Normale weergave

Ontvangen — 26 Maart 2026

OpenVINO AI Plugins are now available for macOS

✇Audacity
26 Maart 2026 om 23:05

OpenVINO AI Plugins are now available for macOS

By Leo Wattenberg

Wednesday, June 11, 2025

With Audacity 3.7.4, we finally are adding macOS support to the Intel OpenVINO AI plugins. Once you’ve downloaded Audacity 3.7.4 and downloaded the OpenVINO plugins (and installed both), you should find them in Effects → OpenVINO AI Effects.

As a reminder, these effects are completely free and run on your own machine, no internet connection required.

The following effects are available:

  • Music separation
    Separate a mono or stereo track into individual stems -- Drums, Bass, Vocals, & Other Instruments.
  • Noise suppression
    Reduce background noise in a recording. Works best on spoken word audio.
  • Music generation and continuation
    Uses MusicGen LLM to generate snippets of music, or to generate a continuation of an existing snippet of music.
  • Whisper transcription
    Transcribe audio to text using OpenAI's Whisper model. Tip: You can export the resulting label track as a subtitle file via File → Export other → Export labels.
  • Audio Super resolution
    Increase the sampling rate of an audio signal – in other words, it upsamples audio to improve its fidelity, clarity, or compatibility with high-resolution standards. Useful for older 8kHz recordings, such as telephone calls.

Feedback wanted

As this is the first release of these plugins for macOS, we’re considering them to be a beta of sorts: While we’ve tested them on our machines, there’s only so many devices flying about in our team. Thus, if you’ve got moment to try and test them on yours, we’d be greatful. We’re especially interested in the following information:

  • Did the effects you tried work?
  • What kind of mac model (year; Intel or Apple Silicon) and OS version are you using?
  • What kind of binary are you using? (Apple Silicon/ARM or Intel/x64)
  • Did you run into any trouble during the process of installing or using the plugins?

You can send us this feedback through various channels:

How to download & release notes

You can download Audacity 3.7.4 here and the OpenVINO plugin there. We will also have them show up in the Get Effects button inside Audacity in the near future.

From our testing, it appears that in some cases, the Intel binaries perform better, even on Apple Silicon macs. You may want to experiment with what binary you use.

The model downloader and installer supports macOS 12 onwards. If you compile from source or get the models from elsewhere, you might be able to get it running from OSX 10.15 (Intel macs) or macOS 11 (Apple Silicon macs) as well.

  •  
  • ↗️

Audacity turns 25 years old!

✇Audacity
26 Maart 2026 om 23:05

Audacity turns 25 years old!

By Leo Wattenberg

Wednesday, May 28, 2025

On this day, 25 years ago, the very first public version of Audacity was released, Audacity 0.8.

Audacity 0.8 was very different to what we have today: It couldn’t record, it couldn’t use plugins, and it could only export as WAV, AIFF, SF and AU.

A picture of Audacity 0.8, showing a very sparse UI with practically no features. Only Amplify, Echo and Fade in/out are available as effects.

Since then, a lot has happened. Audacity 1.0 was released two years later, sporting a logo and layout that’s still recognizable today. PCs have turned notably less boxy and beige, and are much faster as well. They’re so fast in fact, that many features which would have been unthinkable 25 years ago are now very much possible - and even expected. We have worked tirelessly to improve Audacity’s audio editing capabilities, adding features like realtime effects, non-destructive edits and time stretching, a master channel and even some AI-powered effects which are actually useful.

If you’re curious to learn more about Audacity’s history, our product owner Martin Keary released a video about it when he took over, and our designer Leo Wattenberg ran Audacity’s source code through a visualizer to show the evolution of files within Audacity.

What’s next for Audacity

We’re planning to release another minor patch (Audacity 3.7.4) in the next couple weeks, which among various bug fixes finally brings aforementioned AI effects to macOS.

In addition to that, we’re still working hard on Audacity 4.0, which won’t be quite yet a DAW – but will tackle a lot of UX snags, which made Audacity so far more annoying to use than necessary. We will soon post an update on what to expect exactly for Audacity 4.0.

Let’s celebrate with Audacity merch!

After 25 years of making it rather difficult to send any money our way, we finally have opened up a merch store at merch.audacityteam.org. Every purchase made will help support our full-size development team, and accelerate Audacity’s progress to becoming not just the free option for audio editing - but the best option.

We’ll add more designs over the coming months - follow us on YouTube or join our Discord to get notified when new merch drops!

  •  
  • ↗️

Audacity 3.7

✇Audacity
26 Maart 2026 om 23:05

Audacity 3.7

By Leo Wattenberg

Wednesday, October 30, 2024

Audacity 3.7 has been released!

It features everyone’s favorite “bug fixes and performance improvements”. See the full changelog for details.

Other than that ­– there’s nothing exciting to see here. Which in itself is exciting! The reason for this very thin release is that we’ve focused most of our attention towards Audacity 4.0 instead! Audacity 4 will feature a complete remake of the UI and is still quite some ways out. We’ll update you on scope and progress on that over the coming months.

In the meantime: Check out the MuseHub for some cool plugins.

  •  
  • ↗️

Asterisk Release certified-22.8-cert2

✇Asterisk
Door: asteriskteam
26 Maart 2026 om 21:11

The Asterisk Development Team would like to announce
the release of Certified asterisk-22.8-cert2.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/certified-22.8-cert2
and
https://downloads.asterisk.org/pub/telephony/certified-asterisk

Repository: https://github.com/asterisk/asterisk
Tag: certified-22.8-cert2

This release resolves issues reported by the community
and would have not been possible without your participation.

Thank You!

Change Log for Release asterisk-certified-22.8-cert2

Links:

Summary:

  • Commits: 1
  • Commit Authors: 1
  • Issues Resolved: 1
  • Security Advisories Resolved: 0

User Notes:

Upgrade Notes:

Developer Notes:

Commit Authors:

  • Mike Bradeen: (1)

Issue and Commit Detail:

Closed Issues:

  • 1833: [bug]: Address security vulnerabilities in pjproject

Commits By Author:

  • Mike Bradeen (1):

    • res_pjsip: Address pjproject security vulnerabilities

Commit List:

  • res_pjsip: Address pjproject security vulnerabilities

Commit Details:

res_pjsip: Address pjproject security vulnerabilities

Author: Mike Bradeen
Date: 2026-03-25

Address the following pjproject security vulnerabilities

GHSA-j29p-pvh2-pvqp - Buffer overflow in ICE with long username
GHSA-8fj4-fv9f-hjpc - Heap use-after-free in PJSIP presense subscription termination header
GHSA-g88q-c2hm-q7p7 - ICE session use-after-free race conditions
GHSA-x5pq-qrp4-fmrj - Out-of-bounds read in SIP multipart parsing

Resolves: #1833

  •  
  • ↗️

Asterisk Release certified-20.7-cert10

✇Asterisk
Door: asteriskteam
26 Maart 2026 om 21:09

The Asterisk Development Team would like to announce
the release of Certified asterisk-20.7-cert10.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/certified-20.7-cert10
and
https://downloads.asterisk.org/pub/telephony/certified-asterisk

Repository: https://github.com/asterisk/asterisk
Tag: certified-20.7-cert10

This release resolves issues reported by the community
and would have not been possible without your participation.

Thank You!

Change Log for Release asterisk-certified-20.7-cert10

Links:

Summary:

  • Commits: 1
  • Commit Authors: 1
  • Issues Resolved: 1
  • Security Advisories Resolved: 0

User Notes:

Upgrade Notes:

Developer Notes:

Commit Authors:

  • Mike Bradeen: (1)

Issue and Commit Detail:

Closed Issues:

  • 1833: [bug]: Address security vulnerabilities in pjproject

Commits By Author:

  • Mike Bradeen (1):

    • res_pjsip: Address pjproject security vulnerabilities

Commit List:

  • res_pjsip: Address pjproject security vulnerabilities

Commit Details:

res_pjsip: Address pjproject security vulnerabilities

Author: Mike Bradeen
Date: 2026-03-24

Address the following pjproject security vulnerabilities

GHSA-j29p-pvh2-pvqp - Buffer overflow in ICE with long username
GHSA-8fj4-fv9f-hjpc - Heap use-after-free in PJSIP presense subscription termination header
GHSA-g88q-c2hm-q7p7 - ICE session use-after-free race conditions
GHSA-x5pq-qrp4-fmrj - Out-of-bounds read in SIP multipart parsing

Resolves: #1833

  •  
  • ↗️

Asterisk Release 21.12.2

✇Asterisk
Door: asteriskteam
26 Maart 2026 om 20:54

The Asterisk Development Team would like to announce
the release of asterisk-21.12.2.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/21.12.2
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 21.12.2

This release resolves issues reported by the community
and would have not been possible without your participation.

Thank You!

Change Log for Release asterisk-21.12.2

Links:

Summary:

  • Commits: 1
  • Commit Authors: 1
  • Issues Resolved: 1
  • Security Advisories Resolved: 0

User Notes:

Upgrade Notes:

Developer Notes:

Commit Authors:

  • Mike Bradeen: (1)

Issue and Commit Detail:

Closed Issues:

  • 1833: [bug]: Address security vulnerabilities in pjproject

Commits By Author:

  • Mike Bradeen (1):

    • res_pjsip: Address pjproject security vulnerabilities

Commit List:

  • res_pjsip: Address pjproject security vulnerabilities

Commit Details:

res_pjsip: Address pjproject security vulnerabilities

Author: Mike Bradeen
Date: 2026-03-25

Address the following pjproject security vulnerabilities

GHSA-j29p-pvh2-pvqp - Buffer overflow in ICE with long username
GHSA-8fj4-fv9f-hjpc - Heap use-after-free in PJSIP presense subscription termination header
GHSA-g88q-c2hm-q7p7 - ICE session use-after-free race conditions
GHSA-x5pq-qrp4-fmrj - Out-of-bounds read in SIP multipart parsing

Resolves: #1833

  •  
  • ↗️

Asterisk Release 22.9.0-rc1

✇Asterisk
Door: asteriskteam
26 Maart 2026 om 20:39

The Asterisk Development Team would like to announce
release candidate 1 of asterisk-22.9.0.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/22.9.0-rc1
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 22.9.0-rc1

This release resolves issues reported by the community
and would have not been possible without your participation.

Thank You!

Change Log for Release asterisk-22.9.0-rc1

Links:

Summary:

  • Commits: 48
  • Commit Authors: 20
  • Issues Resolved: 31
  • Security Advisories Resolved: 0

  •  
  • ↗️

Asterisk Release 23.3.0-rc1

✇Asterisk
Door: asteriskteam
26 Maart 2026 om 20:31

The Asterisk Development Team would like to announce
release candidate 1 of asterisk-23.3.0.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/23.3.0-rc1
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 23.3.0-rc1

This release resolves issues reported by the community
and would have not been possible without your participation.

Thank You!

Change Log for Release asterisk-23.3.0-rc1

Links:

Summary:

  • Commits: 48
  • Commit Authors: 20
  • Issues Resolved: 31
  • Security Advisories Resolved: 0

  •  
  • ↗️

Asterisk Release 20.19.0-rc1

✇Asterisk
Door: asteriskteam
26 Maart 2026 om 20:31

The Asterisk Development Team would like to announce
release candidate 1 of asterisk-20.19.0.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/20.19.0-rc1
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 20.19.0-rc1

This release resolves issues reported by the community
and would have not been possible without your participation.

Thank You!

Change Log for Release asterisk-20.19.0-rc1

Links:

Summary:

  • Commits: 48
  • Commit Authors: 20
  • Issues Resolved: 31
  • Security Advisories Resolved: 0

  •  
  • ↗️

v25.12.2

✇OpenWrt
Door: github-actions[bot]
27 Maart 2026 om 14:52

Hi,

The OpenWrt community is proud to announce the second service release of the OpenWrt 25.12 stable series.

Download firmware images using the OpenWrt Firmware Selector:

Download firmware images directly from our download servers:

Main changes between OpenWrt 25.12.1 and OpenWrt 25.12.2

Only the main changes are listed below. See the full changelog for details.

Device support

  • airoha: rename kernel module kmod-pwm-an7581 to kmod-pwm-airoha — users with this module explicitly installed need to reinstall under the new name
  • apm821xx: fix U-Boot environment definitions for NETGEAR WNDR4700, Western Digital MyBookLive, Meraki MR24 and Meraki MX60; fix PCIe boot failure on Meraki MX60
  • ath79: fix initramfs boot for Huawei AP5030DN and AP6010DN
  • ath79: fix VLAN CPU port tagging on 2-CPU-port devices (affects several dual-CPU switch configurations)
  • ath79: remove incorrectly included WiFi packages from Mikrotik RB750r2 (device has no WiFi hardware)
  • ipq40xx: fix ART partition name for Linksys Velop WHW03 V1 — restores correct WiFi calibration data access
  • ipq40xx: fix MAC address reading for Linksys devices using eMMC-based NVMEM
  • lantiq: xrx200: fix failsafe mode on BT HomeHub 5A — LAN ports 1 & 2 now work correctly in failsafe (#22480)
  • mediatek: Bananapi BPI-R4: fix SFP+ electric module support — modules that stopped working after a snapshot upgrade are now functional again (#19878)
  • ramips: fix kernel decompress error that bricked ELECOM WRC-X1800GS on 25.12.0 (#22270)
  • ramips: fix initramfs kernel load address for TP-Link EAP615-Wall v1
  • ramips: fix MAC address assignment for Xiaomi Mi AC2100
  • realtek: fix D-Link fan control script

WiFi fixes and improvements

  • wifi-scripts: fix 160 MHz channel width configuration — hostapd was not correctly configured for 160 MHz, preventing its use (#22481)
  • wifi-scripts: fix SU beamformee antenna count — incorrect count was passed to the driver
  • hostapd: fix memory leak in Radio Resource Management (RRM) ubus interface
  • mac80211: ath12k: add thermal sensor support for QCA/IPQ devices
  • mac80211: ath9k: fix GPIO mask handling from device tree
  • mt76: fix severe WiFi latency regression (up to multiple seconds) on 2.4 GHz introduced in 25.12.1 — affected many MediaTek devices including OpenWrt One, Zyxel EX5601, ASUS RT-AX53U, Xiaomi AX3000T/AX6000, Cudy WR3000/X6, GL Flint 2 and others (#22491)
  • mt76: multiple further stability fixes for MediaTek WiFi chipsets (MT7615/MT7915/MT7996/MT7992/MT792x):
    • add per-link beacon monitoring for MLO (Multi-Link Operation)
    • fix MT7996/MT7992 link handling during MLO station add/remove
    • fix scan work requeue race with spinlock

Upgrading to 25.12.2

Upgrading from 24.10 to 25.12 should be transparent on most devices, as most configuration data has either remained the same or will be translated correctly on first boot by the package init scripts.
For upgrades within the OpenWrt 25.12 stable series, Attended Sysupgrade is also supported, which allows preserving the installed packages.

  • Sysupgrade from 23.05 or earlier to 25.12 is not officially supported.

  • Cron log level was fixed in busybox. system.@system[0].cronloglevel should be set to 7 for normal logging. 7 is the default now. If this option is not set, the default is used and no manual action is needed. fc0c518

  • Bananapi BPI-R4: Interface eth1 was renamed to sfp-lan or lan4, and interface eth2 was renamed to sfp-wan to match the labels. You have to upgrade without saving the configuration. cd8dcfe

  • TP-Link RE355 v1, RE450 v1 and RE450 v2: The partition layout and block size changed in this release to fix configuration loss on sysupgrade. Users upgrading from OpenWrt 25.12.0 or earlier must use sysupgrade -F to force the upgrade. The image must not exceed 5.875 MB (6016 KiB).

  • Meraki MX60: Direct sysupgrade to 25.12.2 is not possible without manual preparation — meraki_loadaddr must be changed before upgrading, as the default value is insufficient to boot OpenWrt 25.12+. See the device wiki page for instructions.

Known issues

  • Zyxel EX5601-T0: the WAN interface was renamed from eth1 to wan — check and update your network configuration after upgrading.
  • Pixel 10 phones have problems connecting to WPA3-protected WiFi 6 APs. #21486
  • 802.11r Fast Transition (FT) causes connection problems with some WiFi clients when WPA3 is used. #22200
  • SQM CAKE MQ (cake_mq): throughput may be unexpectedly low on some configurations after the scheduler fixes in this release. #22344

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/25.12/notes-25.12.2

In particular, make sure to read the known issues before upgrading:
https://openwrt.org/releases/25.12/notes-25.12.2#known_issues

For a detailed list of all changes, refer to
https://openwrt.org/releases/25.12/changelog-25.12.2

To download the 25.12.2 images, navigate to:
https://downloads.openwrt.org/releases/25.12.2/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org?version=25.12.2

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

  •  
  • ↗️

Modernizing encryption of Home Assistant backups

✇Home Assistant
Door: Home Assistant
26 Maart 2026 om 01:00
Modernizing encryption of Home Assistant backups

Backups are one of those quiet, powerful features: when they work, you don’t notice them, but when you need them, they’re everything. We’ve evolved Home Assistant’s built-in backup format over the years to keep it safe and secure, especially when backing up to remote locations. As modern cryptography has advanced, we needed to build a system to match. SecureTar v3 is a purpose-built library for creating and reading password-protected Home Assistant backups with modern cryptography and safer, stronger defaults.

To help us get this right, we commissioned Trail of Bits, a leading security engineering firm, to independently audit our work. Their review found that SecureTar v3 follows best-in-class practices for core security algorithms, such as hashing and encryption. They also identified three areas for improvement, which they confirmed were resolved in their follow-up review. This audit was paid for by the Open Home Foundation so we could invest in improvements that protect users’ privacy, security, and control.

Your backups will start using this new encryption automatically, beginning with the release of version 2026.4 on April 1, 2026. Please note old backups will still work and be readable after this change (see Recommended next steps below). For more technical details, please read on…

A bit of history

Home Assistant backups have always been encrypted by default, and use a high entropy key, to help ensure your data is safe. When we introduced backups, early formats (v1 and v2) used the same AES-128 encryption variant, along with a simple key derivation (the code that turns your passphrase into the actual key used for encryption). Sam Gleske brought to our attention that the key-derivation step was no longer up to modern standards.

It’s worth stressing an important point: Home Assistant’s passphrase generator already produces long, high-entropy passphrases. This means that backups created previously were difficult to break if using this feature. To demonstrate this, we calculated that a brute force passphrase attack (where attackers try many passwords rapidly) on the backups would take more time than the average lifespan of a person to be successful.

Still, because it was possible to manually generate an insecure passphrase for advanced users, and the library’s internal cryptographic primitives could be improved, we decided to overhaul SecureTar to use best-in-class algorithms, and to have that work validated by an external audit.

What we changed and why

The goals were simple: choose modern, well-studied algorithms, avoid design mistakes that could weaken confidentiality or integrity, and make v3 the secure default.

Highlights of the SecureTar v3 design:

  • Modern key derivation: SecureTar v3 uses Argon2id for password-based key derivation. Argon2id is a memory-hard algorithm that makes brute-force attacks much more costly.
  • Modern encryption and authentication: Encryption is provided by the libsodium secretstream API (exposed in Python via PyNaCl), which implements a robust streaming authenticated-encryption construction using XChaCha20-Poly1305. That combination gives both confidentiality (nobody can read your data) and integrity/authentication (nobody can tamper with it without detection).
  • Safer defaults and parsing: We set safer defaults so new backups use v3, and we fixed parsing logic to avoid silently treating corrupt data as valid legacy backups.

We made these choices to ensure that SecureTar is resilient to modern attacks and easier to reason about from a security perspective.

Independent audit by Trail of Bits

After implementing SecureTar v3, we commissioned Trail of Bits to perform the focused security assessment and fix review. Here is what the review found:

  1. Timing side-channel in a validation comparison (informational): The audit pointed out a minor coding issue in how we checked a validation key. It wasn’t a security risk (the value is stored openly in the file header), but we updated the check to a safer form so security tools stop flagging it.
  2. Insecure fallback to legacy protocol version (informational): Header parsing logic could be confused by corrupted data; we updated the logic so corrupted headers raise an error instead of silently falling back.
  3. Supply-chain risk in GitHub Actions workflow (medium): Workflow steps were not pinned to specific commit hashes and used broad permissions, opening the build process to possible supply-chain attacks. We pinned actions to specific commit hashes and tightened permissions.

Crucially, Trail of Bits’ post-fix review confirmed all three findings were resolved. This shows we have not only adopted modern cryptography, but also closed the gaps the audit exposed.

You can read more about the audit and the fixes in the Trail of Bits report.

How you help support this work

Security work (especially external audits and specialist engineering) costs money. The Open Home Foundation provides the structure and finances that let us do this work. That money comes, in part, from people who buy official Home Assistant or ESPHome products from the foundation’s commercial partners, and merchandise from the Open Home Foundation Store: we really appreciate your support!

Because of this, we were able to commission experts, invest engineering time, and validate the fixes. That investment protects users’ backups (which often contain configurations, passwords and API keys, integrations, and automations) and keeps Home Assistant a trustworthy, secure platform for everyone.

Recommended next steps

  • Ensure Home Assistant is updated to the latest version. The 2026.4 release includes SecureTar v3.
  • Any encrypted backup created after updating to 2026.4 will use v3’s improved format.
  • Existing backups are still secure, as Home Assistant’s generated passphrase is strong. That said, for extra security, you can regenerate the encryption key in your backup settings (use the Change encryption key option at the bottom of the backup settings page).
  • If you use the ha backup CLI command, or the hassio.backup_full or hassio.backup_partial actions to create backups, and you’ve used a short/low entropy password, you should choose a new password.

For the curious: technical summary

  • Key derivation: Argon2id (memory-hard), using separate sub-keys for each backup part.
  • Encryption / AEAD: XChaCha20-Poly1305 via libsodium secretstream (PyNaCl) with 256-bit key size. AEAD means your data is not only encrypted, but also authenticated (validating the data is unchanged/not tampered with).
  • Audit: Trail of Bits: 3 findings (2 informational, 1 medium), all resolved.
  • Build hardening: GitHub Actions pinned to commit SHAs and narrower permissions to reduce supply-chain risk.

Looking for more? Check out the SecureTar repository on GitHub.

Final note

Security is iterative, and this latest work has helped build a stronger foundation for Home Assistant backups, and a clearer path forward for maintaining that security over time.

If you want to read about similar past efforts, see some of our other posts:

By keeping Home Assistant secure, we make the platform safer, more trusted, and more enjoyable for the whole community. Thank you.

  •  
  • ↗️

nginx-1.28.3 stable and nginx-1.29.7 mainline versions have been released, with fixes for buffer overflow vulnerability in the ngx_http_dav_module (CVE-2026-27654), buffer overflow vulnerabilities in the ngx_http_mp4_module (CVE-2026-27784, CVE-2026-32647), mail session authentication vulnerabilities (CVE-2026-27651, CVE-2026-28753) and OCSP result bypass vulnerability in stream (CVE-2026-28755). Additionally, nginx-1.29.7 mainline version introduces support for Multipath TCP and upgrades the default proxy HTTP version to HTTP/1.1 with keep-alive enabled.

✇nginx
23 Maart 2026 om 22:00
2026-03-24

nginx-1.28.3 stable and nginx-1.29.7 mainline versions have been released, with fixes for buffer overflow vulnerability in the ngx_http_dav_module (CVE-2026-27654), buffer overflow vulnerabilities in the ngx_http_mp4_module (CVE-2026-27784, CVE-2026-32647), mail session authentication vulnerabilities (CVE-2026-27651, CVE-2026-28753) and OCSP result bypass vulnerability in stream (CVE-2026-28755). Additionally, nginx-1.29.7 mainline version introduces support for Multipath TCP and upgrades the default proxy HTTP version to HTTP/1.1 with keep-alive enabled.

  •  
  • ↗️

uNmINeD 0.19.60-dev

✇Unmined
Door: megasys
26 Maart 2026 om 00:12

New uNmINeD development snapshot is available for download!

Changes:

  • (GUI) Datapack and mod load errors are now ignored when opening a world
  • (GUI) The log now include a stack trace of errors that occur when opening the world
  • Improved handling of broken mods/datapacks
  •  
  • ↗️
Ontvangen — 25 Maart 2026

Early Stable Update for Desktop

✇Google Chrome
25 Maart 2026 om 19:24

 The Stable channel has been updated to 147.0.7727.24/.25 for Windows and Mac as part of our early stable release to a small percentage of users. A full list of changes in this build is available in the log.

You can find more details about early Stable releases here.

Interested in switching release channels?  Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.


Srinivas Sista

Google Chrome

  •  
  • ↗️

NVIDIA Driver 595.97

✇NVIDIA Windows Drivers
24 Maart 2026 om 00:00
Release Highlights:
Although GeForce Game Ready Drivers and NVIDIA Studio Drivers can be installed on supported notebook GPUs, the original equipment manufacturer (OEM) provides certified drivers for your specific notebook on their website. NVIDIA recommends that you check with your notebook OEM for recommended software updates for your notebook.

Game Ready

This new GeForce Game Ready Driver optimizes your experience in the latest titles featuring DLSS, ray tracing, path tracing, and NVIDIA Reflex, and ensures the best possible experience in your wider library of games and apps.

Fixed Gaming Bugs
  • Halo Infinite: Texture corruption may occur on R595 drivers [5957741]
  • HITMAN World of Assassination: Game stability issues when NVIDIA Smooth Motion is enabled [5849519]
  • Game stability issues after enabling DLSS FG when Instant Replay is enabled [5732936]

Fixed General Bugs
  • N/A

Learn more in our Game Ready Driver article here.

Game Ready Driver

  •  
  • ↗️

v11.17.0

✇Directus
Door: github-actions[bot]
25 Maart 2026 om 00:50

⚠️ Potential Breaking Changes

Added support for importing data in the background (#26914)
Imports now automatically time out after 1 hour, with a maximum of 20 running concurrently. These limits can be configured via IMPORT_TIMEOUT and IMPORT_MAX_CONCURRENCY, respectively.

Improved build times using tsdown’s oxc-transform (#26604)
Exports previously available from @directus/types/collab are now exported directly from @directus/types

Shrunk app UI to 90% and converted all px to rem (16px browser default) (#26826)
Potential breaking change: The app UI has been shrunk to 90% of its previous size. Extensions that rely on hardcoded px values or the old 14px root font-size may render incorrectly — all app sizing now uses rem based on the 16px browser default.

  • @directus/api
    • Added support for importing data in the background (#26914 by @Nitwel)
  • @directus/types
    • Improved build times using tsdown’s oxc-transform (#26604 by @Nitwel)
  • @directus/specs
    • Updated fast-xml-parser, qs, minimatch, tar, undici, vue-split-panel and flatted dependencies (#26951 by @br41nslug)

✨ New Features & Improvements

  • @directus/app
    • Added support for importing data in the background (#26914 by @Nitwel)
    • Added utility endpoint and UI to generate translations collections and fields. (#26742 by @bryantgillespie)
    • Added deployment provider link on the run detail page, opening deployments directly in Vercel or Netlify dashboards. (#26888 by @LZylstra)
    • Shrunk app UI to 90% and converted all px to rem (16px browser default) (#26826 by @formfcw)
  • @directus/api
    • Added tool search tool for Anthropic AI provider to reduce context usage (#26864 by @bryantgillespie)
    • Added support for setting the secure attribute on OpenID/OAuth2 cookies via the AUTH_<PROVIDER>_COOKIE_SECURE environment variable (#26628 by @dstockton)
    • Updated FilesService.uploadOne to support an optional storage parameter (#26882 by @gaetansenn)
    • Added AI SDK Devtools middleware support for debugging AI Assistant in development only. Added AI telemetry provider (#26678 by @bryantgillespie)
      config for Braintrust and Langfuse, enabling sending traces for observability, usage, and token costs.
    • Added utility endpoint and UI to generate translations collections and fields. (#26742 by @bryantgillespie)
    • Added support for Redis namespace control (#26943 by @dstockton)
  • @directus/errors
    • Added support for importing data in the background (#26914 by @Nitwel)
  • @directus/env
  • @directus/system-data
  • @directus/constants
  • @directus/extensions-sdk
    • Shrunk app UI to 90% and converted all px to rem (16px browser default) (#26826 by @formfcw)
  • @directus/themes
    • Shrunk app UI to 90% and converted all px to rem (16px browser default) (#26826 by @formfcw)

🐛 Bug Fixes & Optimizations

  • @directus/app
    • Fix file renaming (#26946 by @br41nslug)
    • Updated @directus/tsconfig dependency from 3.0.0 to 4.0.0 (#26879 by @AlexGaillard)
    • Fixed filtering out preRegisterCheck === false modules from settings module bar config (#26953 by @AlexGaillard)
    • Prevented uncaught exception when v-menu has no tabbable elements (#26922 by @robluton)
    • Fixed a bug where global draft updates failed for singleton collections (#26910 by @formfcw)
    • Refactored "Clear value(s) on save when hidden" condition so it's applied inside a drawer (#26925 by @AlexGaillard)
    • Added functionality to duplicate access policies (#26889 by @robluton)
    • Reduced width of split panel resize handle to prevent scrollbar interference (#26908 by @robluton)
    • Updated Vite to version 8.0.0 (#26887 by @Nitwel)
    • Corrected field editability for conditional update policies and version items (#26815 by @HZooly)
    • Fixed date picker not emitting value after month/year change. (#26880 by @powerseed)
    • Fixed inconsistent dropdown arrows in visual editor header bar (#26904 by @formfcw)
  • @directus/api
  • @directus/types
  • @directus/env
    • Fix file renaming (#26946 by @br41nslug)
    • Updated @directus/tsconfig dependency from 3.0.0 to 4.0.0 (#26879 by @AlexGaillard)
    • Added support for setting the secure attribute on OpenID/OAuth2 cookies via the AUTH_<PROVIDER>_COOKIE_SECURE environment variable (#26628 by @dstockton)
    • Added AI SDK Devtools middleware support for debugging AI Assistant in development only. Added AI telemetry provider (#26678 by @bryantgillespie)
      config for Braintrust and Langfuse, enabling sending traces for observability, usage, and token costs.
    • Added cross origin opener policy settings (#26947 by @br41nslug)
  • @directus/ai
  • @directus/composables
  • @directus/constants
  • @directus/errors
  • @directus/extensions
  • @directus/extensions-registry
  • @directus/extensions-sdk
  • @directus/format-title
  • @directus/memory
  • @directus/pressure
  • @directus/release-notes-generator
  • @directus/schema
  • @directus/schema-builder
  • @directus/storage
  • @directus/storage-driver-azure
  • @directus/storage-driver-cloudinary
  • @directus/storage-driver-gcs
  • @directus/storage-driver-local
  • @directus/storage-driver-s3
  • @directus/storage-driver-supabase
  • @directus/stores
  • @directus/system-data
  • @directus/themes
  • @directus/update-check
  • @directus/utils
  • @directus/validation
  • @directus/sdk

📦 Published Versions

  • @directus/app@15.6.0
  • @directus/api@35.0.0
  • @directus/ai@1.3.1
  • @directus/composables@11.2.16
  • @directus/constants@14.3.0
  • create-directus-extension@11.0.32
  • @directus/env@5.7.0
  • @directus/errors@2.3.0
  • @directus/extensions@3.0.22
  • @directus/extensions-registry@3.0.22
  • @directus/extensions-sdk@17.1.0
  • @directus/format-title@12.1.2
  • @directus/memory@3.1.5
  • @directus/pressure@3.0.20
  • @directus/release-notes-generator@2.0.4
  • @directus/schema@13.0.6
  • @directus/schema-builder@0.0.17
  • @directus/specs@13.0.0
  • @directus/storage@12.0.4
  • @directus/storage-driver-azure@12.0.20
  • @directus/storage-driver-cloudinary@12.0.20
  • @directus/storage-driver-gcs@12.0.20
  • @directus/storage-driver-local@12.0.4
  • @directus/storage-driver-s3@12.1.6
  • @directus/storage-driver-supabase@3.0.20
  • @directus/stores@2.0.1
  • @directus/system-data@4.4.0
  • @directus/themes@1.3.0
  • @directus/types@15.0.0
  • @directus/update-check@13.0.5
  • @directus/utils@13.3.2
  • @directus/validation@2.0.20
  • @directus/sdk@21.2.1

  •  
  • ↗️

Distribution Release: Kali Linux 2026.1

✇DistroWatch
Door: distro@distrowatch.com
24 Maart 2026 om 23:31
The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. The Kali Linux team has published a new version of its distribution with the launch of Kali Linux 2026.1. The new version includes a classic theme which makes the desktop resemble the project's first release, which happened 20 years ago. There are also several new tools included in....
  •  
  • ↗️

nginx-1.28.3 stable and nginx-1.29.7 mainline versions have been released, with fixes for buffer overflow vulnerability in the ngx_http_dav_module (CVE-2026-27654), buffer overflow vulnerabilities in the ngx_http_mp4_module (CVE-2026-27784, CVE-2026-32647), mail session authentication vulnerabilities (CVE-2026-27651, CVE-2026-28753) and OCSP result bypass vulnerability in stream (CVE-2026-28755). Additionally, nginx-1.29.7 mainline version introduces support for Multipath TCP and upgrades the default HTTP version to HTTP/1.1 with keep-alive enabled.

✇nginx
23 Maart 2026 om 22:00
2026-03-24

nginx-1.28.3 stable and nginx-1.29.7 mainline versions have been released, with fixes for buffer overflow vulnerability in the ngx_http_dav_module (CVE-2026-27654), buffer overflow vulnerabilities in the ngx_http_mp4_module (CVE-2026-27784, CVE-2026-32647), mail session authentication vulnerabilities (CVE-2026-27651, CVE-2026-28753) and OCSP result bypass vulnerability in stream (CVE-2026-28755). Additionally, nginx-1.29.7 mainline version introduces support for Multipath TCP and upgrades the default HTTP version to HTTP/1.1 with keep-alive enabled.

  •  
  • ↗️
Ontvangen — 24 Maart 2026

uNmINeD 0.19.59-dev

✇Unmined
Door: megasys
24 Maart 2026 om 22:48

New uNmINeD development snapshot is available for download!

Changes:

  • (Hytale) Added texture average color calculation for vanilla blocks from the latest installed game assets
  • (Hytale) Added texture average color calculation for custom blocks added by mods
  • (Hytale) Updated vanilla stylesheet to version 2026-03-23
  • (Minecraft) Fixed an issue where the Bedrock vanilla resource pack would not load in some cases
  • (GUI) Fixed a zoom glitch when a map marker was under the mouse cursor
  •  
  • ↗️

v4.0.0-beta.470

✇Coolify
Door: andrasbacsai
24 Maart 2026 om 22:00

What's Changed

Security & Fixes

  • Fixed proxy config validation to ensure stored config matches the current proxy type (#9146, fixes #9127)
  • Fixed environment variables being incorrectly resolved in compose files instead of preserving ${VAR} references (#9147, fixes #9136)
  • Fixed deployment issues with shell argument escaping in nixpacks commands (#9122, fixes #9042)
  • Fixed GitHub webhook errors for unsupported event types (#9119, fixes #9090)
  • Fixed server limit checks when using API tokens (#9123, fixes #9116)
  • Fixed hostname validation to be case-insensitive and allow more characters (#9134, fixes #9131)
  • Fixed duplicate subscription creation
  • Fixed environment variable refresh when variables are missing or stale
  • Fixed Docker cleanup logging when server is unreachable

New Services & Templates

  • Added EspoCRM one-click service template (#8658)

Improvements

  • Improved mobile responsiveness for confirmation modals
  • Simplified Docker installation process
  • Added storage API endpoints with UUID support for databases and services
  • Added Nightwatch monitoring support
  • Disabled Booklore service template (#9105)
  • Bumped Sentinel and Traefik versions

What's Changed (Github)

New Contributors

Full Changelog: v4.0.0-beta.469...v4.0.0-beta.470

  •  
  • ↗️

Minecraft 26.1 (stable) Released

✇Minecraft
24 Maart 2026 om 13:11
26.1, the release of Tiny Takeover, is a game drop for Java Edition released on March 24, 2026, which adds new textures and models for every baby mob that did not already have a unique model, adds the golden dandelion, makes name tags craftable, makes technical changes, and fixes bugs. Full changelog: https://minecraft.wiki/Java_Edition_26.1
  •  
  • ↗️

Firefox

✇Mozilla Firefox
3 April 2026 om 03:55

New

  • View two pages side-by-side in a single window with the new Split View feature that makes it easier to compare information, research topics or work across two pages at once. To create a split view, select one or two tabs and choose Add to Split View or Open in Split View.

    A screenshot of two pages side by side in split view

  • Firefox now offers a free built-in VPN. Whether you’re using public Wi-Fi while traveling, searching for sensitive health information, or shopping for something personal, this feature gives you a simple way to stay protected. Once you sign in and turn it on, you can hide your location and IP address by routing it through a secure proxy while you browse in Firefox. You will get 50 GB of protection every month, with the option to turn it on or off for specific websites. This feature is progressively rolling out in the US, UK, Germany and France starting today.

    Screenshot of the new VPN feature in use

    Enterprise note: This feature is not available in enterprise environments and is not being rolled out to users with enterprise policies. While it can currently be enabled manually, administrators will have the ability to disable it via enterprise policy starting April 7. In the meantime, organizations can use the BlockAboutConfig policy to prevent manual enablement.

    This feature is part of a progressive roll out.

    What is a progressive roll out?

    Certain new Firefox features are released gradually. This means some users will see the feature before everyone does. This approach helps to get early feedback to catch bugs and improve behavior quickly, meaning more Firefox users overall have a better experience.

  • Many PDF files will now load significantly faster thanks to hardware acceleration.

  • Firefox now automatically blocks notifications and permanently revokes permissions for any website flagged as malicious by SafeBrowsing. This prevents unsafe sites from sending background notifications to users, commonly used for ads, spam or phishing.

  • You can now add a Share button to your toolbar via Customize Toolbar, making it easy to share the current tab using your Windows or macOS system sharing options.

  • Address Autofill is enabled for users in Australia, India, Italy, Poland and Austria.

  • Explore more of the web with new on-device translation support for Bosnian, Norwegian Bokmål, Serbian and Thai — plus improved accuracy for Croatian.

Firefox Labs

  • Tab notes feature that lets you attach a short note to a web page is now available in Firefox Labs. You can use notes to remember why you opened a page, what you planned to do next or any details you want to revisit later. Please give notes a try and share your feedback on what works well and what can be improved.

    A screenshot of the tab notes dialog open

Fixed

  • Increased robustness of HTTP/3 upload performance for unstable network conditions.

  • Various security fixes.

Changed

  • The TrustPanel combines the privacy and security panels accessed from the address bar to give the user one place to check the Privacy and Security settings of the current page. Learn more.

    TrusPanel Screenshot

  • Security has been strengthened by tightening the requirements for JavaScript files that can be loaded in the parent process, providing additional defense in depth against potential threats.

  • On Linux, Firefox will now default to the XDG portal file picker if available, rather than the GTK3 one, which is usually better integrated with the user's desktop environment, and more powerful.

  • Firefox error pages have a fresh new look, with updated visuals that better match the overall feel of Firefox. The redesigned pages create a more cohesive experience while making it clearer what went wrong.

    A screenshot of the revamped error page

  • On Windows, Firefox will use the modern Windows.Devices.Geolocation API for geolocation instead of Windows 7 location API.

Developer

Web Platform

  • showPicker() now supports text-based <input> elements with an associated <datalist>, displaying the autofill dropdown. See documentation.

  • The functions xywh() and rect() were previously implemented for the clip-path and offset-path properties. They are now also available for the shape-outside property.

  • The math value of the CSS font-family is now supported and used by default for MathML's <math> element. It enables Web developers to indicate special fonts with advanced math features should be used. Firefox will rely on the serif font for mathematics defined in Firefox preferences.

  • Added support for the HTML attribute popover="hint".

  • Enabled media element pseudo-classes, such as :playing, :paused

  • Enabled the spec-compliant HTMLMediaElement.captureStream() API.

  • Added support for closing popovers & dialogs with the Android Back Button, and implemented the CloseWatcher API for handling this in script.

  • The new Reporting API provides a generic reporting mechanism for web applications to use to make reports available based on various platform features (for example Content Security Policy, Permissions-Policy or feature deprecation reports) in a consistent manner.

Community Contributions

  •  
  • ↗️

MariaDB 13.0 Preview Now Available

✇MariaDB
Door: Frédéric Descamps
24 Maart 2026 om 13:49

We are pleased to announce the availability of a preview of the MariaDB 13.0 series. MariaDB 13.0 is a preview rolling release, published on 23 March 2026, and it continues the work started in 12.3 while adding a solid set of entirely new features. …

Continue reading \"MariaDB 13.0 Preview Now Available\"

The post MariaDB 13.0 Preview Now Available appeared first on MariaDB.org.

  •  
  • ↗️

Heatit joins Works with Home Assistant

✇Home Assistant
Door: Home Assistant
24 Maart 2026 om 01:00
Heatit joins Works with Home Assistant

We’re thrilled to extend a very warm (ahem) Works with Home Assistant welcome to Heatit! As the name suggests, Heatit are all about keeping you, and your home, warm. They specialize in smart climate and heating control, which might have something to do with the fact they’re based in Norway, where energy management is a big reason people turn to Home Assistant, as winter temperatures can dip to below -20°C!

Home is where the heat is

Formerly known as Thermofloor, Heatit has spent more than 30 years building a rock-solid reputation across Scandinavia and Northern Europe for thermostats and controllers designed to handle harsh conditions, so they’re certainly robust enough for milder climes. But they don’t just stop at heating: the range extends to home safety, with the Heatit Z-Smoke 2 being the first Z-Wave smoke detector we’ve certified.

In fact, all of Heatit’s certified devices connect via Z-Wave, which is what makes them integrate so well with Home Assistant. Crucially, the Z-Smoke 2 will always function regardless of network status. The smart features are there when you need them, but the fundamentals never depend on them.

Z-Wave, and then some

If you’ve not heard of Z-Wave before, here’s a quick explainer: it’s a low-power wireless protocol built specifically for smart homes. Unlike WiFi, it operates on a dedicated frequency that means less interference and more reliable communication. It’s also a mesh network, where mains-powered devices help pass signals along to each other, strengthening the connection. Battery-powered devices can also benefit from this, since the mesh helps preserve their charge.

For heating and safety devices, those enhancements really count. Long battery life means a thermostat or smoke detector that should keep working without constant attention. Reliable range means your devices can stay connected even through thick walls or across a large home. And because everything runs locally, your heating responds quickly: no routing through a third-party server, no unnecessary delays.

Connecting with the community

Heatit are also serious about the impact they have beyond their products, with sustainability and reducing environmental impact being central to their company philosophy, which aligns with the Open Home Foundation’s principles of privacy, choice, and sustainability. What’s more, for Heatit, one of the most exciting things about joining the program is the chance to connect with the passionate, knowledgeable people who make up our community (yes, that’s you!).

"We're excited to join the Home Assistant program because of the strong community and the shared focus on open, local-first smart home solutions. This integration allows us to work more closely with both enthusiasts and professionals, and to deliver products that are flexible, reliable, and built for long-term use."

- Pål Aksel Forberg, CEO at Heatit

Devices

Works with Home Assistant isn’t just a badge: every certified product is rigorously tested by our in-house team to make sure it works seamlessly with Home Assistant out of the box. Brands joining the program also commit to long-term support and firmware updates, and to being an active, positive part of our community. Here’s what’s made the cut from Heatit:

Professionally built and designed to last, these devices cover both sides of a smart heating setup: the thermostats handle the actual temperature control, while the wall controller gives you a physical way to manage it all without reaching for your phone.

How to get started

It’s worth noting that in-wall devices will require installation by a qualified electrician in many regions, so if you’re not confident with electrics, it’s worth checking Heatit’s website for guidance and to find a local installer. The standalone devices are more straightforward to set up, and include SmartStart, making adding them to your Z-Wave network as simple as scanning a QR code.

To use Z-Wave with Home Assistant, you’ll need a Z-Wave adapter and the Z-Wave integration. This will help everything run locally, keeping your data private and your smart home responsive. Of course, if you want to turn the heat up before you get home, or check on things while you’re away, Home Assistant Cloud gives you secure remote access, and by subscribing you’ll help fund the Open Home Foundation’s work, including the Works with Home Assistant program!

Wrapping up warmly

We hope this is just the beginning of Heatit’s involvement with the program, and we’re excited to see where things go, both with these devices and whatever comes next. In the meantime, there’s plenty here to get started with. Time to turn up the heat.

Frequently asked questions

If I have a device that is not listed under Works with Home Assistant, does this mean it’s not supported?

No! It just means that it hasn’t gone through a testing schedule with our team, or doesn’t fit the requirements of the program. It might function perfectly well but be added to the testing schedule in the future, or it might work under a different connectivity type that we don’t currently test under the program.

OK, so what’s the point of the Works with program?

It highlights the devices we know work well with Home Assistant and the brands that make a long-term commitment to keeping support for these devices going. The certification agreement specifies that the devices must have full functionality within Home Assistant, operate locally without the need for cloud, and will continue to do so long-term.

How were these devices tested?

All devices in this list were tested using a standard Home Assistant Green with the Home Assistant Connect ZWA-2 as the Z-Wave adapter and with our Z-Wave integration. If you have another hub or setup, that’s not a problem, but we test against these as they are the most effective way for our team to certify within our ecosystem.

Will you be adding more Heatit devices to the program?

Why not! We’re thrilled to foster a close relationship with the team at Heatit to work together on any upcoming releases or add in further products that are not yet listed here. They have also been working on integrating their WiFi products further in Home Assistant, so we’re excited to see their progress.

  •  
  • ↗️
❌