Welcome to LWN.net
LWN.net is a reader-supported news site dedicated to producing the best coverage from within the Linux and free software development communities. See the LWN FAQ for more information, and please consider subscribing to gain full access and support our activities.
[$] The first half of the 7.0 merge window
The merge window for Linux 7.0 has opened, and with it comes a number of interesting improvements and enhancements. At the time of writing, there have been 7,695 non-merge commits accepted. The 7.0 release is not special, according to the kernel's versioning scheme — just the release that comes after 6.19. Humans love symbolism and round numbers, though, so it may feel like something of a milestone.
[$] Open-source mapping for disaster response
At FOSDEM 2026 Petya
Kangalova, a senior tech partnership and engagement manager for the Humanitarian OpenStreetMap
Team (HOT) spoke about how
the project helps people map their surroundings to assist in
disaster response and humanitarian aid. The project has
developed a stack of technology to help volunteers collectively map an
area and add in local knowledge metadata. "One of the core things
that we believe is that when we speak about disaster response or
people having access to data is that they really need accessible
technology that's free and open for anyone to use
."
[$] Poisoning scraperbots with iocaine
Web sites are being increasingly beset by AI scraperbots — a problem that we have written about before, and which has slowly ramped up to an occasional de-facto DDoS attack. This has not gone uncontested, however: web site operators from around the world have been working on inventive countermeasures. These solutions target the problem posed by scraperbots in different ways; iocaine, a MIT-licensed nonsense generator, is designed to make scraped text less useful by poisoning it with fake data. The hope is to make running scraperbots not economically viable, and thereby address the problem at its root instead of playing an eternal game of Whac-A-Mole.
[$] The reverting of revocable
Transient devices pose a special challenge for an operating-system kernel. They can disappear at any time, leaving behind kernel data structures that no longer refer to an existing device, but which may still be in use by unknown kernel code. Managing the resulting lifecycle issues has frustrated kernel developers for years. In September 2025, the revocable resource-management patch series from Tzung-Bi Shih appeared to offer a partial solution to this problem. Since then, though, other problems have arisen, and the planned merging of this series into the 7.0 release has been called off.
[$] LWN.net Weekly Edition for February 12, 2026
Posted Feb 12, 2026 0:02 UTC (Thu)The LWN.net Weekly Edition for February 12, 2026 is available.
Inside this week's LWN.net Weekly Edition
- Front: Git; GCC and KCFI; modernizing swapping; 6.18 statistics; modern FOSS challenges.
- Briefs: Kernel ML; tag2upload; LFS sysvinit; postmarketOS FOSDEM; Ardour 9.0; Offpunk 3.0; Dave Farber RIP; Quotes; ...
- Announcements: Newsletters, conferences, security updates, patches, and more.
[$] Evolving Git for the next decade
Git is ubiquitous; in the last two decades, the version-control system has truly achieved world domination. Almost every developer uses it and the vast majority of open-source projects are hosted in Git repositories. That does not mean, however, that it is perfect. Patrick Steinhardt used his main-track session at FOSDEM 2026 to discuss some of its shortcomings and how they are being addressed to prepare Git for the next decade.
[$] FOSS in times of war, scarcity, and AI
Michiel Leenaars, director of strategy at the NLnet Foundation, used his keynote at FOSDEM to sound warnings for the community for free and open-source (FOSS) software; in particular, he talked about the threats posed by geopolitical politics, dangerous allies, and large language models (LLMs). His talk was a mix of observations and suggestions that pertain to FOSS in general and to Europe in particular as geopolitical tensions have mounted in recent months.
[$] Development statistics for 6.19
Linus Torvalds released the 6.19 kernel on February 8, as expected. This development cycle brought 14,344 non-merge changesets into the mainline, making it the busiest release since 6.16 in July 2025. As usual, we have put together a set of statistics on where these changes come from, along with a quick look at how long new kernel developers stay around.
[$] Kernel control-flow-integrity support comes to GCC
Control-flow integrity (CFI) is a set of techniques that make it more difficult for attackers to hijack indirect jumps to exploit a system. The Linux kernel has supported forward-edge CFI (which protects indirect function calls) since 2020, with the most recent implementation of the feature introduced in 2022. That version avoids the overhead introduced by the earlier approach by using a compiler flag (-fsanitize=kcfi) that is present in Clang but not in GCC. Now, Kees Cook has a patch set adding that support to GCC that looks likely to land in GCC 17.
[$] Modernizing swapping: the end of the swap map
The first installment in this series introduced several data structures in the kernel's swap subsystem and described work to replace some of those with a new "swap table" structure. The work did not stop there, though; there is more modernization of the swap subsystem queued for an upcoming development cycle, and even more for multiple kernel releases after that. Once that work is done, the swap subsystem will be both simpler and faster than it is now.
Vim 9.2 released
Version 9.2 of the
Vim text editor has been released. "Vim 9.2 brings significant
enhancements to the Vim9 scripting language, improved diff mode,
comprehensive completion features, and platform-specific improvements
including experimental Wayland support.
" Also included is a new
interactive tutor mode.
New delegation for Debian's data protection team
Debian Project Leader (DPL) Andreas Tille has announced a new delegation for Debian's data protection team:
Following the end of the previous delegation, Debian was left without an active Data Protection team. This situation has understandably drawn external attention and highlighted the importance of having a clearly identified point of contact for data protection matters within the project.
I am therefore very pleased to announce that new volunteers have stepped forward, allowing us to re-establish the Debian Data Protection team with a fresh delegation.
Tille had put out a call for volunteers in January after all previous members of the team had stepped down. He has appointed Aigars Mahinovs, Andrew M.A. Cater, Bart Martens, Emmanuel Arias, Gunnar Wolf, Kiran S Kunjumon, and Salvo Tomaselli as the new members of the team. The team provides a central coordination and advisory function around Debian's data handling, retention, dealing with deletion requests, and more.
Security updates for Friday
Security updates have been issued by AlmaLinux (firefox, gcc-toolset-14-binutils, nodejs:20, nodejs:22, nodejs:24, php:7.4, and python3.12), Debian (haproxy, nginx, postgresql-15, and postgresql-17), Fedora (libssh), Oracle (glib2, libsoup, nodejs:20, nodejs:22, and php:7.4), SUSE (assimp, gnutls, helm, kernel, kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t, libmunge2, libsodium, libsoup, micropython, munge, openCryptoki, python-azure-core, rust-keylime, rustup, sccache, snpguest, tcpreplay, xorg-x11-server, xrdp, and zabbix), and Ubuntu (dnsdist, dotnet8, dotnet9, dotnet10, haproxy, libpng1.6, linux-aws-5.15, linux-azure, linux-azure-fips, linux-oracle, linux-oracle-5.4, munge, nginx, and node-dottie).
Debian DFSG Team announces new dashboard and queue processes
Reinhard Tartler of Debian's new DFSG, Licensing & New Packages Team, or simply "DFSG Team", has announced that the team is now operational and is deploying new tooling to improve the NEW queue experience for Debian developers and maintainers.
Our primary and immediate goal is simple: get the queue down.
We are currently settling in and refining our processes to ensure stability and consistency. While our focus right now is on clearing the backlog, our long-term vision is to enable all Debian Developers to meaningfully contribute to DFSG reviewing activities, distributing the workload and knowledge more effectively across the project.
The announcement includes information on the new dashboard for packages in the NEW queue, the rationale for the new tooling, and an introduction to the members of the team.
A single stable kernel for Thursday
Greg Kroah-Hartman has released the 6.12.71 stable kernel. He writes,
"All users of the 6.12 kernel series that had issues with 6.12.69
or 6.12.70 should upgrade, as some regressions are fixed
here.
"
Security updates for Thursday
Security updates have been issued by AlmaLinux (brotli, git-lfs, image-builder, kernel, keylime, libsoup3, and pcs), Fedora (chromium, gnutls, osslsigncode, and p11-kit), Mageia (golang, libpng, thunderbird, and xrdp), Red Hat (git-lfs, go-toolset:rhel8, golang, golang-github-openprinting-ipp-usb, osbuild-composer, and toolbox), Slackware (gnutls and libpng), SUSE (apptainer, cockpit, cockpit-packages, cockpit-subscriptions, freerdp2, gimp, glib2, go, go1.24, go1.25, gpg2, ImageMagick, java-1_8_0-openjdk, kernel, keylime-config, keylime-ima-policy, lemon, libp11-kit0, libsoup, libsoup-2_4-1, libxml2, libxml2-16, munge, nodejs20, nvidia-modprobe.cuda, nvidia-open-driver-G06-signed, nvidia-persistenced.cuda, openQA, orthanc, gdcm, orthanc-authorization,, python-brotlipy, python-Django, python-maturin, python-pyasn1, python-urllib3, python-wheel, python313-wheel, qemu, rust-keylime, sqlite3, uriparser, wicked2nm, and xrdp), and Ubuntu (libtasn1-6, libwebsockets, libxmltok, linux, linux-aws, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux, linux-raspi, linux, linux-raspi, linux-realtime, linux-aws, linux-aws-6.8, linux-gcp, linux-gcp-6.8, linux-ibm, linux-ibm-6.8, linux-lowlatency-hwe-6.8, linux-aws-5.15, linux-gcp-5.15, linux-nvidia-tegra-igx, linux-oracle-5.15, linux-xilinx-zynqmp, linux-aws-fips, linux-fips, linux-gcp-fips, linux-gcp, linux-gcp-6.8, linux-gcp-fips, linux-intel-iot-realtime, linux-realtime, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-realtime-6.8, linux-xilinx-zynqmp, and python-multipart).
Linux man pages 6.17 released
Version 6.17 of the Linux manual-page collection has been released. Along with a long list of updates to the man pages themselves, it includes some new utility programs of interest.
The grepc(1) program is something that originated in this project, as it helped me find code quickly in glibc and the Linux kernel. However, I've found it incredibly useful outside of this project. I'll take some space to announce it, as it's much more than just a tool for writing manual pages, and I expect it to be useful to most --if not all-- C programmers.It is a command-line tool that finds C source code (for example, a function definition) in arbitrary projects. It doesn't use any indexing mechanism (unlike ctags and similar tools). This means that it can be used right after cloning some repository, without having to first generate an index.
postmarketOS FOSDEM 2026 and hackathon recap
The postmarketOS project has published a recap from FOSDEM 2026, including the FOSS on Mobile devroom, and a summary of its post-FOSDEM hackathon. This includes decisions on governance and the project's AI policy:
AI policy: our current AI policy does not state that we forbid the use of generative AI in postmarketOS, so far this document just lists why we think it is a bad idea and misaligned with the project values. We discussed this and will soon change it (via merge request) to clearly state that we don't want generative AI to be used in the project. It was also noted that currently the policy is too long, it would make sense to split it into the actual policy and still keep, but separate the reasoning from it.
[...] Power delegation and teams: in over two hours we discussed how to move forward with [postmarketOS change request] PMCR 0008 to organize ourselves better, and how it fits with soon having a legal entity. We figured that we need to rename "The Board" (which is currently for financial oversight) to "Financial Team", as we will soon have a new board for the legal entity. In the end our idea was to have the new board refer to an "assembly" for all important decisions, and this "assembly" would just be all Trusted Contributors in postmarketOS. The Core Contributors team would be dissolved in favor of having several topic-specific teams (a lot of which we already have, such as the infra team). This way we would have a very flat decision structure. The PMCR will be updated soon and discussed further there. Casey also asked on fedi for further feedback and got a lot of input.
Other topics include reaching out to resellers to sell phones with postmarketOS preinstalled, security, and more.
Stable kernels for Wednesday
Greg Kroah-Hartman has unleashed six new stable kernels: 6.18.10, 6.6.124, 6.12.70, 6.1.163, 5.15.200, and 5.10.250. Each one contains important fixes throughout the tree; users are advised to upgrade.
Security updates for Wednesday
Security updates have been issued by Debian (kernel, linux-6.1, munge, and tcpflow), Fedora (accel-ppp, atuin, babl, bustle, endless-sky, envision, ettercap, fapolicy-analyzer, firefox, glycin, gnome-settings-daemon, go-fdo-client, greenboot-rs, greetd, helix, hwdata, keylime-agent-rust, kiwi, libdrm, maturin, mirrorlist-server, ntpd-rs, ogr2osm, open-vm-tools, perl-App-Cme, perl-Net-RDAP, perl-rdapper, polymake, python-requests-ratelimiter, python-tqdm, rust-add-determinism, rust-afterburn, rust-ambient-id, rust-app-store-connect, rust-bat, rust-below, rust-btrd, rust-busd, rust-bytes, rust-cargo-c, rust-cargo-deny, rust-coreos-installer, rust-crypto-auditing-agent, rust-crypto-auditing-client, rust-crypto-auditing-event-broker, rust-crypto-auditing-log-parser, rust-dua-cli, rust-eif_build, rust-git-delta, rust-git-interactive-rebase-tool, rust-git2, rust-gst-plugin-dav1d, rust-gst-plugin-reqwest, rust-heatseeker, rust-ingredients, rust-jsonwebtoken, rust-lsd, rust-monitord, rust-monitord-exporter, rust-muvm, rust-nu, rust-num-conv, rust-onefetch, rust-oo7-cli, rust-pleaser, rust-pore, rust-pretty-git-prompt, rust-procs, rust-rbspy, rust-rbw, rust-rd-agent, rust-rd-hashd, rust-redlib, rust-resctl-bench, rust-resctl-demo, rust-routinator, rust-sccache, rust-scx_layered, rust-scx_rustland, rust-scx_rusty, rust-sequoia-chameleon-gnupg, rust-sequoia-keystore-server, rust-sequoia-octopus-librnp, rust-sequoia-sq, rust-sevctl, rust-shadow-rs, rust-sigul-pesign-bridge, rust-speakersafetyd, rust-tealdeer, rust-time, rust-time-core, rust-time-macros, rust-tokei, rust-weezl, rust-wiremix, rust-ybaas, rustup, sad, strawberry, systemd, tbtools, transmission, trustedqsl, tuigreet, uv, and vdr-extrecmenung), Oracle (brotli, git-lfs, java-1.8.0-openjdk, kernel, libsoup, libsoup3, nodejs:24, python3.12, and thunderbird), Red Hat (fence-agents, python-urllib3, python3.11-urllib3, python3.12-urllib3, and resource-agents), SUSE (avahi, cups, freerdp, golang-github-prometheus-prometheus, java-11-openjdk, java-17-openjdk, libsoup2, libxml2, and python-pip), and Ubuntu (expat, glib2.0, and imagemagick).