LWN.net

The Linux Kernel Runtime Guard (LKRG) is a out-of-tree loadable kernel module that attempts to detect and report violations of the kernel's internal invariants, such as might be caused by an in-progress security exploit or a rootkit. LKRG has been experimental since its initial release in 2018 . In September 2025, the project announced the 1.0 version. With the promises of stability that version brings, users might want more information to decide whether to include it in their kernel.

ReactOS , an open-source project to develop an operating system that is compatible with Microsoft Windows NT applications and drivers, is celebrating 30 years since the first commit to its source tree. In that time there have been more than 88,000 commits from 301 contributors, for a total of 14,929,578 lines of code. There is, of course, much left to do. It's been such a long journey that many of our contributors today, including myself, were not alive during this event. Yet our mission to del…

Version 1.93.0 of the Rust programming language has been released. Notable changes include in updated version of the bundled musl library, thread-local storage for the global allocator, some asm! improvements, and a number of newly stabilized APIs.

Security updates have been issued by AlmaLinux (gpsd), Debian (inetutils and modsecurity-crs), Fedora (cpp-httplib, curl, mariadb11.8, mingw-libtasn1, mingw-libxslt, mingw-python3, rclone, and rpki-client), Oracle (gimp, glib2, go-toolset:rhel8, golang, kernel, mariadb-devel:10.3, and thunderbird), Red Hat (buildah, go-toolset:rhel8, golang, grafana, kernel, kernel-rt, multiple packages, openssl, osbuild-composer, podman, and skopeo), Slackware (bind), SUSE (ffmpeg-4, libsodium, libvirt, net-sn…

Inside this week's LWN.net Weekly Edition: Front : Singularity; fsconfig(); io_uring restrictions; GPG vulnerabilities; slab allocator; AshOS. Briefs : Pixel exploit; telnetd exploit; OzLabs; korgalore; Firefox Nightly RPMs; Forgejo 14.0; Pandas 3.0; Wine 11.0; Quotes; ... Announcements : Newsletters, conferences, security updates, patches, and more.

As part of the process of writing man pages for the "new" mount API , which has been available in the kernel since 2019, Aleksa Sarai encountered a number of places where the fsconfig() system call—for configuring filesystems before mounting—needs to be cleaned up. In the 2025 Linux Plumbers Conference (LPC) session that he led, Sarai wanted to discuss some of the problems he found, including at least one with security implications. The idea of the session was for him to describe the various bu…

Version 3.0.0 of the pandas data analysis and manipulation library for Python has been released. Notable changes include a dedicated string type ( str ) , new "copy-on-write" behavior , and much more. This release also removes a number of features that were deprecated in prior versions of pandas; developers are advised to upgrade to pandas 2.3 and ensure code is working without warnings before moving to 3.0. See the release notes for the full changelog.

At the 39th Chaos Communication Congress (39C3) in December, researchers Lexi Groves ("49016") and Liam Wachter said that they had discovered a number of flaws in popular implementations of OpenPGP email-encryption standard. They also released an accompanying web site, gpg.fail , with descriptions of the discoveries. Most of those presented were found in GNU Privacy Guard (GPG), though the pair also discussed problems in age , Minisign , Sequoia , and the OpenPGP standard (RFC 9580) itself. The…

Security updates have been issued by AlmaLinux (brotli and container-tools:rhel8), Debian (python-keystonemiddleware and python3.9), Fedora (cef, freerdp, golang-github-tetratelabs-wazero, and libpcap), Oracle (brotli, gpsd, kernel, and transfig), Red Hat (freerdp, golang, java-11-openjdk with Extended Lifecycle Support, libpng, libssh, mingw-libpng, and runc), SUSE (abseil-cpp, alloy, apache2, bind, cpp-httplib, curl, erlang, firefox, gpg2, grafana, haproxy, hauler, hawk2, libblkid-devel, libp…

Konstantin Ryabitsev has put up a blog post about korgalore , a tool he has written to circumvent delivery problems experienced by kernel developers using the large, centralized email systems. We cannot fix email delivery, but we can sidestep it entirely. Public-inbox archives like lore.kernel.org store all mailing list traffic in git repositories. In its simplest configuration, korgalore can shallow-clone these repositories directly and upload any new messages straight to your mailbox using th…

One would assume that most LWN readers stopped running network-accessible telnet services some number of decades ago. For the rest of you, this security advisory from Simon Josefsson is worthy of note: The telnetd server invokes /usr/bin/login (normally running as root) passing the value of the USER environment variable received from the client as the last parameter. If the client supplies a carefully crafted USER environment value being the string "-f root", and passes the telnet(1) -a or --lo…

Mozilla has announced a repository with Firefox Nightly channel packages for RPM-based Linux distributions such as CentOS Stream, Fedora, and openSUSE. Mozilla has provided a Debian repository since 2023. Note that this repository only includes the nightly builds of The firefox-nightly package. Mozilla is not providing stable builds as RPMs at this time. However, the package will not conflict with a distribution's regular firefox package; both packages can be installed at the same time for thos…

LWN has had a number of articles on immutable distributions, such as Bluefin and Bazzite , in recent years. These distributions have taken a variety of approaches, including using rpm-ostree , filesystem snapshots, and bootable container (bootc) images . But those approaches, especially the latter, lead to extra complexity for a user attempting to install new software, instead of just using the existing package manager. AshOS (Any Snapshot Hierarchical OS) is an experimental AGPL-3-licensed " m…

Security updates have been issued by AlmaLinux (gpsd-minimal, jmc, kernel, kernel-rt, and net-snmp), Debian (apache-log4j2 and dcmtk), Fedora (exim, gpsd, mysql8.0, mysql8.4, python-biopython, and rust-lru), Mageia (firefox, nss and thunderbird), Oracle (container-tools:rhel8, gpsd-minimal, jmc, kernel, net-snmp, and uek-kernel), Red Hat (net-snmp), SUSE (chromium, go, harfbuzz-devel, kernel, libsoup, rust1.91, rust1.92, and thunderbird), and Ubuntu (apache2, avahi, and python-urllib3).

OzLabs is a collection of Australian free-software developers that was, for most of its history, associated with IBM. Members of OzLabs have included Hugh Blemings, Michael Ellerman, Ben Herrenschmidt, Greg Lehey, Paul Mackerras, Martin Pool, Stephen Rothwell, Rusty Russell, and Andrew Tridgell, among others. The OzLabs "about" page notes that, as of January 2026, the last remaining OzLabs members have departed IBM. " This brought to a close the Ozlabs association with IBM ". Thus ends a quarte…