[$] LWN.net Weekly Edition for March 27, 2025
Inside this week’s LWN.net Weekly Edition:
Front: Open source in government; OSI election; Memory-management medley; Address-space isolation; CMA; 6.14 Development stats; State of the page.
Briefs: Asahi Linux progress; Reproducible Debian; rpi-image-gen; Neovim 0.11; OpenH264; Quotes; …
Announcements: Newsletters, conferences, security updates, patches, and more. ⌘ Read more
Neovim 0.11 released
Version\
0.11 of the Neovim text editor has been released. Notable changes
in this release include simpler Language Server Protocol (LSP) client
setup, improved tree-sitter performance, better emoji support, and
enhancements for Neovim’s embedded terminal emulator. See the release notes for
a full list of changes. ⌘ Read more
Debian bookworm live images now fully reproducible
In a short\
note to the Reproducible Builds
mailing list, Debian developer Roland Clobus announced that live
images for Debian 12.10 (“bookworm”) are now 100% reproducible. See the reproducible\
live images and Debian Live todo
pages on the Debian wiki for more inf … ⌘ Read more
[$] The state of the page in 2025
The folio transition is one of the most
fundamental kernel changes ever made; it can be thought of as being similar
to replacing the foundation of a building while it remains open for
business. So it is not surprising that, for some years, the annual Linux
Storage, Filesystem, Memory-Management, and BPF Summit has included a
session on the state of this transition. The 2025 Summit was no exception,
with Matthew Wilcox updating the group on what has been accomplishe … ⌘ Read more
Security updates for Wednesday
Security updates have been issued by Debian (nginx and ruby-rack), Fedora (expat and libxslt), Mageia (bluez, dcmtk, ffmpeg, and radare2), Red Hat (container-tools:rhel8, gvisor-tap-vsock, kernel, kernel-rt, libreoffice, and podman), SUSE (buildah, forgejo, gitleaks, google-guest-agent, google-osconfig-agent, govulncheck-vulndb, grafana, helm, libxslt, php8, python-gunicorn, and python-Jinja2), and Ubuntu (freerdp2 and varnish). ⌘ Read more
Bhattcharya: Closing the chapter on OpenH264
Boudhayan Bhattcharya has posted a lengthy article
about the announcement
that the Freedesktop project is dropping OpenH264 from the Freedesktop SDK for Flatpak
applications and runtimes.
Some Flatpak applications that depend on the Freedesktop runtime
version 23.08 will lose H.264 playb … ⌘ Read more
[$] Development statistics for 6.14
By the time that Linus Torvalds released
the 6.14 kernel, 11,003 non-merge changesets had been pulled into the
mainline, making this one of the smallest releases we have seen in some
time. Indeed, one must go back to the 4.0\
release, which happened almost exactly ten years ago, to find a release
with fewer changesets than 6.14. Even so, “small” is relative, and 6.14
contains a lot of significant changes. ⌘ Read more
Security updates for Tuesday
Security updates have been issued by Debian (ruby-rack), Fedora (chromium, golang-github-openprinting-ipp-usb, OpenIPMI, and python-jinja2), Mageia (kernel, kernel-linus, and wpa_supplicant, hostapd), Red Hat (fence-agents, kernel, kernel-rt, libxml2, libxslt, and pcs), SUSE (cadvisor, docker, freetype2, nodejs-electron, php8, rsync, u-boot, warewulf4, webkit2gtk3, and zvbi), and Ubuntu (elfutils, python3.5, python3.8, ruby-rack, smartdns, and zvbi). ⌘ Read more
The 6.14 kernel is out
Linus has released the 6.14 kernel, a bit
later than expected:
So it’s early Monday morning (well - early for me, I’m not really a
morning person), and I’d love to have some good excuse for why I
didn’t do the 6.14 release yesterday on my regular Sunday afternoon
release schedule.I’d like to say that some important last-minute thing came up and
delayed things.But no. It’s just pure incompetence.
See the LWN merge-window summaries ( [part 1](https://lwn. … ⌘ Read more
[$] Lessons from open source in the Mexican government
The adoption of open-source software in governments has had its ups and
downs. While open source seems like a “no-brainer”, it turns out that
governments can be surprisingly resistant to using FOSS for a variety of
reasons. Federico González Waite spoke in the Open Government track at SCALE 22x in Pasadena,
California to recount his [experiences\
working with and for the Mexican government](https://www.socallinuxexpo.org/scale/22x/speak … ⌘ Read more
Security updates for Monday
Security updates have been issued by Debian (libxslt, mercurial, and webkit2gtk), Fedora (chromium, dotnet8.0, ffmpeg, jupyterlab, and kitty), Mageia (expat and libxslt), Red Hat (pcs), SUSE (apptainer, chromium, kernel, libarchive, mercurial, python311, radare2, xorg-x11-server, and zvbi), and Ubuntu (golang-github-cli-go-gh-v2 and nltk). ⌘ Read more
Three Saturday stable kernels
Greg Kroah-Hartman has announced the release of the 6.13.8, 6.12.20, and 6.6.84 stable kernels. Each contains a
number of important fixes throughout the kernel tree; users of those
series should upgrade. ⌘ Read more
[$] OSI election ends with unsatisfying results
The Open Source Initiative
(OSI) has announced
the results of its recent board of directors election. Ruth Suehle and
McCoy Smith are new to the board, while Carlo Piana will serve another
term. The results, however, seem tainted in the eyes of some
participants and observers. The election has been plagued by missteps
from the beginning and has culminated with the exclusion of three
candi … ⌘ Read more
[$] The guaranteed contiguous memory allocator
As a system runs and its memory becomes fragmented, allocating large,
physically contiguous regions of memory becomes increasingly difficult.
Much effort over the years has gone into avoiding the need to make such
allocations whenever possible, but there are times when they simply cannot
be avoided. The kernel’s contiguous memory\
allocator (CMA) subsystem attempts to make such allocations possible,
but it has never been a perfect solution. Suren Baghd … ⌘ Read more
Julien Malka proposes method for detecting XZ-like backdoors
Julien Malka has
called for the NixOS project to use build-reproducibility to detect when a program has a maintainer-generated tarball that results in a different artifact than building from source. There are good reasons for projects to release maintainer-generated tarballs, but since the materials included in them are usually documentation, extra build scripts, and so on, it makes sense to check that they don’t … ⌘ Read more
[$] Multiple memory classes for address-space isolation
Brendan Jackman has been working to try to get ahead of the next hardware CPU
vulnerability
before it gets discovered. In January, he posted the second version of
a patch set that introduces
address-space isolation (ASI) as a way of
preventing future CPU vulnerabilities from leaking important
information. The core concept is to ensure that data that is not currently
ne … ⌘ Read more
Introducing rpi-image-gen for customized Raspberry Pi images
Raspberry Pi has
announced rpi-image-gen,
a tool to create custom software images for its devices.
rpi-image-gen is a Bash orientated scripting engine capable of
producing software images with different on-disk partition layouts,
file systems and profiles using collections of metadata and a defined
flow of execution. It provides the means to create a hig … ⌘ Read more
An Asahi Linux 6.14 progress report
The Asahi Linux project, working to support Linux on Apple hardware, has
published a\
progress report to coincide with the 6.14 kernel release.
Now that Rust for Linux abstractions are starting to be merged at a
healthy pace, we are faced with an emerging challenge. It is rare
for any kernel patch to survive the mailing list without at least a
couple of non-trivial changes, and Rust abstractions are no
exception. Every time an a … ⌘ Read more
Security updates for Friday
Security updates have been issued by Debian (chromium), Fedora (fluent-bit, openssh, php, and webkitgtk), Mageia (freerdp), Oracle (libreoffice and webkit2gtk3), Red Hat (kernel-rt), Slackware (libarchive), SUSE (apptainer, gitea-tea, libxml2, tomcat, webkit2gtk3, and wpa_supplicant), and Ubuntu (libxslt and pam-pkcs11). ⌘ Read more
[$] MM medley: huge page allocation, page promotion, KSM, and BPF
As the 2025 Linux\
Storage, Filesystem, Memory-Management, and BPF Summit (LSFMM+BPF)
approaches, the density of memory-management patches on the mailing lists
has increased. Included among those are patches aimed at improving the
reliability and performance of huge-page allocation, implementing page
promotion on tiered-memory systems, adding a different approach to
deduplicating memory, and replacing the BPF memory alloc … ⌘ Read more
Security updates for Thursday
Security updates have been issued by Debian (php7.4, python-django, and python3.9), Fedora (bluez, iwd, libell, and radare2), Mageia (chromium-browser-stable, mosquitto, tomcat, tomcat packages, and vim), Oracle (firefox, grub2, python3, thunderbird, and webkit2gtk3), Red Hat (fence-agents, php:7.4, and python-jinja2), SUSE (assimp-devel, crane, ffmpeg-4, freetype2, helm, kernel, kured, python-Django, python-Jinja2, python311-Django4, and tomcat), and Ubuntu (alpine, djoser, l … ⌘ Read more
[$] LWN.net Weekly Edition for March 20, 2025
Inside this week’s LWN.net Weekly Edition:
Front: Oxidizr; Spectre mitigations; Frozen pages; Mapcount madness; Open-source risks; /e/OS.
Briefs: Supply chain attacks; SystemRescue 12.00; Casual Make; GIMP 3.0; Git 2.49.0; GNOME 48; PeerTube 7.1; Quotes; …
Announcements: Newsletters, conferences, security updates, patches, and more. ⌘ Read more
GNOME 48 released
GNOME 48 (“Bengaluru”)
has been released. As usual, this release includes a number of new
features and enhancements including support for shortcuts in the Orca
screen reader on Wayland, new fonts, addition of image editing to
Image Viewer, and more.
GNOME 48 includes a number of notable performance improvements. The
most significant of these is the introduction of dynamic triple
buffering. This change has undergone si … ⌘ Read more