News & Information       http://info.owt.com

Linux

07/16/2026   LinuxSecurity.com
Several security issues were fixed in Ubuntu Advantage Tools.
07/16/2026   LinuxSecurity.com
Several security issues were fixed in NTFS-3G.
07/16/2026   LinuxSecurity.com
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For Debian 12 bookworm, these problems have been fixed in version 150.0.7871.124-1~deb12u1.
07/15/2026   LinuxSecurity.com
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the stable distribution (trixie), these problems have been fixed in version 150.0.7871.124-1~deb13u1.
07/15/2026   LinuxSecurity.com
Important: perl-XML-LibXML security update
07/15/2026   LinuxSecurity.com
Important: nodejs:24 security, bug fix, and enhancement update
07/15/2026   LinuxSecurity.com
Important: python3.12 security update
07/15/2026   LinuxSecurity.com
Several security issues were fixed in .NET.
07/15/2026   LinuxSecurity.com
1.033 - CVE-2026-14454: Fix mishandling of large EXIF IFD entry count values — treated as negative numbers, could lead to allocation failure and program exit - JPEG: depend on Imager 1.033 for the EXIF fix - Fix thread context object reference count leak in bumpmap and bumpmap_complex
07/15/2026   LinuxSecurity.com
Release notes for xrdp v0.10.6.1 (2026/07/06) General announcements This release fixes 10 vulnerabilities and 1 regression introduced by a vulnerability fix in the previous release. If you like xrdp, please consider sponsoring or donating to the project. We
07/15/2026   LinuxSecurity.com
Update PyO3 to 0.29; addresses RUSTSEC-2026-0176 and RUSTSEC-2026-0177
07/15/2026   LinuxSecurity.com
Release 1.6.17 Enigma: Support automatic public key lookup (import) using HKP v1 protocol (#5314) Enigma: Kolab WOAT Support (#8626) Security: Fix an infinite loop in TNEF (winmail.dat) decoder (#10193)
07/15/2026   LinuxSecurity.com
Update to upstream release 0.13.0; update PyO3 to 0.29, fixing RUSTSEC-2026-0176 and RUSTSEC-2026-0177.
07/15/2026   LinuxSecurity.com
New upstream release (152.0.6)
07/15/2026   LinuxSecurity.com
1.033 - CVE-2026-14454: Fix mishandling of large EXIF IFD entry count values — treated as negative numbers, could lead to allocation failure and program exit - JPEG: depend on Imager 1.033 for the EXIF fix - Fix thread context object reference count leak in bumpmap and bumpmap_complex
07/15/2026   LinuxSecurity.com
Release notes for xrdp v0.10.6.1 (2026/07/06) General announcements This release fixes 10 vulnerabilities and 1 regression introduced by a vulnerability fix in the previous release. If you like xrdp, please consider sponsoring or donating to the project. We
07/15/2026   LinuxSecurity.com
Update PyO3 to 0.29; addresses RUSTSEC-2026-0176 and RUSTSEC-2026-0177
07/15/2026   LinuxSecurity.com
Release 1.7.2 Add HEAD request handler to the static.php Fix so the oauth_password_claim claim is retrieved via token or userinfo request (#9631) Fix bug where static.php would return a 416 error on a specific Range request
07/15/2026   LinuxSecurity.com
Update to upstream release 0.13.0; update PyO3 to 0.29, fixing RUSTSEC-2026-0176 and RUSTSEC-2026-0177.
07/15/2026   LinuxSecurity.com
Security update
07/14/2026   Linux Journal
AI Uncovers a 15-Year-Old Linux Kernel Root Vulnerability Hidden Since 2011

Artificial intelligence has helped uncover one of the most significant Linux kernel security flaws in recent years. Security researchers at Nebula Security announced the discovery of GhostLock (CVE-2026-43499), a critical local privilege escalation vulnerability that remained hidden in the Linux kernel for approximately 15 years before being identified by the company's AI-powered vulnerability research platform, VEGA.

The vulnerability affects Linux kernels dating back to version 2.6.39 (2011) and allows an unprivileged local user to obtain full root privileges on vulnerable systems. Its discovery not only highlights the importance of timely kernel updates but also demonstrates how AI is beginning to transform vulnerability research.

What Is GhostLock?

GhostLock is a use-after-free (UAF) vulnerability located in the Linux kernel's futex (fast userspace mutex) implementation.

Futexes are synchronization primitives that allow user-space applications to efficiently coordinate access to shared resources while minimizing expensive kernel interactions. Because they are widely used throughout Linux, any flaw within this subsystem can have broad security implications.

According to Nebula Security, incorrect handling of the remove_waiter() function can leave behind a dangling kernel pointer that an attacker can manipulate to execute arbitrary code with kernel privileges.

A Reliable Path to Root Access

One of the reasons GhostLock has attracted so much attention is the reported reliability of the exploit.

Researchers demonstrated that an attacker with nothing more than a standard local user account can escalate privileges to root in roughly five seconds, with a reported success rate of 97% on vulnerable systems.

Unlike many kernel exploits that are unstable or require highly specific system configurations, GhostLock appears to be both practical and repeatable, making it particularly concerning for administrators.

Container Escapes Are Also Possible

The implications extend beyond traditional Linux desktops and servers.

Researchers report that GhostLock can also be used to escape containers and compromise the underlying host operating system. Because containers share the host kernel, a successful privilege escalation inside a container can potentially grant root access to the host itself.

This makes the vulnerability especially important for environments running:

07/09/2026   Linux Journal
Azure Linux 4.0 Released: Microsoft Expands Its Enterprise Linux Platform Beyond the Cloud

Microsoft has officially unveiled Azure Linux 4.0, the latest version of its open-source Linux distribution designed for cloud infrastructure, enterprise workloads, and modern data centers. Formerly known as CBL-Mariner, Azure Linux has powered Microsoft's internal cloud services for years, but version 4.0 marks its biggest evolution yet by becoming a general-purpose server operating system that organizations can deploy both inside and outside Azure.

The release introduces updated core components, expanded hardware support, a predictable long-term lifecycle, and improved compatibility for enterprise environments, reinforcing Microsoft's growing investment in the Linux ecosystem.

A New Chapter for Azure Linux

Azure Linux began as Microsoft's internal operating system for Azure services, containers, and cloud infrastructure. Over time, it evolved into the foundation for many Azure-hosted workloads.

With Azure Linux 4.0, Microsoft is positioning the distribution as a broader enterprise Linux platform rather than one limited to Azure infrastructure. The operating system is now available through Azure virtual machine images, container images, and downloadable ISO files for testing and deployment in a wider range of environments.

Built for Enterprise and Cloud Workloads

Unlike desktop-focused Linux distributions, Azure Linux is optimized for infrastructure, virtualization, containers, and cloud-native applications.

Typical deployment scenarios include:

  • Cloud virtual machines
  • Kubernetes clusters
  • Container hosts
  • AI infrastructure
  • Edge computing
  • Enterprise servers

Microsoft has designed the distribution to provide a consistent operating system foundation across Azure services while remaining suitable for on-premises deployments.

Updated Core Components

Azure Linux 4.0 modernizes much of the operating system's software stack.

Highlights include:

  • Linux Kernel 7.0
  • glibc 2.42
  • OpenSSL 3.5
  • Python 3.13
  • OpenSSH 10
  • dnf5 as the default package manager

These updates improve hardware compatibility, application support, security, and overall system performance while providing developers with a more current software platform.

Security Remains a Primary Focus

Security continues to be one of Azure Linux's defining characteristics.

Version 4.0 includes:

07/07/2026   Linux Journal
KDE Plasma 6.7.1 Released with Stability Fixes, UI Improvements, and Better Wayland Reliability

The KDE Project has officially released KDE Plasma 6.7.1, the first maintenance update for the Plasma 6.7 desktop environment. Rather than introducing major new features, this point release focuses on polishing the desktop with a broad collection of bug fixes, translation updates, and performance improvements aimed at making Plasma 6.7 more reliable for everyday use.

As with previous Plasma maintenance releases, KDE developers have concentrated on resolving issues reported by the community soon after the launch of Plasma 6.7, ensuring users receive a smoother and more stable desktop experience.

A Maintenance Release Focused on Stability

KDE Plasma 6.7 introduced numerous new capabilities, including per-display virtual desktops, Wayland session restore, improvements to Plasma Bigscreen, and a refreshed theming system. Plasma 6.7.1 builds on that foundation by addressing early regressions and fine-tuning the overall desktop experience.

The update primarily delivers:

  • Bug fixes across core Plasma components
  • Updated translations
  • Performance refinements
  • Improved desktop reliability
  • Better overall user experience

Improvements Across the Desktop

Several of Plasma's core applications and components receive fixes in this release.

Notable improvements include:

  • Better reliability in the Kickoff Application Launcher
  • Fixes for Discover, KDE's software manager
  • Improvements to the KWin window manager
  • Various panel and desktop behavior corrections
  • Better handling of notifications and user interface elements

While most of these changes are relatively small on their own, together they help eliminate many of the rough edges users may have encountered after upgrading to Plasma 6.7.

Wayland Continues to Mature

Wayland remains the primary development focus for KDE Plasma, and version 6.7.1 continues refining the experience.

The update includes fixes affecting:

  • Window management
  • Session stability
  • Input handling
  • Display behavior
  • General compositor reliability

Over the past several Plasma releases, KDE developers have steadily shifted their attention toward making Wayland the best possible experience while continuing limited maintenance for X11.

Translation Updates for Global Users

Like most KDE maintenance releases, Plasma 6.7.1 incorporates a fresh batch of translation updates contributed by volunteers from around the world.

These updates improve:

07/02/2026   Linux Journal
PorteuX 2.6 Released with Linux 6.19, TLP Support, and Smarter Hardware Optimization

The PorteuX project has officially released PorteuX 2.6, bringing a new round of updates to the lightweight Slackware-based Linux distribution. Designed to be fast, portable, modular, and immutable, PorteuX continues to appeal to users who want a complete desktop operating system that can run efficiently from a USB drive or other removable media. The latest release introduces a newer Linux kernel, improved power management, updated desktop environments, and numerous performance and usability improvements.

Released just two months after PorteuX 2.5, version 2.6 focuses on refining the user experience while maintaining the distribution's minimalist philosophy.

Powered by Linux Kernel 6.19

At the heart of PorteuX 2.6 is the Linux 6.19 kernel series, bringing improved hardware compatibility, updated drivers, security fixes, and better support for modern processors and peripherals.

The updated kernel helps ensure smoother operation on both newer desktop hardware and laptops while continuing PorteuX's emphasis on speed and low resource usage.

Better Battery Life with TLP Support

One of the headline features in PorteuX 2.6 is support for TLP, the popular command-line utility used to optimize laptop battery life.

Available through the PorteuX AppStore, TLP automatically adjusts various power-saving settings, including CPU behavior and device power management, helping extend battery life without requiring constant manual tuning.

For laptop users, this addition makes PorteuX an even more attractive lightweight operating system.

Automatic CPU Microcode Loading

The release also introduces automatic loading of Intel and AMD CPU microcode when booting in non-fresh modes.

Microcode updates help address processor bugs, improve stability, and deliver security fixes directly from CPU manufacturers. Automating this process reduces the need for manual configuration while ensuring supported systems benefit from the latest firmware improvements.

Updated Desktop Environments

PorteuX continues to offer multiple desktop editions, each updated to recent upstream releases.

Version 2.6 includes:

  • GNOME 49.4
  • KDE Plasma 6.5.5
  • Xfce 4.20
  • Cinnamon 6.6
  • LXQt 2.3
  • MATE 1.28.2
  • COSMIC 1.0.8
  • LXDE 0.11.1

This broad selection allows users to choose between modern feature-rich desktops and extremely lightweight environments depending on their hardware and workflow.

Performance Improvements Throughout the System

Although PorteuX has always emphasized performance, version 2.6 introduces additional optimizations behind the scenes.

Developers report improvements including:

06/30/2026   Linux Journal
CachyOS June 2026 ISO Released with Hyprland Noctalia, Faster Performance, and Smarter System Tools

The CachyOS team has released the June 2026 ISO, delivering another feature-packed update for its Arch Linux-based distribution. Known for its aggressive performance optimizations and gaming-focused approach, CachyOS continues refining both the user experience and the underlying system with improvements ranging from compiler tuning to installer enhancements and new desktop options.

As the project's fourth major ISO refresh of the year, the June release emphasizes speed, usability, and modern hardware support while remaining fully compatible with Arch Linux's rolling-release ecosystem.

A New Hyprland Noctalia Desktop Experience

One of the headline additions is a new Hyprland Noctalia desktop option available directly from the installer.

Noctalia provides a polished, preconfigured Hyprland environment with a modern appearance, allowing users to enjoy a highly customizable Wayland compositor without spending hours configuring dotfiles after installation. The installer even includes a preview so users can see the desktop before selecting it.

For users interested in lightweight, keyboard-driven workflows, this new option makes Hyprland much more approachable.

Performance Optimizations Continue

Performance remains the defining characteristic of CachyOS, and the June 2026 release introduces several additional optimizations.

Notable improvements include:

  • Python packages now built using extended Profile-Guided Optimization (PGO)
  • A new GCC branch prediction tuning patch designed to improve performance on modern Intel and AMD processors
  • A fix for an OpenBLAS regression affecting high-core-count CPUs
  • Additional package-level optimizations throughout the distribution

These updates continue CachyOS's philosophy of extracting as much performance as possible from modern hardware.

Improved Package Management and Security

The June release also includes several important changes to package management.

One notable enhancement is network isolation for Pacman scriptlets and hooks, preventing installation scripts from accessing the network by default. This improves security during package installation and reduces the risk of unexpected behavior.

Additionally:

  • proton-cachyos has been renamed to proton-cachyos-native
  • The installer no longer includes the paru AUR helper
  • Users are now encouraged to use Shelly, available with both graphical and command-line interfaces

Installer Improvements

The installation experience has received considerable attention in this release.

Updates include:

06/25/2026   Linux Journal
Git 2.55 Released with Faster Performance, Smarter Hooks, and Expanded Rust Integration

The Git project has officially released Git 2.55, bringing a wide range of improvements focused on performance, developer productivity, and modernizing the world's most widely used version control system. The release introduces smarter repository management, faster operations for large codebases, expanded hook capabilities, and continues Git's gradual adoption of Rust for improved reliability and maintainability.

Although Git 2.55 doesn't radically change how developers use Git day to day, it delivers meaningful enhancements that make common workflows faster and more flexible—particularly for teams managing large repositories.

Rust Support Is Now Enabled by Default

One of the biggest architectural changes in Git 2.55 is that Rust support is now enabled by default when building Git from source.

Developers compiling Git will automatically use Rust components unless they explicitly disable them using the new NO_RUST build option. This is part of the project's long-term effort to improve memory safety and gradually replace selected components with Rust implementations where appropriate. Git 3.0 is expected to make Rust support mandatory.

For most users installing Git through their Linux distribution, this change happens behind the scenes and requires no additional configuration.

Repository Performance Gets a Boost

Git 2.55 includes several optimizations aimed at improving performance when working with large repositories.

Among the improvements are:

  • Faster bitmap generation during repository maintenance
  • More efficient multi-pack repository handling
  • Better pseudo-merge bitmap processing
  • Reduced time spent creating optimized pack files

These enhancements can dramatically reduce maintenance times for repositories containing millions of objects while also improving clone, fetch, and object traversal performance.

Developers working on large enterprise projects or open-source codebases should notice faster background maintenance and repository operations.

Config-Based Hooks Continue to Evolve

Git continues improving one of its most requested features: configuration-based hooks.

Instead of storing hook scripts only inside the .git/hooks directory for each repository, developers can now define hooks directly through Git configuration files. This makes it easier to:

  • Share hook configurations
  • Manage multiple hooks
  • Standardize development workflows
  • Reduce repository-specific setup

Git 2.55 also expands support for hook execution behavior and continues laying the groundwork for more advanced hook management in future releases.

06/23/2026   Linux Journal
Fedora Governance Changes Take Effect as Project Refines Leadership, Policy, and Contributor Oversight

A series of Fedora governance updates are now taking effect, marking another step in the project's ongoing effort to modernize decision-making processes, improve transparency, and better support Fedora's growing contributor community. The changes come as the Fedora Council and other leadership bodies continue refining how one of the Linux world's largest community-driven projects is managed.

While these updates may not be as visible as a new desktop environment or kernel release, they play a critical role in shaping Fedora's future direction, community initiatives, and long-term sustainability.

How Fedora Governance Works

Fedora's governance structure is built around several key organizations that guide different aspects of the project.

These include:

  • The Fedora Council, which oversees strategic direction
  • FESCo (Fedora Engineering Steering Committee), responsible for technical and engineering decisions
  • Mindshare, which focuses on community outreach and contributor engagement
  • Various Special Interest Groups (SIGs) and working groups that manage specific initiatives and technologies

Together, these groups help coordinate thousands of contributors spread across the globe.

Greater Focus on Strategic Planning

Recent Fedora Council discussions have emphasized long-term planning and governance modernization. One major area of focus has been defining clearer processes for evaluating and managing new initiatives through what Fedora leaders call an Innovation Lifecycle framework.

The proposed framework aims to:

  • Better evaluate experimental projects
  • Establish clearer entry and review phases
  • Define expectations for community initiatives
  • Improve oversight as projects mature

The goal is to create a more predictable path for new ideas while maintaining Fedora's culture of innovation.

Refining Contributor Representation

Another governance topic receiving significant attention involves contributor participation and voting eligibility.

Fedora leadership has been examining questions such as:

  • What defines an active contributor?
  • How should voting rights be determined?
  • How can elections remain fair while staying inclusive?
  • How should dormant accounts be handled?

These discussions stem from concerns that existing systems may not always accurately reflect current contributor activity.

While no single solution has been finalized, governance bodies are actively working toward policies that balance openness with accountability.

06/18/2026   Linux Journal
The Growth of Vulnerability Management: The Rise of Agentic AI Pentesting

Cybersecurity shifts fast. Manual penetration tests remain valuable, especially for nuanced attack paths and business-logic issues, but they are expensive, point-in-time, and difficult to run continuously. By the time a report is delivered, the environment may have already changed. Automated scanners improved coverage and frequency, but most still rely on known signatures, templated checks, and shallow validation. They can find obvious issues, but they rarely match the adaptive reasoning, chaining, and persistence of a skilled attacker.Platforms like XBOW help security teams move toward continuous validation by running AI-driven tests that mimic large-scale human attackers. This shift moves the focus from periodic assessment and reactive patching toward ongoing exposure management and earlier prevention.

From Automation to Agency

To appreciate the value of these modern platforms, it’s important to separate traditional automation from what is called “agentic” AI. Earlier AI pentesting tools mostly worked like advanced “if-then” systems, running preset scripts and looking for known patterns. While useful to automate some tasks pentesters perform, these tools lack the ability to pivot.

If a standard tool hits a non-standard login portal, it generally stops. An agent platform, however, can identify and adapt to the obstacle, reason through potential bypasses, and attempt alternative tactics.

This core differentiator is the “agent,” a specialized model capable of goal-oriented planning. These platforms employ real-time attack path analysis tools. They identify a low-severity vulnerability and assess whether it could be exploited to gain access

to a high-value asset. This approach imitates how an advanced attacker moves laterally within a system. The result is a clearer and more realistic view of the organization’s real risk compared to just listing bugs in a spreadsheet without context.

Comparing Methodologies: Strategy and Execution

When comparing platforms in this area, the industry is shifting focus from just ticking off features to demonstrating how effectively those features can be used. Modern platforms, including XBOW, focus on high-fidelity testing that avoids disrupting production environments while still proving that a vulnerability is reachable.

Three main architectural approaches have emerged as standouts:

06/16/2026   Linux Journal
Linux Kernel 7.1 Officially Released with New NTFS Driver, Intel FRED, and Major Code Cleanup

The Linux kernel development team has officially released Linux Kernel 7.1, marking the first major update in the 7.x series. Announced by Linus Torvalds on June 14, 2026, the release introduces a mix of new features, hardware improvements, filesystem enhancements, and large-scale code cleanup efforts that continue modernizing the Linux platform.

While Linux 7.1 is not a long-term support (LTS) release, it delivers several significant changes that will eventually make their way into many Linux distributions over the coming months.

A Brand-New NTFS Driver Arrives

One of the most significant additions in Linux 7.1 is a completely rewritten in-kernel NTFS filesystem driver.

The new implementation has reportedly been under development for several years and replaces older code with a modern design built around Linux’s current storage infrastructure. The driver utilizes technologies such as iomap and folios, which improve efficiency and simplify future maintenance.

Benefits include:

  • Improved NTFS write performance
  • Better handling of large files
  • More modern filesystem architecture
  • Easier future development and maintenance

For users who regularly exchange data between Linux and Windows systems, this is one of the most important improvements in the release.

Intel FRED Enabled by Default

Linux 7.1 also enables Intel Flexible Return and Event Delivery (FRED) by default on supported hardware.

FRED is a newer CPU mechanism designed to improve how processors handle interrupts and exceptions. By replacing older methods with a more streamlined approach, FRED aims to improve performance and reduce complexity in low-level CPU operations.

The feature primarily benefits newer Intel platforms, including upcoming processor generations.

Graphics Drivers Continue to Improve

Graphics support remains a major focus of kernel development, and Linux 7.1 delivers additional improvements for both Intel and AMD hardware.

Highlights include:

  • Performance enhancements for Intel Arc GPUs
  • Continued work on Intel Battlemage graphics
  • Updates for AMD Radeon hardware
  • Expanded GPU reliability monitoring infrastructure through DRM-RAS support

These updates help improve gaming, desktop performance, and workstation workloads across modern Linux systems.

Steam Deck OLED Audio Fixes Land Upstream

Linux gamers receive a welcome improvement in this release as audio support fixes for the Steam Deck OLED have finally been merged into the mainline kernel.