Post Syndicated from jzb original https://lwn.net/Articles/1013063/

Security updates have been issued by Debian (libreoffice), Fedora (exim and fscrypt), Red Hat (kernel), Slackware (mozilla), SUSE (docker, firefox, and podman), and Ubuntu (linux, linux-lowlatency, linux-lowlatency-hwe-5.15, linux, linux-lowlatency, linux-lowlatency-hwe-6.8, linux, linux-oem-6.11, linux-aws, linux-aws-6.8, linux-oracle, linux-oracle-6.8, linux-raspi, linux-aws, linux-gcp, linux-hwe-6.11, linux-oracle, linux-raspi, linux-realtime, linux-aws, linux-gkeop, linux-ibm, linux-intel-iotg, linux-intel-iotg-5.15, linux-oracle, linux-oracle-5.15, linux-raspi, and linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop).

Post Syndicated from jzb original https://lwn.net/Articles/1012453/

Mozilla’s actions have been rubbing many Firefox fans the
wrong way as of late, and inspiring them to look for alternatives.
There are many choices for users who are looking for a browser that
isn’t part of the Chrome monoculture but is full-featured and suitable
for day-to-day use. For those who are willing to stay in the Firefox
“family” there are a number of good options that have taken vastly
different approaches. This includes GNU IceCat, Floorp, LibreWolf, and Zen.

Post Syndicated from jzb original https://lwn.net/Articles/1012788/

Mozilla has issued
an update to its terms of use (TOU) that were announced
on February 26. It has removed a reference in the TOU to
Mozilla’s Acceptable Use Policy “because it seems to be causing
more confusion than clarity“, and has revised the TOU “to more
clearly reflect the limited scope of how Mozilla interacts with user
data“. The new language says:

You give Mozilla the rights necessary to operate Firefox. This
includes processing your data as we describe in the Firefox Privacy
Notice. It also includes a nonexclusive, royalty-free, worldwide
license for the purpose of doing as you request with the content you
input in Firefox. This does not give Mozilla any ownership in that
content.

Mozilla has also updated its Privacy FAQ to provide
more detail about its reasons for the changes.

Post Syndicated from jzb original https://lwn.net/Articles/1011511/

Differences of opinion, as well as outright disputes, between
upstream open-source projects and Linux distribution packagers over
packaging practices are nothing new. It is rarer, though, for those
disputes to boil over to threats of legal action—but a
disagreement between the Open
Broadcaster Software (OBS) Studio project and Fedora packagers
reached that point in mid-February. After escalation to a higher
authority things have been worked out to the satisfaction of the OBS
project, but some lingering questions remain. How Fedora should
prioritize Flatpak repositories,
how to handle conflicts between upstreams and Fedora packagers, and
the mechanics of removing or retiring Flatpaks all remain open
questions.

Post Syndicated from jzb original https://lwn.net/Articles/1007270/

Zotero is an
open-source reference management tool designed for collecting,
organizing, and citing research materials. It is particularly useful
for those writing research papers, theses, or books that require a
bibliography in standard formats like APA
Style, Chicago
Style, or MLA
Format. Zotero stores bibliographic metadata, annotations, and user
data and integrates with word processors like LibreOffice, Microsoft
Word, and Google Docs to produce in-text citations and
bibliographies. The core features of Zotero include metadata extraction,
tagging, full-text indexing, and cloud synchronization for
multi-device access, and Zotero has a plugin system to
allow anyone to expand its capabilities. The most recent major
release, Zotero 7, added
support for reading EPUBs, brought user-interface improvements
including a dark mode, performance improvements, and more.

Post Syndicated from jzb original https://lwn.net/Articles/1011959/

The Gentoo Linux project has
announced
the availability of qcow2 images for amd64 (x86_64) and arm64
(aarch64), and plans to “eventually” offer images for the
riscv64 and loongarch64 architectures.

The images, updated weekly, include an EFI boot partition and a fully
functional Gentoo installation; either with no network activated but a
password-less root login on the console (“no root pw”), or with
network activated, all accounts initially locked, but cloud-init
running on boot (“cloud-init”).

Post Syndicated from jzb original https://lwn.net/Articles/1011955/

Version
25.2 of the Armbian Linux
distribution for single-board computers (SBCs) has been released. Notable
changes in this release include support for many new SBCs, an upgrade
to Linux kernel 6.12.x, and more. See the changelog
for a complete list.

Post Syndicated from jzb original https://lwn.net/Articles/1011928/

Security updates have been issued by Fedora (crun, gnutls, libtasn1, and openssl), Mageia (emacs, gnutls, iniparser, kernel, kmod-virtualbox, kmod-xtables-addons, kernel-linus, krb5, libxml2, and vim), Slackware (tigervnc and xorg), SUSE (libprotobuf-lite28_3_0 and Maven), and Ubuntu (dropbear, kernel, libxml2, linux, linux-lowlatency, linux-lowlatency-hwe-6.8, linux, linux-lts-xenial, linux-aws-5.4 linux-raspi-5.4, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-raspi, ProFTPD, python-virtualenv, rails, and xorg-server, xwayland).

Post Syndicated from jzb original https://lwn.net/Articles/1011671/

Version
2.0 of the Aqualung
gapless music player has been released. Aqualung supports playback of
a wide range of audio formats, ripping CDs to WAV, FLAC, Ogg Vorbis,
or MP3, and subscribing to podcasts via RSS or Atom feeds. The primary
change in this release is the migration
from GTK2 to GTK3, and dropping support for custom skins as a
result.

Post Syndicated from jzb original https://lwn.net/Articles/1010868/

The AlmaLinux project has published
a request for comments (RFC) on rebuilding Fedora’s Extra Packages for
Enterprise Linux (EPEL), which provides additional software for
Red Hat Enterprise Linux (RHEL) and its derivatives, to support older
x86_64 hardware that is not supported by EPEL 10. While this may
sound simple on the surface, the proposed rebuild carries a few
potential risks that the AlmaLinux and EPEL contributors would like to
avoid. The AlmaLinux
Engineering Steering Committee (ALESCo) is currently considering
feedback and will vote on the RFC in March.

Post Syndicated from jzb original https://lwn.net/Articles/1007724/

The pytest-mh
project is a plugin that provides a multi-host test framework for the
popular pytest
unit-testing framework and test runner. Work on pytest-mh
started in 2023 to solve a multitude of issues that
cropped up for developers and testers when testing the SSSD project, which is a client for
enterprise identity management. I was not happy with the state of
testing of the SSSD project and wanted to create something that would
increase test readability, remove duplication, eliminate errors, and
provide multi-host testing capabilities, while having the flexibility
to build a new API around it. Finally, I also wanted something that
can be used by anyone to test their projects as well.

Post Syndicated from jzb original https://lwn.net/Articles/1010922/

Mark Surman, president of the Mozilla Corporation, has announced
leadership updates for Mozilla. This includes a Mozilla Leadership
Council made up of executives from each Mozilla organization, and new
board chairs for the not-for-profit Mozilla Foundation, the
Mozilla Corporation, and Mozilla.ai. The announcement also
indicates a desire to further “diversify” Mozilla’s focus:

We’ve recognized that Mozilla faces major headwinds in terms of both
financial growth and mission impact. While Firefox remains the core of
what we do, we also need to take steps to diversify: investing in
privacy-respecting advertising to grow new revenue in the near term;
developing trustworthy, open source AI to ensure technical and product
relevance in the mid term; and creating online fundraising campaigns
that will draw a bigger circle of supporters over the long
run. Mozilla’s impact and survival depend on us simultaneously
strengthening Firefox AND finding new sources of revenue AND
manifesting our mission in fresh ways. That is why we’re working hard
on all of these fronts.

Post Syndicated from jzb original https://lwn.net/Articles/1010857/

The Fedora Project has announced
two milestones in its journey to supporting the RISC-V architecture: a
dedicated RISC-V Koji build system instance is live in the Fedora data
center, and Fedora
41-based images are now available for RISC-V. It is also possible
to run Fedora RISC-V images using QEMU for those without supported
hardware.

Post Syndicated from jzb original https://lwn.net/Articles/1010855/

Debian Developer Thomas Lange has written a blog post
in the attempt to help users find the right Debian image for their
systems.

It’s difficult to find the right Debian image. We have thousands of
ISO files and cloud images and we support multiple CPU architectures
and several download methods. The directory structure of our main
image server is like a maze, and our web pages for downloading are
also confusing.

Post Syndicated from jzb original https://lwn.net/Articles/1010853/

Security updates have been issued by AlmaLinux (gcc-toolset-14-gcc, nodejs:18, and nodejs:22), Fedora (bootc), Gentoo (OpenSSH), Oracle (doxygen, libxml2, mingw-glib2, and NetworkManager), Red Hat (bind, bind9.16, bind9.18, kernel, kernel-rt, mysql, and mysql:8.0), Slackware (openssh), SUSE (buildah, emacs, glibc, google-osconfig-agent, grub2, java-11-openj9, kernel, netty, netty-tcnative, openssh, openvswitch, podman, and ucode-intel), and Ubuntu (atril, libsndfile, libtasn1-6, openssh, python-virtualenv, and symfony).

Post Syndicated from jzb original https://lwn.net/Articles/1010682/

Pi-hole v6 has been released. The
latest version of the popular ad-blocking software sports a redesigned
user interface, has support for subscribing to allowlists, and brings
a new REST API and embedded web server. Its Docker/OCI image is now
based on Alpine Linux
rather than Debian to reduce image
size. See the announcement for guidance on upgrading existing Pi-hole
installations.

Post Syndicated from jzb original https://lwn.net/Articles/1008721/

It is a standard practice to use milestones to reflect on the
achievements of a project, such as the anniversary of its first
release or first commit. Usually, these are observed at five and
ten‑year increments; the tenth anniversary of the 1.0 release, or 25
years since from the first public announcement, etc. Lennart
Poettering, however, took a different approach at FOSDEM 2025 with a keynote
commemorating 14 years of systemd,
and a brief look ahead at his goals and systemd’s challenges for the future.

Post Syndicated from jzb original https://lwn.net/Articles/1007303/

Memcached is a memory-based
data-caching daemon that has a long history. More than twenty years after its first public
release, Memcached strives to remain relevant in a vastly changed
computing landscape, balancing new features with a commitment to the original
principles that separate it from newer alternatives like Redis and Hazelcast.

Post Syndicated from jzb original https://lwn.net/Articles/1007907/

Most Linux systems depend on a suite of core utilities that the GNU Project started development on
decades ago and are, of course, written in C. At FOSDEM 2025, Sylvestre Ledru
made the case in his
main stage talk that modern systems require safer, more
maintainable tools. Over the past few years, Ledru has led the charge
of rewriting the GNU
Core Utilities (coreutils) in Rust, as the MIT-licensed uutils project. The goal is to
offer what he said are more secure, and more performant drop-in
replacements for the tools Linux users depend on. At FOSDEM, Ledru
announced that the uutils project is setting its sights even
higher.

Post Syndicated from jzb original https://lwn.net/Articles/1008866/

Version
1.4.0 of Arti, the Tor Project’s next-generation
Tor client written in Rust, has been released. Notable improvements in
this release include a new RPC
interface, and preparatory work toward service-side onion service
denial-of-service resistance. The release is dedicated to the memory of Jérémy Bobbio,
better known by many as “Lunar”. For full details on the release, see
the changelog.