lwn.net

Docker and other container engines can greatly simplify many aspects of deploying a server-side application, but numerous applications consist of more than one container. Managing a group of containers only gets harder as additional applications and services are deployed; this has led to the development of a class of tools called container orchestrators. The best-known of these by far is Kubernetes; the history of container orchestration can be divided into what came before it and what came after.

Security updates have been issued by Oracle (kernel and kernel-container), SUSE (bluez, gimp, rubygem-rails-html-sanitizer, systemd-presets-common-SUSE, and u-boot), and Ubuntu (libxslt).

The Electronic Frontier Foundation has announced that it is representing cryptography professor Matthew Green, who has chosen to republish the sanctioned Tornado Cash open-source code as a GitHub repository. EFF’s most central concern about OFAC’s [US Office of Foreign Assets Control] actions arose because, after the SDN [Specially Designated Nationals] listing of “Tornado Cash,” GitHub took down the canonical repository of the Tornado Cash source code, along with the accounts of the primary developers, including all their code contributions. While GitHub has its own right to decide what goes on its platform, the disappearance of this source code from GitHub after the government action raised the specter of government action chilling the publication of this code.

In keeping with our longstanding defense of the right to publish code, we are representing Professor Matthew Green, who teaches computer science at the Johns Hopkins Information Security Institute, including applied cryptography and anonymous cryptocurrencies. Part of his work involves studying and improving privacy-enhancing technologies, and teaching his students about mixers like Tornado Cash. The disappearance of Tornado Cash’s repository from GitHub created a gap in the available information on mixer technology, so Professor Green made a fork of the code, and posted the replica so it would be available for study. The First Amendment protects both GitHub’s right to host that code, and Professor Green’s right to publish (here republish) it on GitHub so he and others can use it for teaching, for further study, and for development of the technology.

The 2022 election for members of the Linux Foundation Technical Advisory Board (TAB) will be held during the Linux Plumbers Conference, September 12 to 14. The TAB represents the kernel-development community to the Linux Foundation (and beyond) and holds a seat on the Foundation's board of directors. The call for nominees for this year's election has gone out; the deadline for nominations is September 12.

Serving on the TAB is an opportunity to help the community; interested members are encouraged to send in a nomination.

Version 1.9.0 of the public-inbox email archive manager has been released. Improvements include a POP3 server, a new multi-protocol "superserver", some search improvements, and performance improvements. (LWN looked at public-inbox in 2018).

The DAMON subsystem, which entered the kernel during the 5.15 release cycle, uses various heuristics to determine which pages of memory are in active use. Since the beginning, the intent has been to use this information to influence memory management. The 6.0 kernel contains another step in this direction, giving DAMON the ability to actively reorder pages on the kernel's least-recently-used (LRU) lists.

Security updates have been issued by Debian (jetty9 and kicad), Fedora (community-mysql and trafficserver), Gentoo (chromium, gettext, tomcat, and vim), Mageia (apache-mod_wsgi, libitrpc, libxml2, teeworlds, wavpack, and webkit2), Red Hat (podman), Slackware (vim), SUSE (java-1_8_0-openjdk, nodejs10, open-iscsi, rsync, and trivy), and Ubuntu (exim4).

The second 6.0 kernel prepatch is out for testing. "The most noticeable fix in here is likely the virtio reverts that fixed the problem people had with running tests on the google cloud VMs, which was the 'pending issue' that we had noticed just as the merge window was closing".

The 5.19.3, 5.18.19, 5.15.62, and 5.10.137 stable kernel updates have been released; each contains more important fixes. The 5.18.x series ends with 5.18.19.

It is fair to say that some projects are rather more concerned about preserving ABI compatibility than others; the GNU C Library (glibc) project stands out even among those that put a lot of effort into preserving interface stability, So it may be a bit surprising that a recent glibc change is being blamed for breaking a number of applications, most of which are proprietary games. There is, it seems, a class of glibc changes that can break applications, but which are not deemed to be ABI changes.

Security updates have been issued by Debian (ruby-tzinfo), Mageia (nvidia-current and nvidia390), SUSE (python-PyYAML, ucode-intel, and zlib), and Ubuntu (linux-aws, postgresql-10, postgresql-12, postgresql-14, and rsync).

There was a time when care had to be taking when buying hardware if the goal was to run Linux on it. The situation has improved considerably in recent decades, and unsupported hardware is more the exception than the rule. That has, for many years, been especially true of Intel hardware; that company has made a point of ensuring that its offerings work with Linux. So it is a bit surprising that the IPU6 image processor shipped with Alder Lake CPUs lacks support in Linux, and is unlikely to get it anytime soon. The problem highlighted here goes beyond just Intel, though.

The Document Foundation has announced the release of LibreOffice 7.4 Community, which is the community-supported version of the open-source office suite. Version 7.4 comes with new features for the suite as a whole (WebP and EMZ/WMZ support, ...), the Writer word-processor (better change tracking and hyphenation settings, ...), the Calc spreadsheet (16K columns, ...), and more. "Development is now focused on interoperability with Microsoft’s proprietary file formats, and many new features are targeted at users migrating from MS Office". More information can be found in the release notes.

Version 5.1.0 of the Krita painting program is out. "Krita 5.1 comes with a ton of smaller improvements and technical polish. This release sees updates to usability across the board, improved file format handling, and a whole lot of changes to the selection and fill tools."

Version 1.8 of the Julia language has been released. Changes include typed globals, a new default thread scheduler, some new profiling tools, and more.

Security updates have been issued by Debian (chromium, epiphany-browser, freecad, and schroot), Fedora (freeciv, microcode_ctl, qemu, and rsync), Oracle (httpd), SUSE (aws-efs-utils, python-ansi2html, python-py, python-pytest-html, python-pytest-metadata, python-pytest-rerunfailures, python-coverage, python-oniconfig, python-unittest-mixins, bluez, curl, gnutls, kernel, ntfs-3g_ntfsprogs, podman, and ucode-intel), and Ubuntu (zlib).

The LWN.net Weekly Edition for August 18, 2022 is available.

On August 8, the US government sanctioned the Tornado Cash cryptocurrency mixer for money laundering. The sanction means that no US citizen or company can interact with Tornado Cash in any way, all assets of the organization are to be reported so that they can be seized, and more. But at the core of Tornado Cash is a chunk of open-source code for "smart contracts" that run in the Ethereum blockchain; that code was "seized" as well. There are some disturbing implications here for our communities.

The massive 5.19.2 (1,157 patches), 5.18.18 (1,094 patches), and 5.15.61 (778 patches) stable updates have been released; each contains a lot of important fixes.

Security updates have been issued by Debian (epiphany-browser, net-snmp, webkit2gtk, and wpewebkit), Fedora (python-yara and yara), Red Hat (kernel and kpatch-patch), SUSE (ceph, compat-openssl098, java-1_8_0-openjdk, kernel, python-Twisted, rsync, and webkit2gtk3), and Ubuntu (pyjwt and unbound).