Welcome to LWN.net

Security updates have been issued by AlmaLinux (buildah, containernetworking-plugins, and skopeo), Fedora (pdns-recursor and valkey), Mageia (unbound), Red Hat (fence-agents, firefox, java-11-openjdk, python-setuptools, python3-setuptools, resource-agents, and thunderbird), SUSE (etcd-for-k8s, libsonivox3, rubygem-puma, and unbound), and Ubuntu (apr, libarchive, linux, linux-aws, linux-aws-hwe, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, nano, and vim).

Full Story (comments: none)

Version 4.0.0 of the LibreSSL TLS/cryptography stack has been released. Changes include a cleanup of the MD4 and MD5 implementations, removal of unused DSA methods, changes in libtls protocol parsing to ignore unsupported TLSv1.1 and TLSv1.0 protocols, and many more internal changes and bug fixes.

Full Story (comments: 7)

Security updates have been issued by AlmaLinux (container-tools:rhel8, firefox, OpenIPMI, podman, and thunderbird), Debian (libapache-mod-jk, php7.4, and webkit2gtk), Fedora (edk2, koji, libgsf, rust-hyper-rustls, rust-reqwest, rust-rustls-native-certs, rust-rustls-native-certs0.7, rust-tonic, rust-tonic-build, rust-tonic-types, rust-tower, rust-tower-http, rust-tower-http0.5, and rust-tower0.4), Mageia (firefox, firefox-l10n, and thunderbird), Oracle (bind, container-tools:ol8, kernel, kernel-container, OpenIPMI, podman, and thunderbird), Red Hat (container-tools:rhel8, containernetworking-plugins, podman, and skopeo), SUSE (argocd-cli, bsdtar, keepalived, kernel, kyverno, libmozjs-115-0, libmozjs-128-0, libmozjs-78-0, OpenIPMI, opensc, php8, thunderbird, and xen), and Ubuntu (configobj, haproxy, imagemagick, nginx, and postgresql-10, postgresql-9.3).

Full Story (comments: none)

Paul McKenney gave a presentation at Kangrejos this year that wasn't (directly) related to Rust. Instead, he spoke about the work he has been doing in concert with many other contributors on improving the handling of subtle concurrency problems in C++. Although he cautioned that his talk was only an overview, and not a substitute for reading the relevant papers, he hoped that the things the C++ community is working on would be of interest to the Rust developers present as well, and potentially inform future work on the language. McKenney's talk was, as is his style, full of subtle examples of weird multithreaded behavior. Interested readers may wish to refer to his slides in an attempt to follow along.

Full Story (comments: 32)

Version 1.4 of the Inkscape open-source vector-graphics editor has been released. Highlights of this release include a filter gallery, import for Affinity Designer files, internal links in exported PDFs, and more. See the release notes for all of the new features. LWN previewed the 1.4 release in early October.

Comments (none posted)

It is too early to say what the outcome will be in the ongoing fight between Automattic and WP Engine, but the WordPress community at large is already the loser. Automattic founder and CEO Matt Mullenweg has been using his control of the project, and the WordPress.org infrastructure, to punish WP Engine and remove some dissenting contributors from discussion channels. Most recently, Mullenweg has instituted a hostile fork of a WP Engine plugin and the forked plugin is replacing the original via WordPress updates.

Full Story (comments: 29)

While Debian's "sauce" is not actually all that secret, it is not particularly well-known either, Samuel Henrique said at the start of his DebConf24 talk. There is a lot of software-engineering effort that has been put in place by the distribution in order to create and maintain its releases, but "loads of people are not aware" of it. That may be due to the fact that all of that is not really documented anywhere in a central location that he can just point someone to. Recognizing that is what led him to give the talk; hopefully it will be a "first step toward" helping solve the problem.

Full Story (comments: 34)

Security updates have been issued by Debian (docker.io, libreoffice, node-dompurify, python-reportlab, and thunderbird), Fedora (buildah, chromium, kernel, kernel-headers, libgsf, mosquitto, p7zip, podman, python-cramjam, python-virtualenv, redis, rust-async-compression, rust-brotli, rust-brotli-decompressor, rust-libcramjam, rust-libcramjam0.2, rust-nu-command, rust-nu-protocol, rust-redlib, rust-tower-http, thunderbird, and webkit2gtk4.0), Oracle (.NET 6.0, .NET 8.0, e2fsprogs, firefox, golang, openssl, python3-setuptools, systemd, and thunderbird), SUSE (chromium, firefox, java-jwt, libmozjs-128-0, libwireshark18, ntpd-rs, OpenIPMI, thunderbird, and wireshark), and Ubuntu (firefox, python2.7, python3.5, thunderbird, and ubuntu-advantage-desktop-daemon).

Full Story (comments: none)

The 6.12-rc3 kernel prepatch is out for testing.

So the diffstat looks a bit odd, because one of the fixes here caused the UTF tables to be regenerated, and an effective one-liner change turned into 6703 lines of diff.

But if you ignore that effect, everything looks normal.

Comments (none posted)

At Kangrejos, Gary Guo wanted to discuss three problems with the way Rust and C code in the kernel interact: mismatched types, too many type casts, and the overhead of helper functions. To fix the first two problems, Guo proposed changing the way the kernel maps C types into Rust types. The last problem was a bit trickier, but he has a clever workaround for that, based on tricking the compiler into inlining the helper functions across language boundaries.

Full Story (comments: 4)

Security updates have been issued by AlmaLinux (.NET 6.0, .NET 8.0, and openssl), Debian (firefox-esr), Fedora (firefox), Mageia (php, quictls, and vim), Red Hat (buildah, container-tools:rhel8, containernetworking-plugins, firefox, podman, skopeo, and tomcat), Slackware (mozilla), SUSE (apache-commons-io, kernel, and xen), and Ubuntu (golang-1.17, libgsf, and linux-aws-6.8, linux-oracle-6.8).

Full Story (comments: none)

Version 24.10 of the Ubuntu distribution is out. This release includes GNOME 47, Linux 6.11, security enhancements for managing Personal Package Archives (PPAs), experimental security controls for Snap packages, and more.

Comments (none posted)

At the recently concluded Maintainers Summit, it was generally agreed that the Rust experiment would continue, and that the path was clear for more Rust code to enter the kernel. But the high-level view taken at such gatherings cannot always account for the difficult details that will inevitably arise as the Rust work proceeds. A recent discussion on the nouveau mailing list may have escaped the notice of many, but it highlights some of the problems that will have to be worked out as important functionality written in Rust heads toward the mainline.

Full Story (comments: 148)

Mozilla has released Firefox versions 131.0.2, ESR 128.3.1, and ESR 115.16.1. These updates address a severe, remotely exploitable code-execution vulnerability that is evidently already being exploited. Updating to a fixed release seems like a wise thing to do.

Comments (19 posted)

Greg Kroah-Hartman has announced the release of the 6.11.3, 6.10.14, 6.6.55, and 6.6.56 stable kernels. The 6.6.56 release fixes a problem with building perf in 6.6.55; "If you do not use the perf tool in the 6.6.y tree, there is no need to upgrade.". Meanwhile, 6.10.14 is the last of the 6.10.y series, so users should now be moving to 6.11.y. Other than 6.6.56, they contain the usual long list of important fixes throughout the kernel tree.

Comments (none posted)

Security updates have been issued by Debian (chromium), Fedora (firefox, koji, unbound, webkit2gtk4.0, and xen), Red Hat (glibc, net-snmp, and tomcat), Slackware (mozilla), SUSE (apache-commons-io, buildah, cups-filters, liboath-devel, libreoffice, libunbound8, podman, and redis), and Ubuntu (cups-browsed, cups-filters, edk2, linux-raspi-5.4, and oath-toolkit).

Full Story (comments: none)

Bindgen is a widely used tool that automatically generates Rust bindings from C headers. The Rust-for-Linux project uses it to create some of the bindings between Rust code and the rest of the kernel. John Baublitz presented at Kangrejos about the improvements that he has made to the tool in order to make the generated bindings easier to use, including improved support for macros, bitfields, and enums.

Full Story (comments: 25)

The Julia project has released version 1.11.0. A separate blog post covers some of the highlights. The release includes a number of helpful features.

In previous Julia versions, there was no "programmatic way" of knowing if an unexported name was considered part of the public API or not. Instead, the guideline was basically that if it was not in the manual then it was not public which was a bit underwhelming. To remedy that, there is now a public keyword in Julia that can be used to indicate that an unexported name is part of the public API.

Comments (none posted)

Security updates have been issued by AlmaLinux (firefox, mod_jk, and thunderbird), Debian (apache2 and firefox-esr), Fedora (crosswords, logiops, p7zip, and perl-App-cpanminus), Red Hat (.NET 6.0, firefox, git, kernel, kernel-rt, openssl, and thunderbird), SUSE (buildah, json-lib, kernel, Mesa, mozjs78, pgadmin4, podman, podofo, qatlib, redis7, roundcubemail, rusty_v8, and seamonkey), and Ubuntu (dotnet6, dotnet8, nginx, and ruby-webrick).

Full Story (comments: none)