The Amarok music player project has announced the release of version 3.0, which is codenamed "Castaway". It is the first stable version using Qt 5 and KDE Frameworks 5, and the first stable release since the final Qt-4-based 2.9.0 in 2018.

The road to 3.0 has not been a short one. Much of the Qt5/KF5 porting was done in 2015 already, but finishing and polishing everything up has been a slow, sometimes ongoing and sometimes stalled process ever since. 3.0 Alpha was released in February 2021 and has been since used by many people, as have been nightly builds of git master available for various distributions. Now in the past few months, an effort was made to get everything ready for a proper 3.0 release.

Common usecases should work quite well, and in addition to fixing KF5 port related regressions reported in pre-releases, 3.0 features many bugfixes and implemented features for longstanding issues, the oldest such documented being from 2009. However, with more than 20 years of development history, it is likely that not every feature Amarok has been tested thoroughly in the new release, and specifically some Internet services that have changed their API in recent years are not available, at least for now. It might well be that getting them in better state wouldn't require huge effort, however, so if you know your way with Qt and KDE Frameworks and your favourite Internet music service does not work with Amarok 3.0, you are extremely welcome to join in and help!

Security updates have been issued by AlmaLinux (buildah, go-toolset:rhel8, golang, java-11-openjdk, java-21-openjdk, libreswan, thunderbird, and tigervnc), Debian (chromium, emacs, frr, mediawiki, ruby-rack, trafficserver, and zabbix), Fedora (chromium, grub2, python-idna, and python-reportlab), Mageia (chromium-browser-stable, firefox, opencryptoki, and thunderbird), Red Hat (container-tools:4.0, container-tools:rhel8, git-lfs, and shim), SUSE (frr, java-11-openjdk, java-1_8_0-openjdk, kernel, pdns-recursor, and shim), and Ubuntu (apache2, cpio, curl, glibc, gnutls28, less, libvirt, and pillow).

Security updates have been issued by Fedora (curl, filezilla, flatpak, kubernetes, libfilezilla, thunderbird, and xen), Oracle (go-toolset:ol8, kernel, libreswan, shim, and tigervnc), Red Hat (buildah, gnutls, libreswan, tigervnc, and unbound), SUSE (cockpit-wicked, nrpe, and python-idna), and Ubuntu (dnsmasq, freerdp2, linux-azure-6.5, and thunderbird).

The long-running effort to complete the work on stacking (or composing) the Linux security modules (LSMs) recently encountered a barrier—in the form of a "suggestion" to discontinue it from Linus Torvalds. His complaint revolved around the indirect function calls that are used to implement LSMs, but he also did not think much of the effort to switch away from those calls. While it does not appear that a major course-change is in store for LSMs, it is clear that Torvalds is not happy with the direction of that subsystem.

The Debian project leader election results are in and Andreas Tille has been elected. In a fairly competitive vote, Tille beat Sruthi Chandran to fill the position for the coming year. We looked at the election and the candidates a few weeks back.

Security updates have been issued by AlmaLinux (firefox and java-1.8.0-openjdk), Debian (chromium, flatpak, guix, openjdk-11, openjdk-17, thunderbird, and tomcat9), Fedora (chromium, firefox, glibc, nghttp2, nodejs18, python-aiohttp, python-django3, python-pip, and uxplay), Mageia (putty & filezilla), Red Hat (Firefox, firefox, java-1.8.0-openjdk, java-21-openjdk, nodejs:18, shim, and thunderbird), Slackware (freerdp), SUSE (apache-commons-configuration2, nodejs14, perl-CryptX, putty, shim, and wireshark), and Ubuntu (linux, linux-aws, linux-aws-5.15, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux-raspi, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp, linux, linux-aws, linux-aws-6.5, linux-azure, linux-gcp, linux-gcp-6.5, linux-hwe-6.5, linux-laptop, linux-lowlatency, linux-nvidia-6.5, linux-oem-6.5, linux-oracle, linux-oracle-6.5, linux-raspi, linux-starfive, linux-starfive-6.5, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux, linux-aws, linux-kvm, linux-lts-xenial, lxd, percona-xtrabackup, and pillow).

Security updates have been issued by Debian (firefox-esr, jetty9, libdatetime-timezone-perl, tomcat10, and tzdata), Fedora (cockpit, filezilla, and libfilezilla), Red Hat (firefox, gnutls, java-1.8.0-openjdk, java-17-openjdk, kernel, kernel-rt, less, mod_http2, nodejs:18, rhc-worker-script, and shim), Slackware (mozilla), SUSE (kernel), and Ubuntu (apache2, glibc, and linux-xilinx-zynqmp).

Managing to-do lists is something of a universal necessity. While some people handle them mentally or on paper, others resort to a web-based tool or a mobile application. For those preferring the command line, the MIT-licensed Taskwarrior offers a flexible solution with a healthy community and lots of extensions.

Security updates have been issued by AlmaLinux (bind, bind and dhcp, bind9.16, gnutls, httpd:2.4/mod_http2, squid:4, and unbound), Debian (kernel, trafficserver, and xorg-server), Fedora (chromium, kernel, libopenmpt, and rust-h2), Mageia (apache-mod_jk, golang, indent, openssl, perl-HTTP-Body, php, rear, ruby-rack, squid, varnish, and xfig), Oracle (bind, squid, unbound, and X.Org server), Red Hat (bind and dhcp and unbound), Slackware (less and php), SUSE (gnutls, python-Pillow, webkit2gtk3, xen, xorg-x11-server, and xwayland), and Ubuntu (yard).

A recent book by LWN guest author Lee Phillips provides a nice introduction to the Julia programming language. Practical Julia does more than that, however. As its subtitle ("A Hands-On Introduction for Scientific Minds") implies, the book focuses on bringing Julia to scientists, rather than programmers, which gives it something of a different feel from most other books of this sort.

The 6.8.4 and 6.6.25 stable kernels have been released. They both contain 11 reversions of workqueue patches.

Security updates have been issued by CentOS (firefox and thunderbird), Debian (chromium and gtkwave), Fedora (micropython), Slackware (xorg), SUSE (util-linux and xen), and Ubuntu (firefox).

Security updates have been issued by Arch Linux (xz), Debian (libvirt, mediawiki, util-linux, and xz-utils), Fedora (apache-commons-configuration, cockpit, ghc-base64, ghc-hakyll, ghc-isocline, ghc-toml-parser, gitit, gnutls, pandoc, pandoc-cli, patat, podman-tui, prometheus-podman-exporter, seamonkey, suricata, and xen), Gentoo (XZ utils), Mageia (aide & mhash, emacs, microcode, opensc, and squid), Red Hat (ruby:3.1), and SUSE (kanidm and qpid-proton).

Security updates have been issued by Fedora (perl-Data-UUID, python-pygments, and thunderbird), Mageia (clojure, grub2, kernel,kmod-xtables-addons,kmod-virtualbox, kernel-linus, nss firefox, nss, python3, python, tcpreplay, and thunderbird), Oracle (nodejs:18), Red Hat (.NET 6.0 and dnsmasq), SUSE (avahi and python39), and Ubuntu (curl, linux-intel-iotg, linux-intel-iotg-5.15, unixodbc, and util-linux).

Sasha Levin has announced the release of the 6.8.2, 6.7.11, 6.6.23, 6.1.83, 5.15.153, 5.10.214, 5.4.273, and 4.19.311 stable kernels. Each contains a long list of important fixes throughout the kernel tree.

Security updates have been issued by CentOS (kernel), Debian (firefox-esr), Fedora (webkitgtk), Mageia (curaengine & blender and gnutls), Red Hat (firefox, grafana, grafana-pcp, libreoffice, nodejs:18, and thunderbird), SUSE (glade), and Ubuntu (crmsh, debian-goodies, linux-aws, linux-aws-6.5, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-oracle, linux-azure, linux-azure-5.4, linux-oracle, linux-oracle-5.15, pam, and thunderbird).

Security updates have been issued by Debian (cacti, firefox-esr, freeipa, gross, libnet-cidr-lite-perl, python2.7, python3.7, samba, and thunderbird), Fedora (amavis, chromium, clojure, firefox, gnutls, kubernetes, and tcpreplay), Mageia (freeimage, libreswan, nodejs-hawk, and python, python3), Oracle (golang, nodejs, nodejs:16, and postgresql-jdbc), Slackware (emacs and mozilla), SUSE (dav1d, ghostscript, go1.22, indent, kernel, openvswitch, PackageKit, python-uamqp, rubygem-rack-1_4, shadow, ucode-intel, xen, and zziplib), and Ubuntu (firefox, graphviz, libnet-cidr-lite-perl, and qpdf).

The 6.9-rc1 kernel prepatch is out for testing. Linus Torvalds described some rather large updates to the core kernel code that are coming for 6.9:

The timer subsystem had a fairly big rewrite, to have per-cpu timer wheels to improve performance of timers, which can be a big deal particularly for networking. The other fairly notable core update is to the workqueue subsystem, where one notable addition is for BH workqueue support. That's notable mainly because it means we finally have a way away from tasklets. The tasklet interface has basically been deprecated for a long while, but we've never really had any good alternatives (with threaded interrupt handlers being one suggested use-case, but not realistic in many cases).

Security updates have been issued by Debian (pdns-recursor and php-dompdf-svg-lib), Fedora (grub2, libreswan, rubygem-yard, and thunderbird), Mageia (libtiff and python-scipy), Red Hat (golang, nodejs, and nodejs:16), Slackware (python3), and Ubuntu (linux, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux, linux-azure, linux-gcp, linux-gcp-6.5, linux-hwe-6.5, linux-lowlatency, linux-lowlatency-hwe-6.5, linux-oem-6.5, linux-oracle, linux-oracle-6.5, linux-raspi, linux-starfive, linux-starfive-6.5, linux-aws, linux-aws-5.15, linux-aws, linux-aws-5.4, linux-gcp-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp, linux-gcp, linux-gcp-4.15, linux-kvm, linux-laptop, linux-oem-6.1, and linux-raspi).