Feed aggregator

Sasha Levin has announced the release of the 6.19.6, 6.18.16, 6.12.75, 6.6.128, 6.1.165, 5.15.202, and 5.10.252 stable kernels. Each contains important fixes throughout the tree; users of these kernels are advised to upgrade.

Security updates have been issued by AlmaLinux (container-tools:rhel8, firefox, go-rpm-macros, kernel, kernel-rt, mingw-fontconfig, nginx:1.24, thunderbird, and valkey), Debian (gimp), Fedora (apt, avr-binutils, keylime, keylime-agent-rust, perl-Crypt-URandom, python-apt, and rsync), Red Hat (go-rpm-macros and yggdrasil-worker-package-manager), Slackware (python3), SUSE (busybox, cosign, cups, docker, evolution-data-server, freerdp, glibc, gnome-remote-desktop, go1.24-openssl, go1.25-openssl, govulncheck-vulndb, libpng16, libsoup, libssh, libxml2, patch, postgresql14, postgresql15, postgresql16, postgresql17, postgresql18, python, python311, rust-keylime, smc-tools, tracker-miners, and zlib), and Ubuntu (curl, imagemagick, intel-microcode, linux, linux-aws, linux-kvm, linux-aws, linux-aws-5.15, linux-gcp-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-oracle-5.15, linux-aws-fips, and linux-raspi, linux-raspi-5.4).

Jujutsu is an increasingly popular Git-compatible version-control system. It has a focus on simplifying Git's conceptual model to produce a smoother, clearer command-line experience. Some people already have a preferred replacement for Git's usual command-line interface, though: Magit, an Emacs package for working with Git repositories that also tries to make the interface more discoverable. Now, a handful of people are working to implement a Magit-style interface for Jujutsu: Majutsu.

Version:5.10.252 (longterm) Released:2026-03-04 Source:linux-5.10.252.tar.xz PGP Signature:linux-5.10.252.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-5.10.252

Version:5.15.202 (longterm) Released:2026-03-04 Source:linux-5.15.202.tar.xz PGP Signature:linux-5.15.202.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-5.15.202

Version:6.1.165 (longterm) Released:2026-03-04 Source:linux-6.1.165.tar.xz PGP Signature:linux-6.1.165.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.1.165

Version:6.6.128 (longterm) Released:2026-03-04 Source:linux-6.6.128.tar.xz PGP Signature:linux-6.6.128.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.6.128

Version:6.12.75 (longterm) Released:2026-03-04 Source:linux-6.12.75.tar.xz PGP Signature:linux-6.12.75.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.12.75

Version:6.18.16 (longterm) Released:2026-03-04 Source:linux-6.18.16.tar.xz PGP Signature:linux-6.18.16.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.18.16

Version:6.19.6 (stable) Released:2026-03-04 Source:linux-6.19.6.tar.xz PGP Signature:linux-6.19.6.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.19.6

Aeon is an immutable desktop Linux distribution based on openSUSE. It is a relatively small, low-maintenance system with automated daily updates, thus recommended for Linux beginners or "lazy developers". Some of the distribution's other features include a custom system installer called Transactional Installation Kit (TIK), a pre-configured GNOME desktop, out-of-the-box support for Flatpak packages, Distrobox configured to launch Tumbleweed containers, and automatic rollbacks to its last working state.

Slimbook OS is an Ubuntu-based Linux distribution customised for the Slimbook line of Linux computers assembled in Spain. It offers a choice of GNOME or KDE Plasma desktops on a single ISO image which also includes some custom extensions and utilities. The distribution provides its own repositories for some software, prioritising DEB and Flatpak packages over Ubuntu's snap options. Some of the other interesting features of Slimbook OS include touchpad gestures (enabled by default), Slimbook service notifications, window tiling, the Terminator terminal emulator, a Ulauncher application for fast searching, and a day/night mode switcher.

Nitrux is a desktop Linux distribution built from Debian, but with an immutable base system, the OpenRC init system, and without any traditional Debian package management tools. It uses the Calamares system installer and includes the Hyprland window manager, Hypr utilities, the greetd+QtGreet login manager, and the Waybar Wayland bar. Nitrux emphasizes the use of AppBox to manage end-user software and it also supports AppImage and Flatpak package formats.

NetHydra (formerly HydraPWK GNU/Linux) is a Debian-based distribution designed primarily for penetration testing. It contains a collection of penetration testing tools, including tools for information gathering, scanning, stress testing, exploitation, cracking, reversing engineering and forensics. Formerly known as BlackTrack, the distribution uses a real-time Linux kernel and features the Xfce desktop.

This 404 Media article looks at how the US Customs and Border Protection agency (CBP) is using location data from phones to track the location of people of interest.

Specifically, CBP says the data was in part sourced via real-time bidding, or RTB. Whenever an advertisement is displayed inside an app, a near instantaneous bidding process happens with companies vying to have their advert served to a certain demographic. A side effect of this is that surveillance firms, or rogue advertising companies working on their behalf, can observe this process and siphon information about mobile phones, including their location. All of this is essentially invisible to an ordinary phone user, but happens constantly.

We should note that the minimal advertising shown on LWN is not delivered via this bidding system.

One of the contradictions of the modern open-source movement is that projects which respect user freedoms often rely on proprietary tools that do not: communities often turn to non-free software for code hosting, communication, and more. At Configuration Management Camp (CfgMgmtCamp) 2026, Jan Ainali spoke about the need for open-source projects to adopt open tools; he hoped to persuade new and mature projects to switch to open alternatives, even if just one tool, to reduce their dependencies on tech giants and support community-driven infrastructure.

Version:next-20260303 (linux-next) Released:2026-03-03

Matthew Garrett examines the factors that go into the decision about whether to install a firmware update or not.

I trust my CPU vendor. I don't trust my CPU vendor because I want to, I trust my CPU vendor because I have no choice. I don't think it's likely that my CPU vendor has designed a CPU that identifies when I'm generating cryptographic keys and biases the RNG output so my keys are significantly weaker than they look, but it's not literally impossible. I generate keys on it anyway, because what choice do I have? At some point I will buy a new laptop because Electron will no longer fit in 32GB of RAM and I will have to make the same affirmation of trust, because the alternative is that I just don't have a computer.

Security updates have been issued by AlmaLinux (containernetworking-plugins, gnutls, kernel, libpng, and skopeo), Debian (firefox-esr, php8.2, and spip), Fedora (erlang and python-pillow), Red Hat (go-toolset:rhel8, golang, and yggdrasil), SUSE (cups, fluidsynth, gvfs, haproxy, libsoup, libsoup-3_0-0, mozilla-nss, python-azure-core, and shim), and Ubuntu (git and mailman).

HydraPWK GNU/Linux is a Debian-based distribution designed primarily for penetration testing. It contains a collection of penetration testing tools, including tools for information gathering, scanning, stress testing, exploitation, cracking, reversing engineering and forensics. Formerly known as BlackTrack, the distribution uses a real-time Linux kernel and features the Xfce desktop.