Canonicalโs Snap Store will be shutting down for database maintenance this weekend, meaning users wonโt be able to install or update snap software until itโs back online. The planned downtime starts on Sunday, 5 July 2026 at 22:00 UTC and is expected to last for four hours, coming back online on Monday, 6 July at 02:00 UTC. During the maintenance you will not be able to install or update snaps. If thereโs a snap app youโve been wanting to try, or your IoT or core device runs automated tasks during the affected window, youโll need to plan accordingly To make [โฆ]
The GNU Guix project has announced three vulnerabilities in the guix substitute utility as well as a fourth that affects the guix pull and guix time-machine commands. The impact of the vulnerabilities ranges from remote-privilege escalation to local disclosure of sensitive files. The remote exploitation of guix substitute only requires that the vulnerable system attempt to download a binary substitute. Any configured substitute server, including ones discovered using guix-daemon's --discover option, can exploit this, and so can a man-in-the-middle (MITM), regardless of whether https is used in the substitute server urls. The local exploitation of guix substitute only requires the ability to connect to guix-daemon's socket, which by default any user can do. Separately, another security issue (CVE ID pending) was identified in guix pull and guix time-machine, which enables anyone who can control the channels file used by these commands to cause a file to be created or overwritten whereve
A number of problems related to negative directory entries (dentries) were the topic of a filesystem-track session at the 2026 Linux Storage, Filesystem, Memory Management, and BPF Summit. Negative dentries are used to indicate that a file of a given name does not exist in a directory; it is an optimization that short-circuits the lookup of the file name when the answer is already known. Miklos Szeredi led a session that discussed some problems that come from having too many negative dentries for a directory.
Vulkan 1.4.356 is out today and it's interesting for the lone new extension debuting: VK_EXT_shader_ocp_microscaling_types. The VK_EXT_shader_ocp_microscaling_types is for enabling the Open Compute Project's Microscaling MX data types to help with machine learning workloads with Vulkan...
With 3mdeb's Dasharo port of AMD openSIL and Coreboot running on the Gigabyte EPYC motherboard, 3mdeb engineers have been devoting more time to their bring-up of Coreboot+openSIL on the MSI PRO B850-P consumer motherboard for desktop AMD Ryzen. They now even have Microsoft Windows 11 working atop this open-source firmware alternative along with other features implemented...
ClamAV 1.5.3 open-source antivirus engine released with fixes for multiple security vulnerabilities affecting file parsing, archive scanning, and executable unpacking.
While the Rust Coreutils offers better memory safety than GNU Coreutils due to being written in the Rust programming language, subtle incompatibilities continue to be spotted in the Rust Coreutils implementations of the different commands. The latest coming to light this week was the Rust Coreutils cp command breaking Ubuntu image builds due to differences in argument handling...
On Thursday Intel sent out their first batch of Intel kernel graphics driver changes of new feature material targeting the Linux 7.3 kernel. This first batch of drm-intel-next for v7.3 continues to focus heavily on lining up Nova Lake's Xe3P integrated graphics/display support...
NVIDIA's latest Linux kernel mailing list patches are for providing the Device Tree for the baseboard management controller (BMC) of their Vera Rubin VR-NVL server platform. With the Linux kernel patches and also for U-Boot, it's part of the upstreaming effort for supporting the open-source OpenBMC software on their latest hardware...
Some post-merge-window code changes merged overnight ahead of Linux 7.2-rc2 this weekend is hardening the kernel's BPF code against JIT spraying attacks...