The kernel's perf events subsystem can produce high-quality profiles, with full function-call chains, of resource usage within the kernel itself. Developers, however, often would like to see profiles of the whole system in one integrated report with, for example, call-stack information that crosses the boundary between the kernel and user space. Support for unwinding user-space call stacks in the perf events subsystem is currently inefficient at best. A long-running effort to provide reliable, user-space call-stack unwinding within the kernel, which will improve that situation considerably, appears to be reaching fruition.

Security updates have been issued by AlmaLinux (gnome-remote-desktop, go-toolset:rhel8, golang, jq, kernel, kernel-rt, libxml2, and podman), Fedora (chromium, git, helix, pam, rust-blazesym-c, rust-clearscreen, rust-gitui, rust-nu-cli, rust-nu-command, rust-nu-test-support, rust-procs, rust-which, selenium-manager, sudo, thunderbird, and uv), SUSE (audiofile, chmlib-devel, docker, firefox, go1, libsoup, libsoup2, libssh, libxml2, tomcat, umoci, and xen), and Ubuntu (git and resteasy, resteasy3.0).

Few, if any, web sites or web-based services have gone unscathed by the locust-like hordes of AI crawlers looking to consume (and then re-consume) all of the world's content. The Anubis project is designed to provide a first line of defense that blocks mindless bots—while granting real users access to sites without too much hassle. Anubis is a young project, not even a year old. However, its development is moving quickly, and the project seems to be enjoying rapid adoption. The most recent release of Anubis, version 1.20.0, includes a feature that many users have been interested in since the project launched: support for challenging clients without requiring users to have JavaScript turned on.

Greg Kroah-Hartman has released the 6.15.6, 6.12.37, 6.6.97, 6.1.144, and 5.15.187 stable kernels. As is the usual case, each contains important fixes all over the kernel tree.

Security updates have been issued by Debian (sslh), Oracle (container-tools:rhel8, gnome-remote-desktop, golang, javapackages-tools:201801, jq, libvpx, libxml2, mpfr, and perl-File-Find-Rule-Perl), Red Hat (glib2, libblockdev, and sudo), Slackware (git), SUSE (avif-tools, containerd, djvulibre, gpg2, helm, kernel, libpoppler-cpp2, libxml2, libxml2-2, openssl-3, perl-YAML-LibYAML, python-cryptography, python-setuptools, python311-pycares, tomcat10, and wireshark), and Ubuntu (djvulibre, git, libyaml-libyaml-perl, and protobuf).

Inside this week's LWN.net Weekly Edition:

• Front: Python packaging; Kernel API specification; Kselftests and KUnit; niri; pedalboard.
• Briefs: Git security fixes; Amarok 3.3; Bash 5.3; Thunderbird 140; tmux-rs; U-Boot 2025.07; Quotes; ...
• Announcements: Newsletters, conferences, security updates, patches, and more.

Version 3.3 of the Amarok music player has been released. This is the first release of Amarok based on KDE Frameworks 6 and Qt 6. Amarok 3.3 also includes a major rework of its audio engine to use GStreamer for audio playback.

The reworked audio engine provides unified feature set for all users and should provide a solid and future-proof sonic experience for years to come. Notable improvements have also landed to the database system: improved character set support helps with e.g. emojis in podcast descriptions and other very exotic symbols, date handling has been improved ('year 2038 problem'), and various other potential and actual database-related issues have been fixed.

The AlmaLinux project has announced new upgrade paths for its ELevate utility, which allows users to upgrade between major versions of Red Hat Enterprise Linux derivatives. The new paths include upgrades from AlmaLinux 9 to AlmaLinux 10 and CentOS Stream 9 to CentOS Stream 10, with support for EPEL, Docker CE, and PostgreSQL third-party package repositories. LWN covered ELevate last year.

It is no secret that the Python packaging world is at something of a crossroads; there have been debates and discussions about the packaging landscape that started long before our 2023 series describing some of the difficulties. There has been progress since then—and incremental improvements all along, in truth—but a new initiative is looking to overhaul packaging for the language. At PyCon US 2025, Barry Warsaw and Jonathan Dekhtiar gave a presentation on the WheelNext project, which is a community effort that aims improve the experience for users and providers of Python packages while also working with toolmakers and other parts of the ecosystem to "reinvent the wheel". While the project's name refers to Python's wheel binary distribution format, its goals stretch much further than simply the format.

Security updates have been issued by AlmaLinux (container-tools:rhel8, jq, kernel, podman, python-setuptools, socat, and thunderbird), Gentoo (Chromium, Google Chrome, Microsoft Edge. Opera, ClamAV, Git, NTP, REXML, and strongSwan), Oracle (buildah, gnome-remote-desktop, ipa, jq, kernel, podman, python-setuptools, ruby:3.3, socat, uek-kernel, and xorg-x11-server-Xwayland), SUSE (kernel), and Ubuntu (freerdp3, git, gnupg2, linux-aws, linux-oracle, linux-azure, linux-azure, linux-azure-6.11, linux-fips, linux-aws-fips, linux-azure-fips, linux-gcp-fips, linux-ibm-5.15, linux-intel-iotg, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-kvm, linux-lowlatency, linux-oem-6.11, and onionshare).

Versions v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1 and v2.50.1 of the Git source-code management system have been released. "This is a set of coordinated security fix releases. Please update at your earliest convenience". See the announcement for details; many of the vulnerabilities have to do with tricks buried in untrusted repositories.

Version 140 of the Thunderbird mail client has been released. Notable features include "dark message mode" to adapt message content to dark mode, the ability to easily transfer desktop settings to the mobile Thunderbird client, experimental support for Microsoft Exchange, as well as global controls for message threading and sort order.

Thunderbird 140 is an extended-support release (ESR) which will be supported for 12 months. However, the Thunderbird project is trying to encourage users to adopt the Release channel for monthly updates instead. The project is staggering upgrades to 140 for existing Thunderbird users in order to catch any significant bugs before they are widely deployed, but users can upgrade manually via the Help > About menu. See the release notes for a full list of changes.

The kernel project, for many years, lacked a formal testing setup; it was often joked that testing was the project's main reason for keeping users around. While many types of kernel testing can only be done in the presence of specific hardware, there are other parts of the kernel that could be more widely tested. Over time, though, the kernel has gained two separate testing frameworks and a growing body of automated tests to go with them. These two frameworks — kselftests and KUnit — take different approaches to the testing problem; now this patch series from Thomas Weißschuh aims to bring them together.

Security updates have been issued by Debian (djvulibre and slurm-wlm), Red Hat (apache-commons-vfs, container-tools:rhel8, kernel, kernel-rt, podman, python3, rsync, socat, and sudo), SUSE (apache2, helm-mirror, incus, kernel, openssl-3, python-Django, and systemd), and Ubuntu (dcmtk, File::Find::Rule, ghostscript, jquery, and libssh).

The U-Boot universal bootloader project has announced the release of version 2025.07. It has multiple new features including "uthreads" (inspired by the "bthreads" coroutines in the barebox bootloader), exFAT support, new architecture and SoC support and improvements to existing platforms, cleanups, better testing, and more. Project leader Tom Rini took the opportunity to mention his efforts toward getting some help with the project and more formal governance:

As this is a full release, and not just a release candidate I'm hoping for a few more people to read this and then read what I'm linking to as well. For the overall health of the project, and the community, I'm hoping to find a few people within the community that can help with overall organization and management. I would like to long term be able to move us to being under the Software Freedom Conservancy umbrella and that in turn means having a organizational structure that's not just a single person.

He also noted that there is a community meeting on July 8th, 2025 at 9am (GMT -06:00) on Google Meet.

The GNU project's Bourne Again SHell (Bash) has released version 5.3, with some significant new features, including some from the associated Readline 8.3 release, which provides command-line editing and other features for Bash and lots of other programs. Bash 5.3 has a "new form of command substitution that executes the command in the current shell execution context", pathname-completion sorting will be handled based on the GLOBSORT shell variable, generated completions can go to a shell variable instead of to stdout, the source code has been updated to C23, and more. Meanwhile:

Readline has new features as well. There is a new option that allows case-insensitive searching, a new command that executes a named readline command, and a new command that exports possible word completions in a specified format for consumption by another process.

Niri is a relatively new Rust-based compositor for Wayland with a different take on tiling window management: windows are placed onscreen in an "infinite" row that can expand beyond the bounds of the visible workspace. It is not a full-blown desktop environment, but niri may be a suitable option for Linux users who want tiling features and the minimalism of a window manager for Wayland.

Security updates have been issued by Debian (thunderbird and xmedcon), Fedora (darktable, mbedtls, sudo, and yarnpkg), Mageia (catdoc and php), Red Hat (java-1.8.0-ibm, kernel, python-setuptools, python3, python3.11, python3.12, python3.9, socat, sudo, tigervnc, webkit2gtk3, webkitgtk4, xorg-x11-server, and xorg-x11-server-Xwayland), SUSE (alloy, apache-commons-fileupload, apache2-mod_security2, assimp-devel, chromedriver, clamav, clustershell, corepack22, ctdb, curl, dpkg, erlang-rabbitmq-client, ffmpeg-4, firefox, firefox-esr, flake-pilot, fractal, gdm, ggml-devel-5699, gio-branding-upstream, git-lfs, glib2, glibc, go1.23, go1.24, govulncheck-vulndb, gpg2, grafana, grype, helm, himmelblau, icu, jgit, jq, jupyter-bqplot-jupyterlab, jupyter-jupyterlab-templates, jupyter-matplotlib, jupyter-nbclassic, jupyter-nbdime, jupyter-panel, jupyter-plotly, keylime-ima-policy, kubernetes1.30-apiserver, kubernetes1.31-apiserver, kubernetes1.32-apiserver, libbd_btrfs-devel, libetebase-devel, libmozjs-128-0, libprotobuf-lite31_1_0, libQt5Bootstrap-devel-static-32bit, libsoup, libsoup-2_4-1, libsoup-3_0-0, libspdlog1_15, libssh, libssh-config, libsystemd0, libtpms-devel, libwireshark18, libwx_gtk2u_adv-suse16_0_0, mirrorsorcerer, moarvm, nix, nodejs-electron, nova, oci-cli, opa, openbao, ovmf-202505, pam, pam_pkcs11, perl, perl-32bit, perl-CryptX, perl-File-Find-Rule, perl-YAML-LibYAML, podman, polaris, postgresql-jdbc, pure-ftpd, python-furo-doc, python-requests, python310, python311, python311-Django, python311-Django4, python311-jupyter-core, python311-Pillow, python311-pydata-sphinx-theme, python311-requests, python311-salt, python311-urllib3, python312, python313, python314, python39, radare2, redis, samba, SDL, SDL2, sudo, teleport, thunderbird, tomcat, tomcat10, tomcat11, traefik, traefik2, valkey, velociraptor, vim, xorg-x11-server, and xwayland), and Ubuntu (linux-ibm, linux-intel-iotg, linux-lowlatency, linux-lowlatency-hwe-6.11, and linux-oem-6.14).

The 6.16-rc5 kernel prepatch has been released. Quoth Linus: "Please keep testing, but this all feels fairly regular for this phase of the release".

The 6.15.5, 6.12.36, 6.6.96, and 6.1.143 stable kernels have been released; each contains another set of important fixes.

The pedalboard library for Python is aimed at audio processing of various sorts, from converting between formats to adding audio effects. The maintainer of pedalboard, Peter Sobot, gave a talk about audio in Python at PyCon US 2025, which was held in Pittsburgh, Pennsylvania in May. He started from the basics of digital audio and then moved into working with pedalboard. There were, as might be guessed, audio examples in the talk, along with some visual information; interested readers may want to view the YouTube video of the presentation.

Security updates have been issued by AlmaLinux (.NET 9.0, container-tools:rhel8, ghostscript, git-lfs, grafana-pcp, pandoc, perl-FCGI:0.78, ruby:2.5, ruby:3.3, tigervnc, and varnish:6), Debian (jpeg-xl and mediawiki), Fedora (darktable, guacamole-server, mingw-gdk-pixbuf, and yarnpkg), Oracle (gimp, kernel, libsoup, python-tornado, python3.12, and thunderbird), Slackware (php), SUSE (libgepub), and Ubuntu (libtpms, linux-aws-5.15, linux-intel-iot-realtime, and linux-bluefield).

Collin Richards has announced version 0.0.1 of tmux-rs, a port of the tmux terminal multiplexer to Rust.

For the [past] 6 months or so I've been quietly porting tmux from C to Rust. I've recently reached a big milestone: the code base is now 100% (unsafe) Rust. I'd like to share the process of porting the original codebase from ~67,000 lines of C code to ~81,000 lines of Rust (excluding comments and empty lines). You might be asking: why did you rewrite tmux in Rust? And yeah, I don't really have a good reason. It's a hobby project. Like gardening, but with more segfaults.

Richards says that the next goal for the project is to convert it to safe Rust. It is currently "not very difficult to get it to crash", but he wanted to share the project with other Rust fans now. The project is available on GitHub.

The kernel project makes a strong promise to its users: the kernel ABI will not be changed in ways that break user-space code. The occasional failure notwithstanding, kernel developers do try to live up to that promise. They are handicapped by one little problem, though: there is no description of what the kernel ABI is, and no comprehensive way to test whether a given change breaks it. The kernel API specification framework proposed (in its second revision) by Sasha Levin addresses some of those concerns, but the solution is incomplete and does not come for free.

Security updates have been issued by AlmaLinux (.NET 9.0, aardvark-dns, apache-commons-beanutils, bootc, buildah, corosync, delve and golang, exiv2, expat, firefox, ghostscript, git, git-lfs, gnutls, grafana, grafana-pcp, grub2, gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server, gstreamer1-plugins-base, gstreamer1-plugins-good, gvisor-tap-vsock, iptraf-ng, java-21-openjdk, kernel, keylime-agent-rust, krb5, libarchive, libblockdev, libsoup3, libtasn1, libvpx, libxslt, microcode_ctl, mod_auth_openidc, nodejs22, nodejs:20, openjpeg2, osbuild and osbuild-composer, perl-FCGI, perl-Module-ScanDeps, perl-YAML-LibYAML, php, php:8.2, php:8.3, podman, protobuf, python-jinja2, python-requests, python3.11, python3.12, python3.12-cryptography, python3.9, rpm-ostree, rsync, rust-bootupd, skopeo, thunderbird, tigervnc, tomcat, tomcat9, webkit2gtk3, xdg-utils, xorg-x11-server, and xorg-x11-server-Xwayland), Debian (ring), Mageia (libarchive and rootcerts, nss & firefox), Oracle (.NET 9.0, corosync, firefox, osbuild-composer, pam, python3, python3.11, python3.12, python3.9, skopeo, sudo, and thunderbird), Red Hat (microcode_ctl, pam, php, thunderbird, tigervnc, xorg-x11-server, xorg-x11-server and xorg-x11-server-Xwayland, and xorg-x11-server-Xwayland), SUSE (clamav, icu, libgepub, libsoup, python-requests, tomcat, and xorg-x11-server), and Ubuntu (clamav, logback, mongo-c-driver, pcs, and python-flask-cors).

Inside this week's LWN.net Weekly Edition:

• Front: Kernel features from Python; i686 in Fedora; Kernel development with LLMs; Rust drivers; Load balancing with machine learning; Transparent huge pages.
• Briefs: Bcachefs removal; Coccinelle for Rust; Netdev Foundation; Oracle Linux 10; GNU HHIS 5.0; Rust 1.88.0; Quotes; ...
• Announcements: Newsletters, conferences, security updates, patches, and more.

Debian's Bananas team has put out a call for people with Apple M1 or M2 systems to help test Debian on those machines:

The Bananas Team has set up an installer at with images for GNOME, KDE and console installations. While we'd like to build an actual Debian installer sooner or later (we may need a heads-up from the Debian Images team for that), at this time we only provide an asahi-type installer, which installs both the "bootloader" and the OS partitions to disk from the network (as opposed to only installing the bootloader and then letting you install Debian using a d-i USB stick). We haven't forked Trixie from Testing yet, so what you'll get is Debian Testing quite deep into the freeze.

The Netdev Foundation, which is "a user-led effort under the supervision of the Linux Foundation, focused on financially supporting Linux networking development", has announced its existence.

The initial motivation was to move the NIPA testing outside of Meta, so that more people can help and contribute. But there should be sufficient budget to sponsor more projects.

(NIPA is Netdev Infrastructure for Patch Automation).

Every release of the Linux kernel has lots of new features, many of which are accessible from user space. Usually, though, the GNU C Library (glibc) and tools that access the Linux user-space API lag behind the kernel releases. Geoffrey Thomas showed how Python programs can access these new kernel features as soon as the kernel is released in his "What's New in the Linux Kernel... from Python" talk at PyCon US 2025. While he had two examples of accessing new kernel features, the real goal of the talk was to demonstrate how to go about connecting Python to the Linux kernel.

The copyleft-next project is an effort to develop a next-generation copyleft license; it was covered here back in 2013 (as well as in 2015 and 2021). The project has stalled in recent years, but now Richard Fontana and Bradley Kuhn have announced a new effort to push copyleft-next forward:

Today, GPLv3 turns exactly 18 years old. This month, GPLv2 turned 34 years old. These are both great licenses and we love them. Nevertheless, at least once in a generation, FOSS needs a new approach to strong copyleft.

Security updates have been issued by AlmaLinux (apache-commons-beanutils, firefox, kea, kernel, kernel-rt, libblockdev, libvpx, pam, python-setuptools, python3, python3.11, python3.12, python3.9, and sudo), Debian (chromium), Gentoo (sudo), Oracle (.NET 8.0, buildah, firefox, freerdp, golang-github-openprinting-ipp-usb, grafana, grafana-pcp, gvisor-tap-vsock, libsoup3, mod_proxy_cluster, perl-FCGI, podman, python-setuptools, qt6-qtbase, skopeo, sudo, and thunderbird), Slackware (mozilla), SUSE (redis, runc, xorg-x11-server, and xwayland), and Ubuntu (composer, linux, linux-aws, linux-aws-6.8, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle, linux-oracle-6.8, linux-raspi, linux, linux-aws, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15, linux, linux-aws, linux-gcp, linux-gcp-6.11, linux-hwe-6.11, linux-oracle, linux-raspi, linux-realtime, linux, linux-aws, linux-lts-xenial, linux, linux-gcp, linux-raspi, linux-realtime, linux-fips, linux-fips, linux-aws-fips, linux-gcp-fips, linux-realtime, and linux-realtime, linux-raspi-realtime).

Version 5.0 of the GNU Health Hospital Information System has been released. This project, working to support medical offices, shows just how far the free-software effort can reach. Changes in this release include improved reporting and analytics, more comprehensive handling of many types of patient information, a reworked medical-imaging subsystem, better insurance and billing functionality, and more.

Transparent huge pages (THPs) are, theoretically, supposed to allow processes to benefit from larger page sizes without changes to their code. This does work, but the performance impacts from THPs are not always a benefit, so system administrators with specific knowledge of their workloads may want the ability to fine-tune THPs to the application. On May 15, Usama Arif shared a patch set that would add a prctl() option for setting THP defaults for a process; that patch set has sparked discussion about whether such a setting is a good fit for prctl(), and what alternative designs may work instead.

The extensible scheduler class ("sched_ext") allows the loading of a custom CPU scheduler into the kernel as a set of BPF functions; it was merged for the 6.12 kernel release. Since then, sched_ext has enabled a wide range of experimentation with scheduling algorithms. At the 2025 Open Source Summit North America, Ching-Chun ("Jim") Huang presented work that has been done to apply (local) machine learning to the problem of scheduling processes on complex systems.

The OsmAnd map and navigation app project recently celebrated its 15th anniversary.

All these 15 years can be roughly divided into three stages. For the first five years, we built the very basic functionality—offline maps and navigation that just worked. Over the next five years, we transformed OsmAnd into a full-fledged application with plugins, extensive settings, and professional tools. We dedicated the third five-year period to deep internal work: completely rewriting and improving key components like the rendering engine and routing algorithms.

Now, a new, fourth stage begins. We have reached functional maturity, and our main goal for the near future is to polish what we've already built. We will focus on stability, speed, and consolidation. User expectations are growing, and what was once considered normal must now be flawless.

(Thanks to Paul Wise).

Security updates have been issued by AlmaLinux (delve, emacs, gimp, gimp:2.8, glibc, idm:DL1, ipa, iputils, kernel, krb5, libarchive, libblockdev, libxml2, mod_proxy_cluster, osbuild-composer, pam, perl-File-Find-Rule, perl-YAML-LibYAML, qt5-qtbase, weldr-client, xorg-x11-server and xorg-x11-server-Xwayland, and xorg-x11-server-Xwayland), Debian (mbedtls and sudo), Oracle (.NET 8.0, delve, delve, golang, firefox, ghostscript, glibc, golang, grafana, iputils, kernel, krb5, libarchive, libblockdev, nodejs22, ruby, thunderbird, tomcat, tomcat9, unbound, and wireshark), Red Hat (glibc and mod_auth_openidc), Slackware (sudo), SUSE (gpg2, ImageMagick, iputils, jakarta-commons-fileupload, kernel, libblockdev, libsoup, open-vm-tools, pam, python-tornado6, screen, sudo, and xwayland), and Ubuntu (linux, linux-aws, linux-gcp, linux-gcp-6.11, linux-hwe-6.11, linux-oracle, linux-raspi, linux-realtime, linux-gcp, linux-gcp-6.8, linux-hwe-5.4, linux-oem-6.11, and sudo).

A change proposal to end support for 32-bit x86 (i686) applications on the x86_64 architecture with the Fedora 44 release has been withdrawn after significant pushback. As proposed, the change could have had a significant impact on gamers, compiler development, and the Bazzite project, which uses Fedora as a base for a gaming-focused distribution. While i686 gets a reprieve for now, the question still lingers: who is going to keep the necessary i686 packages in working order when few upstream maintainers or volunteer packagers care about the architecture?

Security updates have been issued by AlmaLinux (mod_proxy_cluster), Debian (catdoc, chromium, nagvis, and sudo), Fedora (chromium, gum, kubernetes1.32, moodle, podman, python3-docs, python3.13, salt, and tigervnc), Mageia (x11-server, x11-server-xwayland & tigervnc), Oracle (apache-commons-beanutils, exiv2, expat, firefox, git, git-lfs, gstreamer1-plugins-bad-free, ipa, java-21-openjdk, kea, kernel, libarchive, libblockdev, libsoup3, libvpx, libxslt, mod_auth_openidc, nodejs22, osbuild-composer, perl, perl-File-Find-Rule, php, python-jinja2, python-tornado, sqlite, thunderbird, valkey, varnish, weldr-client, xorg-x11-server-Xwayland, xz, and yggdrasil), Red Hat (apache-commons-beanutils, javapackages-tools:201801, kernel, and python3.11), SUSE (apache-commons-fileupload, gimp, glib2, himmelblau, nvidia-open-driver-G06-signed, sqlite3, thunderbird, yelp, and yelp-xsl), and Ubuntu (samba).

Linus has released 6.16-rc4 for testing. "Despite a fairly large merge window, things continue to look fairly calm on the rc front".