[$] Managing to-do lists on the command line with Taskwarrior
Managing to-do lists is something of a universal necessity.
While some people handle them mentally or on paper, others resort to a web-based
tool or a mobile application. For those preferring the command line, the MIT-
licensed Taskwarrior offers a flexible solution with a healthy community and
lots of extensions.
Four more stable kernels
The 6.8.7, 6.6.28, 6.1.87, and 5.15.156 stable kernel
updates have all been released.
Security updates for Wednesday
Security updates have been issued by Debian (apache2 and
cockpit), Fedora (firefox, kernel, mbedtls, python-cbor2, wireshark, and
yyjson), Mageia (nghttp2), Red Hat (kernel, kernel-rt, opencryptoki, pcs, shim,
squid, and squid:4), Slackware (firefox), SUSE (emacs, firefox, and kernel), and
Ubuntu (linux-aws, linux-aws-5.15, linux-aws-6.5, linux-raspi, and linux-
iot).
[$] Identifying dependencies used via dlopen()
The recent XZ backdoor has sparked a lot of discussion
about how the open-source community links and packages software. One possible
security improvement being discussed is changing how projects like systemd link
to dynamic libraries that are only used for optional functionality: using
dlopen() to load those libraries only when required. This could shrink the
attack surface exposed by dependencies, but the approach is not without
downsides — most prominently, it makes discovering which dynamic libraries a
program depends on harder.
On April 11, Lennart Poettering proposed one way
to eliminate that problem in a systemd RFC on GitHub.
[$] Fedora 40 firms up for release
Fedora 40 Beta was released on March 26, and
the final release is nearing completion. So far, the release is coming together
nicely with major updates for GNOME, KDE Plasma, and the usual cavalcade of
smaller updates and enhancements. As part of the release, the project also
scuttled Delta RPMs and OpenSSL 1.1.