Alpine Linux is a community developed operating system designed for routers, firewalls, VPNs, VoIP boxes, containers, and servers. It was designed with security in mind; it has proactive security features like PaX and SSP that prevent security holes in the software to be exploited. The C library used is musl and the base tools are all in BusyBox. Those are normally found in embedded systems and are smaller than the tools found in GNU/Linux systems.
FUSS is a Debian-based Linux distribution for managing an educational network. It provides server, thin client and desktop solutions based on free software that go beyond any economic or technical reasons, maintaining an ethical choice of freedom and knowledge sharing. FUSS, which stands for "Free Upgrade in South Tyrol's Schools" started in 2005 in Italy's autonomous province of Bolza, with the aim of bringing free software to schools.
Version:next-20260127 (linux-next)
Released:2026-01-27
GNU C Library maintainer Carlos O'Donell has
announced
that the project will be moving its core services away from
Sourceware in favor of services hosted
at the Linux Foundation.
While it was clear to the GNU Toolchain leadership that
requirements were coming to improve the toolchain cyber-security
posture, these requirements were not clear to all project
developers. As part of receiving this feedback we have worked to
document and define a secure development policy for glibc and at a
higher level the GNU Toolchain. While Sourceware has started
making some critical technical changes, the GNU Toolchain still
faces serious, systemic concerns about securing a global, highly
available service and building a sustainable, diverse sponsorship
model.
This has been a long-running discussion; see this 2022 article for some background.
Flatcar Container Linux is a container-optimized operating system based on Gentoo Linux. It is a minimal operating system image which includes only the tools needed to run containers and it supports all of the popular methods for running containers. The distribution ships an immutable filesystem and includes automatic atomic updates. Flatcar Container Linux runs on most cloud providers, virtualization platforms and bare metal servers.
The kernel's "kfunc" mechanism is a way of exporting kernel functions so
that they can be called directly from BPF programs. There are over 300
kfuncs in current kernels, ranging in functionality from string processing
(
bpf_strnlen())
to custom schedulers (
scx_bpf_kick_cpu())
and beyond. Sometimes these kfuncs need access to context information that
is not directly available to BPF programs, and which thus cannot be passed
in as arguments. The
implicit
arguments patch set from Ihor Solodrai is the latest attempt to solve
this problem.
The Xfce team has announced that
it will be providing funding to Brian Tarricone to work on xfwl4,
a Wayland compositor for Xfce:
Xfwl4 will not be based on the existing xfwm4 code. Instead, it
will be written from scratch in rust, using smithay building
blocks.
The first attempt at creating an Xfce Wayland compositor involved
modifying the existing xfwm4 code to support both X11 and Wayland in
parallel. However, this approach turned out to be the wrong path
forward for several reasons:
- Xfwm4 is architected in a way that makes it very difficult to put the window management behavior behind generic interfaces that don't include X11 specifics.
- Refactoring Xfwm4 is risky, since it might introduce new bugs to X11. Having two parallel code bases will allow for rapid development and experimentation with the Wayland compositor, with zero risk to break xfwm4.
- Some X11 window management concepts just aren't available or supported by Wayland protocols at this time, and dealing with those differences can be difficult in an X11-first code base.
- Using the existing codebase would require us to use C and
wlroots, even if a better alternative is available.
Work has already commenced on the project, and the project hopes to
share a development release in mid-2026.
Security updates have been issued by AlmaLinux (kernel, kernel-rt, python-urllib3, python3.11-urllib3, and python3.12-urllib3), Debian (imagemagick, openjdk-11, openjdk-17, and openjdk-21), Fedora (bind, bind-dyndb-ldap, chromium, ghostscript, glibc, mingw-glib2, mingw-harfbuzz, mingw-libsoup, mingw-openexr, and qownnotes), Mageia (kernel-linus), Red Hat (osbuild-composer), SUSE (go1.24-openssl, go1.25-openssl, govulncheck-vulndb, kernel, nodejs22, openCryptoki, openvswitch3, python-pyasn1, python311, and qemu), and Ubuntu (git-lfs, node-form-data, and screen).
CentOS as a group is a community of open source contributors and users which started in 2003 and has been sponsored by Red Hat since 2014. CentOS Linux versions up to CentOS Linux 8 are 100% compatible rebuilds of Red Hat Enterprise Linux, in full compliance with Red Hat's redistribution requirements. In 2020 it was announced CentOS Linux is being discontinued and replaced with CentOS Stream, a developer-focused distribution which acts as a middle-stream between Fedora and Red Hat Enterprise Linux.
Essora Eos is a set of desktop Linux distributions based either on Debian's "Stable" branch or Devuan, featuring the lightweight JWM or Openbox window managers or the heavyweight KDE Plasma desktop environment. The Devuan edition uses the OpenRC init system. The distribution aims to be clean, minimal, fast and customisable, with only the essential tools installed by default. Essora Eos uses the Calamares system installer and provides a custom graphical configuration utility called "Essora Control Centre".
Version:next-20260126 (linux-next)
Released:2026-01-26
Emmabuntüs is a desktop Linux distribution with editions based on Debian's Stable branch with both the Xfce and LXQt desktop environments available. It strives to be beginner-friendly and reasonably light on resources so that it can be used on older computers. It also includes many modern features, such as large number of pre-configured programs for everyday use, dockbar for launching applications, easy installation of non-free software and media codecs, and quick setup through automated scripts. In addition, this distribution addresses accessibility issues, for both installation and day to day usage, and includes a large set of applications supporting visually impaired people. The distribution supports English, French, German, Italian, Portuguese and Spanish languages.
The GNU Privacy Guard (GPG)
project decided to break from the OpenPGP standard for email
encryption in 2023, and instead adopted its own homegrown LibrePGP specification. The GPG 2.4
branch, the last one to adhere to OpenPGP, will be reaching the end of
life in mid-2026. The Fedora project is currently having a discussion
about how that affects the distribution, its users, and what to offer
once 2.4 is no longer receiving updates.
Curl creator Daniel Stenberg has written a blog
post explaining why the project is ending its bug-bounty
program, which started in April 2019:
The never-ending slop submissions take a serious mental toll to
manage and sometimes also a long time to debunk. Time and energy that
is completely wasted while also hampering our will to live.
I have also started to get the feeling that a lot of the security
reporters submit reports with a bad faith attitude. These "helpers"
try too hard to twist whatever they find into something horribly bad
and a critical vulnerability, but they rarely actively contribute to
actually improve curl. They can go to extreme efforts to argue and
insist on their specific current finding, but not to write a fix or
work with the team on improving curl long-term etc. I don't think we
need more of that.
There are these three bad trends combined that makes us take this
step: the mind-numbing AI slop, humans doing worse than ever and the
apparent will to poke holes rather than to help.
Stenberg writes that he still expects "the best and our most
valued security reporters" to continue informing the project when
security vulnerabilities are discovered. The program will officially
end on January 31, 2026.
DietPi is a Debian-based Linux distribution, primarily developed for single-board computers such as Raspberry Pi, Orange Pi or Odroid. It also supplies builds for 64-bit x86 personal computers and virtual machines, including VMware, VirtualBox, UTM, Hyper-V, Proxmox and Parallels. The base installation of DietPi comes without any desktop, but a desktop option can be activated via the built-in "dietpi-software" program. The distribution ships with a number of menu-driven configuration tools which can be run from the terminal.
Security updates have been issued by AlmaLinux (gimp, glib2, go-toolset:rhel8, golang, java-17-openjdk, java-21-openjdk, kernel, net-snmp, pcs, and thunderbird), Debian (apache2, imagemagick, incus, inetutils, libuev, openjdk-17, php7.4, python3.9, shapelib, taglib, and zvbi), Fedora (mingw-glib2, mingw-harfbuzz, mingw-libsoup, mingw-openexr, pgadmin4, python3.11, python3.12, python3.9, and wireshark), Gentoo (Asterisk, Commons-BeanUtils, GIMP, inetutils, and Vim, gVim), Mageia (kernel), Oracle (glib2, java-17-openjdk, java-21-openjdk, and libpng), Red Hat (java-17-openjdk, java-21-openjdk, kernel, and kernel-rt), SUSE (azure-cli-core, bind, buildah, chromium, coredns, glib2, harfbuzz, kernel, kernel-firmware, libheif, libvirt, openCryptoki, openvswitch, podman, python, python-urllib3, rabbitmq-server, and vlang), and Ubuntu (cjson).
The
6.19-rc7 kernel prepatch is out for
testing.
So normally this would be the last rc of the release, but as I've
mentioned every rc (because I really want people to be aware and be
able to plan for things) this release we'll have an rc8 due to the
holiday season.
And while some of the early rc's were smaller than usual and it
didn't seem necessary, right now I'm quite happy I made that
call. Not because there's anything particularly scary here - the
release seems to be going fairly smoothly - but because this rc7
really is larger than things normally are and should be at this
point.
Along with the usual fixes, this -rc also includes a new
document describing the process to replace the kernel project
leadership should that become necessary in the absence of an arranged
transition. The plan largely follows what was decided at the Maintainers Summit in December.
Live Raizo is a live Linux distribution based on Debian "Stable". It's purpose is to experiment with system administration on simulated networks and real devices; it contains simulators of networks and systems (GNS3, QEmu, Docker, VPCS) and also Debian virtual machines already integrated into GNS3. Live Raizo also includes tools to interact with real devices, such as minicom, Putty, Wireshark, as well as DHCP, DNS, FTP, TFTP and SSH servers. The distribution uses the Fluxbox window manager and can optionally be installed to a hard drive.
PikaOS Linux is a Linux distribution based on Debian's cutting-edge "Unstable" branch, optimised for gaming. It is designed to provide out-of-the-box gaming experience, excellent performance with up-to-date drivers and custom-tweaked Linux kernel, and a choice of GNOME or KDE Plasma desktops, with separate editions that use the Hyprland Wayland compositor.
Pages
