The effort to ensure that open-source software is reproducible has been gathering steam over the years, and gaining traction with major Linux distributions. Debian, for example, has been working toward reproducible builds for more than a decade; it can now produce official live CDs of the current stable release that are reproducible. Fedora started on the path much later, but it has progressed far enough that the project is now considering a change proposal for the Fedora 43 development cycle, expected to be released in October, with a goal of making 99% of Fedora's package builds reproducible. So far, reaction to the proposal seems favorable and focused primarily on how to achieve the goal—with minimal pain for packagers—rather than whether to attempt it.
[Read more](https://lwn.net/Articles/1014979/) ## Security updates for Monday **Category:** Linux **Tags:** General **Published:** Mon, 31 Mar 2025 13:58:26 +0000 **TL;DR:** Here is a summary of the text in 2 sentences: Multiple Linux distributions (Debian, Fedora, Red Hat, SUSE, and Ubuntu) have issued security updates for various packages to patch vulnerabilities. The affected packages include microcode, libraries, and applications, with some distributions having multiple packages updated simultaneously. Security updates have been issued by Debian (amd64-microcode, flatpak, intel-microcode, libdata-entropy-perl, librabbitmq, and vim), Fedora (augeas, containerd, crosswords-puzzle-sets-xword-dl, libssh2, libxml2, nodejs-nodemon, and webkitgtk), Red Hat (libreoffice and python-jinja2), SUSE (389-ds, apparmor, corosync, docker, docker-stable, erlang26, exim, ffmpeg-4, govulncheck-vulndb, istioctl, matrix-synapse, mercurial, openvpn, python3, rke2, and skopeo), and Ubuntu (ansible, linux, linux-hwe-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-ibm, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp, linux-azure-fips, linux-gcp-fips, linux-fips, linux-fips, linux-aws-fips, linux-azure-fips, linux-gcp-fips, linux-nvidia-tegra, linux-nvidia-tegra-igx, linux-realtime, linux-intel-iot-realtime, linux-xilinx-zynqmp, opensc, and ruby-doorkeeper). [Read more](https://lwn.net/Articles/1015968/) ## Four stable kernel updates **Category:** Linux **Tags:** Linux **Published:** Sat, 29 Mar 2025 14:57:12 +0000 **TL;DR:** Here is a 2-sentence summary: Greg Kroah-Hartman announced the release of four stable kernels on March 28: 6.13.9, 6.12.21, 6.6.85, and 6.1.132. Users are advised to upgrade to these new versions for security and stability reasons.Greg Kroah-Hartman announced the release of four stable kernels on March 28: 6.13.9, 6.12.21, 6.6.85, and 6.1.132. Users are advised to upgrade.
[Read more](https://lwn.net/Articles/1015834/) ## Edmundson: a modern Plasma Login Manager **Category:** Linux **Tags:** General **Published:** Fri, 28 Mar 2025 20:17:16 +0000 **TL;DR:** Here is a summary of the text in 2 sentences: KDE contributor David Edmundson has published a blog post outlining plans to replace SDDM with a new Plasma Login Manager, aimed at improving the login experience for KDE users. The proposal includes creating a multi-process greeter that uses the same startup mechanism as the desktop session and is currently being discussed on the plasma-devel mailing list.KDE contributor David Edmundson has published a blog post about improving KDE Plasma's login experience by replacing SDDM with a new Plasma Login Manager.
It's worth stressing nothing is official or set in stone yet, whilst it has come up in previous Plasma online meetings and in the 2023 Akademy. I'm posting this whilst starting a more official discussion on the plasma-devel mailing list.
Oliver Beard and I have made a new mutli-process greeter, that uses the same startup mechanism as the desktop session. It doesn't have all the features that we propose at the start of the blog, but an architecture where features and services can be slowly and safely added.
That discussion is here for those who would like to follow along. The prototype is currently in two repositories: plasma-login for the frontend work, and plasma-login-manager, which is a fork of SDDM.
[Read more](https://lwn.net/Articles/1015763/) ## [$] Making the OpenWrt One **Category:** Linux **Tags:** General **Published:** Fri, 28 Mar 2025 16:31:36 +0000 **TL;DR:** Here is a summary of the text in 2 sentences: At SCALE 22x, Denver Gingerich, director of compliance at the Software Freedom Conservancy (SFC), gave a keynote about a router and its significance. The OpenWrt One router, based on firmware from the OpenWrt project, was highlighted as an example of SFC's work in promoting open-source software through GPL-enforcement activities. In a keynote on the final day of SCALE 22x, Denver Gingerich said that he wanted to talk "a little bit about a router and also the big picture around that router". Gingerich is the director of compliance at the Software Freedom Conservancy (SFC), which is the organization behind the OpenWrt One router that LWN looked at back in November. The router is, of course, based on firmware from the OpenWrt project, which got its start because of GPL-enforcement activities and is a member project at the SFC. [Read more](https://lwn.net/Articles/1014998/)