Version 4.19.0 of the shadow-utils project has been released. Notable changes in this release include disallowing some usernames that were previously accepted with the --badname option, and removing support for escaped newlines in configuration files. Possibly more interesting is the announcement that the project is deprecating a number of programs, hashing algorithms, and the ability to periodically expire passwords:
Scientific research shows that periodic password expiration leads to predictable password patterns, and that even in a theoretical scenario where that wouldn't happen the gains in security are mathematically negligible (paper link).
Modern security standards, such as NIST SP 800-63B-4 in the USA, prohibit periodic password expiration. [...]
To align with these, we're deprecating the ability to periodically expire passwords. The specifics and long-term roadmap are currently being discussed, and we invite feedback from users, particularly from those in regulated environments. See #1432.
The release announcement notes that the features will remain
functional "for a significant period
" to minimize
disruption.
Daniel Stenberg has written a blog post about the decision to ban the use strcpy() in curl:
The main challenge with strcpy is that when using it we do not specify the length of the target buffer nor of the source string. [...]
To make sure that the size checks cannot be separated from the copy itself we introduced a string copy replacement function the other day that takes the target buffer, target size, source buffer and source string length as arguments and only if the copy can be made and the null terminator also fits there, the operation is done.
Graphite is an effort to unify
illustration, raster editing, desktop publishing, and animation in one
browser-based application. The project has been in development since
2021 and announced its first alpha release in 2022. According to creator Keavon Chambers, the project's mission is to become
"the 2D counterpart to Blender
", by bringing a node-based,
non-destructive workflow to 2D graphics. The project, currently still in
alpha, is a long way from complete; but it is worth testing for anyone
involved with open-source-graphics production. Current
builds, from September 2025, include vector-illustration tools, a
node-based compositor, and early brush tooling, with broader pixel-based-
and photo-editing work still in progress.
Once again there is a brand-new release under the tree from the Ruby programming-language project: Ruby 4.0 has been released with many new features and improvements. Notable changes include the experimental Ruby Box feature for in-process isolation of classes and modules, a new just-in-time compiler called ZJIT, and improvements to Ruby's parallel-execution mechanism (Ractor). There are a number of language changes as well. See the documentation for Ruby 4.0 for more.
The systemd v259 release was announced on December 17, just three months after v258. It is a more modest release but still includes a number of important changes such as a new option for the run0 command (an alternative to sudo), ability to mount user home directories from the host in virtual machines, as well as under-the-hood changes with dlopen() for library linking, the ability to compile systemd with musl libc, and more.
Version 8.1 of elementary OS has been released. Notable changes in this release include making the Wayland session the default, changes to window management and multitasking, as well as a number of accessibility improvements. The 8.1 release is the first to be made available for Arm64 devices, which should allow users to run elementary on Apple M-series hardware or other Arm devices that can load UEFI-supporting firmware, such as some Raspberry Pi models. See the blog post for a full list of changes.
Version 6.20 of the Incus container and virtual-machine management system has been released. Notable changes in this release include a new standalone command to add IncusOS servers to a cluster, qcow2-formatted volumes for clustered LVM, and reverse DNS records in OVN. See the announcement for a full list of changes.
if everything goes along as planned". This is a bit more than two years after the initial bootstrap of the architecture.
So far, we have manually built and imported an initial set of 112 packages with the help of the packages in Debian Ports. This was enough to create an initial chroot and set up the first buildd which is now churning through the build queue. Over night, the currently single buildd instance already built and uploaded 300 new packages.
The FreeBSD Foundation has a blog post about the progress it has made in 2025 on the Laptop Support & Usability Project for FreeBSD. The foundation committed $750,000 to the project in 2025 and has made progress on graphics drivers, Wi-Fi 4 and 5 support, audio improvements, sleep states, and more.
The installer for FreeBSD has gained a couple of new features that benefit laptop users. In 15.0 the installer now supports downloading and installing firmware packages after the FreeBSD base system installation is complete. Coming in 15.1 it will be possible to install the KDE graphical desktop environment during the installation process. Grateful thanks to Bjoern Zeeb and Alfonso Siciliano respectively. [...]
The project continues into 2026 with a similar sized investment and scope. Key targets include completing work on sleep states (modern standby and hibernate), adding support for graphics drivers up to Linux 6.18, Wi-Fi 6 support, USB4 and Thunderbolt support, HDMI improvements, UVC webcam support, and Bluetooth improvements.
A substantial testing program will also start in January, aiming to test all the functionality together across a range of hardware. Community testers are very welcome to help out, the Foundation will release a blog post and send an invite to help to the Desktop mailing list some time in January 2026.
Connexion