Feed aggregator

Vulnerabilities in open source software developed and used in-house by NASA could be exploited to breach their systems, claims Leon Juranić, security researcher and founder of cybersecurity startup ThreatLeap.

The post Vulnerabilities Found in NASA’s Open Source Software appeared first on Linux Today.

The latest Linux kernel brings expanded hardware support for MediaTek and Rockchip, enhanced graphics drivers, and more. Collabora played a key role in this release, with no less than 20 authored contributors!

The post Kernel 6.15: Divide and Conquer appeared first on Linux Today.

Built from the same sources as Red Hat Enterprise Linux and fully compatible with the Red Hat Enterprise Linux 10 release, AlmaLinux OS 10 introduces support for Simple Protocol for Independent Computing Environments (SPICE), a tech-preview of KVM virtualization support for the IBM Power architecture, Secure Boot support for ARM platforms, and support for frame pointers for diagnosing and optimizing your applications.

The post AlmaLinux OS 10 Released as a Free Alternative to Red Hat Enterprise Linux 10 appeared first on Linux Today.

The 6.16 kernel will include a number of changes to how the kernel handles the processing of core dumps for crashed processes. Christian Brauner explained his reasons for doing this work as: "Because I'm a clown and also I had it with all the CVEs because we provide a **** API for userspace". The handling of core dumps has indeed been a constant source of vulnerabilities; with luck, the 6.16 work will result in rather fewer of them in the future.

Security updates have been issued by AlmaLinux (go-toolset:rhel8, golang, nodejs:20, nodejs:22, openssh, and python36:3.6), Debian (edk2, libfile-find-rule-perl, and webkit2gtk), Fedora (emacs, libvpx, perl-FCGI, and seamonkey), Mageia (cifs-utils), Red Hat (containernetworking-plugins, go-toolset:rhel8, golang, gvisor-tap-vsock, krb5, mod_auth_openidc:2.3, protobuf, and thunderbird), Slackware (seamonkey), SUSE (gimp, gnutls, haproxy, opensaml, openssh, openvpn, python-cryptography, python-tornado, python311-nh3, and python311-selenium), and Ubuntu (gst-plugins-bad1.0 and linux-fips).

Version:next-20250606 (linux-next) Released:2025-06-06

Archman Linux is an Arch Linux-based distribution which features the Calamares system installer and a pre-configured desktop environment. Archman also features the Pamac package manager for easy installation of new software packages.

In a combined storage and filesystem session at the 2025 Linux Storage, Filesystem, Memory Management, and BPF Summit (LSFMM+BPF), Keith Busch led a discussion about zero-copy operations for the Filesystem in Userspace (FUSE) subsystem. The session was proposed by his colleague, David Wei, who could not make it to the summit, so Busch filled in, though he noted that "I do not really know FUSE so well". The idea is to eliminate data copies in the data path to and from the FUSE server in user space.

The European Union's Cyber Resilience Act (CRA) has caused a stir in the software-development world. Thanks to advocacy by the Eclipse Foundation, Open Source Initiative, Linux Foundation, Mozilla, and others, open-source software projects generally have minimal requirements under the CRA — but nothing to do with law is ever quite so simple. Marta Rybczyńska spoke at Linaro Connect 2025 about the impact of the CRA on the open-source ecosystem, with an emphasis on the importance of understanding a project's role under the CRA. She later participated in a panel discussion with Joakim Bech, Kate Stewart, and Mike Bursell about how the CRA would impact embedded open-source development.

Version 3.0 of the privacy-centric, open-source mobile operating system has been released. Notable changes in this release include improved privacy tools, a "find my device" feature, and more. LWN looked at /e/OS in March.

One of the more obscure features provided by Unix-domain sockets is the ability to pass a file descriptor from one process to another. This feature is often used to provide access to a specific file or network connection to a process running in a relatively unprivileged context. But what if the recipient doesn't want a new file descriptor? A feature added for the 6.16 release makes it possible to refuse that offer.

Security updates have been issued by Debian (chromium and mariadb-10.5), Oracle (firefox, ghostscript, git, go-toolset:ol8, golang, kernel, krb5, mingw-freetype and spice-client-win, nodejs:20, nodejs:22, perl-CPAN, python36:3.6, rsync, varnish, and varnish:6), Red Hat (firefox, thunderbird, and webkit2gtk3), Slackware (curl and python3), SUSE (apache-commons-beanutils, apache2-mod_security2, avahi, buildkit, ca-certificates-mozilla, cloud-regionsrv-client, cloud-regionsrv-client, python-toml, containerd, containerized-data-importer, cups, curl, dnsmasq, docker, elemental-operator, elemental-toolkit, expat, firefox, freetype2, gdk-pixbuf, git, glib2, glibc, gnuplot, gnutls, gpg2, gstreamer, gstreamer-plugins-base, gtk3, haproxy, helm, java-17-openjdk, java-1_8_0-openjdk, keepalived, kernel, kernel-firmware, krb5, kubevirt, less, libarchive, libcryptopp, libdb-4_8, libndp, libpcap, libsoup, libtasn1, libvirt, libX11, libxml2, libxslt, Mesa, mozilla-nss, nghttp2, nvidia-open-driver-G06-signed, opensc, openssh, openssl-3, openssl-3, libpulp, ulp-macros, orc, pam, pam_pkcs11, pam_u2f, patch, pcp, pcr-oracle, shim, perl-Crypt-OpenSSL-RSA, podman, postgresql16, procps, protobuf, python-dnspython, python-Jinja2, python-requests, python-setuptools, python-tornado6, python-urllib3, python311, python311, python-rpm-macros, qemu, rsync, runc, rust-keylime, selinux-policy, sevctl, skopeo, sssd, SUSE Manager Client Tools, systemd, thunderbird, tiff, tpm2.0-tools, tpm2-0-tss, u-boot, ucode-intel, unbound, util-linux, vim, wget, and wpa_supplicant), and Ubuntu (linux-nvidia, python-django, twitter-bootstrap3, twitter-bootstrap4, and wireshark).

WireGuard Easy 15.0, a web-based WireGuard VPN admin, lands with a full rewrite, introducing a sleek UI, IPv6 support, 2FA, CLI, and more.

The post WireGuard Easy v15 Launches with Full Rewrite appeared first on Linux Today.

Still powered by the Linux 6.14 kernel series, the CachyOS ISO snapshot for May 2025 features the latest KDE Plasma 6.3.5 desktop environment, which is accompanied by the latest KDE Gear 25.04.1 and KDE Frameworks 6.14 software suites, all built against the Qt 6.9 open-source application framework.

The post CachyOS ISO Snapshot for May 2025 Improves Support for Older NVIDIA GPUs appeared first on Linux Today.

Incus 6.13 is out with Windows agent support, major CLI enhancements, improved migration tools, and dozens of upgrades for containers, VMs, and storage.

The post Incus 6.13 Container & Virtual Machine Manager Released appeared first on Linux Today.

Navidrome 0.56, a self-hosted music server and streamer, launches with playlist cover art, security fixes, and major UI improvements.

The post Navidrome 0.56 Music Server & Streamer Brings Major Overhaul appeared first on Linux Today.

GStreamer 1.26.2 multimedia framework is out with security fixes, AV1 decoder boosts, and subtitle and playback improvements.

The post GStreamer 1.26.2 Lands with Security and Playback Fixes appeared first on Linux Today.

The yes command in Linux is often underrated, but it can be quite useful when combined with other tools in a pipeline. It automatically outputs a string repeatedly—by default, “y”—and this can be piped into commands that require user confirmation. This can be especially handy in testing, automation, or scripting. For example, when installing packages, you might use yes to bypass the confirmation prompt. For more on scripting and system setup, check out our guide on how to install Kernel 6.15 on Ubuntu.

However, it’s important to note that yes is not always the ideal solution. When available, it’s better to use the appropriate flags that make commands non-interactive (like -y or --assume-yes). This method is safer and more reliable, especially in production scripts. Blindly piping yes into commands can lead to unexpected consequences if those commands prompt for destructive actions. For more efficient scripting practices, explore tools like grep tricks for ps or understanding symbolic and hard links in Linux and Unix.

The post Understanding the Linux yes Command and When to Use It appeared first on Linux Today.

Only six months after reaching Vulkan 1.1 conformance, the PanVK open-source graphics driver for ARM Mali GPUs is now officially conformant with the Vulkan 1.2 specification on Mali-G610 GPUs. With that crossed from the list, Collabora is now working on updating PanVK’s Vulkan specification to Vulkan 1.3 and 1.4.

The post PanVK Open-Source Vulkan Driver for ARM Mali GPUs Is Now Vulkan 1.2 Conformant appeared first on Linux Today.

The biggest selling point of the TUXEDO Stellaris 16 Gen7 laptop is its 1000 nits HDR (High Dynamic Range) mini-LED matte display with 2560×1600 resolution, 100% sRGB, 16:10 aspect ratio, and extremely fast 300 Hz refresh rates. The new display is paired with up to an NVIDIA GeForce RTX 5090 24GB GDDR7 graphics card.

The post TUXEDO Stellaris 16 Gen7 Linux Laptop Unveiled with 128 GB RAM, HDR Display appeared first on Linux Today.