Feed aggregator

VirtualBox 7.0.16 adds support for Linux kernel 6.9, addresses UBSAN warnings, updates Windows guest additions, and more.

The post VirtualBox 7.0.16 Launches With Numerous Fixes and Enhancements appeared first on Linux Today.

PuTTY’s security flaw (CVE2024-31497) in ECDSA P521 keys risks private data exposure. Urgent update is needed.

The post High-Priority PuTTY Vulnerability Threatens Server Access Security appeared first on Linux Today.

The 6.8.7, 6.6.28, 6.1.87, and 5.15.156 stable kernel updates have all been released.

Security updates have been issued by Debian (apache2 and cockpit), Fedora (firefox, kernel, mbedtls, python-cbor2, wireshark, and yyjson), Mageia (nghttp2), Red Hat (kernel, kernel-rt, opencryptoki, pcs, shim, squid, and squid:4), Slackware (firefox), SUSE (emacs, firefox, and kernel), and Ubuntu (linux-aws, linux-aws-5.15, linux-aws-6.5, linux-raspi, and linux-iot).

Version:6.8.7 (stable) Released:2024-04-17 Source:linux-6.8.7.tar.xz PGP Signature:linux-6.8.7.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.8.7

Version:6.6.28 (longterm) Released:2024-04-17 Source:linux-6.6.28.tar.xz PGP Signature:linux-6.6.28.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.6.28

Version:6.1.87 (longterm) Released:2024-04-17 Source:linux-6.1.87.tar.xz PGP Signature:linux-6.1.87.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.1.87

Version:5.15.156 (longterm) Released:2024-04-17 Source:linux-5.15.156.tar.xz PGP Signature:linux-5.15.156.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-5.15.156

Version:next-20240417 (linux-next) Released:2024-04-17

The new FFmpeg 7.0 major release brings parallel processing, MPEG-5 EVC support, and more.

The post FFmpeg 7.0 “Dijkstra”: Best New Features appeared first on Linux Today.

KDE Plasma 6.0.4 rolls out, packed with new translations and minor but crucial bug fixes. Here’s more on that!

The post KDE Plasma 6.0.4 April’s Bugfix Release Is Here appeared first on Linux Today.

Introduced a few days back in a very low-key manner, APT 2.9 (unstable) was released with an updated user interface that now sports colors, displays information in padded columns, and an organized package removals list.

The post Finally! The New UI for APT Adds a Splash of Color to Improve Readability appeared first on Linux Today.

The recent XZ backdoor has sparked a lot of discussion about how the open-source community links and packages software. One possible security improvement being discussed is changing how projects like systemd link to dynamic libraries that are only used for optional functionality: using dlopen() to load those libraries only when required. This could shrink the attack surface exposed by dependencies, but the approach is not without downsides — most prominently, it makes discovering which dynamic libraries a program depends on harder. On April 11, Lennart Poettering proposed one way to eliminate that problem in a systemd RFC on GitHub.

Highlights of the Calamares 3.3.6 release include improvements for systems using the Plymouth splash screen by adding the “splash” parameter to kernel parameters during the bootloader installation. It also adds support for using plymouth-set-default-theme to avoid issues with your Plymouth configuration.

The post Calamares 3.3.6 Linux Installer Improves Support for Plymouth Splash Screens appeared first on Linux Today.

Fedora 40 Beta was released on March 26, and the final release is nearing completion. So far, the release is coming together nicely with major updates for GNOME, KDE Plasma, and the usual cavalcade of smaller updates and enhancements. As part of the release, the project also scuttled Delta RPMs and OpenSSL 1.1.

Version 0.81 of the PuTTY SSH client is out with a fix for CVE-2024-31497; some users will want to update and generate new keys:

PuTTY 0.81, released today, fixes a critical vulnerability CVE-2024-31497 in the use of 521-bit ECDSA keys (ecdsa-sha2-nistp521). If you have used a 521-bit ECDSA private key with any previous version of PuTTY, consider the private key compromised: remove the public key from authorized_keys files, and generate a new key pair.

However, this only affects that one algorithm and key size. No other size of ECDSA key is affected, and no other key type is affected.

While Mozilla is still working on releasing Firefox 125, which was delayed due to a last-minute blocker bug, they’ve already promoted the next major release, Firefox 126, to the beta channel for public testing.

The post Firefox 126 Enters Beta Testing with a Revamped Dialog for Clearing User Data appeared first on Linux Today.

Security updates have been issued by Debian (php7.4 and php8.2), Fedora (c-ares), Mageia (python-pillow and upx), Oracle (bind and dhcp, bind9.16, httpd:2.4/mod_http2, kernel, rear, and unbound), SUSE (eclipse, maven-surefire, tycho, emacs, kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t, nodejs16, nodejs18, nodejs20, texlive, vim, webkit2gtk3, and xen), and Ubuntu (gnutls28, klibc, libvirt, nodejs, and webkit2gtk).

Version:next-20240416 (linux-next) Released:2024-04-16

A new file chooser portal is under works for GNOME, which might replace the GTK file chooser in the future.

The post GNOME Plans for A New File Chooser Dialog appeared first on Linux Today.