Linux Weekly News

Security updates have been issued by Debian (amanda, aom, bluez, python-jwcrypto, and thunderbird), Fedora (chromium, firefox, and thunderbird), Red Hat (bubblewrap and flatpak, containernetworking-plugins, flatpak, and runc), Slackware (python3), SUSE (apache2, bubblewrap and flatpak, postgresql16, and wireshark), and Ubuntu (thunderbird).

Linus has released 6.11-rc7 for testing.

And I wish I could say that things have calmed down, but I can't really say that. In fact, rc7 is slightly bigger than both rc6 and rc5 were, both in number of commits, and in actual diff size. That's not really how it should work out.

That said, there's nothing *scary* in here.

He is apparently "still waffling" about whether to release 6.11 next weekend, which would cause the 6.12 merge window to land on top of the Maintainers Summit, Linux Plumbers Conference, and Open Source Summit.

The 6.10.9, 6.6.50, and 6.1.109 stable kernel updates have been released; each contains another set of important fixes.

Code review is in high demand, and short supply, for most open-source projects. Reviewer time is precious, so any tool that can lighten the load is worth exploring. That is why Jesse Brandeburg and Kamel Ayari decided to test whether tools like ChatGPT could review patches to provide quick feedback to contributors about common problems. In a talk at the Netdev 0x18 conference this July, Brandeburg provided an overview of an experiment using machine learning to review emails containing patches sent to the netdev mailing list. Large-language models (LLMs) will not be replacing human reviewers anytime soon, but they may be a useful addition to help humans focus on deeper reviews instead of simple rule violations.

The NGINX team has announced that official NGINX open-source development has moved away from Mercurial to GitHub, and the project will now be taking contributions in the form of pull requests:

Additionally, starting today, we will begin accepting bugs reports, feature requests and enhancements directly through GitHub, under the "Issues" tab. Moreover, we've moved our community forums to the GitHub "Discussions" area, where you will now be able to engage in conversation, ask, and answer questions.

[...] We understand that changes like these may require adjustment, so to give you more time, we will continue accepting patches and provide community support via mailing lists until December 31st, 2024.

Alejandro Colomar, who has been maintaining the Linux man pages for the last four years, has announced that he will have to stop that work.

I've been doing it in my free time, and no company has sponsored that work at all. At the moment, I cannot sustain this work economically any more, and will temporarily and indefinitely stop working on this project. If any company has interests in the future of the project, I'd welcome an offer to sponsor my work here; if so, please let me know.

Work on realtime preemption for the Linux kernel got its start almost exactly 20 years ago (though it had its roots in earlier work, of course). It is fair to say that finishing that job has taken a bit longer than anybody involved would have expected. Now, though, Sebastian Andrzej Siewior has posted a brief patch series making it possible to enable realtime preemption in the mainline kernel on three architectures.

With the printk bits merged, PREEMPT_RT could be enabled on X86, ARM64 and Risc-V. These three architectures merged required changes over the years leaving me in a position where I have no essential changes in the queue that would affect them.

Congratulations are due to the many developers who have worked on this project for the last two decades.

Security updates have been issued by AlmaLinux (bubblewrap, flatpak), Debian (libxml2), Fedora (lua-mpack, mingw-python3, python-django, python-django4.2, python3.11, python3.13, and python3.9), Oracle (bubblewrap, flatpak), Red Hat (fence-agents, python-urllib3, resource-agents, and wget), Slackware (expat and mozilla), SUSE (buildah, chromium, firefox, gradle, java-1_8_0-ibm, kubernetes1.26, postgresql16, python-Django, python312-pip, and systemd), and Ubuntu (python-aiohttp).

Version 1.81.0 of the Rust language has been released. Changes include the stabilization of the Error trait in core, some new sort algorithms, some linting improvements, and more.

OpenSnitch is an "interactive application firewall". Like other firewalls, it uses a series of rules to decide what network traffic should be permitted. Unlike many other firewalls, though, OpenSnitch does not ask the user to create a list of rules ahead of time. Instead, the list of rules can be built up incrementally as applications make connections — and the user can peruse both the rules that have built up over time, and statistics on the connections that have been attempted.

Version 4.21.0 of the Samba Windows interoperability suite has been released. Changes include some authentication hardening, a number of LDAP improvements, per-user and per-group veto and hide files, group-managed service accounts, and quite a bit more.

Security updates have been issued by AlmaLinux (bubblewrap and flatpak, containernetworking-plugins, fence-agents, ghostscript, krb5, orc, podman, python3.11, python3.9, resource-agents, runc, and wget), Debian (chromium, cinder, glance, gnutls28, nova, nsis, python-oslo.utils, ruby-sinatra, and setuptools), Fedora (kernel), Oracle (bubblewrap and flatpak, buildah, containernetworking-plugins, fence-agents, ghostscript, gvisor-tap-vsock, kernel, krb5, libndp, nodejs:18, orc, podman, postgresql, python-urllib3, python3.11, python3.12, python3.9, runc, skopeo, and wget), SUSE (hdf5, netcdf, trilinos), and Ubuntu (firefox, imagemagick, ironic, openssl, python-django, vim, and znc).

The LWN.net Weekly Edition for September 5, 2024 is available.

The call for candidates has gone out for the 2024 election of members of the Linux Foundation Technical Advisory Board:

The TAB exists to provide advice from the kernel community to the Linux Foundation and holds a seat on the LF's board of directors; it also serves to facilitate interactions both within the community and with outside entities. Over the last year, the TAB has overseen the organization of the Linux Plumbers Conference, advised on the setup of the kernel CVE numbering authority, worked behind the scenes to help resolve a number of contentious community discussions, worked with the Linux Foundation on community conference planning, and more.

Nominations are due by September 20.

Version 4.0 of the Tellico collection-management software has been released. This is the first release to use the KDE Frameworks 6 and Qt6 libraries, with a fallback available for Frameworks 5 and Qt5. Other notable changes in 4.0 include importing video collections from file metadata and correctly importing multi-disc album data from Discogs, MusicBrainz, and iTunes. Users of prior versions are advised to make a backup of their data before upgrading.

Much of the early Rust code for the kernel has taken the form of reimplementations of existing drivers as a proof of concept. One project, though, is entirely new: the driver for Apple GPUs written by Asahi Lina. This driver has shipped with Asahi Linux for some time and, by many accounts, is stable, usable, and a shining example of how Rust can be used in a complex kernel subsystem. That driver remains outside of the mainline kernel, though, and merging currently looks like a distant prospect. The reasons for that state of affairs highlight some of the difficulties inherent in integrating a new language (and its associated development style) into the Linux kernel.

The 6.10.8, 6.6.49, 6.1.108, 5.15.166, 5.10.225, 5.4.283, and 4.19.321 stable kernel updates have all been released. As usual, they contain important fixes throughout the tree. Users of those kernels should upgrade.

Security updates have been issued by AlmaLinux (buildah, gvisor-tap-vsock, nodejs:18, python-urllib3, and skopeo), Debian (firefox-esr and openssl), Fedora (apr and seamonkey), Red Hat (podman), Slackware (mozilla and seamonkey), SUSE (bubblewrap and flatpak, buildah, docker, dovecot23, ffmpeg, frr, go1.21-openssl, graphviz, java-1_8_0-openj9, kubernetes1.26, kubernetes1.27, kubernetes1.28, openssl-1_0_0, openssl-3, perl-DBI, python-aiohttp, python-Django, python-WebOb, thunderbird, tiff, ucode-intel, unbound, webkit2gtk3, and xen), and Ubuntu (drupal7 and twisted).

Version 130.0 of the Firefox browser has been released. Notable in this release is the addition of a Firefox Labs tab in Firefox Settings. This allows users to easily enable experimental features, such as the ability to translate selected text portions to different languages after a full-page translation, and add an AI chatbot to the sidebar. Firefox 130 also addresses several security issues, adds 11 new languages to its translation support, and more.

One of the joys of writing about technology is the opportunity to cover interesting talks on open‑source and free‑software topics. One of the pains is creating transcriptions of said talks, or continually referring back to a recording, to be able to write about them. Speech Note is an open-source application that uses machine-learning models, running locally, to translate speech to text and take the pain out of transcription. It also handles text to speech, and language translations. While not perfect, its transcriptions are better than one might expect, even when handling jargon, accents, and less-than-perfect audio.