[$] LWN.net Weekly Edition for October 9, 2025
Inside this week’s LWN.net Weekly Edition:

• Front: Kernel Rust features; systemd v258, part 2; Cauldron kernel hackers; BPF for GNU tools; 6.18 merge window, part 1; Lifetime-end pointer zapping; Robot Operating System.

• Briefs: OpenSSH 10.1; Firefox profiles; Python 3.14; U-Boot v2025.10; FSF presidency; Quotes; …

• Announcements: Newsletters, conferences, security upda … ⌘ Read more

Better profile management coming to Firefox
Firefox has long had support for multiple profiles
to store personal information such as bookmarks, passwords, and user
preferences. However, Firefox did not make profiles particularly
discoverable or easy to manage. That is about to change; Mozilla has
announced
that it is launching a profile management feature that will make it
easier to … ⌘ Read more

Security updates for Wednesday
Security updates have been issued by Fedora (apptainer, civetweb, mod_http2, openssl, pandoc, and pandoc-cli), Oracle (kernel), Red Hat (gstreamer1-plugins-bad-free, iputils, kernel, open-vm-tools, and podman), SUSE (cairo, firefox, ghostscript, gimp, gstreamer-plugins-rs, libxslt, logback, openssl-1_0_0, openssl-1_1, python-xmltodict, and rubygem-puma), and Ubuntu (gst-plugins-base1.0, linux-aws-6.8, linux-aws-fips, linux-azure, linux-azure-nvidia, linux-gke, linux-nvidia-tegra- … ⌘ Read more

Security updates for Monday
Security updates have been issued by AlmaLinux (kernel), Debian (dovecot, git, log4cxx, and openssl), Fedora (containernetworking-plugins, firebird, firefox, jupyterlab, mupdf, and thunderbird), Oracle (ipa), Red Hat (container-tools:rhel8, firefox, gnutls, kernel, kernel-rt, multiple packages, mysql, mysql:8.0, nginx, podman, and thunderbird), Slackware (fetchmail), SUSE (afterburn, chromium, firefox, haproxy, libvmtools-devel, logback, python311-Django, python311-Django4, and … ⌘ Read more

Security updates for Friday
Security updates have been issued by AlmaLinux (idm:DL1), Debian (gegl and haproxy), Fedora (ffmpeg, firefox, freeipa, python-pip, rust-astral-tokio-tar, sqlite, uv, webkitgtk, and xen), Oracle (idm:DL1, ipa, kernel, perl-JSON-XS, and python3), Red Hat (git), SUSE (curl, frr, jupyter-jupyterlab, and libsuricata8_0_1), and Ubuntu (linux-aws, linux-lts-xenial, linux-aws-fips, linux-fips, linux-gcp-fips, linux-azure, linux-azure, linux-azure-6.8, linux-fips, linux-gcp-fips, and l … ⌘ Read more

Security updates for Thursday
Security updates have been issued by AlmaLinux (perl-JSON-XS), Debian (chromium and openssl), Fedora (bird, dnsdist, firefox, mapserver, ntpd-rs, python-nh3, rust-ammonia, skopeo, sqlite, thunderbird, and xen), Oracle (perl-JSON-XS), Red Hat (kernel, kernel-rt, and libvpx), SUSE (afterburn, cairo, docker-stable, firefox, nginx, python-Django, snpguest, and warewulf4), and Ubuntu (libmspack, libxslt, linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gkeop, linu … ⌘ Read more

@zvava@twtxt.net Hm, I tried with https://www.uninformativ.de/twtxt.txt#:~:text=2025-09- and my Firefox 143 didn’t like it. https://www.uninformativ.de/twtxt.txt#:~:text=2025%2D09%2D worked. 🤔

@zvava@twtxt.net

(#abcdefghijkl https://example.com/tw.txt#:~:text=2025-10-01T10:28:00Z), because it can be simply hacked in to clients currently on hashv1 and provides an off-ramp to location-based addressing

I like that property (an off-ramp to location-based addressing), so I think I could live with that approach. ✅

(I’m not sure why we’re using text fragments, though. Wouldn’t that link to the first occurence of 2025-10-01T10:28:00Z? That’s not necessarily correct. And, to be proper URLs that Firefox and Chromium understand, it would also need to be written as 2025%2D10%2D01T10:28:00Z. The dash carries meaning, sadly. I think all this just creates needless complication. How about we just go with https://example.com/tw.txt#2025-10-01T10:28:00Z?)

@itsericwoodward@itsericwoodward.com No worries, all good, mate! We all have to start somewhere. Other software requests my feed several orders of magnitude more often.

I can confirm, the User-Agent header appears to be fixed. \o/

Two other things I noticed, though:

1. There’s now an OPTIONS request for my feed coming from something that claims to be Firefox, pointing to your feed URL in the query. No clue what this is about. In any case, it’s rejected with a 405 Method Not Allowed.

2. Not that these few requests bother me at all, but you might wanna implement caching next with either the If-Modified-Since or If-None-Match request headers. This way, if the feed hasn’t changed, the web server can reply with a 304 Not Modified and no body at all, saving unnecessary traffic. But again, this is really not an issue for me at all. I just wanted to make sure you’re aware of it, that’s all. It might be even already on your agenda. Or you might decide to never do anything about it, which is also fine for me. :-)

Hmm, not experiencing that. Using Zen (Firefox), under Linux, with uBlock Origin.

@mozilla@mozilla must have some telemetry or metrics or something to know how many #32bit firefox users are out there. I bet that, as a percentage, they aren’t more than a blip. Still, there has to be several thousand machines out there, running on 32bit hardware, connected to the internet, using #Firefox as its web browser.

And now Mozilla decided to hand those users over to #chromium, by stopping 32-bit support and telling them the alternative is to install a 64bit OS instead.

https://blog.mozilla.org/futurereleases/2025/09/05/firefox-32-bit-linux-support-to-end-in-2026/

Right, now that I’m reading some comments: I was initially assuming that they would actually make it impossible for distros to provide a 32-bit build (intentionally or unintentionally). But maybe that’s not the case and distros can just continue to ship a 32-bit Firefox …

Is that really necessary? How hard is it to make a 32-bit build? 🤔 Honest question. https://blog.mozilla.org/futurereleases/2025/09/05/firefox-32-bit-linux-support-to-end-in-2026/

You can fuck right off, thank you very much.

(18/29) upgrading firefox
New optional dependencies for firefox
    onnxruntime: Local machine learning features such as smart tab groups

I was drafting support for showing “application icons” in my window manager, i.e. the Firefox icon in the titlebar:

https://movq.de/v/0034cc1384/s.png

Then I realized: Wait a minute, lots of applications don’t set an icon? And lots of other window managers don’t show these icons, either? Openbox, pekwm, Xfce, fvwm, no icons.

Looks like macOS doesn’t show them, either?!

Has this grown out of fashion? Is this purely a Windows / OS/2 thing?

@bender@twtxt.net An older Firefox on Debian.

@lyse@lyse.isobeef.org which browser do you use? Chrome, Edge, and Firefox, under Ubuntu, all show it fine.

It looks like I missed a lot. My Pinephone is ideal for Gopher browsing because Firefox runs like a slug. Need more ARM Linux browsers.

ok. i’ve changed usernames, doing this from Lynx now instead of a web browser. i saw the plugins for firefox. not sure if I’m going to do that. i mean, i have this

Auch uBlock Origin betroffen: Youtube greift weiter gegen Werbeblocker durch
Im Netz häufen sich Beschwerden von Nutzern, die mit Adblocker keine Youtube-Videos mehr abspielen können. Viele gängige Werbeblocker sind betroffen. ( Youtube, Firefox)

Image

Security updates for Monday
Security updates have been issued by AlmaLinux (golang, nodejs22, thunderbird, and varnish), Debian (gimp, modsecurity-apache, python-tornado, and roundcube), Fedora (chromium, coreutils, fcgi, ghostscript, krb5, libvpx, mingw-gstreamer1-plugins-bad-free, mingw-libsoup, mod_security, and samba), Mageia (php-adodb, systemd, and tomcat), Red Hat (buildah, firefox, glibc, grafana, kernel, libsoup, libxslt, mod_security, perl-FCGI, podman, python-tornado, and skopeo), Slackware (libvp … ⌘ Read more

Security updates for Thursday
Security updates have been issued by Debian (chromium and mariadb-10.5), Oracle (firefox, ghostscript, git, go-toolset:ol8, golang, kernel, krb5, mingw-freetype and spice-client-win, nodejs:20, nodejs:22, perl-CPAN, python36:3.6, rsync, varnish, and varnish:6), Red Hat (firefox, thunderbird, and webkit2gtk3), Slackware (curl and python3), SUSE (apache-commons-beanutils, apache2-mod_security2, avahi, buildkit, ca-certificates-mozilla, cloud-regionsrv-client, cloud-regionsrv-client, py … ⌘ Read more

Security updates for Monday
Security updates have been issued by Debian (espeak-ng, kitty, kmail-account-wizard, krb5, libreoffice, libvpx, net-tools, python-flask-cors, symfony, tcpdf, thunderbird, and twitter-bootstrap3), Fedora (chromium, dropbear, firefox, gstreamer1-plugins-bad-free, python-tornado, systemd, and thunderbird), Mageia (coreutils, deluge, glib2.0, and redis), Oracle (firefox, kernel, and systemd), Red Hat (firefox, kernel, kernel-rt, varnish, varnish:6, and zlib), SUSE (bind, curl, dnsdist, … ⌘ Read more

Security updates for Friday
Security updates have been issued by AlmaLinux (.NET 8.0, .NET 9.0, firefox, ghostscript, gstreamer1-plugins-bad-free, libsoup3, mingw-freetype, perl, ruby, sqlite, thunderbird, unbound, valkey, and xz), Debian (chromium, firefox-esr, libavif, linux-6.1, modsecurity-apache, mydumper, systemd, and thunderbird), Fedora (coreutils, dnsdist, docker-buildx, maturin, mingw-python-flask, mingw-python-flit-core, ruff, rust-hashlink, rust-rusqlite, and thunderbird), Red Hat (pcs), SUSE (augeas, … ⌘ Read more

Security updates for Thursday
Security updates have been issued by AlmaLinux (kernel and kernel-rt), Debian (firefox-esr, libvpx, net-tools, php-twig, python-tornado, setuptools, varnish, webpy, yelp, and yelp-xsl), Fedora (xen), Mageia (cimg and ghostscript), Oracle (gstreamer1-plugins-bad-free, kernel, libsoup, thunderbird, and unbound), Red Hat (firefox, mingw-freetype and spice-client-win, pcs, and varnish:6), Slackware (curl and mozilla), SUSE (apparmor, containerd, dnsdist, go1.23-openssl, go1.24 … ⌘ Read more

Security updates for Wednesday
Security updates have been issued by AlmaLinux (gstreamer1-plugins-bad-free and kernel), Arch Linux (bind and varnish), Debian (glibc and syslog-ng), Fedora (microcode_ctl, mozilla-ublock-origin, nodejs20, and nodejs22), Mageia (firefox, nss, rootcerts, open-vm-tools, sqlite3, and thunderbird), Oracle (gstreamer1-plugins-bad-free, kernel, libsoup, nodejs:22, php, php:8.2, php:8.3, python-tornado, redis, and redis:7), Red Hat (libsoup, pcs, and python-tornado), Slackware … ⌘ Read more

Security updates for Tuesday
Security updates have been issued by AlmaLinux (gstreamer1-plugins-bad-free, libsoup, and python-tornado), Debian (libavif and pgbouncer), Red Hat (gstreamer1-plugins-bad-free, mingw-freetype and spice-client-win, and webkit2gtk3), SUSE (firefox, govulncheck-vulndb, and python310-setuptools), and Ubuntu (flask, intel-microcode, openjdk-17-crac, tika, and Tomcat). ⌘ Read more

Security updates for Monday
Security updates have been issued by AlmaLinux (389-ds-base, ghostscript, grafana, kernel, and osbuild-composer), Debian (intel-microcode, kernel, libphp-adodb, and openssl), Fedora (dotnet8.0, ghostscript, iputils, nbdkit, open-vm-tools, thunderbird, and vyper), Mageia (chromium-browser-stable, glibc, iputils, microcode, nodejs, and zsync), Oracle (.NET 8.0, .NET 9.0, 389-ds-base, avahi, buildah, compat-openssl11, expat, firefox, ghostscript, gimp, git, grafana, gvisor-tap-vsock, libso … ⌘ Read more

Security updates for Friday
Security updates have been issued by Fedora (dotnet9.0, dropbear, ghostscript, nbdkit, openssh, python-watchfiles, rpm-ostree, yelp, yelp-xsl, and zsync), Oracle (firefox and kernel), Red Hat (osbuild-composer), Slackware (aaa_glibc and mozilla), SUSE (chromedriver, open-vm-tools, postgresql14, python-cryptography, and thunderbird), and Ubuntu (linux-aws, linux-hwe-5.4, python, and sqlite3). ⌘ Read more

Security updates for Thursday
Security updates have been issued by AlmaLinux (kernel, kernel-rt, and webkit2gtk3), Fedora (mozilla-ublock-origin and sudo-rs), Oracle (.NET 8.0, compat-openssl10, grafana, osbuild-composer, redis:6, ruby:2.5, and webkit2gtk3), SUSE (dante, firefox-esr, gnuplot, govulncheck-vulndb, grype, postgresql13, postgresql14, postgresql15, postgresql16, postgresql17, python-tornado6, python314, thunderbird, ucode-intel, and xen), and Ubuntu (bind9, libfcgi-perl, linux-ibm-5.4, linux-oracle-5.4 … ⌘ Read more

Security updates for Wednesday
Security updates have been issued by AlmaLinux (.NET 8.0, avahi, buildah, compat-openssl10, compat-openssl11, expat, firefox, gimp, git, grafana, libsoup, libxslt, mod_auth_openidc, nginx, nodejs:22, osbuild-composer, php, redis, redis:7, skopeo, thunderbird, vim, webkit2gtk3, xterm, and yelp), Arch Linux (dropbear, freetype2, go, nodejs, nodejs-lts-iron, nodejs-lts-jod, python-django, webkit2gtk, webkit2gtk-4.1, webkitgtk-6.0, and wpewebkit), Debian (mongo-c-driver), Fedora (openssh, … ⌘ Read more

On my blog: Firefox’s Tabs https://john.colagioia.net/blog/2025/05/21/firefox-tabs.html #programming #techtips

Security updates for Tuesday
Security updates have been issued by Debian (firefox-esr, openjdk-11, openjdk-17, and wireless-regdb), Fedora (iputils, open-vm-tools, sfnt2woff-zopfli, and woff), Red Hat (postgresql:12), SUSE (apache2-mod_auth_openidc, brltty, helm, python-maturin, and rubygem-rack), and Ubuntu (linux-azure-fips). ⌘ Read more

Security updates for Monday
Security updates have been issued by Debian (dropbear, firefox-esr, intel-microcode, net-tools, openafs, thunderbird, and xrdp), Fedora (chromium, micropython, syslog-ng, webkitgtk, and xen), Mageia (dropbear and openssh), Oracle (.NET 9.0, kernel, libjpeg-turbo, and yelp and yelp-xsl), Red Hat (compat-openssl11, git-lfs, grafana, kernel, and osbuild and osbuild-composer), Slackware (mozilla), SUSE (cargo-c, gimp, iputils-20240905, kernel, libraw, microcode_ctl, openssh, pnpm, … ⌘ Read more

Security updates for Wednesday
Security updates have been issued by AlmaLinux (emacs, firefox, gnutls, java-17-openjdk, java-21-openjdk, osbuild-composer, python39:3.9, and thunderbird), Arch Linux (screen), Debian (varnish), Fedora (chromium), Gentoo (Atop, FreeType, and Spidermonkey), Mageia (java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, java-latest-openjdk and postgresql15, postgresql13), Oracle (389-ds-base, emacs, firefox, kernel, libsoup, libtiff, mod_auth_openidc:2.3, nodejs:20, nodejs:22, … ⌘ Read more

On my blog: Firefox’s Local Storage https://john.colagioia.net/blog/2025/05/14/firefox-local-storage.html #programming #techtips

Security updates for Monday
Security updates have been issued by Debian (libbson-xs-perl, postgresql-13, redis, and simplesamlphp), Fedora (chromium, deluge, epiphany, golang-github-nats-io-nkeys, libxmp, nodejs22, perl-Compress-Raw-Lzma, php-adodb, python-h11, and xz), Gentoo (firefox, NVIDIA Drivers, Orc, PAM, and thunderbird), Mageia (libreoffice, python-django, and transfig), Red Hat (emacs, firefox, python39:3.9, and thunderbird), SUSE (bird3, freetype2, ldap-proxy, libmosquitto1, and ruby3.4-rubygem-rack … ⌘ Read more

Security updates for Friday
Security updates have been issued by Debian (fossil, libapache2-mod-auth-openidc, and request-tracker4), Fedora (thunderbird), Mageia (firefox and thunderbird), SUSE (389-ds, apparmor, cargo-c, chromium, go1.24, govulncheck-vulndb, java-1_8_0-openjdk, kanidm, libsoup, mozjs102, openssl-1_1, openssl-3, python-Django, sccache, tealdeer, tomcat, transfig, wasm-bindgen, and wireshark), and Ubuntu (libreoffice and python-h11). ⌘ Read more

Security updates for Monday
Security updates have been issued by Debian (ansible, containerd, and vips), Fedora (chromium, java-17-openjdk, nodejs-bash-language-server, nodejs-pnpm, ntpd-rs, redis, rust-hickory-proto, thunderbird, and valkey), Mageia (apache-mod_auth_openidc, fcgi, graphicsmagick, kernel-linus, pam, poppler, and tomcat), Red Hat (firefox, libsoup, nodejs:20, redis:6, rsync, webkit2gtk3, xmlrpc-c, and yelp), and SUSE (audiofile, ffmpeg, firefox, libsoup-2_4-1, libsoup-3_0-0, libva, libxml2, and … ⌘ Read more

Security updates for Friday
Security updates have been issued by Debian (chromium, nodejs, openjdk-17, and thunderbird), Fedora (firefox, golang-github-nvidia-container-toolkit, and thunderbird), Mageia (kernel), Oracle (ghostscript, glibc, kernel, libxslt, php:8.1, and thunderbird), SUSE (cmctl, firefox-esr, govulncheck-vulndb, java-21-openjdk, libxml2, poppler, python-h11, and redis), and Ubuntu (docker.io, ghostscript, linux-xilinx-zynqmp, and micropython). ⌘ Read more

Security updates for Thursday
Security updates have been issued by Debian (expat, fig2dev, firefox-esr, golang-github-gorilla-csrf, jinja2, libxml2, nagvis, qemu, request-tracker4, request-tracker5, u-boot, and vips), Fedora (firefox, giflib, and thunderbird), Mageia (imagemagick), Red Hat (thunderbird), SUSE (amber-cli, libjxl, and redis), and Ubuntu (h2o, poppler, and postgresql-10). ⌘ Read more

[$] LWN.net Weekly Edition for May 1, 2025
Inside this week’s LWN.net Weekly Edition:

• Front: Mailman 2 vulnerabilities; AI in Debian; __nonstring__; Cache-aware scheduling; Freezing filesystems; Socket-level storage; Debugging information; LWN in 2025.

• Briefs: Debian election; Kali Linux key; OpenBSD 7.7; Firefox 138.0; GCC 15.1; Meson 1.8.0; Valgrind 3.25.0; FSF review; OSI retrospective; Mastodon; Quotes; …

• [Announcements](https://lwn.net/Arti … ⌘ Read more

Security updates for Wednesday
Security updates have been issued by Debian (glibc and libraw), Fedora (digikam, icecat, mingw-LibRaw, perl, perl-Devel-Cover, and perl-PAR-Packer), Red Hat (ghostscript, kernel, and kernel-rt), Slackware (mozilla), SUSE (augeas, firefox, and java-11-openjdk), and Ubuntu (binutils, libxml2, and nodejs). ⌘ Read more

Firefox 138.0 released
Version\
138.0 of the Firefox web browser has been released. Changes include
some profile-management improvements, the ability to get weather-related
suggestions in the address bar (US only), and some security fixes. ⌘ Read more

Firefox Browser Gets Tab Groups
Mozilla recently updated the Firefox browser to add support for tab groups, a feature that Firefox users have been wanting for years. According to Mozilla, tab groups have been the most requested idea on the Mozilla Connect community platform, and it was actually the first request that Mozilla received when launching Connect in 2022.

![](https://images.macrumors.com/article-new/2021/08/mozilla-firefox-bann … ⌘ Read more

Security updates for Monday
Security updates have been issued by AlmaLinux (thunderbird), Debian (distro-info-data, imagemagick, kernel, libsoup2.4, and poppler), Fedora (chromium, java-1.8.0-openjdk, java-1.8.0-openjdk-portable, java-17-openjdk, java-17-openjdk-portable, java-latest-openjdk, pgadmin4, thunderbird, and xz), Mageia (haproxy and libxml2), Oracle (bluez, firefox, gnutls, libtasn1, libxslt, mod_auth_openidc:2.3, ruby:3.1, thunderbird, and xmlrpc-c), Red Hat (delve and golang, glibc, mod_auth_o … ⌘ Read more

Security updates for Monday
Security updates have been issued by Debian (glib2.0, jinja2, kernel, mediawiki, perl, subversion, twitter-bootstrap3, twitter-bootstrap4, and wpa), Fedora (c-ares, chromium, condor, corosync, cri-tools1.29, exim, firefox, matrix-synapse, nextcloud, openvpn, perl-Data-Entropy, suricata, upx, varnish, webkitgtk, yarnpkg, and zabbix), Mageia (giflib, gnupg2, graphicsmagick, and poppler), Oracle (delve and golang, go-toolset:ol8, grub2, and webkit2gtk3), Red Hat (kernel and kernel-rt), **S … ⌘ Read more

Security updates for Thursday
Security updates have been issued by AlmaLinux (tomcat and webkit2gtk3), Debian (chromium), Fedora (ghostscript), Mageia (atop, docker-containerd, and xz), Red Hat (go-toolset:rhel8), SUSE (apache2-mod_auth_openidc, apparmor, etcd, expat, firefox, kernel, libmozjs-128-0, and libpoppler-cpp2), and Ubuntu (dino-im, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp,
linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux, linux-aws, linux-kvm, linux-l … ⌘ Read more

[$] LWN.net Weekly Edition for April 10, 2025
Inside this week’s LWN.net Weekly Edition:

• Front: Debian project leader election; 6.15 Merge window; Lots of LSFMM coverage; Joplin.

• Briefs: Firefox hardening; OpenSSH 10.0; Supply chain security; FreeDOS 1.4; OpenSSL 3.5.0; Rust 1.86.0; Quotes; …

• Announcements: Newsletters, conferences, security updates, patches, and more. ⌘ Read more

Hardening the Firefox frontend
Tom Schuster, Frederik Braun, and Christoph Kerschbaumer have
published an article
on the Firefox Security team’s Attack & Defense
blog that explains recent work to harden Firefox’s frontend code.

We have rewritten over 600 JavaScript event handlers to mitigate XSS
and other injection attacks in the main Firefox user interface. This
mitigation will ship in … ⌘ Read more

Security updates for Monday
Security updates have been issued by Debian (abseil, atop, jetty9, ruby-saml, tomcat10, trafficserver, xz-utils, and zfs-linux), Fedora (chromium, condor, containernetworking-plugins, cri-tools1.29, crosswords-puzzle-sets-xword-dl, exim, ghostscript, matrix-synapse, upx, varnish, and yarnpkg), Gentoo (XZ Utils), Mageia (augeas, corosync, nss & firefox, and thunderbird), Oracle (container-tools:ol8, firefox, freetype, and kernel), Red Hat (firefox), SUSE (chromium, gn, firefox-es … ⌘ Read more

Security updates for Friday
Security updates have been issued by AlmaLinux (firefox), Debian (atop and thunderbird), Fedora (webkitgtk), Mageia (microcode), Oracle (expat), SUSE (apparmor, assimp-devel, aws-efs-utils, expat, firefox, ghostscript, go1.23, gotosocial, govulncheck-vulndb, GraphicsMagick, headscale, libmozjs-128-0, libsaml-devel, openvpn, perl-Data-Entropy, and xz), and Ubuntu (gnupg2, kernel, linux-azure-fips, linux-iot, openvpn, ruby-saml, and xz-utils). ⌘ Read more

Security updates for Thursday
Security updates have been issued by AlmaLinux (expat), Debian (chromium, commons-vfs, firefox-esr, php-horde-editor, php-horde-imp, and thunderbird), Fedora (corosync, firefox, nextcloud, and suricata), Mageia (curl and upx), Oracle (emacs, fence-agents, freetype, kernel, libreoffice, libxml2, nginx:1.24, podman, python-jinja2, and tigervnc), Red Hat (firefox and python-jinja2), SUSE (assimp, ffmpeg-4, firefox, ghostscript, GraphicsMagick, libxslt, and tomcat), and Ubuntu … ⌘ Read more

[$] LWN.net Weekly Edition for April 3, 2025
Inside this week’s LWN.net Weekly Edition:

• Front: Calibre 8.0; Fedora reproducibility; OpenWrt One; 6.15 Merge Window; LSFMM+BPF coverage including BPF in GCC, Rust merging process, and more.

• Briefs: Ubuntu namespaces; New FPL; PorteuX 2.0; Firefox 137.0; GCC Rust; Rockbox 4.0; Rust specification; Thundermail; Dave Täht RIP; Quotes; …

• Announcements: Newsletters, confer … ⌘ Read more

Security updates for Wednesday
Security updates have been issued by Debian (firefox-esr, jetty9, openjpeg2, and tomcat9), Fedora (dokuwiki, firefox, php-kissifrot-php-ixr, php-phpseclib3, and rust-zincati), Red Hat (kernel and pki-core), Slackware (mozilla), SUSE (apparmor, atop, docker, docker-stable, firefox, govulncheck-vulndb, libmodsecurity3, openvpn, upx, and warewulf4), and Ubuntu (inspircd, linux, linux-aws, linux-gcp, linux-gke, linux-gkeop, linux-ibm,
linux-lowlatency, linux-lowlatency-hwe-6.8, linu … ⌘ Read more

Firefox 137.0 released
Version\
137.0 of the Firefox browser has been released. Changes include the
rollout of tab\
groups, a number of search-bar changes, and the ability to add signatures
to PDF files. ⌘ Read more

@movq@www.uninformativ.de Wow, I use Firefox and didn’t realize this existed! Thanks for pointing it out. I noticed at least one bug cited a webcompat.com report; I wonder if someone at Mozilla monitors those. https://webcompat.com/issues?page=1&per_page=50&state=open&stage=all&sort=created&direction=desc

The brokenness of the web can be examined by opening about:compat in Firefox.

Image

Lots and lots of workarounds for specific websites.

@movq@www.uninformativ.de Yeah, most of the graphical applications are actually KDE programs:

• KMail – e-mail client
  
• Okular – PDF viewer
  
• Gwenview – image viewer
  
• Dolphin – file browser
  
• KWallet – password manager (I want to check out pass one day. The most annoying thing is that when I copy a password, it says that the password has been modified and asks me whether I want to save the changes. I never do, because the password is still the same. I don’t get it.)
  
• KPatience – card game
  
• Kdenlive – video editor
  
• Kleopatra – certificate manager
  

Qt:

• VLC – video player
  
• Psi – Jabber client (I happily used Kopete in the past, but that is not supported anymore or so. I don’t remember.)
  
• sqlitebrowser – SQLite browser
  

Gtk:

• Firefox – web browser
  
• Quod Libet – music player (I should look for a better alternative. Can’t remember why I had to move away from Amarok, was it dead? There was a fork Clementine or so, but I had to drop that for some unknown reason, too.)
  
• Audacity – audio editor
  
• GIMP – image editor
  

These are the things that are open right now or that I could think of. Most other stuff I actually do in the terminal.

In the past™, I used the Python KDE4 bindings. That was really nice. I could pass most stuff directly in the constructor and didn’t have to call gazillions of setters improving the experience significantly. If I ever wanted to do GUI programming again, I’d definitely go that route. There are also great Qt bindings for Python if one wanted to avoid the KDE stuff on top. The vast majority I do for myself, though, is either CLI or maybe TUI. A few web shit things, but no GUIs anymore. :-)

Security updates for Thursday
Security updates have been issued by Debian (php7.4, python-django, and python3.9), Fedora (bluez, iwd, libell, and radare2), Mageia (chromium-browser-stable, mosquitto, tomcat, tomcat packages, and vim), Oracle (firefox, grub2, python3, thunderbird, and webkit2gtk3), Red Hat (fence-agents, php:7.4, and python-jinja2), SUSE (assimp-devel, crane, ffmpeg-4, freetype2, helm, kernel, kured, python-Django, python-Jinja2, python311-Django4, and tomcat), and Ubuntu (alpine, djoser, l … ⌘ Read more

I tried using Firefox Focus as my default browser for a while but it was to extreme. It’s still the only one on my home screen. 50-60 is sort of my intent, but then it keeps being “just one more…”.

posting from my phone yayyy just downloaded a random tabbed browser off f-droid for this bc my main mobile browser is firefox focus which isn’t great for persisting data

@movq@www.uninformativ.de Where in firefox can I set custom CSS?

I was today years old when I learned that Firefox supports custom per-domain CSS. Is this new? I thought I had tried a while ago and it only worked globally. 🤔

@-moz-document domain(movq.de)
{
    div { border: 1px solid red; }
}

Either way, I love that I don’t need a plugin for that. 🥳

Always has been. Web spec is too hard to implement your own web browser from scratch (nothing can, even Google and Apple, they forked KHTML). So if we not count forks we have only three browsers: Google Chrome, Mozilla Firefox and Apple Safari

[ANN] [CVE-2024-9680] Update Tor Browser & Firefox immediately

An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild.

Links:

• https://blog.torproject.org/new-release-tor-browser-1357/
  
• https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/
  

n … ⌘ Read more

After many many years on Firefox, I am making the move to Vivaldi.

@aelaraji@aelaraji.com Hmm that is worth trying. It is the same base Firefox I guess 🤔

@aelaraji@aelaraji.com Yep seems alright! Really fast too. I’m still using my main Firefox in general cos.. well it’s set up so much and it’s hardened, profile running in RAM, all that crazy stuff that got it working the way I want 😂

But keeping a good eye on Zen Browser’s progress.

This Zen-Browser is actually not bad! 🤯

• Based on Firefox instead of Chromium.
  
• Got tiling pans when you need them… (just like a tiling window manager).
  
• I can hide the Tabs and Nav-Bar with a single short-cut!! AKA Compact Mode …

Interesting.. QUIC isn’t very quick over fast internet.

QUIC is expected to be a game-changer in improving web application performance. In this paper, we conduct a systematic examination of QUIC’s performance over high-speed networks. We find that over fast Internet, the UDP+QUIC+HTTP/3 stack suffers a data rate reduction of up to 45.2% compared to the TCP+TLS+HTTP/2 counterpart. Moreover, the performance gap between QUIC and HTTP/2 grows as the underlying bandwidth increases. We observe this issue on lightweight data transfer clients and major web browsers (Chrome, Edge, Firefox, Opera), on different hosts (desktop, mobile), and over diverse networks (wired broadband, cellular). It affects not only file transfers, but also various applications such as video streaming (up to 9.8% video bitrate reduction) and web browsing. Through rigorous packet trace analysis and kernel- and user-space profiling, we identify the root cause to be high receiver-side processing overhead, in particular, excessive data packets and QUIC’s user-space ACKs. We make concrete recommendations for mitigating the observed performance issues.

https://dl.acm.org/doi/10.1145/3589334.3645323

@prologic@twtxt.net Firefox 126.0.1 is my primary

@prologic@twtxt.net Firefox but it happens on Brave and Chromium on my laptop, or any browser (Brave, Chromium, Vanadium) I try on my Android phone.

Bela surpresa: agora o Twitter bloqueia o Firefox mobile. É uma boa notícia pra começar o dia, o espaço que ocupava na minha rotina de procrastinação pode ser agora dedicado a melhores fontes.

Image

What? You are still using chrome? Firefox is where its at. But if you need WebKit there is always chromium which strips out all the google nonsense.

How to Set Default Web Browser in MacOS Sonoma
If you’re wondering how you can set the default web browser in macOS Sonoma to something else, maybe to Chrome, Firefox, Brave, or perhaps even back to Safari, you’ll find that it is relatively easy to do so. However, like so many other adjustments and tweaks to the latest macOS versions, it is different compared … Read More ⌘ Read more

I really have to clen up my Firefox bookmarks. They are no longer searchable.

Only time something like that has happened on my end is if browser got updated while its running (trough package manager). But I only run firefox..

this firefox isn’t just leaking memory, it’s gushing as if someone had performed shechita on it

Uninstalled Brave browser and went back to only using Firefox.

Added to the fun.

Image

trying to get myself to reach for !links browser instead of firefox for locally testing my wiki. For the most part, it really doesn’t need the heft of firefox. When links -g is used, it really really doesn’t need firefox.

@jlj@twt.nfld.uk oh dang the reply didnt add the reply. It was to @hxii@0xff.nu because Firefox shows his shruggy like ¯\_(ツ)_/¯

Firefox Was Always Enough https://www.ianbicking.org/blog/2020/11/firefox-was-always-enough.html

Firefox Was Always Enough https://www.ianbicking.org/blog/2020/11/firefox-was-always-enough.html

Running Firefox as Another User ⌘ https://hack.org/mc/blog/firefox2.html

Using DuckDuckGo as a Tor Hidden Service in Firefox search box ⌘ https://hack.org/mc/blog/duckduckgo-tor.html

Firefox som annan användare ⌘ https://hack.org/mc/blog/firefox-annan-user.html

Firefox: about:config -> create integer key ui.systemUsesDarkTheme = 1 -> Dark Mode enabled! Check my website with and without…

Looking for a reason to use Firefox more when developing sites? on macOS it’s the browser that smashes into the least horizontal space. Good if you like having a browser window running all the time. Doubly good if you like running it in Split View.

Still using Firefox? Try a rusty nail in your eye instead.

Playing with P2P protocols and Firefox http://andregarzia.com/2018/12/playing-with-p2p-protocols-and-firefox.html

Github is putting up a banner saying that the version of firefox I’m using is no longer supported. That’s fuckin’ wild to me. It’s 2018: if your website doesn’t work on Mosaic & Lynx, it’s broken.

@kas@enotty.dk nice. 😎 Let’s see if this addon works: https://addons.mozilla.org/en-US/firefox/addon/hooktubeify/

GitHub - classilla/overbitenx: Because Firefox isn’t complete without Gopherspace. https://github.com/classilla/overbitenx

@durcheinandr@durcheinandr.de I mostly just use overbite https://addons.mozilla.org/en-US/firefox/addon/overbiteff/

@durcheinandr@durcheinandr.de I mostly just use overbite https://addons.mozilla.org/en-US/firefox/addon/overbiteff/

My newest pet peeve is that after some time i can’t open any menues in firefox: menubar, righ click, statusbar etc

My newest pet peeve is that after some time i can’t open any menues in firefox: menubar, righ click, statusbar etc