All the News that Matters

• Oracle Linux 8 ELSA-2026-50318 Kernel Important Security Issue
  The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

• Oracle Linux 8 libxml2 Advisory for Low Severity Patch ELSA-2026-26354
  The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

• Oracle Linux 8 xorg-x11-server-Xwayland Important Bug Fix ELSA-2026-26562
  The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

• Oracle Linux 9 Kernel Security Advisory ELSA-2026-50318 for CVEs
  The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

• Oracle Linux 8 xorg-x11-server Important Bug Fix ELSA-2026-26709
  The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

• Oracle Linux 7 - Firefox Major Security Alert - ELSA-2026-19704
  The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

• Oracle Linux 9 ELSA-2026-50318 Important Kernel Security Issues
  The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

• Oracle Linux 8 rsync Important Integer Overflow TOCTOU ELSA-2026-26408
  The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

• Oracle Linux 8 Postfix Important Buffer Over-Read Vuln ELSA-2026-25932
  The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

• Oracle Linux 8 Webkit2gtk3 Major Security Advisory ELSA-2026-25918
  The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

• AMD's Lemonade AI Server Now Much More Useful With MCP Server Integration
  The open-source Lemonade AI server for "100% free and private" AI usage across Windows and Linux in leveraging AMD Ryzen AI NPUs, Radeon GPUs, and x86_64 CPUs, is now much more powerful with today's v10.8 release...

• Firefox 153 Enters Beta Testing as the Next Extended Support Release Series
  With the release of Firefox 152 rolling out to all supported platforms, Mozilla promoted the next major release, Firefox 153, to the beta channel for public testing, so it’s time to take a look at the new features and improvements.

• Experimental, Reverse-Engineered & AI Assisted Rust Driver Targets Modern DisplayLink Hardware
  The original DisplayLink USB display adapters were great for working with an upstream, open-source driver while sadly the newer DisplayLink tech has been limited to an out-of-tree driver and proprietary user-space daemon. But posted today is an experimental "Vino" driver that is a clean-room, reverse-engineered driver for newer DisplayLink hardware...

• Ubuntu 26.10 Steps into AI with Local Speech-to-Text
  Canonical’s Project Myna brings local speech-to-text dictation to Ubuntu Desktop, starting with the 26.10 (Stonking Stingray) release.

• NVIDIA 595.84 Linux Driver Improves Support for 007 First Light and Other Games
  NVIDIA released today the production-ready NVIDIA 595.84 graphics driver for GNU/Linux, FreeBSD, and Solaris systems to address various bugs and regressions for an improved gaming experience.

• AI/LLM Patch Craziness Having An Impact On ARM64 Linux Kernel Development
  The ongoing rise in AI/LLM-generated patches hitting the mailing lists and affecting development workflows continues to impact Linux kernel development. For the ARM64 architecture updates in Linux 7.2 is an interesting anecdote over over feeling like this activity has "slowed us down a little on the feature side" and having to deal with this AI/LLM patch activity resulted in some features now being postponed from making it for this current Linux kernel development cycle...

• FreeBSD Launches AI-Assisted Project to Find and Fix Vulnerabilities
  With fresh funding from the Linux Foundation’s Alpha Omega initiative, FreeBSD is turning to AI tools and paid security staff to hunt vulnerabilities across its codebase.

• Myna Announced As Speech-To-Text Solution For The Ubuntu Desktop
  Earlier this month plans were shared publicly of Ubuntu 26.10 aiming to build a context-aware desktop with local AI features and one of the first capabilities to be integrated speech-to-text support. Now we have more details on the speech-to-text plans with Canonical announcing the Myna project...

• Fedora Is Building a Web-Based Remote Installer for Headless Systems
  Fedora is working on browser-based remote installation for Anaconda, targeting headless systems, ARM boards, and network installs.

• Qt Creator 20 IDE Released With AI Agent Support
  The Qt Creator integrated development environment focused on Qt/C++ programming is out today with Qt Creator 20 and this new version is headlined by adding AI agent support...

• Brian Johnson, Special Effects Artist Behind 'Space: 1999,' Dies At 86
  Special-effects designer Brian Johnson, known for his groundbreaking work on Space: 1999, The Empire Strikes Back, Alien, and Aliens, has died at the age of 86. Johnson began his career creating models and explosions for Gerry and Sylvia Anderson productions, later designed the iconic Eagle Transporter, and became one of science fiction cinema's most influential behind-the-scenes artists. Longtime Slashdot reader sandbagger remembers the SFX legend, writing: "The Space: 1999 Eagle is one of the great space ships of science fiction."
  
  
  Read more of this story at Slashdot.
  

• China's EV Price War Was Built On Cars Sold At a Loss
  Longtime Slashdot reader schwit1 shares a report from Autoblog: For years, the Chinese auto industry has employed a hostile price war to kneecap global competitors. Armed with massive state subsidies, cheap raw materials, and an aggressive "scale-first" business model, Chinese automakers flooded the market with electric vehicles priced so low that legacy manufacturers stood no chance to compete. How did they do it? Simple, they couldn't. They did it anyway. Reports from CarNewsChina show that Chinese automakers have been selling vehicles at a loss until a recent law passed by the Chinese government banned below-cost sales of new vehicles. During the ongoing sales slump in China caused by rolled-back subsidies and direct government intervention banning below-cost sales, the truth behind the rapid expansion of the Chinese auto industry has been exposed. "By the first quarter of 2026, China captured 32 percent of the global auto market, with its New Energy Vehicles (NEVs) controlling an incredible 61 percent of global share," the report notes. Yet that dominance has come at a steep cost: throughout 2025, "the profit margin for China's auto industry plunged to 4.4 percent and dropped further to a historic low of 3.2 percent in early 2026." "Gross profit, not net profit, per vehicle, plummeted to a mere $2,000. We can expect the net figure to be loss-making." Autoblog adds: "Data shows over 70 percent of Chinese car sales were loss-making. This left more than half of the country's auto industry in the red. Great Wall Motor (GWM) even saw net profits drop 17 percent despite steady revenue growth." China's EV price war has now hit a wall. New regulations are discouraging below-cost sales, rising material costs are forcing automakers to cut discounts and raise prices, and reduced tax incentives are weakening domestic demand. To sustain growth, manufacturers are increasingly turning to exports.
  
  
  Read more of this story at Slashdot.
  

• Tesco Moving 40,000 Server Workloads Off VMware Amid Broadcom's 'Abusive Conduct'
  An anonymous reader quotes a report from Ars Technica: Tesco, a retail conglomerate headquartered in the United Kingdom, is moving 40,000 server workloads off of VMware amid "abusive conduct" from Broadcom, recent legal filings claim. Tesco filed a lawsuit in the UK's High Court against Broadcom alleging breach of contract last year. According to a September report from The Register, the lawsuit claimed that in January 2021, Tesco bought perpetual licenses for VMware's vSphere Foundation and Cloud Foundation, a subscription to VMware Tanzu, plus support services until 2026, with the option to extend support for four additional years. But when Broadcom took over VMware in November 2023, it would not honor the deal and instead tried to get Tesco to pay "excessive and inflated prices for virtualization software for which Tesco has already paid" and would not allow it to buy support services for its perpetually licensed software without buying "duplicative subscription-based licenses for those same Software products," the initial complaint read, The Register reported at the time. Tesco, which reported 73.7 billion pounds (about $98.7 billion) in revenue in its fiscal year 2026, has since started migrating away from VMware and Broadcom's mainframe products, according to late-May court filings reported on by The Register today. In January, Broadcom stopped supporting Tesco's VMware products, Tesco said, and Tesco has been paying for third-party support since. In its initial filing, Tesco also said that Broadcom refused to upgrade software or provide all security updates to customers without subscriptions. One of Tesco's recent filings, per The Register, reads: "Faced with Broadcom's abusive conduct, and given the criticality of virtualization and mainframe software and services to its business, Tesco has been forced to incur material costs to procure alternative solutions with reduced functionality, and to migrate to that software in a manner, and on a timeframe, that creates very significant risks to its business." If it works "at exceptional pace," Tesco will be completely off VMware by the end of 2027 at the earliest. However, "the timeframe in which that migration must be undertaken has created and continues to create operational and commercial risk, and at material ongoing cost and disruption to the business," Tesco reportedly noted. Tesco is also dealing with migration challenges related to data security because its new, unnamed virtualization software is incompatible with the Veeam and Zerto products it uses. Tesco initially requested at least 100 million pounds (about $133.6 million) in damages each from Broadcom, VMware, and reseller Computacenter, plus interest. In its recent filings, Tesco said it turned down at least four offers from Broadcom to continue using VMware and Broadcom's mainframe tech. [...] The case is expected to go to court between November 1, 2027, and February 25, 2028, The Register reported. Afterward, it could go to trial. Further reading: HPE Tempts VMware Users, Partners With Year of Free Virtualization Software
  
  
  Read more of this story at Slashdot.
  

• Microsoft Working To Patch 'RoguePlanet' Zero-Day
  wiredmikey shares a report from SecurityWeek: Microsoft on Wednesday published an advisory acknowledging the public disclosure of a vulnerability in Defender that could lead to privilege escalation. The security defect, tracked as CVE-2026-50656 (CVSS score of 7.8), was dropped last week by security researcher Nightmare Eclipse (also known as Chaotic Eclipse). "We are working to provide a high-quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available," Microsoft adds. RoguePlanet, Nightmare Eclipse explained last week, targets a race condition in Microsoft Defender and allows attackers to gain System privileges. The researcher released a proof-of-concept (PoC) exploit that demonstrates local privilege escalation (LPE) on Windows 11 and Windows 10 systems with the June 2026 patches installed. [...] On Wednesday, Nightmare Eclipse pointed out that the PoC works regardless of whether Defender's real-time protection is enabled or disabled. It may even work in passive mode, the researcher said.
  
  
  Read more of this story at Slashdot.
  

• Smartphone Market To Shrink 15% This Year Due To Memory Crisis
  CCS Insight expects global smartphone shipments to fall 15% this year as AI-driven demand pushes memory manufacturers toward higher-margin server chips. "[S]ome entry-level devices have already seen their sticker prices go up by more than 50 percent since last year," reports The Register. From the report: The firm found that the primary smartphone market (meaning new devices) contracted 4.4 percent in the first quarter of this year, despite sales channels front-loading (meaning stockpiling) product inventory, as device prices begin to rise sharply. As CCS notes, this casts an ominous shadow on the outlook for the rest of the year, and it seems things have worsened since The Register first started reporting on the smartphone memory woes. Back in January, the forecast was for handset price rises of 6-8 percent, while the most pessimistic outlook was that the global market might contract as much as 5.2 percent. By February, analysts were expecting to see a decline in shipments of around 8 percent across the global market, and for prices to increase by about 14 percent. The root cause of all this is the AI craze, which has seen huge demand for high-performance GPU-filled servers to process it all. Chipmakers have moved to capitalize on this by prioritizing production of high-margin memory components for those servers, rather than making the plain old DRAM and NAND needed for PCs and phones. "The memory chip crisis shows no sign of slowing down in the near future, ramping up the pressure on manufacturers and consumers. Memory components now account for more than 30 percent of a manufacturer's bill of materials in some smartphones." said CCS research analyst Ben Hatton. "The full impact has yet to be felt in many regions, but it's clear that device prices will accelerate over the rest of the year."
  
  
  Read more of this story at Slashdot.
  

• Carvana Is Turning Dealerships Into 'Playgrounds,' Test-Drive Centers With Sales All Online
  Carvana is testing a radically different new-car dealership model in Dallas, turning the location into a test-drive center and themed "playground" while requiring every purchase to be completed through its online platform. "Every single car that we sell, whether it's used or new, is online," said Tom Taira, Carvana president of special projects who's leading the new vehicle operations. "That's a very inherent difference. Even coming into the store, you're buying it online, and that's a big difference in how people think about it." The company hopes its no-haggle pricing, hourly employees, service operations, and national logistics network can reshape franchised auto retail. CNBC reports: Through its used vehicles sales, Carvana has become the most valuable auto retailer in the U.S. with a more than $70 billion market cap. Carvana's target with the new vehicle business is to grow its market share and customer base as well as assist used vehicle sales through trade-ins and other means, according to Taira. If the company is successful, the strategy could cause a ripple effect across the U.S. franchised dealership model, which the National Automobile Dealers Association reports includes 16,990 retailers that topped $1.3 trillion in sales last year. [...] Carvana is using a location in Dallas as a test center for its foray into new vehicle sales. The facility looks like a traditional Stellantis dealership from the outside, but the consumer process for purchasing a vehicle and the responsibilities of its employees are unprecedented. Couches and chairs replace cubicles and sales offices. There are no finance and insurance departments, and instead of an army of commission-based employees, the facility has associates that are paid hourly to assist customers -- if they want the help. The experience is meant to be as self-guided as a customer wants. By scanning QR codes located on 10-foot-by-10-foot screens inside the building or on vehicles and displays outside, shoppers can customize a vehicle, learn about a product's features and conduct test drives before deciding whether to purchase anything. If they do decide to buy something, it's online and not originated from a sales person, the company said. The "playground" has roughly 50 vehicles divided by brand, with each having a theme. Jeep has an off-road display. Dodge has race tracks, including a Carvana-themed Charger pace car and part of a traditional track fence barrier. Chrysler minivans, meanwhile, have a soccer net and Ram's area is truck-centric. Carvana is not committing to expanding the exact experience to its other franchised dealer locations, but Taira told CNBC that the overall process of online sales, vehicle testing and service are expected to be consistent throughout the locations. Further reading:: Online Car Retailer Launching Nation's First Car "Vending Machine
  
  
  Read more of this story at Slashdot.
  

• Google, Microsoft, and OpenAI Back Linux Foundation's Appia AI Standards Initiative
  BrianFagioli writes: Google, Microsoft, OpenAI, Arm, Mastercard, Siemens, and other companies have joined the newly launched Appia Foundation under the Linux Foundation. The project aims to create common specifications and assessment frameworks that organizations can use to demonstrate AI systems meet emerging safety, trust, and compliance requirements. According to the Linux Foundation, the framework is designed to allow conformity evidence to be reused across the AI supply chain, potentially reducing duplicate assessments and compliance costs. The announcement comes as governments around the world move toward enforcing AI regulations and organizations face increasing pressure to prove AI systems are trustworthy. "As international standards and legal frameworks become more established, global organizations need a consistent, practical way to verify that AI systems conform to new expectations," said Jim Zemlin, CEO of the Linux Foundation. "The Appia Foundation establishes a neutrally governed environment where the entire industry can collaborate on a common assessment framework. By building this infrastructure in the open, we are helping organizations reduce complexity, lower operational costs and build trust." Craig Shank, Executive Director of the Appia Foundation, added: "AI systems now make decisions about people's loans, their children's schools and their jobs. People on the receiving end deserve to know those systems were built and assessed against criteria that hold up to scrutiny. The Appia Foundation was formed to do that work: creating publicly available specifications that organizations across the AI value chain use to demonstrate their systems meet those criteria. By establishing this open framework, we are building the accountability layer required to scale safe and trusted AI across major industries."
  
  
  Read more of this story at Slashdot.
  

• Anthropic Employees Accuse Trump Administration of Targeting Them
  Anthropic employees say they remain confused and increasingly convinced that the Trump administration is singling out the company after officials gave it less than 90 minutes to disable Fable 5 and Mythos 5 over alleged national security concerns. Cybersecurity experts, however, argue that the cited behavior of helping to identify vulnerabilities in software is also available in rival models and is more valuable to defenders than attackers. The New York Times reports: Inside the company, employees' private group chats immediately lit up. Managers were instructed to prepare customers for a potential service disruption to the models, called Fable 5 and Mythos 5. But the messaging kept changing, with workers initially being told that the security problem was the ability of foreign companies to gain access to the systems, and later that a major vulnerability had been discovered in the models. In employee chats, Anthropic engineers asked one another if the company's plan to go public this year would be harmed by the White House directive. Many shared news reports that offered conflicting information about why the White House had ordered Anthropic to suspend access to Fable 5 and Mythos 5 for all foreign nationals. "What are you telling your clients?" one employee asked in a chat viewed by The New York Times. Another said, "Does anyone know what to believe?" In another message, a worker said, "I don't understand what the issue is." Six days later, Anthropic's roughly 3,000 employees still have few answers. The San Francisco company is continuing to grapple with internal confusion as Dario Amodei, the chief executive, and some of his lieutenants meet with the Trump administration to try and resolve the situation. But after discussions on Monday and Tuesday, there was no breakthrough over ending the U.S. order to limit access to the company's new A.I. models. In a statement on Monday, Anthropic said it would continue meeting with government officials and pledged its "ongoing commitment to working alongside the administration." The dispute highlights how singular Anthropic has become in Washington. It was the second time in six months that the fast-growing A.I. start-up has become embroiled in a fight with the Trump administration over its powerful technologies, even as other A.I. companies offer similar models that have not received the same attention. And it has left Anthropic's employees in what they described as a holding pattern, with some wondering if they were being picked on by President Trump. "Are we being bullied based on bad vibes?" one employee asked in a chat viewed by The Times. Yesterday, TechCrunch's Zack Whittaker argued that the move sets a troubling precedent: the government can unilaterally disrupt American software products without court approval, potentially undermining trust in U.S. AI providers.
  
  
  Read more of this story at Slashdot.
  

• AI Will Lead To Labor Shortages, Bezos Says In Optimistic Talk
  An anonymous reader quotes a report from Reuters: Artificial Intelligence will lead to labour shortages, not the replacement of humans, Amazon founder Jeff Bezos predicted in a highly optimistic appearance at the VivaTech technology conference in Paris on Wednesday. Bezos put forward a rosy vision of how technology will help humanity, speaking about projects including his space venture Blue Origin and his new AI startup Prometheus, which is aimed at speeding up physical manufacturing. "I know there's a lot of concern that many people have, including many smart people, that AI is going to make humans redundant and so on," Bezos said. "I totally disagree with this point of view. And I think, in fact, AI is going to create a labor shortage." Half of Americans fear the rise of AI could put them or someone in their household out of work, a Reuters/Ipsos poll found this month. Bezos, the world's fourth-richest person with a net worth around $250 billion, argued that people have "endless" things to do, and are currently limited by barriers that he said AI would lower. One goal of space exploration is to move polluting industries off Earth, said Bezos, whose Blue Origin aims to compete with trillionaire Elon Musk's SpaceX in rockets. "If space travel gets reliable enough and inexpensive enough, and we can get materials from asteroids and near-Earth objects and the moon, then this garden planet can be returned to its pre-Industrial Revolution state," Bezos said.
  
  
  Read more of this story at Slashdot.
  

• Epic Games Announces Lore Open-Source Version Control System
  Epic Games has released Lore, an MIT-licensed version control system written in Rust and designed specifically for "games and entertainment purposes with large file sizes," reports Phoronix. From the report: While there is Git LFS for large file storage with Git, Epic Games has crated Lore as a version control system designed entirely around the large file needs of modern game development as well as multimedia/entertainment purposes. Lore is designed to be fast and efficient for large files including binary files, and be easy-to-use including for 3D artists and more. The Lore documentation elaborates more on its differences and motivation for development compared to Git: "No existing system was designed for the combination of constraints that large game and entertainment projects require: arbitrary content types, multi-axis scale, multi-tenant safety, and a fully open specification and license. [...] Lore is designed to combine what works in each (Git's content-addressed revision graph and centralized systems): a centralized server-of-record for durability, access control, and conflict resolution; content-addressed storage with fragment-level deduplication that is as effective on a multi-gigabyte binary as on a kilobyte of text; sparse, lazy working copies that materialize only what you need; free branching; and a fully open, publicly versioned specification and MIT license. Normal editing operations -- staging, committing, branching, diffing -- never require a network round trip." You can learn more at Lore.org. All the code is available on GitHub.
  
  
  Read more of this story at Slashdot.
  

• Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure
  By Juha Holkkola, FusionLayer Group How DHCP Changed Connectivity In the late 1990s, the DHCP (Dynamic Host Configuration Protocol) quietly catalyzed a revolution in digital connectivity. Before DHCP was introduced, connecting devices to a network involved manual entry of IP addresses, DNS servers, subnet masks, and gateways. Networks were fragile, prone to errors, and severely [0]
  
  The post Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure appeared first on Linux.com.
  

• From DHCP to SZTP – The Trust Revolution
  By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]
  
  The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.
  

• Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship
  Sustaining a Core Part of the Linux Ecosystem The Linux Foundation has announced a second year of sponsorship for the ongoing maintenance of the Linux manual pages (man-pages) project, led by Alejandro (Alex) Colomar. This critical initiative is made possible through the continued support of Google, Hudson River Trading, and Meta, who have renewed their [0]
  
  The post Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two
  In Part One of this series, we examined how the SONiC control plane and the VPP data plane form a cohesive, software-defined routing stack through the Switch Abstraction Interface.` We outlined how SONiC’s Redis-based orchestration and VPP’s user-space packet engine come together to create a high-performance, open router architecture. In this second part, we’ll turn [0]
  
  The post Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One
  The networking industry is undergoing a fundamental architectural transformation, driven by the relentless demands of cloud-scale data centers and the rise of software-defined infrastructure. At the heart of this evolution is the principle of disaggregation: the systematic unbundling of components that were once tightly integrated within proprietary, monolithic systems.` This movement began with the separation [0]
  
  The post Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One appeared first on Linux.com.
  

• Kubernetes on Bare Metal for Maximum Performance
  When teams consider deploying Kubernetes, one of the first questions that arises is: where should it run? The default answer is often the public cloud, thanks to its flexibility and ease of use. However, a growing number of organizations are revisiting the advantages of running Kubernetes directly on bare metal servers. For workloads that demand [0]
  
  The post Kubernetes on Bare Metal for Maximum Performance appeared first on Linux.com.
  

• How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM
  This article was contributed by Vedrana Vidulin, Head of Responsible AI Unit at Intellias (LinkedIn). As AI becomes central to smart devices, embedded systems, and edge computing, the ability to run language models locally — without relying on the cloud — is essential. Whether its for reducing latency, improving data privacy, or enabling offline functionality, local AI [0]
  
  The post How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM appeared first on Linux.com.
  

• Automating Compliance Management with UTMStacks Open Source SIEM 8 XDR
  Achieving and maintaining compliance with regulatory frameworks can be challenging for many organizations. Managing security controls manually often leads to excessive use of time and resources, leaving less available for strategic initiatives and business growth. Standards such as CMMC, HIPAA, PCI DSS, SOC2 and GDPR demand ongoing monitoring, detailed documentation, and rigorous evidence collection. Solutions [0]
  
  The post Automating Compliance Management with UTMStacks Open Source SIEM & XDR appeared first on Linux.com.
  

• A Simple Way to Install Talos Linux on Any Machine, with Any Provider
  Talos Linux is a specialized operating system designed for running Kubernetes. First and foremost it handles full lifecycle management for Kubernetes control-plane components. On the other hand, Talos Linux focuses on security, minimizing the user’s ability to influence the system. A distinctive feature of this OS is the near-complete absence of executables, including the absence [0]
  
  The post A Simple Way to Install Talos Linux on Any Machine, with Any Provider appeared first on Linux.com.
  

• Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces
  OpenTelemetry (fondly known as OTel) is an open-source project that provides a unified set of APIs, libraries, agents, and instrumentation to capture and export logs, metrics, and traces from applications. The project’s goal is to standardize observability across various services and applications, enabling better monitoring and troubleshooting. Read More at Causely
  
  The post Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces appeared first on Linux.com.
  

Engadget"Engadget - Technology News & Expert Reviews"

• Trump claims Apple and Intel closed deal to manufacture chips in the US
  In a Truth Social post, Trump said Apple and Intel have already finalized an agreement to manufacture chips for the former's devices stateside.

• Waymo recalls over 3,800 robotaxis that might drive onto closed freeways
  Waymo is recalling over 3,800 of its self-driving taxis due to a software issue that could cause them to enter closed freeway construction zones at speed.

• NASA is sending an orbiter to Mars with Eric Schmidt's Relativity Space
  NASA has teamed up with Eric Schmidt's Relativity Space for a 2028 Martian mission.

• Sennheiser debuts open-ear Accentum Clip earbuds with nine hours of battery life
  Sennheiser joins the open-ear earbud craze with its first clip-on design.

• VSCO's new Studio Pro app can edit 100 photos at a time
  VSCO9s new Studio Pro app can batch edit photos and match the style of a reference image.

• Midjourney, the AI image generator, is developing a full-body ultrasonic scanner
  Midjourney has announced its first hardware project, and it can do more than make cute AI pet photos.

• Tim Cook says Apple price increases are 'unavoidable' due to memory crunch
  RAMaggedon claims another one.

• The iPhone Air 2 will reportedly land next spring with a second camera
  The ultralight may become a permanent fixture in Apple's smartphone lineup.

• ChatGPT now has a hub for scheduled tasks
  TIL you can schedule prompts in ChatGPT.

• Epic Games details how it's embracing generative AI in Unreal Engine
  Epic Games is making generative AI a big part of upcoming versions of Unreal Engine.

• EU OS: A Bold Step Toward Digital Sovereignty for Europe
  Image /sites/default/files/nodeimage/story/Screenshot%202025-03-25%20at%205.36.29%20PM.png
  A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU9s unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
  What Is EU OS?
  EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France9s GendBuntu and Munich9s LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
  
  Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
  The Vision Behind EU OS
  The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
  
  Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
  
  However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE9s upcoming distribution might have aligned better with the EU9s goal of strengthening digital sovereignty.
  Conclusion
  EU OS marks a significant step towards Europe9s digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe9s public sector in the digital age.
  
  Source: It9s FOSS
  

• Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
  
  In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
  
  On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D9oh,” he joked.
  
  Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don9t urgently need the very latest version.
  
  The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
  
  Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
  
  You can download the latest kernel here.
  

• AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
  Image /sites/default/files/nodeimage/story/aerynos.png
  AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
  
  This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
  
  Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
  
  Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
  
  Source: 9to5Linux
  

• Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
  Image /sites/default/files/nodeimage/story/Screenshot%202025-03-25%20at%205.24.57%20PM.png
  Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
  
  Here’s a quick overview of what’s new in Xojo 2025r1:
  1. Linux ARM IDE Support
  Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
  2. Web Drag and Drop
  One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
  3. Direct App Store Publishing
  Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
  4. New Desktop and Mobile Features
  This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
  5. Performance and IDE Enhancements
  Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
  What Does This Mean for Developers?
  Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
  How to Get Started
  Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
  
  Download Xojo 2025r1 today at xojo.com.
  Final Thoughts
  With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
  

• New 9Mirrored9 Network Mode Introduced in Windows Subsystem for Linux
  
  Microsoft9s Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
  
  Key additions include "Automatic memory reclaim" which dynamically optimizes WSL9s memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
  
  Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 
  
  Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
  
  Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
  
  Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
  
  By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft9s commitment to WSL as a key part of the Windows ecosystem.
  

• Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
  
  The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 
  
  As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca9s activities overlap with another Chinese threat cluster known as RedHotel.
  
  In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 
  
  After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
  
  The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
  
  At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
  
  The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
  

• Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
  
  The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what9s to come.
  
  A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there9s little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
  
  This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers9 time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 
  
  The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust9s benefits likely outweigh any transition costs.
  
  On the distro front, Red Hat9s decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
  
  In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
  

• Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
  
  Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet9s mode handling and the renaming of the new GenPD subsystem to pmdomain.
  
  The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
  
  Here is what Linus Torvalds had to say in today9s announcement:
  Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it9sexactly 32 years to the day since the 0.01 release. And that9s a roundnumber if you are a computer person.Because other than the random date, I don9t see anything that reallystands out here. We9ve got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there9s no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn9t exactly theusual pattern, but it9s also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what9s been going on.

• Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
  
  Want to interact with ChatGPT from your Linux desktop without using a web browser?
  
  Bavarder, a new app, allows you to do just that.
  
  Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
  
  With an incredibly user-friendly interface, you won9t require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
  
  During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that9s free and doesn9t require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
  
  At present, there9s no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
  
  As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it9s relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
  
  Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it9s worth exploring.
  

• LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
  
  Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
  
  Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
  
  LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
  
  You can download LibreOffice 7.5.3 directly from the LibreOffice website��or from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
  
  All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
  
  In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
  
  Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
  
  The Document Foundation once again emphasizes that the LibreOffice office suite9s "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.