[$] LWN.net Weekly Edition for June 20, 2024
The LWN.net Weekly Edition for June 20, 2024 is available.
Plasma 6 hits its stride with version 6.1. While Plasma 6.0 was all about getting the migration to the underlying Qt 6 frameworks correct (and what a massive job that was), 6.1 is where developers start implementing the features that will take you desktop to a new level.
Enhancements include better remote-desktop support, improved customization, persistent apps, smoother animation under Wayland, and more; see the changelog for the full list.
This release is geared mainly towards Linux enthusiasts. We are working hard on stability improvements and automated testing, but if you expect Android or iOS levels of polish, then this is not for you yet." Changes include an upgrade to Alpine Linux 3.20, newer GNOME and KDE versions, and more.
Apart from a rather unusual spike in the diffstat due to a parisc fix, things look normal and pretty small."
For multiple reasons like being able to fix bugs and single-maintainer modules, CPython doesn't require reviewers on the pull requests of core developers. This can lead to "unilateral action", meaning that a change is introduced into CPython without the review of someone besides the author. Other situations like release managers backporting fixes to other branches without review are common.
As it becomes more difficult to find 0-days in core Android, third-party Linux kernel drivers continue to become a more and more attractive target for attackers. While the bulk of present-day detected ITW [in-the-wild] Android exploitation targets GPU drivers, it's equally important that other third-party drivers are encouraged towards the same security standards.
Leap 15.6 is projected to receive maintenance and security updates until the end of 2025 to ensure sufficient overlap with the next release". Changes include the addition of the Cockpit server-management tool, a 6.4 kernel, GNOME 45, and many other upgrades. This release also removes a long list of unmaintained Python packages. See the release notes for details.
I honestly see no reason to delay this any more. This whole patchset was the major (private) discussion at last year's kernel maintainer summit, and I don't find any value in having the same discussion (whether off-list or as an actual event) at the upcoming maintainer summit one year later, so to make any kind of sane progress, my current plan is to merge this for 6.11.
Update: this Mozilla Security Blog post describes the HTTPS-related changes in detail.