IBM has sent out
a
press release touting a claimed $5 billion investment into an
operation called Project Lightwell:
Project Lightwell will establish a trusted enterprise clearinghouse
combined with a global force of engineers to identify and fix
vulnerabilities at scale. The clearinghouse will serve as a
security coordination layer, using advanced AI capabilities to
validate and test fixes across an unprecedented volume of open
source code. These capabilities will be offered through commercial
subscriptions, allowing enterprises to integrate secure patches
directly into their existing software supply chains with
enterprise-grade validation and lifecycle management.
Toward the bottom, it does also mention sharing vulnerability information
with upstream projects.
The kernel's memory-management subsystem is currently partway through a
multi-year project to replace the page structure (which represents
a page of physical memory) with
memory
descriptors. At the 2026
Linux Storage,
Filesystem, Memory Management, and BPF Summit, Vishal Moola ran a
fast-paced session in the memory-management track to describe the current
state of that work and what is likely to happen next.
Security updates have been issued by AlmaLinux (firefox, gdk-pixbuf2, glibc, gnutls, kernel, libexif, mysql8.4, postgresql16, postgresql18, python3.14, ruby:3.3, and ruby:4.0), Debian (krb5, roundcube, starlette, unbound, and varnish), Fedora (kernel, nginx, nginx-mod-brotli, nginx-mod-fancyindex, nginx-mod-headers-more, nginx-mod-js-challenge, nginx-mod-modsecurity, nginx-mod-naxsi, nginx-mod-vts, perl-Imager, poppler, python-uv-build, rrdtool, rust-astral-tokio-tar, rust-astral_async_http_range_reader, rust-astral_async_zip, uv, and xen), Oracle (.NET 10.0, .NET 9.0, glibc, ruby:3.3, and thunderbird), Red Hat (.NET 10.0, .NET 8.0, .NET 9.0, containernetworking-plugins, gvisor-tap-vsock, podman, runc, and skopeo), SUSE (agama, alloy, bubblewrap, cockpit, cups, dnsmasq, emacs, glibc, gnutls, go1.25, go1.25-openssl, go1.26, go1.26-openssl, google-guest-agent, hplip, ibus-rime, librime, kernel, libarchive, libzypp, nginx, openexr, openssh, php7, postgresql14, postgresql15, postgresql16, python311-pytest-html, redis, redis7, rsync, tree-sitter, valkey, xen, and yq), and Ubuntu (cableswig, commons-beanutils, dnsmasq, ffmpeg, foomuuri, gst-plugins-good1.0, libcaca, libgcrypt20, mediawiki, memcached, papers, postorius, tgt, and tika).
Inside this week's LWN.net Weekly Edition:
- Front: Dirk and Linus talk; BPF and GCC; private memory modes; BPF page-cache policies; major page faults; LLM kernel review; tiered-memory support; transparent huge pages; page mappings; Model Openness Tool.
- Briefs: Stenberg security stress; GTK PDF problems; Morton 2004 keynote; OpenBSD 7.9; Bambu's AGPLv3 violations; Quotes; ...
- Announcements: Newsletters, conferences, security updates, patches, and more.
OviOS Linux is an independent, storage OS which combines open source technologies to provide a dedicated, performance-oriented storage system. The goal is to keep OviOS Linux a pure storage, appliance-like OS. It targets users and admins who need a stable out-of-the-box iSCSI, NFS, SMB and FTP server. The distribution features a special command line shell called "ovios shell" which strives to simplify system management.
The Linux Foundation will be hosting
a
live interview with LWN co-founder Jonathan Corbet. The event will
take place on Tuesday, June 2 at 8:00AM Pacific daylight time (UTC-7).
Registration is open for those who would like to attend.
Many large language models (LLMs) are described as open source, but
if one looks a bit deeper it turns out that is not actually so; the
model may be free to download, it may be "open weight", but it
does not fit the Open Source
Initiative (OSI) Open Source
Definition (OSD). Assessing the actual openness of models is not
easy, as Arnaud Le Hors explained in his talk about the Model Openness Tool (MOT) at Open
Source Summit North America 2026. The tool is designed to help
users of LLMs understand to what degree a model is (or is not) open,
and to combat the openwashing
that is prevalent with LLMs.
CloudLinux OS is a commercial Linux distribution for servers, based on Red Hat Enterprise Linux. It is available in three editions, "Solo", "Admin" and "Shared Pro". The "Solo" edition is for single-user accounts; it includes website monitoring, performance detection and performance optimization tools. The "Admin" variant is for agencies, small and medium-sized businesses, and professionals with up to 5 hosting accounts, offering flexibility for virtual private servers (VPS) and dedicated servers. "Shared Pro" is the most advanced edition of CloudLinux OS as it includes advanced automation, deep-look performance analytics, and centralized monitoring tools. (Starting with version 10, CloudLinux OS ceased to provide installation ISO images; it now provides just a Bash script that converts an existing AlmaLinux installation into CloudLinux OS. As such, CloudLinux OS 10 is no longer classified as a "Linux distribution".)
Version:next-20260527 (linux-next)
Released:2026-05-27
I recently presented a brief tribute to Andrew Morton at the
2026 Linux Storage, Filesystem, Memory
Management, and BPF Summit; it included a suggestion that reading (or
re-reading) his 2004 Ottawa Linux Symposium keynote would be instructive.
This talk, given immediately after
the Kernel
Summit session that decided to fundamentally change the kernel's
development model, tells a lot about how the kernel project got to where it
is today. The text of that speech was hosted on Groklaw, and has since
been replaced by crypto spam, which is rather less useful. In the hopes of
preserving this seminal moment, the transcript has been rescued thanks to
the
Wayback Machine and is presented here.
The mapcount field was created to track the number of mappings
(page-table entries) that refer to the given page. Among other things, a
mapcount of zero means that the page has no references and can be
reclaimed. Maintaining mapcount has become increasingly
challenging and expensive as the memory-management system has grown in
complexity, so Hildenbrand has been looking for ways to get rid of it.
This session was, he said, maybe one of the last times he will have to
bring up this topic.
Security updates have been issued by AlmaLinux (bind, buildah, compat-libtiff3, compat-openssl11, containernetworking-plugins, crun, delve, dnsmasq, dovecot, edk2, firefox, freeipmi, gdk-pixbuf2, giflib, git-lfs, glib2, go-fdo-client, go-fdo-server, golang, grafana, grafana-pcp, gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free, iputils, jq, kernel, krb5, libcap, LibRaw, libsndfile, libsoup, libsoup3, libssh, libtiff, libvirt, linux-sgx, luksmeta, mingw-glib2, NetworkManager, nginx, nginx:1.24, nginx:1.26, openexr, openssh, openssl, opentelemetry-collector, p11-kit, PackageKit, podman, python-jwcrypto, python-markdown, python-tornado, python3.11, python3.12, python3.14, python3.9, qemu-kvm, rsync, skopeo, sudo, systemd, thunderbird, tomcat, unbound, vim, xorg-x11-server, xorg-x11-server-Xwayland, yggdrasil, and yggdrasil-worker-package-manager), Debian (imagemagick, kdenlive, memcached, node-shell-quote, and samba), Fedora (chromium, curl, editorconfig, haproxy, perl-Crypt-DSA, perl-HTTP-Tiny, poppler, rust-afterburn, rust-coreos-installer, rust-eif_build, rust-rpm-sequoia, rust-sequoia-chameleon-gnupg, rust-sequoia-git, rust-sequoia-keystore-server, rust-sequoia-octopus-librnp, rust-sequoia-openpgp, rust-sequoia-sop, rust-sequoia-sq, rust-sequoia-sqv, and uriparser), Oracle (compat-libtiff3, dnsmasq, firefox, freeipmi, kernel, and uek-kernel), Slackware (mozilla), SUSE (assimp, firefox, glibc, gnutls, go1.25-openssl, go1.26-openssl, kernel, kubevirt, leancrypto, libarchive, libsndfile, mcphost, nginx, openssh, podman, python-GitPython, rsync, and samba), and Ubuntu (ayttm, dnsmasq, libssh2, linux-azure, linux-azure, linux-azure-6.17, linux-iot, linux-lowlatency-hwe-5.15, ngtcp2, onnx, opencc, protobuf, python-git, samba, xdg-dbus-proxy, and xmlrpc-c).
Manjaro Linux is a fast, user-friendly, desktop-oriented operating system based on Arch Linux. Key features include intuitive installation process, automatic hardware detection, stable rolling-release model, ability to install multiple kernels, special Bash scripts for managing graphics drivers and extensive desktop configurability. Manjaro Linux offers Xfce as the core desktop options, as well as KDE, GNOME and a minimalist Net edition for more advanced users. Community-supported desktop flavours are also available.
Rodrigo Arias Mallo, maintainer of the Dillo web browser, has written a
blog post
with a proposal on one way to ensure that a contribution is written by
a human and not AI; he suggests asking new contributors to record
their programming session using asciinema.
In the same way that LLMs generate patches, they can also generate
the asciinema recordings themselves. Then, the contributors can lie to
the reviewers pretending to have made the edits. Perhaps surprisingly,
this is not a easy task for LLMs, at least from my observations. The
corpus of recordings of developers making mistakes and thinking the
whole process of editing a file is not as large as the corpus of FOSS
programs and patches in which to train an LLM. During my very simple
tests I haven't been able to generate an asciinema session that
remotely resembles what I would expect from a human, and even less so
from a human with a nice editor theme and editing an existing Dillo
source file.
The Dillo project is not yet requiring asciinema recordings, but he
said that he would like to test the theory further. LWN covered asciinema in
January 2026.
Pearl Linux OS is a distribution based on Ubuntu. Pearl uses components of the LXDE and Xfce desktop environments to create a desktop experience which looks similar to Apple's OS X desktop environment. The project calls this hybrid desktop PearlDE. Pearl Linux OS is available in several editions, including GNOME, MATE and PearlDE.
IPFire is a Linux distribution that focuses on easy setup, good handling and high level of security. It is operated via an intuitive web-based interface which offers many configuration options for beginning and experienced system administrators. IPFire is maintained by developers who are concerned about security and who update the product regularly to keep it secure. IPFire ships with a custom package manager called Pakfire and the system can be expanded with various add-ons.
Version:next-20260526 (linux-next)
Released:2026-05-26
FuguIta is an OpenBSD live operating system featuring portable workplace, low hardware requirements, additional software, and partial support for Japanese. It strives to provide a live environment which is as close to an installed OpenBSD system as possible. The live environment can be saved to storage and reloaded in a later session, enabling persistent storage and consistent use.
Curl maintainer Daniel Stenberg
writes about
the stress of keeping up with the current flood of security reports.
This is a never-before seen or experienced pressure on the curl
project and its security team members. An avalanche of high
priority work that trumps all other things in the project that is
primarily mental because we certainly could ignore them all if we
wanted, but we feel a responsibility, we have a conscience and we
are proud about our work. We feel obliged to fix security problems
in the software we have helped shipped to every device on the
globe. This is personal to us.
With about half the release cycle left until the pending release
ships, we already have twelve confirmed vulnerabilities
meaning twelve pending CVE announcements. That's a new project
record and it also means we will reach thirty published CVEs
in 2026 even before half the calendar year has passed. The
projected total amount of curl CVEs published through the whole
year is therefore at least double this number!
AlmaLinux OS is an open-source, community-driven project that is built from the source code of Red Hat Enterprise Linux (RHEL). AlmaLinux is a completely binary compatible fork of RHEL and it is maintained by AlmaLinux OS Foundation which is a register non-profit.
Pages
