News & Information       http://info.owt.com

Linux

07/09/2026   LinuxSecurity.com
An update that solves one vulnerability and has 6 fixes is now available.
07/09/2026   LinuxSecurity.com
An update that fixes one vulnerability is now available.
07/09/2026   LinuxSecurity.com
An update that solves four vulnerabilities and has one security fix can now be installed.
07/09/2026   LinuxSecurity.com
An update that solves 18 vulnerabilities can now be installed.
07/09/2026   LinuxSecurity.com
An update that solves one vulnerability can now be installed.
07/09/2026   LinuxSecurity.com
An update that solves three vulnerabilities can now be installed.
07/09/2026   LinuxSecurity.com
An update that solves one vulnerability can now be installed.
07/09/2026   LinuxSecurity.com
Several security issues were fixed in the Linux kernel.
07/09/2026   LinuxSecurity.com
Several security issues were fixed in the Linux kernel.
07/09/2026   LinuxSecurity.com
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For Debian 12 bookworm, this problem has been fixed in version 150.0.7871.100-1~deb12u1.
07/08/2026   LinuxSecurity.com
Update to opkssh 0.15.0. This release fixes several CVEs in bundled/vendored dependencies: CVE-2026-39829: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters CVE-2026-39835: golang.org/x/crypto/ssh: Denial of Service via crafted SSH
07/08/2026   LinuxSecurity.com
This package contains the Perl module CSS::Minifier::XS. Versions of the module before 0.14 have a memory leak when the entire document is minified away (CVE-2026-13593). This update brings version 0.15 which fixes this issue.
07/08/2026   LinuxSecurity.com
Update rust-jiter to 0.16.0, adding a serde Deserializer implementation; update python-jiter to match. Both packages now use PyO3 0.29, with fixes for RUSTSEC-2026-0176 and RUSTSEC-2026-0177.
07/08/2026   LinuxSecurity.com
Update rust-jiter to 0.16.0, adding a serde Deserializer implementation; update python-jiter to match. Both packages now use PyO3 0.29, with fixes for RUSTSEC-2026-0176 and RUSTSEC-2026-0177.
07/08/2026   LinuxSecurity.com
Improve GSS KEX algorithms documentation CVE-2026-55653: Fix double free in openssh DH-GEX client path during FIPS known- group validation that leads to client-side denial of service CVE-2026-55654: Fix heap out-of-bounds read during GSSAPI indicator cleanup due to missing NULL terminator
07/08/2026   LinuxSecurity.com
upower 1.91.3: Feature: up-device-battery: Prefer "Standard" over "Fast" charging (!316 (merged), #344 (closed)) Fix: Resolve potential leaks (!327 (merged)) Fix: Potential out-of-bound access (!328 (merged))
07/08/2026   LinuxSecurity.com
Update to opkssh 0.15.0. This release fixes several CVEs in bundled/vendored dependencies: CVE-2026-39829: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters CVE-2026-39835: golang.org/x/crypto/ssh: Denial of Service via crafted SSH
07/08/2026   LinuxSecurity.com
This package contains the Perl module CSS::Minifier::XS. Versions of the module before 0.14 have a memory leak when the entire document is minified away (CVE-2026-13593). This update brings version 0.15 which fixes this issue.
07/08/2026   LinuxSecurity.com
Update to 3.2.0 (final). Update PyO3 to 0.29, fixing RUSTSEC-2026-0176 and RUSTSEC-2026-0177.
07/08/2026   LinuxSecurity.com
Update to 0.3.6; this includes an update to PyO3 0.29, which fixes RUSTSEC-2026-0176 and RUSTSEC-2026-0177.
07/07/2026   Linux Journal
KDE Plasma 6.7.1 Released with Stability Fixes, UI Improvements, and Better Wayland Reliability

The KDE Project has officially released KDE Plasma 6.7.1, the first maintenance update for the Plasma 6.7 desktop environment. Rather than introducing major new features, this point release focuses on polishing the desktop with a broad collection of bug fixes, translation updates, and performance improvements aimed at making Plasma 6.7 more reliable for everyday use.

As with previous Plasma maintenance releases, KDE developers have concentrated on resolving issues reported by the community soon after the launch of Plasma 6.7, ensuring users receive a smoother and more stable desktop experience.

A Maintenance Release Focused on Stability

KDE Plasma 6.7 introduced numerous new capabilities, including per-display virtual desktops, Wayland session restore, improvements to Plasma Bigscreen, and a refreshed theming system. Plasma 6.7.1 builds on that foundation by addressing early regressions and fine-tuning the overall desktop experience.

The update primarily delivers:

  • Bug fixes across core Plasma components
  • Updated translations
  • Performance refinements
  • Improved desktop reliability
  • Better overall user experience

Improvements Across the Desktop

Several of Plasma's core applications and components receive fixes in this release.

Notable improvements include:

  • Better reliability in the Kickoff Application Launcher
  • Fixes for Discover, KDE's software manager
  • Improvements to the KWin window manager
  • Various panel and desktop behavior corrections
  • Better handling of notifications and user interface elements

While most of these changes are relatively small on their own, together they help eliminate many of the rough edges users may have encountered after upgrading to Plasma 6.7.

Wayland Continues to Mature

Wayland remains the primary development focus for KDE Plasma, and version 6.7.1 continues refining the experience.

The update includes fixes affecting:

  • Window management
  • Session stability
  • Input handling
  • Display behavior
  • General compositor reliability

Over the past several Plasma releases, KDE developers have steadily shifted their attention toward making Wayland the best possible experience while continuing limited maintenance for X11.

Translation Updates for Global Users

Like most KDE maintenance releases, Plasma 6.7.1 incorporates a fresh batch of translation updates contributed by volunteers from around the world.

These updates improve:

07/02/2026   Linux Journal
PorteuX 2.6 Released with Linux 6.19, TLP Support, and Smarter Hardware Optimization

The PorteuX project has officially released PorteuX 2.6, bringing a new round of updates to the lightweight Slackware-based Linux distribution. Designed to be fast, portable, modular, and immutable, PorteuX continues to appeal to users who want a complete desktop operating system that can run efficiently from a USB drive or other removable media. The latest release introduces a newer Linux kernel, improved power management, updated desktop environments, and numerous performance and usability improvements.

Released just two months after PorteuX 2.5, version 2.6 focuses on refining the user experience while maintaining the distribution's minimalist philosophy.

Powered by Linux Kernel 6.19

At the heart of PorteuX 2.6 is the Linux 6.19 kernel series, bringing improved hardware compatibility, updated drivers, security fixes, and better support for modern processors and peripherals.

The updated kernel helps ensure smoother operation on both newer desktop hardware and laptops while continuing PorteuX's emphasis on speed and low resource usage.

Better Battery Life with TLP Support

One of the headline features in PorteuX 2.6 is support for TLP, the popular command-line utility used to optimize laptop battery life.

Available through the PorteuX AppStore, TLP automatically adjusts various power-saving settings, including CPU behavior and device power management, helping extend battery life without requiring constant manual tuning.

For laptop users, this addition makes PorteuX an even more attractive lightweight operating system.

Automatic CPU Microcode Loading

The release also introduces automatic loading of Intel and AMD CPU microcode when booting in non-fresh modes.

Microcode updates help address processor bugs, improve stability, and deliver security fixes directly from CPU manufacturers. Automating this process reduces the need for manual configuration while ensuring supported systems benefit from the latest firmware improvements.

Updated Desktop Environments

PorteuX continues to offer multiple desktop editions, each updated to recent upstream releases.

Version 2.6 includes:

  • GNOME 49.4
  • KDE Plasma 6.5.5
  • Xfce 4.20
  • Cinnamon 6.6
  • LXQt 2.3
  • MATE 1.28.2
  • COSMIC 1.0.8
  • LXDE 0.11.1

This broad selection allows users to choose between modern feature-rich desktops and extremely lightweight environments depending on their hardware and workflow.

Performance Improvements Throughout the System

Although PorteuX has always emphasized performance, version 2.6 introduces additional optimizations behind the scenes.

Developers report improvements including:

06/30/2026   Linux Journal
CachyOS June 2026 ISO Released with Hyprland Noctalia, Faster Performance, and Smarter System Tools

The CachyOS team has released the June 2026 ISO, delivering another feature-packed update for its Arch Linux-based distribution. Known for its aggressive performance optimizations and gaming-focused approach, CachyOS continues refining both the user experience and the underlying system with improvements ranging from compiler tuning to installer enhancements and new desktop options.

As the project's fourth major ISO refresh of the year, the June release emphasizes speed, usability, and modern hardware support while remaining fully compatible with Arch Linux's rolling-release ecosystem.

A New Hyprland Noctalia Desktop Experience

One of the headline additions is a new Hyprland Noctalia desktop option available directly from the installer.

Noctalia provides a polished, preconfigured Hyprland environment with a modern appearance, allowing users to enjoy a highly customizable Wayland compositor without spending hours configuring dotfiles after installation. The installer even includes a preview so users can see the desktop before selecting it.

For users interested in lightweight, keyboard-driven workflows, this new option makes Hyprland much more approachable.

Performance Optimizations Continue

Performance remains the defining characteristic of CachyOS, and the June 2026 release introduces several additional optimizations.

Notable improvements include:

  • Python packages now built using extended Profile-Guided Optimization (PGO)
  • A new GCC branch prediction tuning patch designed to improve performance on modern Intel and AMD processors
  • A fix for an OpenBLAS regression affecting high-core-count CPUs
  • Additional package-level optimizations throughout the distribution

These updates continue CachyOS's philosophy of extracting as much performance as possible from modern hardware.

Improved Package Management and Security

The June release also includes several important changes to package management.

One notable enhancement is network isolation for Pacman scriptlets and hooks, preventing installation scripts from accessing the network by default. This improves security during package installation and reduces the risk of unexpected behavior.

Additionally:

  • proton-cachyos has been renamed to proton-cachyos-native
  • The installer no longer includes the paru AUR helper
  • Users are now encouraged to use Shelly, available with both graphical and command-line interfaces

Installer Improvements

The installation experience has received considerable attention in this release.

Updates include:

06/25/2026   Linux Journal
Git 2.55 Released with Faster Performance, Smarter Hooks, and Expanded Rust Integration

The Git project has officially released Git 2.55, bringing a wide range of improvements focused on performance, developer productivity, and modernizing the world's most widely used version control system. The release introduces smarter repository management, faster operations for large codebases, expanded hook capabilities, and continues Git's gradual adoption of Rust for improved reliability and maintainability.

Although Git 2.55 doesn't radically change how developers use Git day to day, it delivers meaningful enhancements that make common workflows faster and more flexible—particularly for teams managing large repositories.

Rust Support Is Now Enabled by Default

One of the biggest architectural changes in Git 2.55 is that Rust support is now enabled by default when building Git from source.

Developers compiling Git will automatically use Rust components unless they explicitly disable them using the new NO_RUST build option. This is part of the project's long-term effort to improve memory safety and gradually replace selected components with Rust implementations where appropriate. Git 3.0 is expected to make Rust support mandatory.

For most users installing Git through their Linux distribution, this change happens behind the scenes and requires no additional configuration.

Repository Performance Gets a Boost

Git 2.55 includes several optimizations aimed at improving performance when working with large repositories.

Among the improvements are:

  • Faster bitmap generation during repository maintenance
  • More efficient multi-pack repository handling
  • Better pseudo-merge bitmap processing
  • Reduced time spent creating optimized pack files

These enhancements can dramatically reduce maintenance times for repositories containing millions of objects while also improving clone, fetch, and object traversal performance.

Developers working on large enterprise projects or open-source codebases should notice faster background maintenance and repository operations.

Config-Based Hooks Continue to Evolve

Git continues improving one of its most requested features: configuration-based hooks.

Instead of storing hook scripts only inside the .git/hooks directory for each repository, developers can now define hooks directly through Git configuration files. This makes it easier to:

  • Share hook configurations
  • Manage multiple hooks
  • Standardize development workflows
  • Reduce repository-specific setup

Git 2.55 also expands support for hook execution behavior and continues laying the groundwork for more advanced hook management in future releases.

06/23/2026   Linux Journal
Fedora Governance Changes Take Effect as Project Refines Leadership, Policy, and Contributor Oversight

A series of Fedora governance updates are now taking effect, marking another step in the project's ongoing effort to modernize decision-making processes, improve transparency, and better support Fedora's growing contributor community. The changes come as the Fedora Council and other leadership bodies continue refining how one of the Linux world's largest community-driven projects is managed.

While these updates may not be as visible as a new desktop environment or kernel release, they play a critical role in shaping Fedora's future direction, community initiatives, and long-term sustainability.

How Fedora Governance Works

Fedora's governance structure is built around several key organizations that guide different aspects of the project.

These include:

  • The Fedora Council, which oversees strategic direction
  • FESCo (Fedora Engineering Steering Committee), responsible for technical and engineering decisions
  • Mindshare, which focuses on community outreach and contributor engagement
  • Various Special Interest Groups (SIGs) and working groups that manage specific initiatives and technologies

Together, these groups help coordinate thousands of contributors spread across the globe.

Greater Focus on Strategic Planning

Recent Fedora Council discussions have emphasized long-term planning and governance modernization. One major area of focus has been defining clearer processes for evaluating and managing new initiatives through what Fedora leaders call an Innovation Lifecycle framework.

The proposed framework aims to:

  • Better evaluate experimental projects
  • Establish clearer entry and review phases
  • Define expectations for community initiatives
  • Improve oversight as projects mature

The goal is to create a more predictable path for new ideas while maintaining Fedora's culture of innovation.

Refining Contributor Representation

Another governance topic receiving significant attention involves contributor participation and voting eligibility.

Fedora leadership has been examining questions such as:

  • What defines an active contributor?
  • How should voting rights be determined?
  • How can elections remain fair while staying inclusive?
  • How should dormant accounts be handled?

These discussions stem from concerns that existing systems may not always accurately reflect current contributor activity.

While no single solution has been finalized, governance bodies are actively working toward policies that balance openness with accountability.

06/18/2026   Linux Journal
The Growth of Vulnerability Management: The Rise of Agentic AI Pentesting

Cybersecurity shifts fast. Manual penetration tests remain valuable, especially for nuanced attack paths and business-logic issues, but they are expensive, point-in-time, and difficult to run continuously. By the time a report is delivered, the environment may have already changed. Automated scanners improved coverage and frequency, but most still rely on known signatures, templated checks, and shallow validation. They can find obvious issues, but they rarely match the adaptive reasoning, chaining, and persistence of a skilled attacker.Platforms like XBOW help security teams move toward continuous validation by running AI-driven tests that mimic large-scale human attackers. This shift moves the focus from periodic assessment and reactive patching toward ongoing exposure management and earlier prevention.

From Automation to Agency

To appreciate the value of these modern platforms, it’s important to separate traditional automation from what is called “agentic” AI. Earlier AI pentesting tools mostly worked like advanced “if-then” systems, running preset scripts and looking for known patterns. While useful to automate some tasks pentesters perform, these tools lack the ability to pivot.

If a standard tool hits a non-standard login portal, it generally stops. An agent platform, however, can identify and adapt to the obstacle, reason through potential bypasses, and attempt alternative tactics.

This core differentiator is the “agent,” a specialized model capable of goal-oriented planning. These platforms employ real-time attack path analysis tools. They identify a low-severity vulnerability and assess whether it could be exploited to gain access

to a high-value asset. This approach imitates how an advanced attacker moves laterally within a system. The result is a clearer and more realistic view of the organization’s real risk compared to just listing bugs in a spreadsheet without context.

Comparing Methodologies: Strategy and Execution

When comparing platforms in this area, the industry is shifting focus from just ticking off features to demonstrating how effectively those features can be used. Modern platforms, including XBOW, focus on high-fidelity testing that avoids disrupting production environments while still proving that a vulnerability is reachable.

Three main architectural approaches have emerged as standouts:

06/16/2026   Linux Journal
Linux Kernel 7.1 Officially Released with New NTFS Driver, Intel FRED, and Major Code Cleanup

The Linux kernel development team has officially released Linux Kernel 7.1, marking the first major update in the 7.x series. Announced by Linus Torvalds on June 14, 2026, the release introduces a mix of new features, hardware improvements, filesystem enhancements, and large-scale code cleanup efforts that continue modernizing the Linux platform.

While Linux 7.1 is not a long-term support (LTS) release, it delivers several significant changes that will eventually make their way into many Linux distributions over the coming months.

A Brand-New NTFS Driver Arrives

One of the most significant additions in Linux 7.1 is a completely rewritten in-kernel NTFS filesystem driver.

The new implementation has reportedly been under development for several years and replaces older code with a modern design built around Linux’s current storage infrastructure. The driver utilizes technologies such as iomap and folios, which improve efficiency and simplify future maintenance.

Benefits include:

  • Improved NTFS write performance
  • Better handling of large files
  • More modern filesystem architecture
  • Easier future development and maintenance

For users who regularly exchange data between Linux and Windows systems, this is one of the most important improvements in the release.

Intel FRED Enabled by Default

Linux 7.1 also enables Intel Flexible Return and Event Delivery (FRED) by default on supported hardware.

FRED is a newer CPU mechanism designed to improve how processors handle interrupts and exceptions. By replacing older methods with a more streamlined approach, FRED aims to improve performance and reduce complexity in low-level CPU operations.

The feature primarily benefits newer Intel platforms, including upcoming processor generations.

Graphics Drivers Continue to Improve

Graphics support remains a major focus of kernel development, and Linux 7.1 delivers additional improvements for both Intel and AMD hardware.

Highlights include:

  • Performance enhancements for Intel Arc GPUs
  • Continued work on Intel Battlemage graphics
  • Updates for AMD Radeon hardware
  • Expanded GPU reliability monitoring infrastructure through DRM-RAS support

These updates help improve gaming, desktop performance, and workstation workloads across modern Linux systems.

Steam Deck OLED Audio Fixes Land Upstream

Linux gamers receive a welcome improvement in this release as audio support fixes for the Steam Deck OLED have finally been merged into the mainline kernel.

06/11/2026   Linux Journal
Canonical Launches ARM Laptop Certification Program to Boost Ubuntu’s Next Generation of Mobile Computing

Canonical is expanding its hardware certification efforts with a new focus on ARM-powered laptops, a move that reflects the growing momentum behind ARM architecture in the personal computing market. As ARM processors become increasingly common in laptops thanks to their impressive balance of performance, battery life, and efficiency, Canonical aims to ensure that Ubuntu users receive a seamless experience on this emerging class of hardware.

The initiative represents another step in Ubuntu’s long-standing effort to provide reliable Linux support across a wide range of devices while strengthening relationships with hardware manufacturers.

Why ARM Laptops Matter More Than Ever

For years, x86 processors from Intel and AMD dominated the laptop market. However, the landscape has changed significantly as ARM-based systems have become more powerful and capable.

Modern ARM laptops offer several advantages:

  • Longer battery life
  • Lower power consumption
  • Reduced heat output
  • Always-on connectivity capabilities
  • Competitive performance for everyday workloads

As manufacturers increasingly invest in ARM hardware, Linux distributions face growing pressure to ensure compatibility matches what users expect from traditional x86 systems. Canonical has already spent years supporting ARM across cloud, server, IoT, and embedded environments, making laptops a natural next step.

What the Certification Program Does

The new certification effort builds upon Canonical’s existing Ubuntu Certified Hardware program, which validates systems through extensive testing covering both hardware and operating system functionality. Certified devices undergo comprehensive verification to ensure Ubuntu operates correctly across critical components and daily workflows.

Testing typically includes:

  • Wireless networking
  • Audio functionality
  • Graphics performance
  • Bluetooth support
  • USB device compatibility
  • Power management
  • Suspend and resume behavior
  • Firmware integration
  • Security features such as TPM support

The goal is to eliminate the uncertainty that Linux users sometimes face when purchasing new hardware.

Creating a Better Ubuntu Experience on ARM

Historically, Linux support on ARM laptops has varied significantly between devices. Some systems work exceptionally well, while others require manual configuration, custom kernels, or vendor-specific patches.

06/09/2026   Linux Journal
Btrfs Snapshot Deletion Gets Faster as Developers Tackle One of the Filesystem’s Biggest Pain Points

The Btrfs filesystem continues to receive significant performance tuning, and one of the latest areas of focus is snapshot deletion performance. While Btrfs snapshots have long been praised for their speed, flexibility, and efficient use of storage, deleting large numbers of snapshots has historically been one of the filesystem’s most resource-intensive operations.

Recent kernel development efforts are helping address that problem by improving metadata handling, reducing lock contention, and streamlining internal cleanup processes. The result is faster snapshot removal and less disruption on systems that rely heavily on snapshots for backups, rollbacks, and system recovery.

Why Snapshot Deletion Has Been Challenging

Btrfs is a copy-on-write (CoW) filesystem that stores data and metadata in a highly interconnected structure. This design enables many advanced features, including:

  • Instant snapshots
  • Subvolumes
  • Checksumming
  • Compression
  • Efficient data sharing between snapshots

However, the same architecture that makes snapshots so efficient to create can make them more complex to remove. When a snapshot is deleted, Btrfs must determine which blocks are still referenced by other snapshots and which can be safely reclaimed. On systems with many snapshots, this process can generate significant metadata activity.

Recent Performance Improvements

Developers have been working to reduce overhead associated with Btrfs metadata operations, which directly impacts snapshot cleanup performance.

Recent kernel updates include:

  • Reduced lock contention during extent tree operations
  • More efficient extent buffer traversal
  • Improved handling of internal filesystem structures
  • Reduced contention during metadata searches
  • General transaction and cleanup optimizations

These changes help the filesystem spend less time waiting on internal locks and more time performing actual cleanup work.

Less Impact During Cleanup Operations

One common complaint among Btrfs users has been elevated I/O activity during large snapshot deletion jobs.

On systems that maintain dozens, or even hundreds, of snapshots, cleanup operations could temporarily increase:

  • Disk activity
  • CPU usage
  • I/O wait times
  • Metadata processing workloads

Recent improvements are designed to make these operations less disruptive by reducing bottlenecks inside the filesystem's metadata management code.

For users running backup servers, NAS appliances, or snapshot-heavy desktop systems, these optimizations can improve overall responsiveness while cleanup tasks run in the background.