You are never too old or too young to learn programming.

Two offerings that promise privacy and control, yet each takes a different path.

Flameshot 13.0 marks the screenshot tool's first major update in over 3 years, adding Qt6 support, disabling Imgur uploads by default, and improving its tools.

You're reading Flameshot Screenshot App Gets First Major Update in 3 Years, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Chrome's Ozone backend will auto-detect Wayland on Linux from v140. This should fix issues with blurry text and UI elements when fractional scaling is active.

You're reading Chrome Plans to Play Nicer with Wayland on Linux, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Starting with 7.4.1-2, the following Zabbix system user accounts (previously shipped by their related packages) will no longer be used. Instead, all Zabbix components will now rely on a shared zabbix user account (as originally intended by upstream and done by other distributions):

• zabbix-server
• zabbix-proxy
• zabbix-agent (also used by the zabbix-agent2 package)
• zabbix-web-service

This shared zabbix user account is provided by the newly introduced zabbix-common split package, which is now a dependency for all relevant zabbix-* packages.

The switch to the new user account is handled automatically for the corresponding main configuration files and systemd service units.

However, manual intervention may be required if you created custom files or configurations referencing to and / or being owned by the above deprecated users accounts, for example:

• PSK files used for encrypted communication
• Custom scripts for metrics collections or report generations
• sudoers rules for metrics requiring elevated privileges to be collected
• ...

Those should therefore be updated to refer to and / or be owned by the new zabbix user account, otherwise some services or user parameters may fail to work properly, or not at all.

Once migrated, you may remove the obsolete user accounts from your system.

Hello community, here we have another set of package updates.

Current Promotions

• Protect your personal data, keep yourself safe with Surfshark VPN: See current promotion

Recent News

• Development | Q&A | Zotac Gaming ZONE
• Development | Q&A | OrangePi Neo-01
• Manjaro 25.0 Zetar released
• Manjaro Summit public Alpha now available
• As of Linux 6.14.11, the 6.14 series is now EOL (End Of Life). Please install 6.15 stable and/or 6.12 LTS (Long Term Support).

Valkey to replace Redis in the [extra] Repository (click for more details) Previous News Finding information easier about Manjaro (click for more details) Notable Package Updates

• Some Kernels got updated
  • this includes an initial preview of 6.17 kernel series
  • toolchain updates with gcc security fixes and glibc 2.42
• Some Updates to GNOME
• Blender 4.5.1
• Mesa 25.1.7
• Inputplumber 0.61.0
• Ollama 0.10.1
• Updates to Python and Haskell

Additional Info Python 3.13 info (click for more details) Info about AUR packages (click for more details)

Get our latest daily developer images now from Github: Plasma, GNOME, XFCE. You can get the latest stable releases of Manjaro from CDN77.

Our current supported kernels

• linux54 5.4.296
• linux510 5.10.240
• linux515 5.15.189
• linux61 6.1.147
• linux66 6.6.101
• linux612 6.12.41
• linux615 6.15.9
• linux616 6.16.0
• linux617 6.17.0-rc0
• linux61-rt 6.1.146_rt53
• linux66-rt 6.6.99_rt58
• linux612-rt 6.12.39_rt11
• linux615-rt 6.15.0_rt2

Package Changes (Mon Aug 4 08:50:41 CEST 2025)

• testing core x86_64: 25 new and 25 removed package(s)
• testing extra x86_64: 1449 new and 1446 removed package(s)
• testing multilib x86_64: 17 new and 17 removed package(s)

Overlay Changes

• testing core x86_64: 27 new and 25 removed package(s)
• testing extra x86_64: 185 new and 178 removed package(s)

A list of all changes can be found here.

Click to view the poll.

Check if your mirror has already synced:

• Mirror-Check Service

17 posts - 9 participants

Read full topic

Newelle is a desktop AI assistant for Linux, providing a native GTK front-end to cloud and local LLMs. It features voice chat, long-term memory and extensions.

You're reading Newelle, AI “Assistant” for GNOME, Hits Version 1.0, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

KDE Plasma 6.5 will finally include automatic day/night theme switching, to change light/dark Global Themes based on the time of the day.

You're reading KDE Plasma Adding Auto Day/Night Theme Switching, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Ubuntu Server 25.10 removes wget from its default installation, in favour of the wcurl tool. Here's why the change was made and if it'll affect you.

You're reading wget Removed from Ubuntu Server 25.10 Default Install, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Whether you’re new to Ubuntu or have been using it for years, The Ultimate Ubuntu Handbook offers a wealth of practical tips, time-saving tricks, and insider insights that will help you get even more out of your Ubuntu experience.

Roundup of July's smaller Linux app releases: Shotcut and Kdenlive video editors, Plank Reloaded dock, Krita performance fixes, and more.

You're reading Linux App Release Roundup (July 2025), a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

The US ending tariff exemption on goods under $800 could send the price of Raspberry Pi, mini PCs and other Linux hardware soaring — not just for buyers in America.

You're reading US Tariff Change Could Send SBC & Mini PC Prices Soaring, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Welcome to the new monthly unstable branch thread.

Recent News Kernel 6.15 is now EOL (click for more details) zabbix >= 7.4.1-2 may require manual intervention (click for more details) (click for more details) Notable Package Changes

• WebKitGTK 2.48.5
• KDE Plasma 6.4.4
• NetworkManager 1.54
• GStreamer 1.26.5
• KDE Frameworks 6.17.0
• GNOME 48.4
• NVIDIA 580.76.05
  • NOTE: The 580 series will be the last to support GPUs based on the Maxwell, Pascal, and Volta architectures. See Unix graphics feature deprecation schedule - Linux - NVIDIA Developer Forums
• VirtualBox 7.2.0
• KDE Gear 25.08
• Mesa 25.2.1
• LibreOffice 25.8
• Firefox 142.0.1

Known Issues 2025-07-20 - grub update 2:2.12.r292 -> r350 (click for more details) 2025-06-22 - linux-firmware-amdgpu-20250613.12fe085f may create an unbootable system for RDNA4 GPUs or graphical glitches with RDNA3 GPUs (click for more details) 2025-06-01 - avahi-discover python script (click for more details) Chrome/Chromium-based browsers and GNOME 48 - Global Shortcuts (click for more details) python-gobject 3.52 breaks multiple apps (libpeas related) (click for more details) Possible breaking changes to pacman-mirrors (click for more details) Plasma 6.4.0 will need manual intervention if you are on X11 (click for more details) Additional Info Info about AUR packages (click for more details)

Get our latest daily developer images now from Github: Plasma, GNOME, XFCE. You can get the latest stable releases of Manjaro from CDN77.

Check if your mirror has already synced:

• Mirror-Check Service

35 posts - 15 participants

Read full topic

Ubuntu's DING extension adds new keyboard shortcuts for desktop icon selection, including multi-select, Ctrl+Space toggle, and HOME/END navigation.

You're reading Ubuntu’s Desktop Icons Extension Gains New Keyboard Shortcuts, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

The third monthly snapshot of Ubuntu 25.10 (Questing Quokka) is available to download, if you feel like helping the furry-faced mascot seeks out stable status.

You're reading Ubuntu 25.10 Snapshot 3 is Available to Download, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Proton launches a free, open-source 2FA app with cross-device sync. It works on all major OSes, including Ubuntu, as a privacy-focused alternative to Google Authenticator.

You're reading Proton’s New 2FA Authenticator App Supports Ubuntu, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

by George Whittaker Introduction

Flatpak promises a secure runtime for Linux applications through container-like isolation, relying on bubblewrap namespaces, syscall filtering, and portal interfaces. In theory, each app should operate inside a strong sandbox, disconnected from the host system. But in reality, experience shows gaps, tiny cracks through which apps may escape with serious consequences.

The Sandbox Promise… and the Reality

Flatpak applications begin life in a highly-restricted environment: no network by default, no access to host files beyond the runtime and a private data directory, limited syscalls, and restricted access to session or system services. Portals provide a controlled channel for granting specific capabilities (e.g. file dialogs, screenshot, printing) without broad privileges.

Yet, many Flatpak packages declare broad permissions like filesystem=home, filesystem=host, or device=all. That effectively grants full read-write access to the user's home directory or even system devices, defeating the purpose of the sandbox in practice. Users often assume that 'sandboxed' means locked-down, but blanket permissions expose them to risk.

Real-World Breakouts from the Sandbox CVE‑2024‑32462: RequestBackground Portal Abuse

Security researcher Gergo Koteles uncovered a high-severity vulnerability where malicious Flatpak apps could craft a .desktop file via the org.freedesktop.portal.Background.RequestBackground interface. That tricked Flatpak’s --command= parsing into injecting bwrap arguments (e.g. --bind). This allowed arbitrary host commands to execute outside the sandbox boundary. Versions before 1.10.9, 1.12.9, 1.14.6, and 1.15.8 were affected. Patched in the listed versions and mitigated in xdg-desktop-portal 1.18.4 and newer.

CVE‑2024‑42472: Persistent Data Symlink Exploit

A Flatpak flag, --persist (or persistent= in manifest), allows apps writable storage within their data directory. But if a malicious install replaces that directory with a symlink pointing to sensitive host folders (e.g. ~/.ssh), the sandbox mount entry follows it into the real filesystem, giving the app unintended access to files outside its name-spaced area. All versions up to 1.14.8 and 1.15.x ≤ 1.15.9 are vulnerable; patched in 1.14.10 and 1.15.10+.

Policy Complexity and Ecosystem Slip-Ups

A detailed study of hundreds of Flatpak and Snap packages found that nearly 42% of Flatpak apps either override the supposed isolation or misconfigure sandboxing, resulting in overprivilege or potential escape paths. Crafting fine-grained sandbox policy is hard, and mistakes slip through easily.

Go to Full Article

Keep on Linux-ing, even in the summer.

Hello community, here we have another set of package updates.

Current Promotions

• Protect your personal data, keep yourself safe with Surfshark VPN: See current promotion

Recent News

• Development | Q&A | Zotac Gaming ZONE
• Development | Q&A | OrangePi Neo-01
• Manjaro 25.0 Zetar released
• Manjaro Summit public Alpha now available
• As of Linux 6.14.11, the 6.14 series is now EOL (End Of Life). Please install 6.15 stable and/or 6.12 LTS (Long Term Support).

Valkey to replace Redis in the [extra] Repository (click for more details) Previous News Finding information easier about Manjaro (click for more details) Notable Package Updates

• Qemu 10.0.3
• Firefox 142.0b4
• Tuxedo-Drivers 4.14.4
• Slimbook-Service 0.8.5

Additional Info Python 3.13 info (click for more details) Info about AUR packages (click for more details)

Get our latest daily developer images now from Github: Plasma, GNOME, XFCE. You can get the latest stable releases of Manjaro from CDN77.

Our current supported kernels

• linux54 5.4.296
• linux510 5.10.240
• linux515 5.15.189
• linux61 6.1.147
• linux66 6.6.100
• linux612 6.12.40
• linux615 6.15.8
• linux616 6.16.0
• linux61-rt 6.1.146_rt53
• linux66-rt 6.6.99_rt58
• linux612-rt 6.12.39_rt11
• linux615-rt 6.15.0_rt2

Package Changes (Wed Jul 30 21:10:49 CEST 2025)

• testing core x86_64: 5 new and 5 removed package(s)
• testing extra x86_64: 1058 new and 1050 removed package(s)
• testing multilib x86_64: 2 new and 2 removed package(s)

Overlay Changes

• testing core x86_64: 11 new and 11 removed package(s)
• testing extra x86_64: 34 new and 37 removed package(s)

A list of all changes can be found here.

Click to view the poll.

Check if your mirror has already synced:

• Mirror-Check Service

3 posts - 3 participants

Read full topic

Ubuntu 25.10 improves experimental TPM-backed full-disk encryption, which ties security to hardware integrity. New options and checks will be in place.

You're reading Ubuntu 25.10 Offers Improved Disk Encryption Using TPM, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.