Open-source News

Bring Back That Aged Scanner, In Your Browser  Hackaday

Exploit released for new PinTheft Arch Linux root escalation flaw  BleepingComputer

That didn't take long. Mere days after Dell and Lenovo began sponsoring the Linux Vendor Firmware Service (LVFS) as premiere sponsors in contributing $100k+ annually to this open-source firmware updating initiative, HP is also now a premiere sponsor...

HP Now Sponsoring The Linux Vendor Firmware Service / Fwupd  Phoronix

FFmpeg already supports CPU-based decoding for Samsung's APV as the Advanced Professional Video Codec. FFmpeg also has APV encode support too while now an interesting addition was merged this week: Vulkan-based acceleration for APV...

Intel software engineers today rolled out the llm-scaler-vllm PV v1.4 as the Docker build of their latest software stack for those wishing to run vLLM in a pre-configured, performant setup on their Arc (Pro) Graphics hardware...

Intel llm-scaler-vllm PV 1.4 Released With Updated Components, Arc Pro B70 Support  Phoronix

Intel llm-scaler-vllm PV 1.4 Released With Updated Components, Arc Pro B70 Support  Phoronix

Pardus Linux Vulnerability Allows Silent Local Root Privilege Escalation  cyberpress.org

Valkey 9.1 released on Tuesday as the latest version of this popular fork of the Redis in-memory, key-value database...

HP Is the Latest to Sponsor the Linux Vendor Firmware Service (LVFS)  9to5Linux

Pardus Linux Vulnerability Lets Local Attackers Gain Silent Root Access  gbhackers.com

PoC Exploit Published for DirtyDecrypt Linux Kernel Flaw  cyberpress.org

DirtyDecrypt: PoC Released for yet another Linux flaw  Security Affairs

D7VK 1.10 brings even more 2D upgrades for retro Direct3D games on Linux  GamingOnLinux

PoC Exploit Released for DirtyDecrypt Linux Kernel Vulnerability  gbhackers.com

azure-linux  Thurrott.com

Deepin's security problems just cost it another major Linux distro  XDA

The GTK-based GUI version of the Vim text editor, gVim, now has support in place for the modern GTK4 toolkit as an alternative to its long present GTK2/GTK3 support...

Consider a medical device running Linux in a hospital. It processes patient data, adjusts dosing, and reports to clinical systems. Or an ATM on a street corner, processing transactions around the clock. Or a gateway device at the edge of a manufacturing network, relaying sensor data from the factory floor. The operating system (OS) on each of these was verified when it was installed. But is every binary and library still exactly what was built? If you would demand that guarantee for a device in an operating room or on a factory floor, why not expect the same from the servers running your busin