Post Syndicated from jake original https://lwn.net/Articles/944190/

Security updates have been issued by Debian (frr, kernel, libraw, mutt, and open-vm-tools), Fedora (cjose, pypy, vim, wireshark, and xrdp), Gentoo (apache), Mageia (chromium-browser-stable, clamav, ghostscript, librsvg, libtiff, openssl, poppler, postgresql, python-pypdf2, and unrar), Red Hat (flac), SUSE (firefox, geoipupdate, icu73_2, libssh2_org, rekor, skopeo, and webkit2gtk3), and Ubuntu (linux-azure, linux-azure-4.15, linux-azure-5.4, linux-gcp-5.4, linux-gkeop, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp, linux-gcp, linux-gcp-6.2, linux-ibm, linux-oracle, linux-starfive, linux-gcp-5.15, linux-gkeop-5.15, and opendmarc).

Post Syndicated from jake original https://lwn.net/Articles/943995/

In a series of posts on his blog, Oscar Benjamin looks at SymPy, which is a Python-based symbolic-mathematics library. In the first article, he outlines the “big changes for SymPy with particular focus on speed“. The second covers polynomial handling; subsequent articles will examine other pieces of the puzzle.

I will be writing this in a series of blog posts. This first post will outline the structure of the foundations of a computer algebra system (CAS) like SymPy, describe some problems SymPy currently has and what can be done to address them. Then subsequent posts will focus in more detail on particular components and the work that has been done and what should be done in the future.

Post Syndicated from jake original https://lwn.net/Articles/943990/

Security updates have been issued by Debian (chromium, libssh2, memcached, and python-django), Fedora (netconsd), Oracle (firefox and thunderbird), Scientific Linux (firefox), SUSE (open-vm-tools), and Ubuntu (grub2-signed, grub2-unsigned, shim, and shim-signed, plib, and python2.7, python3.5).

Post Syndicated from jake original https://lwn.net/Articles/943856/

Security updates have been issued by Fedora (erofs-utils, htmltest, indent, libeconf, netconsd, php-phpmailer6, tinyexr, and vim), Red Hat (firefox), and Ubuntu (linux-aws, linux-aws-5.15, linux-ibm-5.15, linux-oracle, linux-oracle-5.15, linux-azure, linux-azure-fde-5.15, linux-gke, linux-gkeop, linux-intel-iotg-5.15, linux-raspi, linux-oem-6.1, linux-raspi, linux-raspi-5.4, shiro, and sox).

Post Syndicated from jake original https://lwn.net/Articles/943619/

A recent discussion on the Python forum looked at a way to
protect module objects (and users) from mistaken attribute assignment and
deletion.
There are ways
to get the same effect today, but the mechanism that would be used causes a
performance penalty for an unrelated, and heavily used, action: attribute
lookup on modules. Back in 2017, PEP 562 (“Module __getattr__
and __dir__”) set the stage for adding magic methods to module objects; now
a new proposal would extend that idea to add __setattr__() and
__delattr__() to them.

Post Syndicated from jake original https://lwn.net/Articles/943498/

The Linux Vendor Firmware Service (LVFS)
provides a repository where vendors can upload firmware updates that can be
accessed by the fwupd
firmware update daemon on Linux systems. That mechanism allows users to keep
the hardware components of their systems up to date with the latest firmware
releases, but it has gotten so
popular that the daily metadata queries are starting to swamp the LVFS
content delivery network (CDN) server. So Richard Hughes, who developed
fwupd and LVFS, suggested
that it would make sense to start looking at ways to reduce that burden;
the idea was discussed in a recent thread on the Fedora devel mailing list.

Post Syndicated from jake original https://lwn.net/Articles/943492/

Security updates have been issued by Debian (thunderbird), Fedora (firefox, kernel, kubernetes, and mediawiki), Mageia (openldap), SUSE (terraform), and Ubuntu (atftp, busybox, and thunderbird).

Post Syndicated from jake original https://lwn.net/Articles/943302/

Security updates have been issued by Debian (chromium, firefox-esr, and gst-plugins-ugly1.0), Fedora (firefox, libeconf, libwebsockets, mosquitto, and rust-rustls-webpki), SUSE (amazon-ssm-agent, open-vm-tools, and terraform-provider-helm), and Ubuntu (linux-azure, linux-azure, linux-azure-5.15, linux-azure-fde, linux-gcp-5.15, linux-gcp-5.4, linux-oracle-5.4, linux-gkeop, linux-gkeop-5.15, linux-intel-iotg, linux-kvm, linux-oracle, and python-git).

Post Syndicated from jake original https://lwn.net/Articles/943192/

Security updates have been issued by Debian (firefox-esr, json-c, opendmarc, and otrs2), Red Hat (java-1.8.0-ibm and kpatch-patch), Scientific Linux (kernel), Slackware (mozilla), SUSE (haproxy, php7, vim, and xen), and Ubuntu (elfutils, frr, and linux-gcp, linux-starfive).

Post Syndicated from jake original https://lwn.net/Articles/942962/

A series of rabbit holes, some of which led to unshaved
yaks,
recently landed me on a book called Mastering Emacs.
Given that I have been using Emacs “professionally” for more than 16
years—and first looked into it a good ways into the previous century—I
should probably be pretty well-versed in that editor-cum-operating-system.
Sadly, for a variety of reasons, that is not really true, but the book and
some concerted effort have been helping me down a path toward Emacs-ian
enlightenment. Mastering Emacs may also help others who are
struggling in the frothy sea that makes up Emacs documentation.

Post Syndicated from jake original https://lwn.net/Articles/942767/

“Sugar” is, to a certain extent, in the eye of the beholder—at least when
it comes to syntax. Programming languages are often made up of a (mostly)
irreducible core, with lots of sugary constructs sprinkled on top—the syntactic sugar. No one
wants to be forced to do without the extra syntax—at least not for their
favorite pieces—but it is worth looking at how a language’s constructs can
be built from the core. That is just what Brett Cannon has been doing for
Python, on his blog and in talks,
including a talk at PyCon back in April (YouTube video).

Post Syndicated from jake original https://lwn.net/Articles/942937/

August 26 was the 25th anniversary of the release of the Bugzilla bug tracker as open-source software under the Mozilla Public License (MPL). A blog post for the occasion has some announcements, including several upcoming releases, help wanted, and a new legal entity to house the project:

Which now brings us to today, when I’m happy to announce the formation of Zarro Boogs Corporation, which will now be overseeing the Bugzilla Project. This is a taxable non-profit non-charitable corporation – we have filed with the IRS our intent to operate under US Tax Code §501(c)(4) (still pending approval from the IRS) meaning the IRS would require us to spend money raised on project expenses and not make a profit, but money donated to us will not earn you a tax deduction because we aren’t a charity (software development is not considered a charitable cause in the US). Unlike Thunderbird, which is a subsidiary of the Mozilla Foundation, we are an independent entity not owned by or associated with the Mozilla Foundation, although they have licensed the use of the Bugzilla trademark to us.

Post Syndicated from jake original https://lwn.net/Articles/942922/

Security updates have been issued by Debian (chromium, clamav, librsvg, rar, and unrar-nonfree), Fedora (caddy, chromium, and xen), and SUSE (ca-certificates-mozilla, gawk, ghostscript, java-1_8_0-ibm, java-1_8_0-openjdk, php7, qemu, and xen).

Post Syndicated from jake original https://lwn.net/Articles/942770/

The OpenTF Foundation has announced that it is moving forward with its eponymous fork of HashiCorp Terraform, which was recently changed to a non-FOSS license by the company. The organization has applied to become part of the Linux Foundation, “with the end goal of having OpenTF as part of Cloud Native Computing Foundation“. There is a GitHub repository for its manifesto, but the code repository for OpenTF is private for now, with plans to open it up in the next week or two. Work has been going on for the last week and more developers are coming on board:

So far, four companies pledged the equivalent of 14 full-time engineers (FTEs) to the OpenTF initiative. We expect this number to at least double in the following few weeks. To give you some perspective, Terraform was effectively maintained by about 5 FTEs from HashiCorp in the last 2 years. If you don’t believe us, look at their repository.

Some of the people behind OpenTF are participating in a Hacker News thread, so more information can be found there as well.

Post Syndicated from jake original https://lwn.net/Articles/942766/

Security updates have been issued by Debian (tryton-server), Fedora (youtube-dl), SUSE (clamav and krb5), and Ubuntu (cjose and fastdds).

Post Syndicated from jake original https://lwn.net/Articles/942654/

Security updates have been issued by Debian (w3m), Fedora (libqb), Mageia (docker-containerd, kernel, kernel-linus, microcode, php, redis, and samba), Oracle (kernel, kernel-container, and openssh), Scientific Linux (subscription-manager), SUSE (ca-certificates-mozilla, erlang, gawk, gstreamer-plugins-base, indent, java-1_8_0-ibm, kernel, kernel-firmware, krb5, libcares2, nodejs14, nodejs16, openssl-1_1, openssl-3, poppler, postfix, redis, webkit2gtk3, and xen), and Ubuntu (php8.1).

Post Syndicated from jake original https://lwn.net/Articles/942529/

Greg Kroah-Hartman has announced the release of two new stable kernels: 6.4.12 and 6.1.47. Both contain lots of important fixes
throughout the kernel tree.

Post Syndicated from jake original https://lwn.net/Articles/942346/

Over the years, there have been multiple examples of open-source software
that, suddenly, was no longer open source; on August 10, some further
examples were added to the pile. That happened when HashiCorp announced
that it would be switching the license on its products from the Mozilla Public
License 2.0 (MPL) to the Business Source License 1.1
(BSL or BUSL). At least one of the products affected by the change, the Terraform infrastructure-automation
tool, has attracted an effort to continue it as an open-source tool in the
form of a fork that would be maintained by the nascent OpenTF Foundation. That seems like a
sensible reaction to the move, but it also helps serve up yet another
reminder that code which is controlled by a single entity is normally
always at risk of such
adverse changes.

Post Syndicated from jake original https://lwn.net/Articles/942514/

Security updates have been issued by Debian (mediawiki and qt4-x11), Fedora (java-17-openjdk, linux-firmware, and python-yfinance), Red Hat (kernel, kpatch-patch, and subscription-manager), SUSE (evolution, janino, kernel, nodejs16, nodejs18, postgresql15, qt6-base, and ucode-intel), and Ubuntu (inetutils).

Post Syndicated from jake original https://lwn.net/Articles/941796/

The
PineTime is an inexpensive
smartwatch developed by PINE64 that is
designed to run open-source operating systems. Despite its low cost, however,
it has most of the features expected from more expensive, proprietary
smartwatches. Because it runs open-source software, though, interested
developers
can add any other useful features that they dream up.