Linux Weekly News

Security updates have been issued by AlmaLinux (bubblewrap, flatpak), Debian (libxml2), Fedora (lua-mpack, mingw-python3, python-django, python-django4.2, python3.11, python3.13, and python3.9), Oracle (bubblewrap, flatpak), Red Hat (fence-agents, python-urllib3, resource-agents, and wget), Slackware (expat and mozilla), SUSE (buildah, chromium, firefox, gradle, java-1_8_0-ibm, kubernetes1.26, postgresql16, python-Django, python312-pip, and systemd), and Ubuntu (python-aiohttp).

Version 1.81.0 of the Rust language has been released. Changes include the stabilization of the Error trait in core, some new sort algorithms, some linting improvements, and more.

OpenSnitch is an "interactive application firewall". Like other firewalls, it uses a series of rules to decide what network traffic should be permitted. Unlike many other firewalls, though, OpenSnitch does not ask the user to create a list of rules ahead of time. Instead, the list of rules can be built up incrementally as applications make connections — and the user can peruse both the rules that have built up over time, and statistics on the connections that have been attempted.

Version 4.21.0 of the Samba Windows interoperability suite has been released. Changes include some authentication hardening, a number of LDAP improvements, per-user and per-group veto and hide files, group-managed service accounts, and quite a bit more.

Security updates have been issued by AlmaLinux (bubblewrap and flatpak, containernetworking-plugins, fence-agents, ghostscript, krb5, orc, podman, python3.11, python3.9, resource-agents, runc, and wget), Debian (chromium, cinder, glance, gnutls28, nova, nsis, python-oslo.utils, ruby-sinatra, and setuptools), Fedora (kernel), Oracle (bubblewrap and flatpak, buildah, containernetworking-plugins, fence-agents, ghostscript, gvisor-tap-vsock, kernel, krb5, libndp, nodejs:18, orc, podman, postgresql, python-urllib3, python3.11, python3.12, python3.9, runc, skopeo, and wget), SUSE (hdf5, netcdf, trilinos), and Ubuntu (firefox, imagemagick, ironic, openssl, python-django, vim, and znc).

The LWN.net Weekly Edition for September 5, 2024 is available.

The call for candidates has gone out for the 2024 election of members of the Linux Foundation Technical Advisory Board:

The TAB exists to provide advice from the kernel community to the Linux Foundation and holds a seat on the LF's board of directors; it also serves to facilitate interactions both within the community and with outside entities. Over the last year, the TAB has overseen the organization of the Linux Plumbers Conference, advised on the setup of the kernel CVE numbering authority, worked behind the scenes to help resolve a number of contentious community discussions, worked with the Linux Foundation on community conference planning, and more.

Nominations are due by September 20.

Version 4.0 of the Tellico collection-management software has been released. This is the first release to use the KDE Frameworks 6 and Qt6 libraries, with a fallback available for Frameworks 5 and Qt5. Other notable changes in 4.0 include importing video collections from file metadata and correctly importing multi-disc album data from Discogs, MusicBrainz, and iTunes. Users of prior versions are advised to make a backup of their data before upgrading.

Much of the early Rust code for the kernel has taken the form of reimplementations of existing drivers as a proof of concept. One project, though, is entirely new: the driver for Apple GPUs written by Asahi Lina. This driver has shipped with Asahi Linux for some time and, by many accounts, is stable, usable, and a shining example of how Rust can be used in a complex kernel subsystem. That driver remains outside of the mainline kernel, though, and merging currently looks like a distant prospect. The reasons for that state of affairs highlight some of the difficulties inherent in integrating a new language (and its associated development style) into the Linux kernel.

The 6.10.8, 6.6.49, 6.1.108, 5.15.166, 5.10.225, 5.4.283, and 4.19.321 stable kernel updates have all been released. As usual, they contain important fixes throughout the tree. Users of those kernels should upgrade.

Security updates have been issued by AlmaLinux (buildah, gvisor-tap-vsock, nodejs:18, python-urllib3, and skopeo), Debian (firefox-esr and openssl), Fedora (apr and seamonkey), Red Hat (podman), Slackware (mozilla and seamonkey), SUSE (bubblewrap and flatpak, buildah, docker, dovecot23, ffmpeg, frr, go1.21-openssl, graphviz, java-1_8_0-openj9, kubernetes1.26, kubernetes1.27, kubernetes1.28, openssl-1_0_0, openssl-3, perl-DBI, python-aiohttp, python-Django, python-WebOb, thunderbird, tiff, ucode-intel, unbound, webkit2gtk3, and xen), and Ubuntu (drupal7 and twisted).

Version 130.0 of the Firefox browser has been released. Notable in this release is the addition of a Firefox Labs tab in Firefox Settings. This allows users to easily enable experimental features, such as the ability to translate selected text portions to different languages after a full-page translation, and add an AI chatbot to the sidebar. Firefox 130 also addresses several security issues, adds 11 new languages to its translation support, and more.

One of the joys of writing about technology is the opportunity to cover interesting talks on open‑source and free‑software topics. One of the pains is creating transcriptions of said talks, or continually referring back to a recording, to be able to write about them. Speech Note is an open-source application that uses machine-learning models, running locally, to translate speech to text and take the pain out of transcription. It also handles text to speech, and language translations. While not perfect, its transcriptions are better than one might expect, even when handling jargon, accents, and less-than-perfect audio.

Security updates have been issued by AlmaLinux (python3.12), Debian (calibre, exfatprogs, frr, git, libtommath, nbconvert, ruby-nokogiri, ruby-tzinfo, and webkit2gtk), Fedora (flatpak, lua-mpack, and python3.12), Red Hat (389-ds-base, 389-ds:1.4, buildah, fence-agents, gvisor-tap-vsock, httpd:2.4, kernel, kernel-rt, nodejs:18, orc, postgresql, postgresql:12, postgresql:13, postgresql:15, python-urllib3, python3.12, and skopeo), SUSE (389-ds, bubblewrap and flatpak, cacti, cacti-spine, curl, glib2, kernel-firmware, libqt5-qt3d, libqt5-qtquick3d, opera, python39, qemu, unbound, xen, and zziplib), and Ubuntu (ffmpeg, linux-raspi-5.4, and python-webob).

At this year's GUADEC in Denver, Colorado, Behdad Esfahbod and Matthias Clasen presented a two-part talk on a topic that's deeply important to desktop environments: fonts. Esfahbod covered advances in font technology that are making their way to becoming standards, and Clasen briefly discussed improvements in GTK text rendering. The talk presented some fascinating insights into the problems around accurately rendering writing systems on the desktop, and where font technologies may be going in the near future.

Security updates have been issued by AlmaLinux (postgresql:16), Debian (dovecot, pymatgen, ruby2.7, systemd, and webkit2gtk), Fedora (microcode_ctl, python3.11, vim, and xen), Oracle (kernel, postgresql:12, postgresql:13, postgresql:15, and python39:3.9 and python39-devel:3.9), Slackware (libpcap), SUSE (cacti, cacti-spine, python-Django, and trivy), and Ubuntu (dovecot).

Linus has released 6.11-rc6 for testing. "Things look pretty normal, although we have perhaps unusually many filesystem fixes here, spread out over smb, xfs, bcachefs and netfs."

Reading an established open-source project's developer mailing list may leave new contributors wishing they had a decoder ring. Greg Sabino Mullane has written up a valuable explainer for those new to the PostgreSQL hackers (pgsql-hackers) mailing list that may also be useful for decoding other lists as well:

The mailing lists are full of acronyms and jargon that might not be familiar to younger people who did not grow up on email (although text messages have inherited many of the abbreviations). If you are a non-native English speaker, or under the age of 30, or not steeped in the world of tech, I offer some solutions below.

To do this, I downloaded the last year's worth of hackers email, wrote a program to strip out all the non-human stuff (headers, code blocks, attachments, etc.), and then did some data analysis on the results.

Here is a piece of advice for anybody wanting an easy and frustration-free life: do not run your own email system. While there numerous advantages to keeping some control over your communications, there is also a long list of things that can go wrong. A recent failure of spam filtering on the LWN email system illustrated one of those ways, as well as shining a light on how even a seemingly independent email system is tied to other services across the net.

Back in 2021, the ElasticSearch search engine and Kibana visualization platform were relicensed under the non-free Server Side Public License (SSPL). Now, Elastic (the company owning those projects) has announced that those projects will also be distributable under the Affero GPL license.

We never stopped believing and behaving like an open source community after we changed the license. But being able to use the term Open Source, by using AGPL, an OSI approved license, removes any questions, or fud, people might have.