18 óra 43 perc óta
CalyxOS is an Android distribution that
claims a focus on privacy and security. So when
an
announcement from the project begins by saying "we want to assure
you that we have no reason to believe the security of CalyxOS and its
signing keys have been compromised", chances are that good things are
not happening.
In this case, it would appear that Nicholas Merrill, one of the founders of
the project, has left for unclear reasons, and CalyxOS is responding by
pausing all releases — and security updates — while its release process,
signing keys, and security protocols are reworked. The result will be no
updates for "four to six months". The project is recommending that
its users "should uninstall the OS" and wait for an all-clear
signal. CalyxOS may have its work cut out for it when the time comes to
try to convince those users to come back.
corbet
22 óra 17 perc óta
Debugging in Python is not like it is for some other languages, as there is
no way to attach a debugger to a running program to try to diagnose its
ills. Pablo Galindo Salgado noticed that when he started programming in
Python ten years ago or so; it bugged him enough that he helped fill the hole. The results will be delivered in October with Python 3.14.
At
EuroPython 2025, he
gave a characteristically fast-paced and humorous look at debugging and
what will soon be possible for Python debugging—while comparing it all to
medical diagnosis.
jake
22 óra 43 perc óta
Security updates have been issued by AlmaLinux (gdk-pixbuf2, glibc, kernel, kernel-rt, libxml2, and opentelemetry-collector), Fedora (firefox, mingw-opencv, moby-engine, varnish, webkitgtk, xen, and yarnpkg), Oracle (firefox, gdk-pixbuf2, glibc, kernel, libblockdev, libxml2, python-requests, python3.12-setuptools, and qt5-qt3d), Red Hat (libxml2, pcs, and sudo), and SUSE (agama, chromium, dpkg, ghostscript, iperf, kubo, libIex-3_3-32, libpoppler-cpp2, libsoup, libtiff-devel-32bit, nginx, python-urllib3, ruby2.5, tgt, traefik, and traefik2).
daroc
1 nap 20 óra óta
By some appearances, at least, the kernel community has been relatively
insulated from the onslaught of AI-driven software-development tools.
There has not been a flood of vibe-coded memory-management patches — yet.
But kernel development is, in the end, software development, and these
tools threaten to change many aspects of how software development is done.
In a world where companies are actively pushing their developers to use
these tools, it is not surprising that the topic is increasingly prominent
in kernel circles as well. There are currently a number of ongoing
discussions about how tools based on large language models (LLMs) fit into
the kernel-development community.
corbet
1 nap 21 óra óta
The release of Rust 1.89 has been
announced. Changes this time include
support for inferring the length of certain arrays, lint messages suggesting how to clarify potentially confusing uses of lifetime elision in function signatures, and improvements to the C ABI. The
full changelog is also available.
daroc
1 nap 21 óra óta
Security updates have been issued by AlmaLinux (glibc, kernel, libxml2, python-requests, and python-setuptools), Debian (chromium), Fedora (chromium, firefox, gdk-pixbuf2, iputils, libsoup3, libssh, perl, perl-Devel-Cover, perl-PAR-Packer, polymake, and poppler), Gentoo (Composer and Spreadsheet-ParseExcel), Oracle (glibc, kernel, libxml2, python-setuptools, sqlite, and virt:rhel and virt-devel:rhel), Red Hat (libxml2), SUSE (grub2, libarchive, libgcrypt, and python311), and Ubuntu (cifs-utils and poppler).
jake
2 nap 11 óra óta
Inside this week's LWN.net Weekly Edition:
- Front: Don't fear the TPM; Python performance; Offensive Debian packages; NNCPNET; 6.17 Merge window; Transparent huge pages; SilverBullet.
- Briefs: AUR malware; Secure boot; kbuild and kconfig maintenance; GPU drivers; NVIDIA on AlmaLinux; Proxmox 9.0; Quotes; ...
- Announcements: Newsletters, conferences, security updates, patches, and more.
corbet
2 nap 18 óra óta
The AlmaLinux project has announced
the availability of packages to enable native NVIDIA driver support,
including CUDA and Secure Boot, for AlmaLinux 9 and 10.
When AlmaLinux started just 5 years ago, this wouldn't have been
possible. With NVIDIA's open source version of their graphics drivers
things have changed. This open source version is slowly becoming the
flagship driver, with new products being added exclusively to it. With
the help of some incredible people in the open source ecosystem and
the AlmaLinux community, we were able to do something that has yet to
be done in the EL ecosystem - ship Secure Boot signed, open source,
NVIDIA kernel modules.
Full documentation is available
on the AlmaLinux wiki.
jzb
2 nap 19 óra óta
Daniel Almeida
continues
his look at graphics drivers on the Collabora blog.
The starting point is to understand that a kernel-mode GPU driver
connects a much larger UMD (user-mode driver) to the actual
GPU. The UMD will actually implement APIs like Vulkan, OpenGL,
OpenCL, and others. These APIs, in turn, will be used by actual
programs to describe their workload to the GPU. This includes
allocating and using not only the geometry and textures, but also
the shaders being used to process said data into the final
result. This means that a key aspect of GPU drivers is actually
allocating GPU memory to house data related to the current scene
being drawn so that it can actually be operated on by the hardware.
corbet
2 nap 20 óra óta
There is a great deal of misunderstanding, and some misinformation, about the
Trusted
Platform Module (TPM); to combat this, Debian developer Jonathan
McDowell would like to clear the air and help users understand what it
is good for, as well as what it's not. At DebConf25 in Brest, France,
he delivered a
talk about TPMs that explained what they are, why people might be
interested in using them, and how users might do so on a Debian
system.
jzb
2 nap 20 óra óta
Version
0.10.0 of the
Tuba
fediverse client has been released. Notable changes in this release
include a new post composer, an in-app web browser, search history,
and many other refinements. See this
thread for
more details and highlights.
jzb
2 nap 22 óra óta
For eight years, Masahiro Yamada has been the sole maintainer of the
kernel's build and configuration systems — two complex pieces of
infrastructure that many people interact with, but few truly understand.
Yamada has just
stepped
down from that position. Maintenance of the build system will be taken
up by Nathan Chancellor and Nicolas Schier (in the "odd fixes" capacity),
while the configuration system is now entirely unmaintained.
Thanks are due to Yamada for all that work, and to Chancellor and Schier
for stepping up. Hopefully a way will be found to better support these
important subsystems in the near future.
corbet
2 nap 23 óra óta
Security updates have been issued by AlmaLinux (kernel and python3.12-setuptools), Fedora (perl-Crypt-CBC and unbound), Gentoo (FontForge, GPL Ghostscript, Mozilla Network Security Service (NSS), and PAM), Oracle (gdk-pixbuf2, jq, kernel, mod_security, ncurses, python-requests, and python3-setuptools), Red Hat (python-requests and socat), SUSE (docker, kernel-livepatch-MICRO-6-0-RT_Update_2, kernel-livepatch-MICRO-6-0-RT_Update_4, kernel-livepatch-MICRO-6-0-RT_Update_5, kernel-livepatch-MICRO-6-0-RT_Update_6, kernel-livepatch-MICRO-6-0-RT_Update_7, kernel-livepatch-MICRO-6-0_Update_2, kernel-livepatch-MICRO-6-0_Update_4, kernel-livepatch-MICRO-6-0_Update_5, kernel-livepatch-MICRO-6-0_Update_6, kubeshark-cli, libgcrypt, pam-config, perl, python-requests, python311, and python313), and Ubuntu (linux-raspi).
jzb
3 nap 16 óra óta
Proxmox Virtual Environment 9.0, based on Debian 13
("trixie"), has been released. Notable
new features include snapshots for thick-provisioned LVM shared
storage, affinity rules for high availability (HA) clusters, and a
modernized mobile web interface for managing Proxmox systems. See the
release
notes and known
issues for more details about the release.
jzb
3 nap 19 óra óta
The use of huge pages can significantly increase the performance of many
workloads by reducing both memory-management overhead in the kernel and
pressure on the system's translation lookaside buffer (TLB). The addition
of transparent huge pages (THP) for the 2.6.38 kernel release in 2011
caused the kernel to allocate huge pages automatically to make their
benefits available to all workloads without any effort needed on the
user-space side. But it turns out that use of huge pages can make some
workloads slower as the result of internal memory fragmentation, so the THP
feature is often disabled. Two patch sets aimed at better targeting the
use of transparent huge pages are currently working their way through the
review process.
corbet
3 nap 21 óra óta
The
call for topics for
the 2025 Maintainers Summit has been posted. The Summit, to be held in
Tokyo on December 10, will involve around 30 developers gathered to
discuss development-process issues for the kernel. Anybody who is
interested in attending is encouraged to post a nomination along with the
topic they would like to discuss. Nominations and topics are best sent
before September 10.
The call for topics for the Kernel Summit, which runs as a Linux Plumbers Conference track, is also
out.
corbet
3 nap 22 óra óta
Antonio Cuni, who
is a longtime Python performance engineer and
PyPy developer, gave a presentation at
EuroPython
2025 about "Myths and fairy tales around Python performance" on
the first day of the conference in Prague. As might be guessed from the
title, he thinks that much of the conventional wisdom about Python
performance is misleading at best. With lots of examples, he showed where
the real problems that he sees lie. He has come to the conclusion that memory
management will ultimately limit what can be done about Python performance,
but he has an
early-stage project called
SPy that
might be a way toward a super-fast Python.
jake
3 nap 22 óra óta
Security updates have been issued by AlmaLinux (python-requests), Fedora (mingw-libxslt), Red Hat (gdk-pixbuf2, jq, kernel, mod_security, ncurses, nodejs:22, opentelemetry-collector, python-setuptools, python3-setuptools, python3.12-setuptools, qt5-qt3d, redis, redis:6, redis:7, sqlite, and unbound), SUSE (apache2, cairo, chromium, djvulibre, govulncheck-vulndb, grub2, java-11-openjdk, java-17-openjdk, liblua5_5-5, nvidia-open-driver-G06-signed, python, python310, python314, python39, redis, sqlite3, and systemd), and Ubuntu (apport, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-aws-fips, linux-azure-fips, linux-fips, linux-gcp-fips, linux-azure, and linux-oracle).
corbet
4 nap 21 óra óta
A pair of packages containing fortune "cookies" that were
deemed offensive have been removed from the upcoming Debian 13
("trixie") release. This has, of course, led to a lengthy discussion
and debate about what does, or does not, belong in the
distribution. It may also lead to a general resolution (GR) to decide
whether Debian's code
of conduct (CoC) applies to the contents of packages.
jzb
4 nap 22 óra óta
Security updates have been issued by AlmaLinux (java-21-openjdk, kernel, libxml2, and lz4), Debian (exempi, ruby-graphql, and sope), Fedora (binutils, chromium, gdk-pixbuf2, libsoup3, poppler, and reposurgeon), Mageia (glib2.0 and wxgtk), Oracle (jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base and libxml2), Red Hat (kernel, pandoc, pcs, qemu-kvm, redis, and rsync), SUSE (chromedriver, coreutils, cosign, docker, gdk-pixbuf-devel, glib2, gnutls, grub2, gstreamer-plugins-base, helm, ignition, java-21-openjdk, jbigkit, jq, kernel, kubernetes1.28, kwctl, libxml2, nvidia-open-driver-G06-signed, opensc, pam-config, protobuf, python310, tgt, and valkey), and Ubuntu (linux-iot).
jake
Ellenőrizve
19 perc 23 másodperc ago
LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
Feliratkozás a következőre: Linux Weekly News hírcsatorna