Post Syndicated from jzb original https://lwn.net/Articles/1016400/

Joplin is an open-source
note-taking application designed to handle taking many kinds of notes,
whether it is managing code snippets, writing documentation, jotting
down lecture notes, or drafting a novel. Joplin has Markdown support,
a plugin system for extensibility, and accepts multimedia content,
allowing users to attach images, videos, and audio files to their
notes. It can provide synchronization of content across devices using
end-to-end encryption, or users can opt to stick to local storage
only. Joplin even offers a command-line
version for terminal-based usage. Joplin
3.2, the most recent feature release, brought long-awaited
multi-window support, multi-column layouts, enhanced accessibility,
and theme detection.

Post Syndicated from jzb original https://lwn.net/Articles/1015226/

Saying that calibre is
ebook-management software undersells the application by a fair
margin. Calibre is an open-source Swiss Army knife for ebooks that can
be used for everything from creating ebooks, converting ebooks from
obscure formats to modern formats like EPUB, to serving up an ebook
library over the web. The most recent major release, calibre 8.0,
brings a better text-to-speech engine, a tool for creating audio
overlays when authoring ebooks, support for profiles in the ebook
viewer, and more.

Post Syndicated from jzb original https://lwn.net/Articles/1016219/

Ryan Sipes has announced
efforts to expand Thunderbird’s offerings with web services to
“enhance the experience of using Thunderbird“.

The Why for offering these services is simple. Thunderbird loses users
each day to rich ecosystems that are both clients and services, such
as Gmail and Office365. These ecosystems have both hard vendor
lock-ins (through interoperability issues with 3rd-pary clients) and
soft lock-ins (through convenience and integration between their
clients and services). It is our goal to eventually have a similar
offering so that a 100% open source, freedom-respecting alternative
ecosystem is available for those who want it.

The planned services include hosted email, appointment scheduling,
a revival of Firefox Send,
and (of course) an AI assistant based on a partnership with Flower AI. The AI features will
“always be optional for use by people who want them“. Sipes is
managing director of product for Thunderbird’s parent organization, MZLA
Technologies Corporation. LWN covered his
GUADEC 2024 keynote last July.

Post Syndicated from jzb original https://lwn.net/Articles/1016217/

Outgoing Fedora Project Leader (FPL) Matthew Miller has announced
his successor, Jef Spaleta.

Some of you may remember Jef’s passionate voice in the early Fedora
community. He got involved all the way back in the days of fedora.us,
before Red Hat got involved. Jef served on the Fedora Board from July
2007 through the end of 2008. This was the critical time after Fedora
Extras and Fedora Core merged into one Fedora Linux where, with the
launch of the “Features” process, Fedora became a truly community-led
project.

Spaleta will be joining Red Hat full time in May and Miller will be
formally handing off FPL duties at the Flock conference in
June.

Post Syndicated from jzb original https://lwn.net/Articles/1016216/

Version
2.0 of PorteuX, a distribution based on Slackware Linux, has been
released. This release adds the ability to test experimental Wayland
sessions for the Cinnamon, LXQt, and Xfce desktops. PorteuX 2.0
updates the Linux kernel to 6.14 and includes many package updates and
bug fixes. Users have the choice of PorteuX stable or its rolling release
called current. See the install.txt
for instructions on installing PorteuX to disk.

Post Syndicated from jzb original https://lwn.net/Articles/1016205/

Security updates have been issued by Debian (firefox-esr, jetty9, openjpeg2, and tomcat9), Fedora (dokuwiki, firefox, php-kissifrot-php-ixr, php-phpseclib3, and rust-zincati), Red Hat (kernel and pki-core), Slackware (mozilla), SUSE (apparmor, atop, docker, docker-stable, firefox, govulncheck-vulndb, libmodsecurity3, openvpn, upx, and warewulf4), and Ubuntu (inspircd, linux, linux-aws, linux-gcp, linux-gke, linux-gkeop, linux-ibm,
linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oem-6.8, linux-oracle,
linux-oracle-6.8, linux-aws, linux-aws-5.4, linux-aws-fips, linux-azure-6.8, linux-hwe-6.8, linux-raspi, linux-realtime, nginx, phpseclib, and vim).

Post Syndicated from jzb original https://lwn.net/Articles/1014979/

The effort to ensure that open-source software is reproducible has been
gathering steam over the years, and gaining traction with major Linux
distributions. Debian, for example, has been working toward reproducible
builds for more than a decade; it can now
produce official
live CDs of the current stable release that are
reproducible. Fedora started on the path much later, but it has
progressed far enough that the project is now considering a change
proposal for the Fedora 43 development cycle, expected to be
released in October, with a goal of
making 99% of Fedora’s package builds reproducible. So far, reaction
to the proposal seems favorable and focused primarily on how to
achieve the goal—with minimal pain for packagers—rather than whether to attempt it.

Post Syndicated from jzb original https://lwn.net/Articles/1015834/

Greg Kroah-Hartman announced the release of four stable kernels on March 28: 6.13.9, 6.12.21, 6.1.132, and 6.6.85. Users are advised to upgrade.

Post Syndicated from jzb original https://lwn.net/Articles/1015763/

KDE contributor David Edmundson has published
a blog post about improving KDE Plasma’s login experience by
replacing SDDM
with a new Plasma Login Manager.

It’s worth stressing nothing is official or set in stone yet,
whilst it has come up in previous Plasma online meetings and in the
2023 Akademy. I’m posting this whilst starting a more official
discussion on the plasma-devel mailing list.

Oliver Beard and I have made a new mutli-process greeter, that uses
the same startup mechanism as the desktop session. It doesn’t have all
the features that we propose at the start of the blog, but an
architecture where features and services can be slowly and safely
added.

That discussion is here
for those who would like to follow along. The prototype is currently
in two repositories: plasma-login
for the frontend work, and plasma-login-manager,
which is a fork of SDDM.

Post Syndicated from jzb original https://lwn.net/Articles/1015649/

Ubuntu 23.10 and 24.04 LTS introduced a feature using AppArmor to
restrict access to user namespaces. Qualys has reported
three ways to bypass AppArmor’s restrictions and enable local users to
gain full administrative capabilities within a user namespace. Ubuntu
has followed up with a post
that explains the namespace-restriction feature in detail, and says
these bypasses do not constitute security vulnerabilities.

While a superficial observation of the application of user namespaces may indicate privileged (root level) access, this is a fictitious state that is operating as expected, with access control still mapped to the real (root namespace) user’s permissions. As such, these bypasses do not enable more access than what the default Linux kernel
unprivileged user namespace feature allows in most Linux
distributions. They do, however, demonstrate limitations that we are
looking to address in order to strengthen existing protections against
as-of-yet-unknown Linux kernel vulnerabilities.

LWN covered Ubuntu 24.04 LTS last May.

Post Syndicated from jzb original https://lwn.net/Articles/1015589/

Security updates have been issued by Arch Linux (exim), Debian (exim4, ghostscript, and libcap2), Red Hat (container-tools:rhel8), SUSE (apache-commons-vfs2, argocd-cli, azure-cli-core, buildah, chromedriver, docker-stable, ed25519-java, kernel, kubernetes1.29-apiserver, kubernetes1.30-apiserver, kubernetes1.32-apiserver, libmbedcrypto7, microcode_ctl, php7, podman, proftpd, tomcat10, and webkit2gtk3), and Ubuntu (containerd, exim4, mariadb, opensaml, and org-mode).

Post Syndicated from jzb original https://lwn.net/Articles/1015496/

Version
0.11 of the Neovim text editor has been released. Notable changes
in this release include simpler Language Server Protocol (LSP) client
setup, improved tree-sitter performance, better emoji support, and
enhancements for Neovim’s embedded terminal emulator. See the release notes for
a full list of changes.

Post Syndicated from jzb original https://lwn.net/Articles/1015402/

In a short
note to the Reproducible Builds
mailing list, Debian developer Roland Clobus announced that live
images for Debian 12.10 (“bookworm”) are now 100% reproducible. See the reproducible
live images and Debian Live todo
pages on the Debian wiki for more information on the images.

Post Syndicated from jzb original https://lwn.net/Articles/1015464/

Security updates have been issued by Debian (nginx and ruby-rack), Fedora (expat and libxslt), Mageia (bluez, dcmtk, ffmpeg, and radare2), Red Hat (container-tools:rhel8, gvisor-tap-vsock, kernel, kernel-rt, libreoffice, and podman), SUSE (buildah, forgejo, gitleaks, google-guest-agent, google-osconfig-agent, govulncheck-vulndb, grafana, helm, libxslt, php8, python-gunicorn, and python-Jinja2), and Ubuntu (freerdp2 and varnish).

Post Syndicated from jzb original https://lwn.net/Articles/1015408/

Boudhayan Bhattcharya has posted a lengthy article
about the announcement
that the Freedesktop project is dropping OpenH264 from the Freedesktop SDK for Flatpak
applications and runtimes.

Some Flatpak applications that depend on the Freedesktop runtime
version 23.08 will lose H.264 playback support starting with the
release scheduled for April, unless application developers replace it
with the ffmpeg-full extension. The 24.08 runtime is
unaffected, and future releases will include a new
codecs-extra extension to replace OpenH264 that includes FFmpeg with support for a number of
patented codecs.

Considering all things, I think and hope we made the correct decision
and hopefully the new org.freedesktop.Platform.codecs-extra works
out. libx264, libx265 and others are built from source and there are
no binaries or extra-data involved. So we should theoretically be able
to patch and fix any issues that come up in the future.

Apart from all this, I’m slightly worried at the prospects of legal
issues cropping up with this setup and also that the new extension
contains “too much”, but we will have to see where things flow.

Post Syndicated from jzb original https://lwn.net/Articles/1015183/

Greg Kroah-Hartman has announced the release of the 6.13.8, 6.12.20, and 6.6.84 stable kernels. Each contains a
number of important fixes throughout the kernel tree; users of those
series should upgrade.

Post Syndicated from jzb original https://lwn.net/Articles/1014603/

The Open Source Initiative
(OSI) has announced
the results of its recent board of directors election. Ruth Suehle and
McCoy Smith are new to the board, while Carlo Piana will serve another
term. The results, however, seem tainted in the eyes of some
participants and observers. The election has been plagued by missteps
from the beginning. It has culminated with the exclusion of three
candidates for failing to meet a requirement to sign the OSI board agreement, which was added after the election was over and before results were tallied or announced.

Post Syndicated from jzb original https://lwn.net/Articles/1015059/

Raspberry Pi has
announced rpi-image-gen,
a tool to create custom software images for its devices.

rpi-image-gen is a Bash orientated scripting engine capable of
producing software images with different on-disk partition layouts,
file systems and profiles using collections of metadata and a defined
flow of execution. It provides the means to create a highly customised
software image for your Raspberry Pi device. rpi-image-gen is human
readable, auditable and easy to use.

The Git repository for rpi-image-gen has a number of examples
to help users get started making their own custom images.

Post Syndicated from jzb original https://lwn.net/Articles/1014799/

GNOME 48 (“Bengaluru”)
has been released. As usual, this release includes a number of new
features and enhancements including support for shortcuts in the Orca
screen reader on Wayland, new fonts, addition of image editing to
Image Viewer, and more.

GNOME 48 includes a number of notable performance improvements. The
most significant of these is the introduction of dynamic triple
buffering. This change has undergone significant review and testing
over a period of five years and improves the perceived smoothness of
changes on screen, with fewer skipped frames and more fluid
animations. This has been achieved by enhancing the concurrency
capabilities of Mutter, the GNOME display manager, and is particularly
effective at handling sudden bursts of activity.

The GNOME 48 release also adds new applications to the GNOME Circle collection,
such as Drum Machine
and the Iotas note-taking
application. See “What’s new
for developers” a rundown of improvements for developers in
GNOME 48.

Post Syndicated from jzb original https://lwn.net/Articles/1014734/

Version 7.1
of PeerTube, a tool for
sharing videos online, has been released. Notable features in this
release include improved support for the Podcast 2.0 standard, better
playback stability, and a new view protocol enabled by default to
allow PeerTube to handle more simultaneous viewers. See the release
notes for more details.