Windows Installer
Windows No Installer (zip)
macOS - Universal
Linux - deb, AppImage or rpm
Windows intel x32 releases are marked -ia32-
ChangeLog:
This release specifically addresses a scenario, introduced in v25.12.4, where loading the editor of a page, last updated/created by a different user with blank content, would result in an error.
This release contains the following fixes and changes:
News from apt.postgresql.org:
apt.postgresql.org now has changelog files in a place where apt can retrieve them automatically, for example
apt changelog postgresql-18
will download the file and display it in a pager. Mind that the files are only present yet for packages updated since last week, the rest will follow over time.
Likewise, package build logs are now also stored along with the packages in .build.xz files in the pool directory. (There is no automated download tool for them, though.)
Work on the upcoming Ubuntu 26.04 "resolute" release has started and packages are available on apt.postgresql.org.
The Ubuntu 25.04 "plucky" release has reached its end of life and has been moved to apt-archive.postgresql.org.
Christoph
Yes, the day has finally arrived: the Open Home Foundation merch store is up and running! π₯³ While some of you have tracked it down already (and are wearing the T-shirts to prove it!), we wanted to share it officially with the whole community so no one misses the chance to get involved.
In case you didnβt know, there are already several ways to support our fight for the principles of privacy, choice, and sustainability for smart homes: you can subscribe to Home Assistant Cloud, buy official hardware from our commercial partners, or contribute to an open source project.
The merch store adds another choice to the mix thatβs fun and easy to access. Whether youβve been with us from the beginning, or have only recently discovered our mission and like what we stand for, the merch store is open to everyone!
We have offered merch before through on-demand services, but those platforms didnβt give us the control we wanted. Now we have our own store, we can select every item ourselves, check the quality (weβve particularly enjoyed getting cozy in the hoodies this winter), and work with ethical manufacturers who share our commitment to sustainability.
And hereβs the important part: after covering costs like production and fulfillment, your purchase contributes directly to our mission. You can see the breakdown of where your money goes on every product page.
Weβre starting with the essentials: hoodies, tees, polos, and accessories in a range of classic styles, colors, and designs β with exciting plans to expand both our products and categories over time. But for now there should be something for everyone: from understated logos to bold patterns that declare your advocacy loud and clear. One of our favorites is the βOpen Homesβ tee, where our in-house designer has captured our communityβs strength β one foundation, many homes.
Weβve put a lot of thought and care into creating this first collection, and we canβt wait for you to check it out! You can browse our European or North American store depending on where youβre based: both have the full selection of swag, with local shipping for speed and convenience (and a lower carbon impact).
And rememberβ¦ this is just the beginning. We already have lots of ideas for whatβs next. But we want to hear from you too: what designs would you wear? What products or materials are you missing? Let us know and help us build a store the community really loves β in the open, of course.
The OpenWrt community is proud to announce the fifth release candidate of the OpenWrt 25.12 stable series.
Download firmware images using the OpenWrt Firmware Selector:
Download firmware images directly from our download servers:
This is not the final version, this is a test version. Please report problems and bugs in our issue tracker.
OpenWrt 25.12.0-rc5 incorporates over 4600 commits since branching the previous OpenWrt 24.10 release and has been under development for over one year.
Only the main changes are listed below. See changelog-25.12.0-rc5 for the full changelog.
The hardware requirements did not change significantly, most devices supported by OpenWrt 24.10 should also work with OpenWrt 25.12.
OpenWrt has transitioned from the traditional opkg package manager to apk (Alpine Package Keeper).
This change brings several advantages:
apk supports most features of opkg. Only very few package names changed. The command line arguments of apk are different from the command line arguments of opkg.
For users migrating existing systems, an official opkg to apk cheatsheet is available to ease the transition and map common workflows.
The attended sysupgrade LuCI application is now installed by default.
ASU allows devices to:
This dramatically simplifies upgrades: with just a few clicks in LuCI and a short wait, a custom firmware image is built and installed without manual intervention.
Shell command history is now preserved across sessions by storing it in a RAM-backed filesystem.
Benefits:
For users who prefer persistent history storage, this behavior can be changed by editing: /etc/profile.d/busybox-history-file.sh
β οΈ Note: Storing history on flash will increase write cycles and may impact flash endurance over time.
The OpenWrt video feed with Qt5 and UI applications is integrated by default.
The wifi scripts were rewritten in ucode.
OpenWrt 25.12 supports over 2240 devices. Support for over 220 new devices was added in addition to the device support by OpenWrt 24.10.
Core components have the following versions in 25.12.0-rc5:
In addition to the listed applications, many others were also updated.
Upgrading from 24.10 to 25.12 should be transparent on most devices, as most configuration data has either remained the same or will be translated correctly on first boot by the package init scripts.
Sysupgrade from 23.05 to 25.12 is not officially supported.
Cron log level was fixed in busybox. system.@system[0].cronloglevel should be set to 7 for normal logging. 7 is the default now. If this option is not set, the default is used and no manual action is needed.
Bananapi BPI-R4: Interfaces eth1 was renamed to sfp-lan or lan4 and the interface eth2 was renamed to sfp-wan to match the labels. You have to upgrade without saving the configuration.
If you wish to start from scratch (always the safest, but also the most work), simply download the pre-built image from the downloads site or from the Firmware Selector to your device. Make sure to create and save a backup, then install the image using sysupgrade -n /tmp/firmware.bin or the LuCI Backup/Flash Firmware, being sure to set "Keep settings and retain the current configuration" to its off position. Restore or reconstruct your configuration using the contents of the backup as a template.
Attended Sysupgrade (ASU) allows you to build a custom image that retains all of your installed packages and their configuration transparently. You need to use one of the three ASU clients that interface with the ASU server to produce this custom image:
Both the LuCI ASU app and owut are optional packages in 24.10, so if you have not installed them, they won't be there by default. Use either the LuCI Package Manager to install them, or you can do it from the command line with opkg:
Log in
$ opkg update
$ opkg install luci-app-attendedsysupgrade
$ opkg install owut
Note that you can install one or the other, or both together, they are completely independent packages.
The Firmware Selector does an excellent job of searching through the thousands of available device configurations and getting you to the right place. But, some devices have several variants and possibly different image formats, so if you're unsure about which one you need or which device you're dealing with or anything else, go to the |Firmware Selector support thread and ask away.
The LuCI web interface should be fairly self explanatory. Since you have fairly limited options there that should be pretty obvious, but if anything is unclear or you're unsure about something, go to the LuCI Attended Sysupgrade support thread and ask.
If you choose to use owut, the fact that it's a command line program means you'll need a little more explanation regarding best practices. In any situation, it's always safe to do a check to see what's going on.
$ owut check --verbose --version-to 25.12
... a lot of output ...
This check should show you all the details of what this upgrade entails with regards to the packages available, and will point out any issues with package versions and so on.
Assuming the results of the check look good, you can simply do an upgrade next.
$ owut upgrade --verbose --version-to 25.12
... even more output ...
If you are unsure of anything you see in the check, during the upgrade, or simply have questions, jump on over to the owut support thread on the forum and ask.
eth1 to wan.Full release notes and upgrade instructions are available at
https://openwrt.org/releases/25.12/notes-25.12.0-rc5
In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/25.12/notes-25.12.0-rc5#known_issues
For a detailed list of all changes since 25.12.0-rc4, refer to
https://openwrt.org/releases/25.12/changelog-25.12.0-rc5
To download the 25.12.0-rc5 images, navigate to:
https://downloads.openwrt.org/releases/25.12.0-rc5/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org?version=25.12.0-rc5
As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.
Have fun!
The OpenWrt Community
To stay informed of new OpenWrt releases and security advisories, there
are new channels available:
a low-volume mailing list for important announcements:
https://lists.openwrt.org/mailman/listinfo/openwrt-announce
a dedicated "announcements" section in the forum:
https://forum.openwrt.org/c/announcements/14
other announcement channels (such as RSS feeds) might be added in the
future, they will be listed at https://openwrt.org/contact
The Stable channel has been updated to 145.0.7632.109/110 for Windows/MacΒ andΒ 145.0.7632.109 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in theΒ Log
Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but havenβt yet fixed.
This update includes 3 security fixes. Please see the Chrome Security Page for more information.
[TBD][477033835] High CVE-2026-2648: Heap buffer overflow in PDFium. Reported by soiax on 2026-01-19
[TBD][481074858] High CVE-2026-2649: Integer overflow in V8. Reported by JunYoung Park(@candymate) of KAIST Hacking Lab on 2026-02-03
[N/A][476461867] Medium CVE-2026-2650: Heap buffer overflow in Media. Reported by Google on 2026-01-18
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.
Interested in switching release channels? Find out howΒ here. If you find a new issue, please let us know byΒ filing a bug. TheΒ community help forumΒ is also a great place to reach out for help or learn about common issues.
Srinivas Sista
[An on-line version of this announcement will be available at https://www.postfix.org/announcements/postfix-3.10.8.html]
Fixes for all supported Postfix releases:
Improved Milter error handling for messages that arrive over a long-lived SMTP connection, by changing the default milter_default_action from "tempfail" to the new "shutdown" action (i.e. disconnect the remote SMTP client).
The problem was that after a single Milter error, Postfix could tempfail all messages that the client sends over a long-lived connection, even if the Milter error was only temporary. This problem was reported by Ankit Kulkarni.
Bugfix (defect introduced: Postfix 2.11): "posttls-finger -v -v -v" terminated with a panic, caused by recursive logging. Reported by Geert Hendrickx, diagnosed by Viktor Dukhovni, and fixed by Wietse.
With one simple change, the patch for Postfix 3.7 should also apply to older Postfix versions, because the patch affects code that has not changed in a decade or so. The simple change is to remove the Prereq: line, and to remove the part that updates the HISTORY file.
You can find the updated Postfix source code at the mirrors listed at https://www.postfix.org/.
The Extended Stable channel has been updated to 144.0.7559.220Β for Windows and Mac which will roll out over the coming days/weeks.
This release specifically addresses issues introduced in v25.12.4, where drawings could become non-editable in certain scenarios due to content filtering rules.
This release contains the following fixes and changes:
Below are development builds for testing purposes.
Latest development build: 2.6.2.25 (March 1st 2026)
Latest stable release build: 2.6.2.1
https://github.com/clsid2/mpc-hc/releases/tag/2.6.2
This release specifically addresses folder permission issues (often showing as an error when attempting to access content) which could occur from changes introduced in v25.12.4.
This release contains the following fixes and changes:
@directus/app@15.4.0@directus/api@33.3.1
BookStack v25.12.4 has been released.
This is a security release to address a vulnerability where style code in page content could be used to manipulate the page beyond the expected content area, opening up risk of potential phishing and/or tracking by bad page editors.
We advise that you update your instance if you allow untrusted users to create or edit pages.
Thanks to SeongYun Moon (@Moonster8282 on GitHub) for their responsible discovery and reporting of this issue.
Additional Update Notices
ALLOW_CONTENT_SCRIPTS env option is now considered deprecated. It's advised to use the APP_CONTENT_FILTERING option, as documented here, instead if needed.If you experience issues with your page content being over-filtered feel free to raise an issue on GitHub where we can check if the behaviour is intentional or something which needs to be patched.
You can use the new page content filtering option, with a value of jhf which should match the prior version filtering, but this will remove a layer of content filtering security so is not recommend.
Warning
After upgrade, you need to run php bin/console doctrine:migrations:migrate (or equivalent) as webserver user after upgrade.. If you are running a docker container, use sudo docker exec --user=www-data partdb php bin/console doctrine:migrations:migrate, or sudo -E inside the docker container, to ensure that the migrations are applied to the correct database.
Tip
If you like Part-DB, consider donating to support the development. Press the sponsor button on the main github page, for more info.
Important
If you are using Part-DB it would be helpful if you fill out this short survey on your usage of Part-DB (Google Forms): https://forms.gle/Q15twx3YYq3qCNfe8
The PostgreSQL Global Development Group is planning for an out-of-cycle release on February 26, 2026 due to regressions introduced in the February 12, 2026 update release, which included releases 18.2, 17.8, 16.12, 15.16, and 14.21. This release will provide fixes for all supported versions (18.3, 17.9, 16.13, 15.17, 14.22). While these fixes may not impact all PostgreSQL users, the PostgreSQL Global Development Group wants to address these issues before the next scheduled release on May 14, 2026.
The regressions from this release include:
substring() function raises an error "invalid byte sequence for encoding" on non-ASCII text values if the source of that value is a database column."could not access status of transaction".For the substring() regression, the fix for CVE-2026-2006, which closed a vulnerability in the database server, introduced a regression causing substring() to improperly return an error on multi-byte (non-ASCII) text values if the source of that value was a database column. If you've upgraded to 18.2, 17.8, 16.12, 15.16, or 14.21, and need the fix ahead of the February 26, 2026 release, you should consider manually applying the changes. Release specific information can be found here: https://wiki.postgresql.org/wiki/2026-02_Regression_Fixes.
Ahead of this release, you can find additional information about the regressions and fixes here: https://wiki.postgresql.org/wiki/2026-02_Regression_Fixes.
group (#26626 by @dstockton)@directus/app@15.3.0@directus/api@33.3.0@directus/composables@11.2.13@directus/constants@14.1.0create-directus-extension@11.0.29@directus/env@5.5.3@directus/extensions@3.0.19@directus/extensions-registry@3.0.19@directus/extensions-sdk@17.0.9@directus/memory@3.1.2@directus/pressure@3.0.17@directus/schema-builder@0.0.14@directus/storage-driver-azure@12.0.17@directus/storage-driver-cloudinary@12.0.17@directus/storage-driver-gcs@12.0.17@directus/storage-driver-s3@12.1.3@directus/storage-driver-supabase@3.0.17@directus/themes@1.2.4@directus/types@14.2.1@directus/utils@13.2.2@directus/validation@2.0.17
Warning
After upgrade, you need to run php bin/console doctrine:migrations:migrate (or equivalent) as webserver user after upgrade.. If you are running a docker container, use sudo docker exec --user=www-data partdb php bin/console doctrine:migrations:migrate, or sudo -E inside the docker container, to ensure that the migrations are applied to the correct database.
Tip
If you like Part-DB, consider donating to support the development. Press the sponsor button on the main github page, for more info.
Important
If you are using Part-DB it would be helpful if you fill out this short survey on your usage of Part-DB (Google Forms): https://forms.gle/Q15twx3YYq3qCNfe8
Full Changelog: v2.6.0...v2.7.0
