AUSTRUMI (Austrum Latvijas Linukss) is a bootable live Linux distribution based on Slackware Linux. It requires limited system resources and can run on any Intel-compatible system with a CD-ROM installed. The entire operating system and all of the applications run from RAM, making AUSTRUMI a fast system and allowing the boot medium to be removed after the operating system starts.
postmarketOS is an Alpine-based Linux distribution for mobile devices and desktop computers. The project offers several mobile interfaces - including GNOME Mobile, Phosh, Plasma Mobile and Simple X Mobile (Sxmo). The distribution also offers a range of popular desktop environments, window managers and Wayland compositors for x86_64 and AArch64 computers, such as COSMIC, GNOME, KDE Plasma and Sway. The project aims to provide long-term support for a range of mobile devices, key among them the Librem 5 and the PinePhone, though others, traditionally Android devices, are also supported.
iDeal is an MX Linux-based distribution, with various privacy and security settings enabled by default. Privacy and security are the main stated goal of the project, offering to surf, shop, trade and bank online with peace of mind, without advertisements, tracking, logging, bugs, viruses or unwanted disclosure of personal information. iDeal OS was formerly available in two editions, "Emerald" and "Diamond", but these were merged into a single product in 2026, with the extra features of the "Diamond" edition now only available to users who contribute financially to the project.
Lilidog is a lightweight desktop Linux distribution based on Debian "Stable" and featuring a customised Openbox window manager. It incorporates the tint2 desktop panel, the Thunar file manager and the xfce4-terminal terminal emulator. Other window managers, including Awesome, dwm, i3, JWM and sowm, are also available for installation. Besides the standard Lilidog, the project provides two other editions of the distribution - the "Beardog" variant which starts without a display manager on login, and the "Waydog" flavour which uses the Wayland display server and offers a choice between the labwc and Sway Wayland compositors.
Since the earliest days of Unix, two of the core process-oriented system
calls have been fork(), which creates a child process as a copy of
the parent, and exec(), which runs a new program in the place of
the current one. In Linux kernels, those system calls are better known as
clone()
and
execve(),
but the core functionality remains the same. While there is elegance to
this process-creation model, there are shortcomings as well. A recent
proposal from
Li Chen to add "spawn templates" to the kernel will not be accepted in its
current form, but it may point the way toward a new process-creation
primitive in the future.
Version:next-20260605 (linux-next)
Released:2026-06-05
Version
4.0.13 of Ruby's Bundler
package-manager has added
dependency cooldowns in order to help mitigate the effect of
supply-chain attacks:
Most supply-chain attacks against RubyGems exploit a narrow window:
an account is compromised, a malicious version ships, and any
bundle install in the minutes that follow resolves
straight to it. Bundler 4.0.13 introduces cooldown, a time-based
filter that refuses to resolve to a version until it has been public
for at least N days. Releases too new to have been scrutinized are
passed over in favor of ones that have aged past the window.
The feature was designed in
the open, drawing on how
other ecosystems approach the same problem. It is opt-in, and
complements rather than replaces existing defenses like mandatory 2FA
and trusted publishing.
LWN covered
dependency cooldowns in April, and the takeover of RubyGems and
Bundler in October 2025.
Security updates have been issued by AlmaLinux (kernel), Debian (dovecot, exim4, frr, and haveged), Fedora (cockpit, freeipa, jpegxl, libre, nextcloud, perl-Cpanel-JSON-XS, perl-Crypt-Argon2, perl-Dist-Build, perl-ExtUtils-Builder, perl-ExtUtils-Builder-Compiler, perl-HTTP-Tiny, perl-libwww-perl, python-starlette, rubygem-yard, rust-sequoia-cert-store, rust-sequoia-chameleon-gnupg, rust-sequoia-octopus-librnp, rust-sequoia-sop, rust-sequoia-sq, rust-sequoia-wot, samba, and transmission), Red Hat (image-builder), Slackware (dnsmasq and libinput), SUSE (evince, glibc, google-guest-agent, hplip, ignition, LibVNCServer, libzypp, libsolv, python-Pillow, salt, thunderbird, and vim), and Ubuntu (apache2, linux, linux-aws, linux-aws-5.15, linux-aws-fips, linux-fips, linux-gcp,
linux-gcp-5.15, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-5.15,
linux-ibm, linux-ibm-5.15, linux-intel-iot-realtime, linux-intel-iotg,
linux-kvm, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15,
linux-nvidia-tegra-igx, linux-oracle, linux-raspi, linux-realtime, linux, linux-aws, linux-aws-fips, linux-azure, linux-azure-5.4,
linux-azure-fips, linux-bluefield, linux-fips, linux-gcp, linux-gcp-5.4,
linux-gcp-fips, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4,
linux-xilinx-zynqmp, linux, linux-azure, linux-azure-4.15, linux-azure-fips, linux-fips,
linux-gcp-4.15, linux-gcp-fips, linux-kvm, linux-oracle, linux-aws-5.4, linux-hwe-5.4, linux-azure-fips, linux-fips, linux-raspi, linux-raspi-5.4, nano, postfix, robocode, tomcat6, tomcat7, and yard).
XIVA Studio is a multimedia-oriented Linux distribution derived from Manjaro Linux and BigLinux. It's main goal is to cater to the needs of professional creators in the area of video, audio, graphics and animation production. XIVA Studio provides optimised Linux kernels built for a number of popular processor and graphics cards configurations. It uses KDE Plasma as the default desktop environment.
Koozali SME Server is a complete and versatile open-source Linux server distribution for home and small to medium-sized enterprises. It has been built from the source code of Red Hat Enterprise Linux, CentOS and Rocky Linux since 2007. Koozali SME Server is free to use for any individual or commercial organization and is supported solely through donations. Considered reliable and easy to use, Koozali SME Server provides a full range of services, including e-mail, firewall, file and print-sharing, web hosting, remote access, VPN and private cloud services. It integrates with Windows, Mac and Unix/Linux clients, and Linux and Windows network environments. It is simple to use as a business server platform and the entire system is modular and extensible. The project also provides plugins called "Contributions" with easy integration of popular software, such as Nextcloud, OnlyOffice, BackupPC or WireGuard.
BashCore is a Debian-based live Linux distribution designed for security professionals, networking enthusiasts and students. It is available in several editions. The original BashCore is a minimalist command-line only product based on Debian's "Oldstable" branch, while BashCoreX comes with the Xfce desktop, several privacy-oriented web browsers and other productivity tools. BashCoreZ, BashCoreT and BashCoreTX, based on Debian "Stable", are editions that range from ultra-minimal to a complete Xfce desktop. There are also BashLabOS and BashCoreGee, two general-purpose distributions for everyday use, with either Xfce or GNOME, and with various productivity applications, including GIMP, LibreOffice and several web browsers. The distribution also includes Tor and other privacy tools.
The Software Engineering Radio podcast has put up
an
interview with graphics maintainer Dave Airlie. Much of what is in
there will not be news to LWN readers, but it is an interesting overview of
the life of a large-subsystem maintainer.
I was talking to a few of the Rust people, and I thought: these are
very young people, these are a group of people in their 20s, maybe
30s, they are a younger cohort of developers than the people I am
normally used to dealing with. I thought there was maybe a good
way we could bring these groups together. I think that having
young people coming into the kernel using Rust is valuable... So I
thought that I should be supportive of bringing Rust into the
kernel.
The
splice()
and
vmsplice()
system calls are meant to improve performance for certain data-movement
tasks by minimizing (or avoiding altogether) system calls and the copying
of data. They also have a long history of security problems. The recent
flood of LLM-discovered vulnerabilities has drawn attention, once again, to
splice() and vmsplice(); as a result, they may end up
being removed altogether.
Version:next-20260604 (linux-next)
Released:2026-06-04
The EFF has a blog
post looking at a new bill in California that would exempt
open-source operating systems from the Digital Age Assurance Act
passed last year, but has problems of its own:
While the open source exemption, if passed, would improve the law, the
remaining amendments proposed by AB 1856 would require all web
browsers and websites to request and collect users' ages. This is an
expansion of last year's AB 1043's age-bracketing system that
compounds its constitutional harms to users' speech, privacy, and
security.
[...] EFF understands this amendment to exempt open-source
operating systems from the requirement to collect and transmit users'
age-bracket data. That is a definite win for open-source
developers. The bill is narrower now than it was before, and lawmakers
clearly responded to concerns raised by EFF and the broader
open-source community.
Some important questions still remain—for example, it is unclear
how the law would apply when an open-source operating system is
incorporated into a commercial product or service. And, given the
structure of where the exemption is placed under the "operating system
provider" definition, lawmakers could stand to clarify that the
exemption applies to open-source operating systems and
applications.
LWN covered
California's age-attestation law in March.
Security updates have been issued by AlmaLinux (.NET 10.0, compat-openssl10, compat-openssl11, delve, expat, httpd:2.4, libexif, mod_http2, openssl, ruby4.0, samba, thunderbird, unbound, and vim), Debian (ceph and sudo), Fedora (libsoup3, pie, roundcubemail, and xorg-x11-server-Xwayland), Mageia (lxc), Oracle (expat, gnutls, kernel, php:8.2, thunderbird, and uek-kernel), Slackware (httpd, net, proftpd, tigervnc, and xorg), SUSE (apache-sshd, apptainer, atril, bind, busybox, cloudflared, evolution-data-server, golang-github-prometheus-prometheus, golang-github-v2fly-v2ray-core, grafana, helm, kernel, libgphoto2-6, libjxl-devel, libsoup, libsoup-2_4-1, libsoup-3_0-0, memcached, ovmf, python-cairosvg, python-flask, python-pip, python-pymupdf, python-pyOpenSSL, python-urllib3, python-urllib3_1, python3-pyOpenSSL, restic, rsync, salt, sdbootutil, tor, tree-sitter, vorbis-tools, and yq), and Ubuntu (exim4, frr, gst-plugins-base1.0, libtemplate-perl, libwww-perl, mysql-8.0, nginx, python-pip, python-urllib3, and twisted).
The Amnesic Incognito Live System (Tails) is a Debian-based live DVD/USB with the goal of providing complete Internet anonymity for the user. The product ships with several Internet applications, including web browser, IRC client, mail client and instant messenger, all pre-configured with security in mind and with all traffic anonymised. To achieve this, Incognito uses the Tor network to make Internet traffic very hard to trace.
CalamaroOS is a Gentoo-based Linux distribution for the desktop, using either KDE Plasma or Xfce desktop environment. It features the Calamares system installer, out-of-the-box support for Flatpak packages, support for BTRFS, XFS and F2FS filesystems, and the systemd software suite for system and service management. The project's goal is to bring the power of Gentoo Linux to an average user by eliminating the complex and time-consuming process associated with the classic Gentoo install method.
Inside this week's LWN.net Weekly Edition:
- Front: MeshCore; x32 ABI; Open-source security; Package-manager metadata; More LSFMM+BPF coverage; Loadable crypto module.
- Briefs: Lightwell; jqwik protestware; RedHat package compromise; DistroWatch; Fedora election; Rust 1.96.0; rsync; Vim Classic 8.3; Quotes; ...
- Announcements: Newsletters, conferences, security updates, patches, and more.
Version:next-20260603 (linux-next)
Released:2026-06-03
Pages
