# Tech News Digest - 2025-03-15

> Closed-captioned for the ESP-impaired

## Git 2.49.0 released

**Category:** Linux  
**Tags:** General  
**Published:** Fri, 14 Mar 2025 18:27:43 +0000  
**TL;DR:** Here is a 2-sentence summary:

Version 2.49.0 of the Git source-code management system has been released, featuring 460 non-merge commits and contributions from 89 people, including 24 new contributors. The release includes numerous improvements and bug fixes, with more details available on GitHub's highlights blog.

[Version 2.49.0](https://lwn.net/ml/all/xmqqfrjfilc8.fsf%40gitster.g/) of the Git source-code management system has been released. This release comprises 460 non-merge commits since 2.48.0, with contributions from 89 people, including 24 new contributors. There is a long list of improvements and bug fixes; see the [highlights blog](https://github.blog/open-source/git/highlights-from-git-2-49/) from GitHub's Taylor Blau for some of the more interesting features.

\[Read more\]([https://lwn.net/Articles/1014226/](https://lwn.net/Articles/1014226/))

## \[$\] The burden of knowledge: dealing with open-source risks

**Category:** Linux  
**Tags:** General  
**Published:** Fri, 14 Mar 2025 13:54:04 +0000  
**TL;DR:** Here is a 2-sentence summary:

According to Max Mehl, relying on objective information and data to assess risks in an open-source software supply chain is insufficient and can even foster a passive mindset. Instead, he advocates for using qualitative data and direct participation in open-source projects to truly understand and address risks.

Organizations relying on open-source software have a wide range of tools, scorecards, and methodologies to try to assess security, legal, and other risks inherent in their so-called supply chain. However, Max Mehl [argued recently](https://program.foss-backstage.de/fossback25/talk/9ZBSUM/) in a short talk at [FOSS Backstage](https://25.foss-backstage.de/) in Berlin (and online) that all of this objective information and data is insufficient to truly understand and address risk. Worse, this information doesn't provide options to improve the situation and encourages a passive mindset. Mehl, who works as part of the CTO group at [DB Systel](https://www.dbsystel.de/dbsystel-en/about-us/profile-3714990#3714990), encouraged better risk assessment using qualitative data and direct participation in open source.

\[Read more\]([https://lwn.net/Articles/1013614/](https://lwn.net/Articles/1013614/))

## Security updates for Friday

**Category:** Linux  
**Tags:** Linux  
**Published:** Fri, 14 Mar 2025 12:56:10 +0000  
**TL;DR:** Here is a 2-sentence summary:

Several Linux distributions have released security updates to address vulnerabilities, including Fedora, Mageia, Oracle, Red Hat, Slackware, SUSE, and Ubuntu. The updates fix issues in various packages such as Thunderbird, Firefox, .NET, Grub2, Kernel, and more, helping to improve the security of these operating systems.  
Security updates have been issued by **Fedora** (iniparser, thunderbird, trafficserver, and xorg-x11-server), **Mageia** (opensc), **Oracle** (.NET 8.0, .NET 9.0, gcc, kernel, and libxml2), **Red Hat** (firefox, grub2, and krb5), **Slackware** (libxslt), **SUSE** (amazon-ssm-agent, bsdtar, build, ffmpeg-4, forgejo-runner, kernel, python, python3, python313, rubygem-rack-1\_6, and tailscale), and **Ubuntu** (linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15).  
[Read more](https://lwn.net/Articles/1014183/)

## Choi: announcing Casual Make

**Category:** Linux  
**Tags:** General  
**Published:** Thu, 13 Mar 2025 18:10:59 +0000  
**TL;DR:** Here is a summary of the text in 2 sentences:

Charles Choi has announced the release of Casual Make, a menu-driven interface for GNU Emacs' Makefile Mode that provides a user-friendly way to author and identify automatic variables. Casual Make is part of the Casual suite of tools and is available from MELPA as part of Casual 2.4.0, which was released on March 12 and includes documentation in Info format for the first time.

Charles Choi has [announced](http://yummymelon.com/devnull/announcing-casual-make.html) the release of the [Casual Make](https://github.com/kickingvegas/casual/blob/main/docs/make-mode.org): a menu-driven interface, implemented as part of the [Casual](https://github.com/kickingvegas/casual?tab=readme-ov-file#casual) suite of tools, for [Makefile Mode](https://www.emacswiki.org/emacs/MakefileMode) in GNU Emacs.

> Emacs supports makefile editing with make-mode which has a mix of useful and half-baked (though thankfully obsoleted in 30.1) commands. It is from this substrate that I'm happy to announce the next Casual user interface: [Casual Make](https://github.com/kickingvegas/casual/blob/main/docs/make-mode.org).
> 
> Of particular note to Casual Make is its attention to authoring and identifying automatic variables whose arcane syntax is un-memorizable. Want to know what $&gt; means? Just select it in the makefile and use the . binding in the Casual Make menu to identify what it does in the mini-buffer.

Casual Make is part of [Casual 2.4.0](https://github.com/kickingvegas/casual/releases/tag/2.4.0), released on March 12 and is available from [MELPA](https://melpa.org/#/casual). The 2.4.0 update to Casual also includes documentation in the Info format for the first time.

\[Read more\]([https://lwn.net/Articles/1014065/](https://lwn.net/Articles/1014065/))

## \[$\] Warming up to frozen pages for networking

**Category:** Linux  
**Tags:** Linux  
**Published:** Thu, 13 Mar 2025 15:01:58 +0000  
**TL;DR:** Here is a 2-sentence summary:

The upcoming Linux kernel release, version 6.14, includes several internal changes aimed at improving performance, including the "frozen pages" memory-management optimization. However, a bug in frozen pages was recently reported, causing crashes and highlighting the need for additional work to properly resolve the issue.  
When the 6.14 kernel is released later this month, it will include the usual set of internal changes that users should never notice, with the possible exception of changes that bring performance improvements. One of those changes is [frozen pages](https://lwn.net/Articles/1000654/), a memory-management optimization that should fly mostly under the radar. When Hannes Reinecke [reported a crash](https://lwn.net/ml/all/08c29e4b-2f71-4b6d-8046-27e407214d8c@suse.com) in 6.14, though, frozen pages suddenly came into view. There is a workaround for this problem, but it seems there is a fair amount of work to be done that nobody had counted on to solve the problem properly.  
[Read more](https://lwn.net/Articles/1013408/)
