Linux Community News

Linus Torvalds has released 6.16-rc2, which is “admittedly even smaller than usual”, though rc2 is not uncommonly one of the smaller release candidates. It may be that people are taking a breather after a fairly sizable merge window, but it might also be seasonal, with Europe starting to see summer vacations… We’ll see how this goes. The diffstat looks somewhat unusual, with a lot of one-liners with both ARC and pincontrol having (presumably independently) ended up doing some unrelated trivial cleanups. But even that is probably noticeable only because everything else is pretty small. That “everything else” is mostly network drivers (and bluetooth) and bcachefs, with some rust infrastructure and core networking changes thrown in.

The open-source mobile app Organic Maps is used by millions of people on both the Android and iOS platforms. In addition to featuring offline maps (generated from OpenStreetMap cartography) and turn-by-turn navigation, it also promises its users greater privacy than proprietary options. However, controversial decisions taken by the project’s leaders, feelings of disenfranchisement among contributors, and even accusations of embezzlement have precipitated a divide in the community, leading to a new fork called CoMaps.

The Radicle peer-to-peer code collaboration project has released Radicle Desktop: a graphical interface designed to simplify more complex parts of using Radicle such as issue management and patch reviews. Radicle Desktop is not trying to replace your terminal, IDE, or code editor – you already have your preferred tools for code browsing. It won’t replace our existing app.radicle.xyz and search.radicle.xyz for finding and exploring projects. It also doesn’t run a node for you. Instead, it communicates with your existing Radicle node, supporting your current workflow and encourages gradual adoption. LWN covered Radicle in March 2024.

Security updates have been issued by AlmaLinux (.NET 8.0, .NET 9.0, glibc, kernel, and mod_security), Fedora (chromium, gh, mingw-icu, nginx-mod-modsecurity, python3.10, python3.9, thunderbird, valkey, and yarnpkg), Oracle (.NET 8.0, .NET 9.0, glibc, grafana-pcp, kernel, libxml2, mod_security, nodejs:20, and thunderbird), SUSE (audiofile, helm, kubernetes-old, kubernetes1.23, kubernetes1.24, libcryptopp, postgresql15, thunderbird, and valkey), and Ubuntu (linux-nvidia-tegra-igx).

The last year has been a rocky one for the WordPress community. Matt Mullenweg—WordPress co-founder and CEO of WordPress hosting company Automattic—started a messy public spat with WP Engine in September and has proceeded to use his control of the project’s WordPress.org infrastructure as weapons against the company, with the community caught in the crossfire. It is not surprising, then, that on June 6 a group of WordPress community participants announced the Federated and Independent Repositories Package Manager (FAIR.pm) project. It is designed to be a decentralized alternative to WordPress.org with a goal of building “public digital infrastructure that is both resilient and fair”.

The Python Software Foundation blog is carrying a set of detailed summaries from the 2025 Python Language Summit: The Python Language Summit 2025 occurred on May 14th in Pittsburgh, Pennsylvania. Core developers and special guests from around the world gathered in one room for an entire day of presentations and discussions about the future of the Python programming language. Topics covered include making breaking changes less painful, free-threaded Python, interaction with Rust, and challenges faced by the Steering Council.

Version 10.0 of the Rocky Linux distribution has been released. As with the AlmaLinux 10.0 release, Rocky Linux 10.0 is based on Red Hat Enterprise Linux (RHEL) 10. See the release notes for details.

Writeback for filesystems is the process of flushing the “dirty” (written) data in the page cache to storage. At the 2025 Linux Storage, Filesystem, Memory Management, and BPF Summit (LSFMM+BPF), Anuj Gupta led a combined storage and filesystem session on some work that has been done to parallelize the writeback process. Some of the performance problems that have been seen with the existing single-threaded writeback came up in a session at last year’s summit, where the idea of doing writeback in parallel was discussed.

Security updates have been issued by AlmaLinux (kernel), Debian (chromium, gst-plugins-bad1.0, node-tar-fs, and ublock-origin), Gentoo (Emacs, File-Find-Rule, GStreamer, GStreamer Plugins, GTK+ 3, LibreOffice, Node.js, OpenImageIO, Python, PyPy, Qt, X.Org X server, XWayland, and YAML-LibYAML), Mageia (mariadb and roundcubemail), Red Hat (go-toolset:rhel8, golang, grafana, grafana-pcp, gstreamer1-plugins-bad-free, libxml2, libxslt, mod_security, nodejs:20, and perl-FCGI:0.78), Slackware (mozilla), SUSE (docker, docker-compose, iputils, kernel, libsoup, open-vm-tools, rabbitmq-server, rabbitmq-server313, wget, and yelp), and Ubuntu (libsoup2.4 and webkit2gtk).

Inside this week’s LWN.net Weekly Edition: Front: Nyxt; Cyber Resilience Act; Unwanted file descriptors; Core-dump API; 6.16 Merge window; Uniprocessor configurations; Smatch; FUSE zero-copy; iov_iter; Fedora documentation. Briefs: Android tracking; /e/OS 3.0; FreeBSD laptops; Ubuntu X11 support; Netdev 0x19; OIN anniversary; Quotes; … Announcements: Newsletters, conferences, security updates, patches, and more.

Smatch is a GPL-licensed static-analysis tool for C that has a lot of specialized checks for the kernel. Smatch has been used in the kernel for more than 20 years; Dan Carpenter, its primary author, decided last year that some details of its plugin system were due for a rewrite. He spoke at Linaro Connect 2025 about his work on Smatch, the changes to its implementation, and how those changes enabled him to easily add additional checks for locking bugs in the kernel.

The “Local Mess” GitHub repository is dedicated to the disclosure of an Android tracking exploit used by (at least) Meta and Yandex. While there are subtle differences in the way Meta and Yandex bridge web and mobile contexts and identifiers, both of them essentially misuse the unvetted access to localhost sockets. The Android OS allows any installed app with the INTERNET permission to open a listening socket on the loopback interface (127.0.0.1). Browsers running on the same device also access this interface without user consent or platform mediation. This allows JavaScript embedded on web pages to communicate with native Android apps and share identifiers and browsing habits, bridging ephemeral web identifiers to long-lived mobile app IDs using standard Web APIs. This backdoor, the use of which has evidently stopped since its disclosure, allow tracking of users across sites regardless of cookie policies or use of incognito browser modes.

Security updates have been issued by AlmaLinux (glibc, grafana, kernel-rt, libjpeg-turbo, libxslt, and thunderbird), Debian (curl), Fedora (dtk6core, dtk6gui, dtk6log, dtk6widget, fcitx5-qt, gammaray, kddockwidgets, kwin, LabPlot, libqtxdg, nheko, plasma-integration, python-pyqt6, python-pyside6, qt-creator, roundcubemail, zeal, and a large number of qt6 packages), Oracle (firefox, glibc, grafana, kernel, libxslt, perl-FCGI, python3.12-cryptography, thunderbird, and zlib), SUSE (glib2, libjxl, libsoup2, nbdkit, nodejs22, perl-Crypt-OpenSSL-RSA, perl-YAML-LibYAML, python3, tomcat, and transfig), and Ubuntu (dotnet8, dotnet9 and samba).

Jean Baptiste Lallement, a member of Canonical’s desktop team, has announced that Ubuntu will drop support for GNOME on X11 in the 25.10 (“Questing Quokka”) release set for October. GNOME plans to remove X11 support in GNOME 49, which is scheduled for September, so Ubuntu is looking to be proactive: Ubuntu 25.10 is the last interim release before our next LTS (Ubuntu 26.04). By moving now, we give developers and users a full cycle to adapt before the next LTS, align with GNOME 49 and reduce fragmentation while simplifying our support matrix heading into the LTS. Fedora decided in early May to drop X11 support for GNOME in Fedora 43, which is also due in October.

The iov_iter interface is used to describe and iterate through buffers in the kernel. David Howells led a combined storage and filesystem session at the 2025 Linux Storage, Filesystem, Memory Management, and BPF Summit (LSFMM+BPF) to discuss ways to improve iov_iter. His topic proposal listed a few different ideas including replacing some iov_iter types and possibly allowing mixed types in chains of iov_iter entries; he would like to make the interface itself and the uses of iov_iter in the kernel better.