Security updates have been issued by Arch Linux (curl, lib32-curl, lib32-libcurl-compat, lib32-libcurl-gnutls, libcurl-compat, libcurl-gnutls, and live-media), Debian (doxygen and php5), Fedora (cryptopp, drupal7-context, drupal7-ds, drupal7-module_filter, drupal7-path_breadcrumbs, drupal7-uuid, drupal7-views, drupal7-xmlsitemap, and sleuthkit), openSUSE (axis, chromium, containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork, curl, doxygen, GraphicsMagick, java-1_7_0-openjdk, libtasn1, libvirt, lxc, lxcfs, NetworkManager, php5, php7, screen, sles12sp3-docker-image, sles12sp4-image, system-user-root, and thunderbird), Oracle (kernel), SUSE (apache2-mod_jk and libpng16), and Ubuntu (doxygen).

The 5.2-rc3 kernel prepatch has been released. "Anyway, even ignoring the SPDX changes, there's just a lot of small fixes spread all over, not anything that looks particularly scary or worrisome. Maybe next week is when the other shoe drops, but maybe this will just be a nice calm release. That would be lovely."

The 5.1.6, 5.0.20, 4.19.47, 4.14.123, and 4.9.180 stable kernels have been released. As usual, they contain important fixes throughout the kernel tree; users of those series should upgrade.

The basic organizational construct within the Kubernetes project is a set of Special Interest Groups (SIGs), each of which represents a different area of responsibility within the project. Introductions to what the various SIGs do, as well as more detailed sessions, were a core part of KubeCon + CloudNativeCon Europe 2019, as the different groups explained what they're doing now and their plans for the future. Two sessions, in particular, covered the work of the Release and Architecture SIGs, both of which have a key role in driving the project forward.

Security updates have been issued by Debian (miniupnpd and qemu), Fedora (drupal7-entity and xen), openSUSE (kernel), Oracle (bind and firefox), Red Hat (go-toolset-1.11-golang), SUSE (cronie, evolution, firefox, gnome-shell, java-1_7_0-openjdk, jpeg, and mailman), and Ubuntu (corosync, evolution-data-server, gnutls28, and libseccomp).

The set of system calls known collectively as epoll was designed to make polling for I/O events more scalable. To that end, it minimizes the amount of setup that must be done for each system call and returns multiple events so that the number of calls can also be minimized. But that turns out to still not be scalable enough for some users. The response to this problem, in the form of this patch series from Roman Penyaev, takes a familiar form: add yet another ring-buffer interface to the kernel.

Security updates have been issued by CentOS (firefox and libvirt), Debian (openjdk-8 and tomcat7), Fedora (drupal7-entity), Mageia (kernel), openSUSE (bluez, gnutls, and libu2f-host), Oracle (bind), Red Hat (bind), Scientific Linux (bind), SUSE (axis, libtasn1, and rmt-server), and Ubuntu (sudo).

The LWN.net Weekly Edition for May 30, 2019 is available.

A kernel debugger that allows Python scripts to access data structures in a running kernel was the topic of Omar Sandoval's plenary session at the 2019 Linux Storage, Filesystem, and Memory-Management Summit (LSFMM). In his day job at Facebook, Sandoval does a fair amount of kernel debugging and he found the existing tools to be lacking. That led him to build drgn, which is a debugger built into a Python library.

In a followup to his earlier session on dying control groups, Roman Gushchin wanted to talk about problems with the shrinkers and filesystem caches in a combined filesystem and memory-management session at the 2019 Linux Storage, Filesystem, and Memory-Management Summit (LSFMM). Specifically, for control groups that share the same underlying filesystem, the shrinkers are not able to reclaim memory from the VFS caches after a control group dies, at least under slight to moderate memory pressure. He wanted to discuss how to reclaim that memory without major performance impacts.

Version 1.0 of the GParted GNOME Partition Editor has been released. "The GParted 1.0.0 release includes a significant undertaking to migrate the code base from gtkmm2 to gtkmm3 (our GTK3 port)."

Version 4.2.0 of the Krita paint tool is out. "New in Krita 4.2.0 is updated support for drawing tablets, support for HDR monitors on Windows, an improved color palette docker, scripting API for animation, color gamut masking, improved selection handling, much nicer handling of the interaction between opacity and flow and much, much, much more" See the release notes for more details.

Kees Cook reviews the security-related enhancements in the 5.1 kernel release. "Now /proc/$pid can be opened and used as an argument for sending signals with the new pidfd_send_signal() syscall. This handle will only refer to the original process at the time the open() happened, and not to any later 'reused' pid if the process dies and a new process is assigned the same pid. Using this method, it’s now possible to racelessly send signals to exactly the intended process without having to worry about pid reuse. (BTW, this commit wins the 2019 award for Most Well Documented Commit Log Justification.)"

In a filesystem session on the third day of the 2019 Linux Storage, Filesystem, and Memory-Management Summit (LSFMM), Steve French wanted to talk about copy operations. Much of the development work that has gone on in the Linux filesystem world over the last few years has been related to the performance of copying files, at least indirectly, he said. There are still pain points around copy operations, however, so he would like to see those get addressed.

Security updates have been issued by Arch Linux (webkit2gtk), Debian (kernel and libav), Fedora (c3p0 and community-mysql), Scientific Linux (pacemaker), SUSE (axis, libtasn1, NetworkManager, sles12sp3-docker-image, sles12sp4-image, system-user-root, and xen), and Ubuntu (freerdp, GNU Screen, keepalived, and thunderbird).

Finding a way for applications to do atomic writes to files, so that either the old or new data is present after a crash and not a combination of the two, was the topic of a session led by Christoph Hellwig at the 2019 Linux Storage, Filesystem, and Memory-Management Summit (LSFMM). Application developers hate the fact that when they update files in place, a crash can leave them with old or new data—or sometimes a combination of both. He discussed some implementation ideas that he has for atomic writes for XFS and wanted to see what the other filesystem developers thought about it.

Ted Ts'o led a discussion on storage testing and, in particular, on his experience getting blktests running for his test environment, in a combined storage and filesystem session at the 2019 Linux Storage, Filesystem, and Memory-Management Summit. He has been adding more testing to his automated test platform, including blktests, and he would like to see more people running storage tests. The idea of his session was to see what could be done to help that cause.

Debian Linux and its family of derivatives (such as Ubuntu) are partly characterized by their use of .deb as the packaging format. Packages in this format are produced not only by the distributions themselves, but also by independent software vendors. The last major change of the format internals happened back in 1995. However, a discussion of possible changes has been brought up recently on the debian-devel mailing list by Adam Borowski.

Security updates have been issued by Arch Linux (firefox and thunderbird), Debian (sox and vcftools), Fedora (safelease and sharpziplib), openSUSE (chromium, evolution, graphviz, nmap, systemd, transfig, and ucode-intel), Red Hat (pacemaker), SUSE (curl, libvirt, openssl, php7, php72, and systemd), and Ubuntu (gnome-desktop3, keepalived, and samba).

The stable tree was the topic for a plenary session led by Sasha Levin at the 2019 Linux Storage, Filesystem, and Memory-Management Summit (LSFMM). One of the main areas that needs attention is testing, according to Levin. He wanted to discuss how to do more and better testing as well as to address any concerns that attendees might have with regard to the stable tree.