Linux Weekly News

The Zig project has announced the release of the 0.14 version of the language, including changes from more than 250 contributors. Zig is a low-level, memory-unsafe programming language that aims to compete with C instead of depending on it. Even though the language has not yet had a stable release, there are a number of projects using it as an alternative to C with better metaprogramming. While the project's release schedule has been a bit inconsistent, with the release of version 0.14 being delayed several times, the release contains a number of new convenience features, broader architecture support, and the next steps toward removing Zig's dependency on LLVM.

The SUSE Security Team blog has a post with a detailed analysis of a vulnerability (CVE-2025-27591) in the below tool for recording and displaying system data.

In January 2025, Below was packaged and submitted to openSUSE Tumbleweed. Below runs as a systemd service with root privileges. The SUSE security team monitors additions and changes to systemd service unit files in openSUSE Tumbleweed, and through this we noticed problematic log directory permissions applied in Below's code.

The LLVM project's Fortran compiler, which has for many years gone by the name "flang-new", will now simply be "flang", starting from LLVM's 20.1.0 release on March 4. The announcement, which includes details about the history of flang, comes after a long period of development and discussion. The community has considered renaming flang several times before now, but has always held off out of a feeling that the compiler was not yet ready. Now, the members of the project believe that flang has become stable and complete enough to earn its name.

We are almost 10 years from the first announcement of what would become LLVM Flang. In the LLVM monorepo alone there have been close to 10,000 commits from around 400 different contributors. Undoubtedly more in Classic Flang before that.

Version 1.26.0 of the GStreamer cross-platform multimedia framework has been released. Notable changes in this release include support for the H.266 Versatile Video Coding (VVC) codec, Low Complexity Enhancement Video Coding (LCEVC) support, closed caption improvements, and JPEG XS image codec support.

Security updates have been issued by Debian (libmodbus), Fedora (thunderbird and vyper), Mageia (firefox, nss, python-django, python-jinja2, and thunderbird, thunderbird-l10n), Oracle (bind, kernel, rsync, and tigervnc), Red Hat (.NET 8.0, .NET 9.0, and libxml2), SUSE (iniparser and kernel), and Ubuntu (dotnet8, dotnet9, freerdp2, jinja2, libreoffice, linux, linux-hwe, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-kvm, linux-oracle, linux-kvm, and opensc).