LWN.net

Inside this week's LWN.net Weekly Edition:

• Front: State of Fedora; mTHP creation; overlayfs; buffer-heads cleanup; 7.1 statistics.
• Briefs: curl summer of bliss; 7.1 kernel; AUR compromise; Fedora election; FairScan 2.0; Firefox 152.0; Homebrew 6.0.0; KDE Plasma 6.7; LWN topic list; Quotes; ...
• Announcements: Newsletters, conferences, security updates, patches, and more.

The results are in for Fedora's F44 election cycle for seats on the Fedora Council, Fedora Engineering Steering Committee, Fedora Mindshare Committee, and EPEL Steering Committee.

Miro Hrončok and Aleksandra Fedorova have won seats on the council. Neal Gompa, Fabio Valentini, Michel Lind, Maxwell G, and Simon de Vlieger have been elected to FESCo. Samyak Jain, Akashdeep Dhar, Luis Bazan, and Mat Holmes have all been elected to the Mindshare Committee. The four candidates for the EPEL committee, Carl George, Diego Hererra, Jonathan Wright, and Troy Dawson were all automatically elected as there were an equal number of candidates and seats open. Congratulations to all the winners.

The Python Software Foundation blog has a post with a summary of the security-related content at PyCon US 2026 with links to slides from important sessions. The recordings will be published to the PyCon US channel on YouTube, and the post will be updated with links to those videos as they are made available.

Jan Kara has been working on cleaning up how buffer heads are used by some kernel filesystems. In a short filesystem-track session at the 2026 Linux Storage, Filesystem, Memory Management, and BPF Summit, he gave an update on that work and where it is headed. Topics included generic infrastructure to track buffer heads for metadata, a buffer-head cleanup for the Amiga filesystem, and some planned locking fixes.

Version 2.0 of the FairScan document-scanning app for Android has been released. The headline feature for this release is the addition of optical-character-recognition (OCR) support using Tesseract to produce PDFs with searchable text from scans. FairScan developer Pierre-Yves Nicolas has written a detailed blog about adding the feature and explaining why it had not been added previously.

That looks nice, so why didn't FairScan have it before? That's because FairScan wasn't ready for it: I wouldn't be comfortable if FairScan was giving you wrong text half of the time. To get good results from an OCR engine, you need to provide it a readable image. If it's hard to read for a human, it's certainly also hard to read for an OCR engine.

Over the past year, I worked on different parts of FairScan's automatic processing to transform photos of documents into PDFs that are easy for humans to read:

• document detection
• perspective correction
• shadow reduction
• brightness and contrast enhancement

All this work on image processing helped FairScan produce clean PDFs and can now also contribute to making text recognition effective.

FairScan is available via Google Play or F-Droid.

Security updates have been issued by AlmaLinux (hplip, kernel, kernel-rt, libpng12, libpng15, libxml2, libxslt, mysql:8.0, mysql:8.4, opencryptoki, openssl, postfix, postgresql:15, rsync, and webkit2gtk3), Debian (asterisk, atril, gsasl, and libreoffice), Fedora (ack, bird, chromium, firefox, ldns, librabbitmq, nextcloud, nss, openslide, perl-Protocol-HTTP2, tig, vorbis-tools, and xen), Mageia (coturn, log4cxx, and python-tornado), SUSE (389-ds, buildah, container-suseconnect, distribution, editorconfig-core-c, elemental-system-agent, glib-networking, google-guest-agent, google-osconfig-agent, kernel, libcaca, libXpm, opensc, openssl-3, openvswitch, perl-Crypt-PBKDF2, python-python-dotenv, python311-aiosmtplib, python311-zeroconf, runc, shim, and sqlite3), and Ubuntu (ca-certificates, keystone, librabbitmq, linux, linux-aws, linux-kvm, linux-aws-hwe, linux-azure, linux-gcp, linux-hwe, linux-oracle, linux-azure, linux-azure, linux-gcp, linux-hwe, linux-oracle, linux-azure-6.8, linux-oracle-5.15, nova, openimageio, qemu, and squid).

Part of running LWN is keeping a list of potentially interesting topics that may merit the effort to turn into articles. As an experiment, we are now exposing that list to our subscribers at the Project Leader and Supporter levels. The hope is that this list will provide useful insights into what is on our radar and which might be coming to LWN in the near future.

With this feature, we hope to give our most committed subscribers a look behind the curtain and the ability to provide input on the topics they are most interested in reading about. There, is, thus, a simple voting mechanism built into this list. No topic will be chosen (or rejected) solely on the basis of votes; there are a lot of considerations that go into topic selection, and that will not change. But more information about where our readers' interests lie will, hopefully, be helpful.

For all readers: we are always happy to welcome topic suggestions sent to lwn@lwn.net.

On June 15 at Fedora's Flock conference, held in Prague, Fedora Project Leader (FPL) Jef Spaleta delivered a short "State of Fedora" keynote that provided a bit of insight into the status of the project. Topics included the overall growth for Fedora usage, ways to increase contributions, and an alarming decline in the number of active packagers working on the project.

Version 152.0 of the Firefox web browser has been released. Notable changes in this release include a brand-new look for the Firefox Settings interface, the ability to disable tracker blocking in private browsing tabs, a feature to mute browser sound from the address bar, experimental support for the JPEG XL image format, and more.

Version 6.7 of KDE's Plasma desktop has been released. Notable changes in this release include per-screen virtual desktops, faster desktop switching, introduction of the Union theming system as a tech preview, as well as many other improvements and bug fixes. The release is dedicated to Eric Laffoon, a longtime KDE supporter, who passed away in May.

See the KDE wiki for a full list of new features, and the Changelog for a list of all commits in this release.

Security updates have been issued by AlmaLinux (mod_http2, postfix, and webkit2gtk3), Debian (bird2, libgd-perl, and libreoffice), Fedora (7zip, ack, hugo, and perl-Mojo-JWT), Mageia (atril, evince, xreader, emacs, lcms2, libgcrypt, libinput, libsndfile, putty, and sudo), Red Hat (openssl and osbuild-composer), SUSE (cheat, chromedriver, containerized-data-importer, cyrus-imapd, freeipmi, graphicsmagick, java-11-openj9, java-17-openj9, kitty, kubevirt, kubevirt-1.6, libcaca, libopenssl-3-devel, librav1e0_8, neonmodem, opensc, openssh, openssl-1_0_0, openssl-1_1, openssl-3, perl-HTTP-Daemon, perl-XML-LibXML, python-python-dotenv, python311-paramiko, python311-PyJWT, python311-starlette, python311-tornado6, qemu, restic, and trivy), and Ubuntu (adsys, cups, fastnetmon, freerdp2, freerdp3, mesa, nginx, rsync, ruby2.3, ruby2.5, and tmux).

Linus Torvalds released the 7.1 kernel as expected on June 14. This development cycle brought in a lot of new features — and a lot of new developers as well. The time has come for our traditional look at where the changes in 7.1 came from, with a digression into how our community may be changing in general.

Daniel Stenberg has announced that curl will not be accepting vulnerability reports from July 1 through August 3, unless the submitter has a paid support contract. He is calling it the "curl summer of bliss".

As previously mentioned, we have been under a huge pressure for the last four months or so. Now we need some rest. We do not expect this deluge to be over.

[...] If you and your Open Source projects also want to participate in the summer of bliss 2026: just do it and let us know! I would of course encourage you to do so. To take care of yourself as a top priority.

The project's issue and pull-request trackers on GitHub will remain open. The planned release date for curl 8.22.0 has been pushed back two weeks to September 2, 2026.

Security updates have been issued by AlmaLinux (.NET 9.0), Debian (apache2, chromium, jpeg-xl, librabbitmq, and openssl), Fedora (apptainer, bind9-next, chezmoi, chromium, collectd, composer, dnsdist, gh, python-django5, python-python-multipart, varnish, varnish-modules, vmod-querystring, vmod-uuid, weasyprint, and xorg-x11-server-Xwayland), Mageia (cups, expat, libpng, libssh, memcached, nghttp2, openimageio, packages, proftpd, and radare2), Oracle (.NET 10.0, .NET 8.0, .NET 9.0, and firefox), Red Hat (postfix and valkey), and SUSE (afl, alloy, ansible-core, apache-pdfbox, chromedriver, chromium, cpp-httplib-devel, dpkg, elemental-operator, elemental-toolkit, enc, erlang, ffmpeg-7, firewalld, git-bug, golang-github-prometheus-prometheus, grafana, GraphicsMagick, graphite2, kernel, kernel-devel, lcms2, ldns, libsoup, libyang, libzypp, logback, mariadb, NetworkManager, openssh, openvswitch, perl-GD, perl-XML-LibXML, polkit, postgresql-jdbc, postgresql18, python, python-django, python-M2Crypto-doc, python-Pygments, python-pygments, python-requests, python313-Django6, qemu, rpcbind, samba, strongswan, tmux, uriparser, and xdg-dbus-proxy).

Linus has released the 7.1 kernel. "So it's only Sunday morning back home, but it's Sunday afternoon where I am right now, so I'm doing the 7.1 release at the regular time - just not in the regular timezone."

Significant changes in 7.1 include the removal of support for some old 486-based architectures, some new clone() flags making process management easier, BPF support for io_uring, zero-copy-I/O support for the ublk user-space block driver, initial (incomplete) sub-scheduler support in sched_ext, more swapping improvements, a completely rewritten NTFS implementation, and much more. See the LWN merge-window summaries (part 1, part 2) for details.