Linux Weekly News

Greg Kroah-Hartman has released another four stable Linux kernel updates: 6.11.6, 6.6.59, 6.1.115, and 5.15.170.

Security updates have been issued by Debian (firefox-esr), Fedora (xorg-x11-server-Xwayland), Oracle (buildah, e2fsprogs, grafana, kernel, and mod_http2), Red Hat (buildah, container-tools:rhel8, firefox, grafana, grafana:7.3.6, podman, and thunderbird), SUSE (alloy, cargo-audit-advisory-db-20241030, chromedriver, corepack22, netty, openvpn, python310-Werkzeug, thunderbird, uwsgi, and xsd), and Ubuntu (linux, linux-azure-6.8, linux-gcp-6.8, linux-hwe-6.8 and linux, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4).

The Rust blog has an update on its progress on some of its project goals. One of the project's flagship goals is to resolve the biggest blockers to Linux building on stable Rust:

Finally, we have been finding an increasing number of stabilization requests at the compiler level, and so @wesleywiser and @davidtwco from the compiler team have started attending meetings to create a faster response. One of the results of that collaboration is RFC #3716, authored by Alice Ryhl, which proposes a method to manage compiler flags that modify the target ABI. Our previous approach has been to create distinct targets for each combination of flags, but the number of flags needed by the kernel make that impractical. Authoring the RFC revealed more such flags than previously recognized, including those that modify LLVM behavior.

OpenStreetMap tends to dominate the space for open mapping data, but it is not the only project working in this area. At the 2024 Open Source Summit Japan, Marc Prioleau presented the Overture Maps Foundation, which is building and distributing a set of worldwide maps under open licenses. Overture may have a similar goal to OpenStreetMap, but its approach and intended uses are significantly different.

Security updates have been issued by Debian (firefox-esr and openssl), Fedora (firefox, libarchive, micropython, NetworkManager-libreswan, and xorg-x11-server-Xwayland), Red Hat (nano), Slackware (mozilla-firefox, mozilla-thunderbird, tigervnc, and xorg), SUSE (389-ds, Botan, go1.21-openssl, govulncheck-vulndb, java-11-openjdk, lxc, python-Werkzeug, and uwsgi), and Ubuntu (firefox, libarchive, linux-azure-fde, linux-azure-fde-5.15, python-pip, and xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04).

The LWN.net Weekly Edition for October 31, 2024 is available.

Timothée Ravier has written a blog post about changes in the Fedora Atomic Desktops for Fedora Linux 41. Some of the notable new features for Atomic Desktops include bootloader updates enabled by default for UEFI systems, first steps towards using bootable containers, and more.

The Raspberry Pi project has announced a new version of Raspberry Pi OS. It includes a number of significant changes, the most notable of which is that the Raspberry Pi Desktop now uses Wayland by default for all Pi models using the labwc compositor:

For most of this year, we have been working on porting labwc to the Raspberry Pi Desktop. This has very much been a collaborative process with the developers of both labwc and wlroots: both have helped us immensely with their support as we contribute features and optimisations needed for our desktop.

This release also features Linux 6.6.51, improved touchscreen support, a new screen configuration tool called raindrop, and more. See the release notes for a full list of changes.

The kernel graphics driver for the Apple M1 and M2 GPUs is, rather famously, written in Rust, but it has achieved conformance with various graphics standards, which is also noteworthy. At the X.Org Developers Conference (XDC) 2024, Alyssa Rosenzweig gave an update on the status of the driver, along with some news about the kinds of games it can support (YouTube video, slides). There has been lots of progress since her talk at XDC last year (YouTube video), with, of course, still more to come.

The first stable release of the Thunderbird mail client for Android is now available:

Just over two years ago, we announced our plans to bring Thunderbird to Android by taking K-9 Mail under our wing. The journey took a little longer than we had originally anticipated and there was a lot to learn along the way, but the wait is finally over! For all of you who have ever asked "when is Thunderbird for Android coming out?", the answer is – today!

It is immediately available on the Google Play Store, via GitHub Releases, or from the Thunderbird web site, and it will be "coming soon" to the F-Droid repository for FOSS Android applications. See the release notes for detailed information about Thunderbird 8.0 for Android.

Security updates have been issued by AlmaLinux (buildah), Debian (python-git, texlive-bin, and xorg-server), Mageia (chromium-browser-stable), Red Hat (kernel), SUSE (Botan, go1.22-openssl, go1.23-openssl, grafana, libgsf, pcp, pgadmin4, python310-pytest-html, python313, xorg-x11-server, and xwayland), and Ubuntu (nano, python-urllib3, and xorg-server, xwayland).

Mozilla has announced the release of a new version of Firefox. This version has the usual mix of security fixes and new features, as well as a handful of deprecations. The release removes support for HTTP/2 Push, but adds hardware acceleration for SVGs, support for wide color gamuts on more platforms, and restores support for remote debugging via USB.

Fedora Linux 41 has been released. See the "what's new" pages for Fedora Workstation and Fedora KDE, to learn more about the latest in those editions. There is also a new Fedora Miracle Window Manager Spin that offers the Miracle tiling window manager for Wayland.

The first program that Martin Pool ever wrote, he said, had bugs; the ones he's writing now most likely have bugs too. The talk Pool gave at RustConf this year was about a way to try to write programs with fewer bugs. He has developed a tool called cargo-mutants that highlights gaps in test coverage by identifying functions that can be broken without causing any tests to fail. This can be a valuable complement to other testing techniques, he explained.

Security updates have been issued by Debian (exim4) and SUSE (chromium, openssl-1_1, and openssl-3).

A project called Flock has announced its existence. Flock is a fork of the Flutter user-interface toolkit project, motivated by frustration with the resources that Google is putting into Flutter.

We describe Flock as "Flutter+". In other words, we do not want, or intend, to fork the Flutter community. Flock will remain constantly up to date with Flutter. Flock will add important bug fixes, and popular community features, which the Flutter team either can't, or won't implement.

(LWN looked at flutter in 2020).

Debian Developer Russell Coker has written up an analysis of the remote exploit of CUPS announced in September:

He seems to have a different experience to me of reporting bugs, I have had plenty of success getting bugs fixed without hyping them. I just report the bug, wait a while, and it gets fixed. [...] I was quite confident that my systems wouldn't be at any risk.

When it was published my opinion was proven to be correct, it turned out to be a series of CUPS bugs.

The Open Source Initiative (OSI) has announced the release of version 1.0 of the Open Source AI Definition:

The OSAID offers a standard by which community-led, open and public evaluations will be conducted to validate whether or not an AI system can be deemed Open Source AI. This first stable version of the OSAID is the result of multiple years of research and collaboration, an international roadshow of workshops, and a year-long co-design process led by the Open Source Initiative (OSI).

LWN covered the OSAID process, and final release candidate, on October 25.

Sparrow Li presented virtually at RustConf 2024 about the current state of and future plans for the Rust compiler's performance. The compiler is relatively slow to compile large programs, although it has been getting better over time. The next big performance improvement to come will be parallelizing the compiler's parsing, type-checking, and related operations, but even after that, the project has several avenues left to explore.

Rong Xu and Han Shen described the kernel-optimization techniques that Google uses in the toolchains track at the 2024 Linux Plumbers Conference. They talked about automatic feedback-directed optimization (AutoFDO), which can be used with the Propeller optimizer to produce kernels with better performance using profile information gathered from real workloads. There is a fair amount of overlap between these tools and the BOLT post-link optimizer, which was the subject of a talk that directly preceded this session.