Vue normale
Security updates for Friday
Six stable kernels patching the VMScape Spectre variant
allows a malicious KVM guest to leak sensitive information such as encryption/decryption keys from a userspace hypervisor such as QEMU". Greg Kroah-Hartman has announced the 6.16.7, 6.12.47, 6.6.106, 6.1.152, 5.15.193, and 5.10.244 stable kernels, which add a mitigation for the hardware bug.
[$] A policy for Link tags
Security updates for Thursday
How FOSS Projects Handle Legal Takedown Requests (F-Droid)
As part of our legal resilience research, we spoke with a range of legal experts, software freedom advocates, and maintainers of mature FOSS infrastructure to understand how others manage these moments. In this article, we share what we learned, and how F-Droid is incorporating these lessons into its own approach.
[$] LWN.net Weekly Edition for September 11, 2025
- Front: Space Grade Linux; KDE's new distribution; Rug pulls and forks; Dependency tracker; Kernel configuration; Framework 12 laptop.
- Briefs: npm security; high-memory; Anaconda WebUI; OpenSUSE bcachefs; 32-bit Firefox; Quotes; ...
- Announcements: Newsletters, conferences, security updates, patches, and more.
[$] How many ways are there to configure the Linux kernel?
There are a large number of ways to configure the 6.16 Linux kernel. It has 32,468 different configuration options on x86_64, and a comparable number for other platforms. Exploring the ways the kernel can be configured is sufficiently difficult that it requires specialized tools. These show the number of possible configurations that options can be combined in has 6,550 digits. How has that number changed over the history of the kernel, and what does it mean for testing?
OpenSUSE disables bcachefs
The current 6.16.* is NOT affected. Neither is Slowroll (for now)."
[$] KDE launches its own distribution (again)
At Akademy 2025, the
KDE Project released an
alpha version of KDE Linux, a
distribution built by the project to "include the best
implementation of everything KDE has to offer, using the most advanced
technologies
". It is aimed at providing an operating system
suitable for home use, business use, OEM installations, and more
"eventually
". For now there are many rough edges and missing
features that users should be aware of before taking the plunge; but
it is an interesting look at the kind of complete Linux system that
KDE developers would like to see.
Three decades in kernelland
At Open Source Summit Europe, LWN's Jonathan Corbet presented "Three Decades in Kernelland"; the talk provides a look at how the kernel got to where it is, what makes it successful, and what may be coming next. The video of the talk is now online for LWN readers who would like to check it out.
Security updates for Wednesday
A path toward removal of kernel high-memory support
one of the least popular features of the Linux kernel". The intent is "
to gradually phase out highmem over the next 2 years for mainline kernels". This plan is posted as a prompt for a discussion to be held at the Kernel Summit in December, so chances are it will evolve considerably in the next few months.
Anaconda WebUI: progress update and roadmap
Fedora's Community Blog has a short update on the progress of Fedora's new installer with a web-based interface. The new installer was introduced for the Workstation edition in Fedora Linux 42, it is now approved to be included in all Fedora spins and the KDE edition for Fedora 43. Final deprecation of the GTK-based installer is set for Fedora 45. LWN covered the installer changes in April.
[$] Introducing Space Grade Linux
Security updates for Tuesday
npm debug and chalk packages compromised (Aikido)
All together, these packages have more than 2 billion downloads per week.The packages were updated to contain a piece of code that would be executed on the client of a website, which silently intercepts crypto and web3 activity in the browser, manipulates wallet interactions, and rewrites payment destinations so that funds and approvals are redirected to attacker-controlled accounts without any obvious signs to the user.
[$] Testing the 2-in-1 Framework 12 Laptop
Framework Computer is a US-based
computer manufacturer with a line of Linux-supported, modular, easily
repairable and upgradeable laptops. In February, the company announced
a new model, the Framework Laptop 12,
an "entry-level
" 12.2-inch convertible notebook that can be
used as a laptop or tablet. The systems were made available for pre-order
in April, I received mine in mid-August. Since then, I have been
putting it through its paces with Debian 13 ("trixie") and
Fedora Linux 42. It's a good choice for users who want a
Linux-friendly, lightweight, 2-in-1
device—if they are willing to make a few concessions on storage
capacity, RAM, and CPU/GPU choices.