The Stable channel has been updated to 143.0.7499.146/.147 for Windows/Mac  and 143.0.7499.146 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log.

Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$10000][448294721] High CVE-2025-14765: Use after free in WebGPU. Reported by Anonymous on 2025-09-30

[TBD][466786677] High CVE-2025-14766: Out of bounds read and write in V8. Reported by Shaheen Fazim on 2025-12-08

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.

Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

 The Extended Stable channel has been updated to 142.0.7444.243 for Windows and Mac which will roll out over the coming days/weeks.

• View downloads
• View release notes

• View downloads
• View release notes

🚀 Jellyfin Server 10.11.5

We are pleased to announce the latest stable release of Jellyfin, version 10.11.5! This minor release brings several bugfixes to improve your Jellyfin experience. As always, please ensure you take a full backup before upgrading!

You can find more details about and discuss this release on our forums.

Changelog (17)

📈 General Changes

• Fix unnecessary database JOINs in ApplyNavigations [PR #15666], by @andrewrabert
• Skip invalid ignore rules [PR #15746], by @Shadowghost
• Fix backdrop images being deleted when stored with media [PR #15766], by @theguymadmax
• Fix NullReferenceException in ApplyOrder method [PR #15768], by @theguymadmax
• Fix AV1 decoding hang regression on RK3588 [PR #15776], by @nyanmisaka
• Fix collections display order [PR #15767], by @theguymadmax
• Fix parental rating filtering with sub-scores [PR #15786], by @theguymadmax
• Fix case sensitivity edge case [PR #15752], by @Collin-Swish
• Fix trickplay images using wrong item on alternate versions [PR #15757], by @theguymadmax
• Fix blocking in async context in LimitedConcurrencyLibraryScheduler [PR #15662], by @SapientGuardian
• Use original name for MusicAritist matching [PR #15689], by @gnattu
• Backport dependencies [PR #15723], by @Shadowghost
• Fix symlinked file size [PR #15681], by @ivanjx
• Fix ItemAdded event triggering when updating metadata [PR #15680], by @theguymadmax
• Fix: Add .ts fallback for video streams to prevent crash [PR #15690], by @martenumberto
• Fix stack overflow during scan (#15000) [PR #15698], by @myzhysz
• Fix the empty output of trickplay on RK3576 [PR #15670], by @nyanmisaka

• read-only demo server at https://a.ocv.me/pub/demo/
• docker image ╱ similar software ╱ client testbed

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2025-09-07)

recent important news

• v1.19.8 (2025-09-07) fixed CVE-2025-58753 (a missing permission-check inside single-file shares)
• v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled

🧪 new features

• #1068 #1089 add options to customize which textfiles (readme/prologue/epilogue) to embed above/below directory listings 14bef85
  • prologues, epilogues, readmes, preadmes (global-options and/or volflags) accept a comma-separated list of filenames to look for
• #1092 add option th-qv to change the thumbnail quality a1cbac0
  • also found and enabled a size-optimization for libvips, so:
• #1092 automatically delete and rebuild thumbnails if thumbnailer-config is changed ca6c4de
• #1049 add option log-date to display dates in logs 965a4a6
• #1047 rss-feed: title/description of each entry is now a template-string which can reference arbitrary metadata properties (thx @djjeane!) 5e85e3d
• extend the ramdisk safeguard to also prevent moving files into ephemeral storage fa91822
  • would previously prevent creating new files, but this was another potential source for confusion (thx coworker!)
• now possible to customize the thank you for playing ban-message ce2eeba
• #964 option to change the default value of the Cache-Control response-header 3bc0bf1
  • don't let this be you :^)

🩹 bugfixes

• #1010 correctly replace illegal characters in filenames according to underlying filesystem ba017f7
  • for example, uploading a folder named COMPLE:X into an exFAT flashdrive on linux is now possible
  • and, to make that possible, filesystem-detection now sees the true filesystem behind FUSE (for example ntfs-3g) 3bbed1b
• audio-playback would skip into the next folder rather than play the rest of the current one if the folder was sufficiently massive 8e2fb05
• #1094 fix ipu with idp users 594ec39
• commandline uploader: fix termsize detection on windows 7d526ea
• #1104 the rss feature now complains loudly if e2d is not enabled (because that was always necessary but not obvious) 9219540
• ui/ux:
  • #1102 the option to cosmetically hide server info did not apply for all themes e440578
  • the metadata-property date (default-disabled) was renamed to tdate to avoid colliding with the last-modified timestamp if enabled fecc3fd
• docs:
  • #1070 how to use the bundled archlinux systemd scripts 7f82189
  • podman-systemd: fix paths in guide (thx @emiliatheworst!) a869839
  • synology: better way to hide @eaDir 1b0eb45

🔧 other changes

• add a loud warning in logs if X-Forwarded-Proto is not added by the reverseproxy ad45de9 1b222fb
  • almost did the same for X-Forwarded-Host too before realizing that's generally not a thing
• #1038 creating a blank chpw.json before starting copyparty is now supported and no longer crashes on startup efc6a09
• #1105 better feedback in the login ui (thx @stackxp!) 08474db
• mtag/audio-key.py: replaced the melodic key detector since ffmpeg-8 / alpine-3.23 broke it 67ddc64
• updated deps:
  • webdeps: dompurify-3.3.1 e0b04d9
  • copyparty.exe: python-3.13.11 9e64fe0

🌠 fun facts

• 39c3 has a LOT of awesome self-organized sessions
  • didn't have anything copyparty-related this time but CCC HYPE!

⚠️ not the latest version!

32.0.4 Hotfix Changes

• Fixed an issue in 32.0.3 where deleting a scene does not remove its audio sources from the Audio Mixer [exeldro/Warchamp7]
• Fixed an issue in 32.0.3 with audio device lag due to new deduplication logic [pkviet]
• Fixed an issue in 32.0.x where transition duration was not updated in the UI [Warchamp7]

32.0.3 Hotfix Changes

• Adjusted application shutdown logic [Warchamp7]
  • This is a fairly large change that aims to stabilize OBS Studio's application shutdown process. This reduces the number of scenarios in which the "OBS Studio Unclean Shutdown" dialog will appear and also fixes a crash when forcing a log off or shutdown with active outputs.
• Fixed a crash during canvas removal [dsaedtler]
• Fixed a forced application shutdown while changing scene collections due to attempting to access removed sources [exeldro]
• Fixed several audio monitoring deduplication issues [pkv]

32.0.2 Hotfix Changes

• Fixed a crash on macOS when attempting to login with service integrations [PatTheMav]
• Fixed an issue on macOS where Syphon Client sources could be blank/transparent [gxalpha]

32.0.1 Hotfix Changes

• Fixed a possible crash in 32.0.0 on Windows when opening source properties [wanhongqing123]
• Fixed an issue in 32.0.0 where browser sources would break after switching scenes [tytan652]
  • This issue may also have caused increased resource usage.
• Fixed an issue in 32.0.0 with the audio deduplication logic when an Audio Capture Source device is also used for monitoring [pkv]
• Fixed an issue in 32.0.0 where Multitrack Video settings were unavailable to Custom Services [PatTheMav]

32.0 New Features

• Added a basic plugin manager [FiniteSingularity/PatTheMav/Warchamp7]
• Added opt-in automatic crash log upload for Windows and macOS [PatTheMav/Warchamp7]
• Added Voice Activity Detection (VAD) to NVIDIA RTX Audio Effects, which improves noise suppression for speech, as well as several optimizations to NVIDIA Effects [pkv]
• Added chair removal option for NVIDIA RTX Background Removal, allowing removal of chairs [pkv]
• Added experimental Metal renderer for Apple Silicon Macs [PatTheMav]
• Added Hybrid MOV support [derrod]
  • Brings ProRes support on macOS and a more widely supported HEVC/H.264 + PCM audio option to all platforms

32.0 Changes

• OBS Studio will no longer load plugins built for a newer release of OBS to prevent future compatibility issues [norihiro]
• Added custom OBS widgets in preparation for larger UI updates [derrod/gxalpha/Warchamp7]
• Added preparations for Metal renderer (stay tuned!) [PatTheMav]
• Changed default bitrate from 2500 to 6000 Kbps [notr1ch]
• Changed the crash sentinel file location to its own subdirectory [PatTheMav]
• Improved audio deduplication logic to cover more cases of nested scenes, groups, and multiple canvases [pkv]
• Prevent audio duplication when sources are set to "Monitor and Output" while the monitoring device is also being captured [pkv]
• Updated the default settings for AMD encoders [rhutsAMD]
• Improved accuracy of chapter markers in Hybrid MP4/MOV [derrod]
• Re-hid the cursor in edit fields on macOS [gxalpha]
• Improved format selection for PipeWire video capture [tytan652]
• Removed workarounds to prevent loading Qt 5 based plugins [RytoEX]
• Removed the --disable-shutdown-check launch flag [PatTheMav]
• Hybrid MP4/MOV is now out of beta and has been made the default output format for new profiles [derrod]

32.0 Bug Fixes

• Potentially fixed a rare crash on macOS when moving or resizing the OBS window [PatTheMav]
• Fixed a crash with SRT when using an invalid URL [pkv]
• Fixed a crash when setting non-default pkt_size with SRT [pkv]
• Fixed a crash in Media Source when playback starts with certain video files [howellrl]
• Fixed a UI deadlock when opening source properties from the Sources list when the Windows setting 'Snap mouse to default button in dialog boxes' was enabled by adding a 200ms delay before creating the properties window [Warchamp7]
• Fixed a memory leak when trying to output Hybrid MP4 to a non-writeable location [norihiro]
• Fixed rare occurrence of multiview becoming blank [norihiro]
• Fixed SRT reconnection failures [pkv]
• Fixed overflow texture rendering sRGB-awareness [PatTheMav]
• Fixed incorrect color range property setting for AMD AV1 encoder [rhutsAMD]
• Fixed Hybrid MP4 file splitting not working correctly in some cases [derrod]
• Fixed not being able to capture higher than 60fps with macOS Screen Capture [jcm93]
• Fixed focus not displaying properly in hotkey settings on macOS [gxalpha]
• Fixed the scrollbar appearing invisible in Light and Rachni themes [shiina424]
• Fixed HEVC frame priority not being set correctly in some cases, potentially causing playback errors when dropping frames [dsaedtler]
• Fixed an issue that could result in increases to output latency after temporary encoder stalls [dsaedtler]
• Fixed an issue where Multitrack Video could still be enabled after switching from a service that supports it to one that does not [Penwy]
• Fixed an issue where GetGroupList with obs-websocket would return nothing [gxalpha]
• Removed a workaround for older Qt versions that prevented docks from loading correctly while OBS is maximized [RytoEX]

Checksums

OBS-Studio-32.0.4-Sources.tar.gz: d9e62ea24305fbfe14c69a6422de1525fe84da232df2cc0d7e4601a840bdbba8
OBS-Studio-32.0.4-Ubuntu-24.04-x86_64-dbsym.ddeb: 7cdc30ce70df76a0b1a0e6b33f612f8283d150c6072a8edf03ec0e6d86d9d93d
OBS-Studio-32.0.4-Ubuntu-24.04-x86_64.deb: b146f22a34888bb9854bd7574fc949b00043ba38d222da13f71c180050bf289b
OBS-Studio-32.0.4-Windows-arm64-PDBs.zip: 19a191edbaccbb35fd00ed2145f3cb911770ac4e6d4635d48233004ccab22ed5
OBS-Studio-32.0.4-Windows-arm64.zip: 89ff3f7a065089d6527837663d5fda79df64cffce480a129abe04d49745a204b
OBS-Studio-32.0.4-Windows-x64-Installer.exe: 46a18bce8e2ff662b700c91d340a519376e712fe0af0d335536e4f9fd253f10a
OBS-Studio-32.0.4-Windows-x64-PDBs.zip: 031a9183d754f1e0d3c1219cc8d977267e17cde9bef055dfd0dcd088a806fa85
OBS-Studio-32.0.4-Windows-x64.zip: fd367a7f156319426f1a600720c1288ad0011da168dff41e0f94dbb18cc1dc0f
OBS-Studio-32.0.4-macOS-Apple-dSYMs.tar.xz: 920f0df7770fd54f5f06ecaee4ac4324b44afd564b8b1f70ec105fa088306134
OBS-Studio-32.0.4-macOS-Apple.dmg: 7c056644636a794cb18281af98d54b5795ad8b0985e950d93b8c510b645b6298
OBS-Studio-32.0.4-macOS-Intel-dSYMs.tar.xz: 1ba9b861620783b9ccbd045e60cbe2caba06e60ca7d753aa56394ee4db50c2af
OBS-Studio-32.0.4-macOS-Intel.dmg: 7d610f5ab1c9d14290d827e449b2cc9ed99bb8b49a890d1cacf0611acebe44fa

Just in time for the holidays, another release packed with improvements to both music and video playback!

🏗️ Enhancements

• Add AV1 detection support for older Android versions #5186, by @clams4shoes
• Fix Vimu Player Integration #5187, by @dnewman1
• Add VC-1 to device direct play profile #5208, by @damontecres
• Disallow seeking when duration is unknown #5239, by @nielsvanvelzen
• Use AAC over HLS for music transcoding #5240, by @nielsvanvelzen

🔧 Bugfixes

• Fix/audio track selection v3 #5185, by @bin101
• Fix tinting in account switcher button fallback icon #5195, by @nielsvanvelzen

Contributors

• @nielsvanvelzen
• @bin101
• @clams4shoes
• @dnewman1
• @damontecres

What's Changed

New Features 🎉

• Get Localizations from Jellyfin & Apple by @JPKribs in #1490
• 10.10 - Create Version Warning by @JPKribs in #1574
• Add File Information to IdentifyItemView by @JPKribs in #1587
• Prioritize hevc over h264 for transcoding with native player by @thecosmicskye in #1582
• Make Text Static on Single Season by @JPKribs in #1585
• Allow Rewatch from Beginning by @JPKribs in #1593
• Person ItemView by @JPKribs in #1606
• ActiveSessionsView Cleanup by @JPKribs in #1614
• Subtitle Management by @JPKribs in #1583
• [tvOS] Add Marquee to handle long season names by @samglt in #1634
• PlayButton Cleanup by @JPKribs in #1651
• Limit Poster Image Quality by @JPKribs in #1648
• [iOS/tvOS] Use Marquee in Playbutton to show media source by @samglt in #1661
• Person ItemView by @JPKribs in #1616
• Create an Action ButtonStyle by @JPKribs in #1547
• Media Player by @LePips in #1581
• Cleanup, Music Videos, Videos by @LePips in #1708
• Mixed Library Support by @LePips in #1746
• optimize: Send media source id to playback info by @lostb1t in #1773
• [tvOS] Migration ActionButtons to a ButtonStyle by @JPKribs in #1688

Bug Fixes 🛠

• Admin Dashboard Cleanup by @JPKribs in #1567
• [iOS] Handle interruption notifications by @samglt in #1506
• Catch Empty FilterView by @JPKribs in #1584
• Fix user session crash by @LePips in #1595
• Fix Show Icon by @JPKribs in #1605
• Refresh ItemView on End of Playback by @JPKribs in #1589
• [iOS & tvOS] Fetch correct server from SwiftfinStore when updating server info by @samglt in #1623
• Resolve FlowLayout Height Calculations by @JPKribs in #1632
• [tvOS] Fix crash when editing server from user selection by @samglt in #1637
• [tvOS & iOS] Fix navigation to server edit screen by @samglt in #1636
• Only log failed CoreStoreLogger assertions by @samglt in #1635
• Keep updateServerInfo on main thread by @samglt in #1644
• Handle .tvShows UserViews Recursively by @JPKribs in #1645
• Fix ItemView Layout Issues for Uncached Images by @JPKribs in #1638
• Remove Non-Media Tracks from Video Player Dropdown by @JPKribs in #1653
• [iOS/tvOS] Fix subtitle size by @samglt in #1658
• [tvOS] Fix ChevronButton Title Alignment by @chickdan in #1678
• [iOS] Limit maximum subtitle size by @samglt in #1676
• [iOS/tvOS] Fix subtitle font setting not working by @samglt in #1697
• [iOS/tvOS] Fix user icons not changing between servers by @samglt in #1696
• [iOS] Invert subtitle size for new video player by @samglt in #1710
• [iOS] Fix audio/subtitle tracks not changing by @samglt in #1712
• Pin Transmission and fix severe hang by @LePips in #1719
• Change one instance of "ratings" string for "parentalRating" by @rasko-dev in #1723
• Settings Fixes by @JPKribs in #1724
• Fix Calendar Localizations by @JPKribs in #1732
• Chapters Fix by @LePips in #1742
• Fix Incorrect Icon for Subtitles by @chickdan in #1750
• [tvOS] tvOS 26 Fixes for Navigation & Updated Linting by @JPKribs in #1715
• Fix LiveTV Media Source by @LePips in #1796
• External Trailer Fix by @JPKribs in #1475
• Fix flickering issue when switching seasons on tvOS by @svrem in #1816
• Add video player router functionality to EpisodeCard for tvOS by @svrem in #1822

Other ⚙️

• Drop iOS 15 by @LePips in #1455
• iOS 16 README by @JPKribs in #1565
• Remove iOS 16 Backports by @JPKribs in #1566
• Replace WrappingHStack for FlowLayout by @JPKribs in #1569
• Convert groups to folders by @LePips in #1572
• Cleanup by @LePips in #1573
• Cleanup ParentalRating Usage by @JPKribs in #1571
• Remove TextPair/TextPairView for LabeledContent by @LePips in #1576
• Use xcconfig by @LePips in #1578
• Fix xcconfig DEVELOPMENT_TEAM by @LePips in #1579
• Fix logging by @LePips in #1594
• Cleanup ItemViews by @JPKribs in #1600
• Migrate to NavigationStack by @LePips in #1602
• Update action Xcode version by @LePips in #1604
• Fix PagingLibraryView runtime warnings by @LePips in #1607
• Coordinator .Sheet Cleanup by @JPKribs in #1609
• Cleanup Player Documentation by @JPKribs in #1610
• PosterButton refactoring and zoom transitions by @LePips in #1617
• Update Fastlane runner by @LePips in #1624
• Update Fastlane runner by @LePips in #1625
• Update Fastlane runner by @LePips in #1626
• [iOS] CinematicScrollView: Replace UIScreen bounds with GeometryReader by @samglt in #1646
• Fix Linting Errors in Main by @JPKribs in #1655
• [iOS] Remove UIScreen from CompactLogo & CompactPoster views by @samglt in #1656
• Cleanup iPadOS ItemView TODOs by @JPKribs in #1639
• Cleanup by @LePips in #1659
• [iOS/tvOS] Fix corner radius performance regression by @samglt in #1668
• Disable Liquid Glass/New Design Language by @chickdan in #1672
• Bump Introspect Version by @JPKribs in #1706
• Stateful macro by @LePips in #1714
• Stateful Macro - ActiveSessionsViewModel by @JPKribs in #1717
• Update CI by @LePips in #1716
• Stateful Macro - APIKeysViewModel & AddServerUserViewModel by @JPKribs in #1718
• Update Jellyfin API by @LePips in #1721
• Stateful Macro - Server Devices & Details by @JPKribs in #1720
• remove old logService and replace instances with new Logger.swiftfin() by @rasko-dev in #1744
• UserSignInViewModel to Stateful macro, various other work by @LePips in #1745
• Remove id guard by @lostb1t in #1751
• Bump Jellyfin SDK: 10.10 -> 10.11 by @JPKribs in #1772
• Update Bug Template by @JPKribs in #1778
• Update Feature Template by @JPKribs in #1780
• Update release.yml to categorize features and bugs by @JPKribs in #1790
• @Stateful - ServerActivityDetailViewModel by @JPKribs in #1782
• Label Cleanup by @JPKribs in #1730
• [tvOS] Deeplink Cleanup by @JPKribs in #1797
• #1799 Replace .text Usages by @hqueiroga in #1806
• Version Documentation by @JPKribs in #1802
• #1801 Replace seconds.formatted(.hourMinute) Usages by @hqueiroga in #1807
• ErrorView Cleanup by @JPKribs in #1798
• Fix Stateful to version, clamp playback, update Fastlane runner by @LePips in #1837
• Fix Connect server button, update packages by @LePips in #1840
• Revert using local fastlane by @LePips in #1841

New Contributors

• @thecosmicskye made their first contribution in #1582
• @hqueiroga made their first contribution in #1806
• @svrem made their first contribution in #1816

Full Changelog: 1.3...1.4

• View downloads
• View release notes

• View downloads
• View release notes

• View downloads

nginx-1.29.4 mainline version has been released, featuring HTTP/2 to backend and Encrypted ClientHello support.

1. Fix the boot issue for openSUSE 16.0 (#3379)
2. Experimental support for btrfs file system. (#3438 #3431 #3077 #2093).
   a) Only support NO RAID mode (single mode).
   b) ISO file can NOT be compressed.
   Please refer About btrfs for details.
3. Fix the issue that persistence plugin does not work for latest Arch Linux (#3407)
4. Fix VentoyPlugson WebUI display bugs. (#3252)

==================================================================
Wana boot and install OS through network (PXE)? Welcome to my new project iVentoy.

About iVentoy https://www.iventoy.com/
iVentoy is an enhanced version of the PXE server.
Extremely easy to use
Many advanced features
x86 Legacy BIOS, IA32 UEFI, x86_64 UEFI and ARM64 UEFI mode supported
110+ common types of OS supported (Windows/WinPE/Linux/VMware)
......

SHA-256

1fef1e804d4d963c1cff7a6dca7758be503a08b101fc8440d85270acd0767493  ventoy-1.1.09-linux.tar.gz
4bcafc308a8be5bd944255641e63cc3cbb78aaa62de388bc6eb59e5b77dd20f3  ventoy-1.1.09-livecd.iso
ff531a78d60c604cee67d56d02102a1147e647d0fb8fb8516f77712d05d5b99d  ventoy-1.1.09-windows.zip

 The Extended Stable channel has been updated to 142.0.7499.235 for Windows and Mac which will roll out over the coming days/weeks.

Bugfixes and minor changes:

• FTP: Fix a crash processing the ABOR command
• MSW: silent installations now automatically back up configuration files in cases where the interactive installer would prompt the user to do so.

The Stable channel has been updated to 143.0.7499.109/.110 for Windows/Mac  and 143.0.7499.109 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log.

Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

This update includes 3 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[N/A][466192044] High CVE-2025-14174: Out of bounds memory access in ANGLE. Reported by Apple Security Engineering and Architecture (SEAR) and Google Threat Analysis Group on 2025-12-05

[$2000][460599518] Medium CVE-2025-14372: Use after free in Password Manager. Reported by Weipeng Jiang (@Krace) of VRI on 2025-11-14

[$2000][461532432] Medium CVE-2025-14373: Inappropriate implementation in Toolbar. Reported by Khalil Zhani on 2025-11-18

Google is aware that an exploit for CVE-2025-14174 exists in the wild.

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.

Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Important

We recommend running CasparCG 2.5 on CPUs which support AVX2. Officially Chrome claims to require AVX2, and it is required for some of our in-progress HDR support.
Intel CPUs based on Haswell or later support this, which were first released to consumers in 2013, or 2014 for servers.

Starting with CasparCG 2.6, this will become a requirement.

Make sure to install the latest MSVC runtime, the compiler update requires a newer version than 2.4 https://aka.ms/vc14/vc_redist.x64.exe

Core

Improvements

• Initial support for HDR. This is limited to a subset of producers and consumers at this stage.
• Build for Windows with VS2022
• Rework linux builds to produce ubuntu deb files
• Update ffmpeg to 7.0
• Reimplement mixer transforms, to handle routes correctly
• Support more pixel formats from ffmpeg, to preserve colour accuracy better
• Support running on headless linux
• Transitions: Additional behaviours

Fixes

• Build with boost 1.85/1.86/1.87/1.88
• Build with ffmpeg 7.1
• Only produce mixed frames on channels which have consumers
• Routed channels not compositing correctly when channel used a MIXER KEY
• Handle audio for fractional framerates properly
• Gracefully exit on SIGINT and SIGTERM

Producers

Improvements

• FFmpeg: Support loading with a scaling-mode, to configure how clips get fit into the channel
• FFmpeg: Support more pixel formats without cpu conversion
• FFmpeg: Enable alpha for webm videos
• Image: Support loading with a scaling-mode, to configure how images get fit into the channel
• Image: Replace freeimage with ffmpeg
• HTML: Update CEF to 142
• HTML: Support audio

Fixes

• Route: Use full field rate when performing i->p channel route
• HTML: Gracefully handle page load errors
• HTML: Always set cache path

Consumers

Improvements

• Screen: Set size and position from AMCP
• Screen: Improve performance
• Image: Propagate AMCP parameters from PRINT command
• FFmpeg: Remove unnecessary forced conversion to YUVA422
• Decklink: Support explicit yuv output (requires AVX2)
• Decklink: Allow selecting device by hardware persistent id

Fixes

• FFmpeg: Correctly handle PTS on frame drop

Full Changelog: v2.4.3-stable...v2.5.0-stable

📦 Downloads available at

• https://user.bitfocus.io/download

💵 Donate to the project at

• open collective https://opencollective.com/companion

Companion v4.2.0 - Release Notes

This is a slightly smaller release than usual, focussing more on smaller improvements.

End of support for macOS 11

This version of Companion requires macOS 12 or later

Rebuilt Documentation

The Companion User Guide has been rewritten to use a new rendering system.

This allows us to host a new publicly available version of the documentation online which is versioned per release, as well as building it in a simplified form within Companion

The new tools allow us to do more with the documentation and will make it easier for us to keep up to date too!

Improved Expression Editor

The expression editor input field has been rebuilt, making it easier to use with functionality you would expect from a code editor. This includes functions and keyword suggestions, and better handling of multi-line expressions.

And more

• The old xkeys $(internal:tbar) and similar variables have been removed, and they should now be bound to custom variables in the config of each surface (#3716)
• Require macos 12
• Convert docs to docusaurus (#3741)
• Rebuild emulator pincode locking
• Add options to to restrict page access (#3736)
• Enhanced expressions:
  • Improved expression editor (#3713)
  • More formatting for timestamp (#3668)
  • Handle negative value in msToTimestamp (#3651)
  • Support local variables in step expressions #3762
  • Expressions better handle undefined. add getVariable method #3451 (#3715)
• Refined connection management:
  • Reworked connection config layout #3559 (#3569)
  • Rework changing connection versions, to remove need to disable module first
  • Add delete button to connection edit panel
  • Allow changing connection enabled state from config panel
  • Indicate connections missing modules in sidebar
• Surface improvements:
  • Merge surface remote and discover pages (#3677)
  • Support resolve speed editor #3525
  • Support more variants of Mirabox 293S
  • Support for Mirabox Streamdock N3 (#3686)
  • Add repeating button-presses to contour-shuttle shuttle ring (#3492)
  • Improve vec-footpedal surface implementation
  • Support complex surface layouts over satellite api (#3611)
  • Support swipe to change page on Stream Deck + (#3721)
  • Support touch strip variables for Loupedeck Live (#3790)
• Draw button 'error' state as a red warning triangle (#3675)
• Remove deprecated bank field from tcp bank_bg_change message #2779
• Include timestamps and source in module debug logs
• Add version number variables #3714
• Rework update check api, improving reliability

🐞 BUG FIXES

• ember+ api issues with some clients
• limit env vars passed to modules
• improve error handling for module executeAction
• "Sentry DSN not located" error in launcher (#3758)
• Align the display name of surface_set_position with the UI terminology (#3761)
• Avoid flooding modules with large objects, batch entity updates to resolve issues with large configs
• preserve original types of custom variable values from osc and ember+ apis
• improve version number handling for release vs beta builds
• Page up button/Page down button don't set page-history (#3683)
• Reduce frequency of pincode lock state logging (#3792)
• Loupedeck Live pincode lock layout

Full Changelog: v4.1.6...v4.2.0

⚠️ Potential Breaking Changes

• @directus/stores
  • Removed sidebar states from app store (#26259 by @rijkvanzanten)

✨ New Features & Improvements

• @directus/app
  • Added support for downloading multiple files and entire folder trees (#26006 by @Nitwel)
  • Added AI chat sidebar (#26259 by @rijkvanzanten)
  • Added support for float intervals and min/max warnings for number inputs (#26190 by @gaetansenn)
  • Made both sidebars resizable (#26259 by @rijkvanzanten)
  • Added header interface (#26302 by @AlexGaillard)
• @directus/api
  • Added support for downloading multiple files and entire folder trees (#26006 by @Nitwel)
  • Added AI chat sidebar (#26259 by @rijkvanzanten)
• @directus/types
  • Added support for downloading multiple files and entire folder trees (#26006 by @Nitwel)
  • Added AI chat sidebar (#26259 by @rijkvanzanten)
• @directus/utils
  • Added support for downloading multiple files and entire folder trees (#26006 by @Nitwel)
  • Moved fetchRolesTree,fetchGlobalAccess, fetchGlobalAccessForUser and fetchGlobalAccessForRoles to the public utility package (#26248 by @ComfortablyCoding)
• @directus/sdk
  • Added support for downloading multiple files and entire folder trees (#26006 by @Nitwel)
• @directus/system-data
  • Added AI chat sidebar (#26259 by @rijkvanzanten)
• @directus/errors
  • Added AI chat sidebar (#26259 by @rijkvanzanten)
• @directus/themes
  • Added AI chat sidebar (#26259 by @rijkvanzanten)

🐛 Bug Fixes & Optimizations

• @directus/app
  • Fixed an issue where input focus ring disappears on hover (#26315 by @formfcw)
  • Fixed display template not appearing for relations inside translations on new items (#26219 by @gaetansenn)
  • Ensured the created revision uses the correct label (#26289 by @vizzv)
  • Added reactive primaryKey prop to useFlows composable (#26287 by @AlexGaillard)
• @directus/api
  • Added redirect validation (#26346 by @br41nslug)
  • Moved fetchRolesTree,fetchGlobalAccess, fetchGlobalAccessForUser and fetchGlobalAccessForRoles to the public utility package (#26248 by @ComfortablyCoding)
  • Updated synchronization of remotely stored extensions (#26192 by @br41nslug)
  • Fixed missing accountability for files.upload when TUS is enabled (#26247 by @br41nslug)
• @directus/types
  • Moved fetchRolesTree,fetchGlobalAccess, fetchGlobalAccessForUser and fetchGlobalAccessForRoles to the public utility package (#26248 by @ComfortablyCoding)
  • Updated synchronization of remotely stored extensions (#26192 by @br41nslug)
• @directus/storage-driver-cloudinary
  • Updated synchronization of remotely stored extensions (#26192 by @br41nslug)
• @directus/storage-driver-supabase
  • Updated synchronization of remotely stored extensions (#26192 by @br41nslug)
• @directus/extensions-sdk
  • Updated esbuild dependency from 0.25.12 to 0.26.0 (#26215 by @dependabot)
• @directus/system-data
  • Updated esbuild dependency from 0.25.12 to 0.26.0 (#26215 by @dependabot)
• @directus/sdk
  • Updated esbuild dependency from 0.25.12 to 0.26.0 (#26215 by @dependabot)
• @directus/themes
  • Made both sidebars resizable (#26259 by @rijkvanzanten)
• @directus/utils
  • Preserved Error when passed to run-script operation (#26234 by @gaetansenn)
• @directus/composables
  • Set default sidebar shadow to false (#26259 by @rijkvanzanten)

📦 Published Versions

• @directus/app@14.4.0
• @directus/api@32.2.0
• @directus/composables@11.2.8
• create-directus-extension@11.0.24
• @directus/env@5.3.3
• @directus/errors@2.1.0
• @directus/extensions@3.0.15
• @directus/extensions-registry@3.0.15
• @directus/extensions-sdk@17.0.4
• @directus/memory@3.0.13
• @directus/pressure@3.0.13
• @directus/schema-builder@0.0.10
• @directus/storage-driver-azure@12.0.13
• @directus/storage-driver-cloudinary@12.0.13
• @directus/storage-driver-gcs@12.0.13
• @directus/storage-driver-s3@12.0.13
• @directus/storage-driver-supabase@3.0.13
• @directus/stores@2.0.0
• @directus/system-data@3.5.0
• @directus/themes@1.2.0
• @directus/types@13.5.0
• @directus/utils@13.1.0
• @directus/validation@2.0.13
• @directus/sdk@20.3.0

nginx-1.29.4 mainline version has been released, featuring HTTP/2 to backend and Encrypted ClientHello.

📦 Downloads available at

• https://user.bitfocus.io/download

💵 Donate to the project at

• open collective https://opencollective.com/companion

Companion v4.1.6 - Release Notes

🐞 BUG FIXES

• Setting local variables for another control failing #3813
• Unable to select module beta version for connection #3815
• Suppress some logged errors about local variable names
• Avoid spamming log with surface lock state messages #3792

Full Changelog: v4.1.5...v4.1.6

Security Release

• Update Instructions
• Update details on blog

BookStack v25.11.6 has been released.

This is a security release to address a vulnerability in our dependencies related to XML
handling, which could allow users to replay SAML authentication requests with specially crafted & manipulated requests.

It's strongly advised to update if you're using SAML authentication for BookStack.

Full List of Changes

• Updated application PHP dependencies.

If you’re ever in need of a device that works great with Home Assistant, well, I have just the program for you. Works with Home Assistant is our certification program that ensures devices work seamlessly and locally, all with brands that back them up.

Did you know that this year the Works with Home Assistant program has certified 12 partners across 12 months? That’s more than were certified in the two years since the program launched in 2022! The full list of devices is insanely long now (luckily, we made it searchable). To make all this happen over just one year, a lot of important things have been happening behind the scenes.

Moving to a non-profit foundation

In August 2024, the Open Home Foundation took over Works with Home Assistant. This helped reinforce that this program is not a commercial venture: it exists solely to connect our users with brands that support the foundation’s core values of privacy, choice, and sustainability.

When we moved it over to the foundation, we also took that chance to beef-up our processes, with robust legal contracts that ensure every partner who joins the program formally commits to things like offering users long-term support and easy updates.

It’s all about the devices

When we started the program we certified brands, but now we certify devices. This means you know exactly which sensors, switches, or other gadgets have been rigorously tested by us to ensure the best experience with Home Assistant. Each certified device has to work locally, without the need for cloud subscriptions or control.

We can now certify in phases, rather than overwhelming our testers with a truckload of devices in order to launch one partner. Also, if a manufacturer has one device that is cloud-controlled, it doesn’t blacklist any remaining items they have that could operate perfectly well locally. It sometimes means that sometimes your favorite devices aren’t part of the first wave of certification but, trust us, the partners check the comments 😉.

Making it easy to find certified devices

Here’s a conundrum: the more products that are certified, the harder it is for you to see and find them. The good news is I think we’ve cracked it!

Last week, we published the first version of our new searchable certified device list. Previously, you’d have to hunt around for info by checking the integration page or digging through launch blogs to see if a device was certified. Now, certified devices are kept up to date in one central, easy-to-use location, with extra information on the region they’re available in, the protocol we’ve certified them under, and notes about any secondary functionality we’re still working on.

So many (useful) columns!

The badge had a makeover

Every certified device earns the right to display our badge on its packaging, proudly announcing it Works with Home Assistant. If you’re not part of the program, you’re not allowed to use the Home Assistant logo. We used to have different versions of the badges depending on whether the device used Matter, Zigbee, or Z-Wave, and so on, but – let’s be honest – they were overcomplicated and impossible to actually read on a box!

Since the badge is such an important signal when you’re browsing products, we decided to simplify it and focus purely on that mark of quality. Now we have just two versions: a color badge and a monochrome design that are easier to read on any packaging.

We love to see the new badge being used IRL!

Companies of all sizes

For 2025, our goal was simple: we wanted both the big names and passionate community projects to be able to join. Yes, we’re thrilled to have major smart home players such as Shelly and Reolink committing to the program, but it’s equally important for us to connect with smaller, community-built projects – the start-ups or developers who keep open source at the heart of everything they do, like AirGradient and Apollo Automation.

This commitment to inclusivity is a big reason why we keep the annual fee for joining the program deliberately low, at only 500 CHF (per partner, not device) per year. We want to ensure being part of Works with Home Assistant is achievable for everyone who shares our vision.

Some of our team visiting the Apollo booth at IFA Berlin in September.

Improving testing

Testing hasn’t always been perfect – we knew we needed to make improvements, and the community has been amazing in helping us find things we need to look at. Like everything we do, we learn as we go, we iterate, and we improve. Previously, everyone was testing in their own way, but now we’ve standardized the way we test and give feedback to partners. This means testing is more consistent, exacting, and able to handle higher volumes – one of the reasons why we’ve been able to increase the number of devices we’ve certified so radically!

A lot of devices that come across our desks don’t pass certification, and it’s often due to organizations not fully understanding the requirements of joining. While this can vary greatly depending on the device and protocol, it was clear we needed to be more transparent. So as well as publishing our Works with Home Assistant Working Group Resolution, we’re also publishing further testing information: this sample testing report for a simple smart plug shows you the process we follow.

Keeping Home Assistant on the bleeding edge

Because we get to see and test new devices in advance, and receive feedback from our certified partners as part of the process, we have a sneak peek into what vendors have in mind for 2026 and beyond. This allows us to look at our product roadmap and see where we need to realign with innovations in the market. By testing today’s devices, we’re guiding tomorrow’s Home Assistant features!

Spot one of the certified cameras in our State of the Open Home segment

What can be controlled in Home Assistant

A core aim of the program is to ensure all certified devices have their “key functionality” available within Home Assistant. So how do we decide what aspects are controllable in Home Assistant and what doesn’t make the cut?

1. Key: First, we look at the functionality as a whole. Let’s use a door lock for example. The door should lock and unlock from within Home Assistant. That’s key functionality, get it? 😉
2. Secondary: If the lock also chimes when it locks or unlocks, we think of that as “secondary” functionality. We recommend that the manufacturer has it as an “exposed feature” in Home Assistant, so you can turn it off during quiet hours for example, but it wouldn’t block certification.
3. We have to look at what’s actually supported by the open standard that we’re testing against too. If a feature is not currently supported by the specification, there’s no way for the manufacturer to actually implement it. This is one of the major challenges in certifying against ‘younger’ specifications such as Matter.

We use our best judgment on this, but we also want your feedback, because everyone has a slightly different point of view, even within our team and testers – so look out for our user research requests, or please share your thoughts in our comments below!

Connecting with our community

For all this talk of testing, Works with Home Assistant is primarily about people and partnerships! As a foundation, we’re focused on making sure the program stays deeply connected with the community it serves, both online and in person.

We’ve been stepping up our presence at meetups and events around the world, so we can share the latest developments and gather your valuable feedback. From gigantic trade shows like CES in Las Vegas to small, local get-togethers, you can expect to see us there! We also want to do this online, so you can ask partners questions on streams, or in comments – keep an eye out for more of this in future.

San Diego Meetup

On to 2026

So that was 2025 in a (big) nutshell. As for 2026, we want to kick it off with some wonderful Zigbee partners we’ve been working really hard on – particularly after the awesome launch of Connect ZBT-2. Even though Zigbee is one of the longest-established protocols, it’s actually one of the hardest for us to test and certify because so many devices operate outside the official specification. This means our team and partners do a lot of prep to get them to a testable state – but in doing so we’re driving big improvements in functionality for everyone!

We also want to improve coverage globally, so, regardless of region, everyone who uses Home Assistant has a good range of certified options to choose from. This means we’re actively seeking partners who will cover regions outside of Europe and North America for everyday essentials like smart plugs and lighting.

As ever, everything coming up will be covered right here – so stay tuned for updates… and here’s to certifying many more devices in 2026! 🎉🥳🎊