2+ day, 10+ hour ago  (407+ words) IBM and Red Hat announce Project Lightwell, a $5 billion effort to secure open-source software supply chains with AI-assisted engineering. IBM and Red Hat have announced Project Lightwell, a $5 billion initiative designed to secure open-source software used across enterprise infrastructure, cloud…...

2+ day, 1+ hour ago  (692+ words) The flaw affects the boundary between the Linux CIFS client and cifs-utils, allowing local root access on some systems. A newly disclosed Linux local privilege escalation vulnerability, CIFSwitch, allows an unprivileged local user to gain root access on certain systems…...

4+ day, 9+ hour ago  (378+ words) California's AB 1856 amendment adds an open-source carve-out to OS-level age verification rules, likely excluding most Linux distributions. California lawmakers have amended AB 1856 to exclude Linux distributions and other open-source software projects from the state's OS-level age verification rules. The latest…...

1+ week, 5+ day ago  (433+ words) Diet Pi 10. 4 adds kernel security fixes for Copy Fail and Dirty Frag, plus a new Orange Pi 5 B image and SBC package updates. Diet Pi, a lightweight, performance-focused Debian-based Linux distro for SBCs (such as Raspberry Pi) and server systems…...

1+ week, 5+ day ago  (496+ words) Mozilla Firefox 151 adds PDF merging, local profile backups on Linux and mac OS, stronger privacy protections, and Web Serial API support. Mozilla has released Firefox 151, the latest update to its popular open-source web browser, with the ability to merge multiple…...

1+ week, 5+ day ago  (478+ words) Module Jail is a new project that blacklists unused Linux kernel modules, helping reduce the attack surface exposed by recent local privilege escalation flaws. After three critical Linux kernel vulnerabilities, Copy Fail, Dirty Frag, and Fragnesia, were reported in just…...

1+ week, 5+ day ago  (292+ words) improving client access control for self-hosted Wire Guard VPN setups. Wire Guard Easy, a web-based tool for deploying and managing a self-hosted Wire Guard VPN server, has just released version 15. 3. The main change is the new client firewall filtering feature....

1+ week, 6+ day ago  (171+ words) APT 3. 3. 1 package manager is now in Debian unstable, bringing small maintenance fixes for solver3, dirstream handling, and authentication config warnings. APT 3. 3. 1 package manager has been introduced in Debian unstable as a minor maintenance update, addressing resolver behavior, internal code corrections, and…...

2+ week, 3+ hour ago  (483+ words) Linus Torvalds has merged new Linux kernel docs clarifying what counts as a security bug and how reports should be triaged. Linus Torvalds has merged new Linux kernel documentation that clarifies how security-related bugs should be reported, triaged, and handled,…...

2+ week, 9+ hour ago  (394+ words) Debian 13 "Trixie" receives its fifth refresh (13. 5), featuring 144 bug fixes and 103 security updates. Here's more on that. The Debian Project has announced Debian 13. 5, the fifth point release in the Debian 13 "Trixie" series, consolidating corrections for security vulnerabilities and serious functional issues…...