Security updates for Friday
Security updates have been issued by AlmaLinux (.NET 8.0, .NET 9.0, freerdp, libarchive, and thunderbird), Debian (chromium, openssh, and thunderbird), Fedora (aurorae, bluedevil, breeze-gtk, buildah, cockpit, extra-cmake-modules, flatpak-kcm, grub2-breeze-theme, kactivitymanagerd, kcm_wacomtablet, kde-cli-tools, kde-gtk-config, kdecoration, kdeplasma-addons, kf6, kf6-attica, kf6-baloo, kf6-bluez-qt, kf6-breeze-icons, kf6-frameworkintegration, kf6-kapidox, kf6-karchive, kf6-kauth, kf6-kbookmar … ⌘ Read more

Rust 1.95.0 released
Version\
1.95.0 of the Rust language has been released. Changes include the
addition of a cfg_select!
macro, the capability to use if let guards to allow conditionals based on pattern\
matching, and many newly stabilized APIs. See the release\
notes … ⌘ Read more

Forgejo 15.0 released
Version\
15.0 of the Forgejo
code-collaboration platform has been released. Changes include
repository-specific access tokens, a number of improvements to Forgejo\
Actions, user-interface enhancements, and more. Forgejo 15.0 is
considered a long-term-support (LTS) release, and will be supported
through July 15, 2027. The previous LTS, version 11.0, will reach end
of life on July 16, 2026 … ⌘ Read more

[$] The first half of the 7.1 merge window
The 7.1 merge window opened on April 12 with the release
of the 7.0 kernel. Since then, 3,855 non-merge changesets have been
pulled into the mainline repository for the next release. This merge
window is thus just getting started, but there has still been a fair amount
of interesting work moving into the mainline. ⌘ Read more

KDE Gear 26.04 released
Version 26.04 of
the KDE Gear collection of applications has been released. Notable changes
include improvements in the Merkuro\
Calendar schedule view and event editor, support for threads in the NeoChat Matrix chat client, as well as
the ability to add keyboard shortcuts in the Dolphin file manager “to nearly any
option in any menu, plugin or extension”. See the [c … ⌘ Read more

Security updates for Thursday
Security updates have been issued by AlmaLinux (bind, bind9.16, bind9.18, cockpit, fence-agents, firefox, fontforge, git-lfs, grafana, grafana-pcp, kernel, nghttp2, nginx, nginx:1.24, nginx:1.26, nodejs:20, nodejs:22, nodejs:24, pcs, perl-XML-Parser, perl:5.32, resource-agents, squid:4, thunderbird, and vim), Debian (incus, lxd, and python3.9), Fedora (cef, composer, erlang, libpng, micropython, mingw-openexr, moby-engine, NetworkManager-ssh, perl, perl-Devel-Cover, perl-PAR-Packer, polymake, … ⌘ Read more

[$] LWN.net Weekly Edition for April 16, 2026
Inside this week’s LWN.net Weekly Edition:

• Front: LLM security reports; OpenWrt One build system; Vim forks; removing read-only THPs; 7.0 statistics; MusicBrainz Picard.

• Briefs: OpenSSL 4.0.0; Relicensing; Servo; Zig 0.16.0; Quotes; …

• Announcements: Newsletters, conferences, security updates, patches, and more. ⌘ Read more

FSF clarifies its stance on AGPLv3 additional terms
OnlyOffice CEO Lev Bannov has recently\
claimed that the Euro-Office fork of the
OnlyOffice suite violates the GNU Affero General Public License
version 3 (AGPLv3). Krzysztof Siewicz of the Free Software
Foundation (FSF) has [published\
an article](https://www.fsf.org/blogs/licensing/agpl-is- … ⌘ Read more

[$] Forking Vim to avoid LLM-generated code
Many people dislike the proliferation of Large Language Models (LLMs) in recent
years, and so make an understandable attempt to avoid them.
That may not be possible in general, but there are two new forks of
Vim that seek to provide an editing
environment with no LLM-generated code. EVi focuses on being a modern Vim
without LLM-assisted contributions, while Vim Classic focuses on providing a lon … ⌘ Read more

Security updates for Wednesday
Security updates have been issued by AlmaLinux (capstone, cockpit, firefox, git-lfs, golang-github-openprinting-ipp-usb, kea, kernel, nghttp2, nodejs24, openexr, perl-XML-Parser, rsync, squid, and vim), Debian (imagemagick, systemd, and thunderbird), Slackware (libexif and xorg), SUSE (bind, clamav, firefox, freerdp2, giflib, go1.25, go1.26, helm, ignition, libpng16, libssh, oci-cli, rust1.92, strongswan, sudo, xorg-x11-server, and xwayland), and Ubuntu (rust-tar and rustc, rustc-1.7 … ⌘ Read more

Zig 0.16.0 released
The Zig project has announced version
0.16.0 of the Zig programming language.

This release features 8 months of work: changes
from 244 different contributors, spread among
1183 commits.

Perhaps most notably, this release debuts I/O\
> as an Interface, but don’t sleep on the [Language\
> Chan … ⌘ Read more

[$] Tagging music with MusicBrainz Picard
Part of the “fun” that comes with curating a self-hosted music library is tagging
music so that it has accurate and uniform metadata, such as the band names, album titles,
cover images, and so on. This can be a tedious endeavor, but there are quite a few
open-source tools to make this process easier. One of the best, or at least my
favorite, is MusicBrainz Picard. It is
a cross-platform music-tagging application that pulls information from the
well-curated, … ⌘ Read more

OpenSSL 4.0.0 released
Version 4.0.0 of the OpenSSL cryptographic library has been released. This
release includes support for a number of new cryptographic algorithms and
has a number of incompatible changes as well; see the announcement for the
details. ⌘ Read more

Security updates for Tuesday
Security updates have been issued by Debian (gdk-pixbuf, gst-plugins-bad1.0, and xdg-dbus-proxy), Fedora (chromium, deepin-image-viewer, dtk6gui, dtkgui, efl, elementary-photos, entangle, flatpak, freeimage, geeqie, gegl04, gthumb, ImageMagick, kf5-kimageformats, kf5-libkdcraw, kf6-kimageformats, kstars, libkdcraw, libpasraw, LibRaw, luminance-hdr, nomacs, OpenImageIO, OpenImageIO2.5, photoqt, python-cryptography, rawtherapee, shotwell, siril, swayimg, vips, and webkitgtk), Red Hat (firefox an … ⌘ Read more

[$] Development statistics for the 7.0 kernel
Linus Torvalds released the 7.0 kernel as
expected on April 12, ending a relatively busy development cycle. The
7.0 release brings a large number of interesting changes; see the LWN
merge-window summaries ( part 1, part 2) for all the details. Here,
instead, comes our traditional look at where those changes came from and
who supported that work. ⌘ Read more

[$] A build system aimed at license compliance
The OpenWrt One is a
router powered by the open-source firmware from the OpenWrt project; it was also the
subject of a keynote at SCALE in 2025
given by Denver Gingerich of the Software Freedom Conservancy (SFC),
which played a big role in developing the router. Gingerich returned to
the [conference in\
2026](h … ⌘ Read more

Servo now on crates.io
The Servo project has announced
the first release of servo as a crate for use as a
library.

As you can see from the version number, this release is not a 1.0
release. In fact, we still haven’t finished discussing what 1.0 means
for Servo. Nevertheless, the increased version number reflects our
growing confidence in Servo’s embedding API and its ability to meet
some users’ needs.

In … ⌘ Read more

Security updates for Monday
Security updates have been issued by AlmaLinux (fontforge, freerdp, libtiff, nginx, nodejs22, and openssh), Debian (bind9, chromium, firefox-esr, flatpak, gdk-pixbuf, inetutils, mediawiki, and webkit2gtk), Fedora (corosync, libcap, libmicrohttpd, libpng, mingw-exiv2, mupdf, pdns-recursor, polkit, trafficserver, trivy, vim, and yarnpkg), Mageia (libpng12, openssl, python-django, python-tornado, squid, and tomcat), Red Hat (rhc), Slackware (openssl), SUSE (chromedriver, chromium, … ⌘ Read more

The 7.0 kernel has been released
Linus has released the 7.0 kernel after a
busy nine-week development cycle.

The last week of the release continued the same “lots of small
fixes” trend, but it all really does seem pretty benign, so I’ve
tagged the final 7.0 and pushed it out.

I suspect it’s a lot of AI tool use that will keep finding corner
cases for us for a while, so this may be the “new normal” at least
for a while. Only time will tell.

Significant changes in this release incl … ⌘ Read more

A set of Saturday stable kernel updates
The
6.19.12,
6.18.22,
6.12.81,
6.6.134, and
6.1.168
stable kernel updates have been released; each contains another set of
important fixes. ⌘ Read more

[$] Removing read-only transparent huge pages for the page cache
Things do not always go the way kernel developers think they will. When
the kernel gained support for the creation of read-only transparent huge
pages for the page cache in 2019, the developer of that feature, Song Liu,
added a\
Kconfig file entry promising that support for writable huge
pages would arrive “in the next few release cycles”. Over six years
later, that promise is still present, but it wi … ⌘ Read more

Security updates for Friday
Security updates have been issued by AlmaLinux (container-tools:rhel8, fontforge, freerdp, go-toolset:rhel8, gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good, kernel, kernel-rt, libtasn1, mariadb:10.11, mysql:8.4, nginx:1.24, openssh, pcs, python-jinja2, python3.9, ruby:3.1, vim, virt:rhel and virt-devel:rhel, and xmlrpc-c), Debian (libyaml-syck-perl and openssh), Fedora (cockpit, crun, dnsdist, doctl, fido-device-onboard, libcgif, libpng12, libpng15, mbedtls, o … ⌘ Read more

[$] A flood of useful security reports
The idea of using large language models (LLMs) to discover security problems is
not new. Google’s Project Zero
investigated
the feasibility of using LLMs for security research in 2024. At the time, they
found that models could identify real problems, but required a good deal of
structure and hand-holding to do so on small benchmark problems. In February
2026, Anthropic
published a report
claim … ⌘ Read more

Relicensing versus license compatibility (FSF Blog)
The Free Software Foundation has published
a short article on relicensing versus license compatibility.

The FSF’s Licensing and\
> Compliance Lab receives many questions and license violation reports
related to projects that had their license changed by a downstream
distributor, or that are combined from two or more programs under
different licenses. We collaborated wit … ⌘ Read more

Security updates for Thursday
Security updates have been issued by Debian (firefox-esr, postgresql-13, and tiff), Fedora (bind, bind-dyndb-ldap, cef, opensc, python-biopython, python-pydicom, and roundcubemail), Slackware (mozilla), SUSE (ckermit, cockpit-repos, dnsdist, expat, freerdp, git-cliff, gnutls, heroic-games-launcher, libeverest, openssl-1_1, openssl-3, polkit, python-poetry, python-requests, python311-social-auth-app-django, and SDL2_image-devel), and Ubuntu (dogtag-pki, gdk-pixbuf, linux, linux-aws, … ⌘ Read more

[$] LWN.net Weekly Edition for April 9, 2026
Inside this week’s LWN.net Weekly Edition:

• Front: TPM attacks; arithmetic overflow protection; Ubuntu GRUB changes; kernel IPC proposals; fre:ac; Scuttlebutt.

• Briefs: Nix vulnerability; OpenSSH 10.3; Sashiko reviews; FreeBSD testing; Gentoo GNU/Hurd; SFC on router ban; Quotes; …

• Announcements: Newsletters, conferences, security updates, patches, and more. ⌘ Read more

[$] Ripping CDs and converting audio with fre:ac
It has been a little while since LWN last surveyed tools for managing a digital\
music collection. In the intervening decades, many Linux users have moved on to
music streaming services, found them wanting, and are looking to curate their own
collection once again. There are plenty of choices when it comes to
ripping, managing, and playing digital audio; so many, in fact, that it can be a
bit daunting. After years of tinkering, I’ve found a few tools … ⌘ Read more

[$] An API for handling arithmetic overflow
On March 31, Kees Cook shared
a patch set that represents the culmination of more than a year of work
toward eliminating the possibility of silent, unintentional integer overflow in
the kernel. Linus Torvalds was
not pleased with the approach, leading to a detailed discussion about the
meaning of “safe” integer operations and the de … ⌘ Read more

Nix privilege escalation security advisory
The NixOS project has announced\
a critical vulnerability in many versions of the Nix package
manager’s daemon. The flaw was introduced as part of a fix for a\
prior vulnerability in 2024. According to the advisory,
a … ⌘ Read more

Security updates for Wednesday
Security updates have been issued by Debian (openssl), Fedora (corosync, goose, kea, pspp, and rauc), Mageia (python-pygments, roundcubemail, and tigervnc), SUSE (bind, gimp, google-cloud-sap-agent, govulncheck-vulndb, ignition, ImageMagick, python, python-PyJWT, and python-pyOpenSSL), and Ubuntu (adsys, juju-core, lxd, python-django, and salt). ⌘ Read more

[$] Sharing stories on Scuttlebutt
Not many people live on sailboats. Things may be better these days, but
back in 2014 sailboat dwellers had
to contend with lag-prone,
intermittent, low-bandwidth internet connections. Dominic Tarr
decided
to fix the problem of keeping up with his friends by developing a delay-tolerant,
fully distributed social-media protocol called
Scuttlebutt. Nearly twelve
years later, the protocol has gained a number of u … ⌘ Read more

Security updates for Tuesday
Security updates have been issued by AlmaLinux (crun, kernel, and kernel-rt), Debian (dovecot), Fedora (calibre and nextcloud), Mageia (freerdp, polkit-122, python-nltk, python-pyasn1, vim, and xz), Red Hat (edk2 and openssl), SUSE (avahi, cockpit, python-pyOpenSSL, python311, and tar), and Ubuntu (lambdaisland-uri-clojure, linux-gcp, linux-gcp-4.15, linux-gcp-fips, linux-oem-6.17, and linux-realtime-6.17). ⌘ Read more

Introducing the FreeBSD laptop integration testing project
Recently, the FreeBSD Foundation has been making\
progress on improving the operating system’s support for modern
laptop hardware. The foundation is now looking to expand testing to
encompass a wider range of hardware; it has announced
a laptop integration testing project to allo … ⌘ Read more