FEX 2511 is out today for this open-source emulator akin to Apple’s Rosetta that allows running x86/x86+64 applications on ARM64. But in the case of FEX, for ARM64 Linux devices and akin to other open-source projects like Box64…

Inside this week’s LWN.net Weekly Edition:

• Front: Python thread safety; Namespace reference counting; Merigraf; Speeding up short reads; Julia 1.12; systemd security.
• Briefs: CHERIoT 1.0; Chromium XSLT; Arm KASLR; Bazzite; Devuan 6.0; Incus 6.18; LXQt 2.3.0; Rust 1.91.0; Quotes; …
• Announcements: Newsletters, conferences, security updates, patches, and more.

Following Intel’s disclosure less than one month ago of Crescent Island as a upcoming Xe3P graphics card with 160GB of vRAM focused on enterprise-level AI inferencing, Intel’s open-source Linux graphics driver engineers have been quick to begin plumbing the Xe kernel graphics driver for this next-generation graphics card…

Mason Freed and Dominik Röttsches have published a document
with a timeline and plans for removing Extensible Stylesheet Language
Transformations (XSLT) from the Chromium project and Chrome
browser:

Chromium has officially deprecated XSLT, including the XSLTProcessor
JavaScript API and the XML stylesheet processing instruction. We
intend to remove support from version 155 (November 17, 2026). The
Firefox and WebKit projects have also indicated plans to remove XSLT
from their browser engines. This document provides some history and
context, explains how we are removing XSLT to make Chrome safer, and
provides a path for migrating before these features are removed from
the browser.

LWN covered the Web
Hypertext Application Technology Working Group (WHATWG) discussion
about XSLT in August.

A new feature of Intel Xeon 6 “Birch Stream” platforms is the “Latency Optimized Mode” performance setting. The Intel Latency Optimized Mode will keep the uncore clock frequencies higher for more consistent performance but at the cost of increased power use. For those wondering about the performance and power impact, here are some comparison benchmarks of engaging this Latency Optimized Mode with Intel Xeon 6980P “Granite Rapids” server processors.

In mid-2024, Bavarian PC vendor TUXEDO Computers began teasing a Snapdragon X Elite powered Linux laptop with hopes of having it available by Christmas 2024. As we approach Christmas 2025, there still are no immediate signs of this new ARM-based TUXEDO laptop soon shipping but there are signs of life still with new Linux kernel patches posted for enabling this Snapdragon X Elite laptop…

Days after the Linux Vendor Firmware Service celebrated 135 million firmware downloads, a new version of the Fwupd utility is now available for firmware updating systems and peripherals under Linux…

Nebula is a fresh Rust-built GTK frontend for XBPS, offering a modern and easy way to manage packages on Void Linux.

Version
2.3.0 of the Lightweight Qt Desktop Environment (LXQt) has been
released. The highlight of this release is continued improvement in
Wayland support across LXQt components. Rather than offering its own
compositor, the LXQt project takes a modular approach and works with
several Wayland compositors, such as KWin, labwc, and niri.

Linux has many security features and tools that have evolved over
the years to address threats as they emerge and security gaps as they
are discovered. Linux security is all, as Lennart Poettering observed at the All Systems Go! conference held
in Berlin, somewhat random and not a “clean”
design. To many observers, that may also appear to be the case for
systemd; however, Poettering said that he does have a vision for how
all of the security-related pieces of systemd are meant to fit
together. He wanted to use his talk to explain “how the individual
security-related parts of systemd actually fit together and why they
exist in the first place“.

Version
1.3 of the Open Container Initiative (OCI) Runtime
Specification has been released. The specification covers the
configuration, execution environment, and lifecycle of containers. The
most notable change in 1.3 is the addition of FreeBSD to the
specification, which the FreeBSD Foundation calls
“a watershed moment for FreeBSD“:

The addition of cloud-native container support complements FreeBSD’s
already robust virtualization capabilities, particularly the powerful
FreeBSD jails technology that has been a cornerstone of the operating
system for over two decades. In fact, OCI containers on FreeBSD are
implemented using jails as the underlying isolation mechanism,
bringing together the security and resource management benefits of
jails with the portability and ecosystem advantages of OCI-compliant
containers.

Sent out today to DRM-Next was the latest weekly batch of drm-misc-next patches for enhancing the various smaller Direct Rendering Manager drivers within the kernel. Included with this week’s update is supporting some additional Mali and Vivante hardware as well as continuing to enhance the in-kernel accelerator “accel” drivers…

The merge to GNOME Mutter has finally happened that “completely drops” the X11 back-end to make GNOME strictly focused on Wayland-based environments…

Chocolate Factory’s latest moonshot aims to put AI supercomputing cluster in sun-sychronous orbitGoogle on Tuesday announced a new moonshot – launching constellations of solar-powered satellites packed to the gills with its home-grown tensor processing units (TPUs) to form orbital AI datacenters.…

LXQt 2.3 is out today as the newest release of this lightwight, Qt-based desktop environment…

The KDE Project released today KDE Plasma 6.5.2 as the second maintenance update to the latest and greatest KDE Plasma 6.5 desktop environment series with more improvements and bug fixes.

Over the past few months the open-source firmware consulting firm 3mdeb has been porting Coreboot and AMD’s new openSIL silicon initialization library to the Gigabyte MZ33-AR1. The Gigabyte MZ33-AR1 is a broadly available motherboard that supports the latest-generation AMD EPYC 9005 “Turin” server processors. 3mdeb has been fairly successful in their quest and an early demonstrator for openSIL…

Over the past few months the open-source firmware consulting firm 3mdeb has been porting Coreboot and AMD’s new openSIL silicon initialization library to the Gigabyte MZ33-AR1. The Gigabyte MZ33-AR1 is a broadly available motherboard that supports the latest-generation AMD EPYC 9005 “Turin” server processors. 3mdeb has been fairly successful in their quest and an early demonstrator for openSIL…

Given this week’s release of Flatpak 1.17 for app sandboxing, open-source developer Sebastian Wick published a blog post on Tuesday around the latest Flatpak developments and a look ahead at some of the feature development planned. Arguably most significant of that is the plans for systemd-appd…

PEP 810 approved following lengthy debate among developer communityPython programs are set to get faster startup times with PEP 810 “Explicit lazy imports,” which allows scripts to defer loading imported libraries until they’re actually needed rather than at startup.…