Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 2 hours 41 min ago

[$] News from PHP: releases, features, and syntax

Wednesday 16th of September 2020 11:25:40 PM
As the PHP project nears its 8.0 release, which is currently slated for late November, there are a number of interesting things to report from its development mailing list. For one, the syntax of the attributes feature has finally been settled on after an acrimonious debate largely over the minutiae of the voting process. In addition, some releases were made and a new proposal to add any() and all() as core library functions was discussed.

[$] Key signing in the pandemic era

Wednesday 16th of September 2020 11:19:07 PM
The pandemic has changed many things in our communities, even though distance has always played a big role in free software development. Annual in-person gatherings for conferences and the like are generally paused at the moment, but even after travel and congregating become reasonable again, face-to-face meetings may be less frequent. There are both positives and negatives to that outcome, of course, but some rethinking will be in order if that comes to pass. The process of key signing is something that may need to change as well; the Debian project, which uses signed keys, has been discussing the subject.

GNOME 3.38 released

Wednesday 16th of September 2020 02:58:40 PM
Version 3.38 of the GNOME desktop environment is out. "This release brings a new Welcome tour, improved grouping and reordering of applications in the overview, better fingerprint enrollment, deeper systemd integration, and more." See the release notes for details.

Security updates for Wednesday

Wednesday 16th of September 2020 02:49:31 PM
Security updates have been issued by Fedora (libssh, python35, and xen), Oracle (kernel), Red Hat (librepo and mysql:8.0), SUSE (perl-DBI), and Ubuntu (Apache Log4j, Apache XML-RPC, bsdiff, libdbi-perl, luajit, milkytracker, OpenJPEG, ruby-loofah, and ruby-websocket-extensions).

[$] BPF in GCC

Tuesday 15th of September 2020 11:46:37 PM
The BPF virtual machine is being used ever more widely in the kernel, but it has not been a target for GCC until recently. BPF is currently generated using the LLVM compiler suite. Jose E. Marchesi gave a pair of presentations as part of the GNU Tools track at the 2020 Linux Plumbers Conference (LPC) that provided attendees with a look at the BPF for GCC project, which started around a year ago. It has made some significant progress, but there is, of course, more to do.

Moment.js announces legacy status

Tuesday 15th of September 2020 03:02:03 PM

Moment.js, the de facto standard JavaScript library for date and time manipulation, has announced that "we would like to discourage Moment from being used in new projects going forward." The project cited multiple reasons for the recommendation. The first is that moment objects are mutable; another is the unnecessarily large size of the library when compared to other internationalization and time-zone support options available to modern browsers. According to the post, "we now generally consider Moment to be a legacy project in maintenance mode. It is not dead, but it is indeed done." The project offers multiple recommendations of alternative options, including "the evolution of Moment", Luxon, authored by long-time Moment.js contributor Isaac Cambron.

Security updates for Tuesday

Tuesday 15th of September 2020 02:44:44 PM
Security updates have been issued by CentOS (dovecot), Debian (gnome-shell and teeworlds), Mageia (libetpan and zeromq), openSUSE (libxml2), Red Hat (chromium-browser and librepo), SUSE (compat-openssl098, firefox, kernel, openssl, and shim), and Ubuntu (gupnp).

[$] Modernizing the tasklet API

Monday 14th of September 2020 03:39:54 PM
Tasklets offer a deferred-execution method in the Linux kernel; they have been available since the 2.3 development series. They allow interrupt handlers to schedule further work to be executed as soon as possible after the handler itself. The tasklet API has its shortcomings, but it has stayed in place while other deferred-execution methods, including workqueues, have been introduced. Recently, Kees Cook posted a security-inspired patch set (also including work from Romain Perier) to improve the tasklet API. This change is uncontroversial, but it provoked a discussion that might lead to the removal of the tasklet API in the (not so distant) future.

Security updates for Monday

Monday 14th of September 2020 02:56:05 PM
Security updates have been issued by CentOS (thunderbird), Debian (libproxy, qemu, and wordpress), Fedora (ansible, chromium, community-mysql, dotnet-build-reference-packages, dotnet3.1, drupal7, grub2, java-1.8.0-openjdk-aarch32, kernel, kernel-headers, kernel-tools, mingw-gnutls, php-symfony4, python-django, and selinux-policy), Gentoo (DBI, file-roller, gnome-shell, gst-rtsp-server, nextcloud-client, php, proftpd, qtgui, and zeromq), openSUSE (gimp, libjpeg-turbo, openldap2, python-Flask-Cors, and slurm), Oracle (.NET Core 3.1, dovecot, go-toolset:ol8, httpd:2.4, and kernel), Red Hat (dovecot, httpd24-httpd, httpd:2.4, and mysql:8.0), and Slackware (thunderbird).

Kernel prepatch 5.9-rc5

Monday 14th of September 2020 01:15:19 PM
The 5.9-rc5 kernel prepatch is out for testing. "So aside from the smoke from the fires, and a performance regression I'm still looking at, things look normal."

Lots of stable kernel updates

Saturday 12th of September 2020 08:50:16 PM
Today's crop of stable kernel updates includes 5.8.9, 5.4.65, 4.19.145, 4.14.198, 4.9.236, and 4.4.236. Each contains another set of important fixes.

[$] OpenPGP in Rust: the Sequoia project

Friday 11th of September 2020 04:06:39 PM
In 2018, three former GnuPG developers began work on Sequoia, a new implementation of OpenPGP in Rust. OpenPGP is an open standard for data encryption, often used for secure email; GnuPG is an implementation of that standard. The GPLv2-licensed Sequoia is heading toward version 1.0, with a handful of issues remaining to be addressed. The project's founders believe that there is much to be desired in GnuPG, which is the de facto standard implementation of OpenPGP today. They hope to fix this with a reimplementation of the specification using a language with features that will help protect users from common types of memory bugs.

Security updates for Friday

Friday 11th of September 2020 02:05:41 PM
Security updates have been issued by Debian (python-pip), Fedora (kernel, libX11, and xen), openSUSE (go1.14), Oracle (libcroco, php:7.3, and postgresql:10), Red Hat (chromium-browser and httpd:2.4), and SUSE (gimp, golang-github-prometheus-prometheus, kernel, libxml2, pdsh, slurm_20_02, slurm, slurm_18_08, and tomcat).

[$] Android kernel notes from LPC 2020

Thursday 10th of September 2020 04:55:25 PM
In its early days, the Android project experienced a high-profile disconnect with the kernel community. That situation has since improved considerably, but there are still differences between Android kernels and the mainline. As a result, it is not possible to run Android on a vanilla kernel. That situation continues to improve, though; much evidence to that effect was on display during the Android microconference at the 2020 Linux Plumbers Conference. Several sessions there showed the progress that is being made toward unifying the Android and mainline kernels — and the places where there is still some work to be done.

Security updates for Thursday

Thursday 10th of September 2020 01:33:04 PM
Security updates have been issued by Arch Linux (ark, gnupg, go, opendmarc, and python-django), Debian (libxml2), Gentoo (chromium), Oracle (librepo and thunderbird), Red Hat (dovecot and httpd:2.4), SUSE (avahi, kernel, and openldap2), and Ubuntu (xorg-server).

[$] LWN.net Weekly Edition for September 10, 2020

Thursday 10th of September 2020 12:30:11 AM
The LWN.net Weekly Edition for September 10, 2020 is available.

[$] Preparing for the realtime future

Wednesday 9th of September 2020 10:47:54 PM
Unlike many of the previous gatherings of the Linux realtime developers, their microconference at the virtual 2020 Linux Plumbers Conference had a different feel about it. Instead of being about when and how to get the feature into the mainline, the microconference had two sessions that looked at what happens after the realtime patches are upstream. That has not quite happened yet, but is likely for the 5.10 kernel, so the developers were looking to the future of the stable realtime trees and, relatedly, plans for continuous-integration (CI) testing for realtime kernels.

Stable kernel updates

Wednesday 9th of September 2020 06:13:43 PM
Stable kernels 5.8.8, 5.4.64, 4.19.144, and 4.14.197 have been released. They contain important fixes throughout the tree and users should upgrade.

[$] Lua in the kernel?

Wednesday 9th of September 2020 04:17:48 PM
BPF is, of course, the language used for network (and other) customization in the Linux kernel, but some people have been using the Lua language for the networking side of that equation. Two developers from Ring-0 Networks, Lourival Vieira Neto and Victor Nogueira, came to the virtual Netdev 0x14 to present that work. It consists of a framework to allow the injection of Lua scripts into the running kernel as well as two projects aimed at routers, one of which is deployed on 20 million devices.

Security updates for Wednesday

Wednesday 9th of September 2020 02:51:55 PM
Security updates have been issued by Debian (grunt), Fedora (ansible and geary), openSUSE (firefox, gettext-runtime, python-Flask-Cors, and thunderbird), Oracle (firefox and thunderbird), Red Hat (.NET Core 3.1), SUSE (kernel and libjpeg-turbo), and Ubuntu (gnutls28 and libx11).

More in Tux Machines

today's howtos

KaOS 2020.09

KaOS is pleased to announce the availability of the September release of a new stable ISO. With almost 60 % percent of the packages updated since the last ISO and the last release being over two months old, a new ISO is more than due. News for KDE Applications 20.08 included Dolphin adding thumbnails for 3D Manufacturing Format (3MF) files, you can also see previews of files and folders on encrypted file systems such as Plasma Vaults now remembers and restores the location you were viewing, as well as the open tabs, and split views you had open when you last closed it.Yakuake now lets you configure all the keyboard shortcuts that come from Konsole and there is a new system tray item that shows you when Yakuake is running. Elisa now lets you display all genres, artists, or albums in the sidebar, below other items. As always with this rolling distribution, you will find the very latest packages for the Plasma Desktop, this includes Frameworks 5.74.0, Plasma 5.19.5 and KDE Applications 20.08.1. All built on Qt 5.15.1. Read more

Plasma adventures - 5.19.4 tried and tested

I like the momentum in the Plasma space. The last three years have been phenomenal, and there does not seem to be any fatigue, which typically affects most software projects after a while. Given that Plasma has been chugging on for a looong time now, this is rather impressive. What worries me, though, is that each new version brings in more fragility, more bugs. And this brings me back to the fundamental issue with the Linux desktop. It's simply not robust enough to be a day-to-day system for most people. My mind simply cannot reconcile with breakages and compatibility issues. They feel like the easy way out of difficult situations with legacy models and usage patterns. Instead of creating a smooth transition to whatever the new thing is, what most projects seem to be doing is - break stuff. Why should plasma 5.19 be any less stable than say 5.18 or 5.15 or whatever. All in all, there's decent progress in Plasma, most notably the visuals and the responsiveness of the desktop, but these seem to come at the cost of good ole stability. Hopefully, future versions of Plasma will be able to give us both. That said, despite my grumbling, if you're after a solid desktop, Plasma is still the indubitable winner. Version 5.20 test coming soon! Read more

Android Leftovers