Version 1.7.0 ("Daffodil") of the Radicle peer-to-peer, local-first code collaboration stack has been released. Some of the changes in this release include improved I/O usage, the ability to block nodes at the connection level, and clearer errors for rad id updates. See the release notes for a full list of changes and bug fixes.
GNOME 50 has been
released. Notable changes in this release include enhancements to the
Orca screen-reader application, interface and performance improvements
for GNOME's file manager (Files), a "massive set of stability and
performance updates
" for its display-handling technologies, and
much more. See also the "What's new
for developers" article that covers changes of interest to GNOME
and GNOME application developers.
Qualys has discovered a local-privilege escalation (LPE) vulnerability affecting Ubuntu Desktop 24.04 and later:
This flaw (CVE-2026-3888) allows an unprivileged local attacker to escalate privileges to full root access through the interaction of two standard system components: snap-confine and systemd-tmpfiles.
More details are available in the security advisory. Canonical has published updated packages as well as instructions for verifying if a system is vulnerable and how to upgrade if so.
Fedora Asahi Remix 43 is now available:
This release incorporates all the exciting improvements brought by Fedora Linux 43. Notably, package management is significantly upgraded with RPM 6.0 and the new DNF5 backend for PackageKit for Plasma Discover and GNOME Software ahead of Fedora Linux 44. It also continues to provide extensive device support. This includes newly added support for the Mac Pro, microphones in M2 Pro/Max MacBooks, and 120Hz refresh rate for the built-in displays for MacBook Pro 14/16 models.
The Free Software Foundation Europe (FSFE) is reporting that payment provider Nexi has terminated its contract without prior notice, which means that a number of FSFE supporters' recurring payments have been halted:
Over the past few months, our former payment provider Nexi S.p.A. ("Nexi") requested access to private data, which we understood to be specifically the usernames and passwords of our supporters. We have refused this request. All our attempts to clarify Nexi's request, or to understand how their need for such information was necessary and legal, were met with what we consider to be vague and unsatisfactory explanations relating to a general need for risk analysis.
[...] The decisions that Nexi has made are incomprehensible to us. Over the last months, as part of a security audit that Nexi claimed to be conducting, we have provided them with large amounts of the FSFE's financial documentation, which even included private information of our executive staff. We have answered all of their questions. But we have to draw a line when private companies like Nexi demand access to the sensitive and private data of our supporters.
According to the blog post, more than 450 supporters have been affected by this. The FSFE's donation pages have been updated with its new payment provider.
Fedora Project Leader (FPL) Jef Spaleta has issued
a "modest proposal
" for a technology-innovation-lifecycle process
that would provide more formal structure for adopting technologies in
Fedora. The idea is to spur innovation in the project without having an adverse
impact on stability or the release process. Spaleta's proposal is
somewhat light on details, particularly as far as specific examples of
which projects would benefit; however, the reception so far is mostly
positive and some think that it could make Fedora more "competitive" by being the
place where open-source projects come to grow.
Version 1.5 of Marknote, a Markdown-based note-management application, has been released. Notable features in this release include Source Mode for working directly with Markdown instead of the WYSIWYG interface, internal wiki-style links for notes, as well as simpler management of notes and notebooks.
Kurt Roeckx has announced that Debian has moved to the campaigning period for the 2026 Debian Project Leader (DPL) election. This year there is only one candidate, Sruthi Chandran, so Debian voters will have a choice between Chandran as DPL or "None of the above". The campaign period will run through April 3, and the voting period will run from April 4 to April 17. Chandran has not yet posted a platform for the 2026 election, but her 2024 platform is available on the Debian wiki.
A recently enacted law in California imposes an age-verification requirement on operating-system providers beginning next year. The language of the Digital Age Assurance Act does not restrict its requirements to proprietary or commercial operating systems; projects like Debian, FreeBSD, Fedora, and others seem to be on the hook just as much as Apple or Microsoft. There is some hope that the law will be amended, but there is no guarantee that it will be. This means that the developer communities behind Linux distributions are having to discuss whether and how to comply with the law with little time and even less legal guidance.
Connexion