The central voice for Linux and Open Source security news.
Open-source tools are the backbone of countless systems, from cloud-native infrastructure to enterprise-level applications. But what happens when a widely used open-source library carries hidden risks?
In the world of open-source software, transparency and trust are the bedrock of successful projects''something we admins know all too well. That's why the recent resolution between the Cloud Native Computing Foundation (CNCF) and Synadia, the company behind the popular NATS messaging system, is so significant.
With all the browser options available to Linux users, Mozilla Firefox continues to stand out in its dedication to security and privacy. Its latest release, Firefox 138 , focuses again on fortifying users' safety against mounting cyber threats.
Canonical has shaken up the Ubuntu ecosystem, announcing a major step forward ''or sideways, depending on your view''by replacing the venerable GNU Coreutils with Rust-based uutils , starting with Ubuntu 25.10. This isn't just a tweak to the operating system's innards. It's a foundational shift with implications that stretch across compatibility, security, and administration. If you're neck-deep in managing Ubuntu systems, you need to pay attention. Changes like these can ripple through your workflows, and the worst thing you can do is be caught off guard. So, let's dig in.
Update to 128.10.0 https://www.thunderbird.net/en-US/thunderbird/128.10.0esr/releasenotes/
A vulnerability has been discovered in mod_auth_openidc, an OpenID Certified authentication and authorization module for the Apache HTTP server that implements the OpenID Connect Relying Party functionality:
* bsc#1241678 Cross-References: * CVE-2024-10041
* bsc#1241678 Cross-References: * CVE-2024-10041