Post Syndicated from LWN.net original https://lwn.net/Articles/961868/

At FOSDEM 2024 in Brussels, the
AI and Machine
Learning devroom hosted several talks about open-source AI models. With
talks about a definition of open-source AI, “ethical” restrictions in
licenses, and the importance of open data sets, in particular for
non-English languages, the devroom provided an overview of the current state
of the domain.

Post Syndicated from LWN.net original https://lwn.net/Articles/962284/

Security updates have been issued by Debian (edk2, postgresql-13, and postgresql-15), Fedora (engrampa, vim, and xen), Mageia (mbedtls and quictls), Oracle (nss, openssh, and tcpdump), Red Hat (.NET 8.0), SUSE (hugin, kernel, pdns-recursor, python3, tomcat, and tomcat10), and Ubuntu (clamav, edk2, linux-gcp-6.2, linux-intel-iotg-5.15, linux-oem-6.1, and ujson).

Post Syndicated from LWN.net original https://lwn.net/Articles/961331/

The LWN.net Weekly Edition for February 15, 2024 is available.

Post Syndicated from LWN.net original https://lwn.net/Articles/962168/

Version 21 of LineageOS,
an Android-based distribution, has been released.

With all that said, we have been working extremely hard since
Android 14’s release last October to port our features to this new
version of Android. Thanks to our hard work adapting to Google’s
largely UI-based changes in Android 12/13, and Android 14’s
dead-simple device bring-up requirements, we were able to rebase
our changes onto Android 14 much more efficiently.

This lets us spend some much overdue time on our apps suite!
Applications such as Aperture had their features and UX improved
significantly, while many of our aging apps such as Jelly, Dialer,
Contacts, Messaging, LatinIME (Keyboard), and Calculator got near
full redesigns that bring them into the Material You era!

Post Syndicated from LWN.net original https://lwn.net/Articles/962135/

The Ubuntu Weekly Newsletter carries the sad news that long-time contributor Gunnar Hjalmarsson has passed away.

Gunnar has been a steadfast contributor to Ubuntu and Debian for well over a decade. His work around translation and localization efforts has helped enable people from around the world to use and enjoy the software that we all love. It goes without saying that people like Gunnar are the foundation of our community, and his passing is a tremendous loss.

Post Syndicated from LWN.net original https://lwn.net/Articles/961899/

The Fedora Project is working toward the release
of Fedora Linux 40, and (as with each release) that means changes
to the way the project works and the software included in its repositories. Most
of the changes
set for Fedora 40 are uncontroversial, but one change is causing quite
a stir. The KDE Special Interest Group’s (SIG) proposal to adopt KDE Plasma 6 with only Wayland session support, which it interpreted as a mandate to block any X11 packages for Plasma. Others saw it as overreach by the SIG, and an attempt to block users and contributors from maintaining software they needed.

Post Syndicated from LWN.net original https://lwn.net/Articles/961978/

The Common Vulnerabilities and
Exposures (CVE) system was set up in 1999 as a way to refer
unambiguously to known vulnerabilities in software. That system has found
itself under increasing strain over the years, and numerous projects have
responded by trying to assert greater control over how CVE numbers are
assigned for their code. On February 13, though, a big shoe dropped when
the Linux kernel project announced
that it, too, was taking control of CVE-number assignments. As is often
the case, though, the kernel developers are taking a different approach to
vulnerabilities, with possible implications for the CVE system as a whole.

Post Syndicated from LWN.net original https://lwn.net/Articles/962077/

Security updates have been issued by Debian (bind9 and unbound), Fedora (clamav, firecracker, libkrun, rust-event-manager, rust-kvm-bindings, rust-kvm-ioctls, rust-linux-loader, rust-userfaultfd, rust-versionize, rust-vhost, rust-vhost-user-backend, rust-virtio-queue, rust-vm-memory, rust-vm-superio, rust-vmm-sys-util, and virtiofsd), Red Hat (.NET 6.0, dotnet6.0, and dotnet7.0), Slackware (bind and dnsmasq), and Ubuntu (dotnet6, dotnet7, dotnet8, linux-lowlatency, linux-raspi, linux-nvidia-6.2, and ujson).

Post Syndicated from LWN.net original https://lwn.net/Articles/961961/

Greg Kroah-Hartman has announced
that the kernel project has been accepted as a CVE numbering authority
(CNA). The way that CVE numbers will be handled by the kernel is described
in this
documentation patch:

As part of the normal stable release process, kernel changes that
are potentially security issues are identified by the developers
responsible for CVE number assignments and have CVE numbers
automatically assigned to them. These assignments are published on
the linux-cve mailing list as announcements on a frequent basis.

Note, due to the layer at which the Linux kernel is in a system,
almost any bug might be exploitable to compromise the security of
the kernel, but the possibility of exploitation is often not
evident when the bug is fixed. Because of this, the CVE assignment
team are overly cautious and assign CVE numbers to any bugfix that
they identify. This explains the seemingly large number of CVEs
that are issued by the Linux kernel team.

Post Syndicated from LWN.net original https://lwn.net/Articles/961117/

The dynamic linker is a critical component of modern Linux systems, being
responsible for setting up the address space of most processes. While statically
linked binaries have become more popular over time as the tradeoffs that
originally led to dynamic linking become less relevant, dynamic linking is still
the default. This article looks at what steps the dynamic linker takes to
prepare a program for execution.

Post Syndicated from LWN.net original https://lwn.net/Articles/961937/

Security updates have been issued by Fedora (clamav and virtiofsd), Oracle (gimp), Red Hat (gnutls and nss), SUSE (kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t and squid), and Ubuntu (openssl).

Post Syndicated from LWN.net original https://lwn.net/Articles/961871/

The FreeBSD Project has announced that it intends to deprecate 32-bit platforms “over the next couple of major releases“.

We anticipate FreeBSD 15.0 will not include the armv6, i386, and powerpc platforms, and FreeBSD 16.0 will not include armv7. Support for executing 32-bit binaries on 64-bit kernels will be retained through at least the lifetime of the stable/16 branch if not longer.

The announcement notes that support for some 32-bit platforms “may be extended if there is both demand and commitment to increased developer resources“. More details about the current plans for 32-bit platforms are available in the FreeBSD 14.0-RELEASE Release Notes.

Post Syndicated from LWN.net original https://lwn.net/Articles/961086/

Once again, runc—a tool
for spawning and running OCI containers—is drawing attention due to a high
severity container breakout attack. This vulnerability is interesting for
several reasons: its potential for widespread impact, the continued difficulty
in actually containing containers, the dangers of running containers
as a privileged user, and the fact that this vulnerability is made possible
in part by a response to a previous
container breakout flaw in runc.

Post Syndicated from LWN.net original https://lwn.net/Articles/961842/

Security updates have been issued by Debian (libgit2), Fedora (chromium, firecracker, libkrun, openssh, python-nikola, runc, rust-event-manager, rust-kvm-bindings, rust-kvm-ioctls, rust-linux-loader, rust-userfaultfd, rust-versionize, rust-vhost, rust-vhost-user-backend, rust-virtio-queue, rust-vm-memory, rust-vm-superio, rust-vmm-sys-util, virtiofsd, webkitgtk, and wireshark), Mageia (filezilla and xpdf), Oracle (gimp), Red Hat (libmaxminddb, linux-firmware, squid:4, and tcpdump), Slackware (xpdf), SUSE (cdi-apiserver-container, cdi-cloner-container, cdi- controller-container, cdi-importer-container, cdi-operator-container, cdi- uploadproxy-container, cdi-uploadserver-container, cont and suse-build-key), and Ubuntu (python-glance-store and webkit2gtk).

Post Syndicated from LWN.net original https://lwn.net/Articles/961764/

The 6.8-rc4 kernel prepatch is out for
testing. “Commit counts and contents look normal for this phase of the
release, nothing here really stands out.“

Post Syndicated from LWN.net original https://lwn.net/Articles/961653/

Fedora Magazine has announced the creation of Fedora Atomic Desktops: a way of branding Fedora’s growing set of rpm-ostree spins. Joseph Gayso wrote “we’ve seen more of our mainline Fedora Linux spins make the jump to offer a version that implements rpm-ostree. It’s reached the point where it can be hard to talk about all of them at the same time. Therefore we’ve introduced a new brand that will serve to simplify how we discuss rpm-ostree and how we name future atomic spins.” LWN covered Project Bluefin, which is based on Fedora’s rpm-ostree work, in December 2023.

Post Syndicated from LWN.net original https://lwn.net/Articles/961655/

Over on the Collabora blog, Helen Koike writes
about the DRM-CI project for running automated continuous integration (CI)
tests on multiple graphics devices in several different labs. It uses the
IGT GPU
tools for testing, though there are plans to expand:

The roadmap for DRM-CI includes enabling other devices, incorporating
additional tests like kselftests, adding support for vgem driver, and
implementing further automations. DRM-CI builds upon the groundwork laid by
Mesa3D CI,
including its GitLab YAML files and most of its setup, fostering
collaboration and mutual strengthening.

[…] Adapting the DRM-CI pipeline to other subsystems is feasible with a
few modifications. The primary consideration is setting up dedicated
GitLab-CI runners since Freedesktop’s infrastructure is meant only for
graphics.

In light of this, our team is developing a versatile and user-friendly
GitLab-CI pipeline. This new pipeline is envisioned to function as a
flexible interface for kernel maintainers and developers that can be
evolved to connect with different test environments that can also be hooked
with CI systems such as KernelCI. This approach aims to simplify the
integration process, making GitLab-CI more accessible and beneficial to a
broader range of developers.

Post Syndicated from LWN.net original https://lwn.net/Articles/961003/

Gnuplot 6.0 was released in
December 2023, bringing a host of significant improvements and new
capabilities to the open-source graphing tool. Here we survey the major
new features, including
filled contours in 3D, adaptive plotting resolution, watchpoints, clipping
of surfaces, sector plots for making things like pie charts, and new
syntax for conditionals in gnuplot’s scripting language. In addition, there
are
detailed examples of the features described.

Post Syndicated from LWN.net original https://lwn.net/Articles/961545/

David Rowley looks
deeply into the improvements coming to the query planner in
PostgreSQL 16.

For a long time now, PostgreSQL has been able to remove a LEFT JOIN
where no column from the left joined table was required in the
query and the join could not possibly duplicate any rows.

However, in versions prior to PostgreSQL 16, there was no support
for left join removals on partitioned tables. Why? Because the
proofs that the planner uses to determine if there’s any
possibility any inner-side row could duplicate any outer-side row
were not present for partitioned tables.

The PostgreSQL 16 query planner now allows the LEFT JOIN removal
optimization with partitioned tables.

Post Syndicated from LWN.net original https://lwn.net/Articles/961584/

Security updates have been issued by Debian (webkit2gtk), Fedora (atril, chromium, gnutls, python-aiohttp, and webkitgtk), Gentoo (libxml2), Mageia (gnutls, gpac, kernel, kernel-linus, microcode, pam, and postfix), Red Hat (container-tools:2.0, container-tools:3.0, container-tools:4.0, container-tools:rhel8, gimp, libmaxminddb, python-pillow, runc, and unbound), SUSE (cosign, netpbm, python, python-Pillow, python3, and python36), and Ubuntu (libde265, linux-gcp, linux-gcp-5.4, and linux-intel-iotg).