The Debian project is pleased to announce the fifteenth and final update of its
oldstable distribution Debian 12 (codename bookworm).
This point release mainly adds corrections for security issues,
along with a few adjustments for serious problems. Security advisories
have already been published separately and are referenced where available.
The Debian project is pleased to announce the sixth update of its
stable distribution Debian 13 (codename trixie).
This point release mainly adds corrections for security issues,
along with a few adjustments for serious problems. Security advisories
have already been published separately and are referenced where available.
Today, we're taking you behind the scenes of the development of Euro Truck Simulator 2 and American Truck Simulator to explore another important part of the process that helps shape your experience on the road. This time, we're shining a spotlight on UI/UX QA and its role in creating intuitive, enjoyable, and polished interfaces for our players.
To guide you through this fascinating area, we'd like to introduce Petr and Jan from our UI/UX QA team. They'll take you along for a day at work, explain what their role involves, and share how they help ensure every menu, button, and interaction feels just right before it reaches your screen.
Petr - Console & UI/UX QA Lead
"Hi! My name is Petr, and I work as the Console & UI/UX QA Lead. Together with my colleagues, I helped build two teams that now play a key role in ensuring our games both function well and deliver a great user experience.
We are responsible for both Euro Truck Simulator 2 and American Truck Simulator across all platforms, including traditional PC, Steam Deck, VR, PlayStation, and Xbox Series X/S. In addition to the games themselves, we're also heavily involved in testing projects such as Driving Academy, Coaches, and Road Trip.
My work mainly revolves around coordination, planning, and analysing testing results. I collaborate closely with other teams to identify and resolve bugs or UX issues as early as possible. My goal is to organise our processes so that the entire team can work efficiently and stay focused without unnecessary pressure before every new patch or DLC release.
I also actively test everything my team works on. Not only do I genuinely enjoy testing, but I also see it as a major advantage. Being directly involved in the entire process allows me to better identify areas where we can continue improving and moving forward as a team.
I'm always there to support my team whenever they're unsure about something or need advice, and I make a conscious effort to maintain a positive, friendly atmosphere where everyone enjoys working together."
Jan -Β Senior UI/UX Tester
"Hi, I'm Jan, and I'm a Senior UI/UX Tester with a primary focus on playtesting. I'm 31 years old, andΒ I've been at SCS Software for two years. I originally joined the company as a Junior Tester without a specific specialisation, but once I settled into the team and got to know our development process, I quickly discovered a passion for user experience.
With the support and guidance of Petr, who was already a senior at the time, I helped establish our playtesting process and have been refining it ever since."
What is UI/UX QA?
"Before a new feature gets added to our games, it has to go through a long journey. And the UI/UX (User Interface/User Experience) is there along the way. Whether it's a new feature or a redesign of an existing one, it all starts with analysis and dialogue between us (QA department) and the Game Design (GD) department. For redesigns, we need to start by assessing the current state, what works, and where changes are needed, and for new features and redesigns alike, we need to think about where we want to arrive. Answers to these questions will then inform all future decisions."
What does a typical UI/UX testing process look like, and howΒ closely do you work with other teams?
"In general, we try to be involved in the process of a feature development as soon as possible and cooperate with the GD department as closely as we can, so we're also a part of the next stage of the feature's journey, where we provide feedback on the design. This means looking at the design document and trying to think ahead, so we ask questions like: "Is this going to be intuitive? Is it clear that this is a button? Aren't we forgetting anything? What about accessibility? Will the text be legible on a smaller screen?" and many more. After some back and forth with the GD department, we arrive at a design that can then be implemented by a programmer.
The first playable prototype is the point where we have to start sitting in two chairs at once. We still have to see the big picture - know the design, see how all the pieces fit, know why some decisions were made the way they were. But now, we can also see the game as a player seeing the feature for the first time. We have to become a player that is just starting out and has never played any other game before. A hardcore gamer who has played many games, but never a trucking simulator. Or a real-life trucker who plays our games on a handheld at their rest stops. Our games are played by a very wide audience, and the design has to work and be intuitive for all of them.
At this stage, we identify further issues, offer improvements, and look for possible solutions together with the GD team and programmers working on the feature. After we feel confident enough with the state we arrive at, it's time to validate in the next stage.
The next important part of the feature's journey is internal Playtesting. It's a great way of getting a fresh perspective from people from various parts of the company who haven't seen the design documents and ideally don't know anything about it. Before we start playtesting, we define the questions we want answers to: "Is this screen intuitive? Does it control all accessories well? Did the addition of X add any unnecessary friction?" Based on these questions, we prepare detailed scenarios for the respondents to go through, which will get them to engage with the (re)designed feature in ways that try to simulate a regular gameplay loop. We then invite the respondents to our Playtest Lab, where we guide them through the scenarios, observing their behaviour, reactions, taking down notes, and asking questions. We also utilise eye tracking, which gives us more insight about the players' focus, telling us which elements are observed first and which go by completely unnoticed.
After the playtest ends, respondents also fill out a questionnaire, which allows them to think about the feature some more, further comment on it, and possibly come up with ideas of their own.
All of this gives us a lot of data that needs to be processed. For this, we use practices from applied research, so we start with qualitative coding, followed by thematic analysis with frequency counting. In layman's terms, we go through all the raw statements and observed behaviours and assign them to various categories, along with how often they were mentioned/observed. This helps us to identify recurring patterns and assign them to broader themes/issues.
We then prepare a final Output, which summarises the respondents' behaviour, reactions, opinions, identifies underlying issues, and proposes possible solutions.
The next steps depend on the results of the playtest. If we identify some deep issues that require big changes in the design, we have to go back to the drawing board, repeating the previous points, leading to another playtest to confirm the issues have been satisfactorily addressed. A good recent example is the redesigned Skip Time / Rest feature, which also divided Fatigue into two separate mechanics (Fatigue and Mandatory Break). During playtesting, we found out that this new division and its representation were very confusing to players, and the feature had to be redesigned completely, to great success (at least we hope so).
If, on the other hand, we only identify surface-level issues that require some polish, the GD department tackles those, and we can move on to the final testing of the feature.
In the final testing, we mostly focus on FQA - the design is largely set, and we're now making sure it all works as intended. As soon as this is done, the feature can be merged into the main branch, where the Integration QA department takes over, making sure the feature itself survived the merge in its intended state and didn't break anything else along the way, but that's for another chapter."
What do you enjoy most about working on UI/UX?
Petr:Β "What do I enjoy the most? That's a tough question. In short, pretty much everything! Everyone on our team is passionate about games of all kinds and genres, so having the opportunity to contribute our own ideas and suggestions for Euro Truck Simulator 2 and American Truck Simulator is incredibly rewarding.
At SCS, we often do things our own way, which makes the work especially enjoyable. At the same time, we always keep our players at the heart of every decision. When developing new gameplay features, it's easy for designers to unintentionally fall into "tunnel vision." Our job is to challenge that perspective and bring in a fresh set of eyes. We think about our experienced truckers, but we never forget players who are just starting out. Looking at the game's interface from many different perspectives is both a key part of our work and one of its most creative aspects.
We put our all into making our games as accessible as possible while ensuring they remain just as fun to play."
Jan:Β "I like how it combines technical and human aspects. User experience is mostly an interaction between a human and a machine, and you have to make them understand each other.
The first project I came up with and delivered was the Graphics Settings screenshot representation to make it easier for players to see the changes they're making when setting up the visuals of their game, and that's the perfect example of what I mean - I'm interested in how things work under the hood, but also how the player perceives and understands them."
What message would you like to share with our community, and how valuable is player feedback in helping improve the user experience?
"Player feedback is incredibly important to us and a constant source of inspiration. We're genuinely happy to see more and more initiatives being built around your feedback here at SCS. I want to assure you that we truly do read your comments, ideas, and suggestions carefully, not just our UI/UX team, but the entire studio.
It's clear how much all of you who engage with us care about our games, and we feel exactly the same way. We love Euro Truck Simulator 2 and American Truck Simulator, and we want to keep making them better and better. We genuinely want to know what you enjoy, what you'd like to see added, and what you think could be improved. We've already received an incredible amount of feedback. I wish you could see the extensive documents where we carefully collect and organise all of your ideas and requests.
Unfortunately, we can't implement every suggestion. There can be many reasons that aren't immediately obvious, such as engine limitations, limited internal resources, technical constraints within our game systems, licensing agreements, and more. But please, keep talking to us! Your feedback never goes unnoticed. It's thanks to you that we're able to continue on this journey and keep making the experience even better together.
Thank you to everyone who's travelling this exciting road with us!"
This new alpha build has a quality of life improvement for the Move tools, support for CICP metadata, and good quality HDR->SDR tone mapping when opening HDR images with supported file types (including plugins).
Changed: The Move Selection and Move Selected Pixels tools will now behave more intuitively when using constrained resizing (when holding shift). The aspect ratio that was used for a constrained resize used to be βlocked inβ when the selection was first drawn. The aspect ratio is now picked up when you start a constrained resize, and remembered until a non-constrained resize is performed.
Added CICP metadata and color management support to the imaging frameworkΒ
See the CicpColorSpace struct in the PaintDotNet.Imaging namespace.
It has a CanColorTransformFrom property, indicating that it can be used as the source color space for the IImagingFactory.CreateColorTransformedBitmap or IBitmapSource.CreateColorTransformer extension methods.
It also has a CanCreateColorContext property that indicates when it is possible to create an IColorContext directly (ICC profiles canβt be generated for all CICP combinations) with the IImagingFactory.CreateColorContext(CicpColorSpace) extension method.
These can then be used by a FileType to provide a compatible image (βdocumentβ). Paint.NETβs color management is based on ICC color profiles, and some CICP color spaces (those involving PQ or HLG) cannot be expressed as an ICC color profile. Those images can, however, be transformed to an ICC-compatible color space with the aforementioned extension methods.
Added HDR support to the new FileType plugin system
An image is tagged as HDR at load time via the IFileTypeDocument.Metadata.Hdr metadata section. Set IsHdrDocument to true, and optionally specify luminance data. The pixel format must be floating point (PixelFormats.Rgba64Half or PixelFormats.Rgba128Float), and the color context must be linearized.
Paint.NET does not yet support HDR editing, so it will convert the image to SDR with appropriate, high quality tone mapping.
Added CICP support for AVIF, JPEG XL, and PNG.
Added HDR tone mapping support for AVIF, HEIC, JPEG XL, JPEG XR, and PNG. If the image file being opened is HDR then it will be converted to SDR in an appropriate manner. Eventually Paint.NET will support HDR editing, this conversion process will go away, and the FileType plugins wonβt even need to be updated.
Added Rgb64, Rgb64Half, and Rgb128Float pixel formats for the imaging framework.
Added a /disableCompositionSwapChain command-line parameter. This disables the use of Windows.UI.Composition, and should enable easier progress on the WINE effort.
Fixed: When right-clicking on an image tab at the top, and then clicking on Open Containing Folder, two Explorer windows were being opened.
This build is available via the built-in updater as long as you have opted-in to pre-release updates. From within Settings -> Updates, enable βAlso check for pre-release (beta) versions of paint.netβ and then click on the Check Now button. You can also use the links below to download an offline installer or portable ZIP.
You can also download the installer here (for any supported CPU and OS), which is also where you can find downloads for offline installers, portable ZIPs, and deployable MSIs.
Fixed extra padding on some UI elements on Windows in Beta 1-2 [Warchamp7]
Fixed NVIDIA Audio Effects not working in Beta 1-2 [pkviet]
Fixed issues with long item names in the Audio Mixer in Beta 1-2 [Warchamp7]
Removed redundant "Monitor Only" from the Advanced Audio Properties window [Warchamp7]
Mute and Monitor are handled independently in the new Audio Mixer
Removed Close button from What's New dialog [Warchamp7]
Removed margins from What's New dialog [Warchamp7]
Beta 2 Changes
Fixed a CI deployment issue. There are no application changes since Beta 1.
32.2 New Features
Replaced add source dropdown with new dialog [Warchamp7]
Improved FPS selector UX [jcm93]
Added missing file support for filters [exeldro]
Added ability for plugins to set custom icons for new source types [cg2121]
Included .webp files when adding a directory to Image Slide Show source [TarunCore]
Added copy paste functions to frontend API [exeldro]
Added filter to compose SDR into HDR [jpark37]
Added delete as a hotkey to delete sources on macOS [PatTheMav]
Added dynamic bitrate support to multitrack video [lexano-ivs]
32.2 Changes
Forced Intel-based installations to update to Apple Silicon version on macOS [PatTheMav]
This change means that OBS Studio versions built for Intel-based Macs but running on Apple Silicon Macs will automatically update to OBS Studio built for Apple Silicon Macs. If an installation was using third-party plugins, those plugins will no longer load until replaced with Apple Silicon versions.
Fixed audio mixer state getting out of sync when changing settings via websockets or plugins [Warchamp7]
Added theming for checked QToolButtons [glikely]
Improved OpenGL performance slightly on low-end machines [kkartaltepe]
Set minimum size for color source to 1 pixel [exeldro]
Added minimum width to spinboxes [Warchamp7]
Disallowed overwriting the crash handler [sebastian-s-beckmann]
Applied process mitigation policies for Windows [notr1ch]
Adjusted description of multitrack video [jhnbwrs]
Changed new capture devices to use fallback frame rate by default [PatTheMav]
Improved DLL loading behavior on Windows [notr1ch]
Limited multitrack video config to Custom service [PatTheMav]
32.2 Bug Fixes
Fixed OAuth and dock state save corruption [PatTheMav]
Fixed group bounds not resizing when removing items [howellrl]
Fixed canvas mixes not being restored after video reset [dsaedtler]
Fixed some erroneous crashes during shutdown [Warchamp7]
Fixed display capture sometimes capturing black after a duplicator failure [ThrowTop]
Fixed color of controls dock output buttons in System theme [shiina424]
Fixed virtual camera reset failures [stephematician]
Fixed potential crash when user discards changes in the settings window [suogesi]
Fixed incorrect return value in virtualcam filter [xtfo]
Fixed source toolbar buttons not working after dragging a source into a group [Warchamp7]
Fixed properties hint icon spacing [Warchamp7]
Fixed potential crash when a video device reconnects on macOS [jcm93]
Fixed an issue where PipeWire could fail on NVIDIA GPUs [hoshinolina]
In today's blog, we'd like to introduce you to some of the custom depots and industries you'll be able to visit in our upcoming South Dakota DLC for American Truck Simulator!
South Dakota's economy is built on a strong foundation of manufacturing, agriculture, and construction. While the state is well known for its farming and ranching, it is also home to a growing manufacturing sector that produces everything from trailers and heavy equipment to food products distributed across the country. As always, we've taken inspiration from these real-world industries to create authentic locations that bring the state's economy to life.
One of the new highlights you'll encounter are the trailer manufacturing plants located in Watertown and Mitchell. These large industrial facilities specialize in producing a variety of trailers, with completed units ready to be delivered to dealerships and customers across the map. You'll also be bringing in the materials and components needed to keep the production lines moving, making these factories a busy part of South Dakota's freight network.
If construction is more your style, you'll have the opportunity to deliver to new residential housing developments located in Watertown and Spearfish. These construction sites require regular deliveries of building materials, heavy machinery, and other essential cargo to support ongoing work.
The food industry also plays an important role in South Dakota's economy, and that's reflected in the new custom food factory you'll find in Sioux Falls. This modern production facility receives a wide variety of raw ingredients before processing and packaging food products that are then shipped to businesses across the country. Whether you're delivering supplies or hauling finished goods, there's always plenty of work to be done.
These new industries are just a small taste of what awaits you in the South Dakota DLC, and we can't wait for you to explore them for yourself. If you're looking forward to hauling cargo across the Mount Rushmore State, be sure toΒ add the South Dakota DLC to your Steam wishlist!
Release Highlights: Although GeForce Game Ready Drivers and NVIDIA Studio Drivers can be installed on supported notebook GPUs, the original equipment manufacturer (OEM) provides certified drivers for your specific notebook on their website. NVIDIA recommends that you check with your notebook OEM for recommended software updates for your notebook.
Game Ready for DOOM: The Dark Ages | Revelations This new Game Ready Driver provides the best gaming experience for the latest new games supporting DLSS and RTX technologies including DOOM: The Dark Ages | Revelations and Assassin's Creed Black Flag Resynced.
Fixed Gaming Bugs
N/A
Fixed General Bugs
Tencent Meeting: Flickering may be observed when Smooth Motion is enabled globally [6329207]
sandboxing can fail in too many creative ways (funky linux distros with funky filesystem layouts and policies) so autoconfiguring bwrap is not feasible
to enable it, set use-bwrap: y after adjusting th-bwrap to match your OS/env
see the default th-bwrap value in --help on your server for a best-effort guess
It's been a while since we last shared a story from our community, and today we're excited to bring you another one. This time, we follow Arda from TΓΌrkiye, a fan of Euro Truck Simulator 2, who turned his passion for virtual trucking into reality and has now earned his real truck driver's license!
What started as a love for life on the road in-game has grown into a real profession behind the wheel. Arda started playing Euro Truck Simulator 2 regularly in 2025, and the enjoyment he found in ETS2 inspired him to pursue truck driving in real life.
"ETS2 is extremely popular in TΓΌrkiye and has a very large and passionate community. I have always loved simulation games, so I bought the game immediately after discovering it. What I enjoyed most about ETS2 was its realism. The traffic rules, weather conditions, real truck brands, vehicles, countries, and maps all felt incredibly immersive. It genuinely felt like I was traveling across different countries. The truck sounds are very close to reality, and playing the game helps me relax and leave behind the stress of everyday life," says Arda.
When he started playing ETS2, he had no prior experience with driving trucks. At first, Arda played the single-player mode until he discovered Driving Academy and became hooked.
"I immediately thought that maybe this is what I've been looking for. It turned out to be exactly that. On that day, I decided to obtain a truck driver's license. I spent a lot of time practicing in Driving Academy. I challenged myself to complete the scenarios using only the first-person camera view. The final scenarios were extremely difficult. There were many nights when I stayed awake until 2:00 or 3:00 in the morning trying to complete a single challenge. At one point, I thought I would never finish them, but after enough repetition and practice, I gradually improved. The final challenges were very difficult, but I was incredibly happy when I completed them all."
Arda realized how much he enjoyed being on the road and traveling toward a destination. The more time he spent playing the game, the more excited he became whenever he saw a real truck on the road. Before the end of the year, he signed up for a truck driving course and decided to pursue it seriously, and eventually succeeded as well.
"The experience I gained in ETS2, and especially in Driving Academy, helped me tremendously during my lessons. Reverse maneuvers, reversing with a trailer, and navigating tight or sharp turns felt much easier because I had already practiced them extensively in the game. I have been driving regular vehicles for many years, but maneuvering a trailer, especially in reverse, is completely different from driving a car. Without ETS2, I would have struggled much more," he told us.
We have also received stories over the years from other members of our community who had a similar story, and we are so proud that ETS2 contributed to Arda's career in real life.Β
"I told my instructors about the game and how much it had helped me
improve so quickly. When I noticed that I was progressing faster than
many other trainee drivers, I realized just how beneficial the game had
been for me. I saw that around 30β40% of candidates failed. I told many of them about ETS2 because it genuinely helped me. Reversing and parking a truck with a trailer is largely a matter of practice, and Driving Academy provides an excellent environment for that. After enough repetition, your brain becomes surprisingly comfortable performing similar maneuvers in real life."
It goes to show that Euro Truck Simulator 2 and the Driving Academy can help players to grasp the feeling of driving a truck and make it more comfortable when you sit in the real vehicle, as Arda elaborates on here:
"In the game, I often leaned my view out of the driver's side window while reversing into parking spaces. When I later tried similar maneuvers in real life, I was amazed by how natural they felt. Parking in an L-shape to the right (a 90-degree reverse parking maneuver) is difficult both in the game and in reality. However, through countless hours of practice in Driving Academy, I learned how to approach those situations calmly, how much steering input was appropriate, when a maneuver became risky, and how to reverse into areas with limited visibility. The experience felt remarkably close to real life. Without ETS2, I might not have passed the exam," Arda shared with us.
Even though he completed the truck driving license, there are still more things Arda needs to sort out before he can begin his real-life journey on the route.
"In TΓΌrkiye - and perhaps in other countries as well - obtaining a truck
driver's license is only the first step. To work professionally as a
truck driver, additional certificates,
transportation qualifications, and international freight transport
documents are required. I have already obtained all of them except one,
and I am currently waiting for the final certification process to be
completed. After that, I will officially be able
to work in freight transportation," he says.
At the end of the blog, Arda has a message to the #BestCommunityEver, which might even motivate some of you who have been thinking about taking up a career as a truck driver to make the next step!
"After experiencing real trucks firsthand, I realized how
comfortable they actually are. I wish I could drive a truck every day. The cabin is incredibly
comfortable, and the driving position provides a great sense of
confidence and safety. Being able to see the road from above other
vehicles is a unique and enjoyable feeling. The large windshield
offers a wonderful view of both the road and the scenery. Even in ETS2,
I would often stop to admire beautiful landscapes and lighting
conditions. Experiencing that feeling in real life, however, is
something truly special and difficult to put into words."
We would like to thank Arda for sharing this story with our community and us, and wish him safe travels in his future truck driving adventures!
Don't forget to follow us on our X/Twitter, Facebook, Instagram, Bluesky, and YouTube, so you won't miss out on upcoming news! We'd also really appreciate it if you could sign up for our newsletter to stay informed, even when you're not able to check out the blog or our socials.
Apple and Major League Baseball unveiled the August schedule for βFriday Night Baseball,β the weekly doubleheader streaming every Friday on Apple TV.
The Works with Home Assistant program powers up this month as we welcome our new partner, IoTorero! π Experts in pre-flashed smart home hardware, IoTorero bring the very first ESPHome-ready smart plugs and relays to the program (and thatβs not all).
IoTorero enters the ring
If youβve spent any time browsing pre-flashed smart home tech online, thereβs a good chance youβve come across IoTorero. And if you havenβt, let us introduce you! Founded in 2020, the company (formerly Athom Technology) was tinkering with ESPHome right out of the gate. Their new name is a nod to the Internet of Things (IoT), but unlike standard IoT gadgets that stop working if your internet drops or a company closes its servers, IoTorero champion open source firmware.
Other smart devices run manufacturer-written software, which is tuned to work well with Home Assistant for certification to the program. IoTorero go a step further to make sure their tech is accessible for all: all seven of their certified devices are pre-flashed with ESPHome, meaning thereβs no installation required β the devices will integrate into your Home Assistant setup straight out of the box. And because their devices are genuinely open, you can always tweak and customize them if you want to.
βSince inception in 2020, IoTorero (Athom Technology) has been dedicated to the research, development, and manufacturing of open source smart home hardware products. We provide Home Assistant users with high-quality devices pre-flashed with ESPHome firmware. By joining the Works with Home Assistant program, we ensure that customers can select and purchase our products with complete confidence.β
- Aiden Tang, CTO and Co-Founder, IoTorero
That same spirit of openness carried over to last yearβs Community Day, where IoTorero donated a stack of samples for attendees to try β a gesture we loved to see, and one that speaks to how seriously they take supporting our community πͺ. It shows up in their approach to code, too: IoTorero maintain a public GitHub repository of configs for all their devices, free for anyone to learn from or build on.
Speaking of community, the development of projects like ESPHome from the Open Home Foundation is supported by Home Assistant Cloud subscribers and anyone who purchases Home Assistant hardware. While all of IoToreroβs devices work locally, if youβre interested in remote access β for example to check your energy use or open the garage door from a distance β check out Home Assistant Cloud.
Right on (Io)Time
For anyone new to it, ESPHome is a powerful platform that allows smart home devices to operate completely locally via the chip inside, with no cloud required. Because IoToreroβs devices arrive pre-flashed, you get all that local power without having to learn how to build or compile firmware yourself. And it just got a major upgrade. The ESPHome team recently released a new UI and Device Builder, swapping the old code editor-inspired dashboard for a visual workspace that can suggest components and layouts as you build.
Since IoToreroβs devices arrive pre-flashed, thereβs nothing to set up in advance: just connect them, and theyβll show up in Home Assistant like any other device, ready to control and automate from your normal dashboard. The ESPHome Device Builder is there if you ever want to go further: it allows you to do things like renaming a device or tweaking its config, without needing to touch any codeβ¦ unless you want to. Whether youβre new to the arena or a seasoned pro, it means a lot less guesswork (and a lot more fun!).
Devices
Every device that earns Works with Home Assistant certification goes through our in-house testing process, checked against our core requirements of local control, privacy, and long-term support β and IoTorero meets that bar across the board. Their devices also carry the Made for ESPHome certification, a separate badging program and prerequisite for any ESPHome devices joining Works with Home Assistant.
Hereβs the full list of IoToreroβs certified devices:
Sustainability is one of the Open Home Foundationβs core principles, and IoToreroβs ESP32-C3 plugs are a great example of what that looks like in practice. They turn an ordinary appliance into something smart and measurable, with all four regional variants monitoring voltage, current, power, and total consumption β making it easy to spot energy waste and cut your homeβs carbon footprint, as well as your bill.
The Power Monitoring Mini Relay brings that same convenience to hardwired setups. At roughly the size of a matchbox, itβs small enough to tuck behind a wall switch or inside a cabinet, and itβs built for switch control, garage and appliance automation, and other local smart home workflows a standard plug canβt reach.
Proxy points
Another nifty feature across IoToreroβs devices is that they double as Bluetooth proxies. This means they pick up signals from nearby Bluetooth low-energy (BLE) devices and pass them on to Home Assistant, extending your Bluetooth range without having to buy an extra, dedicated device. The Open Home Foundationβs recent blog post, Proxy all the things: no device left behind, explains why this is so important: turning everyday hardware into a βbridgeβ for other devices means getting more out of what you already own, instead of buying something new for every job. And one less gadget to buy means one less device ending up as e-waste β»οΈ.
Old friends, new badge
As one of ESPHomeβs earliest adopters, IoTorero have well and truly earned our formal badging, and weβre thrilled to bring their devices to the Home Assistant community β tested, certified, and ready to make the path from unboxing to automating that much smoother. Check out the full lineup of IoToreroβs devices, along with the full range of Works with Home Assistant-compatible tech over at our certified device list.
FAQs
Q: If I have a device that is not listed under Works with Home Assistant does this mean itβs not supported?
A: No! It just means that it hasnβt gone through a testing schedule with our team or doesnβt fit the requirements of the program. It might function perfectly well but be added to the testing schedule later down the road, or it might work under a different connectivity type that we donβt currently test under the program. We do not certify anything that relies on cloud control.
Q: OK, so whatβs the point of the Works with program?
A: It highlights the devices we know work well with Home Assistant and the brands that make a long-term commitment to keeping support for these devices going. The certification agreement specifies that the devices must have the functionality you would expect within Home Assistant, operate locally without the need for cloud and that they will continue to do so long-term.
Q: How were these devices tested?
A: All devices in this list were tested using a standard Home Assistant Green as a hub and using the ESPHome integration. If you have a different set-up thatβs not a problem, but we test against these as they are the most effective way for our team to certify within our ecosystem.
Q: Will you be adding more IoTorero devices to the program?
A: Why not! Weβre thrilled to foster a close relationship with the team at IoTorero to work together on any upcoming releases or add in further products that are not yet listed here.
The Stable channel has been updated to 150.0.7871.114/.115 for Windows andMac and 150.0.7871.114 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log
Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but havenβt yet fixed.
This update includes 27 security fixes. Please see the Chrome Security Page for more information.
[N/A][518006275] Critical CVE-2026-15112: Use after free in Ozone. Reported by Google on 2026-05-29
[N/A][524045160] Critical CVE-2026-15129: Use after free in Views. Reported by Google on 2026-06-15
[$500][527385397] High CVE-2026-15132: Uninitialized Use in V8. Reported by Pierre Langlois from Arm on 2026-06-24
[$500][527406824] High CVE-2026-15133: Use after free in InterestGroups. Reported by Jihyeon Jeong (Compsec Lab, Seoul National University / Research Intern) on 2026-06-24
[N/A][515443146] High CVE-2026-15108: Integer overflow in Extensions API. Reported by Google on 2026-05-21
[N/A][516899138] High CVE-2026-15109: Uninitialized Use in ANGLE. Reported by Google on 2026-05-26
[N/A][516948486] High CVE-2026-15110: Use after free in Extensions. Reported by Google on 2026-05-27
[N/A][517508651] High CVE-2026-15111: Use after free in Views. Reported by Google on 2026-05-28
[N/A][520540744] High CVE-2026-15113: Use after free in Autofill. Reported by Google on 2026-06-05
[N/A][520565945] High CVE-2026-15114: Out of bounds read and write in Codecs. Reported by Google on 2026-06-06
[N/A][520576676] High CVE-2026-15115: Insufficient validation of untrusted input in WebAppInstalls. Reported by Google on 2026-06-06
[N/A][522092013] High CVE-2026-15116: Use after free in Actor. Reported by Google on 2026-06-10
[N/A][522568496] High CVE-2026-15117: Use after free in Payments. Reported by Google on 2026-06-11
[N/A][523238265] High CVE-2026-15118: Use after free in Input. Reported by Google on 2026-06-12
[N/A][523505418] High CVE-2026-15119: Inappropriate implementation in GetUserMedia. Reported by Google on 2026-06-13
[N/A][523609602] High CVE-2026-15120: Use after free in Core. Reported by Google on 2026-06-13
[N/A][523712556] High CVE-2026-15121: Use after free in WebRTC. Reported by Google on 2026-06-14
[N/A][523717219] High CVE-2026-15122: Insufficient validation of untrusted input in Codecs. Reported by Google on 2026-06-14
[N/A][523729553] High CVE-2026-15123: Insufficient data validation in DOM. Reported by Google on 2026-06-14
[N/A][523735038] High CVE-2026-15124: Insufficient policy enforcement in Passwords. Reported by Google on 2026-06-14
[N/A][523737685] High CVE-2026-15125: Inappropriate implementation in Forms. Reported by Google on 2026-06-14
[N/A][523748081] High CVE-2026-15126: Use after free in Forms. Reported by Google on 2026-06-14
[N/A][523752265] High CVE-2026-15127: Inappropriate implementation in WebGL. Reported by Google on 2026-06-14
[N/A][523756329] High CVE-2026-15128: Inappropriate implementation in Forms. Reported by Google on 2026-06-14
[N/A][526541544] High CVE-2026-15130: Insufficient policy enforcement in Navigation. Reported by Google on 2026-06-22
[$2000][503553615] Medium CVE-2026-15107: Use after free in IndexedDB. Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab on 2026-04-17
[N/A][526542464] Medium CVE-2026-15131: Insufficient data validation in Navigation. Reported by Google on 2026-06-22
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
Interested in switching release channels? Find out howhere. If you find a new issue, please let us know byfiling a bug. Thecommunity help forum is also a great place to reach out for help or learn about common issues.
The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. The deepin project has published a new release of its Debian-based distribution. The new version, deepin 25.2.0, includes several desktop improvements and security updates: "Treeland desktop environment upgrade - Treeland stability and usability have been significantly improved, with over 20 fixes for stability and high-frequency interaction issues; file....
Apple announced a new six-year commitment with Broadcom to design and produce custom silicon components and cutting-edge wireless connectivity technologies.
Β The Stable channel has been updated to 150.0.7871.100/.101 for Windows andMac andΒ 150.0.7871.100Β for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log
Interested in switching release channels? Find out howhere. If you find a new issue, please let us know byfiling a bug. Thecommunity help forum is also a great place to reach out for help or learn about common issues.
26.3 Snapshot 3 (known as 26.3-snapshot-3 in the launcher) is the third snapshot for Java Edition 26.3, released on July 7, 2026.
Full changelog: https://minecraft.wiki/Java_Edition_26.3-snapshot-3
Weβre updating which Apple platforms the Home Assistant Companion app supports, and because transparency is core to how we work, we want to be upfront about whatβs changing.
Starting with version 2026.8.0 of the Companion app, we will no longer support iOS 15, watchOS 8, or macOS 11. The last supported version for these platforms will be 2026.7.1.
Hereβs everything you need to know:
Why weβre making the change
At Home Assistant, weβre committed to helping you use your devices for the long haul. We know your hardware is something you rely on every day, which is why we try to keep the Companion app running on older devices for as long as possible. However, supporting older OS versions indefinitely comes at a cost, limiting our ability to adapt to modern technology.
From September this year, Appleβs developer tools will officially stop supporting watchOS 8 and macOS 11, making it technically difficult for us to keep building for them. With less than 1% of our users currently running these older OS versions, this update allows us to future-proof the Companion app for the vast majority of our community.
By focusing our efforts on current operating system versions, we can keep our codebase maintainable for the long term. This shift removes some long-standing constraints, since older OS versions had been limiting our ability to make UX, stability, and performance improvements, including adding features such as Apple Watch complications and more advanced widgets.
What this means for you
A recap of whatβs changing:
The last Companion app update for these platforms will be version 2026.7.1.
After version 2026.7.1, the minimum supported versions for the Companion app will be iOS 16.4, watchOS 9, and macOS 12.
Importantly, this doesnβt mean your older iOS devices will become unusable. You can still control your home using the Home Assistant frontend in your deviceβs web browser, which remains fully supported and receives regular monthly updates.
The last compatible Companion app version (2026.7.1) will also remain available on the App Store, and the source code will stay accessible on GitHub for any users who want to compile the app themselves.
Looking ahead
This update means a stronger, more capable Companion app for everyone going forward, and itβs part of how we keep Home Assistant evolving. We appreciate your understanding and support through this change, and are looking forward to building whatβs next.
This release addresses medium-impact problems that need to be fixed as some enable remote DOS, or local memory corruption.
The fixes below, and more, are also released in the unstable version postfix-3.12-20260706.
In addition to updated releases for the supported Postfix versions 3.8-3.11, releases will also be available for the out-of-support Postfix versions 3.5-3.7. NOTE: these do not include the patches for out-of-support Postfix versions that have been issued for "large SMTP inputs (June 2026)", "TLSA parsing (June 2026)", and "SMTP smuggling fixes". Those patches still need to be applied.
These defects were found by Qualys assisted by Claude Mythos Preview; more than half date from 20 or more years ago. When I implemented Postfix, I knew that there were going to be mistakes. That is the reason why Postfix has its architecture and safety nets. The number of defects may seem large, but consdering that they were found in a code base of some 150 thousand lines, the error rate is still lower than what I designed for.
Denial of service:
Bug (defect introduced: Postfix 2.7, date: 20090617): out-of-memory condition with remote input in the postscreen dummy SMTP engine. This dummy engine is used after PREGREET or DNSBL checks fail, or when "after 220" protocol checks are enabled. Reported by Qualys, assisted by Claude Mythos Preview.
Bug (defect introduced: Postfix 2.0, date: 20030619): file system DOS: with smtpd_proxy_filter enabled, the before-filter SMTP server did not enforce the message size limit for mailbox From_ lines at the beginning of a message. With smtpd_proxy_filter disabled, the file size limit was still enforced by the cleanup daemon. Reported by Qualys, assisted by Claude Mythos Preview.
Memory corruption:
Bug (defect introduced: Postfix 2.3, date: 20060611): double ldap_msgfree(resloop) call during error handling when special_result_attribute is configured. An attacker who controls the LDAP server or can play attacker-in-the-middle could corrupt heap memory. Reported by Qualys, assisted by Claude Mythos Preview.
Bug (defect introduced: Postfix 3.4, date: 20190121): missing null termination in a postlogd process that was started with an EMPTY maillog_file setting, while receiving a message from a postlog command that was started with a NON-EMPTY maillog_file setting. Under these contradicting conditions, an unprivileged attacker could cause postlogd to write null bytes to stack memory as it tokenized text outside the receive buffer, and possibly gain 'postfix' privilege. Problem reported by Qualys, assisted by Claude Mythos Preview.
Bug (defect introduced: Postfix 2.3, date: 20060711): one-byte heap over-write in the Milter client with soft_bounce=yes while processing a malformed SMFIR_REPLYCODE Milter response. An attacker who controls the Milter or who can play attacker-in-the-middle could corrupt heap memory. Reported by Qualys, assisted by Claude Mythos Preview.
Other crashes and panic()s:
Bug (defect introduced: Postfix 2.1, date: 20030619): SMTP server panic() in smtpd_proxy_filter when handling long mailbox From_ lines at the beginning of a message. Reported by Qualys, assisted by Claude Mythos Preview.
Bug (defect introduced: Postfix 3.1, date: 20151129): a missing return statement in the SHOWQ_CLEANUP_AND_RETURN() macro. A local user could submit a crafted message that triggered a read-after-free and panic() in the unprivileged showq daemon (which scans the mail queue for the 'postqueue -p' and 'mailq' commands). This could happen only before a message had been picked up by the pickup(8) daemon. Problem reported by Qualys, assisted by Claude Mythos Preview.
Bug: (defect introduced: Postfix 3.10, date: 20240925): NULL pointer read in the TLSRPT client, caused by missing STR_OR_NULL() wrappers. Reported by Qualys, assisted by Claude Mythos Preview.
Bug (defect introduced: Postfix < alpha, date: 1997): missing recursion guard while processing :include: files that directly include other :include: files in local(8) aliases or .forward files. This could result in exhausting stack space (segfault) or file handles (fatal error). This is not a global DOS; it affected at most two parallel delivery processes for the local recipient who created the condition. Reported by Qualys, assisted by Claude Mythos Preview.
Other read after free:
Bug (defect introduced: postfix-3.11.0-RC1, date: 20251222): heap memory over-read in the cleanup daemon as it handled a milter "shutdown" reply. The over-read memory was logged after masking unprintable content. Problem reported by Qualys, assisted by Claude Mythos Preview.
Bug (defect introduced: Postfix 2.3, date: 20050526): limited (<= 11 byte) heap over-read in the cleanup daemon. This could be triggered by local user with a crafted queue file, but the over-read content was not disclosed and there was no other impact. Problem reported by Qualys, assisted by Claude Mythos Preview.
Bug (defect introduced: Postfix < alpha, date: 19971221): a signal handler in the postdrop command could call unlink() with a pathname that was already wiped and free()d, but not yet reused. Reported by Qualys, assisted by Claude Mythos Preview.
Other code hygiene:
Bug (defect introduced: Postfix 3.11, date: 20260219): In the non-BerkeleyDB re-indexing server, vstream_fopen_as() ignored the uid and gid arguments and opened a database source file read-only as the 'postfix' user instead of the file owner. Reported by Qualys, assisted by Claude Mythos Preview.
Bug (defect introduced: Postfix 2.2. date: 20040829): after a RAND_bytes() call failure, do not rely on stack-based pseudo-randomness for tlsmgr seed generation, and for timing jitter of tlsmgr seed refresh intervals. Reported by Qualys, assisted by Claude Mythos Preview.
Bug (defect introduced: Postfix 2.3, date: 20060711): In the Milter client, null-terminate the SMFIR_REPLYCODE response data to exclude stale data when processing the result as a C string. Reported by Qualys, assisted by Claude Mythos Preview.
Proactive changes:
Hardening: make sure that optimizers will not delete a memset() call in myfree() that wipes memory.
Allow zero-length memory allocation requests. Many people have experience with systems that allow this, therefore it should not trigger a panic in Postfix.
Safety: added a global recursion guard in the local delivery agent.
there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2026-07-06)
β οΈ ATTN: this release fixes a dirkey vulnerability
in volumes with bothdirkeys and filekeys enabled (default-disabled), a valid filekey could be converted into a dirkey, granting read-access to the containing folder
recent important news
v1.20.17 (2026-07-06) fixed a vuln when a volume has both filekeys and dirkeys enabled
v1.20.17 (2026-07-06) introduced csp nonces, possibly breaking some javascript-based plugins
π§ͺ new features
enforce csp nonces on javascript (additional xss defense) d3b9599
this could possibly break some aftermarket javascript-based plugins (--js-browser / --html-head)
now probably safe to disable the markdown/logue sandboxes (--no-sb-md / --no-sb-lg) in most deployments, avoiding #230
sandbox ffmpeg/ffprobe in bwrap to defend against future FFmpeg vulns efa43f885be3b8
doesn't work in docker / podman, so initcfg in the images have use-bwrap: n to disable it db68353