All posts by jzb

Stenberg: No strcpy either

Post Syndicated from jzb original https://lwn.net/Articles/1052355/

Daniel Stenberg has written a blog
post
about the decision to ban the use strcpy()
in curl:

The main challenge with strcpy is that when using it we do not
specify the length of the target buffer nor of the source string. […]

To make sure that the size checks cannot be separated from the copy
itself we introduced a string copy replacement function the other day
that takes the target buffer, target size,
source buffer and source string length as arguments
and only if the copy can be made and the null terminator also fits
there, the operation is done.

Security updates for Tuesday

Post Syndicated from jzb original https://lwn.net/Articles/1052327/

Security updates have been issued by Debian (openjpeg2, osslsigncode, php-dompdf, and python-django), Fedora (fluidsynth, golang-github-alecthomas-chroma-2, golang-github-evanw-esbuild, golang-github-jwt-5, and opentofu), Mageia (ceph and ruby-rack), and SUSE (anubis, apache2-mod_auth_openidc, dpdk22, kernel, libpng16, and python311-openapi-core).

[$] An early look at the Graphite 2D graphics editor

Post Syndicated from jzb original https://lwn.net/Articles/1051242/

Graphite is an effort to unify
illustration, raster editing, desktop publishing, and animation in one
browser-based application. The project has been in development since
2020 and announced its first alpha release in 2022. According to creator Keavon Chambers, the project’s mission is to become
the 2D counterpart to Blender“, by bringing a node-based,
non-destructive workflow to 2D graphics. The project, currently still in
alpha, is a long way from complete; but it is worth testing for anyone
involved with open-source-graphics production. Current
builds
, from September 2025, include vector-illustration tools, a
node-based compositor, and early brush tooling, with broader pixel-based-
and photo-editing work still in progress.

Ruby 4.0 released

Post Syndicated from jzb original https://lwn.net/Articles/1051953/

Once again there is a brand-new release under the tree from the
Ruby programming-language project: Ruby 4.0
has been released with many new features and improvements. Notable
changes include the experimental Ruby Box
feature for in-process isolation of classes and modules, a new
just-in-time compiler called ZJIT, and improvements to Ruby’s
parallel-execution mechanism (Ractor). There are a number of language
changes as well. See the documentation
for Ruby 4.0
for more.

[$] LWN.net Weekly Edition for December 25, 2025

Post Syndicated from jzb original https://lwn.net/Articles/1051064/

Inside this week’s LWN.net Weekly Edition:

  • Front: 2025 retrospective; Dirk and Linus talk; successful open-source documentation projects; verifier-state pruning in BPF; Linux 32-bit timeline; BPF state visualizer; systemd v259.
  • Briefs: linux-next maintainer; 2025 TAB; Git in Debian; Elementary OS 8.1; Qubes OS 4.3.0; GDB 17.1; Incus 6.20; systemd v259; Quotes; …
  • Announcements: Newsletters, conferences, security updates, patches, and more.

[$] What’s new in systemd v259

Post Syndicated from jzb original https://lwn.net/Articles/1051235/

The systemd v259
release was announced on December 17, just three months after
v258. It is a more modest release but still includes a number of
important changes such as a new option for the run0 command
(an alternative to sudo), ability to mount user home directories from the host in virtual
machines, as well as under-the-hood changes with dlopen()
for library linking, the ability to compile systemd with musl libc,
and more.

Elementary OS 8.1 released

Post Syndicated from jzb original https://lwn.net/Articles/1051773/

Version
8.1
of elementary OS has been released. Notable changes in this
release include making the Wayland session the default, changes to
window management and multitasking, as well as a number of
accessibility improvements. The 8.1 release is the first to be made
available for Arm64 devices, which should allow users to run
elementary on Apple M-series hardware or other Arm devices that can
load UEFI-supporting firmware, such as some Raspberry Pi models. See
the blog post for a full list of changes.

Security updates for Tuesday

Post Syndicated from jzb original https://lwn.net/Articles/1051758/

Security updates have been issued by AlmaLinux (binutils, curl, gcc-toolset-13-binutils, git-lfs, httpd, httpd:2.4, keylime, libssh, mod_md, openssh, php:8.3, podman, python3.12, python3.9, python39:3.9, skopeo, tomcat, tomcat9, and webkit2gtk3), Fedora (mingw-glib2, mingw-libsoup, and mingw-python3), Mageia (roundcubemail), Oracle (git-lfs and mod_md), and SUSE (glib2, kernel, mariadb, and qemu).

Loong64 is now an official Debian architecture

Post Syndicated from jzb original https://lwn.net/Articles/1051576/

John Paul Adrian Glaubitz has announced
that loong64 is now an official architecture for Debian, and will be
part of the Debian 14 (“forky”) release “if everything goes
along as planned
“. This is a bit more than two years after the initial
bootstrap
of the architecture.

So far, we have manually built and imported an initial set of 112
packages with the help of the packages in Debian Ports. This was
enough to create an initial chroot and set up the first buildd which
is now churning through the build queue. Over night, the currently
single buildd instance already built and uploaded 300 new packages.

Security updates for Monday

Post Syndicated from jzb original https://lwn.net/Articles/1051572/

Security updates have been issued by Debian (chromium, dropbear, mediawiki, php8.4, python-mechanize, rails, roundcube, usbmuxd, and wordpress), Fedora (cef, chromium, fonttools, gobuster, gosec, mingw-libpng, moby-engine, mqttcli, nextcloud, pgadmin4, python-unicodedata2, uriparser, and util-linux), Mageia (php and webkit2), Oracle (binutils, curl, gcc-toolset-13-binutils, gimp, git-lfs, kernel, openssh, php:8.3, podman, python-kdcproxy, python3.12, python3.9, skopeo, and webkit2gtk3), Red Hat (rsync), Slackware (php), SUSE (alloy, busybox, chromedriver, chromium, coredns-for-k8s, duc, firefox, kernel-devel, libpng16, libruby3_4-3_4, mariadb, netty, php8, python311-tornado6, rsync, taglib, and xen), and Ubuntu (linux-oracle-5.4, linux-raspi, linux-realtime-6.14, and linux-xilinx).

FreeBSD laptop progress

Post Syndicated from jzb original https://lwn.net/Articles/1051394/

The FreeBSD Foundation has a blog
post
about the progress it has made in 2025 on the Laptop Support
& Usability Project
for FreeBSD. The foundation committed
$750,000 to the project in 2025 and has made progress on graphics
drivers, Wi-Fi 4 and 5 support, audio improvements, sleep states,
and more.

The installer for FreeBSD has gained a couple of new features that
benefit laptop users. In 15.0 the installer now supports downloading
and installing firmware packages after the FreeBSD base system
installation is complete. Coming in 15.1 it will be possible to
install the KDE graphical desktop environment during the installation
process. Grateful thanks to Bjoern Zeeb and Alfonso Siciliano
respectively. […]

The project continues into 2026 with a similar sized investment and
scope. Key targets include completing work on sleep states (modern
standby and hibernate), adding support for graphics drivers up to
Linux 6.18, Wi-Fi 6 support, USB4 and Thunderbolt support, HDMI
improvements, UVC webcam support, and Bluetooth improvements.

A substantial testing program will also start in January, aiming to
test all the functionality together across a range of
hardware. Community testers are very welcome to help out, the
Foundation will release a blog post and send an invite to help to the
Desktop mailing list some time in January 2026.

Security updates for Friday

Post Syndicated from jzb original https://lwn.net/Articles/1051384/

Security updates have been issued by Debian (roundcube), Fedora (checkpointctl, containernetworking-plugins, mingw-libpng, NetworkManager, php, python3-docs, python3.13, and webkitgtk), Oracle (kernel, keylime, and libssh), and SUSE (apache2, clair, colord, flannel, gnutls, golang-github-prometheus-alertmanager, grafana, grub2, helm, ImageMagick, libpng16, netty, openssl-3, postgresql13, postgresql14, postgresql15, python36, salt, uyuni-tools, and venv-salt-minion).

Systemd v259 released

Post Syndicated from jzb original https://lwn.net/Articles/1051163/

Systemd
v259
has been released. Notable changes include a new
--empower” option for run0 that provides elevated
privileges to a user without switching to root, ability to propagate a
user’s home directory into a VM with systemd-vmspawn, and
more. Support for System V service scripts has been deprecated, and
will be removed in v260. See the release notes for other changes,
feature removals, and deprecated features.

Security updates for Thursday

Post Syndicated from jzb original https://lwn.net/Articles/1051156/

Security updates have been issued by AlmaLinux (kernel, keylime, mysql:8.4, and tomcat), Debian (c-ares and webkit2gtk), Fedora (brotli, cups, golang-github-facebook-time, nebula, NetworkManager, perl-Alien-Brotli, python-django4.2, python-django5, and vips), Red Hat (binutils, buildah, curl, go-toolset:rhel8, golang, grafana, multiple packages, php:8.3, podman, python3.12, python39:3.9, ruby:3.3, and skopeo), SUSE (buildah, cups, firefox, glib2, grub2, helm, icinga-php-library, icingaweb2, ImageMagick, imagemagick, kernel, libpng12, libpng16, mariadb, openssl-3, poppler, python39, usbmuxd, webkit2gtk3, wireshark, and xkbcomp), and Ubuntu (linux-azure-fips).