Version 17 of the PostgreSQL database has been released.

This release of PostgreSQL adds significant overall performance gains, including an overhauled memory management implementation for vacuum, optimizations to storage access and improvements for high concurrency workloads, speedups in bulk loading and exports, and query execution improvements for indexes. PostgreSQL 17 has features that benefit brand new workloads and critical systems alike, such as additions to the developer experience with the SQL/JSON JSON_TABLE command, and enhancements to logical replication that simplify management of high availability workloads and major version upgrades.

LWN recently covered some of the interesting new features and security enhancements in PostgreSQL 17.

Countering the threat of global mass surveillance and censorship to a free Internet, Tor and Tails provide essential tools to help people around the world stay safe online. By joining forces, these two privacy advocates will pool their resources to focus on what matters most: ensuring that activists, journalists, other at-risk and everyday users will have access to improved digital security tools.

In late 2023, Tails approached the Tor Project with the idea of merging operations. Tails had outgrown its existing structure. Rather than expanding Tails's operational capacity on their own and putting more stress on Tails workers, merging with the Tor Project, with its larger and established operational framework, offered a solution. By joining forces, the Tails team can now focus on their core mission of maintaining and improving Tails OS, exploring more and complementary use cases while benefiting from the larger organizational structure of The Tor Project.

This leads to two important takeaways:

• The problem is overwhelmingly with new code, necessitating a fundamental change in how we develop code.
• Code matures and gets safer with time, exponentially, making the returns on investments like rewrites diminish over time as code gets older.

For example, based on the average vulnerability lifetimes, 5-year-old code has a 3.4x (using lifetimes from the study) to 7.4x (using lifetimes observed in Android and Chromium) lower vulnerability density than new code.

The Vanilla OS project has published a blog post to answer questions that users have raised since the release of Vanilla OS 2. The post has information about the update strategy for the distribution, an enterprise version with support, and plans for an experimental version called Vanilla OS Vision.

We are not planning for a potential Vanilla OS 3 because it is not yet necessary. As previously explained, our focus right now is on bug fixing and making the system as solid as possible, especially in light of collaborations with OEMs. We're all excited about laying the foundation for a third version of Vanilla OS, but we have responsibilities to attend to first.

This does not mean that there will never be one, nor does it mean that Orchid will become stagnant. On the contrary, as previously mentioned, our updates not only bring fixes but also updates to system components, improvements to existing features, and updates to components like GNOME (we are planning the release of GNOME 47 soon, for example).

In March, Danilo Krummrich announced the new Nova GPU driver — a successor to Nouveau for controlling NVIDIA GPUs. At Kangrejos 2024, Krummrich gave a presentation about what it is, why it's needed, and where it's going next. Hearing about the needs of the driver provoked extended discussion on related topics, including what level of safety is reasonable to expect from drivers, given that they must interact with the hardware.

Almost a decade ago KDE e.V., the non-profit organization that supports KDE, started a process for selecting goals to help the community unite behind a common vision for where the project should go in the near future. KDE recently wrapped up its 2022-2024 cycle and announced the goals for 2024-2026 at Akademy on September 7, in Würzburg, Germany. This time around, KDE will be looking to streamline its application-development experience, improve support for input devices, and bring in new contributors.

Version 10.0.0 of the HarfBuzz text-shaping engine has been released. Notable changes in this release include Unicode 16.0.0 support, adding Cairo script as an output format for hb-view, and a number of bug fixes.

Version 1.0.0 of Hy, a Lisp dialect that is embedded in Python, has been released after nearly 12 years in development. This is the first stable release of the project:

Henceforth, breaking changes to documented parts of the language (other than dropping support for versions of Python that are themselves no longer supported by the CPython developers) will increase the major version number, and my intention is for that not to happen often, if at all.

The 1.0.0 release supports Python 3.8 through 3.13. See the documentation and the "Why Hy?" page for why one might want to use it. For the historically minded, LWN covered a PyCon talk on Hy in 2014.

Dirk Behme led a second session, back-to-back with his session on error handling at Kangrejos 2024, discussing providing better guidance for users of the kernel's Rust abstractions. Just after that, Carlos Bilbao and Miguel Ojeda had their own time slot dedicated to collecting resources that could be of use to someone trying to come up to speed on kernel development in Rust. The attendees provided a lot of guidance in both sessions, and discussed what they could do to make things easier for people coming from non-Rust backgrounds.

The SUSE Security Team Blog has a detailed review of the Performance Co-Pilot (PCP) 6.2.1 release:

The rather complex PCP software suite was difficult to judge just from a cursory look, so we decided to take a closer look especially at PCP's networking logic at a later time. This report contains two CVEs and some non-CVE related findings we also gathered during the follow-up review.

CVE-2024-45769, a flaw that could allow an attacker to send crafted data to crash pcmd, and CVE-2024-45770, which could allow a full local root exploit from the pcp user to root, have been addressed in the 6.3.1 release of PCP.