The Debian project is now supporting 64-bit RISC-V systems as an official architecture. Some work remains to be done, though:

However before you rush to update your sources.list file, I want to warn you that the archive is currently almost empty, and that only the sid and experimental suites are available. The procedure is to rebootstrap the port within the official archive, which means we won't import the full debian-ports archive.

Version 1.3 of the Inkscape drawing editor has been released. "With version 1.3 of Inkscape, you’ll find improved performance, several new features, and a solid set of improvements to a few existing ones". Changes include a new shape-builder tool, a "document resources" dialog for the management of drawings, a new pattern editor, and more.

Security updates have been issued by Debian (webkit2gtk), Fedora (curl, dotnet6.0, dotnet7.0, ghostscript, kernel-headers, kernel-tools, libopenmpt, openssh, and samba), Mageia (virtualbox), Red Hat (java-1.8.0-openjdk and java-11-openjdk), and Scientific Linux (java-1.8.0-openjdk and java-11-openjdk).

Linus has released 6.5-rc3 for testing. "Things continue to look pretty normal - there's nothing here that would seem to stand out, with both the commit counts and the diffs looking pretty much normal for rc3".

Meanwhile, Greg Kroah-Hartman has released the large 6.4.5, 6.1.40, and 5.15.121 stable updates; each contains another set of important fixes.

The BPF virtual machine in the kernel has been steadily gaining new features for years, many of which add capabilities that C programmers do not ordinarily have. So, from one point of view, it was only a matter of time before BPF gained support for exceptions. As it turns out, though, this "exceptions" feature is aimed at a specific use case, and its use in most programs will be truly exceptional.

Security updates have been issued by Fedora (golang, nodejs16, nodejs18, and R-jsonlite), Red Hat (java-1.8.0-openjdk and java-17-openjdk), SUSE (container-suseconnect, redis, and redis7), and Ubuntu (wkhtmltopdf).

Sometimes, the shortest patches lead to the longest threads; for a case in point, see this three-line change posted by Emanuele Giuseppe Esposito. The purpose of this change is to improve the security of locked-down systems by adding a "revocation number" to the kernel image. But, as the discussion revealed, both the cost and the value of this feature are seen differently across the kernel-development community.

Security updates have been issued by Debian (chromium), Fedora (sysstat), Gentoo (openssh), Mageia (firefox/nss, kernel, kernel-linus, maven, mingw-nsis, mutt/neomutt, php, qt4/qtsvg5, and texlive), Red Hat (java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, and kpatch-patch), Slackware (curl and openssh), SUSE (curl, grafana, kernel, mariadb, MozillaFirefox, MozillaFirefox-branding-SLE, poppler, python-Flask, python310, samba, SUSE Manager Client Tools, and texlive), and Ubuntu (curl, ecdsautils, and samba).

The LWN.net Weekly Edition for July 20, 2023 is available.

The advantages of the Rust programming language are generally well-known; memory safety is a feature that has attracted a lot of developer attention over the last few years. At the inaugural Embedded Open Source Summit (EOSS), which is an umbrella event for numerous embedded-related conferences, Martin Mosler presented on using Rust for an embedded project. In the talk, he showed how easy it is to get up and running with a Rust-based application on a RISC-V-based development board.

The 6.4.4 and 6.1.39 stable kernel updates have been released; each contains a large number of important fixes.

Security updates have been issued by Debian (bind9, libapache2-mod-auth-openidc, and python-django), Fedora (nodejs18 and redis), Red Hat (python3.9 and webkit2gtk3), Scientific Linux (bind and kernel), SUSE (cni, cni-plugins, cups-filters, curl, dbus-1, ImageMagick, kernel, libheif, and python-requests), and Ubuntu (bind9, connman, curl, libwebp, and yajl).

Version 3.0 of Cython (described as "a programming language that makes writing C extensions for the Python language as easy as Python itself") has been released. Changes include support for Python through 3.11 (but 2.6 support was dropped), the implementation of a number of PEPs, initial support for the CPython limited API, better exception handling, and more.

The 2023 sambaXP conference was held May 10 and 11 in Goettingen, Germany. Videos of the talks held there have now been posted on YouTube; topics covered include an io_uring update, fuzzing, passwordless services, GPL compliance, and much more.

In a session at the 2023 Real Time Linux Summit, Thomas Gleixner answered questions about the realtime feature of the kernel, its status, and the Real-Time Linux project's plans for the future. The talk was billed as a "Q&A about PREEMPT_RT" with a caveat: "anything except printk() and documentation". As might be guessed, the first two questions were on just those topics, but there were plenty of other questions (and answers) too. The summit was held in conjunction with the inaugural Embedded Open Source Summit in Prague, Czechia at the end of June.

Security updates have been issued by Fedora (java-1.8.0-openjdk), Red Hat (bind, bind9.16, curl, edk2, java-1.8.0-ibm, kernel, kernel-rt, and kpatch-patch), SUSE (iniparser, installation-images, java-1_8_0-ibm, kernel, libqt5-qtbase, nodejs16, openvswitch, and ucode-intel), and Ubuntu (linux-oem-6.0 and linux-xilinx-zynqmp).

On January 19, 2038, the time_t value used on many 32-bit Linux systems will overflow and wrap around, causing those systems to believe they have returned to 1901. Much work has gone into preparing many layers of the system for this event, but not all distributions have completed their preparations. One of those is Debian but, as was seen in a conversation in May, the Debian developers are now grappling with the problem in a serious way. Along the way, they appear to have made an interesting decision regarding which systems will (or will not) be updated.

Security updates have been issued by Debian (gpac, iperf3, kanboard, kernel, and pypdf2), Fedora (ghostscript), SUSE (bind, bouncycastle, ghostscript, go1.19, go1.20, installation-images, kernel, mariadb, MozillaFirefox, MozillaFirefox-branding-SLE, php74, poppler, and python-Django), and Ubuntu (cups, linux-oem-6.1, and ruby2.3, ruby2.5, ruby2.7, ruby3.0, ruby3.1).

The second 6.5 prepatch is out for testing. "No surprises here: this thing looks very normal."

The page structure sits at the core of the kernel's memory-management subsystem; one such structure exists for every page of installed RAM. This structure is increasingly seen as a problem, though, and phasing it out is one of the many side projects associated with the folio conversion. One step in that direction is currently meeting some pushback from memory-management developers, though, who think that some of these changes are coming too soon.