Every smart home has them: the older devices that still work perfectly well but no longer fit neatly into a modern setup. Instead of letting them gather dust in a drawer, the Open Home Foundation’s projects can help you bring them back into the fold. Here’s how a little proxying can give your beloved old gear a new lease of life, and keep your smart home that bit more sustainable.
Fixed frequent crashes affecting users with Intel Raptor Lake processors. (Bug 2039575)
Fixed an issue on macOS where choosing a PDF option, such as "Save as PDF", from the system print dialog would send the job to your printer instead of saving a file. (Bug 2047850)
Thanks to @SwitchandClick for spending time on this and publishing that video. Much appreciated.
Many Issues amended in upcoming 24.04-2.0 Release
When I watched that video referenced above, I continuously thought: ah... this is fixed in the next major release of Ubuntu Touch, or: ah... this is a known issue that we have on the roadmap..., or: ah... this is done in this ways by design (so it's a feature or basic functionality)...
Let me just state, that most of the criticized aspects will be resolved in upcoming Ubuntu Touch release 24.04-2.0 (the tests in that video blog post have been run on Ubuntu Touch 24.04-1.x):
Camera notch and rounding corners get honoured now by the UI
Ubuntu Touch's default webbrowser (Morph Browser) has been bumped from Chromium engine v87 (Qt5 based) to v134 (Qt6 based), installing another browser should not be necessary anymore (note that the privacy level in Morph Browser is pretty high, so using other browsers could mean a loss of privacy).
Bluetooth pairing agent got added to the bluetooth indicator
Ubuntu Touch now supports Snaps on CLI level and in the OpenStore app
Libertine has received fixes, but no substantial improvements. It mainly targets users who want to use their Ubuntu Touch device as desktop daily driver. Libertine-provided desktop apps UI-wise are often not usable on a phone-like device.
The app ecosystem of Ubuntu Touch is quite specific, because many apps in Ubuntu Touch have been explicitly developed for Ubuntu Touch using a widget toolkit called Lomiri.Components. However, in Ubuntu Touch we also encourage developers to provide apps written with other convergent-capable toolkits, such as QQC2-based apps or Kirigami-based apps.
One reason for the very different app ecosystem in Ubuntu Touch is that many service providers don't have Ubuntu Touch on their radar when investing in app development for their services. Some Ubuntu Touch App Developers work around this by either implementing unofficial client apps for web services (e.g. the Flow app for Deezer by Sander Klootwijk), others provide the web service via implementing a web app (will not work when offline, but at least will show up as an app in the launcher).
The overall solution for making Open-Store.io more familiar to users who migrate from Android is that commercial service providers start honouring digital sovereignty and start providing apps for Linux. Not just for the Linux desktop, but also for mobile Linux platforms. This dual use case can easily achieved with an app development that bears convergence in mind.
App Ecosystems are also a Matter of Perspective
And one more minor note: whenever I open an Android appstore or can peak over someone's shoulder using an iOS device: I always wonder: what are all these apps about??? Never heard about them.
So, familiarity really depends on perspective. And perspective depends on what you are used to. Change what you do and your perspective will follow.
Ubuntu Touch's root filesystem (rootfs) is Immutable
Only thing from that video blog post that we haven't fixed and won't do so in the midterm future is apt-get not working on the command line.
The reason for this is: the Ubuntu Touch root file system is an immutable file system and thus shall not be changed via apt-get & friends by ordinary users.
There are various discussions ongoing such as dpkg-divert'ing apt-get to a wrapper shell script that spits out an error message if rootfs is mounted read-only and someone tries to install packages the Debian/Ubuntu way. Other approaches are to mount some RAM disk over the rootfs, so apt-get can be used at runtime but changes to the system get reset at reboot.
However, it is possible to mount the root filesystem read-write and test newer package versions (as UT core developers do regularly, in fact). If you tinker with this, it is recommended to reflash your device (don't wipe user data, when you reflash!) from time to time, because adding packages or package upgrades to your rootfs may over time corrupt the integrity of the rootfs.
One reason for apt-get breaking the rootfs and thus your Ubuntu Touch development device is that the upgrade process of the rootfs image is incremental, so update tarballs sometimes contain only those parts that got changed between this and your previous upgrade (sometimes, upgrades contain a complete rootf image, depending on the interval between upgrades). If files from an incremental update tarball mix into a rootfs that got tinkered with via apt-get, you really end up on your own. Re-flashing will grab the complete rootfs tarball and wipe the whole rootfs and reinstall a fresh version of the newest rootfs image. Developers also do this in regular intervals to ensure their test device is clean again before running more/other tests.
We are excited to announce that the 1.60 update for Euro Truck Simulator 2 is now officially released! Let's dive in and take a look at what's in store.
As always, we would first like to thank everyone who participated in the open beta phase and helped us fine-tune all the new content by reporting issues to the dedicated section on our forum. Now let's see what's new in the 1.60 update!
Game Radio
With the 1.60 update, we are introducing Game Radio, a brand-new in-game radio system designed to make every drive feel more immersive and authentic. Rather than just playing music, Game Radio gives you five stations with their own distinct sounds, identities, and moods, each one built to shape the atmosphere of your journey in a different way.
Players can tune into Rust FM, Escape, PUMP IT!, Pop Gear, and Roadio, spanning guitar-driven rock and American roots music to electronic, pop, and lo-fi. Each station features carefully curated tracks, handpicked to hold up across many hours on the road. Escape is also a radio station designed to help content creators, and we are committed to do our best to keep it stream-safe.
Game Radio also introduces a new in-game widget displaying station info, track titles, and artist names while driving. Players can customize widget behavior through the Widget Options menu (F6). This update also brings a range of improvements to the existing radio and music player systems.
Game Radio arrives with its musical foundation in place, with more planned for future updates. You can find out more information about Game Radio in our dedicated blog post.
Improved Material System
The Improved Material System significantly improves the lighting and visual quality of vehicle interiors in selected trucks. Its main focus is to enhance how interior materials react to light, which results in a more readable, detailed, and visually pleasing cabin environment.
During the development of Project Road Trip, we implemented a wide range of visual and technical improvements. One of the most significant changes was a redesign of the materials used in vehicle interiors. As a result, it makes differences between materials such as leather, fabric, plastic, and metal far more apparent, even in low-light conditions. The new solution uses multiple variants of dynamic cubemaps, allowing all materials to reflect their surroundings more naturally and respond to ambient light in a more realistic way.
The entire system was designed from the start with the interiors of trucks in both games in mind, so the base games and their existing fleets will gradually benefit from these improvements as well. The first trucks to benefit from the Improved Material System in ETS2 are the DAF NGD and MAN TG3 TGX models. With future updates, we will gradually add this technology for other trucks across both games. You can read more about this feature here.
Light Tweaks
We have carried out minor adjustments to the global lighting, primarily focused on exposure and contrast balancing, along with subtle visual refinements for bad weather conditions. The work mainly consisted of smoothing out and polishing the overall visuals to achieve a more consistent and refined look.
Volvo FH Series 6 Update
With this update, truckers can customize their Volvo FH Series 6 with a selection of several new aerodynamic parts, including the newly designed aerodynamic roof deflectors available for the Sleeper Cab, Globetrotter, and Globetrotter XL cab variants. These updated components help create a smoother and more refined roof profile, blending seamlessly into the truck's overall design.
Alongside these additions, all Aero cabin variants also have the option to add new distinctive black aerodynamic A-Pillar trim, as featured on the newest generation of Volvo FH truck. These new additions reflect Volvo Trucks' ongoing efforts to improve aerodynamic efficiency and optimise airflow around the cab to help enhance energy efficiency and overall vehicle performance.
Job Details Widget
Based on feedback from our #BestCommunityEver and upcoming widget designs, the Job Details Widget is introduced with the 1.60 update. Its primary purpose is to enable a new, more immediate, and concise way of displaying relevant job info. Also, in response to community feedback, the GPS now displays the estimated arrival day and time, along with the remaining travel time and distance.
You can enable the Job Details Widget through the Widget Options menu (F6). The widget displays key job information, including cargo type and weight, delivery location, job income (colour-highlighted), and the remaining time to complete the job, so players will have this info available immediately without the necessity to pause the game. You can read more about the feature here.
Expanded Rest Mechanic
This new feature gives players greater control over their rest periods by allowing them to choose how long they want to sleep and exactly when they want to wake up, instead of being limited to a predefined rest duration.
Alongside this change, the Fatigue system is now split into two separate values: Rest State and Mandatory Break, each represented by its own icon in the UI.
The Rest State, symbolised by a bed icon, now gradually depletes rather than recovers over time. Extended periods of driving will steadily reduce the Rest State, while resting will restore it at a faster rate.
The Mandatory Break system, indicated by a "P" icon along with the remaining hours before a required stop, functions more strictly. In Euro Truck Simulator 2, drivers may drive for up to 10 hours before taking a mandatory break, which requires 9 consecutive hours of rest. You can read more about this feature here.
This release addresses five low-impact problems that need to be addressed as they can reduce safety margins.
In addition to updated releases for the supported Postfix versions 3.8-3.11, patches will also be available at the Postfix source mirror sites for the out-of-support Postfix versions 2.9-3.7:
These patches come with the same PGP, GPG1 and GPG2 signatures as Postfix release tarballs and patches.
Fixed in Postfix 3.8-3.11:
Bug 1 (defect introduced: Postfix 3.1, date 20150607): null pointer read and heap data overread in the Postfix SMTP client's smtp_dns_reply_filter. Problem reported by TristanInSec, found with ASAN. Also reported by other people. Reproduction and real-world impact researched by Wietse.
Root cause for bug 1:
A missing 'break' statement after the code that converts a TLSA record to string.
Reproduction for bug 1:
The problem happens when smtp_dns_reply_filter is configured (this is disabled by default); the Postfix SMTP client is configured to use opportunistic or mandatory DANE authentication (this is disabled by default); the destination domain publishes a TLSA record that is empty or shorter than 20 bytes; and the OS is configured to use a resolver that passes such a TLSA record. For example, a zero-length TLSA record is blocked by BIND, Google DNS, OpenDNS, and by configurations that use systemd-resolved (the default on many LINUX systems); it is passed by Cloudflare, Quad9 DNS, and unbound, as long as these resolvers are used without systemd-resolved.
Impact statement for bug 1:
SMTP client termination with a null pointer read crash when the TLSA record length is zero; or an SMTP client data overread (or rarely, SMTP client termination with a read segfault crash) when 0 < record length < 20 bytes. The overread content is not disclosed.
Performance impact of bugs 1 and 2:
The impact of SMTP client crashes (voluntary or not) is easily overstated. That said, crashes must be eliminated regardless of their impact.
On systems that deliver fewer than one message per minute, an SMTP client crash can result in a delay of up to one minute for email delivery to other destination domains.
On systems with a larger traffic volume, the impact of an SMTP client crash on deliveries to other destination domains is minor because Postfix reuses SMTP client processes and replaces a failed process within seconds (self-healing); the practical impact is believed to be no worse than that of an uncooperative receiver that tarpits SMTP connections from Postfix to one or more destination domains under their control (by replying within Postfix SMTP client read time limits which are several minutes by default).
Bug 2 (defect introduced: Postfix 3.6, date: 20200710): panic (assertion failure and voluntary crash) while parsing a TLSA reply with length 3. Found during code maintenance. See below for root cause, reproduction, and impact.
Root cause for bug 2:
An incorrect test 'length < 3' instead of 'length <= 3' causes a safety check to fail when a TLSA parser attempts to create zero-length storage for a non-existent TLSA certificate association data field.
Reproduction for bug 2:
The problem happens when the Postfix SMTP client is configured to use opportunistic or mandatory DANE authentication (this is disabled by default); a destination domain publishes a TLSA record with a length of three bytes; and the OS is configured to use a resolver that passes such a TLSA record. For example, a length-three TLSA record is blocked by BIND, and by configurations that use systemd-resolved (the default on many LINUX systems). It is passed by many other resolvers.
Bug 2 enables an attack that is more potent than bug 1.
An attack with a length-three TLSA reply does not depend on smtp_dns_reply_filter configuration.
An attack with a length-three TLSA reply propagates through more resolvers than an attack with a length-zero TLSA reply.
Impact statement for bug 2:
SMTP client voluntary termination (crash) after an assertion failure. This is a fail-safe mechanism.
See also above for "Performance impact of bugs 1 and 2".
Bug 3 (Problem introduced: Postfix 2.9, date: 20110205) Robustness: the Postfix SMTP server will no longer receive (and discard) an unlimited amount of text while receiving a long SMTP command line. Problem reported by Michael Wollner (Ibonok). Under high load conditions, the amount of text was already limited by a 10-second deadline to receive an SMTP command.
Bug 4 Robustness: with the above change the Postfix SMTP client will no longer receive (and discard) an unlimited amount of text while receiving a long SMTP response line.
Bug 5 (Problem introduced: Postfix 3.4, date: 20180825) Robustness: do not receive (and discard) unlimited amounts of data with BDAT commands. Problem found during code maintenance. File: smtpd/smtpd.c.
Impact statement for bugs 3, 4, 5:
Postfix should not receive and discard unlimited amounts of input in SMTP command lines or BDAT chunks, but fixing that will not fundamentally change the situation.
By design, any SMTP client can force a server to receive (and discard) an unlimited amount of text.
For example, an attacker can repeatedly send messages that are a little under the server's message size limit and abort each transaction a before reaching the message end. When sending a message with the "DATA" command, an attacker would disconnect instead of sending <CR><LF>.<CR><LF>; and when sending a message with the "BDAT" command, an attacker would send "RSET" instead of "BDAT LAST".
To mitigate such abuse, Postfix can rate-limit the number of message transactions from the same IP address or address range (see smtpd_client_message_rate_limit and *prefix_length parameters). Such a defense is ineffective when faced with a distributed attack (botnet); for that, postscreen combined with an IP reputation service (DNSBL) may be more effective.
The Stable channel has been updated to 150.0.7871.24/.25 for Windows andMac as part of our early stable release to a small percentage of users. A full list of changes in this build is available in thelog.
You can find more details about early Stable releases here.
Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
nginx-1.30.3
stable and
nginx-1.31.2
mainline versions have been released,
with fixes for
buffer overflow
vulnerability in the ngx_http_proxy_v2_module
and ngx_http_grpc_module (CVE-2026-42055), and
buffer overread
vulnerability in the ngx_http_charset_module (CVE-2026-48142).
Additionally, nginx-1.31.2
includes a fix for
use-after-free
vulnerability in the ngx_http_v3_module (CVE-2026-42530).
Kind of reminds me of back in 1995 or so when my website would randomly
end up picked by some best of the web list that I never heard of.
The web is still a small place I guess.
In today's blog, we take you along on a trip to the town of Akureyri, which you will be able to visit yourself when the upcoming Iceland DLC for Euro Truck Simulator 2 releases. So let's take a look!
Akureyri is the fourth-largest city in Iceland and is often referred to as the Capital of the North due to its location and importance to the region. Nestled on the shores of Eyjafjörður, Iceland's longest fjord, the town enjoys a spectacular setting beneath snow-capped mountain peaks, with the Glerá River flowing through its heart.
The earliest records of settlement in the area date back to the 9th century. However, it was not until the 18th century that Akureyri began to develop into an important commercial center, thanks to its harbor and proximity to rich fishing grounds. Today, it is Iceland's second-largest port and serves as a major hub for the country's fishing industry, as well as for cruise ships and cargo transport.
Drivers traveling along Route 1, also known as the Ring Road, will pass directly through the center of Akureyri. From there, several side roads branch off toward the harbor, industrial areas, and local food-processing facilities. In the port district, truckers can deliver cargo to a marine logistics center, a shipyard, and an electronics manufacturing depot.
One of Akureyri's most recognizable landmarks is Akureyrarkirkja, a striking church designed in 1940 by Guðjón Samúelsson, the architect behind Hallgrímskirkja in Reykjavík, Iceland's most famous church.
Players will also recognize a number of other landmarks inspired by their real-world counterparts, including the Hof Cultural and Conference Centre on the waterfront and the Akureyri Art Museum, with its famous colorful pavement leading to its entrance. The town is also a great spot for whale watching tours, which is why we've also included the local whale watching center.
We hope you'll fall in love with Akureyri, with its colourful houses and stunning natural surroundings. If you do, you might even buy a garage in town and transform it into your company's northern Iceland branch.
Also, remember to give our X/Twitter, Instagram, Facebook, Bluesky, and TikTok a follow as you'll receive updates not only about Iceland, but also other news from our games straight to your feed. Or subscribe to our newsletter to stay informed. Until next time, safe travels!
Jack van Gelder wordt elke maand gemonitord via zijn X-account, waar hij tussen tirades over D66-rechters en 21 miljard aan wegenbelasting de NBA-finale recenseert in proza dat bijna poëzie wordt. Het WK levert vooral fascinerende televisie op die nergens over gaat: Curaçao wordt via Corendon en het complete SBS-universum omgetoverd tot een Nederlandse eilandmarketingcampagne, inclusief politieke druk op de bondscoach van een soevereine staat om Dick Advocaat terug te halen. De NOS hangt een bordje met 'good vibes' op en probeert tevergeefs Amerikaanse bombast te vermengen met Hilversumse knulligheid, terwijl SBS zijn vergrijzingsprobleem oplost door het Oranje Café vol te zetten met nepo-babies. Medium Liesbeth van Dijk voorspelt bij Harry Mens met volle overtuiging dat Brazilië wereldkampioen wordt en de woningmarkt heel emotioneel is. Ticket to the Tribes stuurt influencers naar een Afrikaanse stam onder het mom van 'leren van elkaar', maar vergeet voor het gemak een tolk te regelen. Datzelfde 'begrijpen' zit in Mischa en de mannen die het beter weten, waarin de NPO eerst zelf zijn clowns creëert en vervolgens verbaasd vraagt wat hen drijft, terwijl het enige echte inzicht uit een pak lactosevrije melk en een schoonmaakstok komt. En dan is er Bureau Onrecht, waar oud-judoka Dennis van der Geest oplichters intimideert met niets meer dan een duim in zijn broekzak en een postuur als kernwapen, juridisch dichtgetimmerd door ARAG.
Live vragen stellen aan Seth Godin? Join de speciale breakout-room voor POM-luisteraars en ga naar denkproducties.nl/pom en meld je aan voor ABF2026.
Meer te weten te komen over Carbon Equity? Lees verder over Carbon Equity op carbonequity.com.
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.pom.show
Very happy to share that a new package rspdlite arrived on
CRAN today in its inaugural
version 0.1.0-1. It wraps and provides the (header-only) C++20 library
spdlite which its author
describes (aptly) as tiny, fast, capable. Just like its bigger
sibbling spdlog (which we
wrapped as rcppspdlog), it is
written by Gabi Melman. However,
with a focus on C++20 and compile-time configuration, it is lighter,
nimbler and faster. It is also still a fairly young project so changes
may occur.
I have been working on this for about a month, and it is ready for
use by R and C++. It contains the initial upstream release 0.1.0, and I
plan to follow the upstream versioning making this first release as
0.1.0-1.
The package itself provides the headers for use from other C++
projects (i.e. mostly other packages), as well as a simple R wrapper so
that logging can occur from either C++ or R. It will generally access
the single logger instance in a compilation unit. So for a package built
against these header it would be shared library of that package. At
present we provide the basic logging level setters and getters,
formatting accessors, and two (compile-time) options of a ‘null logger’
and a file-based logger. More options are availble from the C++ level,
multiple logging sinks are but one example. Some examples are provided
in the package as an R
example and a C++
example; these are probably best examined from the sources.
The NEWS entry for this release is simply and just announces that we
have a release. More details are in the ChangeLog
and the GitHub
repo.
Release Highlights: Although GeForce Game Ready Drivers and NVIDIA Studio Drivers can be installed on supported notebook GPUs, the original equipment manufacturer (OEM) provides certified drivers for your specific notebook on their website. NVIDIA recommends that you check with your notebook OEM for recommended software updates for your notebook.
Game Ready for Empulse This new Game Ready Driver provides the best gaming experience for the latest new games supporting DLSS and RTX technologies including Empulse.
Fixed Gaming Bugs
World of Warcraft: Gaming stability improvements [5563205]
Apex Legends: Occasional visual corruption after extended gameplay [6239327]
Users may observe DLSS settings being grayed out in certain games after updating to display driver 615.47 [6262805]
Improved gaming stability in multi-monitor configurations when using V-SYNC with DLSS Frame Generation [6158481]
Resolved an issue that could cause jittering or ghosting in some DirectX 11 games when Smooth Motion is enabled [5937897]
Resolved an issue that could cause some games to crash when launched with Smooth Motion enabled [5466398]
Fixed General Bugs
[Ada] Resolves a frame pacing issue on certain monitors when G-SYNC is enabled [6226972]
Resolved an issue that prevented the EDID from being read on certain monitors causing them to be identified as "NVIDIA NV-Failsafe” [6005508]
Resolved an issue where certain monitors would not wake from sleep mode [5806798/5635230]
General stability improvements when the system fails to create a new allocation [5449920]
The Stable channel has been updated to 149.0.7827.155/.156 for Windows andMac and 149.0.7827.155 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log
Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This update includes 33 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
[N/A][516496659]Critical CVE-2026-12437: Use after free in WebShare. Reported by Google on 2026-05-25
[N/A][516947912] Critical CVE-2026-12438: Inappropriate implementation in WebView. Reported by Google on 2026-05-27
[N/A][519728275] Critical CVE-2026-12439: Use after free in Digital Credentials. Reported by Google on 2026-06-03
[N/A][519731619] Critical CVE-2026-12440: Use after free in DigitalCredentials. Reported by Google on 2026-06-03
[N/A][520157118] Critical CVE-2026-12441: Use after free in File Input. Reported by Google on 2026-06-05
[N/A][521950423] Critical CVE-2026-12442: Use after free in Passwords. Reported by Google on 2026-06-09
[N/A][522566295] Critical CVE-2026-12443: Use after free in Web Authentication. Reported by Google on 2026-06-11
[N/A][513160088] High CVE-2026-12444: Out of bounds read in Chromoting. Reported by Google on 2026-05-14
[N/A][513199795] High CVE-2026-12445: Use after free in Extensions. Reported by Google on 2026-05-14
[N/A][513313107] High CVE-2026-12446: Insufficient data validation in Passwords. Reported by Google on 2026-05-14
[N/A][513405023] High CVE-2026-12447: Heap buffer overflow in WebRTC. Reported by Google on 2026-05-15
[N/A][513458233] High CVE-2026-12448: Inappropriate implementation in WebView. Reported by Google on 2026-05-15
[N/A][513480539] High CVE-2026-12449: Use after free in Chromoting. Reported by Google on 2026-05-15
[N/A][514531776] High CVE-2026-12450: Inappropriate implementation in Media. Reported by Zhixin Tu on 2026-05-19
[N/A][514741076] High CVE-2026-12451: Use after free in DigitalCredentials. Reported by Google on 2026-05-19
[N/A][515462244] High CVE-2026-12452: Use after free in Downloads. Reported by Google on 2026-05-21
[N/A][516448843] High CVE-2026-12453: Insufficient validation of untrusted input in Input. Reported by Google on 2026-05-25
[N/A][516926968] High CVE-2026-12454: Race in Safe Browsing. Reported by Google on 2026-05-27
[N/A][517069848] High CVE-2026-12455: Use after free in Tab Strip. Reported by Google on 2026-05-27
[N/A][517124587] High CVE-2026-12456: Insufficient validation of untrusted input in Extensions. Reported by Google on 2026-05-27
[N/A][517153117] High CVE-2026-12457: Insufficient data validation in Extensions. Reported by Google on 2026-05-27
[N/A][517258337] High CVE-2026-12458: Incorrect security UI in Passwords. Reported by Google on 2026-05-27
[N/A][517406035] High CVE-2026-12459: Inappropriate implementation in Serial. Reported by Google on 2026-05-28
[N/A][517484284] High CVE-2026-12460: Insufficient policy enforcement in File System Access. Reported by Google on 2026-05-28
[N/A][517727318] High CVE-2026-12461: Out of bounds read in WebRTC. Reported by Google on 2026-05-29
[N/A][517916024] High CVE-2026-12462: Use after free in Media. Reported by Google on 2026-05-29
[N/A][518042749] High CVE-2026-12463: Inappropriate implementation in Views. Reported by Google on 2026-05-30
[N/A][519358344] High CVE-2026-12464: Use after free in Browser. Reported by Google on 2026-06-03
[N/A][520189702] High CVE-2026-12465: Insufficient validation of untrusted input in Metrics. Reported by Google on 2026-06-05
[N/A][520199394] High CVE-2026-12466: Heap buffer overflow in WebRTC. Reported by Google on 2026-06-05
[N/A][520202726] High CVE-2026-12467: Use after free in Extensions. Reported by Google on 2026-06-05
[N/A][521485244] High CVE-2026-12468: Inappropriate implementation in Updater. Reported by Google on 2026-06-08
[N/A][521618871] High CVE-2026-12469: Uninitialized Use in GPU. Reported by Google on 2026-06-09
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
Interested in switching release channels? Find out howhere. If you find a new issue, please let us know byfiling a bug. Thecommunity help forum is also a great place to reach out for help or learn about common issues.
The Extended Stable channel has been updated to 148.0.7778.271for Windows and Mac which will roll out over the coming days/weeks.
A full list of changes in this build is available in the log. Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
Donations are appreciated. There is now a PayPal option.
Changes from 2.7.2 to 2.7.3:
Updates:
Updated LAV Filters to version 0.82
Updated MPC Video Renderer to version 0.10.4.2550
Updated MPC Audio Renderer
Fixes:
A few crash fixes, bug fixes and small improvements.
OpenSubtitles download error 406
Subtitle downloads from OpenSubtitles may fail depending on time of day. This is due to our daily download quota being exceeded. Current amount of donations is barely enough to pay for the existing quota. So it is unlikely that quota can be increased and situation will get worse over time.
If you create an OpenSubtitles account and configure it in MPC-HC settings then you may be able to bypass the quota.
Options > Subtitles > Misc > Right-click on OpenSubtitles.com > Setup > Fill in username/password
Overview of features
A lot of people seem to be unaware of some of the awesome features that have been added to MPC-HC in the past years. Here is a list of useful options and features that everyone should know about:
Play HDR video
This requires using either MPC Video Renderer (MPCVR) or madVR.
These renderers can be selected here:
Options > Playback > Output
With other video renderers, the colors will be wrong!
MPCVR is now included and is the recommended renderer for modern systems. MadVR needs to be installed separately. MPCVR also supports Dolby Vision. MadVR does not.
For optimal performance you should change the hardware decoder to D3D11 in LAV Video Decoder settings when using MPCVR on Windows 10/11, because this renderer uses DirectX11.
(Automatic detection of GPU and configuration of the above settings is high on my ToDo list, so MPC-HC will have better default out-of-the-box settings on modern systems in the future.)
The installer of MPC-HC is very basic (and that will not change).
I therefore recommend using K-Lite Codec Pack. That includes MPC-HC and other essential components. It has a very advanced installation that can automatically create file associations, and helps you with easy configuration of important MPC-HC settings, such as preferred subtitle language. It also does automatic configuration of renderer and hardware decoding, for best performance and HDR support.
The Standard version should be sufficient for most people. Use Full version of you like to use MadVR.
Modern GUI Theme (Dark or Light) or the old classic theme
Options > Player > User Interface
It is also possible to change the height of the seekbar and size of the toolbar buttons.
Plus there are options to show audio/video details in the statusbar, such as codec and resolution.
Customizable toolbar buttons
You can add/remove/re-order the player buttons.
There are also several different toolbar designs to choose from.
Video preview on the seekbar
Options > Player > User Interface > Hover type
Ability to search for subtitles
Press D for manual search.
Or enable automatic search in: Options > Subtitles > Misc
Adjust playback speed
Menu > Play > Playback rate
The buttons in the player that control playback rate take a 2x step by default. This can be customized to smaller values (like 10%):
Options > Playback > Speed step
Adjusting playback speed works best with the internal audio renderer. This also has automatic pitch correction.
Options > Playback > Output > Audio Renderer
MPC-HC can remember recently played files and also their playback position, so you can resume playback from when you left
Options > Player > History
You can quickly seek through a video with Ctrl + Mouse Scrollwheel.
You can jump to next/previous file in a folder by pressing PageUp/PageDown.
You can right-click on the framestep button to step backwards. Some other buttons also have right-click actions, such as closing file by right-clicking stop.
You can perform automatic actions at end of file. For example to go to next file or close player.
Options > Playback > After Playback (permanent setting)
Menu > Play > After Playback (for current file only)
A-B repeat
You can loop a segment of a video. Press [ and ] to set start and stop markers.
You can rotate/flip/mirror/stretch/zoom the video
Menu > View > Pan&Scan
This is also easily done with hotkeys (see below).
There are lots of keyboard hotkeys and mouse actions to control the player. They can be customized as well.
Options > Player > Keys
Tip: there is a search box above the table.
You can hide GUI elements even in windowed mode
Options > User Interface > Hide Windowed Controls
That hides most GUI elements during playback. To show them simply move your mouse to bottom of window.
You can even hide everything except the video by pressing 1 (restore normal view with 3).
You can seek inside the playlist by simply typing text (when playlist window has the mouse focus).
MPC-HC also supports Blu-ray playback.
Only limitation is that you need to use a decrypting tool.
And it also does not support Blu-ray menus, but you can use the navigate menu in the player to select the content to play.
You can stream videos directly from Youtube and many other video websites
Put yt-dlp.exe in the MPC-HC installation folder.
Then you can open website URLs in the player: Menu > File > Open File/URL
You can even download those videos: Menu > File > Save a copy
Tip: to be able to download in best quality with yt-dlp, it is recommended to also put ffmpeg.exe in the MPC-HC folder.
Several YDL configuration options are found here: Options > Advanced
This includes an option to specify the location of yt-dlp.exe in case you don't want to put it in MPC-HC folder.
Note 1: You also need to install Microsoft Visual C++ 2010 SP1 Redistributable Package (x86)
Note 2: For optimal Youtube support you may also need to put deno.exe in same folder as yt-dlp.
Note 3: yt-dlp nightly build (very latest version made daily)
Note 4: yt-dlp windows7 compatible build
Besides all these (new) features, there have also been many bugfixes and internal improvements in the player in the past years that give better performance and stability. It also has updated internal codecs. Support was added for CUE sheets, WebVTT subtitles, etc.
You should really take a few minutes to look through all the options pages if you are a new user or if you are upgrading from a very old version. Don't forget the advanced options page.
The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. The Univention team have published a new version of the project's Debian-based Univention Corporate Server. The latest release updates handling of group mailboxes and makes it easier to identify objects in the management interface. "The latest patch-level release of Univention Corporate Server bundles all new features and improvements....
26.2, the release of Chaos Cubed, is a game drop for Java Edition released on June 16, 2026. It focuses on the sulfur caves, a cave biome that is home to sulfur cubes, as well as the new sulfur and cinnabar blocks and their respective variants. This update also adds an experimental Vulkan renderer, and the friends list.
Full changelog: https://minecraft.wiki/Java_Edition_26.2
Firefox Settings features a brand-new look with streamlined organization, clearer groupings, and improved navigation for easier customization.
In Private Browsing windows, you can now temporarily disable tracker blocking for a tab if it's causing a site to break. When you reload a page where trackers were blocked, Firefox shows a message offering to reload without the stricter protections. All other tracking protections stay active.
You can now mute your browser from the address bar: type "mute" (or "shush" or "sssh") and use the address bar quick action to silence every tab currently playing sound across all Firefox windows.
Improved support for more advanced cursor movement commands, including those relating to paragraph boundaries, on macOS.
On Windows and Linux, you can now copy links via the tab context menu by right-clicking a tab and selecting Share > Copy Link, making it easy to copy a link without switching to the tab first. When multiple tabs are selected, you can copy all selected links at once. Windows users still retain access to Microsoft sharing options from the Share menu.
A "Send tab" toolbar button is now available which can be added via More Tools > Customize Toolbar.
The following languages are now available for Translations:
Basque
Galician
Firefox builds in Croatian, English (UK), Georgian, Persian, Slovenian, Tajik, Tamil, Tibetan, Turkish, Welsh, and Xhosa now come with a built-in dictionary for the Firefox spellchecker.
Firefox Labs
Firefox now offers experimental support for the new JPEG XL image format, which generally provides better compression than WebP, JPEG, PNG, and GIF and is designed to supersede them. You can enable it from the Firefox Labs panel in Settings.
Fixed
Fixed an issue where the Paste option could be missing from context menus when editing content on sites such as Squarespace, LinkedIn, and eBay.
Improved dragging images from Firefox to the desktop or Finder on macOS — images now save reliably and land where you drop them.
In multiple monitor situations, the About Firefox window now more reliably opens on the display with the most recently used Firefox window.
Fixed arrow-key text navigation and word selection commands that moved in the wrong direction in right-to-left text on macOS and Linux.
Site zooming via keyboard or mouse now offers more zoom levels in smaller increments than before.
When a PDF or other file that Firefox opens directly finishes downloading, it now opens in a background tab if you've switched tabs or closed the original page.
The Tabs from Other Devices panel in the sidebar now lets you open tabs in a new tab or a new container tab from the context menu.
Developer Tools now have an option in the Settings panel to toggle the display of comment nodes in the Inspector.
Web Platform
Web Notifications can now have action buttons via the actions option. They appear as buttons below the notification text or in the Options list on macOS.
The field-sizing property is now available, allowing form controls to adjust in size to fit their contents.
Firefox now supports the WebAuthn Related Origin Request feature, which simplifies login flows by making Passkeys usable from multiple domains.
The Pointer Lock API now supports the unadjustedMovement option, allowing sites to receive raw mouse-movement data unaffected by OS-level acceleration.
Community Contributions
With the release of Firefox 152, we are pleased to welcome the developers who contributed their first code change to Firefox in this release, 25 of whom were brand new volunteers! Please join us in thanking each of these diligent and enthusiastic individuals, and take a look at their contributions:
The next Ubuntu Touch major release is approaching rapidly, yesterday we reached a major step in the preparation of the upcoming Ubuntu Touch 24.04-2.0 release: The branching-off (see below on what that is).
And additionally, find below some background information on how we maintain various Ubuntu Touch releases in parallel via Git(Lab). In fact, the release model of Ubuntu Touch has partially been adopted from how we in Debian maintains our various Debian versions in parallel, only that in Ubuntu Touch we use Git(Lab) for maintaining the different package versions and not, like in Debian, the APT archive itself.
What does 'Branching-Off' Mean?
Last Saturday, in the UBports Q&A, I explained Ubuntu Touch's "branching-off", an aspect of the Ubuntu Touch release workflow based on Git(Lab). To make this accessible to even more people, here it comes as a write-up:
We host many Git repositories on GitLab, and our primary work is done on the main branches, which contain the bleeding-edge code. When a merge request is deemed critical for stable versions of Ubuntu Touch, we cherry-pick it into a release series branch.
Currently, we land our changes in the main branches and then cherry-pick them to the ubports/24.04.1.x branches. The 'branching off' process for the upcoming 24.04-2.x release means that our current main branches will be copied over to create new branches for this release cycle, namely ubports/24.04-2.x.
This has two major implications. First, any item that hasn't been translated by the time of the branch-off will not receive any more translation updates during the 24.04-2.x cycle. This is why it is crucial that translation work is completed before the branching-off.
Warning of Breaking Changes arriving soon in 26.04-1.x Daily Development UT Images
Second, looking ahead to the release after 24.04-2.x, we will be approaching 26.04-1.x. The OS base will change to Ubuntu 26.04 LTS, hopefully being ready for release to Ubuntu Touch users before the end of the year. We already have a list of features we want to land there. Because we plan to include various major changes, such as the switch from Mir 1 to Mir 2, new calendar and contacts backends, Qt6-based core apps and service components, etc., the likelihood of breaking changes at the beginning of the 26.04-1.x release cycle (which will become the next main branches' target) is very high.
The Ubuntu Touch 24.04-2.0 Release Schedule
The current release schedule is estimated to be:
25 May 2026 [done]
Platform stability freeze 24.04-2.x
25 May 2026 [done]
String freeze 24.04-2.x
15 June 2026 [done]
Branching-off (and unfreeze 26.04-1.x development), UT image release: 24.04-2.0 Beta
22 or 29 June 2026 [coming]
Final freeze for 24.04-2.x, UT image release: 24.04-2.0 RC
6 or 13 July 2026 [coming]
Release version 24.04-2.0
In 2008, I landed my second job, in the network team at Orange
Portails1, the division behind the websites and search engine of the
French telecom operator Orange. The place ran like clockwork: a comprehensive
technical setup, a dedicated team for every part of the business, and room to
focus on what I do best. A few years later, none of that mattered: thanks to an
obsession with the numbers, we could no longer deliver new services on time.
Disclaimer
This is a story I like to tell to warn people about
Goodhart’s law.2 As these events happened almost 15 years ago, my
recollection is a bit fuzzy. I left in 2012.
The first years
During my first years, the department operated like a startup. Its cradle was
the French company Echo. They built a search engine. France Télécom bought it
and renamed it Voila. It was the most visited search engine in France in the
early 2000s. France Télécom consolidated the portal activities into the Wanadoo
Portails division, later renamed Orange Portails.
The technical environment was excellent. We had many internal tools:3 a
ticket system, an RRD-based graphing tool, an IPAM, a reporting tool, and an
SNMP-based alerting tool.4 We deployed our Linux servers with
CFEngine. We installed systems and applications from internal Debian
repositories. We documented everything in a private MediaWiki instance.
Supervision was performed with an ancestor of Xymon. The network
architecture was clean and scalable with little legacy. We onboarded new people
in a day.
When we needed new servers, the on-site team would take a set from the
inventory, install our base Linux distribution on them, put them in the
datacenter, and cable them to the top-of-the-rack switches. We opened a ticket
describing the servers we needed, and one week later, our servers were
available. 💫
Orange wanted to know if this team was performing well, so they asked for KPIs.
They decided to use the number of tickets completed in a year. They asked to
double this number. So instead of one ticket for a new service, we would open
six tickets—one per server. By the end of the year, the KPIs had more than
doubled.
Everybody saw it as a success for performance management. So, they asked to do
the same for the next year. Now, we needed to open a ticket per server and per
step. Again, the KPIs doubled. Behind the scenes, the tickets went to different
people and were no longer handled in order. So, for the next year, it was decided to
have meta-tickets and meetings to follow the progress of these tickets. Of
course, all these extra steps pushed the KPI even higher.
This performance management method spread to the other teams.5
Everything became slower. Instead of a couple of weeks, a new service now took
six months. We built a Soviet nail factory. But the KPIs were good, and we
stopped caring.
Let me give you another example. We had to estimate the impact of each night
operation. We weren’t half bad: we declared most operations “without any
expected impact.” Most of the time, there was no impact. One time out of five,
there was a 5-second impact. We were told to try harder to meet our expected
impact. What did we do? We started declaring a 5-second expected impact. One
day, we got a 30-second impact and were told we failed to match the expected
impact. In the end, we declared most operations with a 10-minute expected
impact, and we stopped caring: instead of carefully shifting traffic around, we
allowed ourselves a 5-minute impact. And our KPIs were never better.
An artist's rendering of the evolution of impacts over the years.
KPIs are not bad, but they are easy to break. Use them carefully: let the people
doing the work help choose the metrics, and tie those metrics to the quality of
the service—for example, with service level objectives. Otherwise, even
dedicated people stop caring, game the system, and eventually quit. 📊
Internally, this division was named “Hebex.” It was located in
Bagnolet (next to Paris) and Sophia-Antipolis (near Nice). ↩
Goodhart’s law often gets the credit, but Campbell’s law
describes my experience even better: the more you lean on a number to make
decisions, the faster people corrupt it. ↩
At the time, SaaS was not really a thing. I remember we considered,
with a couple of colleagues, selling Wiremaps as a SaaS, with
homomorphic encryption for the database. But who would outsource their
observability stack? ↩
Snalert was a metacircular alerting tool in Perl. It was able to
poll a very large number of SNMP targets in a short timespan. All our
monitoring was SNMP-based, including system monitoring. ↩
My team also managed the rules of many Linux-based firewalls. To
increase our KPIs, we used the same method: rather than accepting one ticket
with a flow matrix, we requested one ticket per flow. ↩
We're excited to announce that the 1.60 updateforAmerican Truck Simulator has officially been released and is now available on Steam!
Before we head to the news, we would like to thank everyone who took part in the Open Beta and reported any issues or provided general feedback on our forum. This makes it much easier for our team to fine-tune everything and helps ensure a smooth transition to the full update release.
Game Radio
With the 1.60 update, we are introducing Game Radio, a brand-new in-game radio system designed to make every drive feel more immersive and authentic. Rather than just playing music, Game Radio gives you five stations with their own distinct sounds, identities, and moods, each one built to shape the atmosphere of your journey in a different way.
Players can tune into Rust FM, Escape, PUMP IT!, Pop Gear, and Roadio, spanning guitar-driven rock and American roots music to electronic, pop, and lo-fi. Each station features carefully curated tracks, handpicked to hold up across many hours on the road. Escape is also a radio station designed to help content creators, and we are committed to doing our best to keep it stream-safe.
Game Radio also introduces a new in-game widget displaying station info, track titles, and artist names while driving. Players can customize widget behavior through the Widget Options menu (F6). This update also brings a range of improvements to the existing radio and music player systems.
Game Radio arrives with its musical foundation in place, with more planned for future updates. You can find out more information about Game Radio in our dedicated blog post.
Improved Material System
The Improved Material System significantly improves the lighting and visual quality of vehicle interiors in selected trucks. Its main focus is to enhance how interior materials react to light, which will result in a more readable, detailed, and visually pleasing cabin environment.
During the development of Project Road Trip, we implemented a wide range of visual and technical improvements. One of the most significant changes was a redesign of the materials used in vehicle interiors. As a result, it makes differences between materials such as leather, fabric, plastic, and metal far more apparent, even in low-light conditions. The new solution uses multiple variants of dynamic cubemaps, allowing all materials to reflect their surroundings more naturally and respond to ambient light in a more realistic way.
The entire system was designed from the start with the interiors of trucks in both games in mind, so the base games and their existing fleets will gradually benefit from these improvements as well. The first trucks to benefit from the Improved Material System in ATS are the Mack Anthem and the Western Star 49X. With future updates, we will gradually add this technology for other trucks across both games. You can read more about this feature here.
Light Tweaks
We have carried out minor adjustments to the global lighting, primarily focused on exposure and contrast balancing, along with subtle visual refinements for bad weather conditions. The work mainly consisted of smoothing out and polishing the overall visuals to achieve a more consistent and refined look.
Players' Company Paint Jobs
Players are now able to customize their trucks and trailers with a brand-new collection of company-themed paint jobs inspired by the selectable company identities available when creating a driver profile. These designs bring a more cohesive and professional visual style to your fleet while fitting naturally into the world of ATS.
One of the biggest focuses during development was ensuring that every paint job feels unique, depending on the type of trailer it is applied to. Rather than simply using one design across all trailer models, our teams carefully adapted each company's paint scheme to match the shapes and details of different trailer types. Whether you’re hauling cargo with a tanker, transporting materials in a dumper, or pulling a traditional box trailer, each variant features its own tailored details and layout. You can find out more in our blog here.
Kenworth TourAmerica Paint Jobs
We're also pleased to introduce the TourAmerica paint jobs for the Kenworth W900 and Kenworth T680 2022 as free content for all players. Inspired by the iconic TourAmerica T600 livery from the 1990s, this special design was recently reimagined by Kenworth as part of the Freedom 250 initiative, a nationwide celebration marking the 250th anniversary of the United States and honoring the legacy of American trucking. You can see more in our blog here.
Job Details Widget
Based on feedback from our #BestCommunityEver and upcoming widget designs, the Job Details Widget is introduced with the 1.60 update. Its primary purpose is to enable a new, more immediate, and concise way of displaying the relevant job info. Also, in response to community feedback, the GPS now displays the estimated arrival day and time, along with the remaining travel time and distance.
You can enable the Job Details Widget through the Widget Options menu (F6). The widget displays key job information, including cargo type and weight, delivery location, job income (colour-highlighted), and the remaining time to complete the job, so players will have this info available immediately without the necessity to pause the game. You can read more about the feature here.
Expanded Rest Mechanic
This new feature gives players greater control over their rest periods by allowing them to choose how long they want to sleep and exactly when they want to wake up, instead of being limited to a predefined rest duration.
Alongside this change, the Fatigue system is now split into two separate values: Rest State and Mandatory Break, each represented by its own icon in the UI.
The Rest State, symbolised by a bed icon, now gradually depletes rather than recovers over time. Extended periods of driving will steadily reduce the Rest State, while resting will restore it at a faster rate.
The Mandatory Break system, indicated by a "P" icon along with the remaining hours before a required stop, functions more strictly. In American Truck Simulator, drivers can stay on the road for up to 14 hours before they must take a mandatory break, requiring 10 consecutive hours of rest afterward. You can read more about this feature here.
Log in
