Post Syndicated from jzb original https://lwn.net/Articles/974576/
Version
3.20.0 of the Alpine Linux
distribution has been released with initial support for 64-bit
RISC-V. Other important changes include updates to GNOME 46,
KDE Plasma 6, and replacing Redis with Valkey due to Redis’s
adoption of a non-free
license model. See the release
notes for more on this release.
Post Syndicated from jzb original https://lwn.net/Articles/974572/
Security updates have been issued by Debian (webkit2gtk), Fedora (kernel), Mageia (chromium-browser-stable, djvulibre, gdk-pixbuf2.0, nss & firefox, postgresql15 & postgresql13, python-pymongo, python-sqlparse, stb, thunderbird, and vim), Red Hat (go-toolset:rhel8, nodejs, and varnish:6), SUSE (gitui, glibc, and kernel), and Ubuntu (libspreadsheet-parseexcel-perl, linux-aws, linux-aws-5.15, linux-gke, linux-gcp, python-idna, and thunderbird).
Post Syndicated from jzb original https://lwn.net/Articles/974488/
The AlmaLinux project has announced
the formation of the AlmaLinux Engineering
Steering Committee (ALESCo):
[It] is dedicated to guiding the technical direction of the
AlmaLinux distribution on a day-to-day basis within the guidelines set
forth by the board, ensuring its robustness, reliability,
sustainability, and relevance in the open-source ecosystem. ALESCo
will work collaboratively with, and oversee relevant technical-focused
Special Interest Groups (SIGs) to achieve these goals. It is “air
traffic control” for engineering matters.
The initial members of ALESCo appointed by the AlmaLinux OS
Foundation board are Andrew Lukoshko, Ben Thomas, Cody Robertson,
Elkhan Mammadli, Jonathan Wright, and Neal Gompa. The AlmaLinux Wiki has
more information on the committee’s activities and how to get involved.
Post Syndicated from jzb original https://lwn.net/Articles/973130/
As the shiny new KDE Plasma 6 desktop makes its way into distribution
releases, a small group of developers is still trying to preserve the
KDE experience circa 2008. The Trinity Desktop Environment
(TDE), is a continuation of KDE 3 that has maintained the
old-school desktop with semi-regular releases since 2010. The most
recent release, R14.1.2,
was announced
on April 28. TDE does deliver a usable retro desktop, but with
some limitations that hamper its usability on modern systems.
Post Syndicated from jzb original https://lwn.net/Articles/973917/
Version
0.10 of the Vim-based text editor Neovim is now available. This release
includes a new default color scheme, enhanced support for rendering
multibyte characters, support for hyperlinks, system clipboard
synchronization, and more. Many features have been deprecated
in 0.10 and will be removed in future release. Neovim core contributor
Gregory Anders has written a summary
of some of the highlights and thoughts on upcoming releases:
We follow a “fun driven development” paradigm: for the most part,
contributors and maintainers work on things that are personally
interesting to them. Because of this, it can be difficult to predict
what will happen in future releases. If there is a feature you want
to see implemented, the best way to do it is to take a crack at it
yourself: many of the features mentioned in this very blog post were
contributed by users that are not part of the “core” maintenance
team!
Post Syndicated from jzb original https://lwn.net/Articles/973908/
Security updates have been issued by AlmaLinux (.NET 7.0, .NET 8.0, and nodejs:20), Debian (chromium, firefox-esr, ghostscript, and libreoffice), Fedora (djvulibre, mingw-glib2, mingw-python-jinja2, and mingw-python-werkzeug), Oracle (.NET 7.0, .NET 8.0, kernel, and nodejs:18), Red Hat (nodejs:20), Slackware (gdk and git), SUSE (python), and Ubuntu (linux-hwe-5.15, linux-raspi).
Post Syndicated from jzb original https://lwn.net/Articles/973746/
Security updates have been issued by Mageia (sssd and tcpdump), Red Hat (.NET 7.0, .NET 8.0, expat, kernel, and kernel-rt), Slackware (mozilla), SUSE (kernel, postgresql15, postgresql16, python-arcomplete, python-Fabric, python-PyGithub, python- antlr4-python3-runtime, python-avro, python-chardet, python-distro, python- docker, python-fakeredis, python-fixedint, pyth, and python3), and Ubuntu (linux-bluefield).
Post Syndicated from jzb original https://lwn.net/Articles/973686/
Version 24.0
of the Arch-based Manjaro distribution is now available with
the 6.9 kernel, GNOME 46, Xfce 4.18, and an update to the
Pamac package
installer. This is also the project’s first release with KDE Plasma 6:
The Plasma edition comes with the latest Plasma 6.0 series and KDE
Gear 24.02. It brings exciting new improvements to your desktop.With Plasma 6, KDE’s technology stack has undergone major upgrades:
a transition to the latest version of application framework, Qt, and
an improved graphics platform when Wayland is used. These changes are
as smooth and unnoticeable to the users as possible. You will see the
same familiar desktop environment that you know and love. But these
under-the-hood upgrades benefit Plasma’s security, efficiency, and
performance, and improve support for modern hardware. Thus Plasma
delivers an overall more reliable user experience, while paving the
way for many more improvements in the future.
The project also offers minimal install images with the 6.6 LTS
and 6.1 LTS kernels to support older hardware.
Post Syndicated from jzb original https://lwn.net/Articles/973667/
Security updates have been issued by Debian (glib2.0 and shim), Fedora (glib2, gnome-shell, tcpdump, tpm2-tools, tpm2-tss, and uriparser), Mageia (mutt), Oracle (git-lfs, glibc, kernel, kernel-container, nodejs:18, nodejs:20, and pcp), SUSE (apache2, opensc, openssl-1_1, openssl-3, perl, python-Pillow, python-pyOpenSSL, python-Werkzeug, SUSE Manager Client Tools Beta, tpm2-0-tss, and tpm2.0-tools), and Ubuntu (sqlparse and strongswan).
Post Syndicated from jzb original https://lwn.net/Articles/973496/
Security updates have been issued by AlmaLinux (nodejs:18 and shim), Debian (atril and chromium), Fedora (chromium, glib2, gnome-shell, mediawiki, php-wikimedia-cdb, php-wikimedia-utfnormal, stb, and tcpdump), Gentoo (Kubelet, PoDoFo, Rebar3, and thunderbird), Mageia (glibc and libnbd), Oracle (kernel), Red Hat (bind and dhcp and varnish), and SUSE (chromium, cpio, freerdp, giflib, gnutls, opera, python-Pillow, python-Werkzeug, tinyproxy, and tpm2-0-tss).
Post Syndicated from jzb original https://lwn.net/Articles/972331/
In April, the Gentoo Linux project banned the use of
generative AI/ML tools due to copyright, ethical, and quality
concerns. This means contributors cannot use tools like ChatGPT or GitHub Copilot to
creating content for the distribution such as code, documentation,
bug reports, forum posts. A proposal for Debian to adopt a similar
policy revealed a distinct lack of love for those kinds of tools,
though it would also seem few contributors support
banning them outright.
Post Syndicated from jzb original https://lwn.net/Articles/972467/
The so-called software supply chain starts with source code. But most security measures and tooling
don’t kick in until source is turned into an artifact—a source
tarball, binary build, container image, or other method of delivering a
release to users. The gittuf project
is an attempt to provide a security layer for Git that can handle key management,
enforce security policies for repositories, and guard against attacks
at the version-control layer. At Open Source Summit North America (OSSNA), Aditya Sirish A
Yelgundhalli and Billy Lynch presented
an introduction to gittuf with an overview of its goals and
status.
Post Syndicated from jzb original https://lwn.net/Articles/972874/
Fedora Magazine reports
that the Fedora Asahi
Remix for Apple Arm hardware, based on Fedora
40, is now available:
Fedora Asahi Remix offers KDE Plasma 6 as our flagship desktop
experience. It also features a custom Calamares-based initial setup
wizard. A GNOME variant is also available, featuring GNOME 46, with
both desktop variants matching what Fedora Linux offers. Fedora Asahi
Remix also provides a Fedora Server variant for server workloads and
other types of headless deployments. Finally, we offer a Minimal image
for users that wish to build their own experience from the ground up.
See the installation
guide to get started with the Asahi Remix.
Post Syndicated from jzb original https://lwn.net/Articles/972861/
Security updates have been issued by Debian (glib2.0 and php7.3), Gentoo (Commons-BeanUtils, Epiphany, glibc, MariaDB, Node.js, NVIDIA Drivers, qtsvg, rsync, U-Boot tools, and ytnef), Oracle (kernel), Red Hat (git-lfs and kernel), SUSE (flatpak, less, python311, rpm, and sssd), and Ubuntu (libde265, libvirt, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp,
linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4,
linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi,
linux-raspi-5.4, linux-xilinx-zynqmp, linux, linux-azure, linux-azure-5.15, linux-azure-fde,
linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop,
linux-gkeop-5.15, linux-ibm, linux-ibm-5.15, linux-kvm, linux-lowlatency,
linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15, linux-oem-6.5, and nghttp2).
Post Syndicated from jzb original https://lwn.net/Articles/972596/
The Python Software
Foundation (PSF) has announced
its annual
impact report for 2023. The report includes updates from PSF staff
as well as summaries of the foundation’s activities, financials, and
infrastructure. The PSF celebrated the
20th anniversary of PyCon US, distributed more than $370,000 in grants, and
enjoyed impressive traffic on PyPI:
In 2023 PyPI saw a 45% growth in download counts and bandwidth alike,
serving 603,378,275 downloads for the 516,402 projects hosted there
requiring 747.4 Petabytes of data transfer, or 189.6 Gbps of bandwidth
24x7x365.
See the full report for a breakdown of grant disbursements and
trends, PSF expenses, and high-level plans for the rest of 2024.
Post Syndicated from jzb original https://lwn.net/Articles/971541/
In some aspects, such as in gaming, the Linux desktop has made
enormous strides in the past few years. In others, such as
accessibility, things have stagnated. At Open Source Summit North America (OSSNA), Matt Campbell spoke
about the need for, and an approach to, modernizing accessibility for
desktop Linux. This included a discussion of Newton, a fledgling
project that may greatly improve accessibility on the Linux desktop.
Post Syndicated from jzb original https://lwn.net/Articles/971980/
Version 8.0 of the terminal text editor GNU nano has been
released. This update includes several changes to keybindings to be
more newcomer-friendly, such as remapping Ctrl-F to forward-search and
adding an option for modern bindings:
Command-line option –modernbindings (-/) makes ^Q quit, ^X cut,
^C copy, ^V paste, ^Z undo, ^Y redo, ^O open a file, ^W write a
file, ^R replace, ^G find again, ^D find again backwards, ^A set
the mark, ^T jump to a line, ^P show the position, and ^E execute.
The release also provides access to 14 levels of gray scale in xterm (up
from four), as well as many bug fixes.
Post Syndicated from jzb original https://lwn.net/Articles/971143/
Ubuntu 24.04 LTS, code-named “Noble Numbat”, was released on April 25. This release includes GNOME 46, installer updates,
security enhancements, a lot of updated packages, and a new App Center
that puts a heavy emphasis on using Snaps to install software. It is not an ambitious release, but it brings enough to the table that it’s a worthwhile update.
Post Syndicated from jzb original https://lwn.net/Articles/972029/
Security updates have been issued by Debian (nghttp2 and qtbase-opensource-src), Mageia (cjson, freerdp, guava, krb5, libarchive, and mediawiki), Oracle (container-tools:4.0 and container-tools:ol8), Red Hat (bind, buildah, container-tools:3.0, container-tools:rhel8, expat, gnutls, golang, grafana, kernel, kernel-rt, libreswan, libvirt, linux-firmware, mod_http2, pcp, pcs, podman, python-jwcrypto, rhc-worker-script, shadow-utils, skopeo, sssd, tigervnc, unbound, and yajl), SUSE (kernel and python311), and Ubuntu (gerbv and node-json5).
Post Syndicated from jzb original https://lwn.net/Articles/970818/
When it comes to security, telling developers to do (or not do)
something can be ineffective. Helping them understand the why behind
instructions, by illustrating good and bad practices using stories, can be
much more effective. With several such stories Marta
Rybczyńska fashioned an interesting talk
about patterns and anti-patterns in embedded Linux security at the
Embedded
Open Source Summit (EOSS), co-located with Open
Source Summit North America (OSSNA), on April 16 in Seattle, Washington.