9to5Linux2d ago

#Linux Weekly Roundup for March 15th, 2026: #EndeavourOS Titan, #GIMP 3.2, #Debian 13.4, #SuperTux 0.7.0, OBS Studio 32.1, Qt Creator 19, #NVIDIA 580.142, #KDE Plasma 6.5.6, #Fedora Linux 44 beta, #fwupd 2.1.1, KDE Frameworks 6.24, #KeePassXC 2.7.12, Linux App Summit 2026, #Calibre 9.5, #Sigil 2.7.5, #Marknote 1.5, #Calamares 3.4.2, #OpenSSL 4.0 alpha, new #Steam Client stable updates, and more https://9to5linux.com/9to5linux-weekly-roundup-march-15th-2026

#OpenSource #FOSS

Conan the Sysadmin3d ago
Build your own secure realm, where the most powerful secret tongues are spoken. #TLS #OpenSSL #cybersecurity #Nginx #OpenSource https://cromwell-intl.com/open-source/nginx-openssl-quantum-safe/oqsprovider-on-freebsd.html?s=mc
oqs-provider on FreeBSD

How to build and install Open Quantum Safe oqs-provider on FreeBSD.

Bob's Pages of Travel, Linux, Cybersecurity, and More
9to5LinuxMar 10

OpenSSL 4.0 Promises Support for Encrypted Client Hello, SNMP KDF, and SRTP KDF

https://fed.brid.gy/r/https://9to5linux.com/openssl-4-0-promises-support-for-encrypted-client-hello-snmp-kdf-and-srtp-kdf

daniel:// stenberg://Mar 10

#OpenSSL 4.0.0-alpha1 is released and current curl master builds and runs fine with it. Even doing ECH,

https://github.com/openssl/openssl/releases/tag/openssl-4.0.0-alpha1

9to5LinuxMar 10

#OpenSSL 4.0 Promises Support for Encrypted Client Hello, Support for SNMP KDF and SRTP KDF, and Much More https://9to5linux.com/openssl-4-0-promises-support-for-encrypted-client-hello-snmp-kdf-and-srtp-kdf

#OpenSource #Linux

HackadayMar 6

This Week In Security: Getting Back Up to Speed

https://fed.brid.gy/r/https://hackaday.com/2026/03/06/this-week-in-security-getting-back-up-to-speed/

13Mar 6
This Week In Security: Getting Back Up to Speed https://hackaday.com/2026/03/06/this-week-in-security-getting-back-up-to-speed/
#HackadayColumns #SecurityHacks #Artificialintelligence #Glibc #Javascript #Kismet #Notepad #Openssl #Telnet #Telnetd #ThisWeekinSecurity
This Week In Security: Getting Back Up To Speed

Editor’s Note: Over the course of nearly 300 posts, Jonathan Bennett set a very high bar for this column, so we knew it needed to be placed in the hands of somebody who could do it justice. T…

Hackaday
Marcel SIneM(S)USMar 3
#IPFire 2.29 Core Update 200: #Linux  6.18 LTS und DBL-Preview | iX Magazin https://www.heise.de/news/IPFire-2-29-Core-Update-200-Linux-6-18-LTS-und-DBL-Preview-11194695.html #OpenSource #OpenSSL #DNS #Verschlüsselung #encryption
IPFire 2.29 Core Update 200: Linux 6.18 LTS und DBL-Preview

IPFire 2.29 Core Update 200 bringt Linux 6.18 LTS, das neue Domain-Blocklist-System, zahlreiche Paket‑Updates und wichtige Leistungsverbesserungen.

heise online
Mike HarrisonMar 3
FOSS is important. Donations from the client in progress. The ability to compile, from source, OpenSSL and OpenSSH on an old bespoke "Debian 8-ish" based ARM device means hundreds of devices get a few more years of life. #FOSS #OpenSSL #OpenSSH
Super OwlMar 2
I've been watching the recent #OpenSSL vulnerabilities with Eagle eyes, first announced here:

https://www.lesswrong.com/posts/7aJwgbMEiKq5egQbd/ai-found-12-of-12-openssl-zero-days-while-curl-cancelled-its

The OpenSSL fixes were out Jan 27th (as packaged up by #Debian); it's just that Debian failed to mention it on their web page as of yet:

https://www.debian.org/security/

But they did get mentioned here:

https://lists.debian.org/debian-security-announce/2026/msg00022.html

"For the oldstable distribution (bookworm), these problems have been fixed
in version 3.0.18-1~deb12u2.
For the stable distribution (trixie), these problems have been fixed in
version 3.5.4-1~deb13u2."

As of yet, these announcements never got into the Debian Security Announcement RSS feed either ( https://www.debian.org/security/dsa ). I have the unpopular view that email mailing lists are not really a good idea (as a means to disseminate information broadly, in a one-way-street sort of way), and should actually be #RSS feeds.

#infosec #OpenSource #Linux
AI found 12 of 12 OpenSSL zero-days (while curl cancelled its bug bounty) — LessWrong

This is a partial follow-up to AISLE discovered three new OpenSSL vulnerabilities from October 2025. …