Stable kernels for Friday the 13th
Greg Kroah-Hartman has announced the release of the 6.19.8, 6.18.18, and 6.12.77 stable kernels. Each of these kernels includes a number of important fixes; users are advised to upgrade.
Latest Linux and open source news from around the web
Greg Kroah-Hartman has announced the release of the 6.19.8, 6.18.18, and 6.12.77 stable kernels. Each of these kernels includes a number of important fixes; users are advised to upgrade.
These powerful computers ruled technical tasks in the '80s and '90s. Can you still find one today?
Raspberry Pi users might be even happier.
SCALE 23x took place March 6β8, 2026 in Pasadena,California, bringing together the North American open source community for one of the regionβs largest community-driven Linux conferences. The event featured dozens of sessions covering Linux system administration, security, containerization, community governance, ... Read more The post LPI at SCALE 23x 2026: Certifications & Community! appeared first on Linux Professional Institute (LPI).
The KDE project has announced KIO S3, which provides direct access to Amazon S3 and S3-compatible storage within KDE applications through the KIO framework.
But these mistakes are also easy to fix.
Reddit user "Ok_Lingonberry3296" has posted the results of an extensive investigation into the companies that are pushing US state legislatures to enact age-verification bills. I've been pulling public records on the wave of "age verification" bills moving through US state legislatures. IRS 990 filings, Senate lobbying disclosures, state ethics databases, campaign finance records, corporate registries, WHOIS lookups, Wayback Machine archives. What started as curiosity about who was pushing these bills turned into documenting a coordinated influence operation that, from a privacy standpoint, is building surveillance infrastructure at the operating system level while the company behind it faces zero new requirements for its own platforms. (See also this article for a look at the California law.)
Qualys has sent out a somewhat breathless advisory describing a number of vulnerabilities in the AppArmor security module, which is used in a number of Debian-based distributions (among others). This "CrackArmor" advisory exposes a confused-deputy flaw allowing unprivileged users to manipulate security profiles via pseudo-files, bypass user-namespace restrictions, and execute arbitrary code within the kernel. These flaws facilitate local privilege escalation to root through complex interactions with tools like Sudo and Postfix, alongside denial-of-service attacks via stack exhaustion and Kernel Address Space Layout Randomization (KASLR) bypasses via out-of-bounds reads.
In 2019, researchers published a way to identify which file-backed pages were being accessed on a system using timing information from the page cache, leading to a handful of unpleasant consequences and a change to the design of the mincore() system call. Discussion at the time led to a number of ad-hoc patches to address the problem. The lack of new page-cache attacks suggested that attempts to fix things in a piecemeal fashion had succeeded. Now, however, Sudheendra Raghav Neela, Jonas Juffinger, Lukas Maar, and Daniel Gruss have found a new set of holes in the Linux kernel's page-cache-timing protections that allow the same general class of attack.
While the Linux support for Intel Core Ultra Series 3 Panther Lake is largely in good shape as shown in my numerous articles over the past month and a half, there are occasional missing remnants landing in the kernel. As the latest example, or the upcoming Linux 7.1 kernel, the unified Panther Lake C-States table is being added for the Intel Idle driver...
Security updates have been issued by Debian (chromium, kernel, and multipart), Fedora (dnf5, dr_libs, easyrpg-player, libmaxminddb, python3.12, strongswan, task, and udisks2), Oracle (.NET 10.0, .NET 8.0, .NET 9.0, gnutls, ImageMagick, kernel, libvpx, mingw-libpng, nginx:1.26, python3.11, and uek-kernel), Red Hat (delve, git-lfs, mingw-libpng, osbuild-composer, and rhc-worker-playbook), SUSE (cjson, curl, dnsdist, libsoup2, postgresql16, postgresql17, postgresql18, python-lxml_html_clean, python-pypdf2, python36, and thunderbird), and Ubuntu (dotnet8, dotnet9, dotnet10, freetype, golang-github-go-git-go-git, golang-golang-x-net, openssh, python-cryptography, sudo, and util-linux).
Wondering if Linux has AI companions that are as accessible, capable, and easy to use as Microsoft Copilot? Try these AI alternatives for Linux.
Krita developers outline their 2026 roadmap, focusing on a mobile-friendly interface, faster performance, improved color management, and a potential new file format.
After going through five rounds of review under a Request For Comments (RFC) flag, today the latest round of Kernel API Specification Framework patches were sent out with the RFC flag removed...
These distros took big risks and lost.