.

> Converting such codebases to use “modern” language features, like
> those in C99 (still from the prior millennium), can be a major
> challenge, but it is an entirely tractable problem. This post is a
> deep dive into an effort underway in the Linux kernel to make array
> index overflows (and more generally, buffe ... ⌘ [Read more](https://lwn.net/Articles/921799/) 2023-02-01T14:54:13Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (fig2dev and libstb), **Fedora** (seamonkey), **SUSE** (ctags, python-setuptools, samba, tmux, and xterm), and **Ubuntu** (advancecomp, apache2, python-django, slurm-llnl, and vim). ⌘ [Read more](https://lwn.net/Articles/921848/) 2023-02-01T15:52:27Z **Elementary OS 7 released**
[Version 7](https://blog.elementary.io/os-7-available-now/) of
the Ubuntu-based elementary OS distribution has been released.

> In the latest version of AppCenter we’ve worked on making app
> descriptions more engaging with more information, making it easier
> to update to the latest versions of apps, and improving support for
> sideloading and alt stores. We’ve also worked on improving
> AppCenter’s responsiveness—making sure you can comfortably use it
> when tiling and on small displays as well as bett ... ⌘ [Read more](https://lwn.net/Articles/921854/) 2023-02-01T16:17:37Z **TrenchBoot Anti Evil Maid for Qubes OS**
The Qubes OS news site has [a\
detailed article](https://www.qubes-os.org/news/2023/01/31/trenchboot-aem-for-qubes-os/) on work being done to ensure the integrity of the
system at boot time.

> As you may know, traditional firmware security measures like UEFI
> Secure Boot and measured boot, even with a Static Root of Trust
> (SRT), may only sometimes be enough to ensure a completely secure
> environment for your operating system. Compromised firmware may
> allow for the injection of maliciou ... ⌘ [Read more](https://lwn.net/Articles/921870/) 2023-02-01T21:15:59Z **[$] Convergence in the pip and conda worlds?**
The discussions about the world of Python packaging and the
problems caused by its disparate tools and incompatible ecosystems are
still ongoing. Last week, we [looked at the\
beginnings of the conversation](https://lwn.net/Articles/920832/) in mid-November, as the discussion
turned toward a possible convergence between two of the major
package-management players: [pip](https://pip.pypa.io/en/stable/) and [conda](https://docs.conda.io/en/latest/). There are numerous
barriers to bringing the ... ⌘ [Read more](https://lwn.net/Articles/921097/) 2023-02-01T21:33:49Z **Go 1.20 released**
[Version 1.20](https://go.dev/blog/go1.20) of the Go language
has been released.

> We’re particularly excited to launch a preview of profile-guided
> optimization (PGO), which enables the compiler to perform
> application- and workload-specific optimizations based on run-time
> profile information. Providing a profile to go build enables the
> compiler to speed up typical applications by around 3–4%, and we
> expect future releases to benefit even more from PGO. Since this is
> a preview release of PGO support, ... ⌘ [Read more](https://lwn.net/Articles/921894/) 2023-02-02T01:38:17Z **[$] LWN.net Weekly Edition for February 2, 2023**
The LWN.net Weekly Edition for February 2, 2023 is available. ⌘ [Read more](https://lwn.net/Articles/921353/) 2023-02-02T14:33:58Z **Security updates for Thursday**
Security updates have been issued by **Debian** (cinder, glance, nova, openjdk-17, and python-django), **Fedora** (caddy, git-credential-oauth, mingw-opusfile, and pgadmin4), **Slackware** (apr and mozilla), and **Ubuntu** (apache2 and python-django). ⌘ [Read more](https://lwn.net/Articles/921957/) 2023-02-02T16:04:36Z **[$] Git archive generation meets Hyrum's law**
On January 30, the GitHub blog carried [a\
brief notice](https://github.blog/changelog/2023-01-30-git-archive-checksums-may-change/) that the checksums of archives (such as tarballs)
generated by the site had just changed. GitHub's engineers were seemingly
unaware of the consequences of such a change — consequences that were
immediately evident to anybody familiar with either packaging systems or
[Hyrum's law](https://www.hyrumslaw.com/). Those checksums were
widely depended on by build sys ... ⌘ [Read more](https://lwn.net/Articles/921787/) 2023-02-02T16:27:29Z **GNU C Library 2.37 released**
[Version\
2.37](https://lwn.net/ml/libc-alpha/edc73dfb-7ea0-58d7-c5a5-ccad28254dbe@redhat.com/) of the GNU C Library has been released. This looks like a
relatively low-key release, with the one "major new feature" described as:

> The getent tool now supports the --no-addrconfig option. The output
> of getent with --no-addrconfig may contain addresses of families
> not configured on the current host i.e. as-if you had not passed
> AI\_ADDRCONFIG to getaddrinfo calls.

There is more information in [the r ... ⌘ [Read more](https://lwn.net/Articles/922003/) 2023-02-02T16:32:22Z **OpenSSH 9.2 released**
[OpenSSH\
9.2](https://lwn.net/ml/oss-security/729ab9380799c1ae@cvs.openbsd.org/) has been released. It includes a number of security fixes,
including one for a [pre-authentication\
double-free vulnerability](https://lwn.net/ml/oss-security/20230202130212.GA15689@localhost.localdomain/) that the project does not believe is
exploitable. Other new features include support for channel-inactivity
timeouts, better control over sftp protocol parameters, and more. ⌘ [Read more](https://lwn.net/Articles/922006/) 2023-02-02T16:37:50Z **Ekstrand: Exploring Rust for Vulkan drivers, part 1**
Faith Ekstrand [begins\
an exploration of using the Rust language](https://www.collabora.com/news-and-blog/blog/2023/02/02/exploring-rust-for-vulkan-drivers-part-1/) to write Vulkan graphics
drivers.

> Whenever a Vulkan object is created or destroyed, the parent object
> is passed to both the create and destroy functions. This ensures
> that the lifetime of the child object is contained within the
> lifetime of the parent object. In Rust terms, this means it's safe
> for the chi ... ⌘ [Read more](https://lwn.net/Articles/922008/) 2023-02-02T21:52:40Z **The Document Foundation announces LibreOffice 7.5 Community**
Version 7.5 of the [LibreOffice](https://www.libreoffice.org/) Community edition is [now available](https://www.libreoffice.org/download/download-libreoffice/). LibreOffice is, of course, the FOSS desktop office suite; version 7.5 brings new features to multiple parts of the tool, including major improvements to dark mode, better PDF exports, improved bookmarks in Writer, data tables for charts in Calc, better interoperability with Microsoft Office, and lots more.
Check out [ ... ⌘ [Read more](https://lwn.net/Articles/922051/) 2023-02-03T14:32:10Z **Security updates for Friday**
Security updates have been issued by **Fedora** (chromium and vim), **Slackware** (openssh), and **Ubuntu** (lrzip and tiff). ⌘ [Read more](https://lwn.net/Articles/922112/) 2023-02-03T15:18:04Z **[$] Constant-time instructions and processor optimizations**
Of all the attacks on cryptographic code, timing attacks may be among the
most insidious. An algorithm that appears to be coded correctly, perhaps
even with a formal proof of its correctness, may be undermined by
information leaked as the result of data-dependent timing differences.
Both Arm and Intel have introduced modes that are intended to help defend
against timing attacks, but the extent to which those modes should be used
in the kernel is still under discussion. ⌘ [Read more](https://lwn.net/Articles/921511/) 2023-02-06T00:06:45Z **Kernel prepatch 6.2-rc7**
The [6.2-rc7](https://lwn.net/Articles/922284/) kernel prepatch is out for
testing.

> So the 6.2 rc releases are continuing to be fairly small and
> controlled, to the point where normally I'd just say that this is
> the last rc. But since I've stated multiple times that I'll do an
> rc8 due to the holiday start of the release, that's what I'll do. ⌘ [Read more](https://lwn.net/Articles/922285/) 2023-02-06T14:41:17Z **Security updates for Monday**
Security updates have been issued by **Debian** (libhtml-stripscripts-perl), **Fedora** (binwalk, java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, java-latest-openjdk, kernel, sudo, and syncthing), **SUSE** (syslog-ng), and **Ubuntu** (editorconfig-core, firefox, pam, and thunderbird). ⌘ [Read more](https://lwn.net/Articles/922337/) 2023-02-06T15:19:20Z **[$] A survey of free CAD systems**
Computer-aided design (CAD) software is expensive to develop, which is a
good
reason to appreciate the existing free and open-source alternatives to some
of the big names
in the industry. This article takes a bird's-eye view at free
and open-source software for 2D drafting and 3D parametric solid modeling,
its progress over the years, as well as wins and ongoing challenges. ⌘ [Read more](https://lwn.net/Articles/921676/) 2023-02-06T15:23:41Z **Six new stable kernels**
The most recent batch of stable kernels has been released: [6.1.10](https://lwn.net/Articles/922339/), [5.15.92](https://lwn.net/Articles/922340/), [5.10.167](https://lwn.net/Articles/922341/), [5.4.231](https://lwn.net/Articles/922342/), [4.19.272](https://lwn.net/Articles/922343/), and [4.14.305](https://lwn.net/Articles/922344/). Those updates contain a relatively small
number of important fixes throughout the kernel tree. ⌘ [Read more](https://lwn.net/Articles/922338/) 2023-02-07T14:57:53Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (graphite-web, openjdk-11, webkit2gtk, wpewebkit, and xorg-server), **Mageia** (advancecomp, apache, dojo, git, java/timezone, libtiff, libxpm, netatalk, nodejs-minimist, opusfile, python-django, python-future, python-mechanize, ruby-sinatra, sofia-sip, thunderbird, and tigervnc), **Oracle** (git and thunderbird), **Red Hat** (git, libksba, rh-git227-git, rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon, and thunderbird), **SUSE** (apache2, nginx, php8-pear, ... ⌘ [Read more](https://lwn.net/Articles/922519/) 2023-02-07T20:58:58Z **[$] Fedora packages versus upstream Flatpaks**
The [Flatpak](https://flatpak.org/) package format promises to
bring "the future of apps on Linux", but a Linux distribution like
Fedora already provides packages in its native format—and built
to its specifications. Flatpaks that come from upstream projects may or
may not follow the packaging guidelines, philosophy, and practices so they
exist in their own world, separate from the packages that come directly
from Fedora. But [those worlds have\
collided](https://lwn.net/Articles/900210/) t ... ⌘ [Read more](https://lwn.net/Articles/922387/) 2023-02-08T14:28:50Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (heimdal, openssl, shim, and xorg-server), **Oracle** (kernel and thunderbird), **Red Hat** (git, libksba, samba, and tigervnc), **Scientific Linux** (thunderbird), **Slackware** (openssl and xorg), **SUSE** (EternalTerminal, openssl-1\_0\_0, openssl-1\_1, openssl-3, openssl1, polkit, and sssd), and **Ubuntu** (git, grunt, heimdal, openssl, openssl1.0, and xorg-server, xorg-server-hwe-18.04, xwayland). ⌘ [Read more](https://lwn.net/Articles/922626/) 2023-02-08T15:54:34Z **Rustproofing Linux (nccgroup)**
The nccgroup blog is carrying [a\
four-part series](https://research.nccgroup.com/2023/02/06/rustproofing-linux-part-1-4-leaking-addresses/) by Domen Puncer Kugler on how vulnerabilities can make
their way into device drivers written in Rust.

> In other words, the CONFIG\_INIT\_STACK\_ALL\_ZERO build
> option does nothing for Rust code! Developers must be cautious to
> avoid shooting themselves in the foot when porting a driver from C
> to Rust, especially if they previously relied on this config opti ... ⌘ [Read more](https://lwn.net/Articles/922638/) 2023-02-08T23:24:01Z **[$] Users and Python packaging**
A lot of digital ink has been expended in recounting the ongoing
Python packaging saga, which is now in its fourth installment
(earlier articles: [landscape survey](https://lwn.net/Articles/920132/), [visions and unification](https://lwn.net/Articles/920832/), and [pip-conda convergence](https://lwn.net/Articles/920832/)). Most of that
covered conversations that
took place in November and the discussion largely settled down over the
holidays, but it picked up again with a [packaging-strategy\
thread](htt ... ⌘ [Read more](https://lwn.net/Articles/921881/) 2023-02-08T23:27:59Z **The Atlantic Council on open-source policy**
The Atlantic Council ( [described by\
Wikipedia](https://en.wikipedia.org/wiki/Atlantic_Council) as "an American think tank in the field of international
affairs") has published [a\
lengthy report](https://www.atlanticcouncil.org/in-depth-research-reports/report/open-source-software-as-infrastructure/) on the problem of security in open-source software and
what might be done about it.

> OSS is really not much different from proprietary software: all
> code can be developed more securely, an ... ⌘ [Read more](https://lwn.net/Articles/922674/) 2023-02-09T01:55:36Z **[$] LWN.net Weekly Edition for February 9, 2023**
The LWN.net Weekly Edition for February 9, 2023 is available. ⌘ [Read more](https://lwn.net/Articles/921958/) 2023-02-09T14:43:39Z **Security updates for Thursday**
Security updates have been issued by **Debian** (chromium, libsdl2, and wireshark), **Fedora** (pesign, tpm2-tss, and webkitgtk), **Oracle** (hsqldb, krb5, libksba, tigervnc, and tigervnc and xorg-x11-server), **Red Hat** (openvswitch2.13, openvswitch2.15, openvswitch2.16, openvswitch2.17, rh-varnish6-varnish, tigervnc, and tigervnc and xorg-x11-server), **Scientific Linux** (tigervnc and xorg-x11-server), and **SUSE** (apache2, apache2-mod\_security2, apr-util, netatalk, podman, python-swift3, rubygem-gl ... ⌘ [Read more](https://lwn.net/Articles/922756/) 2023-02-09T16:36:52Z **[$] Free software and fiduciary duty**
Serial litigant Craig Wright recently [won\
a procedural ruling](https://money.usnews.com/investing/news/articles/2023-02-03/self-proclaimed-bitcoin-inventors-2-5-billion-lawsuit-can-go-to-trial-london-court) in a London court that allows a
multi-billion-dollar Bitcoin-related lawsuit to proceed. This case has
raised a fair amount of concern within the free-software community, where
it is seen as threatening the "no warranty" language included in almost
every free-software license. As it happens, t ... ⌘ [Read more](https://lwn.net/Articles/922545/) 2023-02-09T16:43:47Z **The future of Thunderbird**
The Thunderbird email client blog has [a\
plan](https://blog.thunderbird.net/2023/02/the-future-of-thunderbird-why-were-rebuilding-from-the-ground-up/) for where the project is going.

> Throughout the next 3 years, the Thunderbird project is aiming at
> these primary objectives:
>
> - Make the code base leaner and more reliable, rewrite ancient code,
> remove technical debt.
>
> - Rebuild the interface from scratch to create a consistent design
> system, as well as developing and maintaining an adaptabl ... ⌘ [Read more](https://lwn.net/Articles/922793/) 2023-02-09T18:15:24Z **A pair of stable kernels**
The [6.1.11](https://lwn.net/Articles/922812/) and [5.15.93](https://lwn.net/Articles/922814/) stable kernel updates have been
released; each contains another set of important fixes. ⌘ [Read more](https://lwn.net/Articles/922811/) 2023-02-10T14:52:11Z **Security updates for Friday**
Security updates have been issued by **Debian** (postgresql-11 and sox), **Fedora** (opusfile), **SUSE** (bind, jasper, libapr-util1, pkgconf, tiff, and xrdp), and **Ubuntu** (cinder, imagemagick, less, linux, linux-aws, linux-azure, linux-azure-5.4, linux-gkeop, linux-kvm,
 linux-oracle, linux-raspi, linux-raspi-5.4, linux, linux-aws, linux-gcp, linux-ibm, linux-kvm, linux-lowlatency,
 linux-oracle, linux-raspi, linux, linux-aws, linux-gcp-4.15, linux-kvm, linux-oracle, linux-raspi2, linux, linux-azure, li ... ⌘ [Read more](https://lwn.net/Articles/922929/) 2023-02-10T15:40:31Z **[$] The extensible scheduler class**
It was only a matter of time before somebody tried to bring BPF to the
kernel's CPU scheduler. At the end of January, Tejun Heo posted [the second\
revision of a 30-part patch series](https://lwn.net/ml/linux-kernel/20230128001639.3510083-1-tj@kernel.org/), co-written with David Vernet, Josh
Don, and Barret Rhoden, that does just that. There are clearly interesting
things that could be done by deferring scheduling decisions to a BPF
program, but it may take some work to sell this idea to the developm ... ⌘ [Read more](https://lwn.net/Articles/922405/) 2023-02-12T23:52:37Z **Kernel prepatch 6.2-rc8**
The
[eighth\
and presumably final 6.2 kernel prepatch](https://lwn.net/Articles/923105/) has been released.

> The 6.2 series continues to be fairly calm, and the only real
> reason for an rc8 is - as now mentioned several times - just to
> make up for some time during the holiday season. Not that we seem
> to really have needed it, but there was also no real reason to
> deviate from the plan. So here we are. ⌘ [Read more](https://lwn.net/Articles/923106/) 2023-02-13T15:03:03Z **Security updates for Monday**
Security updates have been issued by **Debian** (libde265 and snort), **Fedora** (chromium, openssl, php-symfony4, qt5-qtbase, qt6-qtbase, tigervnc, vim, wireshark, xorg-x11-server, and xorg-x11-server-Xwayland), **Slackware** (gnutls), **SUSE** (apr-util, grafana, java-1\_8\_0-ibm, kernel, less, libksba, opera, postgresql12, postgresql13, postgresql14, postgresql15, python-py, webkit2gtk3, wireshark, and xrdp), and **Ubuntu** (nova and webkit2gtk). ⌘ [Read more](https://lwn.net/Articles/923163/) 2023-02-13T18:27:33Z **Linux kernel Podcast - season 2 episode 2**
[A new\
installment](https://kernelpodcast.org/2023/02/12/s2e2-2023-02-12/) of the rejuvenated kernel podcast has been posted.

> If there were a "theme of the moment" for the industry (other than
> layoffs), it would probably be Confidential Compute. It seems one
> can’t go more than 10 minutes without seeing a patch for some new
> confidential compute feature in one of the major architectures, or
> the system IP that goes along with it. ⌘ [Read more](https://lwn.net/Articles/923209/) 2023-02-13T18:23:48Z **[$] A proposed threat model for confidential computing**
The field of confidential computing is still in its infancy, to the point
where it lacks a clear, agreed, and established problem description. Elena
Reshetova and Andi Kleen from Intel recently [started the conversation](https://lwn.net/ml/linux-kernel/DM8PR11MB57505481B2FE79C3D56C9201E7CE9@DM8PR11MB5750.namprd11.prod.outlook.com/) by sharing their view of a potential threat
model in the form of [this\
document](https://intel.github.io/ccc-linux-guest-hardening-docs/security-spec. ... ⌘ [Read more](https://lwn.net/Articles/922986/) 2023-02-14T14:52:48Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (imagemagick), **Fedora** (xml-security-c), **Red Hat** (grub2), **SUSE** (chromium, freerdp, libbpf, and python-setuptools), and **Ubuntu** (fig2dev and python-django). ⌘ [Read more](https://lwn.net/Articles/923267/) 2023-02-14T19:06:46Z **Two stable kernels — and maybe a third**
The
[6.1.12](https://lwn.net/Articles/923307/) and
[5.15.94](https://lwn.net/Articles/923308/)
stable kernel updates have been released, each with the usual set of
important fixes. There is also a 5.10.168 release in the works, but it ran
into some snags in [the\
review process](https://lwn.net/ml/linux-kernel/20230213144745.696901179@linuxfoundation.org/); it can be expected shortly.

Another set of updates, containing the mitigations for the just-disclosed
[cross-thread\
return-address predicti ... ⌘ [Read more](https://lwn.net/Articles/923306/) 2023-02-14T20:00:47Z **[$] An overview of single-purpose Linux distributions**
Many people, when they are installing a Linux distribution for a single
purpose such as
running containers, would prefer an install-and-forget
type of deployment. At [FOSDEM 2023](https://fosdem.org/2023/) in Brussels, several
projects of this minimal Linux distribution type were presented. [Fedora\
CoreOS](https://docs.fedoraproject.org/en-US/fedora-coreos/), [Ubuntu Core](https://ubuntu.com/core), [openSUSE MicroOS](https://microos.opensuse.org/), and [Bottlerocket OS](https://gi ... ⌘ [Read more](https://lwn.net/Articles/922968/) 2023-02-15T14:42:00Z **Firefox 110.0 released**
[Version\
110.0](https://www.mozilla.org/en-US/firefox/110.0/releasenotes/) of the Firefox browser has been released. Significant new
features include the ability to import bookmarks from the Opera and Vivaldi
browsers and GPU sandboxing on Windows systems. ⌘ [Read more](https://lwn.net/Articles/923365/) 2023-02-15T14:39:58Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (gnutls28 and haproxy), **Fedora** (syslog-ng), **Mageia** (apr-util, chromium-browser-stable, editorconfig-core-c, ffmpeg, libzen, phpmyadmin, tpm2-tss, and webkit2), **Oracle** (kernel and kernel-container), **Slackware** (mozilla and php), **SUSE** (git, haproxy, kernel, nodejs18, phpMyAdmin, and timescaledb), and **Ubuntu** (APR-util, git, and haproxy). ⌘ [Read more](https://lwn.net/Articles/923364/) 2023-02-15T15:04:22Z **Axboe: io_uring and networking in 2023**
Jens Axboe has posted [a\
detailed guide](https://github.com/axboe/liburing/wiki/io_uring-and-networking-in-2023) to improving the performance of networking applications
with [io\_uring](https://lwn.net/Articles/776703/).

> Network applications have been written with a readiness type of
> model for decades, most commonly using epoll(2) these days to get
> notified when a given socket has data available. While these
> applications can be adapted to io\_uring by swapping epoll notifiers
> with ... ⌘ [Read more](https://lwn.net/Articles/923369/) 2023-02-15T14:59:11Z **Realtime Ubuntu launched**
Canonical has [announced](https://ubuntu.com/blog/real-time-ubuntu-is-now-generally-available)
the general availability of a realtime variant of its distribution.

> Based on the 5.15 version of the Linux kernel, Ubuntu 22.04 LTS
> integrates the out-of-tree PREEMPT\_RT patches for x86 and Arm
> architectures. The PREEMPT\_RT patchset reduces the kernel latencies
> as required by the most exacting workloads, helping to ensure
> time-predictable task execution. Meeting stringent determinism
> requirements ... ⌘ [Read more](https://lwn.net/Articles/923366/) 2023-02-15T17:11:58Z **Stable kernel 5.10.168**
The [5.10.168](https://lwn.net/Articles/923395/) stable kernel update has
finally emerged from the review process and been released; it contains yet
another set of important fixes. ⌘ [Read more](https://lwn.net/Articles/923394/) 2023-02-15T21:40:24Z **[$] NASA and open-source software**
From the moon landing to the James Webb Space Telescope and many other
scientific missions, software is critical for the US [National Aeronautics and Space Administration](https://www.nasa.gov)
(NASA). Sharing information has also been in the DNA of the space
agency from the beginning. As a result, NASA also contributes to and
releases open-source software and open data. In a [keynote](https://fosdem.org/2023/schedule/event/nasa/) at [FOSDEM 2023](https://fosdem.org/2023/),
Science Data Officer Steve ... ⌘ [Read more](https://lwn.net/Articles/923223/) 2023-02-16T01:57:15Z **[$] LWN.net Weekly Edition for February 16, 2023**
The LWN.net Weekly Edition for February 16, 2023 is available. ⌘ [Read more](https://lwn.net/Articles/922783/) 2023-02-16T14:47:16Z **Security updates for Thursday**
Security updates have been issued by **Debian** (firefox-esr), **Fedora** (community-mysql, edk2, firefox, and git), **Slackware** (curl and git), **SUSE** (apache2-mod\_security2, aws-efs-utils, bind, curl, git, ImageMagick, java-11-openjdk, java-17-openjdk, java-1\_8\_0-openjdk, kernel, libksba, and mozilla-nss), and **Ubuntu** (golang-golang-x-text, golang-x-text, linux-aws, linux-aws-5.15, linux-azure-fde, linux-gcp, linux-gcp-5.15,
 linux-intel-iotg, linux-aws-5.4, linux-gcp, linux-gcp-5.4, linux-hwe ... ⌘ [Read more](https://lwn.net/Articles/923503/) 2023-02-16T15:30:38Z **[$] Debating composefs**
When LWN [looked at the composefs filesystem](https://lwn.net/Articles/917097/)
in December, we reported that there had been "little response" to the
patches. That is no longer the case. Whether composefs (or something like
it) should be merged has become the subject of an extended debate; at its
core, the discussion is over just how Linux should support certain types of
container workloads. ⌘ [Read more](https://lwn.net/Articles/922851/) 2023-02-16T17:22:11Z **Systemd 253 released**
Systemd 253 has been released. As always, the list of changes is
extensive. Support for version-1 control groups and separate /usr
systems is going away later this year. There is a new tool for working
with [unified\
kernel images](https://0pointer.de/blog/brave-new-trusted-boot-world.html), a number of new unit-file options have been added, and
much more; click below for the full list. ⌘ [Read more](https://lwn.net/Articles/923545/) 2023-02-17T15:37:47Z **Security updates for Friday**
Security updates have been issued by **Debian** (webkit2gtk and wpewebkit), **Fedora** (firefox, phpMyAdmin, tpm2-tools, and tpm2-tss), **Slackware** (mozilla), **SUSE** (mozilla-nss, rubygem-actionpack-4\_2, rubygem-actionpack-5\_1, and tar), and **Ubuntu** (linux-azure and linux-hwe-5.19). ⌘ [Read more](https://lwn.net/Articles/923644/) 2023-02-17T16:11:19Z **[$] Rethinking splice()**
The [splice()\
system call](https://man7.org/linux/man-pages/man2/splice.2.html) is built on an appealing idea: connect two file descriptors
together so that data can be moved from one to the other without passing
through user space and, preferably, without being copied in the kernel.
splice() has enabled some significant performance optimizations
over the years, but it has also proved difficult to work with and
occasionally surprising. A recent linux-kernel discussion showed how
splice() can cause trouble, to ... ⌘ [Read more](https://lwn.net/Articles/923237/) 2023-02-19T23:37:02Z **The 6.2 kernel has been released**
Linus has [released the 6.2 kernel](https://lwn.net/Articles/923744/) as
expected.

> Please do give 6.2 a testing. Maybe it's not a sexy LTS release
> like 6.1 ended up being, but all those regular pedestrian kernels
> want some test love too.

Headline features in this release include
the ability to manage [linked\
lists](https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=db6bf999544c) and other data structures in BPF programs,
more [additions](https://lwn.net/Articles/91 ... ⌘ [Read more](https://lwn.net/Articles/923732/) 2023-02-20T14:17:12Z **Security updates for Monday**
Security updates have been issued by **Debian** (c-ares, gnutls28, golang-github-opencontainers-selinux, isc-dhcp, nss, openssl, snort, and thunderbird), **Fedora** (clamav, curl, phpMyAdmin, thunderbird, vim, webkitgtk, and xen), **Red Hat** (firefox), **Slackware** (kernel), **SUSE** (apache2-mod\_security2, gssntlmssp, postgresql-jdbc, postgresql12, and timescaledb), and **Ubuntu** (firefox). ⌘ [Read more](https://lwn.net/Articles/923803/) 2023-02-20T15:15:04Z **GDB 13.1 released**
Version 13.1 of the GNU GDB debugger has been released. Changes include
support for the LoongArch and CSKY architectures, a number of Python API
improvements, support for zstd-compressed debug sections and more. ⌘ [Read more](https://lwn.net/Articles/923819/) 2023-02-20T16:09:42Z **[$] Some development statistics for 6.2**
The 6.2 kernel was [released](https://lwn.net/Articles/923744/) on February 19,
at the end of a ten-week development cycle. This time around, 15,536
non-merge changesets found their way into the mainline repository, making
this cycle significantly more active than [its\
predecessor](https://lwn.net/Articles/915435/). Read on for a look at the work that went into this kernel
release. ⌘ [Read more](https://lwn.net/Articles/923410/) 2023-02-21T15:25:46Z **Security updates for Tuesday**
Security updates have been issued by **CentOS** (libksba, thunderbird, and tigervnc and xorg-x11-server), **Debian** (clamav, nss, python-django, and sox), **Fedora** (kernel and thunderbird), **Mageia** (curl, firefox, nodejs-qs, qtbase5, thunderbird, upx, and webkit2), **Red Hat** (httpd:2.4, kernel, kernel-rt, kpatch-patch, pcs, php:8.0, python-setuptools, Red Hat build of Cryostat, Red Hat Virtualization Host 4.4.z SP 1, samba, systemd, tar, and thunderbird), **Scientific Linux** (firefox and thunderbi ... ⌘ [Read more](https://lwn.net/Articles/923942/) 2023-02-21T19:51:24Z **[$] Passwordless authentication with FIDO2—beyond just the web**
[FIDO2](https://fidoalliance.org/fido2/) is a standard for
authenticating users without the need for passwords. While the technology has
been introduced mainly to protect accounts on web sites, it's also useful
for other purposes, such as logging into Linux systems. The same technology
can even be used beyond authentication, for example to sign files or Git
commits. A couple of talks at [FOSDEM\
2023](https://fosdem.org/2023/) in Brussels presented the possibilities for Li ... ⌘ [Read more](https://lwn.net/Articles/923656/) 2023-02-22T14:48:37Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (amanda, apr-util, and tiff), **Fedora** (apptainer, git, gssntlmssp, OpenImageIO, openssl, webkit2gtk3, xorg-x11-server, and xorg-x11-server-Xwayland), **Oracle** (firefox and thunderbird), **Red Hat** (python3), **SUSE** (gnutls, php7, and python-Django), and **Ubuntu** (chromium-browser, libxpm, and mariadb-10.3, mariadb-10.6). ⌘ [Read more](https://lwn.net/Articles/924070/) 2023-02-22T15:09:34Z **No more Flatpak (by default) in Ubuntu Flavors**
The [Ubuntu Flavors](https://ubuntu.com/desktop/flavours)
offerings (Kubuntu and the like) have [decided](https://discourse.ubuntu.com/t/ubuntu-flavor-packaging-defaults/34061)
that the way to improve the user experience is to put more emphasis on the
Snap package format.

> Going forward, the Flatpak package as well as the packages to
> integrate Flatpak into the respective software center will no
> longer be installed by default in the next release due in April
> 2023, Lunar Lobster. ... ⌘ [Read more](https://lwn.net/Articles/924078/) 2023-02-22T22:42:24Z **[$] Python packaging targets**
As we have seen in earlier articles, the packaging landscape for Python is
fragmented and complex, though users of the language have been clamoring
for some kind of
unification for a decade or more at this point. The developers behind
pip and other packaging tools would like to find a way to satisfy
this wish from
Python-language users and developers, thus they have been discussing possible
solutions with increasing urgency, it seems, of late. In order to do that,
though, it is important to understand what ... ⌘ [Read more](https://lwn.net/Articles/923238/) 2023-02-22T23:59:28Z **An RFC for governance of the Rust project**
The Rust community has been working to reform its governance model; that
work is now being presented as [a\
draft document](https://github.com/rust-lang/rfc-leadership-council/blob/main/text/3392-leadership-council.md) describing how that model will work.

> This RFC establishes a Leadership Council as the successor of the
> core team and the new governance structure through which Rust
> Project members collectively confer the authority to ensure
> successful operation of the Project. The L ... ⌘ [Read more](https://lwn.net/Articles/924132/) 2023-02-23T01:15:17Z **[$] LWN.net Weekly Edition for February 23, 2023**
The LWN.net Weekly Edition for February 23, 2023 is available. ⌘ [Read more](https://lwn.net/Articles/923504/) 2023-02-23T14:36:11Z **Security updates for Thursday**
Security updates have been issued by **CentOS** (firefox and thunderbird), **Debian** (asterisk, git, mariadb-10.3, node-url-parse, python-cryptography, and sofia-sip), **Fedora** (c-ares, golang-github-need-being-tree, golang-helm-3, golang-oras, golang-oras-1, and golang-oras-2), **Oracle** (httpd:2.4, kernel, php:8.0, python-setuptools, python3, samba, systemd, tar, and webkit2gtk3), **Red Hat** (webkit2gtk3), **SUSE** (phpMyAdmin, poppler, and postgresql12), and **Ubuntu** (dcmtk and linux-hwe). ⌘ [Read more](https://lwn.net/Articles/924236/) 2023-02-23T15:23:37Z **Rust Keyword Generics Progress Report: February 2023**
The group working on adding keyword generics to the Rust language [is\
foreshadowing](https://blog.rust-lang.org/inside-rust/2023/02/23/keyword-generics-progress-report-feb-2023.html) what it plans to propose:

> A main driver of the keywords generics initiative has been our
> desire to make the different modifier keywords in Rust feel
> consistent with one another. Both the const WG and the async WG
> were thinking about introducing keyword-traits at the same time,
> and we fig ... ⌘ [Read more](https://lwn.net/Articles/924246/) 2023-02-23T15:52:21Z **[$] The first half of the 6.3 merge window**
As of this writing, 5,776 non-merge changesets have been pulled into the
mainline kernel for the 6.3 release; that is a bit less than half of the
work that was waiting in linux-next before the merge window opened. This
merge window is thus well underway, but far from complete. Quite a bit of
significant work has been pulled so far; read on to see what entered the
kernel in the first half of the 6.3 merge window. ⌘ [Read more](https://lwn.net/Articles/923846/) 2023-02-24T14:33:28Z **Security updates for Friday**
Security updates have been issued by **Debian** (binwalk, chromium, curl, emacs, frr, git, libgit2, and tiff), **Fedora** (qt5-qtbase), **SUSE** (c-ares, kernel, openssl-1\_1-livepatches, pesign, poppler, rubygem-activerecord-5\_1, and webkit2gtk3), and **Ubuntu** (linux-aws). ⌘ [Read more](https://lwn.net/Articles/924358/) 2023-02-24T15:30:14Z **[$] Debian ponders filesystem-image forward compatibility**
Developers who build distributions often (but not always) put considerable
effort into backward compatibility, ensuring, for example, that a program
built for one release will continue to run on later releases. Forward
compatibility, where it is possible to move a program (or other artifact)
from a more recent release to an older one, can be less of a concern, but
it still tends to be seen as something that is better to not break if
possible. So it is not surprising that an iss ... ⌘ [Read more](https://lwn.net/Articles/923969/) 2023-02-25T17:29:44Z **Seven stable kernels**
The
[6.2.1](https://lwn.net/Articles/924435/),
[6.1.14](https://lwn.net/Articles/924436/),
[5.15.96](https://lwn.net/Articles/924441/) [5.10.170](https://lwn.net/Articles/924440/),
[5.4.233](https://lwn.net/Articles/924439/),
[4.19.274](https://lwn.net/Articles/924438/), and
[4.14.307](https://lwn.net/Articles/924437/)
stable kernel updates have all been released; each contains another set of
important fixes. ⌘ [Read more](https://lwn.net/Articles/924434/) 2023-02-27T14:21:54Z **Security updates for Monday**
Security updates have been issued by **Debian** (apr-util, freeradius, mono, nodejs, php7.3, php7.4, and python-cryptography), **Fedora** (epiphany, haproxy, and podman), **SUSE** (chromium, libraw, php7, php74, python-pip, and rubygem-activerecord-4\_2), and **Ubuntu** (apr, clamav, curl, intel-microcode, nss, openvswitch, webkit2gtk, and zoneminder). ⌘ [Read more](https://lwn.net/Articles/924546/) 2023-02-27T15:37:35Z **[$] Red-black trees for BPF programs**
Most of the kernel's code is written in C and intended to be run directly
on the underlying hardware. That situation is changing in a few ways,
though; one of those is the ability to write kernel code for the BPF
virtual machine. The 6.3 kernel release will include a new API making the [red-black tree](https://lwn.net/Articles/184495/) data structure available to BPF
programs. Beyond being an interesting feature in its own right, this new
API shows how BPF is bringing a different approach to kernel ... ⌘ [Read more](https://lwn.net/Articles/924128/) 2023-02-27T15:49:00Z **A Linux-on-M1 update**
The Asahi Linux project has posted [an\
update and reality check](https://social.treehouse.systems/@AsahiLinux/109931764533424795) on the status of Linux support for Apple's M1
hardware.

> We are continuously upstreaming kernel features, and 6.2 notably
> adds device trees and basic boot support for M1 Pro/Max/Ultra
> machines.
> However, there is still a long road before upstream kernels are
> usable on laptops. There is no trackpad/keyboard support upstream
> yet.
>
> While you can boot an upstream 6.2 ker ... ⌘ [Read more](https://lwn.net/Articles/924557/) 2023-02-28T13:28:05Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (curl, python-werkzeug, and spip), **Fedora** (curl), **Mageia** (apache-commons-fileupload, apr, c-ares, clamav, git, gnutls, ipython, jupyter-core, php, postgresql, python-cryptography, python-jupyterlab, python-twisted, sofia-sip, and sox), **Red Hat** (git, httpd, kernel, kernel-rt, kpatch-patch, lua, openssl, pcs, php, python-setuptools, python3.9, systemd, tar, vim, and zlib), **SUSE** (libxslt, php8, postgresql15, python3, tpm2-0-tss, and ucode-intel), ... ⌘ [Read more](https://lwn.net/Articles/924690/) 2023-02-28T23:03:08Z **[$] Some useful tools for binary formats**
Linux users often work with text files; tools like grep,
awk,
and sed are standard utilities in their toolbox. However, these
tools fall
short when trying to extract or edit data from files in a binary format, analyze
corrupt
media files, or for parsing a binary data format. [FOSDEM 2023](https://fosdem.org/2023/) in Brussels had a whole [binary tools\
devroom](https://fosdem.org/2023/schedule/track/binary_tools/) dedicated to open-source programs that deal with binary data. ⌘ [Read more](https://lwn.net/Articles/924133/) 2023-03-01T14:45:36Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (multipath-tools and syslog-ng), **Fedora** (gnutls and guile-gnutls), **Oracle** (git, httpd, lua, openssl, php, python-setuptools, python3.9, sudo, tar, and vim), **Red Hat** (kpatch-patch), **Scientific Linux** (git), **SUSE** (compat-openssl098, glibc, openssl, postgresql13, python-Django, webkit2gtk3, and xterm), and **Ubuntu** (awstats, expat, firefox, gnutls28, lighttpd, php7.2, php7.4, php8.1, python-pip, and tar). ⌘ [Read more](https://lwn.net/Articles/924794/) 2023-03-01T17:36:44Z **Godot 4.0 released**
The waiting is done; [version\
4.0](https://github.com/godotengine/godot/releases/tag/4.0-stable) of the Godot game engine has been released.

> 4 years of development. 12,000 merged pull requests. 7,000 fixed
> issues. 1,500 individual contributors across engine and docs.
>
> The Godot 4.0 release is by all metrics our biggest release so far.
> No stone has been left unturned, all parts of the engine have been
> modernized, refactored, overhauled, rewritten, redesigned.

See [the\
release notes](https://godotengin ... ⌘ [Read more](https://lwn.net/Articles/924814/) 2023-03-01T19:05:39Z **Ryabitsev: Fix your mutt**
Konstantin Ryabitsev [has a\
request](https://people.kernel.org/monsieuricon/fix-your-mutt) for anybody who is using mutt for kernel work:

> At some point in the recent past, mutt changed the way it generates
> Message-ID header values. Instead of the perfectly good
> old way of doing it, the developers switched to using
> base64-encoded random bytes. The base64 dictionary contains the
> / character, which causes unnecessary difficulties when
> linking to these messages on lore.kernel.org, since the /
> ... ⌘ [Read more](https://lwn.net/Articles/924822/) 2023-03-01T22:28:34Z **[$] Python packaging and its tools**
The Python-packaging discussions continued in January and February; they
show no sign of abating in March either. This time around, we look (again)
at tools for packaging, including a brand new Rust-based entrant. There is
also a proposal to have interested parties create Python Enhancement
Proposals (PEPs) for packaging solutions that would be judged by a panel of
PEP delegates in order to try to choose something that the whole community
can rally around—without precluding the existence of other opt ... ⌘ [Read more](https://lwn.net/Articles/924114/) 2023-03-02T00:40:35Z **[$] LWN.net Weekly Edition for March 2, 2023**
The LWN.net Weekly Edition for March 2, 2023 is available. ⌘ [Read more](https://lwn.net/Articles/924241/) 2023-03-02T14:45:11Z **Security updates for Thursday**
Security updates have been issued by **CentOS** (git), **Debian** (spip), **Fedora** (epiphany), **Mageia** (binwalk, chromium-browser-stable, crmsh, emacs, libraw, libtiff, nodejs, pkgconf, tar, and vim), **Oracle** (kernel and systemd), **SUSE** (emacs, kernel, nrpe, and rubygem-activerecord-4\_2), and **Ubuntu** (c-ares, git, postgresql-12, postgresql-14, and sox). ⌘ [Read more](https://lwn.net/Articles/924922/) 2023-03-02T15:10:43Z **[$] Kernel time APIs for Rust**
While the 6.3 kernel has gained more support for the Rust language, it
still remains true that there is little that can be done in Rust beyond the
creation of a "hello world" module. That functionality was already
available in C, of course, with a level of safety similar to what Rust can
provide. Interest is growing, though, in merging actually useful modules
written in Rust; that will require some more capable infrastructure than is
currently present. A recent discussion on the handling of time values in ... ⌘ [Read more](https://lwn.net/Articles/924746/) 2023-03-03T14:03:11Z **Security updates for Friday**
Security updates have been issued by **Debian** (linux-5.10 and node-css-what), **SUSE** (gnutls, google-guest-agent, google-osconfig-agent, nodejs10, nodejs14, nodejs16, opera, pkgconf, python-cryptography, python-cryptography-vectors, rubygem-activesupport-4\_2, thunderbird, and tpm2-0-tss), and **Ubuntu** (git, kernel, linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15,
 linux-azure-fde, linux-gcp, linux-gcp-5.15, linux-gke, linux-gke-5.15,
 linux-hwe-5.15, linux-lowlatency, linux-lowlatency ... ⌘ [Read more](https://lwn.net/Articles/925060/) 2023-03-03T14:18:17Z **A half-dozen new stable kernels**
Greg Kroah-Hartman has announced the release of the [6.2.2](https://lwn.net/Articles/925062/), [6.1.15](https://lwn.net/Articles/925063/),
[5.15.97](https://lwn.net/Articles/925064/), [5.10.171](https://lwn.net/Articles/925065/), [5.4.234](https://lwn.net/Articles/925066/), and [4.19.275](https://lwn.net/Articles/925067/) stable kernels. All contain a
relatively small number of important fixes. ⌘ [Read more](https://lwn.net/Articles/925061/) 2023-03-03T15:16:00Z **Kukuk: Y2038, glibc and utmp/utmpx on 64bit architectures**
Thorsten Kukuk [demonstrates](https://www.thkukuk.de/blog/Y2038_glibc_utmp_64bit/)
that we are not done with year-2038 problems yet.

> The general statement so far has always been that on 64bit systems
> with a 64bit time\_t you are safe with respect to the Y2038
> problem. But glibc uses for compatibility with 32bit userland
> applications 32bit time\_t in some places even on 64bit systems.

One of those places is the utmp file.
The post includes a proposal for solving the ... ⌘ [Read more](https://lwn.net/Articles/925068/) 2023-03-03T15:45:32Z **[$] The SCO lawsuit, 20 years later**
On March 7, 2003, a struggling company called The SCO Group [filed a lawsuit against IBM](https://lwn.net/Articles/24747/), claiming that the
success of Linux was the result of a theft of SCO's technology. Two
decades later, it is easy to look back on that incident as a somewhat
humorous side-story in the development of Linux. At the time, though, it
shook our community to its foundations. It is hard to overestimate how
much the community we find ourselves in now was shaped by a ridiculous
lawsuit 2 ... ⌘ [Read more](https://lwn.net/Articles/924577/) 2023-03-06T03:41:32Z **Kernel prepatch 6.3-rc1**
The [6.3-rc1](https://lwn.net/Articles/925271/) kernel prepatch is out, and the
merge window is closed for this development cycle.

> And of course, smooth or not, now that the merge window is closed,
> we need to make sure it all \*works\*. We had a couple of exciting
> merges already, and I think the fallout from that got sorted out,
> but I'm sure there's more to come. Let's hope the calming-down
> period of 6.3 works as well as the merge window did... Knock wood. ⌘ [Read more](https://lwn.net/Articles/925272/) 2023-03-06T14:15:49Z **Security updates for Monday**
Security updates have been issued by **Debian** (apache2, libde265, libreswan, spip, syslog-ng, and xfig), **Fedora** (edk2, libtpms, python-django3, stb, sudo, vim, and xen), **Red Hat** (libjpeg-turbo and pesign), **SUSE** (kernel, python36, samba, and trivy), and **Ubuntu** (linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp,
 linux-gke, linux-gkeop, linux-hwe-5.4, linux-kvm, linux-oracle,
 linux-oracle-5.4, linux, linux-aws, linux-dell300x, linux-gcp-4.15, linux-oracle, linux-aws-h ... ⌘ [Read more](https://lwn.net/Articles/925323/) 2023-03-06T15:58:42Z **Three Questions and Answers: Rust for Linux (Heise)**
Heise [interviews\
Miguel Ojeda](https://www.heise.de/hintergrund/Three-Questions-and-Answers-Rust-for-Linux-7532262.html) about the Rust-for-Linux project.

> The first drivers (and the abstractions supporting them) that will
> start to be upstreamed are likely to be the Asahi Linux's GPU
> driver, Android's Binder and the NVMe driver. These are all
> non-trivial and will set the example for future Rust kernel
> abstractions and drivers. ⌘ [Read more](https://lwn.net/Articles/925351/) 2023-03-06T16:35:50Z **[$] The rest of the 6.3 merge window**
Linus Torvalds [released\
6.3-rc1](https://lwn.net/ml/linux-kernel/CAHk-=wgr1D8hb75Z+nn+4LXUnosp0HM+gP+YJEcEav1DgTC=Cw@mail.gmail.com/) and closed the 6.3 merge window as expected on March 5.
By that time, 12,717 non-merge commits (and 848 merges) had found their
way into the mainline kernel; nearly 7,000 of those commits came in after [the first-half merge-window summary](https://lwn.net/Articles/923846/) was
written. The second half of the 6.3 merge window was thus a busy time,
with quite a bit o ... ⌘ [Read more](https://lwn.net/Articles/924384/) 2023-03-07T14:15:54Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (kopanocore), **Fedora** (golang-github-projectdiscovery-chaos-client, rust-sequoia-octopus-librnp, rust-sequoia-sop, rust-sequoia-sq, and usd), **Oracle** (libjpeg-turbo and pesign), **Red Hat** (kernel, kernel-rt, kpatch-patch, osp-director-downloader-container, pesign, rh-mysql80-mysql, samba, and zlib), **SUSE** (mariadb), and **Ubuntu** (fribidi, gmp, linux, linux-aws, linux-kvm, linux-lts-xenial, linux-azure, linux-azure-4.15, linux-kvm, linux-raspi2, l ... ⌘ [Read more](https://lwn.net/Articles/925469/) 2023-03-07T14:32:08Z **McQueen: Flathub in 2023**
The Flathub organization (in the form of Robert McQueen) has posted [a lengthy\
update](https://discourse.flathub.org/t/flathub-in-2023/3808) on the state of Flathub and its plans for the coming year.

> So far, the GNOME Foundation has acted as an incubator and legal
> host for Flathub even though it’s not purely a GNOME product or
> initiative. Distributing software to end users along with
> processing and forwarding payments and donations also has a
> different legal profile in terms of risk exposure an ... ⌘ [Read more](https://lwn.net/Articles/925472/) 2023-03-07T15:28:10Z **The initial posting of the Apple AGX graphics driver**
Asahi Lina has posted [an\
initial version](https://lwn.net/ml/linux-kernel/20230307-rust-drm-v1-0-917ff5bc80a8@asahilina.net/) of a Rust-based driver for Apple AGX graphics
processors; the posting includes a fair amount of Rust infrastructure for
graphics drivers in general.

> While developing the driver, I tried to make use of Rust's safety
> and lifetime features to provide not just CPU-side safety, but also
> partial firmware-ABI safety. Thanks to this, it has turned out to
> ... ⌘ [Read more](https://lwn.net/Articles/925503/) 2023-03-07T16:15:01Z **[$] BTHome: An open standard for broadcasting sensor data**
Many wireless sensors broadcast their data using [Bluetooth Low \
Energy](https://en.wikipedia.org/wiki/Bluetooth_Low_Energy) (BLE). Their data is easy to receive, but decoding it can be a
challenge. Each manufacturer uses its own format, often tied to its own
mobile apps. Integrating all of these sensors into a home-automation system
requires a lot of custom decoders, which are generally developed by
reverse-engineering
the protocols. The goal of the [BTHome](https://bthome.io ... ⌘ [Read more](https://lwn.net/Articles/925125/) 2023-03-08T14:43:56Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (apr), **Fedora** (c-ares), **Oracle** (curl, kernel, pesign, samba, and zlib), **Red Hat** (curl, gnutls, kernel, kernel-rt, and pesign), **Scientific Linux** (kernel, pesign, samba, and zlib), **SUSE** (libX11, python-rsa, python3, python36, qemu, rubygem-rack, xorg-x11-server, and xwayland), and **Ubuntu** (libtpms, linux-ibm, linux-raspi, linux-raspi, python3.7, python3.8, and sofia-sip). ⌘ [Read more](https://lwn.net/Articles/925606/) 2023-03-08T16:13:20Z **Samba 4.18.0 released**
Version 4.18 of the Samba interoperability suite is out. Changes include
some significant performance improvements, better error messages, and more;
click below for the details. ⌘ [Read more](https://lwn.net/Articles/925632/) 2023-03-08T16:10:11Z **a2ps 4.15 released**
Version 4.15 of the "anything to PostScript" filter a2ps has been released
— the first release since 2007.
"This release contains few user-visible changes. It does however
contain a lot of changes “under the hood”: code clean-up,
etc. Therefore, it’s likely that there are new bugs." ⌘ [Read more](https://lwn.net/Articles/925631/) 2023-03-08T16:52:19Z **[$] Removing support for DeltaRPMs in Fedora**
Way back in 2009, we [looked](https://lwn.net/Articles/329484/) at the presto
plugin for yum, which added support for DeltaRPMs to Fedora. That package
format allows just the binary differences (i.e. the delta) between an
installed RPM and its update to be transmitted, which saves network
bandwidth; the receiving system then
creates the new RPM from those two pieces before installing it. Support
for DeltaRPMs was eventually added to the distribution by default, though
the feature
has never ... ⌘ [Read more](https://lwn.net/Articles/925348/) 2023-03-09T01:28:56Z **[$] LWN.net Weekly Edition for March 9, 2023**
The LWN.net Weekly Edition for March 9, 2023 is available. ⌘ [Read more](https://lwn.net/Articles/924891/) 2023-03-09T14:31:13Z **Security updates for Thursday**
Security updates have been issued by **CentOS** (kernel, pesign, samba, and zlib), **Oracle** (kernel), **Slackware** (httpd), **SUSE** (emacs, libxslt, nodejs12, nodejs14, nodejs16, openssl, poppler, python-py, python-wheel, xen, and xorg-x11-server), and **Ubuntu** (linux-gcp-5.4, linux-gkeop, opusfile, and samba). ⌘ [Read more](https://lwn.net/Articles/925723/) 2023-03-09T14:53:22Z **Rust 1.68.0 released**
[Version\
1.68.0](https://blog.rust-lang.org/2023/03/09/Rust-1.68.0.html) of the Rust language has been released. Changes include the
stabilization of the "sparse" Cargo protocol, the ability for (some)
applications to recover from memory-allocation failures, and "local Pin
construction":

> The new pin! macro constructs a
> Pin<&mut T> from a T expression,
> anonymously captured in local state. This is often called
> stack-pinning, but that "stack" could also be the captured state of
> an async fn or block. ⌘ [Read more](https://lwn.net/Articles/925732/) 2023-03-09T15:34:20Z **[$] An EEVDF CPU scheduler for Linux**
The kernel's [completely fair scheduler\
(CFS)](https://lwn.net/Articles/230574/) has the job of managing the allocation of CPU time for most of
the processes running on most Linux systems. CFS was merged for the 2.6.23
release in 2007 and has, with numerous ongoing tweaks, handled the job
reasonably well ever since. CFS is not perfect, though, and there are some
situations it does not handle as well as it should. The [EEVDF\
scheduler](https://lwn.net/ml/linux-kernel/20230306132521.968182689@infra ... ⌘ [Read more](https://lwn.net/Articles/925371/) 2023-03-10T14:40:21Z **Three stable kernel updates**
The
[6.2.3](https://lwn.net/Articles/925842/),
[6.1.16](https://lwn.net/Articles/925843/), and
[5.15.99](https://lwn.net/Articles/925844/)
stable kernel updates have been released. The first updates after the
close of a merge window tend to be huge, and these ones certainly fit that
description. ⌘ [Read more](https://lwn.net/Articles/925841/) 2023-03-10T14:37:55Z **Security updates for Friday**
Security updates have been issued by **Debian** (chromium and wireless-regdb), **Fedora** (caddy, python-cryptography, and redis), **Oracle** (gnutls), **SUSE** (hdf5, opera, python-Django, redis, tomcat, and xen), and **Ubuntu** (apache2 and snakeyaml). ⌘ [Read more](https://lwn.net/Articles/925840/) 2023-03-10T14:57:43Z **[$] Interview: the FreeCAD Project Association**
The sustainability of free software continues to be mostly uncharted
waters. No team is the same as any other, so copying, say, the [Blender Foundation](https://www.blender.org/about/foundation/)’s
approach to governance will, most likely, not work for other projects. But
there is value in understanding how various non-commercial organizations
operate in order to make informed decisions for the governance of new ones.
In late 2021, the [FreeCAD](https://www.freecad.org/) team
launched the ... ⌘ [Read more](https://lwn.net/Articles/924953/) 2023-03-11T14:27:59Z **More (hopefully) stable kernels**
The
[6.2.4](https://lwn.net/Articles/925909/) and
[6.1.17](https://lwn.net/Articles/925910/)
stable kernels have been released; each contains a pair of reverts for
problematic patches in yesterday's updates. But it doesn't stop there;
also released are
[6.2.5](https://lwn.net/Articles/925911/),
[6.1.18](https://lwn.net/Articles/925912/), and
[5.15.100](https://lwn.net/Articles/925913/)
with another set of important fixes. ⌘ [Read more](https://lwn.net/Articles/925908/) 2023-03-13T00:19:15Z **Kernel prepatch 6.3-rc2**
The [6.3-rc2](https://lwn.net/Articles/925960/) kernel prepatch is out.

> This one looks fairly normal, although if you look at the diffs,
> they are dominated by the removal of a staging driver (r8188eu)
> that has been superceded by a proper driver. That removal itself is
> 90% of the diffs.
>
> But if you filter that out, it all looks normal ⌘ [Read more](https://lwn.net/Articles/925961/) 2023-03-13T08:06:16Z **Security updates for Monday**
Security updates have been issued by **Debian** (imagemagick, libapache2-mod-auth-mellon, mpv, rails, and ruby-sidekiq), **Fedora** (chromium, dcmtk, and strongswan), **Mageia** (chromium-browser-stable, dcmtk, kernel, kernel-linus, libreswan, microcode, redis, and tmux), **SUSE** (postgresql14 and python39), and **Ubuntu** (linux-kvm, linux-raspi-5.4, and thunderbird). ⌘ [Read more](https://lwn.net/Articles/925987/) 2023-03-13T10:21:16Z **The stable kernels just keep coming**
Greg Kroah-Hartman has announced the release of the [6.2.6](https://lwn.net/Articles/925989/), [6.1.19](https://lwn.net/Articles/925990/),
[5.15.102](https://lwn.net/Articles/925991/), [5.10.174](https://lwn.net/Articles/925992/), [5.4.236](https://lwn.net/Articles/925993/), [4.19.277](https://lwn.net/Articles/925994/), and [4.14.309](https://lwn.net/Articles/925995/) stable kernels. These contain a
small number of fixes, including a partial reversion that fixes WiFi
problems that were introduced re ... ⌘ [Read more](https://lwn.net/Articles/925988/) 2023-03-13T14:27:52Z **[$] Heuristics for software-interrupt processing**
The kernel's software-interrupt ("softirq") mechanism was added prior to
the 1.0 kernel release, but it implements a design seen in systems that were
already old when Linux was born. For much of that time, softirqs have been
an impediment to the kernel community's scalability and response-time
goals, but they have proved resistant to removal. A recent discussion on a
proposed new heuristic to mitigate a softirq-related performance problem
may have reinvigorated interested in doing somet ... ⌘ [Read more](https://lwn.net/Articles/925540/) 2023-03-13T18:30:31Z **Git 2.40.0 released**
Version 2.40.0 of the Git source-code management system is out.
Changes include a new --merge-base option for merges,
a built-in implementation of bisection,
Emacs support for git jump,
a fair number of smallish user-interface tweaks, and a lot of bug fixes.
See the announcement and [this GitHub\
blog entry](https://github.blog/2023-03-13-highlights-from-git-2-40/) for the details. ⌘ [Read more](https://lwn.net/Articles/926033/) 2023-03-14T14:08:57Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (redis), **Fedora** (cairo, freetype, harfbuzz, and qt6-qtwebengine), **Red Hat** (kpatch-patch), **SUSE** (chromium, java-1\_8\_0-openj9, and nodejs18), and **Ubuntu** (chromium-browser, libxstream-java, php-twig, twig, protobuf, and python-werkzeug). ⌘ [Read more](https://lwn.net/Articles/926083/) 2023-03-14T15:12:41Z **[$] Zephyr: a modular OS for resource-constrained devices**
Writing applications for devices with a lot of resource constraints,
such as a
small amount of RAM or no memory-management unit (MMU), poses some
challenges. Running a Linux distribution often isn't an option on these devices,
but there are operating systems that try to bridge the gap between running
a Linux distribution and using bare-metal development. One of these is [Zephyr](https://zephyrproject.org/), a real-time operating system
(RTOS) [launched by the Linux Foundation i ... ⌘ [Read more](https://lwn.net/Articles/925924/) 2023-03-14T15:51:41Z **The suspension of ipmitool**
It would appear that the [ipmitool repository](https://github.com/ipmitool/ipmitool) has
been locked, and its maintainer suspended, by GitHub. [This Hacker News\
conversation](https://news.ycombinator.com/item?id=35137213) delves into the reason; evidently the developer was
employed by a sanctioned Russian company. Ipmitool remains available and
will, presumably, find a new home eventually. (Thanks to Paul Wise). ⌘ [Read more](https://lwn.net/Articles/926101/) 2023-03-15T13:05:01Z **Security updates for Wednesday**
Security updates have been issued by **Debian** (node-sqlite3 and qemu), **Fedora** (libmemcached-awesome, manifest-tool, sudo, and vim), **Red Hat** (gnutls, kernel, kernel-rt, lua, and openssl), **Slackware** (mozilla), **SUSE** (amanda, firefox, go1.19, go1.20, jakarta-commons-fileupload, java-1\_8\_0-openjdk, nodejs18, peazip, perl-Net-Server, python, python-cryptography, python-Django, python3, rubygem-rack, and xorg-x11-server), and **Ubuntu** (ipython, linux-ibm, linux-ibm-5.4, and linux-kvm). ⌘ [Read more](https://lwn.net/Articles/926205/) 2023-03-15T13:22:53Z **Debian project leader elections 2022**
The 2022 election for the Debian project leader looks to be a relatively
unexciting affair: incumbent leader Jonathan Carter is running unopposed
for a fourth term. [His platform](https://www.debian.org/vote/2023/platforms/jcc) lays
out his hopes and plans for that term. ⌘ [Read more](https://lwn.net/Articles/926209/) 2023-03-15T20:53:20Z **[$] Rules as code for more responsive governance**
Using [rules\
as code](https://govinsider.asia/intl-en/article/four-things-you-should-know-about-rules-as-code) to help bridge the gaps between policy creation, its
implementation, and its, often unintended, effects on people was the
subject of a talk by
Pia Andrews on the first day of the [inaugural \
Everything Open conference](https://2023.everythingopen.au/) in Melbourne, Australia. She
has long been exploring the space of open government,
and her talk was a report on what
she and o ... ⌘ [Read more](https://lwn.net/Articles/926059/) 2023-03-16T02:16:30Z **[$] LWN.net Weekly Edition for March 16, 2023**
The LWN.net Weekly Edition for March 16, 2023 is available. ⌘ [Read more](https://lwn.net/Articles/925724/) 2023-03-16T11:56:36Z **Security updates for Thursday**
Security updates have been issued by **Debian** (firefox-esr and pcre2), **Oracle** (nss), **Red Hat** (kpatch-patch and nss), **SUSE** (java-11-openjdk, kernel, and python310), and **Ubuntu** (emacs24, ffmpeg, firefox, imagemagick, libphp-phpmailer, librecad, and openjpeg2). ⌘ [Read more](https://lwn.net/Articles/926289/) 2023-03-16T14:22:54Z **[$] Zero-copy I/O for ublk, three different ways**
The [ublk subsystem](https://lwn.net/Articles/903855/) enables the creation of
user-space block drivers that communicate with the kernel using [io\_uring](https://lwn.net/Articles/776703/). Drivers implemented this way show
some promise with regard to performance, but there is a bottleneck in the
way: copying data between the kernel and the user-space driver's address
space. It is thus not surprising that there is interest in implementing
zero-copy I/O for ublk. The mailing lists have r ... ⌘ [Read more](https://lwn.net/Articles/926118/) 2023-03-16T14:30:42Z **OpenSSH 9.3 released**
OpenSSH 9.3 has been released. It includes a couple of security fixes, as
well as adding an option for hash-algorithm selection to
ssh-keygen and an option that allows configuration checking
without actually loading any private keys. ⌘ [Read more](https://lwn.net/Articles/926321/) 2023-03-16T16:26:50Z **SFC: John Deere's ongoing GPL violations: What's next**
The Software Freedom Conservancy [calls\
out John Deere](https://sfconservancy.org/blog/2023/mar/16/john-deere-gpl-violations/) for failure to comply with the GPL and preventing
farmers from repairing their own equipment.

> This is a serious issue that goes far beyond one person wanting to
> fix their printer software, or install an alternative firmware on
> a luxury device. It has far-reaching implications for all farmers'
> livelihoods, for food security throughout the world, ... ⌘ [Read more](https://lwn.net/Articles/926330/) 2023-03-16T16:44:01Z **Amazon Linux 2023 released**
Amazon has [released\
a new version](https://aws.amazon.com/blogs/aws/amazon-linux-2023-a-cloud-optimized-linux-distribution-with-long-term-support/) of its vaguely Fedora-based, cloud-optimized
distribution.

> Last—and this policy is by far my favorite—Amazon Linux provides
> you with deterministic updates through versioned repositories, a
> flexible and consistent update mechanism. The distribution locks to
> a specific version of the Amazon Linux package repository, giving
> you control over how and ... ⌘ [Read more](https://lwn.net/Articles/926332/) 2023-03-17T11:55:28Z **Security updates for Friday**
Security updates have been issued by **Debian** (sox and thunderbird), **Fedora** (containerd, libtpms, mingw-binutils, mingw-LibRaw, mingw-python-werkzeug, stargz-snapshotter, and tkimg), **Slackware** (mozilla and openssh), **SUSE** (apache2, firefox, hdf5, jakarta-commons-fileupload, kernel, perl-Net-Server, python-PyJWT, qemu, and vim), and **Ubuntu** (abcm2ps, krb5, and linux-intel-iotg). ⌘ [Read more](https://lwn.net/Articles/926411/) 2023-03-17T12:04:48Z **New stable kernels**
The [6.2.7](https://lwn.net/Articles/926413/), [6.1.20](https://lwn.net/Articles/926414/), [5.15.103](https://lwn.net/Articles/926415/), [5.10.175](https://lwn.net/Articles/926416/), [5.4.237](https://lwn.net/Articles/926417/), [4.19.278](https://lwn.net/Articles/926418/), and [4.14.310](https://lwn.net/Articles/926419/) stable kernels have been released.
As usual, they contain important fixes throughout the kernel tree; users
should upgrade. ⌘ [Read more](https://lwn.net/Articles/926412/) 2023-03-17T13:44:06Z **[$] Generic iterators for BPF**
BPF programs destined to be loaded into the kernel are generally written in
C but, increasingly, the environment in which those programs run differs
significantly from the C environment. The BPF virtual machine and
associated verifier make a growing set of checks in an attempt to make BPF
code safe to run. The proposed addition of an iterator mechanism to BPF
highlights the kind of features that are being added — as well as the
constraints placed on programmers by BPF. ⌘ [Read more](https://lwn.net/Articles/926041/) 2023-03-19T15:39:16Z **The FSF's Free Software Awards**
The Free Software Foundation has [announced](https://www.fsf.org/news/free-software-awards-winners-announced-eli-zaretskii-tad-skewedzeppelin-gnu-jami)
the recipients of this year's Free Software Awards:

- Eli Zaretskii (advancement of free software)

- Tad (SkewedZeppelin) (outstanding new free software contributor)

- GNU Jami (project of social benefit) ⌘ [Read more](https://lwn.net/Articles/926483/) 2023-03-19T15:49:42Z **LLVM 16.0.0 released**
[Version\
16.0.0](https://discourse.llvm.org/t/llvm-16-0-0-release/69326) of the LLVM compiler suite has been released. As usual, the
list of changes is long; see the specific release notes for
[LLVM](https://releases.llvm.org/16.0.0/docs/ReleaseNotes.html),
[Clang](https://releases.llvm.org/16.0.0/tools/clang/docs/ReleaseNotes.html),
[Libc++](https://releases.llvm.org/16.0.0/projects/libcxx/docs/ReleaseNotes.html),
and others linked from the announcement. ⌘ [Read more](https://lwn.net/Articles/926485/) 2023-03-20T00:22:37Z **Kernel prepatch 6.3-rc3**
The [6.3-rc3](https://lwn.net/Articles/926533/) kernel prepatch is out for
testing. "So rc3 is fairly big, but that's not hugely usual: it's when
a lot of the fixes tick up as it takes a while before people find and start
reporting issues." ⌘ [Read more](https://lwn.net/Articles/926534/) 2023-03-20T14:08:05Z **25 Years of curl**
Daniel Stenberg [observes](https://daniel.haxx.se/blog/2023/03/20/twenty-five-years-of-curl/)
the 25th anniversary of the curl project.

> We really have no idea exactly how many users or installations of
> libcurl there are now. It is easy to estimate that it runs in way
> more than ten billion installations purely based on the fact that
> there are 7 billion smart phones and 1 billion tablets in the world
> , and we know that each of them run at least one, but likely many
> more curl installs. ⌘ [Read more](https://lwn.net/Articles/926560/) 2023-03-20T15:54:17Z **Security updates for Monday**
Security updates have been issued by **Debian** (firefox-esr, imagemagick, sox, thunderbird, and xapian-core), **Fedora** (chromium, containernetworking-plugins, guile-gnutls, mingw-python-OWSLib, pack, pypy3.7, sudo, thunderbird, tigervnc, and vim), **Mageia** (apache, epiphany, heimdal, jasper, libde265, libtpms, liferea, mysql-connector-c++, perl-HTML-StripScripts, protobuf, ruby-git, sqlite3, woodstox-core, and xfig), **Oracle** (kernel), **Red Hat** (firefox, nss, and openssl), **SUSE** (apache2, docke ... ⌘ [Read more](https://lwn.net/Articles/926636/) 2023-03-20T16:15:40Z **[$] Reducing direct-map fragmentation with __GFP_UNMAPPED**
The kernel's direct map makes all of a system's physical memory available
to the kernel within its address space — on 64-bit systems, at least. This
seemingly simple feature has proved to be hard to maintain, in the face of
the requirements faced by current systems, while keeping good performance.
The latest attempt to address this issue is [this patch\
set](https://lwn.net/ml/linux-kernel/20230308094106.227365-1-rppt@kernel.org/) from Mike Rapoport adding more direct-map aware ... ⌘ [Read more](https://lwn.net/Articles/926020/) 2023-03-20T21:39:20Z **coreutils-9.2 released**
Version 9.2 of the GNU coreutils collection — the home of common tools like
cp, mv, ls, rm, and more — is out. The
changes are mostly minor; numerous bugs have been fixes and a few new
command-line options have been added. ⌘ [Read more](https://lwn.net/Articles/926676/) 2023-03-21T14:03:54Z **Security updates for Tuesday**
Security updates have been issued by **Debian** (apache2), **Oracle** (firefox, nss, and openssl), **Slackware** (curl and vim), **SUSE** (dpdk, firefox, grafana, oracleasm, python-cffi, python-Django, and qemu), and **Ubuntu** (ruby2.7, sox, and tigervnc). ⌘ [Read more](https://lwn.net/Articles/926759/) 2023-03-21T15:59:31Z **[$] Hopes and promises for open-source voice assistants**
At the end of 2022, Paulus Schoutsen declared 2023 " [the\
year of voice](https://www.home-assistant.io/blog/2022/12/20/year-of-voice/)" for [Home\
Assistant](https://lwn.net/Articles/822350/), the popular open-source home-automation project that he
founded nine years ago. The project's goal this year is to let users
control their home with voice commands in their own language, using offline
processing instead of sending data to the cloud. Offline voice control has
been the holy ... ⌘ [Read more](https://lwn.net/Articles/926484/) 2023-03-22T13:29:42Z **Security updates for Wednesday**
Security updates have been issued by **Fedora** (firefox), **Oracle** (kernel, kernel-container, and nss), and **SUSE** (curl, dpdk, drbd, go1.18, kernel, openstack-cinder, openstack-glance, openstack-neutron-gbp,, oracleasm, python3, slirp4netns, and xen). ⌘ [Read more](https://lwn.net/Articles/926843/) 2023-03-22T15:28:27Z **GNOME 44 released**
[Version\
44](https://foundation.gnome.org/2023/03/22/introducing-gnome-44/) of the GNOME desktop environment has been released. "This
release brings a grid view in the file chooser, improved settings panels
for Device Security, Accessibility, etc, and refined quick settings in the
shell. The Software and Files apps have seen improvements, and a whole slew
of new apps has joined the [GNOME\
Circle](https://circle.gnome.org/)". See [the release\
notes](https://release.gnome.org/44/) for details. ⌘ [Read more](https://lwn.net/Articles/926856/) 2023-03-22T18:59:26Z **Seven more stable kernels**
The
[6.2.8](https://lwn.net/Articles/926871/),
[6.1.21](https://lwn.net/Articles/926872/),
[5.15.104](https://lwn.net/Articles/926873/),
[5.10.176](https://lwn.net/Articles/926874/),
[5.4.238](https://lwn.net/Articles/926875/),
[4.19.279](https://lwn.net/Articles/926876/), and
[4.14.311](https://lwn.net/Articles/926877/)
stable kernel updates have all been released; each contains another set of
important fixes. ⌘ [Read more](https://lwn.net/Articles/926870/) 2023-03-22T21:31:23Z **[$] Jumping the licensing shark**
The concept of [copyleft](https://en.wikipedia.org/wiki/Copyleft) is
compelling in a lot of ways, at least for those who want to promote
software freedom in the world. Bradley Kuhn is certainly one of those
people and has long been working on various aspects of copyleft licensing
and compliance, along with software freedom. He came to [Everything Open 2023](https://2023.everythingopen.au/) to talk
about copyleft, some of its history—and flaws—and to look toward the future
of copyleft. ⌘ [Read more](https://lwn.net/Articles/926788/) 2023-03-23T01:05:46Z **[$] LWN.net Weekly Edition for March 23, 2023**
The LWN.net Weekly Edition for March 23, 2023 is available. ⌘ [Read more](https://lwn.net/Articles/926300/) 2023-03-23T14:02:07Z **Security updates for Thursday**
Security updates have been issued by **CentOS** (firefox, nss, and openssl), **Fedora** (firefox, liferea, python-cairosvg, and tar), **Oracle** (openssl and thunderbird), **Scientific Linux** (firefox, nss, and openssl), **SUSE** (container-suseconnect, grub2, libplist, and qemu), and **Ubuntu** (amanda, apache2, node-object-path, and python-git). ⌘ [Read more](https://lwn.net/Articles/926972/) 2023-03-23T15:24:33Z **[$] Free software during wartime**
Just over 27 years ago, John Perry Barlow's [declaration of the\
independence of Cyberspace](https://www.eff.org/cyberspace-independence) claimed that governments "have no
sovereignty" over the networked world. In 2023, we have ample reason
to know better than that, but we still expect the free-software community
to be left alone by the affairs of governments much of the time. A couple
of recent episodes related to the war in Ukraine are making it clear that
there are limits to our independence. ⌘ [Read more](https://lwn.net/Articles/926798/) 2023-03-24T13:34:36Z **Security updates for Friday**
Security updates have been issued by **Debian** (chromium, libdatetime-timezone-perl, and tzdata), **Fedora** (flatpak and gmailctl), **Mageia** (firefox, flatpak, golang, gssntlmssp, libmicrohttpd, libtiff, python-flask-security, python-owslib, ruby-rack, thunderbird, unarj, and vim), **Red Hat** (firefox, kpatch-patch, nss, openssl, and thunderbird), **SUSE** (containerd, hdf5, qt6-base, and squirrel), and **Ubuntu** (amanda, gif2apng, graphviz, and linux, linux-aws, linux-azure, linux-gcp, linux-ibm, lin ... ⌘ [Read more](https://lwn.net/Articles/927198/) 2023-03-24T14:28:50Z **[$] User-space shadow stacks (maybe) for 6.4**
Support for shadow stacks on the x86 architecture has been long in coming;
LWN [first covered this work](https://lwn.net/Articles/758245/) in 2018. After
five years and numerous versions, though, it would appear that
user-space shadow stacks on x86 might just be supported in the 6.4 kernel
release. Getting there has required a few changes since we last [caught up with this work](https://lwn.net/Articles/885220/) in early 2022. ⌘ [Read more](https://lwn.net/Articles/926649/) 2023-03-24T19:31:38Z **Garrett: We need better support for SSH host certificates**
Matthew Garrett [looks at\
the recent disclosure](https://mjg59.dreamwidth.org/65874.html) of GitHub's private host key, how it probably
came about, and what a better approach to key management might look like.

> The main problem is that client tooling just doesn't handle this
> well. OpenSSH has no way to do TOFU for CAs, just the keys
> themselves. This means there's no way to do a git clone
> ssh://git@github.com/whatever and get a prompt asking you
> to trust Github's ... ⌘ [Read more](https://lwn.net/Articles/927251/)