Security updates for Friday
Security updates have been issued by Debian (graphicsmagick and libapache2-mod-auth-openidc), Fedora (giflib, mod_auth_openidc, mysql8.0, perl, perl-Devel-Cover, perl-PAR-Packer, perl-String-Compare-ConstantTime, rust-openssl, rust-openssl-sys, trunk, and workrave), Mageia (chromium-browser-stable and rust), Oracle (java-1.8.0-openjdk, java-17-openjdk, java-21-openjdk, kernel, libreoffice, and webkit2gtk3), Red Hat (gvisor-tap-vsock), SUSE (containerd, docker, docker-stable, forge … ⌘ Read more
ResolverRAT: A Sophisticated Threat Targeting Healthcare and Pharma
he healthcare and pharmaceutical sectors are prime targets for cybercriminals due to their sensitive data and critical infrastructure. In…
[Continue read … ⌘ Read more
** CVSS 10.0 Critical Vulnerability in Erlang/OTP’s SSH: Unauthenticated Remote Code Execution Risk**
A critical security vulnerability (CVE-2025–32433) with a CVSS … ⌘ Read more
Ubuntu 25.04 released
Version\
25.04 (“Plucky Puffin”) of the Ubuntu Linux distribution has been
released. This release includes Linux 6.14, GNOME 48, APT 3.0, and introduces a
Arm64\
desktop ISO to install Ubuntu Desktop on Arm64 systems. This is an
interim release, with support through January 2026. See the [release\
notes](h … ⌘ Read more
[$] LWN.net Weekly Edition for April 17, 2025
Inside this week’s LWN.net Weekly Edition:
Front: APT 3.0; Fedora 42; Lots more LSFMM+BPF coverage.
Briefs: CVE funding; Yelp vulnerability; Fedora 42; Manjaro 25.0; GCC 15; Pinta 3.0; Quotes; …
Announcements: Newsletters, conferences, security updates, patches, and more. ⌘ Read more
Hello from Windows 3.11 and Trumpet Winsock 3.0!
Even though I really do like the shell, I always use Dolphin to mount my digicam SD card and copy the photos onto my computer. I finally added a context menu item in Dolphin to create a forest stroll directory with the current date in order to save some typing:
The following goes in ~/.local/share/kservices5/ServiceMenus/galmkdir.desktop:
[Desktop Entry]
Type=Service
X-KDE-ServiceTypes=KonqPopupMenu/Plugin,inode/directory
Actions=Waldspaziergang;
[Desktop Action Waldspaziergang]
Name=Heutigen Waldspaziergang anlegen…
Icon=folder-green
Exec=~/src/gelbariab/galmkdir "%f"
In order to update the KDE desktop cache and make this action menu item available in Dolphin, I ran:
kbuildsycoca5
The referenced galmkdir script looks like that:
#!/bin/sh
set -e
current_dir="$1"
if [ -z "$current_dir" ]; then
echo "Usage: $0 DIRECTORY" >&2
exit 1
fi
dir="$(kdialog \
--geometry 350x50 \
--title "Heutigen Waldspaziergang anlegen" \
--inputbox "Neues Verzeichnis in „$current_dir“ anlegen:" \
"waldspaziergang-$(date +%Y-%m-%d)")"
mkdir "$current_dir/$dir"
dolphin "$current_dir/$dir"
This solution is far from perfect, though. Ideally, I’d love to have it in the “Create New” menu instead of the “Actions” menu. But that doesn’t really work. I cannot define a default directory name, not to mention even a dynamic one with the current date. (I would have to update the .desktop file every day or so.) I also failed to create an empty directory. I somehow managed to create a directory with some other templates in it for some reason I do not really understand.
Let’s see how that works out in the next days. If I like it, I might define a few more default directory names.
[$] What’s new in APT 3.0
Debian’s Advanced Package Tool (APT) is the suite of utilities that handle package
management on Debian and Debian-derived operating systems. APT recently received a
major upgrade to 3.0 just in time for inclusion in Debian 13
(“trixie”), which is planned for release sometime in 2025. The version bump is
warranted; the latest APT has user-interface improvements, switches to [Sequoia](https://sequoia-pgp.org/pr … ⌘ Read more
Security updates for Wednesday
Security updates have been issued by AlmaLinux (gvisor-tap-vsock, kernel, and kernel-rt), Fedora (chromium, dnf, dotnet9.0, golang, lemonldap-ng, mariadb10.11, perl-Crypt-URandom-Token, perl-DBIx-Class-EncodedColumn, php-tcpdf, podman-tui, and trunk), Red Hat (java-17-openjdk and kernel), Slackware (mozilla), SUSE (apache2-mod_auth_openidc, cosign, etcd, expat, flannel, kernel, libsqlite3-0, libvarnishapi3, mozjs52, Multi-Linux Manager 4.3: Server, Multi-Linux Manager 5.0: Server, … ⌘ Read more
↳
In-reply-to
»
The tiny avatars, as expected (because they showed normal to you too @prologic), do not show under macOS’s Safari, but they do show on iOS’s Safari. It truly is a puzzle.
⤋ Read More
This on vp-compact.css:
.avatar:not(#profile-avatar .avatar) {
width: 2rem !important;
height: 2rem !important;
margin-top: -0.25rem !important;
}
Is colliding with yarn.min.css:
.avatar, .avatar-full {
width: 3.5rem;
height: 3.5rem;
object-fit: cover;
border-radius:var(--border-radius)
}
Manjaro Linux 25.0 released
Version\
25.0 (“Zetar”) of the Arch-based Manjaro Linux
distribution is now available. This release includes Linux kernel 6.12,
GNOME 48, KDE 6.3, Xfce 4.18, and more. ⌘ Read more
ProcessOne: Hello from the other side: Matrix ↔ XMPP via ejabberd 25.03
With ejabberd 25.03, the Matrix gateway ( mod_matrix_gw) no … ⌘ Read more
Pinta 3.0 released
Version\
3.0 of the Pinta
image editor has been released. The most notable change in this
release is that Pinta has been ported to GTK 4.0 and libadwaita. It
also includes a number of improvements, new effects, and bug fixes. ⌘ Read more
Security updates for Monday
Security updates have been issued by Debian (glib2.0, jinja2, kernel, mediawiki, perl, subversion, twitter-bootstrap3, twitter-bootstrap4, and wpa), Fedora (c-ares, chromium, condor, corosync, cri-tools1.29, exim, firefox, matrix-synapse, nextcloud, openvpn, perl-Data-Entropy, suricata, upx, varnish, webkitgtk, yarnpkg, and zabbix), Mageia (giflib, gnupg2, graphicsmagick, and poppler), Oracle (delve and golang, go-toolset:ol8, grub2, and webkit2gtk3), Red Hat (kernel and kernel-rt), **S … ⌘ Read more
How to Spot a Phishing Email in 5 Seconds (Real Examples)
And What to Do When Your Smart Home and a Stalker’s AirTag Team Up Against You
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-to-spot-a-phishing-email-in-5-second … ⌘ Read more
Think You’re Safe? Here’s How Hackers Actually Break Into Your Accounts in 2025
How secure are you really when even two-factor authentication isn’t enough anymore?
[Continue reading on InfoSec Write-ups … ⌘ Read more
[47°09′49″S, 126°43′18″W] Reading: 0.75000 PPM
[47°09′42″S, 126°43′28″W] Reading: 0.64000 PPM
Dino: Dino 0.5 Release
Dino is a secure and open-source messaging application.
It uses the XMPP (Jabber) protocol for decentralized communication.
We aim to provide an intuitive and enjoyable user interface.
The 0.5 release improves the user experience around file transfers and includes two completely reworked dialogs.
Improved file sharingThe way file transfers are currently done in the XMPP ecosystem is limited in functionality a … ⌘ Read more
[47°09′44″S, 126°43′21″W] Reading: 0.55 Sv
Security updates for Thursday
Security updates have been issued by AlmaLinux (tomcat and webkit2gtk3), Debian (chromium), Fedora (ghostscript), Mageia (atop, docker-containerd, and xz), Red Hat (go-toolset:rhel8), SUSE (apache2-mod_auth_openidc, apparmor, etcd, expat, firefox, kernel, libmozjs-128-0, and libpoppler-cpp2), and Ubuntu (dino-im, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp,
linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux, linux-aws, linux-kvm, linux-l … ⌘ Read more
[$] LWN.net Weekly Edition for April 10, 2025
Inside this week’s LWN.net Weekly Edition:
Front: Debian project leader election; 6.15 Merge window; Lots of LSFMM coverage; Joplin.
Briefs: Firefox hardening; OpenSSH 10.0; Supply chain security; FreeDOS 1.4; OpenSSL 3.5.0; Rust 1.86.0; Quotes; …
Announcements: Newsletters, conferences, security updates, patches, and more. ⌘ Read more
Feline physics: 0. Gravity: 1 ⌘ Read more
OpenSSH 10.0 released
OpenSSH\
10.0 has been released. Support for the DSA signature algorithm,
which was disabled by default beginning in 2015, has been
removed. Other notable changes include using the post-quantum algorithm mlkem768x25519-sha256
for key agreement by default, support for systemd-style socket
activation in Portable OpenSSH … ⌘ Read more
OpenSSL 3.5.0 released
Version\
3.5.0 of OpenSSL has been released. This release adds support for
server-side QUIC ( RFC 9000), a
new configuration option ( no-tls-deprecated-ec) that disables
support for TLS groups deprecated in RFC 8422, and more. ⌘ Read more
HydraNFC Shield v2 and Sniffer Decoder Expand Capabilities for NFC Development & Analysis
The HydraNFC Shield v2 is a high-performance NFC development platform built around the STMicroelectronics ST25R3916 NFC frontend. Designed for NFC research, development, debugging, and security analysis, it is intended to be used with the HydraBus v1.0, a versatile open-source baseboard that acts as the host interface for HydraNFC and other shield extensions. HydraBus … ⌘ Read more
↳
In-reply-to
»
Search syntax appears to be:
⤋ Read More
It’s on yarn.min.css, whatever that comes from. I think padding: 0; is all it needs.
↳
In-reply-to
»
Search syntax appears to be:
⤋ Read More
@prologic@twtxt.net there is a space on the first line on that codeblock. I think this one is the culprit:
pre>code {
padding:0 .25rem;
}
↳
In-reply-to
»
This weekend (as some of you may now) I accidently nuke this Pod's entire data volume 🤦♂️ What a disastrous incident 🤣 I decided instead of trying to restore from a 4-month old backup (we'll get into why I hadn't been taking backups consistently later), that we'd start a fresh! 😅 Spring clean! 🧼 -- Anyway... One of the things I realised was I was missing a very critical Safety Controls in my own ways of working... I've now rectified this...
⤋ Read More
Then I cleaned up my shell history of all of the invocations I ever made of dkv rm ... to make sure I never ever have this so easily accessible in my shell history (^R):
$ awk '
/^#/ { ts = $0; next }
/^dkv rm/ { next }
{ if (ts) print ts; ts=""; print }
' ~/.bash_history > ~/.bash_history.tmp && mv ~/.bash_history.tmp ~/.bash_history && history -r
EM1103B Board Integrates 0.5 TOPS NPU and 8MP ISP with RV1103B SoC
The EM1103B is a compact single-board computer built around the Rockchip RV1103B SoC. Designed for vision-based AIoT tasks, it targets applications like smart cameras, doorbells, and battery-powered surveillance devices, combining processing, AI acceleration, and imaging features in a small footprint. As the name suggests, the board is powered by the Rockchip RV1103B, similar to the […] ⌘ Read more
I’ve been using GIMP 3.0 for a few weeks now and it’s great. New features and I got rid of two custom plugins because they’re in core now. Literally nothing broke for me. And I really appreciate that they kept the familiar UI (instead of changing things just for the sake of change).
Thank you! 🥳
Security updates for Friday
Security updates have been issued by AlmaLinux (firefox), Debian (atop and thunderbird), Fedora (webkitgtk), Mageia (microcode), Oracle (expat), SUSE (apparmor, assimp-devel, aws-efs-utils, expat, firefox, ghostscript, go1.23, gotosocial, govulncheck-vulndb, GraphicsMagick, headscale, libmozjs-128-0, libsaml-devel, openvpn, perl-Data-Entropy, and xz), and Ubuntu (gnupg2, kernel, linux-azure-fips, linux-iot, openvpn, ruby-saml, and xz-utils). ⌘ Read more
Axzez Expands OS Compatibility, Lowers Interceptor 2.0 Pricing
Axzez has officially released its updated Interceptor OS Installer, now featuring full support for the Raspberry Pi Compute Module 5. Designed for performance and simplicity, the installer is built on Debian Bookworm and integrates modern kernel versions — 6.12.19-v8 for Raspberry Pi and 6.12.20 for Banana Pi. According to the announcement, this release delivers a […] ⌘ Read more
Prosodical Thoughts: Prosody 13.0.1 released
We are pleased to announce a new minor release from our stable branch.
As is the tradition with software, here is our first patch release following
shortly behind our major 13.0.0 release announced a few weeks ago. It fixes
some important bugs that were discovered after the release.
Many thanks to everyone who reported issues and helped with testing the fixes
for this release. We appreciate it!
For those of you on 0.12.x who haven’t upgraded yet, skip 13.0.0 and jump
stra … ⌘ Read more
Rust 1.86.0 released
Version\
1.86.0 of the Rust language has been released. Changes include support
for trait upcasting, the ability to index multiple elements of HashMaps and
slices mutably, and a number of stabilized APIs. ⌘ Read more
XMPP Interop Testing: Enabling Tests
Our project creates a framework that allows anyone to easily add XMPP standards compliance tests to the test phase of
their build pipeline. Prior to our most recent release (version 1.5.0) a test execution would basically run all tests
in the test suite. We provided an option to exclude certain tests, but in essence, the bulk of tests would execute.
This behavior is generally preferable when testing an XMPP server implementation. A benefit of exclusion-based
… ⌘ Read more
[$] LWN.net Weekly Edition for April 3, 2025
Inside this week’s LWN.net Weekly Edition:
Front: Calibre 8.0; Fedora reproducibility; OpenWrt One; 6.15 Merge Window; LSFMM+BPF coverage including BPF in GCC, Rust merging process, and more.
Briefs: Ubuntu namespaces; New FPL; PorteuX 2.0; Firefox 137.0; GCC Rust; Rockbox 4.0; Rust specification; Thundermail; Dave Täht RIP; Quotes; …
Announcements: Newsletters, confer … ⌘ Read more
[$] Catching up with calibre
Saying that calibre is
ebook-management software undersells the application by a fair
margin. Calibre is an open-source Swiss Army knife for ebooks that can
be used for everything from creating ebooks, converting ebooks from
obscure formats to modern formats like EPUB, to serving up an ebook
library over the web. The most recent major release, calibre 8.0,
brings a better text-to-speech engine, a tool for creating audio
overlays w … ⌘ Read more
PorteuX 2.0 released
Version\
2.0 of PorteuX, a distribution based on Slackware Linux, has been
released. This release adds the ability to test experimental Wayland
sessions for the Cinnamon, LXQt, and Xfce desktops. PorteuX 2.0
updates the Linux kernel to 6.14 and includes many package updates and
bug fixes. Users have the choice of PorteuX stable or its rolling release
called current. See the [install.txt](https://github. … ⌘ Read more
Rockbox 4.0 released
For those of you who still have dedicated audio players: version 4.0 of
Rockbox, a replacement firmware for many players, has been released.
This release brings support for a number of new devices, updated codecs, a
number of user-interface improvements, some new games, and more. (LWN last
reviewed Rockbox in 2010 — and looked at
the ill-fated Android port that year as
well). ⌘ Read more
[47°09′25″S, 126°43′21″W] Reading: 0.09 Sv
Firefox 137.0 released
Version\
137.0 of the Firefox browser has been released. Changes include the
rollout of tab\
groups, a number of search-bar changes, and the ability to add signatures
to PDF files. ⌘ Read more
(Updated) OrangePi RV SBC Gains JH7110 RISC-V Processor and PCIe 2.0 Interface
The OrangePi RV is a development board based on the open-source RISC-V architecture, designed to offer high performance with low power consumption. This single-board computer features a JH7110 quad-core RISC-V processor, an M.2 M-key 2280 PCIe slot for SSD expansion, and supports up to 8GB of RAM. The new Orange Pi board is equipped with […] ⌘ Read more
[47°09′34″S, 126°43′08″W] Reading: 0.74000 PPM
Kaidan: Kaidan 0.12.2: Message Removal and Bubble Fixes
Kaidan 0.12.2 fixes some bugs.
Have a look at the changelog for more details.
Bugfixes:
- Fix removing corrected message (melvo)
- Fix showing message bubble tail only for first message of sender (melvo)
- Source code (.tar.xz) ( sig signed with [04EF … ⌘ Read more
Kaidan: Kaidan 0.12.1: Voice Message and Password Change Fixes
Kaidan 0.12.1 fixes some bugs.
Have a look at the changelog for more details.
Bugfixes:
- Do not highlight unpinned chats when pinned chat is moved (melvo)
- Fix deleting/sending voice messages (melvo)
- Fix crash during login (melvo)
- Fix opening chat again after going back to chat list on narrow window (melvo)
- Increase tool bar height to fix avatar not being recognizable (melvo)
- Fix width of sear … ⌘ Read more
ProcessOne: Supporting XMPP Standard Foundation’s open letter to Meta for true interop
The XMPP Standards Foundation (XSF) has published an open letter to Meta, asking them to support … ⌘ Read more
Mathieu Pasquet: Poezio 0.15 / 0.15.1
About three years since the last version, poezio 0.15 (and 0.15.1 to address
a small packaging mishap, version numbers are cheap) was released yesterday!
Poezio is a terminal-based XMPP client which aims to replicate the
feeling of terminal-based IRC clients such as irssi or weechat; to
this end, poezio originally only supported multi-user chats.
Not a lot this time around… Maybe next time?
- A new
moderateplugin (for [XEP-0425](http://xmpp.org/ex … ⌘ Read more
[$] LWN.net Weekly Edition for March 27, 2025
Inside this week’s LWN.net Weekly Edition:
Front: Open source in government; OSI election; Memory-management medley; Address-space isolation; CMA; 6.14 Development stats; State of the page.
Briefs: Asahi Linux progress; Reproducible Debian; rpi-image-gen; Neovim 0.11; OpenH264; Quotes; …
Announcements: Newsletters, conferences, security updates, patches, and more. ⌘ Read more
Neovim 0.11 released
Version\
0.11 of the Neovim text editor has been released. Notable changes
in this release include simpler Language Server Protocol (LSP) client
setup, improved tree-sitter performance, better emoji support, and
enhancements for Neovim’s embedded terminal emulator. See the release notes for
a full list of changes. ⌘ Read more
↳
In-reply-to
»
I now subscribed to most feeds in my Go
⤋ Read More
tt reimplementation that I already followed with the old Python tt. Previously, I just had a few feeds for testing purposes in my new config. While transfering, I "dropped" heaps of feeds that appeared to be inactive.
Thanks, @movq@www.uninformativ.de!
My backing SQLite database with indices is 8.7 MiB in size right now.
The twtxt cache is 7.6 MiB, it uses Python’s pickle module. And next to it there is a 16.0 MiB second database with all the read statuses for the old tt. Wow, super inefficient, it shouldn’t contain anything else, it’s a giant, pickled {"$hash": {"read": True/False}, …}. What the heck, why is it so big?! O_o
[$] Development statistics for 6.14
By the time that Linus Torvalds released
the 6.14 kernel, 11,003 non-merge changesets had been pulled into the
mainline, making this one of the smallest releases we have seen in some
time. Indeed, one must go back to the 4.0\
release, which happened almost exactly ten years ago, to find a release
with fewer changesets than 6.14. Even so, “small” is relative, and 6.14
contains a lot of significant changes. ⌘ Read more
Security updates for Monday
Security updates have been issued by Debian (libxslt, mercurial, and webkit2gtk), Fedora (chromium, dotnet8.0, ffmpeg, jupyterlab, and kitty), Mageia (expat and libxslt), Red Hat (pcs), SUSE (apptainer, chromium, kernel, libarchive, mercurial, python311, radare2, xorg-x11-server, and zvbi), and Ubuntu (golang-github-cli-go-gh-v2 and nltk). ⌘ Read more
[47°09′03″S, 126°43′04″W] Reading: 0.30000 PPM
[$] Multiple memory classes for address-space isolation
Brendan Jackman has been working to try to get ahead of the next hardware CPU
vulnerability
before it gets discovered. In January, he posted the second version of
a patch set that introduces
address-space isolation (ASI) as a way of
preventing future CPU vulnerabilities from leaking important
information. The core concept is to ensure that data that is not currently
ne … ⌘ Read more
iPhone Users Who Pay for iCloud Storage Receive a New Perk
If you pay for iCloud storage on your iPhone, Apple has a new perk for you, at no additional cost.
iCloud+ is the official name for Apple’s paid iCloud storage plans, which range from 50GB for $0.99 per month to 12TB for $59.99 per month in the United States. iCloud+ plans already come with multiple perks for free, such as Hide My Email and HomeKit Secure Video, a … ⌘ Read more
KubeVirt Live Migration Mastery: Network Transparency with Kube-OVN
Discover how Kube-OVN enables transparent KubeVirt live migrations with IP preservation and <0.5s network downtime. In virtual machine usage scenarios, live migration allows a virtual machine to be moved from one node to another for operations… ⌘ Read more
[$] LWN.net Weekly Edition for March 20, 2025
Inside this week’s LWN.net Weekly Edition:
Front: Oxidizr; Spectre mitigations; Frozen pages; Mapcount madness; Open-source risks; /e/OS.
Briefs: Supply chain attacks; SystemRescue 12.00; Casual Make; GIMP 3.0; Git 2.49.0; GNOME 48; PeerTube 7.1; Quotes; …
Announcements: Newsletters, conferences, security updates, patches, and more. ⌘ Read more
[47°09′10″S, 126°43′05″W] Reading: 0.73000 PPM
Hi! For anyone following the Request for Comments on an improved syntax for replies and threads, I’ve made a comparative spreadsheet with the 4 proposals so far. It shows a syntax example, and top pros and cons I’ve found:
https://docs.google.com/spreadsheets/d/1KOUqJ2rNl_jZ4KBVTsR-4QmG1zAdKNo7QXJS1uogQVo/edit?gid=0#gid=0
Feel free to propose another collaborative platform (for those without a G account), and also share your comments and analysis in the spreadsheet or in Gitea.
Cuprate Meeting scheduled for 25 March 2025 1800 UTC
The next Cuprate Meeting is scheduled1 to take place on Tuesday, March 25 2025 at 18:00 UTC on IRC-Libera/Matrix2 in the #cuprate channels.
Agenda overviewCuprate is an effort to create an alternative Monero node implementation.
Greetings
Updates: What is everyone working on?
Project: What is next for Cuprate?
Any other business
The meeting’s moderator should be Boog9003. Consult the Cuprate code reposi … ⌘ Read more
Prosodical Thoughts: Prosody 13.0.0 released!
Welcome to a new major release of the Prosody XMPP server! While the 0.12 branch has served us well for a while now, this release brings a bunch of new features we’ve been busy polishing.
If you’re unfamiliar with Prosody, it’s an open-source project that implements XMPP, an open standard protocol for online communication. Prosody is widely used to power everything from small self-hosted messaging servers to worldwide real-time applications such as Jits … ⌘ Read more
ditatompel releases ‘xmr-remote-nodes’ v0.2.1
ditatompel1 has released xmr-remote-nodes 2 version 0.2.13 with a fix for CVE-2024-453384, new features and updates:
”`
- fix: CVE-2024-45338 in #173
- feat: Added tor hidden service via HTTP header
- feat: Added more information on monero node details page
- feat: Added curl example command to Node details modal and page
- feat: Store hashed user IP address when submitting new node
- build(de … ⌘ Read more”`
Monero Dev Activity Report - Week 11 2025: 14 PRs, 3 Issues
This weekly report aims to provide a big picture view of Monero development activity, increase community support for existing devs and, hopefully, encourage new contributions.
Opened (8)
monero-project/monero:
Monero Observer Artistic Saturday Top 5 - Week 11, 2025
Previous Artistic Saturday weekly reports can be found in the [art] 1 section.
![‘Spe … ⌘ Read more
Gajim: Gajim 2.0.3
This release fixes some group chat issues and allows to store individual window sizes. Thank you for all your contributions!
With Gajim 2.0, we migrated Gajim’s user interface toolkit to GTK 4, which brings performance improvements and sets the ground for great features to follow.
Gajim 2.0.3 will store dimensions for each window, so it always remembers your preferred window size. Furthermore, this release fixes is … ⌘ Read more
[47°09′36″S, 126°43′39″W] Reading: 0.73 Sv
Cuprate ‘ready for casual usage’ after ~12 months of paid development
hinto-janai1 has announced2 the first alpha release (v0.0.1 Molybdenite 3) of Cuprate4 - an alternative and independent Rust Monero node implementation - after more than 12 months of continuous CCS-funded development:
Contributors overviewThe first alpha release is now ready for casual usage.
@Asurar0
@Boog900
@dimalinux
@hinto-janai
@jomuel
@kayabaNerve ... ⌘ [Read more](https://monero.observer/cuprate-v0.0.1-molybdenite-released-after-12-months-paid-development/)Sign in as anyone: Bypassing SAML SSO authentication with parser differentials
Critical authentication bypass vulnerabilities (CVE-2025-25291 + CVE-2025-25292) were discovered in ruby-saml up to version 1.17.0. In this blog post, we’ll shed light on how these vulnerabilities that rely on a parser differential were uncovered.
The post [Sign in as anyone: Bypassing SAML SSO authentication with parser differentials](https://github.blog/security/sign-in-as-anyone- … ⌘ Read more
PicoCalc Brings Classic Computing to ClockworkPi v2.0 with Raspberry Pi Pico
The PicoCalc is a compact computing platform designed to recreate the experience of early personal computers. Running on 260KB of memory, it allows users to code in BASIC, explore Lisp, interact with a UNIX-like environment, and run retro games and digital music. Its modular and open-source design makes it adaptable for various applications. Built on […] ⌘ Read more
Cuprate Meeting scheduled for 18 March 2025 1800 UTC
The next Cuprate Meeting is scheduled1 to take place on Tuesday, March 18 2025 at 18:00 UTC on IRC-Libera/Matrix2 in the #cuprate channels.
Agenda overviewCuprate is an effort to create an alternative Monero node implementation.
Greetings
Updates: What is everyone working on?
Project: What is next for Cuprate?
Any other business
The meeting’s moderator should be Boog9003. Consult the Cuprate code reposi … ⌘ Read more
Community Workgroup Meeting scheduled for 15 March 2025 1600 UTC
The next Monero Community Workgroup Meeting is scheduled1 to take place on Saturday, 15th of March 2025 at 16:00 UTC, in the #monero-community 2’3 channels.
Discussions should be focused on community highlights, CCS updates and workgroup reports. plowsof4 will moderate the meeting.
Logs for the previous meeting are available on Monero Observer5.
_This is an ongoing story and the re … ⌘ Read more
[LTH] [Bounty] [0.1 XMR] Stack Wallet - Add missing icons for swap providers
Link: https://bounties.monero.social/posts/184/
b4n6_b4n6 (Github) ⌘ Read more
Mathieu Pasquet: slixmpp v1.9.1
This is mostly a bugfix release over version 1.9.0.
The main fix is the rust JID implementation that would behave incorrectly when
hashed if the JID contained non-ascii characters. This is an important issue as
using a non-ascii JID was mostly broken, and interacting with one failed in
interesting ways.
- The previously mentioned JID hash issue
- Various edge cases in the roster code
- One edge case in the MUC ( [XEP-0045](https: … ⌘ Read more
Radxa CM3J with Built-in Wi-Fi 5 and Bluetooth 5.0 for Industrial Applications
The Radxa CM3J is an industrial-grade compute module built around the Rockchip RK3568J SoC. This compact module integrates a CPU, PMU, LPDDR4X, eMMC, and wireless connectivity options such as Wi-Fi 5 and Bluetooth 5.0 in a 55mm x 40mm form factor. The Radxa CM3J is powered by the Rockchip RK3568J, a quad-core Cortex-A55 64-bit SoC […] ⌘ Read more
selsta posts February 2025 Monero dev report
selsta1 has posted a monthly CCS progress report2 for February 2025, which includes several Monero dev updates.
Milestone 3:
* v0.18.4.0 is code-ready and currently in testing phase
* Traced down a bug in a recently merged PR that is part of v0.18.4.0
* Handle the recent DDoS attempt on public nodes
Note that misc work is not explicitly mentioned in these updates. The full list of changes can be found on Github3’[4 … ⌘ Read more
Gajim: Gajim 2.0.2
This release updates message moderation in group chats, improves handling of URIs, and fixes some bugs. Thank you for all your contributions!
With Gajim 2.0, we migrated Gajim’s user interface toolkit to GTK 4, which brings performance improvements and sets the ground for great features to follow.
Gajim 2.0.2 updates Gajim’s support for [XEP-0425: Moderated Message Retraction](https://xmpp.org/extensions/xep-0425.h … ⌘ Read more
Climate Change Threatens Earth’s Major Crops, Study Finds
Michael Riojas, Reporter and Editorial Assistant - Eco Watch
Stephan: Climate change is going to drastically change agriculture, and that is going to cause enormous migrations both internally and internationally. This will, in turn, massively disrupt nations across Earth. And this crisis is coming very quickly. By 2040 humanity will be in crisis.
monero-project/monero:
John-Doggett releases ‘Monerod Node Setup Scripts’ v0.4.0
John-Doggett1 has released Monerod-Node-Setup-Scripts 2 version 0.4.03 with a bugfix for the certificate renewals script4 and various improvements:
This release fixes an issue with the watch_certificates_xmr.sh script that checks the certificate from caddy and copies it over to monerod. If you have an existing install using HTTPS, you must download the new watch_certificates_xmr.sh and … ⌘ Read more
everoddandeven releases ‘Monero Daemon GUI’ v1.2.0
everoddandeven1 has released Monero node manager monerod-gui 2 version 1.2.0 Shadowness 3 with various upgrades, fixes and improvements:
Upgrade Electron to v35.0.0
Upgrade Angular to v19
Upgrade dependencies
TOR and I2P service
Private testnet tool
UI fixes and improvements
monerod settings fixes
Consult the Github repository2 for the complete changelog4, a demo … ⌘ Read more
Monero Observer Artistic Saturday Top 5 - Week 10, 2025
Previous Artistic Saturday weekly reports can be found in the [art] 1 section.
Cuprate Meeting scheduled for 11 March 2025 1800 UTC
The next Cuprate Meeting is scheduled1 to take place on Tuesday, March 11 2025 at 18:00 UTC on IRC-Libera/Matrix2 in the #cuprate channels.
Agenda overviewCuprate is an effort to create an alternative Monero node implementation.
Greetings
Updates: What is everyone working on?
Project: What is next for Cuprate?
Any other business
The meeting’s moderator should be Boog9003. Consult the Cuprate code reposi … ⌘ Read more
b4n6_b4n6, not-a-money-printer propose bounties to make Monero GUI, RetoSwap, UnstoppableSwap ‘Whonix friendly’
b4n6_b4n61 and not-a-money-printer2 have proposed bounties3’4’5 to make monero-wallet-gui6, RetoSwap7, and UnstoppableSwap8 Whonix friendly 9:
”`
#1 Make monero-wallet-gui whonix friendly
Total Bounty: ~0.12 XMR (to date)
#2 Make reto swap whonix friendly
To … ⌘ Read more”`
[AFH] [0.13 XMR] Anonymous Web development for landing page - No Logs, No Tracking, Just Code.
I offer minimalist landing pages, personal portfolios, and business profile websites with a strong focus on privacy and anonymity. No tracking, no Google Analytics, and no sensitive data collection. delivery can take times depending how complex the website is.
Link: https://xmrbazaar.com/listing/QyQR/
AdditionalRabbit31 (XMRBazaar) ⌘ Read more
it’s been while since I’d stopped #window-manager hopping and just settled with #Herbstluftwm but I’m NGL, the River #Wayland compositor is starting to grow on me… I’m still not sure if it’s just me but something about it feels clean and snappy. The shortcuts in the vanilla/example configuration feel a bit clunky, but then again, it’s just me being used to the same old ones I keep adopting and replicating across WMs. I’ve got 0 energy for ricing so I’ll just roll with the vanilla config as is (maybe add in a short-cut for a launcher but that will be it).
[47°09′12″S, 126°43′48″W] Reading: 0.25 Sv
Gajim: Gajim 2.0.1
This release resolves an issue with Gajim’s preferences window and fixes some bugs. Thank you for all your contributions!
Gajim 2.0
A note for Windows users: At the time of writing, there are some issues with emoji rendering on Windows. That’s why there is no release of Gajim 2.0 for Windows yet. This issue should soon be resolved and we will post an update once Gajim 2.0 is released on Windows.
More Changes … ⌘ Read more
↳
In-reply-to
»
@lyse What do you think about this? https://git.mills.io/yarnsocial/twtxt.dev/issues/14
⤋ Read More
I like this syntax, you have my vote, although I’d change it a bit like
#<Alice https://example.com/twtxt.com#2024-12-18T14:18:26+01:00>
Hashes are not a problem on PHP, I dont know why it’s slow to calculate them from your side, but I agree with your points.
BTW, did you have the chance to read my proposal on twtxt 2.0? I shared a few ideas about possible improvements to discuss:
https://text.eapl.mx/a-few-ideas-for-a-next-twtxt-version
https://text.eapl.mx/reply-to-lyse-about-twtxt
SChernykh releases P2Pool v4.4
SChernykh1 has released P2Pool 2 version 4.43 with various new features and fixes.
New Features:
* Added RPC-SSL support for Monero node connections
* Removed deprecated --config command line parameter
* Faster initial sync (0.5-1 seconds saved on verification of blocks)
Bugfixes:
* Updated internal dependencies
The full list of changes since v4.3 is available on Github4.
Before using the software, you should v … ⌘ Read more
Monero Dev Activity Report - Week 9 2025: 20 PRs, 9 Issues
This weekly report aims to provide a big picture view of Monero development activity, increase community support for existing devs and, hopefully, encourage new contributions.
Opened (4)
monero-project/monero:
Monero Observer Artistic Saturday Top 5 - Week 9, 2025
Previous Artistic Saturday weekly reports can be found in the [art] 1 section.
.
Long story short, there are at least two major changes warranting the new number (and plenty of other things, read on!):
- switching the cython jid implementation for a rust one, which will be faster and more correct
- removing the xmpp.process() method (planned since the 1.8.0 release)
Special thanks to nicoco … ⌘ Read more
Community Workgroup Meeting scheduled for 1 March 2025 1800 UTC
The next Monero Community Workgroup Meeting is scheduled1 to take place on Saturday, 1st of March 2025 at 18:00 UTC, in the #monero-community 2’3 channels.
Discussions should be focused on community highlights, CCS updates and workgroup reports. plowsof4 will moderate the meeting.
Logs for the previous meeting are available on Monero Observer5.
_This is an ongoing story and the repor … ⌘ Read more
Cuprate Meeting scheduled for 4 March 2025 1800 UTC
The next Cuprate Meeting is scheduled1 to take place on Tuesday, March 4 2025 at 18:00 UTC on IRC-Libera/Matrix2 in the #cuprate channels.
Agenda overviewCuprate is an effort to create an alternative Monero node implementation.
Greetings
Updates: What is everyone working on?
Project: What is next for Cuprate?
Any other business
The meeting’s moderator should be Boog9003. Consult the Cuprate code repositor … ⌘ Read more
[47°09′54″S, 126°43′10″W] Reading: 0.16000 PPM
[LTH] [Bounty] [0.35 XMR] Silent.Link - Develop android widget for displaying of account balance
Link: https://bounties.monero.social/posts/179/
b4n6_b4n6 (Github) ⌘ Read more
Monero Observer Artistic Saturday Top 5 - Week 8, 2025
Previous Artistic Saturday weekly reports can be found in the [art] 1 section.