LWN.net

The Asahi Linux project, which is working to implement support for Linux onApple CPUs, has published a detailed 6.19progress report.

Adam Harvey, on behalf of the crates.ioteam has published a blogpost to inform users of a change in their practice of publishinginformation about malicious Rust crates:

Security updates have been issued by Debian (ceph, gimp, gnutls28, and libpng1.6), Fedora (freerdp, libpng, libssh, mingw-libpng, mingw-libsoup, mingw-python3, pgadmin4, python-pillow, thunderbird, and vim), Mageia (postgresql15), Red Hat (python-urllib3), SUSE (cdi-apiserver-container, cdi-cloner-container, cdi- controller-container, cdi-importer-container, cdi-operator-container, cdi- uploadproxy-container, cdi-uploadserver-container, cont, frr, gpg2, kubernetes, kubernetes-old, libsodium, libsoup-2_4-1, libssh, libtasn1, libxml2, nodejs22, openCryptoki, openssl-3, and python311-pip), and Ubuntu (frr, linux-aws, linux-aws-6.8, linux-gkeop, linux-nvidia, linux-nvidia-6.8, linux-oracle, linux-oracle-6.8, linux-aws-fips, linux-fips, linux-gcp-5.15, linux-kvm, linux-oracle, linux-oracle-5.15, linux-gcp-fips, linux-nvidia, linux-nvidia-tegra-igx, linux-oem-6.17, linux-realtime, linux-raspi-realtime, nova, and pillow).

Various forms of tools, colloquially known as "AI", have beenrapidly pervading all aspects of open-source development. Manydevelopers are embracing LLM tools for code creation and review. Some project maintainers complain about suffering from a deluge of slop-laden pullrequests, as well as fabricated bug and securityreports. Too many projects are reeling from scraperbot attacks thateffectively DDoS important infrastructure. But an AI bot flaming anopen-source maintainer was not on our bingo card for 2026; that seemeda bit too far-fetched. However, it appears that is just what happenedrecently after a project rejected a bot-driven pull request.

Version6.6.0 of KDE's Plasma desktop environment has beenreleased. Notable additions in this release include the ability tocreate global themes for Plasma, an "extract text" feature in the Spectacle screenshotutility, accessibility improvements, and a new on-screen keyboard. Seethe changelogfor a full list of new features, enhancements, and bug fixes.The release is dedicated to the memory of Bjorn Balazs, a KDEcontributor who passed away in September 2025. "Bjorn's drive tohelp people achieve the privacy and control over technology that hebelieved they deserved is the stuff FLOSS legends are made of."

In December 2025, Canonical announced a plan todevelop a universal Public Key Infrastructure called upki. Jon Seager has publishedan update about the project with instructions on trying itout.

Security updates have been issued by AlmaLinux (gimp, go-toolset:rhel8, and golang), Debian (roundcube), Fedora (gnupg2, libpng, and rsync), Mageia (dcmtk and usbmuxd), Oracle (gcc-toolset-14-binutils, gimp, gnupg2, go-toolset:ol8, golang, kernel, and openssl), Slackware (libssh, lrzip, and mozilla), SUSE (abseil-cpp, chromium, curl, elemental-toolkit, elemental-operator, expat, freerdp, iperf, libnvidia-container, libsoup, libxml2, net-snmp, openCryptoki, openssl-3, patch, protobuf, python-urllib3, python-xmltodict, python311, screen, systemd, and util-linux), and Ubuntu (alsa-lib, gnutls28, and linux-aws, linux-oracle).

The curl project has found AI-powered tools to be a mixed bag whenit comes to security reports. At FOSDEM2026, curl creator andlead developer Daniel Stenberg used his keynote session to discuss hisexperience receiving a slew of low-quality reports and, at the sametime, realizing that large language model (LLM) tools can sometimesfind flaws that other tools have missed.

Greg-Kroah Hartman has released the 6.19.2, 6.18.12, 6.12.73, and 6.6.126 stable kernels. These kernelseach contain a single change; Kroah-Hartman has reverted oneproblematic commit that prevents some systems from booting. "If thelast stable release worked just fine, no need to upgrade."

At the 2025 Linux Plumbers Conference in Tokyo, Stephen Brennan gave apresentation on the debuginfoformat, which contains the symbols and other information needed fordebugging, along with some alternatives. Debuginfo files are large and, hebelieves, are a bit scary to customers because of the "debug" in their name.By rethinking debuginfo and the tools that use it, he hopes thatfree-software developers "can add new, interesting capabilities to toolsthat we are already using or build new interesting tools".

Greg Kroah-Hartman has announced the release of the 6.19.1, 6.18.11, 6.12.72, and 6.6.125 stable kernels. As always, eachcontains important fixes throughout the tree; users of these kernelsare advised to upgrade.

Security updates have been issued by Debian (chromium, pdns-recursor, python-django, and wireshark), Fedora (gnutls, linux-sgx, mingw-expat, nginx, nginx-mod-brotli, nginx-mod-fancyindex, nginx-mod-headers-more, nginx-mod-modsecurity, nginx-mod-naxsi, nginx-mod-vts, p11-kit, python-aiohttp, vim, and xen), Red Hat (kernel, kernel-rt, python-s3transfer, python-urllib3, and resource-agents), SUSE (aaa_base, abseil-cpp, build-20260202, cargo-auditable, cargo-c, chromedriver, cockpit, cockpit-packages, cockpit-subscriptions, curl, elemental-toolkit, elemental-operator, gnome-remote-desktop, go1.24, go1.25, gpg2, haproxy, himmelblau, htmldoc, ImageMagick, iperf, java-1_8_0-openjdk, kernel, krb5, kubevirt, libowncloudsync-devel, libpng16-16, libsodium, libsoup, libsoup2, micropython, net-snmp, opencryptoki, openjfx, openssl1, ovmf, postgresql14, postgresql15, postgresql16, protobuf, python-aiohttp, python-brotli, python-maturin, python-pip, python-urllib3, python310, python311, python-rpm-macros, python311-cryptography, python314, screen, systemd, u-boot, util-linux, and vim), and Ubuntu (dotnet8, dotnet10, expat, freerdp2, freerdp3, and python-aiohttp).

Version 9.2 of theVim text editor has been released. "Vim 9.2 brings significantenhancements to the Vim9 scripting language, improved diff mode,comprehensive completion features, and platform-specific improvementsincluding experimental Wayland support." Also included is a newinteractive tutor mode.

Debian Project Leader (DPL) Andreas Tille has announceda new delegation for Debian's data protection team:

The merge window for Linux 7.0 has opened, and with itcomes a number of interesting improvements and enhancements. At the time ofwriting, there have been 7,695 non-merge commits accepted. The 7.0 release isnot special,according to the kernel's versioning scheme - just the releasethat comes after 6.19. Humans love symbolism and round numbers, though, so itmay feel like something of a milestone.

At FOSDEM 2026 PetyaKangalova, a senior tech partnership and engagement manager for the Humanitarian OpenStreetMapTeam (HOT) spoke about howthe project helps people map their surroundings to assist indisaster response and humanitarian aid. The project hasdeveloped a stack of technology to help volunteers collectively map anarea and add in local knowledge metadata. "One of the core thingsthat we believe is that when we speak about disaster response orpeople having access to data is that they really need accessibletechnology that's free and open for anyone to use."

Security updates have been issued by AlmaLinux (firefox, gcc-toolset-14-binutils, nodejs:20, nodejs:22, nodejs:24, php:7.4, and python3.12), Debian (haproxy, nginx, postgresql-15, and postgresql-17), Fedora (libssh), Oracle (glib2, libsoup, nodejs:20, nodejs:22, and php:7.4), SUSE (assimp, gnutls, helm, kernel, kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t, libmunge2, libsodium, libsoup, micropython, munge, openCryptoki, python-azure-core, rust-keylime, rustup, sccache, snpguest, tcpreplay, xorg-x11-server, xrdp, and zabbix), and Ubuntu (dnsdist, dotnet8, dotnet9, dotnet10, haproxy, libpng1.6, linux-aws-5.15, linux-azure, linux-azure-fips, linux-oracle, linux-oracle-5.4, munge, nginx, and node-dottie).

Web sites are being increasingly beset by AI scraperbots - a problem that we havewritten about before, and which has slowlyramped up to an occasional de-facto DDoS attack. This has not goneuncontested, however: web site operators from around the world have been working oninventive countermeasures. These solutions target the problem posed by scraperbots in different ways;iocaine, a MIT-licensed nonsense generator, is designedto make scraped text less useful by poisoning it with fake data. The hope is tomake running scraperbots not economically viable, and thereby address theproblem at its root instead of playing an eternal game of Whac-A-Mole.

Transient devices pose a special challenge for an operating-system kernel.They can disappear at any time, leaving behind kernel data structures thatno longer refer to an existing device, but which may still be in use byunknown kernel code. Managing the resulting lifecycle issues hasfrustrated kernel developers for years. In September 2025, the revocable resource-management patch seriesfrom Tzung-Bi Shih appeared to offer a partial solution to this problem.Since then, though, other problems have arisen, and the planned merging ofthis series into the 7.0 release has been called off.

Reinhard Tartler of Debian's new DFSG,Licensing & New Packages Team, or simply "DFSG Team", has announcedthat the team is now operational and is deploying new tooling toimprove the NEW queue experience for Debian developers andmaintainers.

Greg Kroah-Hartman has released the 6.12.71 stable kernel. He writes,"All users of the 6.12 kernel series that had issues with 6.12.69or 6.12.70 should upgrade, as some regressions are fixedhere."

Security updates have been issued by AlmaLinux (brotli, git-lfs, image-builder, kernel, keylime, libsoup3, and pcs), Fedora (chromium, gnutls, osslsigncode, and p11-kit), Mageia (golang, libpng, thunderbird, and xrdp), Red Hat (git-lfs, go-toolset:rhel8, golang, golang-github-openprinting-ipp-usb, osbuild-composer, and toolbox), Slackware (gnutls and libpng), SUSE (apptainer, cockpit, cockpit-packages, cockpit-subscriptions, freerdp2, gimp, glib2, go, go1.24, go1.25, gpg2, ImageMagick, java-1_8_0-openjdk, kernel, keylime-config, keylime-ima-policy, lemon, libp11-kit0, libsoup, libsoup-2_4-1, libxml2, libxml2-16, munge, nodejs20, nvidia-modprobe.cuda, nvidia-open-driver-G06-signed, nvidia-persistenced.cuda, openQA, orthanc, gdcm, orthanc-authorization,, python-brotlipy, python-Django, python-maturin, python-pyasn1, python-urllib3, python-wheel, python313-wheel, qemu, rust-keylime, sqlite3, uriparser, wicked2nm, and xrdp), and Ubuntu (libtasn1-6, libwebsockets, libxmltok, linux, linux-aws, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux, linux-raspi, linux, linux-raspi, linux-realtime, linux-aws, linux-aws-6.8, linux-gcp, linux-gcp-6.8, linux-ibm, linux-ibm-6.8, linux-lowlatency-hwe-6.8, linux-aws-5.15, linux-gcp-5.15, linux-nvidia-tegra-igx, linux-oracle-5.15, linux-xilinx-zynqmp, linux-aws-fips, linux-fips, linux-gcp-fips, linux-gcp, linux-gcp-6.8, linux-gcp-fips, linux-intel-iot-realtime, linux-realtime, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-realtime-6.8, linux-xilinx-zynqmp, and python-multipart).

Inside this week's LWN.net Weekly Edition:

Version 6.17 of the Linuxmanual-page collection has been released. Along with a long list ofupdates to the man pages themselves, it includes some new utility programsof interest.

Git is ubiquitous; in the last two decades, the version-controlsystem has truly achieved world domination. Almost every developeruses it and the vast majority of open-source projects are hosted inGit repositories. That does not mean, however, that it isperfect. Patrick Steinhardt used his main-track session at FOSDEM 2026to discuss some of its shortcomings and how they are beingaddressed to prepare Git for the next decade.

The postmarketOS projecthas publisheda recap from FOSDEM2026, including the FOSS onMobile devroom, and a summary of its post-FOSDEMhackathon. This includes decisions on governance and the project'sAI policy:

Greg Kroah-Hartman has unleashed six new stable kernels: 6.18.10, 6.6.124, 6.12.70, 6.1.163, 5.15.200, and 5.10.250. Each one contains importantfixes throughout the tree; users are advised to upgrade.

Security updates have been issued by Debian (kernel, linux-6.1, munge, and tcpflow), Fedora (accel-ppp, atuin, babl, bustle, endless-sky, envision, ettercap, fapolicy-analyzer, firefox, glycin, gnome-settings-daemon, go-fdo-client, greenboot-rs, greetd, helix, hwdata, keylime-agent-rust, kiwi, libdrm, maturin, mirrorlist-server, ntpd-rs, ogr2osm, open-vm-tools, perl-App-Cme, perl-Net-RDAP, perl-rdapper, polymake, python-requests-ratelimiter, python-tqdm, rust-add-determinism, rust-afterburn, rust-ambient-id, rust-app-store-connect, rust-bat, rust-below, rust-btrd, rust-busd, rust-bytes, rust-cargo-c, rust-cargo-deny, rust-coreos-installer, rust-crypto-auditing-agent, rust-crypto-auditing-client, rust-crypto-auditing-event-broker, rust-crypto-auditing-log-parser, rust-dua-cli, rust-eif_build, rust-git-delta, rust-git-interactive-rebase-tool, rust-git2, rust-gst-plugin-dav1d, rust-gst-plugin-reqwest, rust-heatseeker, rust-ingredients, rust-jsonwebtoken, rust-lsd, rust-monitord, rust-monitord-exporter, rust-muvm, rust-nu, rust-num-conv, rust-onefetch, rust-oo7-cli, rust-pleaser, rust-pore, rust-pretty-git-prompt, rust-procs, rust-rbspy, rust-rbw, rust-rd-agent, rust-rd-hashd, rust-redlib, rust-resctl-bench, rust-resctl-demo, rust-routinator, rust-sccache, rust-scx_layered, rust-scx_rustland, rust-scx_rusty, rust-sequoia-chameleon-gnupg, rust-sequoia-keystore-server, rust-sequoia-octopus-librnp, rust-sequoia-sq, rust-sevctl, rust-shadow-rs, rust-sigul-pesign-bridge, rust-speakersafetyd, rust-tealdeer, rust-time, rust-time-core, rust-time-macros, rust-tokei, rust-weezl, rust-wiremix, rust-ybaas, rustup, sad, strawberry, systemd, tbtools, transmission, trustedqsl, tuigreet, uv, and vdr-extrecmenung), Oracle (brotli, git-lfs, java-1.8.0-openjdk, kernel, libsoup, libsoup3, nodejs:24, python3.12, and thunderbird), Red Hat (fence-agents, python-urllib3, python3.11-urllib3, python3.12-urllib3, and resource-agents), SUSE (avahi, cups, freerdp, golang-github-prometheus-prometheus, java-11-openjdk, java-17-openjdk, libsoup2, libxml2, and python-pip), and Ubuntu (expat, glib2.0, and imagemagick).

From the NANOG list comes the sad news of thepassing of Dave Farber.

Matthias Clasen has published a short summary of the GTK hackfest held prior to FOSDEM2026. Topics includediscussions on unstable APIs, a decision to bump the C runtimerequirement to C11 in the next development cycle, limiting changes inGTK3 to crash and build fixes, as well as the state ofaccessibility:

Michiel Leenaars, director of strategy at the NLnet Foundation, used his keynoteat FOSDEM to sound warnings forthe community for free and open-source (FOSS) software; in particular, hetalked about the threats posed by geopolitical politics, dangerousallies, and large language models (LLMs). His talk was a mix ofobservations and suggestions that pertain to FOSS in general and toEurope in particular as geopolitical tensions have mounted in recentmonths.

Security updates have been issued by AlmaLinux (fence-agents, firefox, fontforge, freerdp, kernel-rt, keylime, libsoup, libsoup3, nodejs22, nodejs24, opentelemetry-collector, osbuild-composer, python3.12-wheel, qemu-kvm, resource-agents, thunderbird, and util-linux), Debian (kernel, rlottie, shaarli, and usbmuxd), Fedora (asciinema, atuin, bustle, cef, envision, glycin, greetd, helix, java-21-openjdk, java-25-openjdk, java-latest-openjdk, keylime-agent-rust, maturin, mirrorlist-server, ntpd-rs, python3.6, rust-add-determinism, rust-afterburn, rust-ambient-id, rust-app-store-connect, rust-bat, rust-below, rust-btrd, rust-busd, rust-bytes, rust-cargo-c, rust-cargo-deny, rust-coreos-installer, rust-crypto-auditing-agent, rust-crypto-auditing-client, rust-crypto-auditing-event-broker, rust-crypto-auditing-log-parser, rust-dua-cli, rust-eif_build, rust-git-delta, rust-git-interactive-rebase-tool, rust-git2, rust-gst-plugin-dav1d, rust-gst-plugin-reqwest, rust-heatseeker, rust-ingredients, rust-jsonwebtoken, rust-lsd, rust-monitord, rust-monitord-exporter, rust-muvm, rust-nu, rust-num-conv, rust-onefetch, rust-oo7-cli, rust-pleaser, rust-pore, rust-pretty-git-prompt, rust-procs, rust-rbspy, rust-rbw, rust-rd-agent, rust-rd-hashd, rust-redlib, rust-resctl-bench, rust-resctl-demo, rust-routinator, rust-sccache, rust-scx_layered, rust-scx_rustland, rust-scx_rusty, rust-sequoia-chameleon-gnupg, rust-sequoia-keystore-server, rust-sequoia-octopus-librnp, rust-sequoia-sq, rust-sevctl, rust-shadow-rs, rust-sigul-pesign-bridge, rust-snpguest, rust-speakersafetyd, rust-tealdeer, rust-time, rust-time-core, rust-time-macros, rust-tokei, rust-weezl, rust-wiremix, rust-ybaas, rustup, sad, tbtools, tuigreet, and uv), Mageia (fontforge and nginx), Oracle (firefox, fontforge, freerdp, kernel, keylime, libsoup, python, thunderbird, and uek-kernel), SUSE (abseil-cpp and kernel), and Ubuntu (freerdp2 and libsoup3).

Linus Torvalds releasedthe 6.19 kernel on February8, as expected. This developmentcycle brought 14,344 non-merge changesets into the mainline, making it thebusiest release since 6.16 in July 2025. As usual, we have put together aset of statistics on where these changes come from, along with a quick lookat how long new kernel developers stay around.

Version3.0 of the Offpunkoffline-first, command-line web, Gemini, andGopherbrowser has been released. Notable changes in this release includeintegration of the unmerdifylibrary to "remove cruft" from web sites, the xkcdpunkstandalone tool for viewing xkcdcomics in the terminal, and a cookies command to enablebrowsing web sites (such as LWN.net) while being logged in.

Sean Whitton has announcedthat Debian's tag2uploadservice is now out of beta and ready for use by Debian developers andmaintainers.

Security updates have been issued by AlmaLinux (fontforge, kernel, and osbuild-composer), Debian (debian-security-support, sudo, wireshark, xrdp, and zabbix), Fedora (bind, bind-dyndb-ldap, chromium, k9s, libgit2, mingw-glib2, node-exporter, open-vm-tools, plantuml, xorgxrdp, and xrdp), Oracle (fence-agents, image-builder, kernel, libsoup3, and osbuild-composer), Red Hat (image-builder and osbuild-composer), Slackware (openssl and p11), SUSE (chromium, cockpit-354, cockpit-machines, cockpit-machines-346, cockpit-packages, cockpit-podman, cockpit-subscriptions, govulncheck-vulndb, kubernetes-old, libsnmp45-32bit, libxml2, localsearch, micropython, opencloud-server, python-django, python-djangorestframework, python-maturin, python311-Django, python311-wheel, python315, sqlite3, and xrdp), and Ubuntu (linux-fips, linux-aws-fips, linux-gcp-fips and python-pip).

Linus has released the 6.19 kernel."No big surprises anywhere last week, so 6.19 is out as expected - justas the US prepares to come to a complete standstill later todaywatching the latest batch of televised commercials."The most significant changes in 6.19 includeinitial support for Intel's linearaddress-space separation feature,support for ArmMemory system resource Partitioning And Monitoring,the listns() system call,a reworked restartable-sequencesimplementation,support for large block sizes in the ext4filesystem,some networking changes for improvedmemory safety,the live update orchestrator,and much more. See the LWN merge-window summaries (part1, part2) and the KernelNewbies 6.19 page fordetails.

For those wanting more machine learning in the kernel, Viacheslav Dubeykohas posted anew in-kernel library for that purpose.

Greg Kroah-Hartman has released the 6.18.9, 6.12.69, 6.6.123, 6.1.162, 5.15.199, and 5.10.249 stable kernels. As always, eachcontains important fixes throughout the tree; users are advised toupgrade.

The Ardour digital-audio-workstation (DAW)project has announced therelease of version 9.0.

Control-flow integrity (CFI) is a set of techniques that make it more difficult forattackers to hijack indirect jumps to exploit a system. The Linux kernel hassupported forward-edge CFI (which protects indirect function calls)since 2020, with the most recent implementationof the feature introduced in 2022. Thatversion avoids the overhead introduced by the earlier approach by using acompiler flag (-fsanitize=kcfi) that is present in Clang but not inGCC. Now, Kees Cook hasa patch set adding that support to GCC that looks likely to land in GCC17.

The Linux FromScratch (LFS) project provides step-by-step instructions onbuilding a customized Linux system entirely from source. Historically,the project has provided separate SystemV and systemd editions,which gave users a choice of init systems. Bruce Dubbs has announcedthe project will no longer produce the SystemV version:

Security updates have been issued by AlmaLinux (freerdp, kernel, python3, and python3.12-wheel), Debian (alsa-lib, chromium, openjdk-25, phpunit, tomcat10, tomcat11, and tomcat9), Fedora (openqa, pgadmin4, phpunit10, phpunit11, phpunit12, phpunit8, phpunit9, and yarnpkg), Mageia (python-django), SUSE (alloy, cups, dpdk, expat, glib2, java-1_8_0-ibm, java-1_8_0-openj9, java-25-openjdk, kernel, libpainter0, libsoup, libxml2, openssl-3, python-filelock, python-wheel, python312-Django6, thunderbird, traefik2, udisks2, wireshark, and xen), and Ubuntu (glib2.0, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, python3.14, python3.13, python3.12, python3.11, python3.10, python3.9, python3.8, python3.7, python3.6, python3.5, python3.4, and tracker-miners).

The first installment in this seriesintroduced several data structures in the kernel's swap subsystem anddescribed work to replace some of those with a new "swap table" structure.The work did not stop there, though; there is more modernization of theswap subsystem queued for an upcoming development cycle, and even more formultiple kernel releases after that. Once that work is done, the swapsubsystem will be both simpler and faster than it is now.

Security updates have been issued by AlmaLinux (brotli, curl, kernel, python-wheel, and python3.12), Debian (containerd), Fedora (gnupg2, pgadmin4, phpunit10, phpunit11, phpunit12, phpunit8, phpunit9, and yarnpkg), Mageia (expat), Oracle (qemu-kvm and util-linux), Red Hat (kernel, kernel-rt, opentelemetry-collector, and python3.12-wheel), SUSE (abseil-cpp, dpdk, freerdp, glib2, ImageMagick, java-11-openj9, java-17-openj9, java-1_8_0-ibm, java-1_8_0-openj9, java-1_8_0-openjdk, java-21-openj9, kernel, libsoup, libsoup-3_0-0, openssl-3, patch, python-Django, rekor, rizin, udisks2, and xrdp), and Ubuntu (gh, linux, linux-aws, linux-azure, linux-azure-5.15, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-oracle, linux-raspi, linux, linux-aws, linux-azure, linux-gcp, linux-oem-6.17, linux-oracle, linux-raspi, linux-realtime, linux, linux-gke, linux-gkeop, linux-hwe-6.8, linux-oracle, linux-oracle-6.8, linux-raspi, linux-fips, linux-aws-fips, linux-azure-fips, linux-gcp-fips, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-realtime, linux-intel-iot-realtime, and linux-realtime, linux-realtime-6.8, linux-raspi-realtime).

Inside this week's LWN.net Weekly Edition:

The robustfutex kernel API is a way for a user-space program to ensure that thelocks it holds are properly cleaned up when it exits. But the API suffersfrom a number of different problems, as Andre Almeida described in a session in the"Gaming onLinux" microconference at the 2025 Linux Plumbers Conference in Tokyo.He had some ideas for a new API that would solve many of those problems,which he wanted to discuss with attendees; there is adifficult-to-trigger race condition that he wanted to talk about too.

Creating an ebook in EPUB format is easy,for certain values of "easy". All one really needs is a text editor, a few command-line utilities; also needed is a workingknowledge of XHTML, CSS, along with an understanding of the format'sstructure and required boilerplate. Creatinga well-formatted and attractive ebook is a bit harder. However, it can bemade easier with an application custom-made for the purpose. Sigil is an EPUB editor thatprovides the tooling authors and publishers may be looking for.

Version 26.2 of the LibreOfficeoffice suite has been released.

Security updates have been issued by Debian (thunderbird), Fedora (openqa, os-autoinst, python-jupytext, python-python-multipart, rust-sequoia-keystore-server, rust-sequoia-octopus-librnp, rust-sequoia-sq, rust-sequoia-sqv, and xen), Oracle (curl, kernel, net-snmp, python3, and python3.12), Red Hat (container-tools:rhel8, fence-agents, golang, golang-github-openprinting-ipp-usb, grafana, grafana-pcp, opentelemetry-collector, podman, python-s3transfer, python-wheel, and resource-agents), SUSE (alloy, chromium, cockpit-podman, cockpit-subscriptions, dpdk, elemental-register, elemental-toolkit, glib2, glibc, gpg2, ImageMagick, imagemagick, jasper, java-17-openjdk, java-21-openjdk, kernel, libheif, libmlt++, libpng16, libsodium, libsoup, libvirt, openssl-3, openvpn, php8, postgresql16, postgresql17 and postgresql18, protobuf, python-FontTools, python-fonttools, python-h2, python-python-multipart, python-urllib3, python-wheel, python311-PyNaCl, trivy, ucode-amd, udisks2, unbound, util-linux, wireshark, and xkbcomp), and Ubuntu (emacs, freerdp2, glibc, imagemagick, mysql-8.0, pagure, python-django, python-filelock, python-internetarchive, and python-keystonemiddleware).