Linux Weekly News

Despite its name, the Robot Operating System (ROS) is not an operating system; it is a software development kit (SDK) that provides building blocks for robotic applications. One of the main goals of ROS is to present a common API that abstracts away the details of particular hardware drivers or algorithms to make development easier; developers can focus on what a robot should do rather than the low-level details of specific controllers. The latest release of ROS, Kilted Kaiju, features improvements to the middleware layer that is used to deliver data between components.

Security updates have been issued by AlmaLinux (idm:DL1), Debian (gegl and haproxy), Fedora (ffmpeg, firefox, freeipa, python-pip, rust-astral-tokio-tar, sqlite, uv, webkitgtk, and xen), Oracle (idm:DL1, ipa, kernel, perl-JSON-XS, and python3), Red Hat (git), SUSE (curl, frr, jupyter-jupyterlab, and libsuricata8_0_1), and Ubuntu (linux-aws, linux-lts-xenial, linux-aws-fips, linux-fips, linux-gcp-fips, linux-azure, linux-azure, linux-azure-6.8, linux-fips, linux-gcp-fips, and linux-intel-iot-realtime, linux-realtime).

The Free Software Foundation has announced the selection of Ian Kelling as the organization's president.

Kelling, age forty-three, has held the role of a board member and a voting member since March 2021. The board said of Kelling's confirmation: "His hands-on technical experience resulting from his position as the organization's senior systems administrator proved invaluable for his work on the board of directors. The board is confident Kelling is the right person to help the organization achieve its long-term goals. His commitment to free software comes from a life of exploring ways to exert user control. He has the technical knowledge to speak with authority on most free software issues, and he has a strong connection with the community as an active speaker and blogger."

The GNU Tools Cauldron is almost entirely focused on user-space tools, but kernel developers need a solid toolchain too. In what appears to be a developing tradition (started in 2024), some kernel developers attended the 2025 Cauldron for the second year in a row to discuss their needs with the assembled toolchain developers. Topics covered in this year's gathering include Rust, better BPF type format (BTF) support, SFrame, and more.

Greg Kroah-Hartman has announced the release of the 6.16.10, 6.12.50, 6.6.109, 6.1.155, 5.15.194, 5.10.245, and 5.4.300 stable kernels. All of these kernels have lots of important fixes throughout the kernel tree.

Security updates have been issued by AlmaLinux (perl-JSON-XS), Debian (chromium and openssl), Fedora (bird, dnsdist, firefox, mapserver, ntpd-rs, python-nh3, rust-ammonia, skopeo, sqlite, thunderbird, and xen), Oracle (perl-JSON-XS), Red Hat (kernel, kernel-rt, and libvpx), SUSE (afterburn, cairo, docker-stable, firefox, nginx, python-Django, snpguest, and warewulf4), and Ubuntu (libmspack, libxslt, linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-oracle, linux-raspi, linux-xilinx-zynqmp, linux, linux-aws, linux-aws-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-raspi, linux-xilinx-zynqmp, linux, linux-aws, linux-aws-6.14, linux-hwe-6.14, linux-realtime, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-oracle, linux, linux-aws, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux, linux-kvm, linux-aws-fips, linux-fips, linux-gcp-fips, linux-azure, linux-hwe-6.8, linux-kvm, linux-oracle-5.15, linux-oracle-6.14, linux-raspi, linux-raspi-realtime, linux-realtime, linux-realtime-6.8, linux-realtime-6.14, and python-django).

Inside this week's LWN.net Weekly Edition:

• Front: Fedora and AI; Linting kernel Rust; openSUSE Leap 16; mmap() file operation; 6.17 statistics; dirlock.
• Briefs: Bcachefs removal; Alpine /usr merge; F-Droid; Fedora AI policy; OpenSUSE Leap 16; PostgreSQL 18; Radicle 1.5.0; Quotes; ...
• Announcements: Newsletters, conferences, security updates, patches, and more.

The Alpine Linux project has announced plans to change its base filesystem hierarchy:

In the future, /lib, /bin, and /sbin will be symbolic links to their /usr counterparts, and every package shall be installed under the /usr paths. For now, /usr/bin and /usr/sbin will continue to be independent paths, but that might change if the Filesystem Hierarchy Standard (FHS) gets updated.

The merge will take place in the upcoming Alpine 3.23 release planned for November; non-merged systems will be considered unsupported when 3.22 is at its end of life in May 2027.

The Fedora Council began a process to create a policy on AI-assisted contributions in 2024, starting with a survey to ask the community its opinions about AI and using AI technologies in Fedora. On September 25, Jason Brooks published a draft policy for discussion; so far, in keeping with the spirit of compromise, it has something to make everyone unhappy. For some it is too AI-friendly, while others have complained that it holds Fedora back from experimenting with AI tooling.

Security updates have been issued by AlmaLinux (kernel, kernel-rt, mysql:8.0, and openssh), Debian (libcommons-lang-java, libcommons-lang3-java, libcpanel-json-xs-perl, libjson-xs-perl, libxml2, open-vm-tools, and u-boot), Fedora (bird, dnsdist, mapserver, ntpd-rs, python-nh3, and rust-ammonia), Oracle (kernel and mysql:8.0), Red Hat (cups, postgresql:12, and postgresql:13), SUSE (cJSON-devel, gimp, kernel-devel, kubecolor, open-vm-tools, openssl-1_1, openssl-3, and ruby3.4-rubygem-rack), and Ubuntu (linux-azure-5.15 and openssl, openssl1.0).

The openSUSE Leap 16 release is now available.

This major version update of our fixed-release community-Linux distribution has a fresh software stack and introduces an unmatched maintenance- and security-support cycle, a new installer and simplified migration options.

See our look at this release for more information.

Version 1.5.0 of the Radicle peer-to-peer Git collaboration platform has been released. This release includes better support for bare repositories, structured logging, and improvements in the output of rad patch show:

The previous output would differentiate "updates", where the original author creates a new revision, and "revisions", where another author creates a revision. This could be confusing since updates are also revisions. Instead, the output shows a timeline of the root of the patch and each new revision, without any differentiation. The revision identifiers, head commit of the revision, and author are still printed as per usual.

LWN covered Radicle in March 2024.

Klint is a Rust compiler extension developed by Gary Guo to run some kernel-specific lint rules, which may also be useful for embedded system development. He spoke about his recent work on the project at Kangrejos 2025. The next day, Alejandra González led a discussion about Rust's normal linter, Clippy. The two tools offer complementary approaches to analyzing Rust kernel code, although both need some additional direction and support from kernel developers to reach their full potential.

Security updates have been issued by Debian (python-internetarchive and tiff), Fedora (nextcloud), Oracle (kernel, openssh, and squid), Red Hat (kernel, kernel-rt, and ncurses), SUSE (afterburn and chromium), and Ubuntu (open-vm-tools, ruby-rack, and tiff).

After marking bcachefs "externally maintained" in 6.17, Linus Torvalds has removed it entirely for 6.18. "It's now a DKMS module, making the in-kernel code stale, so remove it to avoid any version confusion."

The 6.17 development cycle ended on September 28 with the release of the 6.17 kernel. This cycle brought in 13,089 non-merge changesets, a slowdown from its predecessor but still within the normal bounds for recent kernels. The time has come for a look at where those changes came from, with a bit of a side trip into bug statistics.

The NixOS moderation team, which is theoretically in charge of ensuring that community participation on the project's repositories and discussion forum remains welcoming and useful, has released a joint resignation statement. This action was motivated by conflict with the project's steering committee (SC), which has repeatedly overridden the moderation team, leading the team members to decide that they could not continue acting as moderators. Arian Van Putten, speaking for the whole team, writes:

The SC has also shown, in private and public conversations, their lack of understanding of basic principles of community management and open communication. They have mistaken quiet and a lack of controversy for success and peace. They have consistently become upset when there is criticism, and gone quiet on crucial issues in between. We have some fundamental conflicts in this community, which absolutely require discussion. Meanwhile, discussion with the SC has only become less effective.

We think that the goal of moderation should not be to avoid difficult conversations - it's to navigate those difficult conversations in ways that remain safe and constructive. We believe we've made considerable progress as a community on making those conversations happen, and we believe they need to happen more for the project to grow, not be suppressed. We thank everyone for the growth that we have seen, and for their efforts to avoid personal focus in discussion, especially recently.

The NixOS project has had problems with community moderation stretching back more than a year. With the next steering council election coming up soon, it will be interesting to see whether the community selects a council that feels differently or not.

As with a mobile phone, a portable gaming device like the Steam Deck can contain lots of personal information that the owner would like to keep secret—especially given that such devices can do far more than gaming. Alberto Garcia worked with his colleagues at Igalia and people at Valve, the company behind the Steam gaming platform, to come up with a new tool to manage encrypted filesystems for SteamOS, which is a Linux distribution optimized for gaming. Garcia gave a talk about that tool, dirlock, at Open Source Summit Europe, which was held in Amsterdam in late August. In the talk, he looked at the design process for the encrypted-files feature, the alternatives considered, and why they made the choices they did.

Security updates have been issued by AlmaLinux (avahi, cups, firefox, gnutls, golang, httpd, kernel, libtpms, mysql, opentelemetry-collector, php:8.2, podman, postgresql:13, postgresql:15, python3, python3.11, python3.12, python3.9, thunderbird, and udisks2), Debian (firefox-esr, gimp, nncp, node-tar-fs, and squid), Fedora (chromium, firebird, python-azure-keyvault-securitydomain, python-azure-mgmt-security, and python-microsoft-security-utilities-secret-masker), Red Hat (httpd:2.4, kernel, kernel-rt, and mod_http2), SUSE (aide, apache2-mod_security2, chromedriver, cloud-init, docker, gdk-pixbuf, git, google-osconfig-agent, govulncheck-vulndb, gstreamer-plugins-base, iperf, kernel, krb5, krita, luajit, net-tools, nvidia-open-driver-G06-signed, pam, postgresql17, python311, rust-keylime, sevctl, tor, tree-sitter-ruby, and udisks2), and Ubuntu (curl, ghostscript, inetutils, python2.7, and qtbase-opensource-src).

The F-Droid project has posted an urgent message regarding Google's plan to require developer registration to install apps on Android devices.

The F-Droid project cannot require that developers register their apps through Google, but at the same time, we cannot "take over" the application identifiers for the open-source apps we distribute, as that would effectively seize exclusive distribution rights to those applications.

If it were to be put into effect, the developer registration decree will end the F-Droid project and other free/open-source app distribution sources as we know them today, and the world will be deprived of the safety and security of the catalog of thousands of apps that can be trusted and verified by any and all. F-Droid's myriad users will be left adrift, with no means to install — or even update their existing installed — applications.