lwn.net

The relatively large 5.14.6, 5.13.19, and 5.10.67 stable kernel updates have been released; each contains another set of important fixes. Note that this is the final update for the 5.13.x series.

Here's a post from Christian Schaller describing a number of the desktop-oriented improvements that can be expected in the Fedora 35 release.

And I know some people will wonder why we spent so much time working with NVidia around their binary driver, but the reality is that NVidia is the market leader, especially in the professional Linux workstation space, and there are lot of people who either would end up not using Linux or using Linux with X without it, including a lot of Red Hat customers and Fedora users. And that is what I and my team are here for at the end of the day, to make sure Red Hat customers are able to get their job done using their Linux systems.

Ariadne Conill looks at the difficulties caused by the OpenSSL 3 transition in the context of Alpine Linux.

For distributions, however, the story is different: cryptography moved to using Rust, because they wanted to leverage all of the static analysis capabilities built into the language. This, too, is a reasonable decision, from a development perspective. From the ecosystem perspective, however, it is problematic, as the Rust ecosystem is still rapidly evolving, and so we cannot support a single branch of the Rust compiler for an entire 2 year lifecycle, which means it exists in community. Our solution, historically, has been to hold cryptography at the latest version that did not require Rust to build. However, that version is not compatible with OpenSSL 3, and so it will eventually need to be upgraded to a new version which is. And so, since cryptography has to move to community, so does paramiko and Ansible.

The first day of the online Kangrejos conference was focused on introducing the effort to bring the Rust programming language into the Linux kernel. On the second day, conference organizer Miguel Ojeda shifted to presenting the Rust language itself with an emphasis on what Rust can provide for kernel development. The result was a useful resource for anybody who is curious about this project, but who has not yet had the time to become familiar with Rust.

Security updates have been issued by CentOS (firefox and thunderbird), Fedora (haproxy, wordpress, and xen), openSUSE (apache2-mod_auth_openidc, fail2ban, ghostscript, haserl, libcroco, nextcloud, and wireshark), Oracle (kernel and kernel-container), Slackware (httpd), SUSE (crmsh, gtk-vnc, libcroco, Mesa, postgresql12, postgresql13, and transfig), and Ubuntu (libgcrypt20, linux-gcp, linux-gcp-4.15, linux-hwe-5.4, linux-oem-5.13, python3.4, python3.5, and qtbase-opensource-src).

Four new stable kernels, 5.14.5, 5.13.18, 5.10.66, and 5.4.147, have been released. This, and the other stable kernels released today, consist of only some reverts to solve some reported problems with the last round of stable releases. Upgrading is not required, but highly recommended.

This ars technica article describes a problem with the Travis continuous-integration service:

A security flaw in Travis CI potentially exposed the secrets of thousands of open source projects that rely on the hosted continuous integration service. Travis CI is a software-testing solution used by over 900,000 open source projects and 600,000 users. A vulnerability in the tool made it possible for secure environment variables—signing keys, access credentials, and API tokens of all public open source projects—to be exfiltrated.

Any project storing secrets in this service would be well advised to replace them.

The first ever Rust for Linux conference, known as Kangrejos, got underway on September 13. Organizer Miguel Ojeda used the opening session to give an overview of why there is interest in using Rust in the kernel, where the challenges are, and what the current status is. The talk and following discussion provided a good overview of what is driving this initiative and where some of the sticking points might be.

Security updates have been issued by Debian (sssd), Fedora (libtpms and vim), openSUSE (kernel and php7-pear), Oracle (kernel), Slackware (curl), and Ubuntu (libgcrypt20 and squashfs-tools).

The LWN.net Weekly Edition for September 16, 2021 is available.

Back in January 2020, we looked at some oddities in Python's handling of Not a Number (NaN) values in its statistics module. The conversation went quiet after that, but it has been revived recently with an eye toward fixing the problems that were reported. As detailed in that earlier article, NaNs are rather strange beasts in the floating-point universe, so figuring out how best to deal with their presence is less straightforward than it might seem.

Stable kernels 5.14.4, 5.13.17, 5.10.65, and 5.4.146 have been released. There are important fixes throughout the tree and users should upgrade.

Security updates have been issued by Arch Linux (chromium, element-desktop, element-web, firefox, ghostscript, and hedgedoc), Fedora (kernel and openssl), openSUSE (ghostscript, htmldoc, and openssl-1_0_0), Oracle (libtirpc), Red Hat (cyrus-imapd, kernel, and kernel-rt), SUSE (ghostscript), and Ubuntu (apport, curl, and squashfs-tools).

The Roundup Issue Tracker is a flexible tool for managing issues via the web or email. However, Roundup is useful for more than web-based bug tracking or help-desk ticketing; it can be used as a simple wiki or to manage tasks with the Getting Things Done (GTD) methodology. The 20th-anniversary edition of Roundup, version 2.1.0, was released in July; it is a maintenance release, but there have been a number of larger improvements in the last year or so. Here we introduce Roundup's features along with the recent developments that have helped make Roundup even more useful for tracking issues to their resolution.

Security updates have been issued by openSUSE (libaom and nextcloud), Oracle (cyrus-imapd, firefox, and thunderbird), Red Hat (kernel and kpatch-patch), Scientific Linux (firefox and thunderbird), and Ubuntu (apport).

This release on PostgreSQL.org describes an ongoing disagreement over the PostgreSQL trademark:

In 2020, the PostgreSQL Core Team was made aware that an organization had filed applications to register the 'PostgreSQL' and 'PostgreSQL Community' trademarks in the European Union and the United States, and had already registered trademarks in Spain. The organization, a 3rd party not-for-profit corporation in Spain called 'Fundación PostgreSQL,' did not give any indication to the PostgreSQL Core Team or PGCAC that they would file these applications.

Linus Torvalds released 5.15-rc1 and closed the merge window for this release on September 12; at that point, 10,471 non-merge changesets had found their way into the mainline repository. Those changesets contain a lot of significant changes and improvements. Read on for a summary of what came into the mainline in the roughly 7,000 changesets pulled since our first-half summary was written.

Security updates have been issued by Debian (qemu and thunderbird), Fedora (chromium, firefox, and mosquitto), openSUSE (apache2-mod_auth_openidc, gifsicle, openssl-1_1, php7-pear, and wireshark), Oracle (oswatcher), Red Hat (cyrus-imapd, firefox, and thunderbird), SUSE (apache2-mod_auth_openidc, compat-openssl098, php7-pear, and wireshark), and Ubuntu (git and linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-hwe, linux-kvm, linux-oracle, linux-snapdragon).

Version 11.1 of the GDB debugger is out. There are a number of new features, and somebody will surely be disappointed to see that support for debugging Arm Symbian programs has been removed.

Linus has released 5.15-rc1 and closed the merge window for this development cycle.

So 5.15 isn't shaping up to be a particularly large release, at least in number of commits. At only just over 10k non-merge commits, this is in fact the smallest rc1 we have had in the 5.x series. We're usually hovering in the 12-14k commit range.

That said, counting commits isn't necessarily the best measure, and that might be particularly true this time around. We have a few new subsystems, with NTFSv3 and ksmbd standing out.