LWN.net

The SUSE Security Team Blog has a detailed review of the Performance Co-Pilot (PCP) 6.2.1 release : The rather complex PCP software suite was difficult to judge just from a cursory look, so we decided to take a closer look especially at PCP's networking logic at a later time. This report contains two CVEs and some non-CVE related findings we also gathered during the follow-up review. CVE-2024-45769 , a flaw that could allow an attacker to send crafted data to crash pcmd , and CVE-2024-45770 , w…

As of this writing, 6,778 non-merge changesets have been pulled into the mainline kernel for the 6.12 release — over half of the work that had been staged in linux-next prior to the opening of the merge window. There has been a lot of refactoring and cleanup work this time around, but also some significant changes. Read on for a summary of the first half of the 6.12 merge window.

The OpenSSH project has released version 9.9. This version includes support for the new post-quantum cryptography standard from NIST . The release also includes the next step in the deprecation of DSA keys — they are now disabled by default at compile time, and are expected to be removed entirely in early 2025. The release also contains the normal mixture of bug fixes and small usability improvements.

The kernel normally sits firmly between user space and the system's peripheral devices, and provides a standard interface to those devices. At times, though, a more direct interface to a device is desired — but such interfaces can be controversial. At the 2024 Maintainers Summit, the assembled developers considered a specific case — the proposed fwctl subsystem — as well as the role of such drivers in general.

Security updates have been issued by Debian (chromium), Fedora (bluez, chromium, frr, iwd, libell, python3.11, python3.8, python3.9, and ruby), Mageia (kernel, kmod-xtables-addons, and kmod-virtualbox and kernel-linus), Red Hat (kernel), SUSE (kernel, kubernetes1.23, kubernetes1.24, kubernetes1.25, libmfx, and python-azure-identity), and Ubuntu (emacs, emacs24, emacs25, libreoffice, postgresql-9.5, python2.7, python3.5, and tgt).

Dirk Behme led a session discussing the use of Rust's question-mark operator in the kernel at Kangrejos 2024. He was particularly concerned with the concept of "silent" errors that don't print any messages to the console. Other attendees were less convinced that this was a problem, but his presentation sparked a lot of discussion about whether the Rust-for-Linux project could improve error handling in kernel Rust code.

The RPM Package Manager (RPM) project is nearing the release of RPM 4.20, the last major planned update for the RPM 4.x series. It has few user-facing changes, but several additions and enhancements for developers—as well as some small incompatibilities that will likely require RPM packagers to revise their spec files . 4.20 will be rolling out to many users soon, in Fedora 41, which is scheduled for October. RPM 6.0 is already in the works, with a new package format and opening the door to ena…

Security updates have been issued by Debian (expat and tinyproxy), Fedora (frr, microcode_ctl, python3.10, python3.12, python3.6, and ruby), Oracle (expat, fence-agents, firefox, ghostscript, java-1.8.0-openjdk, kernel, and thunderbird), Red Hat (firefox, openssl, ruby:3.3, and thunderbird), SUSE (clamav, ffmpeg-4, kernel, libmfx, python3, python312, runc, ucode-intel, and wireshark), and Ubuntu (apache2, git, linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-gcp, linux-gcp…

Tracking of regressions seems like an important task for any project; there is no other way to ensure that known problems are fixed. At the 2024 Maintainers Summit, though, Thorsten Leemhuis, who has been doing that work for the kernel, expressed some doubts about whether it is worth continuing. The result was an energetic session on how regression tracking should be done better, and how this work should be supported.

Version 47 of the GNOME desktop has been released. Changes include configurable accent colors, better small-screen support, some performance improvements, new file open and save dialogs, and more.

The 6.10.11 , 6.6.52 , and 6.1.111 stable kernel updates have all been released. As usual, they contain important fixes throughout the tree. Users of those kernels should upgrade.

Version 6.0 of the Swift programming language has been released. Notable changes include new low-level programming features, expanded Linux support, and a preview release of the Embedded Swift language subset for embedded software development with a toolchain for Arm and RISC-V targets. See the CHANGELOG for full details of changes in 6.0.

Version R1/beta5 for the Haiku project, an open-source " spiritual successor to BeOS ", has been released . Notable changes in this release include a TUN/TAP network driver, basic support for USB audio devices, TCP throughput improvements, a rewritten driver for the FAT filesystem, read-only support for Unix File System 2 (UFS2), as well as hundreds of bug fixes and performance improvements since the last release in December 2022. Thanks to Paul Wise for the tip.