Tux Machines

Do you waddle the waddle?

Other Sites

Tor Project blog

New Release: Tor Browser 14.0.6

This version includes a fix to the crash issue found on older versions of macOS.

Arti 1.4.0 is released: onion services, RPC, relay development, and more

This release offers a new RPC interface, which is Arti's replacement for C Tor's control port with many improvements.

New Release: Tails 6.12

These vulnerabilities can only be exploited by a powerful attacker who has already exploited another vulnerability to take control of an application in Tails.

9to5Linux

Calibre 7.25 Adds Support for Importing KFX Files from 2024 Kindle Devices via MTP

Highlights of Calibre 7.25 include support for importing KFX files from 2024 Kindle devices that use the MTP protocol and a new option to adjust the size of the link and note icons in Book details, which you can access from Preferences > Look & feel > Book details.

KDE Gear 24.12.2 Improves Dolphin, Itinerary, Tokodon, and Many Other KDE Apps

Coming almost a month after the KDE Gear 24.12.1 point release, KDE Gear 24.12.2 is here to fix a regression in the Dolphin file manager on X11 that caused the keyboard focus to move to the Places or Terminal panels when Dolphin was minimized and then unminimized.

LibreOffice 25.2 Open-Source Office Suite Officially Released, This Is What’s New

LibreOffice 25.2 introduces a new privacy feature that removes all personal information associated with any document, such as author names and timestamps, editing time, printer name and configuration, document template, author and date for comments, and tracked changes.

Tails 6.12 Anonymous OS Fixes Security Issues in Tor Circuits, Persistent Storage

Tails 6.12 is here almost a month after Tails 6.11 to address several critical security vulnerabilities that have been discovered and disclosed by a group of security researchers from Radically Open Security, a non-profit computer security consultancy company.

LinuxGizmos.com

Axon Platform Featuring RockChip RK3588S and Support for LLM Frameworks

The Axon platform, powered by the RockChip RK3588S processor, combines an 8-core CPU and an NPU delivering up to 6 TOPS of AI performance. Designed for advanced computing tasks, it supports various LLMs, including Llama, Qwen, and DeepSeek, with benchmarks showcasing performance for AI workloads.

SECO Introduces New Intel-Based Embedded Solutions at Embedded World 2025

SECO will unveil its latest embedded computing solutions at Embedded World 2025, featuring Twin Lake and Arrow Lake architectures. The lineup targets industrial, medical, and AI-driven applications, focusing on performance, scalability, and efficiency.

A bug that was 23 years old or not

posted by Roy Schestowitz on Sep 05, 2022

The vulnerable code has been in curl versions since version 4.9 which makes it exactly 8,729 days (23.9 years) until the shipped version 7.85.0 that fixed it. It also means that we introduced the bug on project day 201 and fixed it on day 8,930.

The code was not problematic when it shipped and it was not problematic during a huge portion of the time it has been used by a large amount of users.

It become problematic when HTTP servers started to refuse HTTP requests they suspected could be malicious. The way this code turned into a denial of service was therefore more or less just collateral damage. An unfortunate side effect.

Maybe the bug was born first when RFC 6265 was published. Maybe it was born when the first widely used HTTP server started to reject these requests.

Read on

Also: 3 things to know about planning for OTA updates in your homelab | Opensource.com

Other Recent Tux Machines' Posts

OpenWrt 24.10 Brings Kernel 6.6 and Initial WiFi 7 Support
OpenWrt 24.10 open-source router firmware debuts with initial WiFi7 support
LibreOffice 25.2 Open-Source Office Suite Officially Released, This Is What’s New
The Document Foundation released today LibreOffice 25.2 as the latest stable version of this popular, powerful, open-source, free, and cross-platform office suite for GNU/Linux.
I Tried the Ghostty Terminal on Linux. Does It Live Up to Its Hype?
The Ghostty terminal has created some noise in the Linux community
 
today's leftovers
Games, KDE, and more
Free, Libre, and Open Source Software Leftovers
FOSS picks
Distributions and Operating Systems: BSD and More
BSDs and GNU/Linux
Applications: CLI Tools, Docker Desktop 4.38, GTK, pgexporter 0.6
Application news
WAL-G 3.0.5 and pgAdmin 4 v9.0 Released
psql releases
today's howtos
3 howtos only
Events: ShinyConf and FOSDEM Coverage
3 stories
Security Leftovers
Security stories
Microsoft Entryism/Microsoft-Dominated 'Linux' Foundation/Canonical Promoting Windows
WSL club
Microsoft-dominated 'Linux' Foundation Still Promoting Scams, OpenInfra Wants to Get a Vote/Input Going
very sad
Linux Kernel Space and Fear, Uncertainty, Doubt (FUD)
Linux leftovers
Calibre 7.25 Adds Support for Importing KFX Files from 2024 Kindle Devices via MTP
The weekly Calibre updates continue with Calibre 7.25, released today by developer Kovid Goyal as the latest stable version of this powerful, cross-platform, free, and open-source suite of e-book software.
Free Software and GNU/Linux Leftovers
Leftovers for today and last night
Red Hat's Leftovers
mostly Red Hat's puff pieces
Android Leftovers
The Asus Zenfone 12 Ultra is basically an ROG Phone 9 Pro
Reproducible Builds and Security Gaps in Debian-Based Tails
Debian picks
Games: Steam Deck, Valve, and “Multi-User Dungeons”
gaming news
FOSSASIA 2025 – Operating systems, open hardware, and firmware sessions
The FOSSASIA Summit is the closest we have to FOSDEM in Asia
Events: Inkscape Summit Frankfurt 2025, FOSDEM 2025, and Univention Summit 2025
3 events
Canonical/Ubuntu on Security and Its Promotion of Microsoft Windows (WSL)
sellouts
Live virtual memorabilia auction on March 23, 2025
The Free Software Foundation will auction off original GNU drawings, awards
Open Hardware: Raspberry Pi, RISC-V, and More
Hardware leftovers
Web Browsers/Web: Release of Curl 8.12.0; Mozilla Once Again Picks a Senior Vice President From Facebook (Privacy Violator), Promotes LLM Slop, Spreads Rust (Microsoft GitHub)
Firefox and more
Programming Leftovers
coding related picks
Security Leftovers
Security picks
today's howtos
first for Friday
Games: Monster Hunter Wilds, Combined Arms RTS, Duskers, and More
latest from Liam et al
The right to repair supports more than just sustainability and affordability
The right to repair is one of four pillars supporting software freedom
Papers Expects to replace Evince as GNOME Default PDF Viewer
As you may know, GNOME is moving to GTK4 + LibAdwaita in recent years
Free and Open Source Software, howtos and Installations
This is free and open source software
YunoHost – Linux distribution simplifying server administration
YunoHost is a Debian-based Linux distribution which aims to simplify server administration and democratize self-hosting
Axon Platform Featuring RockChip RK3588S and Support for LLM Frameworks
The Axon platform supports operating systems such as Android 12 and Ubuntu 22.04 Jammy
Keeping your system-wide configuration files intact after updating SteamOS
SteamOS 3.6 introduced a new mechanism to decide what to to keep after an OS update
EasyOS/OpenEmbedded: New Software and Updates
distro news from BK
Hackers Are Becoming a Rarer Breed
Throughout history, many hackers have stood firm and challenged corporate capitalism and government surveillance
Today in Techrights
Some of the latest articles
Shortwave 5.0
Shortwave 5.0 is now available and finally continues playback when you close the window
Security Leftovers
Security picks
Audiocasts/Shows: mintCast and Linux Matters
2 new episodes
This Month in Redox - January 2025
Unix-like general-purpose microkernel-based operating system written in Rust
Canonical/Ubuntu Leftovers
Canonical/Ubuntu links
Open Hardware: 3-D Printing, Arduino, and Raspberry Pi
hacking with hardware
Programming Leftovers
Development picks
14 Reasons Why You’ll Love Fairphone’s Audio Range
For those of you who don’t know this already, Fairphone doesn’t just make smartphones
Mabox Linux integrates Firefox 135 in the latest update alongside a new kernel and more
The Manjaro-based Mabox Linux is back with update 25.02
I'm done with Ubuntu
"I liked Ubuntu. For a very long time, it was the sensible default option. Around 2016, I used the Ubuntu GNOME flavor, and after they ditched the Unity desktop environment, GNOME became the default option."
Tails 6.12 Anonymous OS Fixes Security Issues in Tor Circuits, Persistent Storage
The Tails project released today Tails 6.12 as the latest version of this portable operating system based on Debian GNU/Linux that protects users against surveillance and censorship.
KDE Gear 24.12.2 Improves Dolphin, Itinerary, Tokodon, and Many Other KDE Apps
The KDE Project released today KDE Gear 24.12.2 as the second maintenance update to the latest KDE Gear 24.12 open-source software suite series to address various issues in your favorite KDE apps.
today's howtos
mostly idroot
Games: Steam Deck, Hexagod, Heart of the Machine, and More
latest in GamingOnLinux
Android Leftovers
Why Android Is My Favorite Retro Gaming Platform
Debian 13 to Feature GNOME 48 Desktop Environment
The next major Debian release, 13 "Trixie," is expected to ship with GNOME 48 desktop environment
Mixing Rust and C in Linux likened to cancer by kernel maintainer
Some worry multiple languages will make it harder to maintain this open source uber-project, others disagree
Don't Be Intimidated By Linux's Notorious GRUB Bootloader
You may have heard about how difficult the GRUB Linux bootloader is to install and configure
OpenWISP and iWave Systems
The web UI can be installed on Debian 11/12 or Ubuntu 20.04/22.04/24.04 LTS through Ansible or Docker
Free Software Awards: Choose your nominations by March 5
The time has come for free software community members to nominate individuals and projects for a Free Software Award
Free and Open Source Software
However, there is a useful update for Linux users
Tucana – Linux distribution built for customization
Tucana is an ultra customizable distro built entirely from scratch
Collabora Outsources to Microsoft, Microsoft LF ('Linux' Foundation) Making Excuses For Nationalistic and Racist Policies
bad news
Distros and Desktop Environments, Devices
GNU/Linux focused
Free, Libre, and Open Source Software Leftovers
FOSS links/stories
Linux and 'Linux' Foundation Leftovers
Some Linux picks
Working With Content Management Systems (CMS) / Static Site Generators (SSG)
Some Web builders
Mozilla Still Wasting Resources on Hey Hi (AI) Nonsense (Hype), Firefox WebDriver Newsletter is Out
Mozilla leftovers
Fedora and Red Hat Leftovers
the IBM club
Data Breach, Security, and Windows TCO
Security leftovers
Kernel Savings, Linux 6.14, and uretprobes
mostly LWN for today
Programming Leftovers
Development related picks
Today in Techrights
Some of the latest articles
Red Hat Puff Pieces and More
Red Hat's own
Mozilla Firefox 135 Is Now Available for Download, Here’s What’s New
Mozilla published today the final release of the Firefox 135 web browser for all supported platforms, so it’s time to take a look at the new features and improvements.
Programming Leftovers
Development picks
Facebook Censors GNU/Linux Advocacy
a pair of reports
Someone got Linux running inside a PDF file, because its users are something else
Every so often, we see a wave of activity around cramming something that shouldn't be running in a specific document or app into said document or app
Freedesktop looking for new home for its GitLab instance, mesa 25.0.0-rc1 released
graphics related news
Empty IBM Buildings and More
today's leftovers
today's howtos
Instructionals/Technical picks
Security Leftovers
Security picks for today
Web Browsers: Tor Browser 14.0.5, Retaking The Web Browser and Buzzwords
some WWW leftovers
Android Leftovers
Gboard for Android rolls out tweaked Dynamic Color theme
Hugo Mendoza Hospital launches GNU Health to transform pediatric health
In a decisive step towards the modernization of healthcare in the country
Balkan Computer Congress, Novi Sad, Serbia
Fedora had a booth at BalCCon for the 8th time in a row
Mozilla Thunderbird 135 Released with XZ Packaging for Linux Binaries
The Mozilla Thunderbird 135 open-source email, calendar, news, chat, and contactbook client was released today alongside the Mozilla Firefox 135 web browser with various new features and many bug fixes.
Serpent OS Needs Your Support
Financial troubles force Ikey Doherty to delay Serpent OS development
Looking ahead at 2025 and Fedora Workstation and jobs on offer!
So a we are a little bit into the new year I hope everybody had a great break and a good start of 2025
Simplifying Admin Tasks in openSUSE with the Wheel Group
I specifically like the default Ubuntu approach to managing sudo behavior
Chipsee introduces 7-inch and 10.1-inch industrial panel PCs powered by Raspberry Pi CM5
Chipsee has introduced three new panel PCs powered by the Raspberry Pi Compute Module 5 (CM5)
Free Software Foundation to auction off original GNU drawings, awards, and historic tech
In its program for their fortieth anniversary, the organization hinted that it would organize an unprecedented virtual memorabilia auction
Best Free and Open Source Software
We recommend the best free and open source alternatives for Linux
EasyOS – experimental Linux distribution
EasyOS is an experimental Linux distribution made in Australia
Linux 6.14-rc1
Two weeks have passed, and the merge window is over.
Ivy Carrier Board for Toradex Verdin SoM Family in Industrial Applications
Toradex also provides software support for its Verdin SoM family
LTS Upgrades (22.04 to 24.04) ARE BACK!
Following a bug in ubuntu-release-upgrader which was causing Ubuntu Studio 22.04 LTS to fail to upgrade to 24.04 LTS
Lubuntu Plucky Puffin Alpha Notes
Lubuntu Plucky Puffin is the current development branch of Lubuntu
AlmaLinux Now Has a DOD Guide for Security Hardening the Distro as Much as You Want
Users who take advantage of the new DISA STIG can give their AlmaLinux servers military-grade hardening
Games: Steam Deck, Killing Floor 3, and More
10 picks from GamingOnLinux
Today in Techrights
Some of the latest articles