Other Sites

9to5Linux

Fedora-Based Nobara 41 Gaming Distro Switches to Open-Source NVIDIA Driver

Based on Fedora Linux 41, the Nobara 41 release switches to the open-source NVIDIA graphics driver by default, along with a cuda-devel option for additional CUDA package support, as well as the latest stable Vulkan drivers by default to improve support for some Vulkan games, and ships mesa-libgallium-freeworld compiled with x264/x265 codecs to improve screen recording.

PeaZip 10.2 Open-Source Archive Manager Released with Qt 6 Package for Linux

Coming almost two months after PeaZip 10.1, the PeaZip 10.2 release adds GUI support for changing Brotli -q 11 and Zstd –ultra -22 compression levels, as well as support for manually deleting input files and folders at the end of tasks from the Options tab in the task progress dialog.

KDE Plasma 6.2.5 Released as the Last Update in the Series with More Bug Fixes

Coming a little over a month after KDE Plasma 6.2.4, the KDE Plasma 6.2.5 release is strictly a bugfix one addressing a System Settings crash that occurred when plugging in a mouse while viewing the Mouse page, one of the most common recent Powerdevil crashes, and a nasty bug that could cause the lock screen to be all black when using the X11 session.

Debian 13 “Trixie” Installer Alpha Released with Linux 6.12 LTS, RISCV64 Support

While work on the Debian Trixie series kicked off a few months ago, there wasn’t an official installer available until now. The first alpha version of the Debian 13 Installer is finally here for early adopters and Linux/Debian enthusiasts who want a taste of the new features and improvements.

LinuxGizmos.com

NanoKVM-USB: 4K HDMI Loopback, USB 3.0, and Integrated Keyboard/Mouse Control

This month, Sipeed unveiled the NanoKVM-USB, described as a compact and low-cost device designed to simplify the operation and management of multiple systems.

Radxa Orion O6 AI Board with Up to 64GB RAM, Dual 5GbE Ports and PCIe Gen4 Expansion

The Radxa Orion O6 is a Mini ITX motherboard designed for AI computing and multimedia applications. Powered by the Cix CD8180 System-on-Chip, it combines powerful performance with a compact form factor for a variety of demanding use cases.

Security Leftovers

posted by Roy Schestowitz on May 19, 2023

Bug bounties are broken - the story of 'i915' bug, ChromeOS + Intel bounty programs, and beyond : pi3 blog

At first, I didn’t plan to write an article about the problems with bug bounty programs. This was supposed to be a standard technical blogpost describing an interesting bug in the Linux Kernel i915 driver allowing for a linear Out-Of-Bound read and write access (CVE-2023-28410). Moreover, I’m not even into bug bounty programs, mostly because I don’t need to, since I consider myself lucky enough to have a satisfying, stable and well-paid job. That being said, in my spare time, apart from developing and maintaining the Linux Kernel Runtime Guard (LKRG) project, I still like doing vulnerability research and exploit development not only for my employer, and from time to time it’s good to update your resume with new CVE numbers. Before I started to have a stable income, bug bounties didn’t exist and most of the quality vulnerability research outcome was paying the bills via brokers (let’s leave aside the moral questions arising from this). However, nowadays we have bug bounty programs…

For the last decade (a bit longer), bug bounty programs gained a lot of deserved traction. There are security researchers who rely on bug bounties as their primary(!) source of income. Such cases are an irrefutable proof of the success of the bug bounty programs. However, before the industry ended up where it is now, it went through a long and interesting route.
Millions of Smartphones Distributed Worldwide With Preinstalled ‘Guerrilla’ Malware

A threat actor tracked as Lemon Group has control over millions of smartphones distributed worldwide thanks to preinstalled Guerrilla malware.
Cisco Says PoC Exploits Available for Newly Patched Enterprise Switch Vulnerabilities

Cisco has released patches for critical vulnerabilities in small business switches for which public proof-of-concept (PoC) code exists.
PoC Tool Exploits Unpatched KeePass Vulnerability to Retrieve Master Passwords

Researcher publishes PoC tool that exploits unpatched KeePass vulnerability to retrieve the master password from memory.
Google Announces New Rating System for Android and Device Vulnerability Reports

Google is updating its vulnerability reports rating system to encourage researchers to provide more details on the reported bugs.

Other Recent Tux Machines' Posts

4MLinux 47.0 Released with Installation Support for Virtual (KVM) Block Devices: 4MLinux developer Zbigniew Konojacki announced today the release and general availability of 4MLinux 47.0 as the latest stable version of this mini Linux distribution featuring the lightweight JWM window manager.
LineageOS 22.1 released: been hard at work since Android 15’s release in September
Fedora-Based Nobara 41 Gaming Distro Switches to Open-Source NVIDIA Driver: The Nobar Project released today Nobara 41 as the latest version of this Fedora-based Linux distribution for gamers that features unique, in-house tools and lots of performance improvements.
PeaZip 10.2 Open-Source Archive Manager Released with Qt 6 Package for Linux: PeaZip 10.2 is out today as a new update to this open-source, free, and cross-platform file compression and encryption software for GNU/Linux, macOS, and Windows.
KDE Plasma 6.2.5 Released as the Last Update in the Series with More Bug Fixes: Today, the KDE Project released KDE Plasma 6.2.5 as the fifth and last update to the latest KDE Plasma 6.2 desktop environment series with more bug fixes.
We've Thrived Another Day (and Year) [original]: Happy new year, everybody!
Debian 13 “Trixie” Installer Alpha Released with Linux 6.12 LTS, RISCV64 Support: The Debian Project released today the first alpha version of the installer for the upcoming Debian GNU/Linux 13 “Trixie” operating system series, due for release next year.
Today in Techrights: Some of the latest articles
Pre-Alpha Version of Pidgin 3.0 Released: Pidgin 3.0 Experimental 1 instant messaging apps land with GTK 4 and Adwaita support
Using Hugo with Kate: My song & dance when I want to edit my website is a bit inefficient
Anticipating GIMP 3.0: Non-Destructive Editing, Proper CMYK - The New Stack: If GIMP 3.0 only came with one new feature, non-destructive editing would be the feature I’d want
Android Leftovers: Polestar knows you like Android so much, it's putting Android Auto in your Android Automotive
10 Cool Changes Ubuntu Received in 2024: As another year transitions from present to past, I want1 to recap the notable new features, changes, updates and innovations Ubuntu saw over the past 12 months
Why 2025 Will Not Be The Year Of Linux On The Desktop: One of the longest running jokes in our sphere is that the coming year will finally be the year of “Linux on the Desktop.”
Best Free and Open Source Software: Best Free and Open Source Software: November and December 2024 Updates
Accessible-Coconut – Linux distro dedicated to: Accessible-Coconut (AC) is a community driven Linux distribution which is completely accessible for persons with visual impairments
FSF: "Free software is powerful because of you," says the chief, and "board members in 2024" on "achievements the FSF board has received this year": latest from FSF
today's howtos: first one for the year
BSD: PF, DragonFly, and OpenBSD: Some BSD news
Security Leftovers, Especially Windows TCO: Windows TCO in US government
Today in Techrights: Some of the latest articles
GNU/Linux and BSD Leftovers: today's leftovers
Programming and Free, Libre, and Open Source Software: FOSS and coding picks
Security Leftovers: Security picks
Colliding with the SHA prefix of Linux's initial Git commit: by Kees Cook
Open Hardware/Modding: Arduino, GNU Boot, Raspberry Pi, ESP32, and More: hardware picks
Applications: BlepFX crunchrr, Kando, gg, and "Default Apps": 4 new articles
today's howtos: a handful of howtos
MNT Reform Next Laptop Features Modular Design and Open Hardware: The laptop ships with Debian GNU/Linux and comes with comprehensive documentation
Mozilla and Firefox Going in the Wrong Direction: Chasing hype and worse
GNU Artanis Development and News: new from GNU Artanis
Linux Magazine's Latest Issue (December): partly paywalled
Open Hardware/Modding: NVIDIA Jetson and RISC-V: Hardware leftovers
Tor, Microsoft, and Openwashing PR Stunt: today's leftovers
Upscayl: An Open-Source Image Upscaling Tool for Linux: there’s a powerful tool available to solve this problem
Programming Leftovers: Development picks
Android Leftovers: Polestar 2 is Adding Wired Android Auto Support, One of the “Most Requested Features”
Windows TCO and Security Leftovers: Lots of Windows TCO
today's howtos: Instructionals/Technical picks
Why I Prefer a Tiling Window Manager on Linux: Do you shake your head whenever you see someone extoll the virtues of a tiling window manager
Bluestar Linux is back with update 6.12.7: Firefox 133, LibreOffice 24, the 6.12 kernel, and more: Arch-based German distro Bluestar Linux is back with multiple package updates on top of a new kernel
Kdenlive new year preview: One of the much requested feature for Kdenlive was a modern background removal tool
Best Free and Open Source Software: We recommend the best free and open source alternatives
6 reasons why Google should switch Chromebooks from Android to Linux: By now, you've probably heard that Google plans to migrate Chromebooks to Android
The latest MX Linux turns Xfce into a desktop anyone can use: If you're looking for a Linux distribution with a user-friendly desktop that's also very highly customizable
Radxa Orion O6 AI Board with Up to 64GB RAM, Dual 5GbE Ports and PCIe Gen4 Expansion: The Orion O6 is compatible with Debian and Ubuntu Linux distributions and supports full UEFI via EDKII
The 4 most Windows-like Linux distros to try because change is hard: If you want to keep your machine running smoothly and feeling familiar, check out these Linux distros
If you're ready for something different, I recommend this Linux distro to newbies and experts alike: OpenMandriva is a sensible operating system that's not based on the top four most popular Linux distros, but just as easy to use
Release of Ghostty 1.0: Ghostty 1.0 is out
GNOME’s New Image Viewer Adds Image Editing Features: Loupe (aka Image Viewer) is GNOME’s modern successor to the venerable Eye of GNOME has picked up its first batch of image editing features
Today in Techrights: Some of the latest articles