Linux Weekly News

Version 4.0.0 of the darktable raw photo editor has been released. "The UI has been completely revamped again to improve look and consistency. Padding, margins, color, contrast, alignment, and icons have been reworked throughout". Other changes include new exposure and color-calibration modules, a reworked "filmic" color-mapping module, guided laplacian highlight reconstruction, and more. (LWN looked at darktable in January).

The 5.18.9, 5.15.52, 5.10.128, 5.4.203, 4.19.250, 4.14.286, and 4.9.321 stable kernel updates have all been released; each contains yet another set of important fixes.

The CPU scheduler's job has never been easy; it must find a way to allocate CPU time to all tasks in the system that is fair, allows all tasks to progress, and maximizes the throughput of the system as a whole. More recently, it has been called upon to satisfy another constraint: minimizing the system's energy consumption. There is currently a patch set in circulation, posted by Vincent Donnefort with work from Dietmar Eggemann as well, that changes how this constraint is met. The actual change is small, but it illustrates how hard it can be to get the needed heuristics right.

Security updates have been issued by Debian (firefox-esr, isync, kernel, and systemd), Fedora (chromium, curl, firefox, golang-github-vultr-govultr-2, and xen), Mageia (openssl, python-bottle, and python-pyjwt), Red Hat (compat-openssl10, curl, expat, firefox, go-toolset-1.17 and go-toolset-1.17-golang, go-toolset:rhel8, kernel, kpatch-patch, libarchive, libgcrypt, libinput, libxml2, pcre2, php:7.4, php:8.0, qemu-kvm, ruby:2.6, thunderbird, and vim), and Ubuntu (curl, libjpeg6b, and vim).

The Software Freedom Conservancy (SFC) has issued a strong call for free software projects to give up GitHub and to move their repositories elsewhere. There are a number of problems that SFC has identified with the GitHub code-hosting service and, in particular, with its Copilot AI-based code-writing tool that was trained on the community's code stored in the company's repositories. Moving away from GitHub will not be easy, SFC said, but it is important to do so lest the free-software community repeat the SourceForge mistake. Specifically, we at Software Freedom Conservancy have been actively communicating with Microsoft and their GitHub subsidiary about our concerns with "Copilot" since they first launched it almost exactly a year ago. Our initial video chat call (in July 2021) with Microsoft and GitHub representatives resulted in several questions which they said they could not answer at that time, but would "answer soon". [...] Last week, after we reminded GitHub of (a) the pending questions that we'd waited a year for them to answer and (b) of their refusal to join public discussion on the topic, they responded a week later, saying they would not join any public nor private discussion on this matter because "a broader conversation [about the ethics of AI-assisted software] seemed unlikely to alter your [SFC's] stance, which is why we [GitHub] have not responded to your [SFC's] detailed questions". In other words, GitHub's final position on Copilot is: if you disagree with GitHub about policy matters related to Copilot, then you don't deserve a reply from Microsoft or GitHub. They only will bother to reply if they think they can immediately change your policy position to theirs. But, Microsoft and GitHub will leave you hanging for a year before they'll tell you that!

Version 1.62.0 of the Rust language has been released. Changes include a new cargo add command, default enum variants, an improved Linux mutex implementation, a number of stabilized APIs, and more.

The kernel does not lack for memory allocators, so one might well question the need for yet another one. As this patch set from Alexei Starovoitov makes clear, though, the BPF subsystem feels such a need. The proposed new allocator is intended to increase the reliability of allocations made within BPF programs, which might be run in just about any execution context.

Security updates have been issued by Debian (firefox-esr, firejail, and ublock-origin), Fedora (chromium, firefox, thunderbird, and vim), Mageia (kernel and kernel-linus), Oracle (389-ds-base and python-virtualenv), SUSE (chromium), and Ubuntu (cloud-init).

The LWN.net Weekly Edition for June 30, 2022 is available.

On the first day of the 2022 Linux Security Summit North America (LSSNA) in Austin, Texas, Stéphane Graber and Christian Brauner gave a presentation on using system-call interception for container security purposes. The idea is to allow unprivileged containers, those without elevated privileges on the host, to still accomplish their tasks, some of which require privileges. A fair amount of work has been done to make this viable, but there is still more to do.

CODE 22.05 has been released; this is the "developer edition" of the Collabora Online offering formerly known as LibreOffice Online.

CODE 22.05 is preceding the next major release of our long-term supported business suite Collabora Online. This free developer version includes all features and enhancements that will be available in our enterprise version, expected later in July. The CODE releases allow every interested user to learn and test new features on an early stage.

New features include support for external grammar checkers, the ability to have 16,000 columns in a spreadsheet (which is evidently useful to somebody), sparkline plots, support for WebP graphics, and more.

Philip Herron has posted an update on the status of the GCC front-end compiler for the Rust language.

For some context, my current project plan brings us to November 2022 where we (unexpected events permitting) should be able to support valid Rust code targeting Rustc version ~1.40 and reuse libcore, liballoc and libstd. This date does not account for the borrow checker feature and the proc macro crate, which we have a plan to implement, but this will be a further six-month project.

The 5.18.8, 5.15.51, 5.10.127, and 5.4.202 stable kernel updates have been released; each contains another set of important fixes.

Version 102 of the Thunderbird email client has been released.

It features refreshed icons, color folders, and quality-of-life upgrades like the redesigned message header. It ushers in a brand new Address Book to bring you closer than ever to the people you communicate with. Plus useful new tools to help you manage your data, navigate the app faster, and boost your productivity. We’re even bringing Matrix to the party.

Security updates have been issued by Debian (blender, libsndfile, and maven-shared-utils), Fedora (openssl), Red Hat (389-ds-base, kernel, kernel-rt, kpatch-patch, and python-virtualenv), Scientific Linux (389-ds-base, kernel, python, and python-virtualenv), and Slackware (curl, mozilla, and openssl).

Version 9.0 of the Vim text editor has been released. The biggest change would appear to be the addition of the "Vim9 Script" language for editor customization:

The main goal of Vim9 script is to drastically improve performance. This is accomplished by compiling commands into instructions that can be efficiently executed. An increase in execution speed of 10 to 100 times can be expected. A secondary goal is to avoid Vim-specific constructs and get closer to commonly used programming languages, such as JavaScript, TypeScript and Java.

In something of an Open Source Summit tradition, Linus Torvalds and Dirk Hohndel sit down for a discussion on various topics related to open source and, of course, the Linux kernel. Open Source Summit North America (OSSNA) 2022 in Austin, Texas was no exception, as they reprised their keynote on the first day of the conference. The headline-grabbing part of the chat was Torvalds's declaration that Rust for Linux might get merged as soon as the next merge window, which opens in just a few weeks, but there was plenty more of interest there.

Version 102.0 of the Firefox browser is out. Changes include the ability to disable the panel that otherwise materializes on every download and the stripping of certain query parameters in extended tracking protection mode. The stripping will be the default for private browsing in the next release.

Security updates have been issued by Debian (nodejs and squid), Fedora (uboot-tools), Red Hat (kernel-rt, kpatch-patch, and python), SUSE (drbd, openssl-1_0_0, oracleasm, and rubygem-rack), and Ubuntu (curl).

Version 2.37.0 of the Git source-code management system has been released. Highlights include a new object-pruning mechanism called "cruft packs", full integration of the sparse index, and more; see this GitHub blog post for more information.