The disclosure of the Spectre class of hardware vulnerabilities created a lot of pain for kernel developers (and many others). That pain was especially acutely felt in the BPF community. While an attacker might have to painfully search the kernel code base for exploitable code, an attacker using BPF can simply write and load their own speculation gadgets, which is a much more efficient way of operating. The BPF community reacted by, among other things, disallowing the loading of programs that may include speculation gadgets. Luis Gerhorst would like to change that situation with this patch series that takes a more direct approach to the problem.

The 6.12.27 and 6.1.137 stable kernels have been released to fix build problems in their predecessors. Only those who are having build troubles with 6.12.26 or 6.1.136 need to upgrade.

Linus has released 6.15-rc5 for testing. "So it all feels like things are just continuing to go well this release. Let's hope I didn't jinx it by saying so."

At the 2025 Linux Storage, Filesystem, Memory Management, and BPF Summit (LSFMM+BPF) Kanchan Joshi and Keith Busch led a combined storage and filesystem session on data placement, which concerns how the data on a storage device is actually written. In a discussion that hearkened back to previous summits, the idea is to give hints to enterprise-class SSDs to help them make better choices on where the data should go; hinting was most recently discussed at the summit in 2023. If SSDs can group data with similar lifetimes together, it can lead to longer life for the devices, but there is a need to work out the details.

The 6.14.5, 6.12.26, 6.6.89, 6.1.136, 5.15.181, 5.10.237, and 5.4.293 stable kernel updates have all been released; each contains another set of important fixes.

After a somewhat tumultuous switch to the Server Side Public License (SSPL) in March 2024, Redis has backtracked and is now offering Redis under the Affero GPLv3 (AGPLv3) starting with Redis 8, CEO Rowan Trollope announced. The change back to an open-source license was led by Redis creator Salvatore "antirez" Sanfillipo, who also contributed the new Vector Sets feature for the release. He said:

I'll be honest: I truly wanted the code I wrote for the new Vector Sets data type to be released under an open source license. Writing open source software is too rooted in me: I rarely wrote anything else in my career. I'm too old to start now. This may be childish, but I wrote Vector Sets with a huge amount of enthusiasm exactly because I knew Redis (and my new work) was going to be open source again.

I understand that the core of our work is to improve Redis, to continue building a good system, useful, simple, able to change with the requirements of the software stack. Yet, returning back to an open source license is the basis for such efforts to be coherent with the Redis project, to be accepted by the user base, and to contribute to a human collective effort that is larger than any single company. So, honestly, while I can't take credit for the license switch, I hope I contributed a little bit to it, because today I'm happy. I'm happy that Redis is open source software again, under the terms of the AGPLv3 license.

Since last year's license switch, though, the Valkey project has sprung up as a fork under the original 3-clause BSD license.

The Document Foundation is celebrating the 20th anniversary of the ratification of the Open Document Format (ODF) as an OASIS standard.

Two decades after its approval in 2005, ODF is the only open standard for office documents, promoting digital independence, interoperability and content transparency worldwide. [...]

To celebrate this milestone, from today The Document Foundation will be publishing a series of presentations and documents on its blog that illustrate the unique features of ODF, tracing its history from the development and standardisation process through the activities of the Technical Committee for the submission of version 1.3 to ISO and the standardisation of version 1.4.

The out-of-memory (OOM) killer has long been a scary and controversial part of the Linux kernel. It is summoned from some dark place when the system as a whole (or, more recently, any given control group) is running so low on memory that further allocations are not possible; its job is to kill off processes until a sufficient amount of memory has been freed. Roman Gushchin has found a way to make the OOM killer even scarier: adding the ability to load custom OOM killers in BPF.

Inside this week's LWN.net Weekly Edition:

• Front: Mailman 2 vulnerabilities; AI in Debian; __nonstring__; Cache-aware scheduling; Freezing filesystems; Socket-level storage; Debugging information; LWN in 2025.
• Briefs: Debian election; Kali Linux key; OpenBSD 7.7; Firefox 138.0; GCC 15.1; Meson 1.8.0; Valgrind 3.25.0; FSF review; OSI retrospective; Mastodon; Quotes; ...
• Announcements: Newsletters, conferences, security updates, patches, and more.

Lance Albertson writes that the Oregon State University Open Source Lab, the home of many prominent free-software projects over the years, has run into financial trouble:

I am writing to inform you about a critical and time-sensitive situation facing the Open Source Lab. Over the past several years, we have been operating at a deficit due to a decline in corporate donations. While OSU's College of Engineering (CoE) has generously filled this gap, recent changes in university funding have led to a significant reduction in CoE's budget. As a result, our current funding model is no longer sustainable and CoE needs to find ways to cut programs.

Earlier this week, I was informed that unless we secure $250,000 in committed funds, the OSL will be forced to shut down later this year.