lwn.net

The Linux Plumbers Conference has announced the second in a brief series of "town hall" events leading up to the full (virtual) conference starting August 24. This one features LWN editor Jonathan Corbet presenting a version of his "Kernel Report" talk covering the current and future state of the kernel-development community. This talk is scheduled for July 16 at 9:00AM US/Mountain time (8:00AM US/Pacific, 3:00PM UTC). Mark your calendars.

The Btrfs filesystem has had a long and sometimes turbulent history; LWN first wrote about it in 2007. It offers features not found in any other mainline Linux filesystem, but reliability and performance problems have prevented its widespread adoption. There is at least one company that is using Btrfs on a massive scale, though: Facebook. At the 2020 Open Source Summit North America virtual event, Btrfs developer Josef Bacik described why and how Facebook has invested deeply in Btrfs and where the remaining challenges are.

The openSUSE Leap 15.2 release is now available; see the announcement for a long list of new features. "In general, software packages in the distribution grew by the hundreds. Data fusion, Machine Learning and AI aren't all that is new in openSUSE Leap 15.2; a Real-Time Kernel for managing the timing of microprocessors to ensure time-critical events are processed as efficiently as possible is available in this release."

Security updates have been issued by Debian (chromium and firefox-esr), Fedora (chromium and ntp), SUSE (ntp and unbound), and Ubuntu (libvncserver).

The LWN.net Weekly Edition for July 2, 2020 is available.

In what may have seemed like an April Fool's Day joke to some, Python creator Guido van Rossum recently floated the idea of bringing back the print statement—several months after Python 2, which had such a statement, reached its end of life. In fact, Van Rossum acknowledged that readers of his message to the python-ideas mailing list might be checking the date: "No, it's not April 1st." He was serious about the idea—at least if others were interested in having the feature—but he withdrew it fairly quickly when it became clear that there were few takers. The main reason he brought it up is interesting, though: the new parser for CPython makes it easy to bring back print from Python 2 (and before).

Stable kernels 5.7.7, 5.4.50, 4.19.131, 4.14.187, 4.9.229, and 4.4.229 have been released. They all contain important fixes and users should upgrade.

The Go programming language was first released in 2009, with its 1.0 release made in March 2012. Even before the 1.0 release, some developers criticized the language as being too simplistic, partly due to its lack of user-defined generic types and functions parameterized by type. Despite this omission, Go is widely used, with an estimated 1-2 million developers worldwide. Over the years there have been several proposals to add some form of generics to the language, but the recent proposal written by core developers Ian Lance Taylor and Robert Griesemer looks likely to be included in a future version of Go.

Security updates have been issued by Arch Linux (bind, chromium, freerdp, imagemagick, sqlite, and tomcat8), Debian (coturn, imagemagick, jackson-databind, libmatio, mutt, nss, and wordpress), Fedora (libEMF, lynis, and php-PHPMailer), Red Hat (httpd24-nghttp2), and SUSE (ntp, openconnect, squid, and transfig).

Firefox 78.0 has been released. This is an Extended Support Release (ESR). The Protections Dashboard has new features to track the number of breaches that were resolved from the dashboard and to see if any of your saved passwords may have been exposed in a breach. More details about this and other new features can be found in the release notes.

The PHP project has released the first alpha of PHP 8, which is slated for general availability in November 2020. This initial test release includes many new features such as just-in-time (JIT) compilation, new constructs like Attributes, and more. One of twelve planned releases before the general availability release, it represents a feature set that is still subject to change.

Security updates have been issued by Debian (coturn, drupal7, libvncserver, mailman, php5, and qemu), openSUSE (curl, graphviz, mutt, squid, tomcat, and unbound), Red Hat (chromium-browser, file, kernel, microcode_ctl, ruby, and virt:rhel), Slackware (firefox), and SUSE (mariadb-100, mutt, unzip, and xmlgraphics-batik).

Linux Mint 20 "Ulyana" has been released in Cinnamon, MATE, and Xfce editions. Linux Mint 20 is based on Ubuntu 20.04 and will be supported until 2025. Release notes are available for Cinnamon, MATE, and Xfce.

The next release of the Fedora distribution — Fedora 33 — is currently scheduled for the end of October. Fedora's nature as a fast-moving distribution ensures that each release will contain a number of attention-getting changes, but Fedora 33 is starting to look like it may be a bit more volatile than its immediate predecessors. Several relatively controversial changes are currently under discussion on the project's mailing lists; read on for a summary.

OpenSUSE Leap 15.2 is complete and ready for a planned release on July 2. Leap is the version based on SUSE Linux Enterprise, but with many updated packages; see the 15.2 features page for an overview of what's coming. "Leap 15.2 is filled with several containerization technologies like Singularity, which bring containers and reproducibility to scientific computing and the high-performance computing (HPC) world. Singularity first appeared in the Leap distribution in Leap 42.3 and provides functionality to build smallest minimal containers and runs the containers as single application environments. Another official package in Leap 15.2 is libcontainers-common, which allows the configuration of files and manpages shared by tools that are based on the github.com/containers libraries, such as Buildah, CRI-O, Podman and Skopeo. Docker containers and tooling make building and shipping applications easy and fast."

The Zephyr project is an effort to provide an open-source realtime operating system (RTOS) that is designed to bridge the gap between full-featured operating systems like Linux and bare-metal development environments. It's been over four years since Zephyr was publicly announced and discussed here (apparently to a bit of puzzlement). In this article, guest authors Martí Bolívar and Carles Cufí give an update on the project and its community as of its v2.3.0 release in June 2020; they also make some guesses about its near future.

Version 4.0 of the GnuCash finance manager is out. Significant changes include a command-line tool for performing a number of functions outside of the graphical interface, explicit support for accounts payable and accounts receivable, translation improvements, and more.

Security updates have been issued by Debian (libtasn1-6, libtirpc, mcabber, picocom, pngquant, trafficserver, and zziplib), Fedora (curl and xen), openSUSE (bluez, ceph, chromium, curl, grafana, grafana-piechart-panel,, graphviz, mariadb, and mercurial), Oracle (nghttp2), Red Hat (microcode_ctl), SUSE (mutt, python3-requests, and tomcat), and Ubuntu (glib-networking and mailman).

The third 5.8 kernel prepatch is out for testing. "Well, we had a big merge window, and we have a fairly big rc3 here too. The calm period for rc2 is clearly over. That said, I don't think there's anything _particularly_ scary in here, and the size of this rc is probably simply a direct result of the fact that 5.8 is a big release."

Ricardo Cañuelo Navarro describes the challenges associated with fuzzing complex device drivers with Syzkaller — and some solutions. "V4L2, however, is only supported in the sense that the involved system calls (including the myriad V4L2 ioctls) and data structures are described. This is already useful and, equipped with those descriptions, Syzkaller has been able to find many V4L2 bugs. But the fuzzing process contains a lot of randomness and, while that's a good thing in many cases when it comes to fuzzing, due to the complexity of the V4L2 API, simply randomizing the system calls and its inputs may not be enough to reach most of the code in some drivers, especially in drivers with complicated interfaces such as those based on the Request API, including stateless drivers."