Anonymous
2025-08-15 09:51
2025-08-15 09:51
Product
Last Report
Anonymous
2024-07-07 07:01
2024-07-07 07:01
Anonymous
2024-02-07 19:23
2024-02-07 19:23
Anonymous
2026-05-02 06:47
2026-05-02 06:47
Anonymous
2026-04-12 07:56
2026-04-12 07:56
Ralf
2026-03-04 15:08
2026-03-04 15:08
Anonymous
2019-11-27 17:19
2019-11-27 17:19
Anonymous
2019-11-11 09:02
2019-11-11 09:02
Anonymous
2019-07-21 13:03
2019-07-21 13:03
2026-05-24
Roundcube Webmail just pushed security patches to both its LTS and stable branches, closing a messy list of flaws that could let attackers inject code or hijack sessions before anyone even logs in. The update specifically targets pre-auth SQL injection, session poisoning bypasses, LDAP code execution risks, and several network and CSS sanitization loopholes that automated scanners love to exploit. Server admins should back up their current files and database, extract the new release over the existing install while preserving custom configs, then run the built-in migration script and clear the cache to avoid interface glitches. Skipping third-party hosting panels during this process keeps custom settings intact and prevents a half-patched setup from breaking mid-week.
This week’s security roundup delivers critical patches across every major Linux distribution, with Nginx, Ruby, OpenSSH, and the core kernel taking the hardest hits. Several advisories flag unauthenticated remote code execution flaws in management interfaces like Cockpit, alongside privilege escalation risks in bind and rsync that could hand attackers full system control without a password. Desktop users running Ubuntu or Slackware also need to grab updates for Firefox, Thunderbird, and specialized cloud kernels before those vulnerabilities get weaponized by automated scanners. Administrators should run their standard package manager commands immediately, schedule a quick reboot if the kernel changed, and verify critical services afterward to catch any unexpected regressions.
"AM" AppImage Manager 10.2.1 clarifies update summaries by separating actual version bumps from simple checksum changes. Mistyped package names now trigger a smart suggestion prompt that uses fuzzy matching to auto-correct before installation. Users can safely restore default desktop launchers with the new reinstall --launcher flag, which backs up custom edits instead of blindly overwriting them. The release also rolls out expanded language support and patches several background bugs for more reliable portable app management.
The Liquorix Linux Kernel 7.0-11 builds on the stable 7.0.10 base to deliver tighter scheduler tuning and real-time patches aimed at audio production and gaming performance. Desktop users will notice fewer buffer underruns during recording sessions and more consistent frame delivery because the kernel prioritizes foreground tasks over background noise. Installing it on Debian or Arch systems is as simple as running a single curl script, though proprietary drivers like Nvidia may still need manual recompilation after rebooting. Testing the update in a safe environment first keeps things from breaking when hardware quirks inevitably show up.
XanMod just dropped kernels 7.0.10 and 6.18.33 LTS to give Debian and Ubuntu systems a noticeable performance bump without requiring manual patching. The builds ship with LLVM ThinLTO, Google multigenerational LRU, BBRv3 networking, and an AMD 3D V-Cache driver that handles modern hardware quirks better than stock options. Installing them through the official APT repository is straightforward, but users should keep a fallback boot entry handy since proprietary drivers like NVIDIA or VirtualBox often break until maintainers catch up. Heavy workloads and sustained multitasking run noticeably smoother, though casual desktop users might find the extra tuning unnecessary compared to standard kernel stability.
openSUSE has released two distinct security updates for its Linux distributions. The first patch tackles a critical chromium issue by resolving ninety-five vulnerabilities and one bug on openSUSE Leap 16.0. A second moderate update addresses a single flaw within the python311-impacket package for openSUSE Tumbleweed users. System administrators can deploy these fixes quickly using standard installation utilities like YaST or zypper commands.
openSUSE-SU-2026:20775-1: critical: Security update for chromium
openSUSE-SU-2026:10837-1: moderate: python311-impacket-0.13.1-1.1 on GA media
openSUSE-SU-2026:20775-1: critical: Security update for chromium
openSUSE-SU-2026:10837-1: moderate: python311-impacket-0.13.1-1.1 on GA media
Rocky Linux 8 just released three important security patches for the main kernel, real-time kernel, and Firefox browser. Teams can check the CVSS severity ratings attached to each vulnerability to figure out which systems need immediate attention. The official errata pages link straight to detailed CVE reports so engineers can review the exact technical flaws before rolling anything out.
RLSA-2026:19664: Important: kernel-rt security update
RLSA-2026:19588: Important: firefox security update
RLSA-2026:19666: Important: kernel security update
RLSA-2026:19664: Important: kernel-rt security update
RLSA-2026:19588: Important: firefox security update
RLSA-2026:19666: Important: kernel security update
Fedora 42 and 43 just received a major wave of security patches covering dozens of essential packages like the Apache web server, Docker build tools, .NET runtimes, and the Linux kernel. These updates tackle serious vulnerabilities including command injection flaws, buffer overflows, and weak certificate validation that could allow attackers to execute arbitrary code or steal sensitive data.
Fedora 42 Update: evince-48.1-2.fc42
Fedora 43 Update: python-requests-2.33.1-1.fc43
Fedora 43 Update: python-pulp-glue-0.37.0-5.fc43
Fedora 43 Update: httpd-2.4.67-1.fc43
Fedora 42 Update: dotnet8.0-8.0.127-1.fc42
Fedora 42 Update: kernel-6.19.14-108.fc42
Fedora 42 Update: dotnet9.0-9.0.117-1.fc42
Fedora 42 Update: dotnet10.0-10.0.108-1.fc42
Fedora 42 Update: docker-buildkit-0.30.0-1.fc42
Fedora 42 Update: docker-buildx-0.34.0-1.fc42
Fedora 42 Update: python3.15-3.15.0~b1-1.fc42
Fedora 42 Update: nss-3.123.1-1.fc42
Fedora 42 Update: firefox-151.0-2.fc42
Fedora 43 Update: dotnet8.0-8.0.127-1.fc43
Fedora 43 Update: perl-Apache-Session-Browseable-1.3.19-1.fc43
Fedora 43 Update: dotnet10.0-10.0.108-1.fc43
Fedora 43 Update: dotnet9.0-9.0.117-1.fc43
Fedora 43 Update: docker-buildkit-0.30.0-1.fc43
Fedora 43 Update: docker-buildx-0.34.0-1.fc43
Fedora 43 Update: python3.15-3.15.0~b1-1.fc43
Fedora 43 Update: pie-1.4.4-1.fc43
Fedora 43 Update: composer-2.9.8-1.fc43
Fedora 42 Update: evince-48.1-2.fc42
Fedora 43 Update: python-requests-2.33.1-1.fc43
Fedora 43 Update: python-pulp-glue-0.37.0-5.fc43
Fedora 43 Update: httpd-2.4.67-1.fc43
Fedora 42 Update: dotnet8.0-8.0.127-1.fc42
Fedora 42 Update: kernel-6.19.14-108.fc42
Fedora 42 Update: dotnet9.0-9.0.117-1.fc42
Fedora 42 Update: dotnet10.0-10.0.108-1.fc42
Fedora 42 Update: docker-buildkit-0.30.0-1.fc42
Fedora 42 Update: docker-buildx-0.34.0-1.fc42
Fedora 42 Update: python3.15-3.15.0~b1-1.fc42
Fedora 42 Update: nss-3.123.1-1.fc42
Fedora 42 Update: firefox-151.0-2.fc42
Fedora 43 Update: dotnet8.0-8.0.127-1.fc43
Fedora 43 Update: perl-Apache-Session-Browseable-1.3.19-1.fc43
Fedora 43 Update: dotnet10.0-10.0.108-1.fc43
Fedora 43 Update: dotnet9.0-9.0.117-1.fc43
Fedora 43 Update: docker-buildkit-0.30.0-1.fc43
Fedora 43 Update: docker-buildx-0.34.0-1.fc43
Fedora 43 Update: python3.15-3.15.0~b1-1.fc43
Fedora 43 Update: pie-1.4.4-1.fc43
Fedora 43 Update: composer-2.9.8-1.fc43
Evince users need to install a quick security patch that closes a command injection hole triggered by specially crafted PDF documents. The linux package also received a major update to address several kernel flaws capable of causing privilege escalation, service disruptions, or data exposure. Debian fixed these issues in version 6.12.90 for the trixie release while simultaneously resolving a separate Bluetooth regression tied to MediaTek chips. You should prioritize installing both updates right away since leaving them unpatched leaves your systems wide open to serious threats.
ELA-1731-1 evince security update
[DSA 6295-1] linux security update
ELA-1731-1 evince security update
[DSA 6295-1] linux security update
2026-05-23
A new preview release of Manjaro Linux 26.1 has been released. Manjaro 26.1 updates its core desktop environments to GNOME 50, Plasma 6.6, and Xfce 4.20 while shifting the default kernel to version 7.0. The release finally fixes fractional screen scaling on high-density monitors and introduces hardware-accelerated remote desktop streaming that drastically cuts CPU usage during screen sharing. KDE users benefit from automatic day-night theming, new accessibility filters, text extraction in Spectacle, and a cleaner installer that separates disk partitioning from account creation. Xfce rounds out the preview with pixel-based panel resizing, custom file highlighting, and floating panels, though testers should expect minor package conflicts typical of early builds.
The latest Linux stable kernel updates harden the networking stack by fixing shared fragment marker leaks that could enable memory corruption via ESP decryption and correcting SMB AES-256 key derivation for Kerberos authentication. Graphics drivers receive targeted patches to prevent infinite loops in V3D, resolve VRAM eviction issues on Intel hardware, fix return value leaks in Panfrost, and clean up I2C adapter reference counting on legacy GMA500 systems. Virtualization and security routines get tightened with bounds checking for KVM dirty ring tracking and AMD IOMMU device lookups, alongside a correction to audit logging that was misreporting capability sets. Core kernel improvements include reverting aggressive scheduler preemption logic, fixing BPF verifier register tracking for 32-bit operations, and resolving workqueue allocation leaks during failed unbound queue setups.
Linux Kernel 7.0.10 finally patches the memory accounting bugs that quietly chew through VRAM and network buffers until your system decides to panic mid-render or drop a high-speed connection. The networking stack gets cleaned up so RDS and ksmbd stop leaking file handles and spilling uninitialized stack data into user space, which usually means fewer surprise reboots after running containers all day. Graphics drivers for Intel and AMD now handle buffer allocation failures without freezing your desktop, while Btrfs and Ceph get corrected byte tracking that stops false storage full errors from locking up your drives. Skip the bloatware updates and grab this release if you actually run virtual machines or juggle multiple GPUs, since it targets the exact race conditions that make custom Linux setups feel unstable.
Today's roundup covers several new hardware reviews ranging from custom PC cases to smart home cameras. The GAMDIAS Atlas P6 CG offers a distinctive dual chamber design that looks great but may need an additional liquid cooler to keep temperatures low under heavy loads. Enthusiasts looking for premium thermal performance will find the be quiet! Dark Rock Pro 6 and Lian Li HydroShift II OLED Curved 360P to be excellent choices, with the latter standing out thanks to its large curved display and motorized adjustments. Meanwhile the Acer Nitro 65 delivers solid gaming speeds despite missing some productivity features, and Aqara brings a Matter certified smart camera that supports multiple voice assistants alongside Apple Home.
Casing: GAMDIAS Atlas P6 CG Dual Chamber Mid-Tower Chassis Review
Computers: Acer Nitro 65 review: Solid gaming performance, but skimping on some features
Cooling: BeQuiet Dark Rock Pro 6 CPU Cooler Review, Lian Li HydroShift II OLED Curved 360P Review
Video: Aqara Camera Hub G350 Review: 4K Recording, Dual Lenses, Pan-and-Tilt Tracking, and AI Subject Detection
The Godot Foundation finally replaced the clunky Asset Library with a proper Asset Store that ties directly into existing developer accounts. Publishers now get built-in version tracking, changelogs, custom tags, and user ratings instead of relying on broken external links and separate logins. The old library stays online in read-only mode for legacy editor versions but is officially deprecated to cut years of maintenance headaches. Future updates will roll out full commerce features, streamlined donation tools for popular open-source plugins, and a cleaner way to host official extensions.
Liquorix Linux Kernel 7.0-10 drops with a targeted patch that fixes a network stack bug causing dropped packets when zerocopy memory operations fail. The build keeps its usual focus on tight frame pacing and stable audio buffers, making it a solid choice for desktop users who hate background stutter. Installing it takes just one curl command to pull the package into Debian, Ubuntu, or Arch systems, though keeping a fallback kernel around remains essential. Skip this update if your workflow depends on aggressive power saving, but grab it when you need a snappier desktop experience without the usual scheduler interference.
VS Codium 1.121 lands as a maintenance release that finally squashes persistent AppImage and MSI packaging bugs while keeping the editor completely telemetry-free. The update strips out the onboarding wizard and disables AI coauthor by default, which trims startup overhead and aligns with the project's privacy-first approach. Linux users will notice fewer runtime warnings during execution, while Windows installers now handle updates more reliably without throwing permission errors. Grabbing the new version from the official releases page gives developers a cleaner, more stable coding environment without unnecessary cloud hooks or bloat.
Bazaar 0.8.1 finally patches that frustrating bug where installed updates refused to appear in the interface. The release smooths out several visual glitches by fixing large SVG rendering, tightening loading states, and hiding empty data graphs. Users get a practical cancel button for downloads alongside better error handling to prevent leftover files from breaking future installations. Translation refreshes and backend tooling updates keep the focus strictly on reliable Flatpak management without adding unnecessary bloat.
Ubuntu released a batch of security notices that address critical vulnerabilities across multiple Linux kernel variants and several user space applications. These patches cover cloud-specific kernels for Azure, Google Cloud, and Oracle alongside FIPS-compliant and low latency variants across Ubuntu releases from 18.04 through 26.04. Exploits in the cryptographic subsystems and network drivers could let attackers escalate privileges or break out of containers, while distinct bugs in Evince and node-path-to-regexp open doors for arbitrary code execution and denial of service attacks.
[USN-8296-1] Linux kernel (FIPS) vulnerabilities
[USN-8277-2] Linux kernel (Oracle) vulnerabilities
[USN-8291-2] Linux kernel (Low Latency) vulnerabilities
[USN-8295-1] Evince vulnerability
[USN-8290-1] Path-to-Regexp vulnerability
[USN-8279-2] Linux kernel (GCP) vulnerabilities
[USN-8281-2] Linux kernel (Azure) vulnerabilities
[USN-8297-1] Linux kernel (GCP) vulnerabilities
[USN-8280-2] Linux kernel (Azure)vulnerabilities
[USN-8296-1] Linux kernel (FIPS) vulnerabilities
[USN-8277-2] Linux kernel (Oracle) vulnerabilities
[USN-8291-2] Linux kernel (Low Latency) vulnerabilities
[USN-8295-1] Evince vulnerability
[USN-8290-1] Path-to-Regexp vulnerability
[USN-8279-2] Linux kernel (GCP) vulnerabilities
[USN-8281-2] Linux kernel (Azure) vulnerabilities
[USN-8297-1] Linux kernel (GCP) vulnerabilities
[USN-8280-2] Linux kernel (Azure)vulnerabilities
SUSE has released multiple security updates across its Linux distributions to patch critical flaws in several popular applications. The highest priority fix addresses sixteen vulnerabilities in Chromium, including memory corruption issues and weak policy enforcement that could lead to unauthorized access. You should also install important patches for Cockpit to prevent remote command execution, while Rekor and Rootlesskit receive necessary rebuilds tied to recent Go security improvements. Finally, openSUSE Tumbleweed users can apply moderate updates to harden PostgreSQL components and the Oracle Cloud Infrastructure CLI against various exploits.
openSUSE-SU-2026:0175-1: critical: Security update for chromium
SUSE-SU-2026:2043-1: important: Security update for rekor
SUSE-SU-2026:2044-1: important: Security update for rootlesskit
openSUSE-SU-2026:10828-1: moderate: libecpg6-18.4-1.1 on GA media
openSUSE-SU-2026:10827-1: moderate: oci-cli-3.83.0-1.1 on GA media
openSUSE-SU-2026:0176-1: important: Security update for cockpit
openSUSE-SU-2026:0175-1: critical: Security update for chromium
SUSE-SU-2026:2043-1: important: Security update for rekor
SUSE-SU-2026:2044-1: important: Security update for rootlesskit
openSUSE-SU-2026:10828-1: moderate: libecpg6-18.4-1.1 on GA media
openSUSE-SU-2026:10827-1: moderate: oci-cli-3.83.0-1.1 on GA media
openSUSE-SU-2026:0176-1: important: Security update for cockpit
Oracle Linux recently published a wave of security advisories covering versions seven through ten, with the Unbreakable Enterprise Kernel getting the heaviest attention across x86_64 and aarch64 systems. These kernel releases patch dozens of serious flaws ranging from ptrace handling and cryptographic routines to network scheduling and KVM virtualization quirks. Beyond the core kernels, the update cycle also tackles race conditions in Kerberos libraries, rust-openssl vulnerabilities in automation managers, and buffer overflow risks in multimedia and image processing tools. Every affected package has been pushed to the Unbreakable Linux Network for straightforward deployment by system administrators.
ELSA-2026-50279 Important: Unbreakable Enterprise kernel security update
ELBA-2026-9321 Oracle Linux 10 krb5 bug fix and enhancement update
ELSA-2026-50280 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
OLAMSA-2026-0012 Critical: Oracle Linux 8 ol-automation-manager security update
ELSA-2026-50280 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
OLAMSA-2026-0013 Critical: Oracle Linux 9 ol-automation-manager security update
ELSA-2026-50279 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
ELSA-2026-50280 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
ELSA-2026-50281 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
ELSA-2026-19559 Important: Oracle Linux 8 libsndfile security update
ELSA-2026-50281 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
ELSA-2026-50281 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
ELSA-2026-12114 Important: Oracle Linux 7 gdk-pixbuf2 security update
ELSA-2026-50279 Important: Unbreakable Enterprise kernel security update
ELBA-2026-9321 Oracle Linux 10 krb5 bug fix and enhancement update
ELSA-2026-50280 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
OLAMSA-2026-0012 Critical: Oracle Linux 8 ol-automation-manager security update
ELSA-2026-50280 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
OLAMSA-2026-0013 Critical: Oracle Linux 9 ol-automation-manager security update
ELSA-2026-50279 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
ELSA-2026-50280 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
ELSA-2026-50281 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
ELSA-2026-19559 Important: Oracle Linux 8 libsndfile security update
ELSA-2026-50281 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
ELSA-2026-50281 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
ELSA-2026-12114 Important: Oracle Linux 7 gdk-pixbuf2 security update
New security updates have been released for Fedora Linux 44 for numerous vulnerabilities across widely used software packages. The updates covers critical fixes for Chromium, multiple .NET runtime versions, Docker build tools, Python 3.15 beta, and PHP utilities like Composer and PIE.
Fedora 44 Update: chromium-148.0.7778.178-1.fc44
Fedora 44 Update: dotnet8.0-8.0.127-1.fc44
Fedora 44 Update: perl-Apache-Session-Browseable-1.3.19-1.fc44
Fedora 44 Update: dotnet10.0-10.0.108-1.fc44
Fedora 44 Update: dotnet9.0-9.0.117-1.fc44
Fedora 44 Update: docker-buildkit-0.30.0-1.fc44
Fedora 44 Update: docker-buildx-0.34.0-1.fc44
Fedora 44 Update: python3.15-3.15.0~b1-1.fc44
Fedora 44 Update: pie-1.4.4-1.fc44
Fedora 44 Update: composer-2.9.8-1.fc44
Fedora 44 Update: chromium-148.0.7778.178-1.fc44
Fedora 44 Update: dotnet8.0-8.0.127-1.fc44
Fedora 44 Update: perl-Apache-Session-Browseable-1.3.19-1.fc44
Fedora 44 Update: dotnet10.0-10.0.108-1.fc44
Fedora 44 Update: dotnet9.0-9.0.117-1.fc44
Fedora 44 Update: docker-buildkit-0.30.0-1.fc44
Fedora 44 Update: docker-buildx-0.34.0-1.fc44
Fedora 44 Update: python3.15-3.15.0~b1-1.fc44
Fedora 44 Update: pie-1.4.4-1.fc44
Fedora 44 Update: composer-2.9.8-1.fc44
Debian issued a series of security advisories to patch critical flaws across several widely used software packages. The updates address vulnerabilities in Thunderbird, GnuTLS, libgcrypt20, Atril, Kerberos, haveged, Evince, and HAProxy that could allow attackers to execute arbitrary code or bypass authentication controls. Additional risks include denial of service conditions, local privilege escalation, and HTTP request smuggling caused by improperly validated network inputs. System administrators should upgrade these packages immediately to close the identified security gaps across Debian stable distributions.
[DLA 4594-1] thunderbird security update
[DLA 4595-1] gnutls28 security update
[DSA 6294-1] libgcrypt20 security update
[DLA 4597-1] atril security update
[DSA 6293-1] krb5 security update
[DSA 6292-1] haveged security update
[DLA 4596-1] evince security update
[DSA 6291-1] haproxy security update
[DLA 4594-1] thunderbird security update
[DLA 4595-1] gnutls28 security update
[DSA 6294-1] libgcrypt20 security update
[DLA 4597-1] atril security update
[DSA 6293-1] krb5 security update
[DSA 6292-1] haveged security update
[DLA 4596-1] evince security update
[DSA 6291-1] haproxy security update
[ Archive ]
