When the Fedora Engineering Steering Council (FESCo) is up for election, the project posts interviews of the candidates in order to help Fedora contributors make an informed choice. This year, the candidates are Zbigniew Jędrzejewski-Szmek, Tomáš Hrčka, Josh Stone, David Cantrell, Fabio Alessandro Locati, and Kevin Fenzi. All of them except for Locati are current members of the steering council. Voting is open until December 20.

Back in May for the Linux 6.10 kernel the initial bits of the NTSYNC driver was upstreamed for helping to emulate the Windows NT synchronization primitives so Windows games running under Wine/Proton (such as Valve's Steam Play) can enjoy a very nice performance boost. That NTSYNC code for Linux 6.10 wasn't yet in functioning shape and now a half-year later the newest NTSYNC patch series has been sent out for review...

GNU Shepherd as a service manager for both system and user services that is used by Guix and relying on Guile Scheme has finally reached version 1.0. For those not pleased with systemd, GNU Shepherd can be used as an init system and now has finally crossed the version 1.0 milestone after 21 years of development...

The GNOME Project released today GNOME 46.7 as the seventh maintenance update to the GNOME 46 desktop environment series with various bug fixes, updated translations, and other changes.

It's been a few months since running any fresh Linux graphics driver comparison benchmarks. But given the imminent availability of the first Intel Arc Battlemage graphics cards, I have been carrying out some fresh Linux GPU driver testing. Given the recently-stabilized NVIDIA R565 Linux driver series and then also the newest upstream code in Linux 6.13 Git and Mesa 25.0-devel for the AMD Radeon and Intel Arc Graphics hardware on their open-source drivers, here is a fresh look at where Intel / AMD / NVIDIA mid-range graphics stand today on Ubuntu Linux with the leading-edge drivers.

In 2019, the Python community had a lengthy discussion about changing the rules (that some find counterintuitive) on using break, continue, or return statements in finally blocks. These are all ways of jumping out of a finally block, which can interrupt the handling of a raised exception. At the time, the Python developers chose not to change things, because the consensus was that the existing behavior was not a problem. Now, after a report put together by Irit Katriel, the project is once again considering changing the language.

In 2019, the Python community had a lengthy discussion about changing the rules (that some find counterintuitive) on using break, continue, or return statements in finally blocks. These are all ways of jumping out of a finally block, which can interrupt the handling of a raised exception. At the time, the Python developers chose not to change things, because the consensus was that the existing behavior was not a problem. Now, after a report put together by Irit Katriel, the project is once again considering changing the language.

only a few for now

or today's leftovers

WWW stories

Some Debian picks

The OpenWrt project has issued an advisory regarding a vulnerability found in its Attended Sysupgrade Server that could allow compromised packages to be installed on a router by an attacker. No official OpenWrt images were affected, and the vulnerability is not known to be exploited, but users who have installed images created with an instance of this server are recommended to reinstall.

For a detailed description of how the exploit works, see this blog post.

Then, as the hash collision occurred, the server returns the overwritten build artifact to the legitimate request that requests the following packages. [...]

By abusing this, an attacker could force the user to upgrade to the malicious firmware, which could lead to the compromise of the device.

The OpenWrt project has issued an advisory regarding a vulnerability found in its Attended Sysupgrade Server that could allow compromised packages to be installed on a router by an attacker. No official OpenWrt images were affected, and the vulnerability is not known to be exploited, but users who have installed images created with an instance of this server are recommended to reinstall.

For a detailed description of how the exploit works, see this blog post.

Then, as the hash collision occurred, the server returns the overwritten build artifact to the legitimate request that requests the following packages. [...]

By abusing this, an attacker could force the user to upgrade to the malicious firmware, which could lead to the compromise of the device.

some hardware picks

Development related news

The 6.12.4 and 6.6.64 stable kernels have been released, each with a set of important fixes throughout the kernel tree, as usual.

The 6.12.4 and 6.6.64 stable kernels have been released, each with a set of important fixes throughout the kernel tree, as usual.

3 new episodes

The 6.13-rc2 kernel prepatch is out for testing. "The diffstat looks a bit unusual with 80%+ drivers, and a lot of it one-liners, but that's actually just because of a couple of automated scripts that got run after -rc1 for some cleanups. Nothing particularly interesting, but it makes for a lot of noise in the diff." One of those scripts was the EXPORT_SYMBOL_NS() change (to make it use a quoted string for the namespace name) described in this article.

The 6.13-rc2 kernel prepatch is out for testing. "The diffstat looks a bit unusual with 80%+ drivers, and a lot of it one-liners, but that's actually just because of a couple of automated scripts that got run after -rc1 for some cleanups. Nothing particularly interesting, but it makes for a lot of noise in the diff." One of those scripts was the EXPORT_SYMBOL_NS() change (to make it use a quoted string for the namespace name) described in this article.