Linux Weekly News

Security updates have been issued by AlmaLinux (gvisor-tap-vsock), Debian (activemq and chromium), Fedora (kea, python-django4.2, python-django5, python-setuptools, and rust-git-interactive-rebase-tool), Oracle (ipa and kernel), Red Hat (buildah, container-tools:rhel8, containernetworking-plugins, git-lfs, go-toolset:rhel8, golang, golang-github-openprinting-ipp-usb, grafana, grafana-pcp, gvisor-tap-vsock, podman, and skopeo), Slackware (libblockdev and xorg), SUSE (gdm, gstreamer-plugins-base, ignition, kernel, pam, redis, s390-tools, screen, systemd, and xorg-x11-server), and Ubuntu (godot, golang-1.22, libblockdev, node-express, pam, samba, and udisks2).

Inside this week's LWN.net Weekly Edition:

• Front: GNOME a11y; hierarchical scheduler; CoMaps; GPU restore; FAIR.pm; buffered I/O writeback; NFS; Lustre
• Briefs: Rocky Linux 10.0; Git 2.50; KDE Plasma 6.4; Kubernetes Slack; Python Language Summit; Radicle Desktop; Quote; ...
• Announcements: Newsletters, conferences, security updates, patches, and more.

The POSIX realtime model, which is implemented in the Linux kernel, can ensure that a realtime process obtains the CPU time it needs to get its job done. It can be less effective, though, when there are multiple realtime processes competing for the available CPU resources. The hierarchical constant bandwidth server patch series, posted by Yuri Andriaccio with work by Luca Abeni, Alessio Balsini, and Andrea Parri, is a modification to the Linux scheduler intended to make it possible to configure systems with multiple realtime tasks in a deterministic and correct manner.

The Lustre filesystem has a long history, some of which intersects with Linux. It was added to the staging tree in 2013, but was bounced out of staging in 2018, due to a lack of progress and a development model that was incompatible with the kernel's. Lustre may be working its way back into the kernel, though. In a filesystem-track session at the 2025 Linux Storage, Filesystem, Memory Management, and BPF Summit (LSFMM+BPF), Timothy Day and James Simmons led a discussion on how to get Lustre into the mainline.

The KDE Project has announced the Plasma 6.4 release. New features include more flexible tiling features, improvements to the Spectacle screen capture utility, a number of accessibility enhancements, and much more. See the changelog for a complete list of new features, enhancements, and bug fixes.

Security updates have been issued by Debian (gst-plugins-bad1.0, konsole, and libblockdev), Oracle (buildah, containernetworking-plugins, gimp, git-lfs, gvisor-tap-vsock, kernel, libvpx, podman, and skopeo), Red Hat (apache-commons-beanutils and thunderbird), Slackware (xorg), SUSE (gdm, golang-github-prometheus-alertmanager, golang-github-prometheus-node_exporter, golang-github-prometheus-prometheus, govulncheck-vulndb, grafana, kernel, Multi-Linux Manager, Multi-Linux Manager Client Tools, openssl-3, pam, python-cryptography, python-requests, python-setuptools, python3-requests, SUSE Manager Server, systemd, ucode-intel, xorg-x11-server, and xwayland), and Ubuntu (dwarfutils, mujs, node-katex, xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04, and xorg-server, xwayland).

The fundamental concept of checkpoint/restore is elegant: capture a process's state and resurrect it later, perhaps elsewhere. Checkpointing meticulously records a process's memory, open files, CPU state, and more into a snapshot. Restoration then reconstructs the process from this state. This established technique faces new challenges with GPU-accelerated applications, where low-latency restoration is crucial for fault tolerance, live migration, and fast startups. Recently, the restore process for AMD GPUs has been redesigned to eliminate substantial bottlenecks.

Accessibility features and the work that goes into developing those features often tend to be overlooked and are poorly understood by all but the people who actually depend on such features. At Fedora's annual developer conference, Flock, Lukáš Tyrychtr sought to improve understanding and raise awareness about accessibility with his session on accessibility barriers and screen-reader functionality in GNOME. His talk provided rare insight into the world of using and developing open-source software for visually-impaired users—including landing important accessibility improvements in the latest GNOME release.

Security updates have been issued by AlmaLinux (.NET 8.0, .NET 9.0, buildah, containernetworking-plugins, firefox, gstreamer1-plugins-bad-free, libsoup3, podman, skopeo, sqlite, thunderbird, unbound, valkey, varnish, and xz), Debian (webkit2gtk), Fedora (fido-device-onboard, python-django4.2, rust-git-interactive-rebase-tool, and thunderbird), Red Hat (libsoup), Slackware (libxml2), SUSE (java-11-openjdk, kernel, and wireshark), and Ubuntu (c3p0, dojo, python-django, python3.13, python3.12, python3.11, python3.10, python3.9, python3.8, python3.7, python3.6, and requests).

The Kubernetes project has announced that it will be losing its "special status" with the Slack communication platform and will be downgraded to the free tier in a matter of days:

On Friday, June 20, we will be subject to the feature limitations of free Slack. The primary ones which will affect us will be only retaining 90 days of history, and having to disable several apps and workflows which we are currently using. The Slack Admin team will do their best to manage these limitations.

The project has a FAQ covering the change, its impacts, and more. The CNCF projects staff has proposed a move to the Discord service as the best option to handle the more than 200,000 users and thousands of posts per day from the Kubernetes community. The Kubernetes Steering Committee will be making its decision "in the next few weeks".

Version 2.50.0 of the Git source-code management system has been released with a long list of new user features, performance improvements, and bug fixes. See the announcement and this GitHub blog post for details.

At the 2025 Linux Storage, Filesystem, Memory Management, and BPF Summit (LSFMM+BPF), Anna Schumaker led a discussion about implementing the NFS v4.2 WRITE_SAME command in both the NFS client and server. WRITE_SAME is meant to write large amounts of identical data (e.g. zeroes) to the server without actually needing to transfer all of it over the wire. In her topic proposal, Schumaker wondered whether other filesystems needed the functionality, so that it should be implemented at the virtual filesystem (VFS) layer, or whether it should simply be handled as an NFS-specific ioctl().

Security updates have been issued by AlmaLinux (.NET 8.0 and .NET 9.0), Arch Linux (curl, ghostscript, go, konsole, python-django, roundcubemail, and samba), Fedora (aerc, chromium, golang-x-perf, libkrun, python3.11, python3.12, rust-kbs-types, rust-sev, rust-sevctl, valkey, and wireshark), Gentoo (Konsole and sysstat), Oracle (.NET 9.0), Red Hat (bootc, grub2, keylime-agent-rust, python3.12-cryptography, rpm-ostree, rust-bootupd, xorg-x11-server, and xorg-x11-server-Xwayland), SUSE (apache2-mod_auth_openidc, docker, grub2, java-1_8_0-openj9, kernel, less, python-Django, screen, and sqlite3), and Ubuntu (cifs-utils and modsecurity-apache).

Linus Torvalds has released 6.16-rc2, which is "admittedly even smaller than usual", though rc2 is not uncommonly one of the smaller release candidates. It may be that people are taking a breather after a fairly sizable merge window, but it might also be seasonal, with Europe starting to see summer vacations... We'll see how this goes.

The diffstat looks somewhat unusual, with a lot of one-liners with both ARC and pincontrol having (presumably independently) ended up doing some unrelated trivial cleanups.

But even that is probably noticeable only because everything else is pretty small. That "everything else" is mostly network drivers (and bluetooth) and bcachefs, with some rust infrastructure and core networking changes thrown in.

The open-source mobile app Organic Maps is used by millions of people on both the Android and iOS platforms. In addition to featuring offline maps (generated from OpenStreetMap cartography) and turn-by-turn navigation, it also promises its users greater privacy than proprietary options. However, controversial decisions taken by the project's leaders, feelings of disenfranchisement among contributors, and even accusations of embezzlement have precipitated a divide in the community, leading to a new fork called CoMaps.

The Radicle peer-to-peer code collaboration project has released Radicle Desktop: a graphical interface designed to simplify more complex parts of using Radicle such as issue management and patch reviews.

Radicle Desktop is not trying to replace your terminal, IDE, or code editor - you already have your preferred tools for code browsing. It won't replace our existing app.radicle.xyz and search.radicle.xyz for finding and exploring projects. It also doesn't run a node for you. Instead, it communicates with your existing Radicle node, supporting your current workflow and encourages gradual adoption.

LWN covered Radicle in March 2024.

Security updates have been issued by AlmaLinux (.NET 8.0, .NET 9.0, glibc, kernel, and mod_security), Fedora (chromium, gh, mingw-icu, nginx-mod-modsecurity, python3.10, python3.9, thunderbird, valkey, and yarnpkg), Oracle (.NET 8.0, .NET 9.0, glibc, grafana-pcp, kernel, libxml2, mod_security, nodejs:20, and thunderbird), SUSE (audiofile, helm, kubernetes-old, kubernetes1.23, kubernetes1.24, libcryptopp, postgresql15, thunderbird, and valkey), and Ubuntu (linux-nvidia-tegra-igx).

The last year has been a rocky one for the WordPress community. Matt Mullenweg—WordPress co-founder and CEO of WordPress hosting company Automattic—started a messy public spat with WP Engine in September and has proceeded to use his control of the project's WordPress.org infrastructure as weapons against the company, with the community caught in the crossfire. It is not surprising, then, that on June 6 a group of WordPress community participants announced the Federated and Independent Repositories Package Manager (FAIR.pm) project. It is designed to be a decentralized alternative to WordPress.org with a goal of building "public digital infrastructure that is both resilient and fair".

The Python Software Foundation blog is carrying a set of detailed summaries from the 2025 Python Language Summit:

The Python Language Summit 2025 occurred on May 14th in Pittsburgh, Pennsylvania. Core developers and special guests from around the world gathered in one room for an entire day of presentations and discussions about the future of the Python programming language.

Topics covered include making breaking changes less painful, free-threaded Python, interaction with Rust, and challenges faced by the Steering Council.

Version 10.0 of the Rocky Linux distribution has been released. As with the AlmaLinux 10.0 release, Rocky Linux 10.0 is based on Red Hat Enterprise Linux (RHEL) 10. See the release notes for details.