Kernel development and machine learning seem like vastly different areas of endeavor; there are not, yet, stories circulating about the vibe-coding of new memory-management algorithms. There may well be places where machine learning (and large language models — LLMs — in particular) prove to be helpful on the edges of the kernel project, though. At the 2025 North-American edition of the Open Source Summit, Sasha Levin presented some of the work he has done putting LLMs to work to make the kernel better

Security updates have been issued by Debian (firefox-esr and libxml2), Fedora (firefox, libtpms, and tigervnc), Mageia (chromium-browser-stable and nss & firefox), Oracle (emacs, iputils, kernel, krb5, libarchive, mod_proxy_cluster, pam, perl-File-Find-Rule, perl-YAML-LibYAML, and qt5-qtbase), Red Hat (opentelemetry-collector, osbuild-composer, and weldr-client), SUSE (clamav, firefox, go1.24-openssl, and helm), and Ubuntu (libarchive, linux-azure, linux-azure-5.4, linux-azure-fips, linux-fips, linux-azure-nvidia, linux-oracle, linux-oracle-6.8, linux-raspi, linux-raspi-realtime, linux-xilinx-zynqmp, and python-urllib3).

Inside this week's LWN.net Weekly Edition:

• Front: Libxml2; GNOME and systemd; Rust in the kernel; Defconfigs; ngnfs, Free-threaded Python; Asterinas.
• Briefs: LSFMM+BPF book; tag2upload; PostmarketOS 25.06; Firefox 140.0; NLnet funding; Quotes; ...
• Announcements: Newsletters, conferences, security updates, patches, and more.

The NLnet Foundation has announced a new group of projects receiving funding through the Next Generation Internet (NGI) Zero Commons Fund.

Free and open source technologies, open standards, open hardware and open data help to strengthen the open web and the open internet. The projects selected by NLnet all contribute in their own way to this important goal, and will empower end users and the community at large on different layers of the stack. For example, there are people working a browser controlled ad hoc cellular network (Wsdr) which can be used to create small mobile networks where they are needed. The open hardware security key Nitrokey is aiming for formal certification of their implementation of the FIDO2 standard, and will be adding encrypted storage capabilities. There are also more applied technologies: the high end open hardware microscope OpenFlexure will enable among others e-health use cases such as telepathology, allowing medical professionals to work together to help people in more remote areas.

See the announcement for the full list of selected projects and the current projects page for other projects recently funded by NLnet.

Libxml2, an XML parser and toolkit, is an almost perfect example of the successes and failures of the open-source movement. In the 25 years since its first release, it has been widely adopted by open-source projects, for use in commercial software, and for government use. It also illustrates that while many organizations love using open-source software, far fewer have yet to see value in helping to sustain it. That has led libxml2's current maintainer to reject security embargoes and sparked a discussion about maintenance terms for free and open-source projects.

One of the biggest changes to come to the Python world is the addition of the free-threading interpreter, which eliminates the global interpreter lock (GIL) that kept the interpreter thread-safe, but also serialized multi-threaded Python code. Over the years, the GIL has been a source of complaints about the scalability of Python code using threads, so many developers have been looking forward to the change, which has been an experimental feature since Python 3.13 was released in October 2024. Making the free-threaded version work with the rest of the Python ecosystem, especially native extensions, is an ongoing effort, however; Nathan Goldbaum and Lysandros Nikolaou spoke at PyCon US 2025 about those efforts.

It took time and the writing of over 60 articles, but LWN's coverage from the 2025 Linux Storage, Filesystem, Memory-Management, and BPF Summit is now complete. We have also made an EPUB book (13MB) containing the full set of coverage available to all readers. This coverage constitutes the definitive guide to the challenges that these core-kernel communities are facing and their development plans for the coming year.

Documenting an event of this intensity at such a detailed level is not a small undertaking. We are grateful to the Linux Foundation for funding our travel to our event and, especially, to LWN's subscribers for making the whole thing possible. If you appreciate this type of coverage and have not yet subscribed, please sign up today to help make more of it possible.

Security updates have been issued by Debian (commons-beanutils, dcmtk, nginx, trafficserver, and xorg-server), Fedora (atuin, awatcher, dotnet8.0, firefox, glibc, gotify-desktop, keylime-agent-rust, libtpms, mirrorlist-server, qt6-qtbase, qt6-qtimageformats, udisks2, xorg-x11-server, and xorg-x11-server-Xwayland), Mageia (apache-mod_security, clamav, docker, python-django, tomcat, udisks2, and yarnpkg), Oracle (firefox, libblockdev, mod_auth_openidc, perl-FCGI, perl-YAML-LibYAML, tigervnc, and xorg-x11-server and xorg-x11-server-Xwayland), Slackware (libssh and mozilla), SUSE (gimp, gstreamer-plugins-good, icu, ignition, kernel, pam-config, perl-File-Find-Rule, python311, and webkit2gtk3), and Ubuntu (linux, linux-aws, linux-aws-6.8, linux-gke, linux-gkeop, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux, linux-gcp, linux-raspi, linux-realtime, linux-aws, linux-azure, linux-azure, linux-azure-6.8, linux-azure-5.15, linux-azure-fips, and linux-realtime).

Version 140.0 of the Firefox browser has been released. Changes include more control over vertical tabs, a dialog to add custom search engines, improvements to translation performance, and more.

Working on the kernel can be a challenging task but, for many, configuring a kernel build can be the largest obstacle to getting started. The kernel has thousands of configuration options; many of those, if set incorrectly, will result in a kernel that does not work on the target system. The key to helping users with complex configuration problems is to provide reasonable defaults but, in the kernel community, there is currently little consensus around what those defaults should be.