lwn.net

Mozilla has released Firefox 66.0. The release notes contain details. New in this release: Firefox now prevents websites from automatically playing sound, improved search experience, smoother scrolling, improved performance and better user experience for extensions, and more.

Stable kernels 5.0.3, 4.20.17, 4.19.30, 4.14.107, and 4.9.164 have been released with the usual set of important fixes. This is the last 4.20.y kernel and users should upgrade to 5.0.y at this time.

Security updates have been issued by CentOS (kernel), Debian (libjpeg-turbo, liblivemedia, neutron, and otrs2), Fedora (SDL), Gentoo (ntp), openSUSE (java-1_8_0-openjdk), Red Hat (cloud-init), Slackware (libssh2), SUSE (libssh2_org, nodejs10, and nodejs8), and Ubuntu (tiff).

Python versions 3.5.7 and 3.4.10 have been released. Both are in "security fixes only" mode and are source-only releases. This is the final release in the Python 3.4 series. The 3.4 branch has been retired, "no further changes to 3.4 will be accepted, and no new releases will be made.

Version 4 of the Solus distribution has been released. "We are proud to announce the immediate availability of Solus 4 Fortitude, a new major release of the Solus operating system. This release delivers a brand new Budgie experience, updated sets of default applications and theming, and hardware enablement." LWN reviewed Solus in 2016.

Security updates have been issued by Debian (ikiwiki, liblivemedia, linux-4.9, rdflib, and sqlalchemy), Fedora (advancecomp, kubernetes, mingw-poppler, and php), Mageia (ikiwiki), openSUSE (chromium, file, and sssd), Red Hat (ansible, openstack-ceilometer, and openstack-octavia), Scientific Linux (kernel), SUSE (galera-3, mariadb, mariadb-connector-c, java-1_8_0-ibm, kernel, nodejs10, openwsman, wireshark, and yast2-rmt), and Ubuntu (file, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, and linux-lts-xenial, linux-aws).

By the time that 5.1-rc1 was released and the 5.1 merge window ended, 11,241 non-merge changesets had been pulled into the mainline repository. Of those, just over 5,000 were pulled since the first 5.1 merge-window summary. It often happens that the biggest changes are pulled early, with the emphasis shifting to fixes by the end of the merge window; this time, though, some of the most significant features were saved for last.

Linus has released 5.1-rc1 and closed the merge window for this development cycle. "A somewhat recent development is how the tools/testing/ updates have been quite noticeable lately. That's not new to the 5.1 merge window, it's been going on for a while, but it's maybe just worth a mention that we have more new selftest changes than we have architecture updates, for example. The documentation subdirectory is also quite noticeable."

Remember the KNOPPIX distribution? KNOPPIX 8.5.0 has been released. It includes a 4.20 kernel, several desktop environments, the ADRIANE audio desktop, UEFI secure boot support, and more.

Your editor has never been a prolific blogger; a hard day in the LWN salt mines tends to reduce the desire to write more material for the net in the scarce free time that remains. But, still, sometimes the desire to post something that is not on-topic for LWN arises. Google+ has served as the outlet for such impulses in recent years, but Google has, in its wisdom, decided to discontinue that service. That leaves a bereft editor searching for alternatives for those times when the world simply has to hear his political opinions or yet another air-travel complaint, preferably one that won't vanish at the whim of some corporation. Recently, a simple blog-hosting system called WriteFreely came to light; it offers a platform that just might serve as a substitute for centralized offerings.

Here's a SUSE press release hyping its transition to being "the largest independent open-source company". "As it has for more than 25 years, SUSE remains committed to an open source development and business model and to actively participating in communities and projects to bring open source innovation to the enterprise as high-quality, reliable and usable solutions. This truly open, open source model refers to the flexibility and freedom of choice provided to customers and partners to create best-of-breed solutions that combine SUSE technologies with other products and technologies in their IT landscape through open standards and at different levels in their architecture, without forcing a locked-in stack."

Thomas Haller writes about the WireGuard integration in NetworkManager 1.16. "NetworkManager provides a de facto standard API for configuring networking on the host. This allows different tools to integrate and interoperate — from cli, tui, GUI, to cockpit. All these different components may now make use of the API also for configuring WireGuard. One advantage for the end user is that a GUI for WireGuard is now within reach." (See this article for more information on WireGuard.)

When Leaderless Debian was written, it seemed entirely plausible that there would still be no candidates for the project leader office even after the extended nomination deadline passed. It is now clear that there will be no need to extend the deadline further, since three candidates (Joerg Jaspert, Jonathan Carter, and Sam Hartman) have stepped forward. It seems likely that the wider discussion on the role of the Debian project leader will continue but, in the meantime, the office will not sit empty.

Security updates have been issued by Fedora (mingw-poppler and php), Mageia (apache, gnome-keyring, gnupg2, hiawatha, and rsyslog), openSUSE (libcomps and obs-service-tar_scm), and Ubuntu (libvirt and linux-lts-trusty).

The GNOME project has released GNOME 3.32, which is code named "Taipei". "This release brings a refreshed visual style, new icons, the demise of the 'application menu' and a new on-screen keyboard, among other things. Improvements to core GNOME applications include a shell extension for desktop icons, improved automation and reader mode in GNOME Web, an 'Application Permissions' panel, and many more." In addition, there is an experimental option for fractional scaling, improvements to GNOME Software, and more. See the release notes for more information.

Greg Kroah-Hartman has announced the release of the 5.0.2, 4.20.16, 4.19.29, 4.14.106, and 4.9.163 stable kernels. All contain the usual pile of important fixes; users of those series should upgrade.

Sharing a disk between users in Linux is awful. Different applications have different I/O patterns, they have different latency requirements, and they are never consistent. Throttling can help ensure that users get their fair share of the available bandwidth but, since most I/O is in the writeback path, it's often too late to throttle without putting pressure elsewhere on the system. Disks are all different as well. You have spinning rust, solid-state devices (SSDs), awful SSDs, and barely usable SSDs. Each class of device has its own performance characteristics and, even in a single class, they'll perform differently based on the workload. Trying to address all of these issues with a single I/O controller was tricky, but we at Facebook think that we have come up with a reasonable solution.

Security updates have been issued by Arch Linux (chromium), Debian (libsdl1.2 and libsdl2), Fedora (firefox), Gentoo (bind, glibc, openssl, oracle-jdk-bin, webkit-gtk, and xrootd), Mageia (kernel), openSUSE (freerdp, mariadb, and obs-service-tar_scm), Oracle (openssl), Red Hat (kernel, kernel-rt, openstack-ceilometer, openstack-octavia, and tomcat), Scientific Linux (cockpit, openssl, and tomcat), and SUSE (java-1_7_1-ibm and mariadb).

The LWN.net Weekly Edition for March 14, 2019 is available.

The Czech Republic top-level domain registrar, CZ.NIC, wondered about the safety of home routers, so it set out to gather some information on the prevalence of attacks against them. It turns out that one good way to do that is to create a home router that logs statistics and other information. Michal Hrušecký from CZ.NIC came to the 2019 Southern California Linux Expo (SCALE 17x) in Pasadena, CA to describe the experiment and how it grew into a larger project that makes and sells open-source routers.