Feed aggregator

Soplos Linux is a set of desktop-oriented Linux distributions based on Debian's "Testing" featuring several popular desktop environments. It offers rolling updates, up-to-date software, a relatively lightweight and customisable desktop, compatibility with older hardware, and various speed and performance optimisation features. The distribution ships with a number of custom applications, such as Soplos Theme Manager, Soplos Plymouth Manager, Soplos Docklike (for adding and removing applications in the dock) and Soplos GRUB Editor.

Inside this week's LWN.net Weekly Edition:

• Front: Free-threaded Python; AUR attacks; Fedora 2FA; 7.2 merge window; BPF arenas; BPF coroutines; BPF JIT; RMR and BRMR; OSPM.
• Briefs: Tor deprecations; GIMP 0.54.1 flatpak; Mastodon 4.6; Systemd v261; Xfce on Wayland; Quotes; ...
• Announcements: Newsletters, conferences, security updates, patches, and more.

KaOS is a desktop Linux distribution that features the latest version of the Noctalia desktop environment, the Calligra office suite, and other popular software applications that use the Qt toolkit. It was inspired by Arch Linux, but the developers build their own packages which are available from in-house repositories. KaOS employs a rolling-release development model and is built exclusively for 64-bit computer systems.

BlueOnyx is a server distribution based on AlmaLinux OS. It is the mission of BlueOnyx to provide a fully-integrated Internet hosting platform that includes web, e-mail, DNS and file transfer services from a simple, user-friendly web-based interface that is easily installed on commodity hardware or virtual private server.

Compromised accounts are one of the most common ways that attackers can sneak malware into the open-source supply chain. One way to reduce account compromise is for projects to require two-factor authentication (2FA) or multi-factor authentication (MFA), but that is easier said than done. However, Fedora is currently discussing putting 2FA requirements in place soon, following an an alleged account compromise that led to an AI agent causing a number of problems for the project. After some discussion, Fedora will begin by requiring packagers in the "provenpackager" group to enable 2FA within the next three months or so.

BPF arenas are areas of memory (potentially shared with user space) where programs have free reign to build their own data structures, unburdened by the verifier's bounds checks. Many of those data structures are potentially usable in multiple programs. Emil Tsalapatis brought his work on libarena, a library containing generic utilities for use in BPF arenas, to the 2026 Linux Storage, Filesystem, Memory-Management, and BPF Summit. Although the library is already available as part of the kernel, it is still in its early stages and he has more work planned.

The Power Management and Scheduling in the Linux Kernel Summit, which still goes by the historical acronym OSPM, was held in Cambridge, UK, in mid-April. As has become traditional, the presenters at that event have since written summaries of their sessions, and this work has kindly been made available to LWN for publication. The second day's sessions covered a wide range of topics, including device frequency scaling, using time-slice duration for CPU selection, scheduling domains on multi-cluster Arm systems, the LAVD scheduler, and more.

Security updates have been issued by AlmaLinux (corosync, firefox, kernel, kernel-rt, libpq, memcached, postgresql, postgresql16, postgresql:13, postgresql:16, python-urllib3, python3.14-urllib3, redis:6, skopeo, and vim), Debian (beets, gst-plugins-bad1.0, imagemagick, libmatio, python-urllib3, and u-boot), Fedora (chromium, coturn, frr, grout, materialx, perl-Crypt-DSA, and yt-dlp), Mageia (opensc, perl-Archive-Tar, and podofo), Oracle (fence-agents, libpq, mysql:8.4, and postgresql:16), Red Hat (firefox, libpng, libpng12, libpng15, libreoffice, nginx:1.24, thunderbird, tigervnc, xorg-x11-server, and xorg-x11-server-Xwayland), Slackware (libarchive), SUSE (amazon-ssm-agent, ansible-core, apache2, bind, bitcoin-qt6, containerized-data-importer, curl, distribution, docker-stable, dovecot24, dracut, editorconfig-core-c, exiv2, firefox, freeipmi, freerdp, ghc-aws, ghc-crypton-asn1-encoding, ghc-crypton-asn1-parse, ghc-crypton-asn1-types, ghc-crypton-pem, glib-networking, go1.25, go1.26, google-guest-agent, graphite2, hamlib, helm, himmelblau, ignition, ImageMagick, kernel, ldns, libarchive, libcaca, libheif, libinput, libjxl, libsolv, libzypp, zypper, LibVNCServer, libxslt, libyang, mcphost, mozjs128, ncurses, nginx, opensc, openssl-3, openvswitch, papers, perl-HTML-Parser, perl-HTTP-Daemon, perl-Protocol-HTTP2, podman, postgresql14, postgresql15, postgresql16, postgresql17, python-aiohttp, python-ecdsa, python-paramiko, python-PyJWT, python-starlette, rekor, sqlite3, strongswan, tiff, tomcat, tomcat10, tomcat11, unbound, webkit2gtk3, xwayland, and zypper, libzypp, libsolv), and Ubuntu (libcap2, libnfs, libvncserver, libxml2, and mysql-8.0).

Ventoy LiveCD is a minimalist, single-purpose live CD designed to install the Ventoy application on Windows system. It is based on Porteus Kiosk and uses the Openbox window manager. It can be useful in cases where the standard installation of Ventoy on Windows fails due to Windows-specific restrictions on some low-level operations. Ventoy, an open-source application that facilitates the creation of bootable USB drives from ISO, WIM, IMG, VHD(x) and EFI files, is a useful utility for those who frequently install or test Linux distributions or other open-source operating systems.

SteamOS is an Arch-based Linux distribution developed by Valve Corporation, a US video game developer, publisher and digital distribution company. It comes with Steam, Valve's own video game store, and it is the default Linux distribution for Valve's line of gaming hardware, including the Steam Deck, Steam Machine and Steam Frame. The distribution also supports some third-party handheld devices, such as Lenovo Legion Go and ASUS ROG Ally, but it can also be installed on standard personal computers. SteamOS uses the KDE Plasma desktop as its default user interface.

AUSTRUMI (Austrum Latvijas Linukss) is a bootable live Linux distribution based on Slackware Linux. It requires limited system resources and can run on any Intel-compatible system with a CD-ROM installed. The entire operating system and all of the applications run from RAM, making AUSTRUMI a fast system and allowing the boot medium to be removed after the operating system starts.

Alexis Lothoré has been working to add support for the kernel's memory-access checker, KASAN, to just-in-time-compiled BPF code. He spoke about that work at the 2026 Linux Storage, Filesystem, Memory-Management, and BPF Summit. KASAN support is needed, he said, to help catch bugs in the BPF just-in-time (JIT) compiler. KASAN is a great tool for catching memory-management problems in the kernel, but only in code that can be monitored by it.

Vipnix LiveCD is a portable Linux distribution built on the legacy of Gentoo Linux, Funtoo and Macaroni OS. It combines Gentoo's source-based optimization, Funtoo's innovative tools and Macaroni OS's modern, container-friendly approach. Vipnix integrates the lightweight LXQt desktop environment and the educational XLibre X11 server into a live operating system designed for enthusiasts, professionals and system recovery tasks. It is developed by Vipnix, a Brazilian IT solutions company specialising in customised infrastructure, cybersecurity, data protection and biotechnology.

The Tor Project has announced that it is planning to actively stop supporting Tor 0.4.8 and earlier C Tor versions soon.

Usually, we try not to break existing releases, even if they are unsupported, unless we have a pretty good reason. In this case, we have several reasons. [...]

The most important reason is this: in 0.4.9, we have made some former fields in our directory data obsolete -- specifically, TAP onion keys and family lines. Removing these fields will let us save a great deal of client directory bandwidth for everyone. This, in turn, will make all Tor clients bootstrap a little faster, especially those on slow connections. But when we remove these fields, clients and relays running earlier versions of Tor will no longer work, since they expect the TAP onion keys to be present. Therefore, in order to deliver improved performance faster, we need to accelerate the date on which 0.4.8 will stop working.

The target sunset date is currently September 1, 2026, after which any version prior to Tor 0.4.9 will cease to work on the network. The first stable release in the 0.4.9.x series was announced in February 2026, and the Tor 0.4.8.x series reached end of life on June 1.

Security updates have been issued by Debian (ffmpeg), Fedora (erlang, ffmpeg, prometheus, python-scrapy, python3-docs, python3.14, thorvg, tigervnc, and vips), Mageia (mumble and sslh), Oracle (389-ds:1.4, dracut, firefox, hplip, kernel, openssh, postgresql:15, redis:6, and uek-kernel), Red Hat (delve, gvisor-tap-vsock, nginx, nginx:1.24, nginx:1.26, osbuild-composer, podman, rhc, skopeo, and yggdrasil), SUSE (containerized-data-importer, graphite2, kernel, libarchive, openssh, openssh-askpass-gnome, openvswitch, openvswitch3, postfix, python-lxml, python-nltk, python-python-multipart, python-urllib3, rmt-server, terraform-provider-local, terraform-provider-null, and util-linux), and Ubuntu (google-guest-agent, haproxy, libxml2, linux-azure, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle-5.15, mysql-8.0, mysql-8.4, and nginx).

Version:next-20260623 (linux-next) Released:2026-06-23

Netdeep Secure Firewall is a comercial Linux distribution designed for firewalls, developed by Neetdeep Tecnologia Ltda in Brazil. It is built from scratch on top of a Linux kernel and GNU utilities. The distribution provides a web-based interface for configuring various services, including network, Unified Threat Management (UTM), Deep Packet Inspection (DPI), URL filter, captive portal and hotspot, antivirus, reports and audits, secure connection over virtual private networks, intrusion detection and prevention, traffic control, balancing and failover, and many others. The company also provides licences and commercial support for users located in Brazil.

The GIMP project reports that GNOME contributor "balooii" has worked to package GIMP 0.54.1—released in 1996—as a Flatpak that will build and run on modern 64-bit Linux systems. This is a Motif-based version, and the same version that was used by Larry Ewing to create Tux.

While not likely to be useful for serious graphics work today, it should be interesting for users who would like to see what a 30-year-old version of GIMP was capable of.

Probably the biggest change for Python over the last five years or so is the advent of the "free-threaded" version of the language, which removes the global interpreter lock (GIL) and allows multiple threads to run in parallel in the interpreter. At PyCon US 2026, held in Long Beach, California in mid-May, longtime CPython core developer (and current steering council member) Thomas Wouters gave a talk about the feature. He looked at the motivation behind the GIL-removal efforts, some history, the current status of the free-threaded interpreter, and provided a prediction on where it all leads.

Brian Tarricone has announced the first preview release of xfwl4, a Wayland compositor for the Xfce desktop environment.

After close to six months of work, I feel like it's ready to get some wider use, even though of course there will be bugs and missing features. Think of this as an alpha release. [...]

The end goal of xfwl4 is to behave as closely as possible to an Xfce desktop running on an X server. Ideally a user could switch between the two without even knowing there's a difference. In reality, of course, it won't be quite that seamless, and there's still more work to be done to get as close as possible to that ideal. This is a first solid cut at it, at the very least.