Vue normale
[$] Support for the TSO memory model on Arm CPUs
Security updates for Friday
[$] Python JIT stabilization
On April 11, Brandt Bucher posted PEP 744 ("JIT Compilation"), which summarizes the current state of Python's new copy-and-patch just-in-time (JIT) compiler. The JIT is currently experimental, but the PEP proposes some criteria for the circumstances under which it should become a non-experimental part of Python. The discussion of the PEP hasn't reached a conclusion, but several members of the community have already raised questions about how the JIT would fit into future iterations of the Python language.
Ubuntu 24.04 LTS (Noble Numbat) released
This release continues Ubuntu's proud tradition of integrating the latest and greatest open source technologies into a high-quality, easy-to-use Linux distribution. The team has been hard at work through this cycle, together with the community and our partners, to introduce new features and fix bugs.
The list of changes and enhancements is long; click below for some details. More information can be found in the release notes; see also this page for a summary of security-related changes.
[$] The state of realtime and embedded Linux
Security updates for Thursday
[$] LWN.net Weekly Edition for April 25, 2024
GitHub comments used to distribute malware (BleepingComputer)
BleepingComputer reported on April 20 that some malware was being distributed via GitHub. Uploading files as part of a comment gives them a URL that appears to be associated with a repository, even if the comment is never posted.
A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with Microsoft repositories, making the files appear trustworthy.
While most of the malware activity has been based around the Microsoft GitHub URLs, this "flaw" could be abused with any public repository on GitHub, allowing threat actors to create very convincing lures.
QEMU 9.0 released
This release contains 2700+ commits from 220 authors." The list of improvements is long; see the announcement and the changelog for details.
[$] Existential types in Rust
For several years, contributors to the Rust project have been working to improve support for asynchronous code. The benefits of these efforts are not confined to asynchronous code, however. Members of the Rust community have been working toward adding explicit existential types to Rust since 2017. Existential types are not a common feature of programming languages (something the RFC acknowledges), so the motivation for their inclusion might be somewhat obscure.
Security updates for Wednesday
[$] A change in direction for security-module stacking?
[$] Rust for embedded Linux kernels
Security updates for Tuesday
The Open Home Foundation launches
We created the Open Home Foundation to fight for the fundamental principles of privacy, choice, and sustainability for smart homes. And every person who lives in one.Ahead of today, we've transferred over 240 projects, standards, drivers, and libraries—Home Assistant, ESPHome, Zigpy, Piper, Improv Wi-Fi, Wyoming, and so many more—to the Open Home Foundation. This is all about looking into the future. We've done this to create a bulwark against surveillance capitalism, the risk of buyout, and open-source projects becoming abandonware. To an extent, this protection extends even against our future selves—so that smart home users can continue to benefit for years, if not decades. No matter what comes.
Andreas Tille elected as Debian project leader
[$] Linus and Dirk chat about AI, XZ, hardware, and more
One of the mainstays of the the Linux Foundation's Open Source Summit is the "fireside chat" (sans fire) between Linus Torvalds and Dirk Hohndel to discuss open source and Linux kernel topics of the day. On April 17, at Open Source Summit North America (OSSNA) in Seattle, Washington, they held with tradition and discussed a range of topics including proper whitespace parsing, security, and the current AI craze.
Hutterer: udev-hid-bpf: quickstart tooling to fix your HID devices with eBPF
eBPF was originally written for network packet filters but as of kernel v6.3 and thanks to Benjamin, we have BPF in the HID subsystem. HID actually lends itself really well to BPF because, well, we have a byte array and to fix our devices we need to do complicated things like "toggle that bit to zero" or "swap those two values".
See this article for more information on the BPF-HID mechanism.