lwn.net

The Raspberry Pi project has announced a new version of Raspberry Pi OS. It includes a number of significant changes, the most notable of which is that the Raspberry Pi Desktop now uses Wayland by default for all Pi models using the labwc compositor:

For most of this year, we have been working on porting labwc to the Raspberry Pi Desktop. This has very much been a collaborative process with the developers of both labwc and wlroots: both have helped us immensely with their support as we contribute features and optimisations needed for our desktop.

This release also features Linux 6.6.51, improved touchscreen support, a new screen configuration tool called raindrop, and more. See the release notes for a full list of changes.

The kernel graphics driver for the Apple M1 and M2 GPUs is, rather famously, written in Rust, but it has achieved conformance with various graphics standards, which is also noteworthy. At the X.Org Developers Conference (XDC) 2024, Alyssa Rosenzweig gave an update on the status of the driver, along with some news about the kinds of games it can support (YouTube video, slides). There has been lots of progress since her talk at XDC last year (YouTube video), with, of course, still more to come.

The first stable release of the Thunderbird mail client for Android is now available:

Just over two years ago, we announced our plans to bring Thunderbird to Android by taking K-9 Mail under our wing. The journey took a little longer than we had originally anticipated and there was a lot to learn along the way, but the wait is finally over! For all of you who have ever asked "when is Thunderbird for Android coming out?", the answer is – today!

It is immediately available on the Google Play Store, via GitHub Releases, or from the Thunderbird web site, and it will be "coming soon" to the F-Droid repository for FOSS Android applications. See the release notes for detailed information about Thunderbird 8.0 for Android.

Security updates have been issued by AlmaLinux (buildah), Debian (python-git, texlive-bin, and xorg-server), Mageia (chromium-browser-stable), Red Hat (kernel), SUSE (Botan, go1.22-openssl, go1.23-openssl, grafana, libgsf, pcp, pgadmin4, python310-pytest-html, python313, xorg-x11-server, and xwayland), and Ubuntu (nano, python-urllib3, and xorg-server, xwayland).

Mozilla has announced the release of a new version of Firefox. This version has the usual mix of security fixes and new features, as well as a handful of deprecations. The release removes support for HTTP/2 Push, but adds hardware acceleration for SVGs, support for wide color gamuts on more platforms, and restores support for remote debugging via USB.

Fedora Linux 41 has been released. See the "what's new" pages for Fedora Workstation and Fedora KDE, to learn more about the latest in those editions. There is also a new Fedora Miracle Window Manager Spin that offers the Miracle tiling window manager for Wayland.

The first program that Martin Pool ever wrote, he said, had bugs; the ones he's writing now most likely have bugs too. The talk Pool gave at RustConf this year was about a way to try to write programs with fewer bugs. He has developed a tool called cargo-mutants that highlights gaps in test coverage by identifying functions that can be broken without causing any tests to fail. This can be a valuable complement to other testing techniques, he explained.

Security updates have been issued by Debian (exim4) and SUSE (chromium, openssl-1_1, and openssl-3).

A project called Flock has announced its existence. Flock is a fork of the Flutter user-interface toolkit project, motivated by frustration with the resources that Google is putting into Flutter.

We describe Flock as "Flutter+". In other words, we do not want, or intend, to fork the Flutter community. Flock will remain constantly up to date with Flutter. Flock will add important bug fixes, and popular community features, which the Flutter team either can't, or won't implement.

(LWN looked at flutter in 2020).

Debian Developer Russell Coker has written up an analysis of the remote exploit of CUPS announced in September:

He seems to have a different experience to me of reporting bugs, I have had plenty of success getting bugs fixed without hyping them. I just report the bug, wait a while, and it gets fixed. [...] I was quite confident that my systems wouldn't be at any risk.

When it was published my opinion was proven to be correct, it turned out to be a series of CUPS bugs.

The Open Source Initiative (OSI) has announced the release of version 1.0 of the Open Source AI Definition:

The OSAID offers a standard by which community-led, open and public evaluations will be conducted to validate whether or not an AI system can be deemed Open Source AI. This first stable version of the OSAID is the result of multiple years of research and collaboration, an international roadshow of workshops, and a year-long co-design process led by the Open Source Initiative (OSI).

LWN covered the OSAID process, and final release candidate, on October 25.

Sparrow Li presented virtually at RustConf 2024 about the current state of and future plans for the Rust compiler's performance. The compiler is relatively slow to compile large programs, although it has been getting better over time. The next big performance improvement to come will be parallelizing the compiler's parsing, type-checking, and related operations, but even after that, the project has several avenues left to explore.

Rong Xu and Han Shen described the kernel-optimization techniques that Google uses in the toolchains track at the 2024 Linux Plumbers Conference. They talked about automatic feedback-directed optimization (AutoFDO), which can be used with the Propeller optimizer to produce kernels with better performance using profile information gathered from real workloads. There is a fair amount of overlap between these tools and the BOLT post-link optimizer, which was the subject of a talk that directly preceded this session.

Security updates have been issued by AlmaLinux (kernel, python3.12, and python3.9), Debian (activemq, chromium, libheif, nss, and twisted), Fedora (chromium, dnsdist, dotnet8.0, edk2, glibc, libdigidocpp, mbedtls3.6, NetworkManager-libreswan, oath-toolkit, podman-tui, prometheus-podman-exporter, python-fastapi, python-openapi-core, python-platformio, python-rpyc, python-starlette, rust-pyo3, rust-pyo3-build-config, rust-pyo3-ffi, rust-pyo3-macros, rust-pyo3-macros-backend, suricata, thunderbird, and yarnpkg), Mageia (cpanminus, libgsf, mozjs78, redis, and thunderbird), Oracle (firefox, python3.12, python3.9, and python39:3.9 and python39-devel:3.9), Red Hat (edk2, grafana, httpd, httpd:2.4, and mod_jk), and SUSE (nodejs-electron, python3, python310, and python39).

Linus has released 6.12-rc5 for testing.

rc5 looks perfectly normal, and maybe even on the small side of normal. The diffstat looks nice and flat too, with the exception of the removal of the da8xx fbdev driver due to it having been replaced by the tilcdc driver. And I'm sure we're all thinking the same thing: "What lovely descriptive driver names we have".

The Open Source Initiative (OSI) has been working on defining Open Source AI—that is what constitutes an AI system that can be used, studied, modified, and shared for any purpose—for almost two years. Its board will be voting on the Open Source AI Definition (OSAID) on Sunday, October 27, with the 1.0 version slated to be published on October 28. It is never possible to please everyone in such an endeavor, and it would be folly to make that a goal. However, a number of prominent figures in the open-source community have voiced concerns that OSI is setting the bar too low with the OSAID—which will undo decades of community work to cajole vendors into adhering to or respecting the original Open Source Definition (OSD).

A pair of talks in the toolchains track at the 2024 Linux Plumbers Conference covered different tools that can be used to optimize the kernel. First up was Maksim Panchenko to describe the binary optimization and layout tool (BOLT) that Meta uses on its production kernels. It optimizes the kernel binary by rearranging it to improve its code locality for better performance. A subsequent article will cover the second talk, which looked at automatic feedback-directed optimization (AutoFDO) and other related techniques that are used to optimize Google's kernels.

Security updates have been issued by Debian (distro-info-data), Fedora (libtiff), Mageia (firefox and oath-toolkit), Red Hat (krb5), and SUSE (openssl-1_1).

Small objects can lead to large email threads. In this case, the GNU C Library (glibc) community has been having an extensive debate over the handling of zero-byte allocations. Specifically, what should happen when a program calls realloc() specifying a size of zero? This is, it seems, a topic about which some people, at least, have strong feelings.

Security updates have been issued by AlmaLinux (grafana, NetworkManager-libreswan, python3.11, and python39:3.9 and python39-devel:3.9), Fedora (dotnet6.0, koji, python-fastapi, python-openapi-core, python-platformio, python-starlette, rust-pyo3, rust-pyo3-build-config, rust-pyo3-ffi, rust-pyo3-macros, rust-pyo3-macros-backend, and yarnpkg), Oracle (grafana, kernel, linux-firmware, NetworkManager-libreswan, and python3.11), Slackware (php81), and SUSE (apache2, buildah, cups-filters, go1.21-openssl, podman, postgresql16, python-pyOpenSSL, and webkit2gtk3).