Instructionals/Technical posts

little of the latter

Server centric uses

The open-source community is looking for a way out of the wave of new laws requiring operating systems to collect users’ ages

A six-year-old security flaw in the Linux kernel can let an unprivileged user read root-owned files. The flaw was reported by Qualys and patched on May 14th, 2026.

about a dozen new picks

Debian 13.5 is out today as the newest point release to Debian Trixie for incorporating all of the latest security fixes affecting the Linux kernel and dozens of user-space packages...

The blog It's FOSS has an update on the Fedora AI Developer Desktop Initiative, a proposed platform for AI/machine learning workloads on Fedora. It's now been blocked "after two Fedora Council members retracted their earlier approval votes." The initiative was proposed by Red Hat engineer Gordon Messmer, aiming to deliver an Atomic Desktop with accelerated AI workload support, covering developer tools, hardware enablement, and building a community around AI on Fedora... At the May 6 council meeting, the members unanimously voted to approve this new initiative. After which a short, lazy consensus window was left open until May 8 to accommodate absent members, after which the decision was to be ratified. But that last bit never happened, as council member Justin Wheeler (Jflory7) was the first person to change their vote to -1... ["While I strongly support leveraging AI to establish Fedora as a leading platform, completely rearchitecting our kernel strategy is a massive structural shift. It requires explicit alignment with our legal and engineering stakeholders before we commit the project to this path."] Following that, fellow council member Miro HronÄok (churchyard) put in his -1, saying that he had originally assumed the proposal was purely additive and therefore uncontroversial. But seeing the community's response, he realized that he was mistaken about that. As an elected representative, he felt the need to reflect on this major proposal before signing it off. Over 180 replies have piled up in the proposal's discussion thread, with many well-known Fedora contributors pushing back on things like kernel policy, proprietary software, and project identity. Hans de Goede from the packaging team called out the proposal's emphasis on CUDA support as going against Fedora's foundational commitment to free software, arguing that open alternatives like AMD's ROCm and Intel's oneAPI should be the focus instead.

Read more of this story at Slashdot.

GNOME news roundups

Debian 13.5 is now available for download as a new point release to Debian 13 “Trixie” with 144 bug fixes and 103 security updates.

It seems that Valve isn't done expanding their open-source Linux graphics driver team and securing top talent for enhancing the Linux GPU drivers for a better gaming experience. One of the foremost leading Mesa developers has left AMD to join Valve...

The Linux 7.1 kernel has added new documentation clarifying what qualifies as a security bug and how AI-assisted vulnerability reports should be handled. Phoronix reports: Stemming from the recent influx of security bugs to the Linux kernel as well as an uptick in bug and security reports from discoveries made in full or in part with AI, additional documentation was warranted. Longtime Linux developer Willy Tarreau took to authoring the additional documentation around kernel bugs. To summarize (since the documentation is a bit too lengthy for a Slashdot story), the AI-assisted vulnerability reports should "be treated as public" because such findings "systematically surface simultaneously across multiple researchers, often on the same day." It adds that reporters should avoid posting a reproducer openly, instead "just mention that one is available" and provide it privately if maintainers request it. The guidance also tells AI-assisted reporters to keep submissions concise and plain-text, focus on verifiable impact rather than speculative consequences, include a thoroughly tested reproducer, and, where possible, propose and test a fix. As for what qualifies as a security bug, the documentation says the private security list is for "urgent bugs that grant an attacker a capability they are not supposed to have on a correctly configured production system" and are easy to exploit, creating an imminent threat to many users. Reporters are told to consider whether the issue "actually crosses a trust boundary," since many bugs submitted privately are really ordinary defects that belong in the normal public reporting process. All the new documentation can be read via this commit.

Read more of this story at Slashdot.

Ahead of the Linux 7.1-rc4 kernel test release due out on Sunday, a new round of x86 platform driver fixes were submitted for the week...

This week marked the release of the KDE Plasma 6.7 beta and even so there were some last-minute features being squeezed into this popular Linux desktop option. Plasma's built-in remote desktop server enhancements and improved Plasma notification effects are among the changes topping out this week...

A few days ago the widely-used SDL library added support for the new Steam Controller without depending upon the Steam client. Now another improvement for the new Steam Controller has been merged to this widely-used library for cross-platform games/apps with software/hardware abstractions...

misc. leftovers

Linux was the Wild West of computing in the late 1990s and early 2000s

Are you switching over from Windows to Linux

The KDE Project will receive over €1 million EUR (~ $1,5 million USD) from The Sovereign Tech Fund to continue and improve software development for KDE Plasma, KDE Linux, and KDE apps.

A step-by-step and easy-to-follow tutorial (with screenshots) on how to upgrade your Ubuntu 25.10 (Questing Quokka) installations to Ubuntu 26.04 LTS (Resolute Raccoon).