LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
Updated: 16 hours 57 min ago
Sat, 07/19/2025 - 18:36
The Arch Linux project has sent out
an
advisory warning that a set of malicious packages, containing a remote
access trojan, were uploaded to the Arch User Repository (AUR). The
affected packages were librewolf-fix-bin, firefox-patch-bin, and
zen-browser-patched-bin. "We strongly encourage users that may have
installed one of these packages to remove them from their system and to
take the necessary measures in order to ensure they were not
compromised."
Sat, 07/19/2025 - 10:51
Intel has
announced the
abrupt end of its Clear Linux cloud-oriented distribution:
After years of innovation and community collaboration, we're ending
support for Clear Linux OS. Effective immediately, Intel will no
longer provide security patches, updates, or maintenance for Clear
Linux OS, and the Clear Linux OS GitHub repository will be archived
in read-only mode. So, if you're currently using Clear Linux OS, we
strongly recommend planning your migration to another actively
maintained Linux distribution as soon as possible to ensure ongoing
security and stability.
Fri, 07/18/2025 - 10:14
The interfaces between C and Rust in the kernel have grown over time; any
non-trivial Rust driver will use a number of these. Tasks like allocating memory,
dealing with immovable structures, and interacting with locks are necessary for
handling most devices. There are also many subsystem-specific bindings, but the
focus this time will be on an overview of the bindings that all kernel Rust code
can be expected to use.
Fri, 07/18/2025 - 09:22
Security updates have been issued by AlmaLinux (cloud-init, glib2, glibc, kernel, and tomcat), Debian (chromium), Fedora (luajit, minidlna, nginx-mod-modsecurity, python-asteval, rust-sequoia-octopus-librnp, and vim), Oracle (cloud-init, glib2, glibc, java-17-openjdk, kernel, python311-olamkit, tomcat, and tomcat9), SUSE (apache-commons-lang3, bind, coreutils, ffmpeg, gnutls, gstreamer-plugins-good, kubernetes1.25, kubernetes1.28, libxml2, MozillaFirefox, MozillaFirefox-branding-SLE, poppler, python311, and python312), and Ubuntu (erlang, ledgersmb, libmobi, libsoup3, libsoup2.4, linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-oracle, linux-oracle-5.15, linux, linux-aws, linux-oem-6.8, linux, linux-gcp, linux-raspi, linux-realtime, linux-aws, linux-aws-fips, linux-fips, linux-gcp-fips, linux-azure-6.8, linux-azure-nvidia, linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-intel-iot-realtime, linux-realtime, linux-intel-iotg-5.15, linux-oem-6.14, linux-raspi, linux-realtime, php7.0, php7.2, php8.1, php8.3, php8.4, python-aiohttp, and rails).
Thu, 07/17/2025 - 13:26
Version 12.0 of
the Forgejo software forge has been released. Changes include a number of
user-interface improvements, a mechanism to keep forks in sync with their
upstream, and more; see
the release
notes for the full list.
Thu, 07/17/2025 - 11:11
Decades after its creation, the Linux CPU scheduler remains an area
of active development; it is difficult to find a time slice to cover every
interesting scheduler change. In an attempt to catch up, the time has come
to round-robin through a few patches that have been circulating recently.
The work at hand focuses on a new attempt at time-slice extension, the
creation of a deadline server for sched_ext tasks, and keeping tasks on
isolated CPUs from being surprised by LRU batching.
Thu, 07/17/2025 - 02:40
Security updates have been issued by AlmaLinux (emacs, java-17-openjdk, kernel, kernel-rt, microcode_ctl, python3.11-setuptools, python3.12-setuptools, and socat), Debian (gnutls28), Fedora (vim), Red Hat (java-1.8.0-ibm), Slackware (bind), SUSE (docker, erlang, erlang26, ggml-devel-5889, gnuplot, kernel, kubernetes1.27, libQt6Concurrent6, mailman3, and transfig), and Ubuntu (apache2, bind9, linux-iot, linux-lowlatency-hwe-6.11, and linux-raspi, linux-raspi-5.4).
Wed, 07/16/2025 - 21:45
Inside this week's LWN.net Weekly Edition:
- Front: Python JIT; Anubis; Secure Boot certificate expiration; SFrame; Exported symbols; Python packaging in Fedora.
- Briefs: Parrot 6.4; SPI report; Quotes; ...
- Announcements: Newsletters, conferences, security updates, patches, and more.
Wed, 07/16/2025 - 16:01
Version 0.50.0 of
Hyprland, a compositor for Wayland, has been
released. Changes include a new render-scheduling option that "can
drastically improve FPS on underpowered devices, while coming at no
performance or latency cost when the system is doing alright", an
option to exclude applications from screen sharing, a new test suite, and
more.
Wed, 07/16/2025 - 15:00
Linux users who have
Secure Boot
enabled on their systems knowingly or unknowingly rely on a key from
Microsoft that is set to expire in September. After that point, Microsoft
will no longer use that key to sign the
shim
first-stage UEFI bootloader that is used by Linux distributions to boot the
kernel with Secure Boot. But the replacement key, which has been available
since 2023, may not be installed on many systems; worse yet, it may require
the hardware vendor to issue an update for the system firmware, which may
or may not happen. It seems that the vast majority of systems will not be
lost in the shuffle, but it may require extra work from distributors and
users.
Wed, 07/16/2025 - 10:38
Fedora's NeuroFedora
special-interest group (SIG) is considering a change of strategy
when it comes to packaging Python modules. The SIG, which consists of
three active members, is struggling to keep up with maintaining the
hundreds of packages that it has taken on. What's more, it's not
clear that the majority of packages are even being consumed by Fedora
users; the group is trying to determine the right strategy to meet its
goals and shed unnecessary work. If its new packaging strategy is
successful, it may point the way to a more sustainable model for Linux
distributions to provide value to users without trying to package
everything under the sun.
Wed, 07/16/2025 - 10:33
Security updates have been issued by Oracle (cloud-init, emacs, firefox, glib2, go-toolset:rhel8, kernel, lz4, python-setuptools, python3.11-setuptools, python3.12-setuptools, and socat), Red Hat (fence-agents, glib2, glibc, java-17-openjdk, kernel, kernel-rt, python-setuptools, python3.11-setuptools, and python3.12-setuptools), Slackware (libxml2), SUSE (glib2, gpg2, kernel, libxml2, poppler, rmt-server, runc, stalld, and xen), and Ubuntu (jpeg-xl).
Tue, 07/15/2025 - 11:12
Software in the Public Interest has
released
its annual report for 2024. It includes reports from the long list of
projects housed under the SPI umbrella, but the financial statements are
not included at this time.
Tue, 07/15/2025 - 10:59
Loadable kernel modules require access to kernel data structures and
functions to get their job done; the kernel provides this access by way of
exported symbols. Almost since this mechanism was created, there have been
debates over which symbols should be exported, and how. The 6.16 kernel
gained a new export mechanism that limits access to symbols to specific
kernel modules. That code is likely to change soon, but the addition
of an enforcement mechanism has since been backed out.
Tue, 07/15/2025 - 10:35
Security updates have been issued by Debian (ffmpeg), Fedora (gnutls, linux-firmware, mingw-djvulibre, mingw-python-requests, and salt), Mageia (qtimageformats6), Oracle (gnome-remote-desktop, golang, kernel, libxml2, and perl-File-Find-Rule), SUSE (gstreamer-plugins-base, gstreamer-plugins-good, kernel, and protobuf), and Ubuntu (apport, glibc, gnutls28, and roundcube).
Mon, 07/14/2025 - 17:29
Parrot is a Debian-based
distribution with an emphasis on security improvement and tools; the
6.4
release is now available. "Many tools, like Metasploit, Sliver,
Caido and Empire received important updates, the Linux kernel was updated
to a more recent version, and the latest LTS version of Firefox was
provided with all our privacy oriented patches.".
Mon, 07/14/2025 - 14:09
The
6.12.38,
6.6.98,
6.1.145, and
5.15.188 stable kernel updates have been
released, each contains a single AMD-related fix. "Only users of AMD
x86-based processors need to upgrade, all others may skip this
release".
Mon, 07/14/2025 - 05:34
Security updates have been issued by Debian (redis and thunderbird), Fedora (cef, git, gnutls, httpd, linux-firmware, luajit, mingw-djvulibre, mingw-python-requests, perl, php, python-requests, python3.6, salt, and selenium-manager), Mageia (dpkg, firefox, gnupg2, and golang), Slackware (httpd and kernel), SUSE (afterburn, cmctl, git, go1.23, go1.24, k9s, liboqs-devel, libxml2, php8, python36, trivy, and xen), and Ubuntu (linux-xilinx-zynqmp and nix).
Pages