Wednesday, September 22nd, 2021

Time	Event
3:15p	Security updates for Wednesday Security updates have been issued by Debian (grilo), Fedora (curl, firefox, mingw-python-pillow, python-pillow, python2-pillow, and webkit2gtk3), openSUSE (chromium, grafana-piechart-panel, kernel, libcroco, php-composer, and xen), Oracle (curl, kernel, and nss and nspr), Red Hat (nodejs:12), Slackware (alpine), SUSE (ghostscript, grafana-piechart-panel, kernel, and xen), and Ubuntu (linux, linux-hwe, linux-hwe-5.11, linux-hwe-5.4, linux-raspi, linux-raspi-5.4, and linux-raspi2). (Comment on this)
3:30p	A set of stable kernels Stable kernels 5.14.7, 5.10.68, 5.4.148, 4.19.207, 4.14.247, 4.9.283, and 4.4.284 have been released. They all contain important fixes and users should upgrade. (Comment on this)
4:27p	An update on Memory Safety in Chrome The Google security blog provides an overview of what is being done to address memory-safety problems in the Chrome browser. In parallel, we’ll be exploring whether we can use a memory safe language for parts of Chrome in the future. The leading contender is Rust, invented by our friends at Mozilla. This is (largely) compile-time safe; that is, the Rust compiler spots mistakes with pointers before the code even gets to your device, and thus there’s no performance penalty. Yet there are open questions about whether we can make C++ and Rust work well enough together. Even if we started writing new large components in Rust tomorrow, we’d be unlikely to eliminate a significant proportion of security vulnerabilities for many years. (Comment on this)
4:31p	Postgres 14: It's The Little Things (Kerstiens) Craig Kerstiens highlights some of the "little things" featured in the upcoming PostgreSQL 14 release. And now in PostgreSQL 14 there is this seemingly small update, pipeline mode, which, according to the docs, allows applications to send a query without having to read the result of the previously sent query. Taking advantage of the pipeline mode, a client will wait less for the server, since multiple queries/results can be sent/received in a single network transaction. (Comment on this)
6:11p	GNOME 41 released The GNOME project has announced the release of GNOME 41. The most notable changes this in release include an improved Software app, new multitasking settings, and enhanced power management features. With these changes, GNOME is smarter, more flexible, and offers a richer and more engaging experience than ever before. The new release also comes with significant improvements for developers, including a new developer documentation website, a major new version of the Human Interface Guidelines, new features in the Builder IDE, GTK 4 enhancements, and much more. (Comment on this)
6:52p	[$] A discussion on folios A few weeks ago, Matthew Wilcox might have guessed that his session at the 2021 Linux Plumbers Conference would be focused rather differently. But, as we reported earlier in September, his folio patch set ran into some, perhaps unexpected, opposition and, ultimately, did not land in the mainline for 5.15. Instead of discussing how to use folios as part of the File Systems microconference, he led a discussion that was, at least in part, on the path forward for them. (Comment on this)
8:21p	Courtès: What's in a package Over at the Guix-HPC blog, Ludovic Courtès writes about trying to package the PyTorch machine-learning library for the Guix distribution. Building from source in a user-verifiable manner is part of the philosophy behind Guix, but there were a number of problems that were encountered: The first surprise when starting packaging PyTorch is that, despite being on PyPI, PyTorch is first and foremost a large C++ code base. It does have a setup.py as commonly found in pure Python packages, but that file delegates the bulk of the work to CMake. The second surprise is that PyTorch bundles (or "vendors", as some would say) source code for no less than 41 dependencies, ranging from small Python and C++ helper libraries to large C++ neural network tools. Like other distributions such as Debian, Guix avoids bundling: we would rather have one Guix package for each of these dependencies. The rationale is manifold, but it boils down to keeping things auditable, reducing resource usage, and making security updates practical. (Comment on this)

<< Previous Day

2021/09/22 [Calendar]

Next Day >>