Hírolvasó

[$] Systemd takes steps toward a more secure boot process

Linux Weekly News
8 hónap 3 hét óta

The systemd project has been working for some time on promoting unified kernel images (UKIs), a format that bundles a kernel, initial disk image, kernel command line, and other associated data into a single file. The advantage of the format is the ability to authenticate the entire collection with secure boot, which makes it easier for end users to know that their operating system hasn't been tampered with. The downside is the lack of flexibility and increase in disk usage, since all of the things packaged in a UKI must be updated together. But the recent systemd 257 release (along with other changes to be covered in a future article) includes some major changes to the UKI format, and the rest of the boot process, that partially mitigate those downsides. The release also includes improvements for hardware-locked disk encryption, which may also help secure some computers.

daroc

[$] Tim Peters returns to the Python community

Linux Weekly News
8 hónap 3 hét óta
In the past, suspensions of Python core developers have effectively been permanent because the recipients of the punishment chose not to return. Things have played out quite differently after Tim Peters was suspended for three months back in August; Peters has been posting to the Python discussion forum since his suspension ended in early November and, generally, getting back to work as usual. That does not mean that he—or others in the community—have accepted the way he was treated, but he has largely made his peace with it. The incident is still reverberating through the Python world, however.
jake

Security updates for Monday

Linux Weekly News
8 hónap 3 hét óta
Security updates have been issued by Debian (gst-plugins-base1.0, libxstream-java, php-laravel-framework, python-urllib3, and sqlparse), Fedora (chromium, libcomps, libdnf, mingw-directxmath, mingw-gstreamer1, mingw-gstreamer1-plugins-bad-free, mingw-gstreamer1-plugins-base, mingw-gstreamer1-plugins-good, mingw-orc, ofono, prometheus-podman-exporter, python3-docs, python3.13, and webkitgtk), Mageia (mozjs78, thunderbird, and tomcat, tomcat packages), SUSE (aalto-xml, flatten-maven-plugin, jctools, moditect, netty, netty-tcnative, chromedriver, govulncheck-vulndb, grpc, kernel, python-aiohttp, python-python-sql, and vim), and Ubuntu (linux, linux-gkeop, linux-ibm, linux-ibm-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle-5.15 and linux-aws, linux-aws-5.4, linux-bluefield, linux-ibm, linux-ibm-5.4, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp).
jake

Kernel prepatch 6.13-rc4

Linux Weekly News
8 hónap 3 hét óta
Linus has released 6.13-rc4 for testing. "So this definitely is looking a bit smaller than most rc4s, and I expect (and hope) that rc5 will be absolutely tiny because you should all already be relaxing over the xmas holidays. But hey, if somebody is out there keeping the lights on, please do keep testing."
corbet

Darktable 5.0.0 released

Linux Weekly News
8 hónap 3 hét óta

Version 5.0.0 of the darktable photography workflow application has been released. Major changes in this release include user-interface/user-experience (UI/UX) improvements, speed improvements for bulk operations, and the addition of a inter-script-communication event to allow a running script to send messages to another running script. LWN last looked at darktable in 2022.

jzb

Stenberg: Dropping hyper

Linux Weekly News
8 hónap 3 hét óta
Curl maintainer Daniel Stenberg announces that the curl project will be dropping hyper, its experimental HTTP backend written in Rust, due to lack of developer interest.

While the experiment itself is deemed a failure, I think we learned from it and improved curl in the process. We had to rethink and reassess several implementation details when we aligned HTTP behavior with hyper. libcurl parses and handles HTTP stricter now. Better.

corbet

Grml 2024.12 released

Linux Weekly News
8 hónap 3 hét óta

Version 2024.12 of the Debian-based Grml live Linux system for system administrators has been released. Grml 2024.12 uses packages from the upcoming Debian 13 ("trixie") release. It drops support for 32-bit x86 PCs and gains support for 64-bit ARM CPUs. See the release notes for a full list of changes and new features.

jzb

[$] Process creation in io_uring

Linux Weekly News
8 hónap 3 hét óta
Back in 2022, Josh Triplett presented a plan to implement a "spawn new process" functionality in the io_uring subsystem. There was a fair amount of interest at the time, but developers got distracted, and the work did not progress. Now, Gabriel Krisman Bertazi has returned with a patch series updating and improving Triplett's work. While interest in this functionality remains, it may still take some time before it is ready for merging into the mainline.
corbet

Security updates for Friday

Linux Weekly News
8 hónap 3 hét óta
Security updates have been issued by Debian (chromium and gunicorn), Fedora (jupyterlab), Oracle (bluez, containernetworking-plugins, edk2:20220126gitbb1bba3d77, edk2:20240524, gstreamer1-plugins-base, gstreamer1-plugins-good, kernel, libsndfile, libsndfile:1.0.31, mpg123, mpg123:1.32.9, pam, python3.11-urllib3, skopeo, tuned, and unbound:1.16.2), SUSE (avahi, docker, emacs, govulncheck-vulndb, haproxy, kernel, libmozjs-128-0, python-grpcio, python310-xhtml2pdf, sudo, and tailscale), and Ubuntu (dpdk, linux-hwe-5.15, and linux-iot).
jzb