Linux Weekly News

Security updates have been issued by Fedora (xen) and SUSE (flac and openexr).

Security updates have been issued by Debian (spip and sympa), Gentoo (c-ares, cherokee, curl, dbus, firefox, gdk-pixbuf, haproxy, libass, nss, openssl, pdns, pdns-recursor, php, samba, tomcat, and webkit-gtk), and SUSE (java-1_8_0-ibm, openexr, and python3).

The LWN.net Weekly Edition for December 24, 2020 is available.

A recent blog post from Purism—the company that developed PureOS to run on its security-focused hardware—celebrates three years of FSF endorsement of the Linux distribution. While this endorsement is an achievement that is not as highly valued by our communities as one might think, the work done to obtain and maintain that endorsement is useful even to those who disdain the FSF or disagree with its definition of what makes a distribution "free". While Purism and PureOS have been on our radar for a few years now, it seems worth a look at where things have gone with the distribution—and the company behind it.

Security updates have been issued by Debian (awstats and mediawiki), Fedora (mbedtls and pngcheck), openSUSE (firefox and thunderbird), Oracle (gnutls, go-toolset:ol8, pacemaker, postgresql:10, postgresql:12, and postgresql:9.6), and SUSE (clamav, groovy, jetty-minimal, and xen).

The Perl project has announced the election of the first steering council to serve under the project's new governance rules. Eight candidates put their names in; the winners were Ricardo Signes, Neil Bowers, and Sawyer X.

On November 29, version 1.7 of SymPy, a Python library for symbolic mathematics, was released. The new version brings a large number of enhancements and bug fixes, and some minor backward incompatibilities. While these are enumerated in detail in the release notes, we will take advantage of this opportunity to look at some of the things that can be done with SymPy and explore its interface options through several detailed examples.

Security updates have been issued by CentOS (kernel and thunderbird), Debian (openjdk-8 and webkit2gtk), Fedora (gdm, mingw-openjpeg2, and openjpeg2), Mageia (compat-openssl10, golang-googlecode-net, mbedtls, openssl, and virtualbox), openSUSE (ovmf and xen), Red Hat (kernel, mariadb-connector-c, mariadb:10.3, postgresql:10, and postgresql:9.6), and SUSE (ardana-cassandra, ardana-mq, ardana-osconfig, ardana-tempest, crowbar-core, crowbar-openstack, grafana, influxdb, openstack-cinder, openstack-heat, openstack-heat-gbp, openstack-heat-templates, openstack-horizon-plugin-gbp-ui, openstack-ironic-python-agent, openstack-manila, openstack-neutron, openstack-neutron-gbp, openstack-neutron-vpnaas, openstack-nova, python-Jinja2, python-pysaml2, python-pytest, python-urllib3, release-notes-suse-openstack-cloud, spark, ceph, crowbar-core, crowbar-openstack, grafana, influxdb, openstack-heat-templates, openstack-nova, python-Jinja2, firefox, java-1_7_0-ibm, java-1_7_1-ibm, PackageKit, and thunderbird).

Predictions are hard, as they say, especially when they are about the future. So perhaps your editor can be forgiven for not anticipating that 2020 would be the sort of year that makes one think nostalgically about trips to the dentist, waiting in a crowded motor-vehicle office, or crossing the Pacific in a row-47 middle seat. If only we had known how good we had it. Be that as it may, this year is finally coming to an end. Read on for a look back at the year, starting with the ill-advised predictions made in January.

Stable kernels 5.10.2, 5.9.16, and 5.4.85 have been released with important fixes. This is the last 5.9.y kernel, users should move to 5.10.y at this time.

Security updates have been issued by Debian (curl, influxdb, lxml, node-ini, php-pear, and postsrsd), Fedora (chromium, curl, firefox, matrix-synapse, mingw-jasper, phpldapadmin, and thunderbird), Mageia (openjpeg2), openSUSE (gcc7, openssh, PackageKit, python-urllib3, slurm_18_08, and webkit2gtk3), Oracle (fapolicydbug, firefox, nginx:1.16, nodejs:12, and thunderbird), Red Hat (libpq, openssl, and thunderbird), and SUSE (curl, firefox, openssh, ovmf, slurm_17_11, slurm_18_08, slurm_20_02, and xen).

Karsten Wade, who has served on the CentOS board among other things, has posted a blog entry on the CentOS change and its effects on users. "Providing our community with a solid, reliable distro that is good-enough for your workloads is a strong part of the CentOS brand. We’re confident that CentOS Stream can do this. And while I’m certain now that CentOS Linux cannot do what CentOS Stream can to solve the openness gap, I am confident that CentOS Stream can cover 95% (or so) of current user workloads stuck on the various sides of the availability gap. I believe that Red Hat will make solutions available as well that can cover other sides of the gap without too much user heartburn in the end." He is asking for input on what those solutions should look like.

When Linus Torvalds released the 5.10 kernel, he noted that the 5.11 merge window would run up against the holidays. He indicated strongly that maintainers should send him pull requests early as a result. Maintainers appear to have listened; over 10,000 non-merge changesets were pulled into the mainline in the first three days of the 5.11 merge window. Read on for a summary of the most significant changes in that flood of patches.

Security updates have been issued by Arch Linux (blueman, chromium, gdk-pixbuf2, hostapd, lib32-gdk-pixbuf2, minidlna, nsd, pam, and unbound), CentOS (gd, openssl, pacemaker, python-rtslib, samba, and targetcli), Debian (kernel, lxml, and mediawiki), Fedora (mbedtls), openSUSE (clamav and openssl-1_0_0), Oracle (firefox and openssl), Red Hat (openssl, postgresql:12, postgresql:9.6, and thunderbird), Scientific Linux (openssl and thunderbird), and SUSE (cyrus-sasl, openssh, slurm_18_08, and webkit2gtk3).

Device drivers usually live within a single kernel subsystem. Sometimes, however, developers need to handle functionalities outside of this model. Consider, for example, a network interface card (NIC) exposing both Ethernet and RDMA functionalities. There is one hardware block, but two drivers for the two functions. Those drivers need to work within their respective subsystems, but they must also share access to the same hardware. There is no standard way in current kernels to connect those drivers together, so developers invent ad-hoc methods to handle the interaction between them. Recently, Dave Ertman posted a patch set introducing a new type of a bus, called the "auxiliary bus", to address this problem.

Security updates have been issued by Debian (firefox-esr, sympa, thunderbird, tomcat8, and xerces-c), Fedora (fprintd, kernel, libfprint, and synergy), Mageia (bitcoin, dpic, firefox, jasper, jupyter-notebook, sam2p, thunderbird, and x11-server), Oracle (firefox, gd, kernel, net-snmp, openssl, python-rtslib, samba, and targetcli), Red Hat (fapolicyd, openshift, Red Hat Virtualization, and web-admin-build), SUSE (xen), and Ubuntu (unzip).

The LWN.net Weekly Edition for December 17, 2020 is available.

Python, at least in the CPython reference implementation, is not a particularly speedy language. That is not at all surprising to anyone who has used it—the language is optimized for understandability and development speed, instead. There have been lots of efforts over the years to speed up various parts of the interpreter, compiler, and virtual-machine bytecode execution, though no comprehensive overhaul has been merged into CPython. An interesting new proposal could perhaps change that, though it is unclear at this point if it will take off.

Version 4.0 of the GTK toolkit has been released. "It is impossible to summarize 4 years of development in a single post. We’ve written detailed articles about many of the new things in this release over the past year: Data transfers, Event controllers, Layout managers, Render nodes, Media playback, Scalable lists, Shaders, Accessibility." GTK 2 has reached the end of its life.

Stable kernels 5.9.15 and 5.4.84 have been released. They both contain important fixes and users should upgrade.