Security updates have been issued by Debian (apr-util, freeradius, mono, nodejs, php7.3, php7.4, and python-cryptography), Fedora (epiphany, haproxy, and podman), SUSE (chromium, libraw, php7, php74, python-pip, and rubygem-activerecord-4_2), and Ubuntu (apr, clamav, curl, intel-microcode, nss, openvswitch, webkit2gtk, and zoneminder).

The 6.2.1, 6.1.14, 5.15.96 5.10.170, 5.4.233, 4.19.274, and 4.14.307 stable kernel updates have all been released; each contains another set of important fixes.

Developers who build distributions often (but not always) put considerable effort into backward compatibility, ensuring, for example, that a program built for one release will continue to run on later releases. Forward compatibility, where it is possible to move a program (or other artifact) from a more recent release to an older one, can be less of a concern, but it still tends to be seen as something that is better to not break if possible. So it is not surprising that an issue affecting the forward-compatibility of ext4 filesystems built for the upcoming Debian 12 ("bookworm") release has generated a fair amount of discussion, even if the number of affected users is likely to be small.

Security updates have been issued by Debian (binwalk, chromium, curl, emacs, frr, git, libgit2, and tiff), Fedora (qt5-qtbase), SUSE (c-ares, kernel, openssl-1_1-livepatches, pesign, poppler, rubygem-activerecord-5_1, and webkit2gtk3), and Ubuntu (linux-aws).

As of this writing, 5,776 non-merge changesets have been pulled into the mainline kernel for the 6.3 release; that is a bit less than half of the work that was waiting in linux-next before the merge window opened. This merge window is thus well underway, but far from complete. Quite a bit of significant work has been pulled so far; read on to see what entered the kernel in the first half of the 6.3 merge window.

The group working on adding keyword generics to the Rust language is foreshadowing what it plans to propose:

A main driver of the keywords generics initiative has been our desire to make the different modifier keywords in Rust feel consistent with one another. Both the const WG and the async WG were thinking about introducing keyword-traits at the same time, and we figured we should probably start talking with each other to make sure that what we were going to introduce felt like it was part of the same language - and could be extended to support more keywords in the future.

Security updates have been issued by CentOS (firefox and thunderbird), Debian (asterisk, git, mariadb-10.3, node-url-parse, python-cryptography, and sofia-sip), Fedora (c-ares, golang-github-need-being-tree, golang-helm-3, golang-oras, golang-oras-1, and golang-oras-2), Oracle (httpd:2.4, kernel, php:8.0, python-setuptools, python3, samba, systemd, tar, and webkit2gtk3), Red Hat (webkit2gtk3), SUSE (phpMyAdmin, poppler, and postgresql12), and Ubuntu (dcmtk and linux-hwe).

The LWN.net Weekly Edition for February 23, 2023 is available.

The Rust community has been working to reform its governance model; that work is now being presented as a draft document describing how that model will work.

This RFC establishes a Leadership Council as the successor of the core team and the new governance structure through which Rust Project members collectively confer the authority to ensure successful operation of the Project. The Leadership Council delegates much of this authority to teams (which includes subteams, working groups, etc.) who autonomously make decisions concerning their purviews. However, the Council retains some decision-making authority, outlined and delimited by this RFC.

As we have seen in earlier articles, the packaging landscape for Python is fragmented and complex, though users of the language have been clamoring for some kind of unification for a decade or more at this point. The developers behind pip and other packaging tools would like to find a way to satisfy this wish from Python-language users and developers, thus they have been discussing possible solutions with increasing urgency, it seems, of late. In order to do that, though, it is important to understand what specific items—and types of Python users—to target.

The Ubuntu Flavors offerings (Kubuntu and the like) have decided that the way to improve the user experience is to put more emphasis on the Snap package format.

Going forward, the Flatpak package as well as the packages to integrate Flatpak into the respective software center will no longer be installed by default in the next release due in April 2023, Lunar Lobster. Users who have used Flatpak will not be affected on upgrade, as flavors are including a special migration that takes this into account. Those who haven’t interacted with Flatpak will be presented with software from the Ubuntu repositories and the Snap Store.

The Ubuntu Flavors offerings (Kubuntu and the like) have decided that the way to improve the user experience is to put more emphasis on the Snap package format.

Going forward, the Flatpak package as well as the packages to integrate Flatpak into the respective software center will no longer be installed by default in the next release due in April 2023, Lunar Lobster. Users who have used Flatpak will not be affected on upgrade, as flavors are including a special migration that takes this into account. Those who haven’t interacted with Flatpak will be presented with software from the Ubuntu repositories and the Snap Store.

The 6.1.13, 5.15.95, 5.10.169, 5.4.232, 4.19.273, and 4.14.306 stable kernel updates have all been released; each contains another set of important fixes.

Security updates have been issued by Debian (amanda, apr-util, and tiff), Fedora (apptainer, git, gssntlmssp, OpenImageIO, openssl, webkit2gtk3, xorg-x11-server, and xorg-x11-server-Xwayland), Oracle (firefox and thunderbird), Red Hat (python3), SUSE (gnutls, php7, and python-Django), and Ubuntu (chromium-browser, libxpm, and mariadb-10.3, mariadb-10.6).

FIDO2 is a standard for authenticating users without the need for passwords. While the technology has been introduced mainly to protect accounts on web sites, it's also useful for other purposes, such as logging into Linux systems. The same technology can even be used beyond authentication, for example to sign files or Git commits. A couple of talks at FOSDEM 2023 in Brussels presented the possibilities for Linux users.

Security updates have been issued by CentOS (libksba, thunderbird, and tigervnc and xorg-x11-server), Debian (clamav, nss, python-django, and sox), Fedora (kernel and thunderbird), Mageia (curl, firefox, nodejs-qs, qtbase5, thunderbird, upx, and webkit2), Red Hat (httpd:2.4, kernel, kernel-rt, kpatch-patch, pcs, php:8.0, python-setuptools, Red Hat build of Cryostat, Red Hat Virtualization Host 4.4.z SP 1, samba, systemd, tar, and thunderbird), Scientific Linux (firefox and thunderbird), and SUSE (clamav, firefox, jhead, mozilla-nss, prometheus-ha_cluster_exporter, tar, and ucode-intel).

The 6.2 kernel was released on February 19, at the end of a ten-week development cycle. This time around, 15,536 non-merge changesets found their way into the mainline repository, making this cycle significantly more active than its predecessor. Read on for a look at the work that went into this kernel release.

Version 13.1 of the GNU GDB debugger has been released. Changes include support for the LoongArch and CSKY architectures, a number of Python API improvements, support for zstd-compressed debug sections, and more.

Security updates have been issued by Debian (c-ares, gnutls28, golang-github-opencontainers-selinux, isc-dhcp, nss, openssl, snort, and thunderbird), Fedora (clamav, curl, phpMyAdmin, thunderbird, vim, webkitgtk, and xen), Red Hat (firefox), Slackware (kernel), SUSE (apache2-mod_security2, gssntlmssp, postgresql-jdbc, postgresql12, and timescaledb), and Ubuntu (firefox).

Linus has released the 6.2 kernel as expected.

Please do give 6.2 a testing. Maybe it's not a sexy LTS release like 6.1 ended up being, but all those regular pedestrian kernels want some test love too.

Headline features in this release include the ability to manage linked lists and other data structures in BPF programs, more additions to the kernel's Rust infrastructure, improvements in Btrfs RAID5/6 reliability, IPv6 protective load balancing, faster "Retbleed" mitigation with return stack buffer stuffing, control-flow integrity improvements with FineIBT, oops limits, and more.

See the LWN merge-window summaries (part 1, part 2) and the KernelNewbies 6.2 page for more information.