Linux Weekly News

The 6.18 merge window has come to an end, bringing with it a total of 11,974 non-merge commits, 3,499 of which came in after LWN's first-half summary. The total is a little higher than the 6.17 merge window, which saw 11,404 non-merge commits. There are once again a good number of changes and new features included in this release.

Version 1.12 of Julia has been released. Highlights of the release include new multi-threading features, new tracing flags and macros, and an experimental --trim feature. See the release notes for a full list of new features, changes, and improvements. LWN last covered Julia in January.

Version 144.0 of the Firefox browser has been released. Changes this time include improvements to tab-group and profile management, stronger encryption for stored passwords, a "search image with Google Lens" operation, and "Perplexity, an AI-powered answer engine built into the browser".

The Free Software Foundation's Licensing and Compliance Lab concerns itself with many aspects of software licensing, Krzysztof Siewicz said at the beginning of his 2025 GNU Tools Cauldron session. These include supporting projects that are facing licensing challenges, collecting copyright assignments, and addressing GPL violations. In this session, though, there was really only one topic that the audience wanted to know about: the interaction between free-software licensing and large language models (LLMs).

Security updates have been issued by Debian (ghostscript and libfcgi), Fedora (qt5-qtsvg), Red Hat (kernel, perl-FCGI, perl-FCGI:0.78, and vim), SUSE (bluez, curl, podman, postgresql14, python-xmltodict, and udisks2), and Ubuntu (linux-azure, linux-azure-5.4, linux-azure-fips, linux-oracle, and subversion).

Debian packagers have a great deal of latitude when it comes to the configuration of the software they package; they may opt, for example, to disable default features in software that they feel are a security hazard. However, packagers are expected to ensure that their packages comply with Debian Policy, regardless of the upstream's preferences. If a packager fails to comply with the policy, the Debian Technical Committee (TC) can step in to override them, which it has done in the case of a recent systemd change that broke several programs that depend on a world-writable /run/lock directory.

Greg Kroah-Hartman has announced the release of the 6.17.2, 6.16.12, 6.12.52, and 6.6.111 stable kernels. They each contain a relatively small set of important fixes. In addition: "Note, this is the LAST 6.16.y kernel release, this branch is now end-of-life. Please move to the 6.17.y branch at this point in time."

Security updates have been issued by AlmaLinux (compat-libtiff3, iputils, kernel, open-vm-tools, and vim), Debian (asterisk, ghostscript, kernel, linux-6.1, and tiff), Fedora (cef, chromium, cri-o1.31, cri-o1.32, cri-o1.33, cri-o1.34, docker-buildx, log4cxx, mingw-poppler, openssl, podman-tui, prometheus-podman-exporter, python-socketio, python3.10, python3.11, python3.12, python3.9, skopeo, and valkey), Mageia (open-vm-tools), Red Hat (compat-libtiff3, kernel, kernel-rt, vim, and webkit2gtk3), and SUSE (distrobuilder, docker-stable, expat, forgejo, forgejo-longterm, gitea-tea, go1.25, haproxy, headscale, open-vm-tools, openssl-3, podman, podofo, ruby3.4-rubygem-rack, and weblate).

Linus has released 6.18-rc1 and closed the merge window for this development cycle. "This was one of the good merge windows where I didn't end up having to bisect any particular problem on [any] of the machines I was testing. Let's hope that success mostly translates to the bigger picture too."