❌

Normale weergave

Minecraft 26.3-snapshot-3 (snapshot) Released

7 Juli 2026 om 14:03
26.3 Snapshot 3 (known as 26.3-snapshot-3 in the launcher) is the third snapshot for Java Edition 26.3, released on July 7, 2026. Full changelog: https://minecraft.wiki/Java_Edition_26.3-snapshot-3
  •  

Companion app: Changing support for Apple platforms

7 Juli 2026 om 02:00
Companion app: Changing support for Apple platforms

We’re updating which Apple platforms the Home Assistant Companion app supports, and because transparency is core to how we work, we want to be upfront about what’s changing.

Starting with version 2026.8.0 of the Companion app, we will no longer support iOS 15, watchOS 8, or macOS 11. The last supported version for these platforms will be 2026.7.1.

Here’s everything you need to know:

Why we’re making the change

At Home Assistant, we’re committed to helping you use your devices for the long haul. We know your hardware is something you rely on every day, which is why we try to keep the Companion app running on older devices for as long as possible. However, supporting older OS versions indefinitely comes at a cost, limiting our ability to adapt to modern technology.

From September this year, Apple’s developer tools will officially stop supporting watchOS 8 and macOS 11, making it technically difficult for us to keep building for them. With less than 1% of our users currently running these older OS versions, this update allows us to future-proof the Companion app for the vast majority of our community.

By focusing our efforts on current operating system versions, we can keep our codebase maintainable for the long term. This shift removes some long-standing constraints, since older OS versions had been limiting our ability to make UX, stability, and performance improvements, including adding features such as Apple Watch complications and more advanced widgets.

What this means for you

A recap of what’s changing:

  • The last Companion app update for these platforms will be version 2026.7.1.
  • After version 2026.7.1, the minimum supported versions for the Companion app will be iOS 16.4, watchOS 9, and macOS 12.

Importantly, this doesn’t mean your older iOS devices will become unusable. You can still control your home using the Home Assistant frontend in your device’s web browser, which remains fully supported and receives regular monthly updates.

The last compatible Companion app version (2026.7.1) will also remain available on the App Store, and the source code will stay accessible on GitHub for any users who want to compile the app themselves.

Looking ahead

This update means a stronger, more capable Companion app for everyone going forward, and it’s part of how we keep Home Assistant evolving. We appreciate your understanding and support through this change, and are looking forward to building what’s next.

  •  

v1.8.0.2

Door: thornbill
7 Juli 2026 om 07:34

What's Changed

πŸ”§ Additional changes

⬆️ Dependency upgrades

New Contributors

Full Changelog: v1.7.0.8...v1.8.0.2

  •  

Postfix stable release 3.11.5 and legacy releases 3.10.12, 3.9.13, 3.8.19, 3.7.21, 3.6.19, 3.5.26

6 Juli 2026 om 23:35

Postfix stable release 3.11.5 and legacy releases 3.10.12, 3.9.13, 3.8.19, 3.7.21, 3.6.19, 3.5.26

[An on-line version of this announcement will be available at https://www.postfix.org/announcements/postfix-3.11.5.html]

This release addresses medium-impact problems that need to be fixed as some enable remote DOS, or local memory corruption.

The fixes below, and more, are also released in the unstable version postfix-3.12-20260706.

In addition to updated releases for the supported Postfix versions 3.8-3.11, releases will also be available for the out-of-support Postfix versions 3.5-3.7. NOTE: these do not include the patches for out-of-support Postfix versions that have been issued for "large SMTP inputs (June 2026)", "TLSA parsing (June 2026)", and "SMTP smuggling fixes". Those patches still need to be applied.

These defects were found by Qualys assisted by Claude Mythos Preview; more than half date from 20 or more years ago. When I implemented Postfix, I knew that there were going to be mistakes. That is the reason why Postfix has its architecture and safety nets. The number of defects may seem large, but consdering that they were found in a code base of some 150 thousand lines, the error rate is still lower than what I designed for.

Denial of service:

  • Bug (defect introduced: Postfix 2.7, date: 20090617): out-of-memory condition with remote input in the postscreen dummy SMTP engine. This dummy engine is used after PREGREET or DNSBL checks fail, or when "after 220" protocol checks are enabled. Reported by Qualys, assisted by Claude Mythos Preview.

  • Bug (defect introduced: Postfix 2.0, date: 20030619): file system DOS: with smtpd_proxy_filter enabled, the before-filter SMTP server did not enforce the message size limit for mailbox From_ lines at the beginning of a message. With smtpd_proxy_filter disabled, the file size limit was still enforced by the cleanup daemon. Reported by Qualys, assisted by Claude Mythos Preview.

Memory corruption:

  • Bug (defect introduced: Postfix 2.3, date: 20060611): double ldap_msgfree(resloop) call during error handling when special_result_attribute is configured. An attacker who controls the LDAP server or can play attacker-in-the-middle could corrupt heap memory. Reported by Qualys, assisted by Claude Mythos Preview.

  • Bug (defect introduced: Postfix 3.4, date: 20190121): missing null termination in a postlogd process that was started with an EMPTY maillog_file setting, while receiving a message from a postlog command that was started with a NON-EMPTY maillog_file setting. Under these contradicting conditions, an unprivileged attacker could cause postlogd to write null bytes to stack memory as it tokenized text outside the receive buffer, and possibly gain 'postfix' privilege. Problem reported by Qualys, assisted by Claude Mythos Preview.

  • Bug (defect introduced: Postfix 2.3, date: 20060711): one-byte heap over-write in the Milter client with soft_bounce=yes while processing a malformed SMFIR_REPLYCODE Milter response. An attacker who controls the Milter or who can play attacker-in-the-middle could corrupt heap memory. Reported by Qualys, assisted by Claude Mythos Preview.

Other crashes and panic()s:

  • Bug (defect introduced: Postfix 2.1, date: 20030619): SMTP server panic() in smtpd_proxy_filter when handling long mailbox From_ lines at the beginning of a message. Reported by Qualys, assisted by Claude Mythos Preview.

  • Bug (defect introduced: Postfix 3.1, date: 20151129): a missing return statement in the SHOWQ_CLEANUP_AND_RETURN() macro. A local user could submit a crafted message that triggered a read-after-free and panic() in the unprivileged showq daemon (which scans the mail queue for the 'postqueue -p' and 'mailq' commands). This could happen only before a message had been picked up by the pickup(8) daemon. Problem reported by Qualys, assisted by Claude Mythos Preview.

  • Bug: (defect introduced: Postfix 3.10, date: 20240925): NULL pointer read in the TLSRPT client, caused by missing STR_OR_NULL() wrappers. Reported by Qualys, assisted by Claude Mythos Preview.

  • Bug (defect introduced: Postfix < alpha, date: 1997): missing recursion guard while processing :include: files that directly include other :include: files in local(8) aliases or .forward files. This could result in exhausting stack space (segfault) or file handles (fatal error). This is not a global DOS; it affected at most two parallel delivery processes for the local recipient who created the condition. Reported by Qualys, assisted by Claude Mythos Preview.

Other read after free:

  • Bug (defect introduced: postfix-3.11.0-RC1, date: 20251222): heap memory over-read in the cleanup daemon as it handled a milter "shutdown" reply. The over-read memory was logged after masking unprintable content. Problem reported by Qualys, assisted by Claude Mythos Preview.

  • Bug (defect introduced: Postfix 2.3, date: 20050526): limited (<= 11 byte) heap over-read in the cleanup daemon. This could be triggered by local user with a crafted queue file, but the over-read content was not disclosed and there was no other impact. Problem reported by Qualys, assisted by Claude Mythos Preview.

  • Bug (defect introduced: Postfix < alpha, date: 19971221): a signal handler in the postdrop command could call unlink() with a pathname that was already wiped and free()d, but not yet reused. Reported by Qualys, assisted by Claude Mythos Preview.

Other code hygiene:

  • Bug (defect introduced: Postfix 3.11, date: 20260219): In the non-BerkeleyDB re-indexing server, vstream_fopen_as() ignored the uid and gid arguments and opened a database source file read-only as the 'postfix' user instead of the file owner. Reported by Qualys, assisted by Claude Mythos Preview.

  • Bug (defect introduced: Postfix 2.2. date: 20040829): after a RAND_bytes() call failure, do not rely on stack-based pseudo-randomness for tlsmgr seed generation, and for timing jitter of tlsmgr seed refresh intervals. Reported by Qualys, assisted by Claude Mythos Preview.

  • Bug (defect introduced: Postfix 2.3, date: 20060711): In the Milter client, null-terminate the SMFIR_REPLYCODE response data to exclude stale data when processing the result as a C string. Reported by Qualys, assisted by Claude Mythos Preview.

Proactive changes:

  • Hardening: make sure that optimizers will not delete a memset() call in myfree() that wipes memory.

  • Allow zero-length memory allocation requests. Many people have experience with systems that allow this, therefore it should not trigger a panic in Postfix.

  • Safety: added a global recursion guard in the local delivery agent.

You can find the updated Postfix source code at the mirrors listed at https://www.postfix.org/.

  •  

SECURITY: fix dirkeys

Door: 9001
6 Juli 2026 om 22:21

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2026-07-06)

⚠️ ATTN: this release fixes a dirkey vulnerability

in volumes with both dirkeys and filekeys enabled (default-disabled), a valid filekey could be converted into a dirkey, granting read-access to the containing folder

recent important news

πŸ§ͺ new features

  • enforce csp nonces on javascript (additional xss defense) d3b9599
    • this could possibly break some aftermarket javascript-based plugins (--js-browser / --html-head)
    • now probably safe to disable the markdown/logue sandboxes (--no-sb-md / --no-sb-lg) in most deployments, avoiding #230
  • sandbox ffmpeg/ffprobe in bwrap to defend against future FFmpeg vulns efa43f8 85be3b8
  • #1535 cbz-reader: go-to-page (thx @romfir!) 12d877b
  • volflags plainreadme and plainlogues to show readmes/logues as plaintext 9fa950b
  • volflags for no_readme and no_logues (previously global-only) 379c0aa
  • u2c: new mode to calculate wark from data on stdin 90639de
  • #1504 --ftp-banner 8242e69

🩹 bugfixes

πŸ”§ other changes

  • ffmpeg: remove lots of obscure codecs and formats for improved security 4c82030
  • textfile-editor: some tweaks to the autobackup feature;
  • #1512 web-ui: if mkdir fails because folder already exists, then just cd into it 5dbff4a
  • #1519 sftp: reduce excessive spam from portscanners 8c4e931
  • make database corruption more obvious on startup (usually due to broken server filesystem/hardware) be31a74
  • docker:

🌠 fun facts


πŸ’Ύ what to download?

download link is it good? description
copyparty-sfx.py βœ… the best πŸ‘ runs anywhere! only needs python
copyparty-en.py βœ… also good same but english-only, no i18n
a docker image it's ok good if you prefer docker πŸ‹
copyparty.exe ⚠️ acceptable for win8 or later; built-in thumbnailer
u2c.exe ⚠️ acceptable CLI uploader as a win7+ exe (video)
copyparty.pyz ⚠️ acceptable similar to the regular sfx, mostly worse
copyparty-en.pyz ⚠️ acceptable english-only, no smb-server
copyparty32.exe ⛔️ dangerous for win7 -- never expose to the internet!
cpp-winpe64.exe ⛔️ dangerous runs on 64bit WinPE, otherwise useless
bootable usb ┐(οΎŸβˆ€οΎŸ)β”Œ a surprisingly useful joke (x86_64)
  • except for u2c.exe, all of the options above are mostly equivalent
  • the zip and tar.gz files below are just source code
  • python packages are available at PyPI

  •  

v0.16.12

6 Juli 2026 om 14:55

[0.16.12] - 2026-07-06

If you are upgrading from v0.16.x, replace the binary (or run docker pull). If you are upgrading from v0.15.x and below, please read the upgrading documentation for more information on how to upgrade from previous versions.

Added

Changed

Fixed

  • DANE: Treat DNSSEC bogus as a temporary failures to prevent downgrade attacks.
  • OIDC provider:
    • ECDSA private key support for SEC1 format.
    • Allow ports in redirect_uri for loopback addresses.
  • OIDC directory:
    • Removing a user from all groups does not sync the changes correctly.
    • Fetch name and group claims from userinfo endpoint when missing from the JWT token.
  • PostgreSQL: Include error chain in error messages.
  • Prometheus: event counters are exported with incorrect metric names.
  • Registry: Changing the type of an existing account from user to group panics.
  • Masked emails: Return UnknownRecipient only for disabled or expired masked emails.
  • IDN: sanitize_email rejects valid Punycode domains.
  • Auto-ban: IP block expiration ignores per-reason ban durations.
  • Meilisearch: Limit the text search scope using attributesToSearchOn.
  • CalDAV: calendar-query REPORT returns invalid HTTP 404 when no events match the query.
  • Snowflake past id generation fails when the provided duration is longer than 4 years.
  • Calendar scheduling: Wrong RSVP base URL is used.
  • Network listener: Accept loop spins all CPU cores with no back-off when the process hits EMFILE (too many open files).
  • Cluster: Broadcast MTA queue refresh events to all nodes.

Check binary attestation here

  •  

DistroWatch Weekly, Issue 1180

6 Juli 2026 om 02:11
The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. This week in DistroWatch Weekly:
Review: FreeBSD 15.1 with install-time desktop
News: Asahi fixes macOS boot bug, reasons to run Gentoo, Ubuntu reverts Rust-based copy command, Astral gets WINE port
Questions and answers: Various tools for running admin commands
Released last week: Slackel 9.0 "MATE", Mageia 10, Kali Linux 2026.2, ArchBang....
  •  

v0.5.3 - β€œWell, I didn't vote for you!”

5 Juli 2026 om 18:53

0.5.3 (2026-07-05)

  • Feature: [#26308] Add all new track pieces to the inverted roller coaster.
  • Feature: [#26442] Add cheat to disable grass growing.
  • Improved: [#7921] On Linux, RCT2 and RCT1 installs in Wine are now automatically detected.
  • Improved: [#26325] Changing the train type, length, or direction no longer resets the number of laps if there is just one train.
  • Improved: [objects#437] Re-order St. Basil’s Cathedral pieces to be more consistent.
  • Change: [#26689] A clear scenario editor can now be opened directly from the command line.
  • Change: [objects#439] Drop numbers from Wacky Worlds scenery descriptions.
  • Fix: [#24613] Incorrect sprites drawn for path elements without a valid object.
  • Fix: [#26323] Ride stats do not reset when changing the number of trains changes the number of laps.
  • Fix: [#26494] The limits for where walls on the path side of the first tile block the view of rides/scenery are wrong (original bug).
  • Fix: [#26504] The boosts/penalties to excitement and nausea that air time provides are calculated wrong.
  • Fix: [#26545] Game crashes when plugin API function generateGuest fails to generate a guest.
  • Fix: [#26578] Crash when drawing path elements without a valid object.
  • Fix: [#26605] Desync when placing a track design in multiplayer.
  • Fix: [#26654] Fix Alton Towers stall and Rock’n’Roll Revival toilet being closed on scenario start.
  • Fix: [#26722] Missing construction rights owned on UCES Sand Dune scenario.
  • Fix: [objects#411] Some colours in green, acid green, pink and red water are inconsistent with natural water.
  • Fix: [objects#436] St. Basil’s Cathedral building pieces are incorrectly labelled as β€œKremlin” pieces.
  • Fix: [objects#438] Some walls are not marked as see-through while they don’t fully block the view.
  • Fix: [objects#440] Inconsistencies in scenario/park name capitalisation.

Release created in https://github.com/OpenRCT2/OpenRCT2/actions/runs/28747294389

SHA256 checksums:

dc597f5cc6115a7e5eff61c09a77a5edeb4686a69f72230dda4257c5c4f6f395  ./OpenRCT2-v0.5.3-macos-universal.zip
a653c7b0b54ce5cbe3703230227d624f825883b4312706f3582b9730f00c3706  ./OpenRCT2-v0.5.3-android.apk
fd8b595179e978d880737cd268f61046ed81a51ba42b89895725690bb5a8bf75  ./OpenRCT2-v0.5.3-windows-installer-x64.exe
b7f4d4420583f39b9e9b6f6bf67839916d8eac9fa302936a0edebfc7835b5861  ./OpenRCT2-v0.5.3-Linux-noble-x86_64.tar.gz
fc86fa42b00e95a81ad4326f6600da766d4fbb0d3d6c60c6c57a120b6718f1db  ./OpenRCT2-v0.5.3-windows-installer-arm64.exe
a0ba982c31f9aee5fc0c4c1d00914625bdab34adad3a4c4f69e840589121ec1d  ./OpenRCT2-v0.5.3-sha256sums.txt
726cc68f9a590b05822897cc3e05effa3437d5bfdb136bf106d4d1b0b733e0b6  ./OpenRCT2-v0.5.3-windows-symbols-x64.zip
c5870c1b2aea31220adc62212987cdfa1fc063a7b1f8f01dbb9b0cf644e63900  ./OpenRCT2-v0.5.3-windows-symbols-win32.zip
dfbdaa9b4e7f9441ba78fe7c02c8180a37c7639fb5f485b6cdc1436fd0518a91  ./OpenRCT2-v0.5.3-Linux-trixie-x86_64.tar.gz
f430793307dfc58fe7b58e2d40757e5c83a5648eb44847ecbaf03a46986d16dc  ./OpenRCT2-v0.5.3-Linux-bookworm-x86_64.tar.gz
9c63cb5d7b6d8b2b247f0b7339e5cfbf0d6bbec447b6d55a61f7da30f0f3d9f7  ./OpenRCT2-v0.5.3-linux-x86_64.AppImage
524fb97e3735fd40ac1619985df9215be4bbc4339145f2e8d01a431e46e678a7  ./OpenRCT2-v0.5.3-windows-portable-win32.zip
78e101f8d2e35ddb713c145caaa638fd693e9fde9b29b0f040301474712b15ab  ./OpenRCT2-v0.5.3-windows-portable-arm64.zip
ac756d1e717053efc3950f63188f7bf7c5b1a700d5cc30ffcf96f11c592147b7  ./OpenRCT2-v0.5.3-windows-symbols-arm64.zip
d67814e13c12e622d4570b9a8b4a417da5b002729f9f851e80d0562b781c80ab  ./OpenRCT2-v0.5.3-windows-portable-x64.zip
5f30ba5be029eb8e844be5b4be2b569ab21cee9258a74649dd1f126190e173de  ./OpenRCT2-v0.5.3-windows-installer-win32.exe
505a5f227a221f268b2f1ce07b2eb83823ab33f24de2d1045c8ce0e68ba0e501  ./OpenRCT2-v0.5.3-Linux-resolute-x86_64.tar.gz

  •  

Coaches: MAN Lion's Coach Gameplay Preview

Door: Alex
5 Juli 2026 om 17:00

Today, we’re excited to share your very first look at gameplay from our upcoming Coaches DLC for Euro Truck Simulator 2, a highly anticipated expansion that many of you in our community have been eager to see more of. Let's hit the road!


In this first showcase, we go behind the wheel of the MAN Lion's Coach. Join us as we take on a bus route between Duisburg and Rotterdam. Along the way, you’ll get a glimpse at the passenger satisfaction mechanics in its current iteration, and how it will play a role in your journey on the road ahead.

You’ll also get a great look at the MAN Lion’s Coach itself, a vehicle well regarded in the industry for its blend of efficiency, practicality, and passenger comfort. Powered by MAN’s reliable D26 engine, it delivers strong performance for long-distance travel. Inside, the coach is designed with comfort in mind for both driver and passengers alike, featuring large windows, well-arranged seating, and a clean, spacious interior. We think it makes the perfect choice for our first gameplay preview!



Please keep in mind that this gameplay footage is still a work in progress and does not represent the final version of the Coaches DLC. Some features, visuals, and mechanics may change or be further refined as development continues.

We hope you are as excited as we are for the upcoming Coaches DLC as the development continues! For the latest updates, be sure to follow us on our social media channels on X, Instagram, Facebook, Bluesky, and TikTok, or sign up for our newsletter. If you're looking forward to hitting the road in style, don’t forget to add the Coaches DLC to your Steam Wishlist!

  •  

Release 2026.07.05

5 Juli 2026 om 20:36

Docker Images

Docker images have been built and pushed:

Docker Hub:

  • alexta69/metube:latest
  • alexta69/metube:2026.07.05

GitHub Container Registry:

  • ghcr.io/alexta69/metube:latest
  • ghcr.io/alexta69/metube:2026.07.05

Changes

  • fix: fsync parent dir after direct-write fallback for durability parity (54463ba)
  • fix: serialize state before truncating in the direct-write fallback (b00d478)
  • fix: force 0600 on fallback state rewrites, not just creation (96e88a3)
  • fix: create fallback state file with owner-only 0600 permissions (49a46a7)
  • fix: make fsync best-effort so only mkstemp/replace failures fall back (961b54a)
  • fix: surface real storage errors from direct-write fsync fallback (e0549d6)
  • fix: limit atomic-write fallback to atomic-unsupported errnos (f315b75)
  • fix: fall back to direct write when atomic state save hits EPERM on NFS (c2c129d)

  •  

Dopamine 3.0.7

Door: digimezzo
4 Juli 2026 om 23:19

[3.0.7] - 2026-07-03

Added

  • Added automatic rating and love backup for situations where the database needs to be reset
  • Added a search field on the queue screens
  • Added possibility to download and show artist images in the list of artists (Thank you @FranzDeschler)
  • Added BPM filter to smart playlists
  • Added Kadbury theme (Thank you @kkdeep)
  • Added a button to jump to the playing song on each songs list
  • Added option to show a more compact song list
  • Added ListenBrainz scrobbling (Thank you @ugokitakunai)

Fixed

  • ReplayGain issues
  • Double-clicking next to an artists group letter causes a crash
  • Album shuffle button in Genres tab shuffles globally instead of within the genre (Thank you @UrielJaloto)
  • Lyrics are too small and sizing doesn't work when there are no smart lyrics
  • Window is outside of the screen when external display is disconnected

  •  

5.4.2

3 Juli 2026 om 22:57

Note

UpSnap is, and always will be, free and open source software.

If someone is asking you to pay money for access to UpSnap binaries, source code, or licenses, you are being scammed.

The official and only trusted source for UpSnap is this repository (and its linked releases).
Do not pay third parties for something that is provided here for free.

Changelog

Bug fixes

Others

  •  

UK Rework Project: Inverness

Door: Alex
3 Juli 2026 om 17:00

We hope you've packed a warm jacket and perhaps a wee bit of shortbread, because today we're taking you to the Scottish Highlands! We're excited to share with you a closer look at Inverness, a brand-new city arriving as part of our upcoming UK Rework project for Euro Truck Simulator 2. Let's take a closer look at what this destination has to offer drivers.


Known as the "Gateway to the Highlands", Inverness serves as an important hub for transport, tourism, and industry in the north of Scotland. Situated at the mouth of the River Ness and close to the famous Loch Ness, this historic city combines stunning natural scenery with modern infrastructure.


One of the most striking sights you'll encounter is the iconic Kessock Bridge, which spans the Beauly Firth and connects Inverness with the Black Isle. Drivers travelling through the city's industrial area will be treated to impressive views of this landmark suspension bridge, which has become a defining feature of the city's skyline.


As you make your way through the centre of Inverness, you'll be able to enjoy views of the River Ness and spot one of the city's most recognisable riverside hotels. Our team has also recreated several notable landmarks throughout the city, including the Inverness Justice Centre and the Caledonian Stadium, which enjoys one of the most picturesque sporting backdrops in Scotland.


Beyond its landmarks, Inverness offers spectacular scenery in every direction. Surrounded by rolling hills, waterways, and the dramatic landscapes of the Scottish Highlands, the city acts as the perfect introduction to one of the most beautiful regions in the United Kingdom. It's easy to see why millions of visitors travel here every year to begin their Highland adventures.


Whilst there is plenty of sightseeing to enjoy, there's also no shortage of work available! Inverness is home to two key industries where drivers can pick up and deliver cargo. Those looking to help keep Scotland's economy moving can take on jobs at the local oil facility or deliver cargo through the Port of Inverness, where a warehouse offers a variety of freight opportunities connected to the region's maritime trade.


We hope you've enjoyed this first look at Inverness, a brand-new city coming to Scotland as part of our ongoing UK Rework project, which will arrive as a free update for all owners of Euro Truck Simulator 2 in the future. Be sure to let us know in the comments what you think of Inverness and which parts of Scotland you'd love to see featured next. Until next time, keep on truckin', and haste ye back!

  •  

OBS Studio 32.2.0 Beta 3

3 Juli 2026 om 02:04

Beta 3 Changes

  • Fixed extra padding on some UI elements on Windows in Beta 1-2 [Warchamp7]
  • Fixed NVIDIA Audio Effects not working in Beta 1-2 [pkviet]
  • Fixed issues with long item names in the Audio Mixer in Beta 1-2 [Warchamp7]
  • Removed redundant "Monitor Only" from the Advanced Audio Properties window [Warchamp7]
    • Mute and Monitor are handled independently in the new Audio Mixer
  • Removed Close button from What's New dialog [Warchamp7]
  • Removed margins from What's New dialog [Warchamp7]

Beta 2 Changes

  • Fixed a CI deployment issue. There are no application changes since Beta 1.

32.2 New Features

  • Replaced add source dropdown with new dialog [Warchamp7]
  • Improved FPS selector UX [jcm93]
  • Added missing file support for filters [exeldro]
  • Added ability for plugins to set custom icons for new source types [cg2121]
  • Included .webp files when adding a directory to Image Slide Show source [TarunCore]
  • Added copy paste functions to frontend API [exeldro]
  • Added filter to compose SDR into HDR [jpark37]
  • Added delete as a hotkey to delete sources on macOS [PatTheMav]
  • Added dynamic bitrate support to multitrack video [lexano-ivs]

32.2 Changes

  • Forced Intel-based installations to update to Apple Silicon version on macOS [PatTheMav]
    • This change means that OBS Studio versions built for Intel-based Macs but running on Apple Silicon Macs will automatically update to OBS Studio built for Apple Silicon Macs. If an installation was using third-party plugins, those plugins will no longer load until replaced with Apple Silicon versions.
  • Fixed audio mixer state getting out of sync when changing settings via websockets or plugins [Warchamp7]
  • Added theming for checked QToolButtons [glikely]
  • Improved OpenGL performance slightly on low-end machines [kkartaltepe]
  • Set minimum size for color source to 1 pixel [exeldro]
  • Added minimum width to spinboxes [Warchamp7]
  • Disallowed overwriting the crash handler [sebastian-s-beckmann]
  • Applied process mitigation policies for Windows [notr1ch]
  • Adjusted description of multitrack video [jhnbwrs]
  • Changed new capture devices to use fallback frame rate by default [PatTheMav]
  • Improved DLL loading behavior on Windows [notr1ch]
  • Limited multitrack video config to Custom service [PatTheMav]

32.2 Bug Fixes

  • Fixed OAuth and dock state save corruption [PatTheMav]
  • Fixed group bounds not resizing when removing items [howellrl]
  • Fixed canvas mixes not being restored after video reset [dsaedtler]
  • Fixed some erroneous crashes during shutdown [Warchamp7]
  • Fixed display capture sometimes capturing black after a duplicator failure [ThrowTop]
  • Fixed color of controls dock output buttons in System theme [shiina424]
  • Fixed virtual camera reset failures [stephematician]
  • Fixed potential crash when user discards changes in the settings window [suogesi]
  • Fixed incorrect return value in virtualcam filter [xtfo]
  • Fixed source toolbar buttons not working after dragging a source into a group [Warchamp7]
  • Fixed properties hint icon spacing [Warchamp7]
  • Fixed potential crash when a video device reconnects on macOS [jcm93]
  • Fixed an issue where PipeWire could fail on NVIDIA GPUs [hoshinolina]
  • Fixed obs_canvas_get_video_info returning incorrect framerate [dsaedtler]
  • Fixed NVENC using incorrect bitrate in CQVBR mode [Lordmau5]
  • Fixed VAAPI AV1 not working when streaming with WHIP [RytoEX]

32.2 Deprecations

  • Deprecated obs_properties_add_button [sebastian-s-beckmann]

Checksums

OBS-Studio-32.2.0-beta3-Sources.tar.gz: ef43995eb14efe8b8e6191c47bd6f153d2afeb3d7f89651f841fa324107fba87
OBS-Studio-32.2.0-beta3-Ubuntu-24.04-x86_64-dbsym.ddeb: 3a836ea98ed8b529e3f55697c5d9dce5618ee2af1af3c3bbb85ad477c21bdf80
OBS-Studio-32.2.0-beta3-Ubuntu-24.04-x86_64.deb: 2dcea895e43a98b0d3806059caeab8f1daa079b6cc7b8621bdd5431fec69b2f3
OBS-Studio-32.2.0-beta3-Ubuntu-26.04-x86_64-dbsym.ddeb: b393f34ba32641fadea8fac15bd283f997249a4e784d70b9c718e8b3a4b2ac3c
OBS-Studio-32.2.0-beta3-Ubuntu-26.04-x86_64.deb: 8d92c0ffca97deff9837939e32acc22abe9ea86936d1a19dce019df5dd1d45d9
OBS-Studio-32.2.0-beta3-Windows-arm64-PDBs.zip: 209b9a05e8b2846b055900c3fba992537415677f3b7010d2384d99110bd49aeb
OBS-Studio-32.2.0-beta3-Windows-arm64.zip: 87c99eba714e86f35c32ce1a40cd71a647bc0ddfdde8c80c63dc7ac761880d61
OBS-Studio-32.2.0-beta3-Windows-x64-Installer.exe: c9b46539f7eb3f1fd8fb0e1d6567c13f04ea8ce4849cb396fc93734238ce4d01
OBS-Studio-32.2.0-beta3-Windows-x64-PDBs.zip: c7ea35d7b6ea40ce8e5d61cb71e7257124356cd4ad69f320e654b79baf9e1414
OBS-Studio-32.2.0-beta3-Windows-x64.zip: 2ce6b1b0afbf7eb3eff95320cdcdc09d0a458242244de6f7dadb8ef330f53f9c
OBS-Studio-32.2.0-beta3-macOS-Apple-dSYMs.tar.xz: 1835eb94f8482de3d8e80a9cd44f8048e52333efe30b898fc6a22cab564edd3c
OBS-Studio-32.2.0-beta3-macOS-Apple.dmg: c29af9b0f1d73bc0af29a2792da05425c75a8696a271ca2a7c7578ed7e665830
OBS-Studio-32.2.0-beta3-macOS-Intel-dSYMs.tar.xz: 50d06713bca689c35eccf1efb429666614f1a2c932197e086eed83432cd68f7f
OBS-Studio-32.2.0-beta3-macOS-Intel.dmg: 452922feffa830a0413a61f640bf01fac3daf69e26ef9620e91ee334d4a28cb0

  •  

Distribution Release: Ultramarine Linux 44

3 Juli 2026 om 01:55
The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. The Ultramarine Linux, a Fedora-based desktop distribution, has published a new release, version 44. The new version includes updates to three of the four desktop environments: "We have gotten tons of feedback and praise for switching to Plasma as our recommended edition. This release comes with Plasma 6.7,....
  •  

Mobile OS Release: CalyxOS 7.2.2.0

3 Juli 2026 om 01:24
The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. The CalyxOS team have announced the return of the project to active status and, with it, the launch of version 7.2.2.0 of the mobile operating system. "CalyxOS 7.2.2.0 is up online. This release will receive all future updates. If you haven’t previously installed 7.2.1.0 (test build) and want....
  •  

Distribution Release: Galactic Mandate Linux 99

2 Juli 2026 om 20:21
The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. M. R. Richardson, a science fiction writer and author of the Galactic Mandate series of science fiction books, has announced the release of Galactic Mandate Linux 99. Based on Ubuntu 26.04, this release comes with the Budgie desktop and labwc Wayland compositor, and it also includes book-cover themes,....
  •  

v5.50.0

2 Juli 2026 om 13:15

5.50.0 (2026-07-02)

πŸš€ New feature

  • admin: add active devices session management (#26628)
  • cli: add security defaults to create-strapi-app templates (#26737)
  • database: export lifecycle event type (#25637)
  • provider-email-sendgrid: add region option for EU data residency (#25907)
  • provider-upload-aws-s3: accept a credential provider function (#26796)
  • translations: comprehensive Japanese (ja) translation update for admin and 9 plugins (#26687)
  • ts: augment all context error response methods (#25424)

πŸ”₯ Bug fix

  • refresh token cookies missing Max-Age when sessions.cookie.maxAg… (#26747)
  • add test database healthchecks (#26511)
  • generate apis in named directories (#26354)
  • admin: retry lazy chunk loads and improve loading and error UX (#25954)
  • admin: open "Upgrade your admin panel" link in new tab (#26510)
  • admin: remove @ts-expect-error in useQueryParams hook (#25006)
  • admin: hide boolean clear action when field is disabled (#26294)
  • admin: restore default locale in permissions when adding i18n to ct (#26548)
  • admin: keep static fallback paths url-safe (#26518)
  • admin: stop storing IP addresses in session metadata (#26873)
  • ci: use allowlisted thollander action ref in experimental publish workflow (#26768)
  • content-api: validate populate for polymorphic structures (#25854)
  • content-manager: warn before publishing with draft relations (#26736)
  • content-manager: use ListViewTable relation-loaded translation key (#26798)
  • content-manager: serve live preview script from server endpoint (#26732)
  • content-manager: capitalize component category names in dynamic zone (#24426, #26337)
  • content-manager: add Japanese EditView shortcut hint translations (#26814)
  • content-manager: prevent dynamic zone crash when value is null (#26816)
  • content-manager: skip publish warning for M2M links to published entries (#26858)
  • content-type-builder: improve component category validation error message (#25455)
  • core: preserve M2M relation order on published version after reo… (#26791)
  • core: maxFileSize error not detected in body middleware (#25011)
  • core: resolve relations on non-localized entries with stale locale column (#26805)
  • create-strapi-app: scaffold pnpm 11 allowBuilds for Strapi Cloud (#26757)
  • create-strapi-app: enable strict TypeScript in app scaffolds (#26779)
  • create-strapi-app: limit odd Node major warning to versions before 26 (#26810)
  • data-transfer: restore localizations links that use document_id refs (#26870)
  • graphql: preserve M2M relation order with pagination (#26577, #26785)
  • test: tighten jest ignore patterns to match path segments (#26753)
  • translations: correct ja "characters" mistranslation in WYSIWYG controls (#26845)
  • types: tighten Core.Config typings with backward-compatible deprecations (#26787)
  • upload: disable asset editing and deletion on published entries (#26127)
  • users-permissions: accept documentId for the role relation on user create/update (#26715)
  • users-permissions: correct "occured" β†’ "occurred" typo in error notifications (#26508)
  • utils: prevent crash on null dynamic zone entry during traversal (#24303, #26842)

πŸ“š Documentation Changes

  • fix typos and grammar slips in content-manager docs (#26600)

βš™οΈ Chore

  • add ai-tooling sync script for skill symlinks (#26594)
  • rename ai-tooling yarn scripts to ai:* (#26767)
  • reduce Vercel noise on PRs (contributor-docs ignore step) (#26772)
  • cloud plugin updates (#26801)
  • update cli deploy copies (f0fa460525)
  • deps: hoist @types/node to root and align with 20, min supported engine (#26291)
  • deps: upgrade TypeScript to 5.9.3 (#26782)
  • deps: bump hono from 4.12.23 to 4.12.27 (#26761)
  • deps: bump design-system to v2.2.1 (#26788)
  • deps: bump axios from 1.18.0 to 1.18.1 (#26762)
  • deps: upgrade lint-staged to 16 and scope linting to staged files (#26765)
  • deps: remove unused @strapi/ts-zen dev dependency (#26759)
  • typescript: enable erasableSyntaxOnly and noUncheckedSideEffectImports (#26790)
  • workflows: make documentation flag name more obvious (#26649)

πŸ’… Enhancement

  • admin: add uz-Cyrl native name to languageNativeNames (#24920)
  • strapi: lazy-load TypeScript chain for non-build CLI commands (#26265)
  • utils: add env.required for strict scaffold secrets (#26830)

🚨 Security

  • users-permissions: default legacy JWT verify to HS256 (#26752)

❀️ Thank You

  •  

BookStack v26.05.2

2 Juli 2026 om 11:44

Security Release

This is a security release to address some edge case vulnerabilities related to URL filtering, redirect handling, and permission checking, while also updating dependencies to help prevent known potential vulnerabilities in those being exploited.

Upgrading is advised for instances with public access enabled, or for instances where untrusted users are able to edit content.

Thanks to Gurmandeep Deol (LinkedIn) and MFK25 for responsibly reporting issues addressed in this release.

Full List of Changes

  • Added Serbian language to language_select array. Thanks to @PolarniMeda. (#6153)
  • Updated PHP package versions.
  • Updated translations with the latest crowdin changes.
  • Updated content allow-filtering to consider protocols used in srcset attributes.
  • Updated URL filtering with a more thorough centralized utility class.
  • Updated comment delete action to also check comment visibility permissions.
  • Updated referring URL use with stronger source validation.
  • Updated translations with latest crowdin changes. (#6166)

  •  

v12.1.0

2 Juli 2026 om 14:45

⚠️ Potential Breaking Changes

  • @directus/api
    • Limited sensitive system mutations defined by GRAPHQL_SINGLE_USE_MUTATIONS to single use (#27801 by @br41nslug)
    • Removed /utils/hash/generate and /utils/hash/verify endpoints (#27774 by @br41nslug)
    • Fixed failed TUS file replacements leaving orphaned file records. Hardened upload path validation to prevent writes to extension and temporary storage directories (#27803 by @br41nslug)
    • Updated GraphQL WebSocket restrictions to match the HTTP endpoint and hid validation hints when introspection is disabled (#27801 by @br41nslug)
    • Added CORS_ORIGIN checks for websocket connections (#27812 by @br41nslug)
  • @directus/specs
    • Removed /utils/hash/generate and /utils/hash/verify endpoints (#27774 by @br41nslug)
  • @directus/sdk
    • Removed /utils/hash/generate and /utils/hash/verify endpoints (#27774 by @br41nslug)
  • Hardened the published Docker image and added a distroless Docker Hardened Image (DHI) variant alongside it. The standard image now applies outstanding OS-level patches at build time and drops npm/npx from the runtime; the new DHI variant is published under a -dhi tag suffix (#27670 by @br41nslug)

✨ New Features & Improvements

πŸ› Bug Fixes & Optimizations

  • @directus/app
    • Restored pre-v12 back button behavior: returns to the previously visited item/page when navigating via a relation, and to the collection listing when landing on an item directly (#27799 by @robluton)
    • Fixed the public page foreground image rendering side-by-side with the shader background instead of overlaying it (#27782 by @alvarosabu)
    • Added clearable indicator to input hash field (#27729 by @robluton)
    • Added lazy loading of social icons on v-button (#27724 by @alvarosabu)
    • Bumped version of @directus/license package (#27785 by @AlexGaillard)
    • Fixed array indexing (e.g. field[0] or field.0) in display and preview URL templates, so a template like {{ categories[0].name }} now resolves to the indexed value instead of rendering empty (#27773 by @dstockton)
    • Fixed a stored XSS vulnerability where the project color could break out of the generated favicon's SVG markup and inject arbitrary HTML (#27810 by @br41nslug)
    • Fixed an internal server error when validating out-of-range integer values (#27321 by @sourav-18)
    • Added interface settings for collection status field (#27781 by @robluton)
  • @directus/api
  • @directus/extensions-sdk
  • @directus/system-data
  • @directus/composables
  • @directus/validation
    • Fixed an internal server error when validating out-of-range integer values (#27321 by @sourav-18)
  • @directus/env
    • Limited sensitive system mutations defined by GRAPHQL_SINGLE_USE_MUTATIONS to single use (#27801 by @br41nslug)
  • @directus/utils
    • Classified the embedded IPv4 of IPv6 transition forms (IPv4-compatible, NAT64, 6to4) in IpBlocklist.checkAddress so they cannot bypass an IPv4 deny rule (#27698 by @joeltco)
  • License keys correctly validate, even when NODE_ENV=development

πŸ“¦ Published Versions

  • @directus/app@16.2.0
  • @directus/api@37.0.0
  • @directus/composables@11.5.1
  • create-directus-extension@12.1.1
  • @directus/env@6.1.0
  • @directus/extensions@4.0.1
  • @directus/extensions-registry@4.0.1
  • @directus/extensions-sdk@18.0.1
  • @directus/memory@4.0.1
  • @directus/pressure@4.0.1
  • @directus/specs@15.0.0
  • @directus/storage-driver-azure@13.0.1
  • @directus/storage-driver-cloudinary@13.0.1
  • @directus/storage-driver-gcs@13.0.1
  • @directus/storage-driver-s3@13.0.1
  • @directus/storage-driver-supabase@4.0.1
  • @directus/system-data@4.5.1
  • @directus/themes@2.0.1
  • @directus/utils@13.5.1
  • @directus/validation@3.0.1
  • @directus/sdk@23.0.0

  •  

Distribution Release: ArchBang Linux 010726

1 Juli 2026 om 20:20
The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. The ArchBANG project has released a new version of ArchBANG Linux with another radical change - it has replaced labwc with the Mango Wayland compositor. The new version, labelled as 010726, comes with both graphical and command-line system installers: "Pleased to announce the release of ArchBang running the....
  •  
❌