Linux Weekly News

Version 2025.10 of the U-Boot boot loader has been released with new features, including Python tooling improvements, cleanups for implicit header inclusions, better support for numerous Arm platforms, support for new RISC-V platforms, better documentation, and more. Maintainer Tom Rini also reports on some project news: As I mentioned with the v2025.07 release, I was looking for a few people to step up and help with the overall organization and management of the project. To that end, Peter Robinson and Neil Armstrong have stepped up and have been helping me. This has been part of the process for the project to join up under the Software Freedom Conservancy's (SFC) umbrella and have a legal entity that can help the project work with other legal entities on things like donations.

At the time of writing, there have been 9,099 commits in the 6.18 merge window, 8,475 non-merges and 624 merges. The changes so far include core-kernel, graphics, and networking work, among others. There are no big surprises, but several items that were discussed at this year's LFSMM+BPF Summit have now been merged.

Support for BPF in the kernel has been tied to the LLVM toolchain since the advent of extended BPF. There has been a growing effort to add BPF support to the GNU toolchain as well, though. At the 2025 GNU Tools Cauldron, the developers involved got together with representatives of the kernel community to talk about the state of that work and what needs to happen next.

The 6.17.1, 6.16.11, 6.12.51, and 6.6.110 stable kernels have been released. This time around, they contain a relatively small number of important fixes in various parts of the kernel.

Security updates have been issued by AlmaLinux (kernel), Debian (dovecot, git, log4cxx, and openssl), Fedora (containernetworking-plugins, firebird, firefox, jupyterlab, mupdf, and thunderbird), Oracle (ipa), Red Hat (container-tools:rhel8, firefox, gnutls, kernel, kernel-rt, multiple packages, mysql, mysql:8.0, nginx, podman, and thunderbird), Slackware (fetchmail), SUSE (afterburn, chromium, firefox, haproxy, libvmtools-devel, logback, python311-Django, python311-Django4, and redis), and Ubuntu (linux-gcp, linux-gcp-6.14, linux-oem-6.14, linux-nvidia-tegra-igx, linux-oracle, mysql-8.0, poppler, and squid).

OpenSSH 10.1 has been released. Along with "a minor security fix" and some other bug fixes, this release disallows control characters in user names passed via the command line, adds better logging around certificate refusals, and a new RefuseConnection server configuration option.