(中文) 生态共建 | Wine应用适配活动开启,现金奖励重磅加码!
22 October, 2025 10:07AM by xiaofei
22 October, 2025 10:07AM by xiaofei
Alibaba Damo Academy and Canonical today announce a new collaboration to bring the Ubuntu operating system to the latest XuanTie C930 processor. This collaboration will give users access to a robust, reliable and production-ready platform for modern workloads running on the XuanTie processor family, helping to advance RISC-V adoption.
Alibaba Damo Academy, the team behind the XuanTie processor family, drives advancements in intelligent and secure computing architectures built around the RISC-V ecosystem. Alibaba Damo Academy and Canonical are collaborating to enhance Ubuntu support on XuanTie, helping to drive greater RISC‑V maturity and enabling smoother integration into the expanding RISC-V landscape. This partnership focuses on strengthening community collaboration within the RISC‑V ecosystem, and improving software readiness on XuanTie platforms using Ubuntu and RVA23 as the profile and platform of choice.
Since both Alibaba Damo Academy and Canonical are members of the RISC-V Software Ecosystem (RISE), the joint efforts will help accelerate open source adoption and promote consistent interoperability between hardware and software. A key aspect of this work includes alignment with the RVA23 profile, designed to improve portability across hardware designs and simplify development, further advancing the RISC‑V ecosystem’s growth and accessibility.
For developers and XuanTie users, this partnership will deliver an integrated Ubuntu experience for XuanTie hardware all backed by Canonical’s trusted long-term support and rigorous security maintenance.
“We are very excited to be partnering with Alibaba Damo Academy to bring Ubuntu to the latest XuanTie platform. Our teams have already done great work together on a community level for earlier XuanTie processors like the C906 and showing Ubuntu running on a XuanTie C930 FPGA at the Shanghai RISC-V Summit in July 2025. This partnership represents the next step in deepening our relationship and we look forward to working with Alibaba Damo Academy to get Ubuntu into the hands of even more XuanTie developers,” said Cindy Goldberg, Vice President of Silicon Alliance at Canonical.
“We are excited to deepen our collaboration with Canonical, marking another important step toward the real-life applications of RISC-V. Together, we have successfully brought Ubuntu to multiple ecosystem products based on the XuanTie processor. Moving forward, we look forward to advancing our joint work and continuing to unlock the value of RISC-V in various computing scenarios, while further contributing to the growth of the RISC-V community.” said Jing Yang, Vice Present of RISC-V at Alibaba Damo Academy.
If you have any questions about the platform or would like information about our silicon or RISC-V program, contact us.
Canonical, the publisher of Ubuntu, provides open source security, support and services. Our portfolio covers critical systems, from the smallest devices to the largest clouds, from the kernel to containers, from databases to AI. With customers that include top tech brands, emerging startups, governments and home users, Canonical delivers trusted open source for everyone.
Learn more at https://canonical.com/
Another year, another ROSCon! This year we’re heading to Singapore, and Canonical is once again thrilled to sponsor this important community event. Just like last year in Odense, Denmark, we’re looking forward to the talks and workshops, which always inspire us and teach us new things about robotics. We’re excited to reconnect with our Southeast Asia community, especially after our earlier gathering at Canonical’s IoT day in Singapore.
We’re really looking forward to sharing some of the work we have done in the robotics space this year, alongside our partners Advantech & Botmind. From Advantech’s powerful platforms for robotics to Botmind’s unified fleet management solutions, our booth showcases collaborative efforts designed to help and guide ROS developers as they aim to simplify complexity and accelerate innovation.
Here’s a quick overview of what we’ll be showcasing at ROSCon booth 51/52, featuring our partners Advantech and Botmind.
Our mission is to bring software to the widest audience. We took the latest step in this mission by bringing together popular open source tools, including Grafana, Prometheus, and Loki, to make it easy to set up a fully functional observability infrastructure for ROS 2 devices using Ubuntu. The same infrastructure used by our telco, logistics, aerospace, and data center customers is now available for robotics makers and ISVs.
The infrastructure is designed to bring together a unified platform for both open source and custom enterprise solutions (e.g. Botmind). Thus allowing companies to bring their own or preferred applications and tools in a tested, reliable, and open source infrastructure.
What can you do today with this beta observability stack
If you’re attending ROSCon 2025, we’ve got two exciting opportunities for you to dive deeper into observability for robotics systems.
📍 Room: 330
🗓️ Date: Monday, October 27, 2025
⏰ Time: 10:30 AM – 11:30 AM
Join us for a hands-on workshop where we’ll demonstrate how the Canonical Observability Stack helps you monitor, debug, and optimize your robotic devices.
> All ROSCon attendees are welcome, even without the workshop ticket — no RSVP required!
📍 Track: Debugging
🗓️ Date: Tuesday, October 28, 2025
⏰ Time: 4:00 PM – 4:10 PM SST
In this talk, we’ll explore how open-source tools make large-scale observability and debugging in robotics simpler, faster, and more powerful.
📍 Room: 330
🗓️ Date: Monday, October 27, 2025
⏰ Time: 11:30 AM – 12:30 PM
Join our partner Qualcomm to learn how to run ROS 2 on the RUBIK Pi 3, a compact platform optimized for edge robotics, powered by Ubuntu.
At ROSCon, we’re not just talking about observability; we’re showing how everything can come together in a real-world deployment. That’s why we’re excited to team up with Botmind, a Singapore-based robotics platform innovator, and deploy their fleet management service on top of our open source Canonical Observability Stack (COS) infrastructure.
Botmind’s mission is to simplify how businesses manage robot fleets. They build an “all-in-one” control platform that integrates multiple robots, real-time tracking, AI-powered scheduling, analytics, and a unified API layer. Their vision is bold: to let robotics operators manage everything, from mission assignments to health monitoring, via a single, intuitive control plane.
In our demo at ROSCon, we’ll show how Botmind’s proprietary fleet manager integrates with our COS infra, enabling:
Through this demo, we aim to prove that you can combine open observability and enterprise robot control in a modular, scalable way.
Visitors to booth 51/52 will be able to see first-hand how Botmind’s system works in tandem with our COS stack, giving developers, integrators, and system architects a compelling reference architecture for real robotic deployments.
We’re proud to collaborate with Advantech to showcase how advanced platforms and Ubuntu-based solutions accelerate the development of Autonomous Mobile Robots and robotic systems. Together, we’re addressing some of the toughest challenges faced by robotics developers, from real-time edge computing to secure and compliant deployments.
At ROSCon 2025, you can discover Advantech’s robotics platforms, powered by Ubuntu and its real-time kernel. Designed for ROS 2, it provides a unified and scalable hardware-software foundation that speeds up robot prototyping and deployment. Advantech’s AFE and ASR series edge computers integrate CPU, GPU, and NPU computing with industrial-grade reliability, supporting:
With Ubuntu Pro, Advantech extends long-term support, security, and maintenance for its Ubuntu-based hardware, including ESM for ROS, ensuring a consistent, secure, and reliable foundation throughout the robot’s lifecycle.
In our joint demo at booth 51/52, Canonical and Advantech will showcase how developers can move from prototype to production faster using Advantech hardware combined with Ubuntu Core, Canonical’s secure, immutable, and reliable operating system designed for edge deployments.
Canonical recently announced official Ubuntu support for the NVIDIA Jetson Thor family, extending our collaboration with NVIDIA to accelerate AI innovation at the edge. In addition, Canonical announces it will support and distribute NVIDIA CUDA directly within Ubuntu’s repositories, making it easier than ever for developers to access GPU acceleration natively on Ubuntu. This partnership ensures that developers can rely on the same enterprise-grade security, stability, and performance on Jetson Thor that powers Ubuntu across clouds and data centers.
In our demo at ROSCon, visitors will see COS running directly on an NVIDIA Jetson Thor device. Using the Grafana Agent, the system continuously collects rich performance and telemetry data from the Jetson platform, including CPU, GPU, and memory metrics, visualized in real time through Grafana dashboards.
By bringing COS to Jetson Thor, Canonical showcases how open source observability can extend all the way from the robot’s edge hardware to cloud-scale operations, empowering developers and integrators to optimize performance and reliability across every layer.
For more information, please visit NVIDIA at ROSCon.
We can’t wait to see you at ROSCon! Join us to explore the latest advancements, connect with fellow innovators, and discover how Ubuntu and our partners are shaping the future of robotics. See you there!
In the early hours of October 20, 2025, Amazon Web Services (AWS) experienced one of the most significant service disruptions of the year. The incident originated in the US-EAST-1 (Northern Virginia) region — one of the provider’s oldest and busiest zones, hosting critical components of its global services.
For several hours, thousands of applications and online platforms — including Snapchat, Fortnite, Duolingo, Alexa, Coinbase, and Robinhood — suffered connection errors, latency issues, or partial outages.
AWS later confirmed an increase in errors and response times across several services tied to that region.
Technical analyses and AWS status reports indicate that the issue was linked to a failure in the internal DNS resolution system, one of the most critical elements of its infrastructure. The Domain Name System (DNS) translates domain names (such as api.mycompany.com) into IP addresses so that applications can communicate with each other.
When this system fails, servers may continue running, but they can no longer “find” one another — requests are lost because domain names cannot be resolved. In this case, the outage affected AWS’s internal DNS service, which depends on DynamoDB to store DNS zone data.
As that service degraded, many applications could no longer resolve the names of their own instances or connect to their databases, even though the servers themselves remained operational.
The result was a regional failure with global impact, as countless organizations rely on infrastructure hosted in Virginia to operate their services — even when their users connect from other continents. It was not a global AWS outage, nor a multi-region event, but rather a localized failure in a critical region that exposed how much dependency can concentrate in the cloud.
The cloud offers scalability and simplified management — but it does not eliminate architectural responsibility. Replicating servers within the same region (for example, across “Availability Zones”) does not guarantee continuity if the entire region becomes unavailable.
Building a truly robust infrastructure means designing for the complete loss of a region — and still being able to keep services online. This is where global traffic management, also known as Global Server Load Balancing (GSLB), becomes essential. Such a system operates above individual data centers or regions.
It continuously monitors multiple distributed endpoints and automatically redirects traffic to the one that remains available and responsive. If a region stops responding — as happened in Virginia — the load balancer can update public DNS records so that users are routed to another active environment.
In practice, this mechanism provides two fundamental benefits:
However, for this approach to be truly effective, the regions or data centers involved must be completely independent from each other. If both environments share the same control plane, internal DNS, or network services, a failure in that common layer could affect both simultaneously.
That’s why GSLB can only ensure real continuity when deployed between operationally isolated environments. In other words: GSLB would not have prevented the AWS outage, but it would have allowed organizations with independent regional architectures to keep their services running while the affected region recovered.
SKUDONET Enterprise Edition integrates a Global Server Load Balancing (GSLB) system designed to maintain service availability across geographically distributed data centers or regions.
Operating at the DNS level, it continuously monitors the health of applications in each location. If one site becomes unavailable, it automatically updates DNS resolution to redirect users to another operational data center.
The GSLB can operate in active-passive mode, ensuring automatic recovery in Disaster Recovery scenarios, or in active-active mode, sharing traffic between multiple data centers to optimize latency and overall performance.
Its design allows combining environments within the same provider or across different ones — as long as they remain operationally independent — thereby avoiding single points of failure.
In this way, SKUDONET provides an external control layer that strengthens high availability and service continuity strategies, even during severe regional disruptions.
Technical reference:
How Global Server Load Balancing works in SKUDONET
The AWS outage in Virginia showed that even the most mature infrastructures can experience critical regional failures. The lesson is not to avoid the cloud, but to design with failure in mind — assuming that any region can go offline at any time. Separating environments and managing traffic at a global level does not eliminate errors, but it allows business operations to continue when they occur.
22 October, 2025 06:24AM by Nieves Álvarez
Besides my regular open source contributions and running my own consulting business (Zabbly), I’m also the CTO and co-founder of an Open Source company called FuturFusion where I’ve been running Engineering for well over a year now.
My main focus over there has been building the FuturFusion Cloud stack, a completely open-source private cloud solution built around Incus. As part of that, our engineering team has been hard at work over the past year or so, improving Incus itself but also building a number of other projects from the ground up to make it easy to build and operate large scale Incus deployments.
Our stack is made of 4 core components:
I recently took a bit of time away from customer deployments to record a video of how everything fits together, including an end to end lab deployment, starting from a pre-existing VMware environment and going all the way to having two Incus clusters running and the VMware VMs fully converted to Incus VMs.
In addition, for those interested in the security aspect of things, I gave a talk a few months back about IncusOS’ security story at the Linux Security Summit in Denver, Colorado. The recording of which has since been made publicly available.
Now our focus on the engineering front is primarily in fixing some filling a few remaining gaps as well as putting together up to date comprehensive documentation on IncusOS, Migration Manager and Operations Center. This will then make it easy for anyone to get started with those as well as hopefully attract more contributors to those projects.
On the topic of contributors, none of this would have been possible without the 112 individuals who contributed to the Incus project in the past year, thank you!
21 October, 2025 12:31PM by Steven Shiau
21 October, 2025 09:56AM by xiaofei
Ubuntu 25.10 Questing Quokka has landed, marking the final interim release before Ubuntu 26.04 LTS, and it’s a bold one. Interim releases have always been the proving grounds for features that define the next LTS, and this cycle is no exception. From memory-safe reimplementations of foundational tools to hardware-backed encryption, post-quantum cryptography preparedness, and confidential computing, 25.10 pushes Ubuntu security into its next era, and the trajectory is clear: Ubuntu is building a more secure foundation for the next decade of computing.
Ubuntu 25.10 defaults to sudo-rs, a Rust implementation of sudo. This change directly addresses a history of memory corruption vulnerabilities in security-critical code. The sudo vulnerability CVE-2021-3156, which existed undetected from 2011 to 2021, demonstrates why this matters; memory safety guarantees at the compiler level prevent entire categories of these bugs.
Similarly, we now ship rust-coreutils as the default provider of utilities like ls, cat, and cp. The GNU implementations remain available, and users can switch between them if needed. We maintain a compatibility matrix documenting behavioral differences, though most users won’t encounter any issues. Performance varies by operation, base64 encoding is notably faster, while some operations show minimal change.
For users who need the traditional sudo, it’s available as sudo.ws. Existing sudo configurations work without modification. This parallel availability allows thorough testing while maintaining a fallback path.
The TPM-backed Full Disk Encryption implementation has matured considerably in this release, though it remains experimental. New capabilities include:
There are important compatibility considerations. The feature is incompatible with Absolute (formerly Computrace) security software, systems must choose one or the other. Additionally, certain hardware configurations require specific kernel modules that may not be available in the TPM-secured kernel. Users should test thoroughly with their specific hardware before considering deployment.
This work targets production readiness in Ubuntu 26.04 LTS. Testing and feedback during the 25.10 cycle will directly influence the LTS implementation.
Ubuntu 25.10 replaces systemd-timesyncd with Chrony as the default time daemon, configured with Network Time Security (NTS) enabled. This change addresses a long-standing security concern: unauthenticated NTP has been vulnerable to tampering that could affect certificate validation, audit logs, and distributed system coordination.
NTS adds TLS-based authentication to time synchronization, using port 4460/tcp for key exchange before standard NTP communication on 123/udp.
Ubuntu 25.10 includes preparations for quantum computing threats thanks to the latest versions it ships with for OpenSSH and OpenSSL. OpenSSH 10.0 now uses hybrid post-quantum algorithms by default for key agreement. No configuration is required, SSH connections automatically benefit from quantum resistance while maintaining compatibility with systems that don’t support these algorithms.
OpenSSL 3.5.3 adds support for ML-KEM, ML-DSA, and SLH-DSA algorithms. The default TLS configuration prefers hybrid post-quantum KEM groups, balancing future security with present-day compatibility.
Note that OpenSSH 10.0 removes DSA support entirely. Systems still using DSA keys will need migration before they can connect to or from Ubuntu 25.10 systems.
For those running sensitive workloads in the cloud, Ubuntu 25.10 ships with native support for Intel TDX (Trust Domain Extensions) host capabilities. This technology creates hardware-isolated virtual machines for confidential computing, perfect for data clean rooms and confidential AI workloads. The kernel ships with Intel TDX host support out of the box, setting the stage for confidential computing to become mainstream in the 26.04 LTS.
Beyond the headline features, there’s a consistent theme of security through modernization:
Some security features require careful deployment:
In all, the security enhancements and hardening measures delivered in Ubuntu 25.10 continue Ubuntu’s evolution toward delivering the most secure Linux experience. They lay the groundwork for Ubuntu 26.04 LTS, the next long-term supported release, where these technologies will mature into default, fully supported capabilities. Furthermore, security updates, compliance, hardening and kernel livepatching for 26.04 LTS will be covered for up to 12 years through Ubuntu Pro, extending Ubuntu’s track record as a securely-designed foundation for developing and deploying modern Linux workloads.
We’re always refining Ubuntu’s security experience, and your input matters. To share feedback or join the conversation, visit Ubuntu’s Discourse page. If you’d like to discuss your deployment needs, please reach out via this contact form.
Stay secure, and happy upgrading.
The Xen Project has released one or more Xen security advisories (XSAs). The security of Qubes OS is not affected.
The following XSAs do affect the security of Qubes OS:
The following XSAs do not affect the security of Qubes OS, and no user action is necessary:
sudo xl list -l <NAME_OF_HVM>
in dom0 and noting the absence of a "viridian": true
line.Qubes OS uses the Xen hypervisor as part of its architecture. When the Xen Project publicly discloses a vulnerability in the Xen hypervisor, they issue a notice called a Xen security advisory (XSA). Vulnerabilities in the Xen hypervisor sometimes have security implications for Qubes OS. When they do, we issue a notice called a Qubes security bulletin (QSB). (QSBs are also issued for non-Xen vulnerabilities.) However, QSBs can provide only positive confirmation that certain XSAs do affect the security of Qubes OS. QSBs cannot provide negative confirmation that other XSAs do not affect the security of Qubes OS. Therefore, we also maintain an XSA tracker, which is a comprehensive list of all XSAs publicly disclosed to date, including whether each one affects the security of Qubes OS. When new XSAs are published, we add them to the XSA tracker and publish a notice like this one in order to inform Qubes users that a new batch of XSAs has been released and whether each one affects the security of Qubes OS.
20 October, 2025 09:51AM by xiaofei
20 October, 2025 09:31AM by xiaofei
20 October, 2025 06:29AM by xiaofei
Currently if you have an automatically installed package A (= 1) where
and you upgrade B from 1 to 2; then you can:
If A was installed by a chain initiated by Recommends (say X Rec Y, Y Depends A), the solver sometimes preferred removing A (and anything depending on it until it got).
I have a fix pending to introduce eager Recommends which fixes the practical case, but this is still not sound.
In fact we can show that the solver produces the wrong result for small minimal test cases, as well as the right result for some others without the fix (hooray?).
Ensuring sound removals is more complex, and first of all it begs the question: When is a removal sound? This, of course, is on us to define.
An easy case can be found in the Debian policy, 7.6.2 “Replacing whole packages, forcing their removal”:
If B (= 2)
declares a Conflicts: A (= 1)
and Replaces: A (= 1)
, then the removal
is valid. However this is incomplete as well, consider it declares Conflicts: A (< 1)
and Replaces: A (< 1)
; the solution to remove A rather than upgrade it would still
be wrong.
This indicates that we should only allow removing A
if the conflicts could not be solved
by upgrading it.
The other case to explore is package removals. If B is removed, A should be removed as well;
however it there is another package X that Provides: B (= 1)
and it is marked for install,
A should not be removed. That said, the solver is not allowed to install X to satisfy the
depends B (= 1)
- only to satisfy other dependencies [we do not want to get into endless
loops where we switch between alternatives to keep reverse dependencies installed].
To solve this, I propose the following definition:
Definition (sound removal): A removal of package P
is sound if either:
v
is installed that package-conflicts with B.Q
is removed and the installable versions of P package-depends on Q.where the other definitions are:
Definition (installable version): A version v
is installable if either it is installed,
or it is newer than an installed version of the same package (you may wish to change this to
accomodate downgrades, or require strict pinning, but here be dragons).
Definition (package-depends): A version v
package-depends on a package B if either:
v
that can be solved by any version of B
, orC
where v package-depends C
and any (c in C) package-depends B
(transitivity)Definition (package-conflicts): A version v
package-conflicts with an installed package B
if either:
C
where v package-conflicts C
,
and b package-depends C
for installable versions b.One approach may be to implement the logic in the conflict analysis that drives backtracking, i.e.
we assume a package A
and when we reach not A
, we analyse if the implication graph for not A
constitutes a sound removal, and then replace the assumption A
with the assumption
A or "learned reason
.
However, while this seems a plausible mechanism for a DPLL solver, for a modern CDCL solver, it’s
not immediately evident how to analyse whether not A
is sound if the reason for it is a learned
clause, rather than a problem clause.
Instead we propose a static encoding of the rules into a slightly modified SAT solver:
Given c1, …, cn that transitive-conflicts A and D1, …, Dn that A package-depends on, introduce the rule:
A unless c1 or c2 or ... cn ... or not D1 or not D2 ... or not Dn
Rules of the form A... unless B...
- where A...
and B...
are CNF - are
intuitively the same as A... or B...
, however the semantic here is different:
We are not allowed to select B...
to satisfy this clause.
This requires a SAT solver that tracks a reason for each literal being assigned,
such as solver3, rather than a SAT solver like MiniSAT that only tracks reasons across
propagation (solver3 may track A depends B or C
as the reason for B
without evaluating
C
, whereas MiniSAT would only track it as the reason given not C
).
The proposed definition of a sound removal may still proof unsound as I either missed something in the conclusion of the proposed definition that violates my goal I set out to achieve, or I missed some of the goals.
I challenge you to find cases that cause removals that look wrong :D
16 October, 2025 09:56AM by xiaofei
The latest SKUDONET Enterprise Edition update (10.0.13) brings meaningful improvements that strengthen performance, security, and usability—especially for administrators managing complex, high-demand environments. Rather than introducing a long list of minor adjustments, this version focuses on upgrades that directly impact daily operations.
The most visible change is the update of the web interface framework to Angular 20. This upgrade improves how the platform feels and performs from the very first interaction:
For IT teams, this translates into a cleaner, more responsive environment that reduces friction during configuration, monitoring, and maintenance tasks.
Another key improvement is updating the system kernel to version 6.1.153. This change brings important benefits in terms of stability and long-term support. The new version enhances compatibility with modern hardware and virtualized environments, ensuring more consistent performance across current infrastructures.
Security is also strengthened with the inclusion of recent patches that help protect production environments. While this update requires a system reboot, it reinforces the foundation for critical deployments and ensures more robust long-term operation.
Managing multiple farms in high-traffic environments demands efficiency. Version 10.0.13 introduces optimizations in two key areas:
Beyond the major updates, version 10.0.13 includes several enhancements that strengthen security, traceability, and system integration:
Two bug fixes have also been applied:
Enterprise Edition version 10.0.13 delivers enhancements that improve security and provide a more responsive interface. With strengthened cookie handling, login audit logging, faster farm operations, and the updated GUI, administrators can manage complex environments more efficiently.
As always, plan a convenient maintenance window for the kernel update to ensure a smooth deployment. For guidance on upgrading or validating these improvements in your environment, our support team is available to assist.
If you work with SKUDONET Enterprise Edition or want to stay up to date with the latest technical updates, visit our Timeline.
If you’d like to experience these improvements firsthand, try the SKUDONET Enterprise Edition 30-day trial.
16 October, 2025 07:08AM by Nieves Álvarez
O Diogo ficou afectado da garganta? O Miguel perdeu o comboio? A culpa é da IA! De regresso da Festa do Software Livre, comentámos alguns momentos altos do magnífico certame, fizemos pouco de economistas, da CP e de pessoas e comunidades de Software Livre que enviarão cartas iradas ao Provedor do Podcast. Babámo-nos com o novo Raspberry Pi 500+; revimos as últimas novidades do Firefox 144; as últimas versões 20.04 e 24.04 do Ubuntu Touch; o grande festão Intercidades que vai acontecer a 25 de Outubro em Lisboa e Porto e ainda discutimos DRAMA à volta da Canonical e Flatpaks, para pegar fogo à tenda do circo.
Já sabem: oiçam, subscrevam e partilhem!
Este episódio foi produzido por Diogo Constantino, Miguel e Tiago Carrondo e editado pelo Senhor Podcast. O website é produzido por Tiago Carrondo e o código aberto está licenciado nos termos da Licença MIT. (https://creativecommons.org/licenses/by/4.0/). A música do genérico é: “Won’t see it comin’ (Feat Aequality & N’sorte d’autruche)”, por Alpha Hydrae e está licenciada nos termos da CC0 1.0 Universal License. Os separadores de péssima qualidade foram tocados ao vivo e sem rede pelo Miguel, pelo que pedimos desculpa pelos incómodos causados. Este episódio e a imagem utilizada estão licenciados nos termos da licença: Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0), cujo texto integral pode ser lido aqui. Estamos abertos a licenciar para permitir outros tipos de utilização, contactem-nos para validação e autorização. A arte de episódio foi criada por encomenda pela Shizamura - artista, ilustradora e autora de BD. Podem ficar a conhecer melhor a Shizamura na Ciberlândia e no seu sítio web.
The image hosting service Imgur is no longer accessible in the UK. It's easy to do a web search on this topic, for example: https://help.imgur.com/hc/en-us/article … ed-Kingdom https://www.bbc.com/news/articles/c4gzxv5gy3qo
This affects BunsenLabs because the image upload utilities we ship use Imgur by default - both our in-house scripts and the xfce4-screenshooter.
Eventually, once we know this is permanent, we will have to provide different scripts, but in the meantime we request BunsenLabs forum users who want their images to be viewable in the UK to upload them to some other service.
There is a new application available for Sparkers: Mousam What is Mousam? Features: – Displays real-time temperature, humidity, wind speed, UV index, pressure and more – Utilizes graphical representations, such as temperature , precipitation graphs and wind-speed with direction to provide an hourly forecast for the next 24 hours – Also shows tomorrow and 7-day forcasts – See conditions…
15 October, 2025 06:23PM by pavroo
Hello, Community! The holiday season in the Northern hemisphere is over and it's very visible in the commit log. There are lots of things that happened in VyOS in September — that includes a new, more performant kernel mode NetFlow sensor; the equally long-awaited support for using firewall groups in WAN load balancing rules; improvements that will hopefully make config corruption on power loss very unlikely; TLS support for syslog; and many more smaller features and fixes.
15 October, 2025 03:15PM by Daniil Baturin (daniil@sentrium.io)
15 October, 2025 11:31AM by Thomas Perl (m@thp.io)
15 October, 2025 09:23AM by xiaofei
In 2023, Zevenet officially became SKUDONET, marking a new chapter in the development of a trusted load balancing and security platform. While the name changed, the core mission remained the same: providing high availability, performance, and advanced security for web applications. This evolution represents continuity in technology, while also introducing major updates, new features, and enterprise-grade enhancements.
On March 17, 2025, we communicated the transition from Zevenet to SKUDONET, emphasizing the continuity of the product and its technology. Since then, SKUDONET has seen rapid development, with twenty new software versions, thirty-one new features, thirty-six major improvements, and ten new security-focused capabilities released between 2023 and 2025.
Among the most notable updates, SKUDONET introduced IPDS Security Reports, providing real-time and historical insights into network security, and added support for FQDNs in HTTP backends, allowing more flexible farm management. The platform migrated to a Debian 12.5 LTS-based OS to ensure enhanced security and long-term support. WAF configuration became more efficient with the ability to import rules directly, streamlining deployment in complex environments.
Beyond features, SKUDONET also refined the core experience. The user interface was modernized to be responsive, intuitive, and personalized to branding, making navigation smoother and more efficient. Weighted Round Robin algorithms were enhanced to balance traffic more precisely, while TLS and SSL auditing capabilities were strengthened to provide higher security standards. HTTP profiling became an integrated tool for debugging and troubleshooting, giving teams deep visibility into application performance.
Security received dedicated attention, with granular WAF controls that allow enabling or disabling rules per service, and new mechanisms to restore previous WAF configurations effortlessly. The platform also incorporated IPDS statistics graphs for anomaly detection and added protections against IP spoofing through X-Forwarded-For filtering.
SKUDONET’s Enterprise Edition v10 represents the culmination of these improvements, built on Debian 12.5 LTS and optimized for the SVA10000 Virtual Appliance and the SBA10000 Baremetal Appliance. It offers reinforced security, higher scalability, superior traffic and concurrency management, and increased CPU and memory efficiency for demanding workloads.
Meanwhile, the Community Edition v7 continues to provide a free, open-source option, now with integrated ModSecurity v3 WAF, allowing protection against attacks like SQL Injection and DDoS without extra configuration. Its stability and performance for high-traffic environments make it a reliable choice for organizations seeking an entry point into the platform.
The GUI overhaul has improved usability across all interfaces. Tools were reorganized for intuitive workflows, a dark mode was added, and the upgrade to Angular v18 improved graphics rendering and responsiveness across major browsers. These enhancements ensure that both Enterprise and Community users benefit from a smoother, more productive experience.
SKUDONET also strengthened its position in the industry through strategic partnerships, including integrations with PICOPC for optimized network performance, Virtual Cable for secure virtual desktop access, Fortiva for technology consulting, and StirlingNet for WAAP services in Oracle-based environments. Additionally, SKUDONET became an official OWASP sponsor, actively contributing to the ModSecurity Core Rule Set (CRS) project.
Now we’re taking it one step further: SkudoCloud, our SaaS solution for cloud-based load balancing and security.
SkudoCloud brings all the capabilities of SKUDONET Enterprise Edition to the cloud — no infrastructure, no deployment, no maintenance. In just minutes, organizations can start managing application delivery and protection through a fully managed platform designed for simplicity and reliability.
With SkudoCloud, you get:
• Instant deployment with no local infrastructure
• Multi-layer traffic load balancing (L4/L7) with advanced algorithms
• Integrated advanced security (WAF, DDoS, Bot mitigation)
• Centralized dashboard with role- and instance-based permission management
• Seamless automatic updates with zero downtime
SkudoCloud extends SKUDONET’s capabilities beyond on-premises appliances, giving enterprises the agility to manage application delivery and security in modern hybrid and cloud infrastructures while maintaining the same level of control and visibility.
Maddalena S.p.A., a leader in water and thermal energy measurement, leveraged SKUDONET to simplify infrastructure, reduce operational complexity, and enhance application protection. The solution allowed centralized management, advanced WAF protection, and proactive technical support, resulting in improved performance and reduced operational costs. According to the client, “SKUDONET exceeded our expectations with robust support and optimized performance.”
SKUDONET is the technical continuation of Zevenet, combining a proven foundation with modern enhancements in load balancing, security, and enterprise capabilities. Its evolution demonstrates the platform’s commitment to performance, reliability, and protection for web applications, providing both Community and Enterprise users with tools to optimize infrastructure and security effectively.
For a detailed timeline of SKUDONET’s evolution and technical improvements, visit our Knowledge Base and product timeline.
15 October, 2025 06:55AM by Nieves Álvarez
This year we are calling to FREE THE INTERNET! By supporting Tor, your donation will help break the chains of censorship and surveillance. If you give now during the campaign, your donation will be matched by our supporters at Power Up Privacy. This means a $25 donation will have a $50 impact — and all donations over $25 will qualify you for fun Tor merchandise. 👀
At the Tor Project, along with our incredible community of supporters, we're not just envisioning a free internet — we're building it:
In countries like Turkmenistan where access to information is tightly controlled, Turkmen.news trusts Tor to provide safe access to the free internet where it once did not exist.
Freedom of the Press Foundation uses Tor as the backbone of SecureDrop, a tool that allows journalists and sources to communicate freely without fear of retaliation or exposure.
In Russia and Egypt, where authorities often block encrypted tools to control communications, individuals use Tor Browser to access encrypted email services like Tuta Mail to freely communicate.
Tor is a building block for a free internet, and it takes our collective efforts to improve and amplify it. That’s why during the next three months, the Tor Project will be holding a fundraising campaign during which we ask for your support to advance digital freedom.
To learn more about how Tor is freeing the internet from surveillance and censorship, and how we are putting charitable donations to work, please tune into our annual State of the Onion virtual event to learn more. Save these dates and make your donation today!
State of the Onion – the Tor Project (Wednesday, November 12)
The State of the Onion is the Tor Project's annual virtual event where we share updates from the Tor Project and the Tor community. The event on November 12 will focus on the Tor Project and the organization’s work.
📺 Stream live on our YouTube channel
State of the Onion – Community (Wednesday, December 10)
The State of the Onion is the Tor Project's annual virtual event where we share updates from the Tor Project and the Tor community. The event on December 10 will be a special day celebrating the UN’s adoption and proclamation of the Universal Declaration of Human Rights (UDHR) in 1948 as well.
📺 Stream live on our YouTube channel
Make a donation: Donate through our website (or any other method listed on our FAQ) and your donation will be matched, 1:1, up to $250,000.
Ask the company you work for if they will match your donation: Many corporations will match their employees’ donations to charitable organizations. Ask at work if your company will match your gift.
Share on social media: Let the people in your networks know that all donations to the Tor Project are currently being matched. You can easily share a post from our social channels: Mastodon, Bluesky, X, and more.
Subscribe to Tor News: No ads. No tracking. Just low-traffic Tor updates via email.
Thank you for supporting a free internet.
Drawing is a basic image editor that can resize, crop, or rotate an image. You can apply simple filters, insert or censor text, and manipulate a selected portion of the picture (cut/copy/paste/drag/…)
The post Drawing App Now Available appeared first on Purism.
14 October, 2025 10:55PM by Purism
Welcome back! In our August update, we mentioned that PureOS Crimson alpha images are released. With the alpha milestone closed, we now push on toward beta.
Now that Crimson alpha images are installable, we're focusing on the out-of-box experience - what happens when you turn on your device for the first time with PureOS Crimson. Most of the fixes this month improve the out-of-box experience.
The post PureOS Crimson Development Report: September 2025 appeared first on Purism.
14 October, 2025 06:38PM by Purism
The recent 60 Minutes segment on Chinese hacks to America’s critical infrastructure was not new news. IT was a very powerful remainder that highlighted some of the root causes of our national cyber weaknesses.
The post 60 Minutes Uncovers Hacks on America’s Infrastructure appeared first on Purism.
14 October, 2025 03:03PM by Purism
The history of computing is a story of incredible change, but not every revolution happens at the same speed. It took decades to downsize the mainframe, invent the microprocessor, and bring computing into personal devices. Today, we are witnessing a new era: the move from massive, centralized AI clusters to powerful, on-device AI PCs. And it’s happening at an explosive pace. This article explores why the second revolution is so much faster, and how years of advancements in the Ubuntu ecosystem have helped facilitate this shift.
As consumers demand more AI capabilities at their fingertips, a move from massive, centralized GPU clusters to on-device AI is currently happening, at a fast pace. NVIDIA has just announced the availability of DGX Spark for AI developers. The system is designed from the ground up to build and run AI.
NVIDIA DGX Spark brings enormous computing power to the hands of developers. It delivers 1 petaFLOP of AI performance in a power-efficient, compact design. With 128 GB of unified system memory, the Blackwell GPU and the Grace CPU with 20 ARM cores, it can handle AI models of up to 200B parameters. Using NVIDIA ConnectX networking, two DGX Spark systems can be connected to work on even larger models up to 405B parameters. This setup provides a robust platform for prototyping, fine-tuning, and inferencing large models locally DGX Spark provides a full stack solution for AI developers including the NVIDIA AI software stack to accelerate AI workloads and support an incredible third-party developer ecosystem.
The NVIDIA DGX Spark operating system, DGX OS, is based on Ubuntu. DGX OS makes use of Ubuntu’s established ecosystem and trusted repositories to accelerate development. The Ubuntu ecosystem brings years of open-source maturity in the software stack, especially the software stack around the CUDA runtime and CUDA development tools. Canonical helps ensure a secure computing environment by maintaining consistent updates, patching thousands of open-source packages and addressing CVEs in a timely manner.
Ubuntu brings three fundamental pillars to enrich the developer experience in the DGX OS:
Because Ubuntu Server and Ubuntu Desktop share the same core kernel, they are not separate operating systems. This unified foundation allows developers to install server packages on the desktop and vice-versa. As a result, Ubuntu desktop benefits from years of mature development in the CUDA ecosystem on Ubuntu servers. AI workloads running on massive cloud clusters can use the exact same software stack on DGX OS, creating a consistent and stable development environment.
Canonical has supported Arm processors since 2011, establishing Ubuntu as a scalable platform for AI on both servers and devices. This long-standing and consistent support for the 64-bit Armv8 architecture ensures NVIDIA DGX Spark, which features an ARM-based Grace CPU, is fully supported from its launch.
DGX OS leverages Ubuntu’s mature package management and resilient software supply chain to be a production-ready platform. It inherits trusted repositories, ensuring software is validated. Additionally, Canonical’s Expanded Security Maintenance (ESM), available through Ubuntu Pro, provides timely security patches for open source packages, which are critical for AI and data science workloads.
By building DGX OS on Ubuntu, NVIDIA could leverage the same software that runs on cloud servers for a compact desktop device. This was possible due to Ubuntu’s mature support for Arm processors and its securely-designed software supply chain, which created a stable, production-ready platform and significantly sped up development.
The NVIDIA AI platform software architecture makes it possible for DGX Spark users to easily move their models from their desktop to DGX Cloud or any accelerated cloud or data center infrastructure, making it easier to prototype, fine-tune, and iterate.
To give developers a familiar experience, NVIDIA DGX Spark mirrors the same software architecture that powers industrial-strength AI factories. It comes preconfigured with the latest NVIDIA AI software stack, along with developer program access to NVIDIA NIM™ and NVIDIA Blueprints. This means developers can hit the ground running using leading open source AI models and common tools such as PyTorch, Jupyter, and Ollama to prototype, fine-tune, and inference on NVIDIA DGX Spark and easily deploy in the data center or cloud. With DGX Spark, developers benefit from a familiar environment and a streamlined setup experience via a setup wizard that ensures fast onboarding.
The introduction of NVIDIA DGX Spark marks an exciting milestone in desktop AI computing. As AI continues to transform industries and drive innovation, tools like DGX Spark will play a crucial role in democratizing access to powerful AI development resources. At Canonical, we’re excited to continue our collaboration with NVIDIA, supporting the AI community with robust, open-source solutions that power the next generation of AI breakthroughs.
Learn more about Canonical’s work with NVIDIA
14 October, 2025 02:30AM by xiaofei
14 October, 2025 02:16AM by xiaofei
Change the home page of Tor Browser in Tails to an offline page, very similar to the home page of Tor Browser outside of Tails, instead of an online page from our website.
Improve the message when an administration password is required to open an application but no administration password was set in the Welcome Screen.
Update Tor Browser to 14.5.8.
Update the Tor client to 0.4.8.19.
Update Thunderbird to 140.3.0.
Remove the package ifupdown
.
Hide the message "Your connection to Tor is not being managed by Tor Browser" in new tabs of Tor Browser. (#21215)
For more details, read our changelog.
Automatic upgrades are available from Tails 7.0 or later to 7.1.
If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade.
Follow our installation instructions:
The Persistent Storage on the USB stick will be lost if you install instead of upgrading.
If you don't need installation or upgrade instructions, you can download Tails 7.1 directly:
From Code to Control: How Big Tech Claims Ownership of the User
September 2025 has been a brutal reminder of a truth we at Purism have been voicing for years: code is power. And when that code is closed, opaque, or controlled by Big Tech vendors who prioritize convenience or monetization over user rights, the end-user becomes the product, not the principal.
The post Code is Power! appeared first on Purism.
13 October, 2025 07:51PM by Purism
A little more than 2 months after Debian, we’re finally releasing Mobian Trixie as our new stable release! We’re also taking this opportunity to start rotating the PGP/GPG keys we’re using for signing both our images and package archive.
Over 2 years in the making, and with a small delay following the Debian release, we’re proud to finally announce Mobian Trixie has just been released and is therefore our new stable!
This release offers images based on Phosh 46.0 and Plasma Mobile 6.3, running a 6.12 kernel for almost all supported devices (the Librem 5 is still using a 6.6 kernel), the list of which is growing as we now provide stable images for the following phones and tablets:
Trixie images are also available for the following devices, although important hardware features (such as e.g. WiFi or audio) are not working:
Please check our installation instructions and download the image for your device.
Although we do our best to provide a smooth upgrade path for each Mobian release, as a downstream Debian derivative, and the mobile software stack being a quickly moving target, major Mobian upgrades are usually trickier than we’d hoped for. This time is no exception, and therefore we highly recommend that you backup all your personal data, flash your device with a fresh Trixie image, then restore your files.
If you feel brave enough to go the “manual upgrade” route, here are a few tricks you should know:
openssh-server
and execute the entire upgrade process over SSH
(and preferrably using screen
or a similar tool, so the upgrade can carry
on even if the network connection is lost)apt update && apt dist-upgrade
at least twice:
the first time it will update the Mobian keyring package, the second
invocation will pull in the latest updates for Mobian-specific packages/etc/apt/sources.list
and
/etc/apt/sources.list.d/mobian.list
, replacing all occurences of
bookworm
with trixie
in both files; you should then stop the
greetd
service (this will stop all running graphical applications, and is
why SSH is needed!) and run apt update && apt dist-upgrade
once againapt dist-upgrade
which
start with mobian-
as those will have to be reinstalled later on to restore
full functionality of your device; please note that some packages have been
renamed/replaced in Trixie, so it can be expected to see e.g. phog
or
pinephonepro-tweaks
in the list of removed packagesmobian-*
packages removed in the previous step; this will
remove pulseaudio
from the system, which is to be expected as Mobian now
relies on (and mandates the use of) PipeWireapt autoremove
to clean up unneeded packagesUnfortunately, we haven’t been able to fix the issues preventing us from providing installer images for Trixie. However, you can still install Trixie with full disk encryption, even though the process is a tiny bit less user-friendly.
First, you’ll have to download
(and unpack) or clone the mobian-recipes
repository:
git clone https://salsa.debian.org/Mobian-team/mobian-recipes.git -b mobian-trixie
Once this is complete, enter the mobian-recipes
folder and:
README.md
file ./build.sh -t <device> -c -R <password>
This will generate an encrypted image you can flash directly to your device and
decrypt using the provided <password>
. <device>
can be one of the following:
amd64
for x86-64 computerslibrem5
for the Purism Librem 5rockchip
for the PINE64 PinePhone Pro and PineTab 2sc7280
for devices based on the Qualcomm SC7280 SoC (Fairphone 5)sdm670
for devices based on the Qualcomm SDM670 SoC (Google Pixel 3a/3a
XL)sdm845
for devices based on the Qualcomm SDM845 SoC (OnePlus 6/6T,
Pocophone F1, SHIFT6mq)sm6350
for devices based on the Qualcomm SM6350 SoC (Fairphone 4)sunxi
for the PINE64 PinePhone and PineTabWe have been using a single GPG key since we first started to sign our images and package repositories. Replacing it has been on our roadmap for quite a while, but we needed to ensure our users would have a painless upgrade path.
We therefore decided to stick with the current key for Trixie (at least for now) and use new keys for the subsequent releases. As a matter of fact, we’ve created 4 new keys:
forky
, staging
and trixie
package repositories782C 6C58 B583 FE96 6CEE 44EB F8BD AB78 BEE2 46C2
) will
be dedicated to signing the imagesMoreover, we’re now using a signing-only subkey rather than the main key, allowing the latter to be passphrase-protected. They’re being deployed according to the following agenda:
forky
package archive is already being signed with the corresponding
key (fingerprint B174 17D5 C4B1 6F65 EE4F B75A 2DB8 7A16 935C 56F1
)staging
repository will switch to the new key (fingerprint
5F17 F59A 9615 87EA A5D1 1E44 A207 DED0 81BB FABF
) once the updated
mobian-archive-keyring
package hits Debian testing, a few days from nowtrixie
key (fingerprint
248C 06CE D075 774B FD69 9C09 E8B4 9A42 1214 09B5
) for the corresponding
archive; the only certainty is that we won’t deploy it before an updated
version of mobian-archive-keyring
is available in Debian stableShould you encounter errors updating your Mobian packages, please ensure first
that you have a recent enough version of the mobian-archive-keyring
package
(which is 20251011.0
at the time of this writing). If the problem persists,
feel free to reach out on Matrix for
additional help (please start by searching through the recent conversation
history, as this issue may have been already discussed and solved).
Those keys can also be manually downloaded using the following link.
11 October, 2025 08:43AM by xiaofei
11 October, 2025 05:39AM by xiaofei
October 9, 2025 – The Kubuntu team is thrilled to announce the release of Kubuntu 25.10, codenamed “Questing Quokka”!
As a community-driven flavor of Ubuntu, Kubuntu continues its mission to deliver the cutting-edge KDE software ecosystem on top of Ubuntu’s rock-solid foundation. This interim release, aligned with Ubuntu’s six-month cycle, packs in the freshest updates to Plasma, Frameworks, and applications, ensuring a smooth, performant desktop experience for millions of users worldwide.
Building on the Ubuntu 25.10 base released today by Canonical, Kubuntu 25.10 introduces Plasma 6.4 as the flagship update, alongside Qt 6.9, KDE Frameworks 6.17.0, and the latest KDE Gear 25.08 suite.
We’ve also upgraded to Linux kernel 6.17 for enhanced hardware support and efficiency. Whether you’re a developer, creator, or everyday user, this release emphasizes Wayland adoption, modern security, and seamless integration with the open source world.
Kubuntu remains completely free to download, use, and share—empowering our global community to innovate without barriers. Download it now from kubuntu.org/getkubuntu and join the conversation in our forums or IRC channels.
Here are three standout enhancements that Kubuntu 25.10 brings to your desktop, designed to make your workflow faster, more secure, and visually stunning:
Beyond these highlights, Kubuntu 25.10 inherits Ubuntu’s robust platform upgrades:
This release underscores Kubuntu’s commitment to being at the heart of the open source ecosystem—pushing boundaries with KDE while riding Ubuntu’s reliable waves. A huge thank you to our volunteer contributors, testers, and the upstream KDE team for making this possible.
Ready to quokka-hop into the future? Upgrade today or install fresh. Questions? Head to https://discourse.ubuntu.com/c/flavors/kubuntu/187 or ping us on Matrix at #kubuntu:matrix.org.
Stay tuned for the Ubuntu Summit on October 23-24, where we’ll showcase more on Kubuntu’s role in open source innovation
P.S New updated website coming soon…. keep an eye on kubuntu.org for when we switch
Ubuntu 25.10, codenamed “Questing Quokka”, is here. This release continues Ubuntu’s proud tradition of integrating the latest and greatest open-source technologies into a high-quality, easy-to-use Linux distribution. The team has been hard at work through this cycle, partnering with the community and our partners, to introduce new features and fix bugs.
Ubuntu 25.10 introduces GNOME 49 with media and power controls on the lock screen, HDR brightness settings, and enhanced accessibility features in line with the European Accessibility Act. New apps include Loupe, a modern image viewer, and Ptyxis, a lightweight terminal emulator.
Built on the Linux 6.17 kernel, this release brings nested virtualization on Arm, early Intel TDX host support for confidential computing, and enhanced support for TPM-backed full disk encryption with passphrase support, recovery key management and better integration with firmware updates. Network Time Security (NTS) is enabled by default for more secure time synchronization.
Developer experience advances with updated toolchains for Python 3.13.7 and availability of 3.14 RC3, GCC 15, Rust 1.85, Go 1.25, OpenJDK 25, and previews of .NET 10 and Zig.
Ubuntu 25.10 also debuts Rust-based implementations of sudo and coreutils for improved memory safety, and adopts the new RVA23 profile as the baseline for RISC-V, paving the way to Ubuntu 26.04 LTS.
The newest Edubuntu, Kubuntu, Lubuntu, Ubuntu Budgie, Ubuntu Cinnamon, Ubuntu Kylin, Ubuntu MATE, Ubuntu Studio, and Xubuntu are also being released today. More details can be found for these at their individual release notes under the Official Flavours section:
https://discourse.ubuntu.com/t/questing-quokka-release-notes/59220#heading–official-flavours
Maintenance updates will be provided for 9 months for all flavours releasing with 25.10.
In order to download Ubuntu 25.10, visit:
Users of Ubuntu 25.04 will be offered an automatic upgrade to 25.10 if they have selected to be notified of all releases rather than just LTS upgrades. For further information about upgrading, see:
https://ubuntu.com/download/desktop/upgrade
As always, upgrades to the latest version of Ubuntu are entirely free of charge.
We recommend that all users read the release notes, which document caveats, workarounds for known issues, as well as more in-depth notes on the release itself. They are available at:
https://discourse.ubuntu.com/t/questing-quokka-release-notes/59220
Find out what’s new in this release with a graphical overview:
https://ubuntu.com/desktop
https://ubuntu.com/desktop/features
If you have a question, or if you think you may have found a bug but aren’t sure, you can try asking in any of the following places:
https://matrix.to/#/#support:ubuntu.com
https://discourse.ubuntu.com/support
https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
If you would like to help shape Ubuntu, take a look at the list of ways you can participate at:
https://ubuntu.com/community/contribute
Ubuntu is a full-featured Linux distribution for desktops, laptops, IoT, cloud, and servers, with a fast and easy installation and regular releases. A tightly-integrated selection of excellent applications is included, and an incredible variety of add-on software is just a few clicks away.
Professional services including support are available from Canonical and hundreds of other companies around the world. For more information about support, visit:
You can learn more about Ubuntu and about this release on our website listed below:
To sign up for future Ubuntu announcements, please subscribe to Ubuntu’s very low volume announcement list at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-announce
Originally posted to the ubuntu-announce mailing list on Thu Oct 9 09:46:52 UTC 2025 by Utkarsh Gupta, on behalf of the Ubuntu Release Team.
Ubuntu Summit’s decision to go exclusively online, with the exception of those speaking at the Summit in London, UK, is anti-collaborative and turns its back on the very people who make Ubuntu what it is: its community of volunteers and developers. Ubuntu Summit was created from the dust of the Ubuntu Developer Summit in 2022 to recognize the community. It no longer serves that purpose.
As many know, I have been the lead of Ubuntu Studio for more than 7 years. I’m the longest-tenured Ubuntu Studio lead. I owe much of the foundation that was built to my predecessors: Luke Yelavich (founder), Scott Lavender, Kaj Ailomaa, and Set Halstrom. It is a true labor of love for me, and is the foundation for much of what I do.
I have worked myself through the ranks of Ubuntu, becoming a small-time packager for a small set of Ubuntu packages, then the Ubuntu Studio packageset, moving up to MOTU (Master of the Universe). I also served on the Ubuntu Community Council and am a current Discourse moderator.
Community and the love of people is a huge motivation for me. Granted, for those first four years, I hadn’t ever met the people I was collaborating with to make Ubuntu Studio what it is.
Then in August 2022, I was invited to attend the first ever Ubuntu Summit 2022 in Prague, Czechia. Having never travelled abroad before and never having even been off the continent of North America, itself a challenge as getting a U.S. passport is neither cheap nor easy, I was reluctant at first. Then I managed to get my passport, as well as the funds and passports to bring my wife and son to Ubuntu Summit.
That experience changed my life and the life of my entire family. My son, 10 at the time, was the youngest registered attendee. My wife was inspired to bring back Edubuntu, which had been defunct for nine long years by the time it was revived that following spring.
These are the things that happen when you have personal connections with people. If you’ve never read the book before, I encourage you to read Hardwired to Connect, which is a research paper published by a bunch of scientists. In essence, it says that people’s brains are wired, from birth, to engage in communities in for personal, in-person connections. It’s a scientific study that took years and is an excellent introduction to why we are the way we are.
Much of my education revolves around the very idea of building personal communities, which is one reason I was appalled when Ubuntu Summit, starting with 25.10, while it would be twice a year, it would be online-only except for the speakers. Having spoken at the past three, I was planning to take a year off from speaking, while still being there to represent as an Ubuntu Flavor Lead with my wife, also a now Flavor Lead.
If it weren’t for that initial Ubuntu Summit, in person, my wife and son would not have been as interested or as involved as they are today. The subsequent years only strengthened that involvement.
Now, it’s going to be an online-focused approach. I get it. It’s cheaper and easier. Also, those attending online were just watching a livestream anyhow. The Local Communities (LoCos) can get together on their own if they want to do a big event. It’s easier to reach more people if you do everything online.
Except it’s not.
For instance, the nearest active LoCo to me, in the Seattle-Tacoma area, is the Southern California LoCo. Meetups with them are logistically impossible. Same if I were to go to the Arizona LoCo; it’s just not possible. Most of the states in the United States are huge, so if there were one LoCo per state, it wouldn’t be correct. To be honest, I have no desire, time, or energy left to start and lead a LoCo in my area. Besides that, there used to be one for my state, but it’s long gone.
Furthermore, with the exception of me and my wife, us flavor leads are scattered to the globe. It used to be that we would meet online throughout the year every other month and then meet together once a year at Ubuntu Summit. That’s gone now.
Again, I get it. Canonical is a company that is and always has been majority remote work. Except for one thing: they get together twice a year in-person, and are even given T-Shirts to celebrate the immediately-prior release which was partially built by volunteers. Those of us who give our time, energy, and effort to the Ubuntu community aren’t given that in-person experience, let alone a T-Shirt. The very lifeblood of what makes Ubuntu so great isn’t given the ability to meet in-person. That’s been stripped from us, and it came as a complete surprise.
I’m not without ideas for solutions to problems, though. Rather than be completely destructive in this post, I can be constructive. My solution to this would be a compromise:
yy.04
release
yy.10
releaseI don’t think this is too much to ask. The reward of personal connections when doing something remote for most of the year is a small price to pay, no matter the cost. Personal connections are tantamount to a healthy community.
I think my compromise would prevent the Summit from dying just like the Ubuntu Developer Summit did once it went online-only. The way I see it is with the current status-quo, history is repeating itself.
I’m sure people at Canonical don’t see it this way because they meet with the people they work with the most twice a year. Those of us from the Ubuntu community that are developers aren’t given that luxury. We’re not even given that luxury once a year now. We’re not even given a T-Shirt!
Am I angry? A little. Do I feel betrayed by the very community I have given so much to over the years? Absolutely. Either way, I believe an online-only Summit is anti-collaborative in that it removes personal connections from the equation, which goes against the very fiber of my being.
Thank you for reading this, and I hope this reaches the people I’m trying to reach and have it speak for those who either won’t speak-up or don’t think they can make a difference.
The Ubuntu Studio team is pleased to announce the release of Ubuntu Studio 25.10 code-named “Questing Quokka”. This marks Ubuntu Studio’s 37th release. This release is a Regular release and as such, it is supported for 9 months, until July 2026.
Since it’s just out, you may experience some issues, so you might want to wait a bit before upgrading. Please see the release notes for a more complete list of changes and known issues. Listed here are some of the major highlights.
You can download Ubuntu Studio 25.10 from our download page.
The Ubuntu Studio 25.10 disk image (ISO) exceeds 4 GB and cannot be downloaded to some file systems such as FAT32 and may not be readable when burned to a standard DVD. For this reason, we recommend downloading to a compatible file system. When creating a boot medium, we recommend creating a bootable USB stick with the ISO image or burning to a Dual-Layer DVD.
Minimum installation media requirements: Dual-Layer DVD or 8GB USB drive.
Images can be obtained from this link: https://cdimage.ubuntu.com/ubuntustudio/releases/25.10/release/
Full updated information, including Upgrade Instructions, are available in the Release Notes.
Upgrades from 25.04 should be enabled within a month after release, so we appreciate your patience. Upgrades from 24.04 LTS will be enabled after 25.04 reaches End-Of-Life in January 2026.
After a long hiatus, Internet DJ Console (IDJC) has returned. This package for creating and running Internet-based radio stations had been removed from Debian, but has returned, and therefore, returned to Ubuntu Studio!
Ubuntu Studio now includes JackTrip! JackTrip serves two purposes: low-latency networked JACK audio within your network, and low-latency Internet audio collaboration. Bands are even known to jam remotely using JackTrip’s services!
It supports any number of channels (as many as the computer/network can handle) of bidirectional, high quality, uncompressed audio signal streaming.
We came to the realization that we needed to support musicians a little better, so we added a few instrument and musical plugins to assist with that:
This release contains PipeWire 1.4.7.
PipeWire’s JACK compatibility is configured to use out-of-the-box and is zero-latency internally. System latency is configurable via Ubuntu Studio Audio Configuration and can now be configured on a per-user basis instead of globally.
Speaking of Audio Configuration, we have added a number of options for configuring the PipeWire JACK compatibility, as can be seen in the image below. Additionally, buffer size can now be configured from within any JACK application that supports it, such as Patchance, Carla, Ardour, and more!
This is, as of this writing, the latest release of Ardour, packed with the latest bugfixes.
To help support Ardour’s funding, you may obtain later versions directly from ardour.org. To do so, please one-time purchase or subscribe to Ardour from their website. If you wish to get later versions of Ardour from us, you will have to wait until the next release of Ubuntu Studio, due in April 2026.
Q: Does Ubuntu Studio contain snaps?
A: Yes. Mozilla’s distribution agreement with Canonical changed, and Ubuntu was forced to no longer distribute Firefox in a native .deb package. We have found that, after numerous improvements, Firefox now performs just as well as the native .deb package did.
Thunderbird also became a snap so that the maintainers can get security patches delivered faster.
Additionally, Freeshow is an Electron-based application. Electron-based applications cannot be packaged in the Ubuntu repositories in that they cannot be packaged in a traditional Debian source package. While such apps do have a build system to create a .deb binary package, it circumvents the source package build system in Launchpad, which is required when packaging for Ubuntu. However, Electron apps also have a facility for creating snaps, which can be uploaded and included. Therefore, for Freeshow to be included in Ubuntu Studio, it had to be packaged as a snap.
We have additional snaps that are Ubuntu-specific, such as the Firmware Updater and the Security Center. Contrary to popular myth, Ubuntu does not have any plans to switch all packages to snaps, nor do we.
Q: Will you make an ISO with {my favorite desktop environment}?
A: To do so would require creating an entirely new flavor of Ubuntu, which would require going through the Official Ubuntu Flavor application process. Since we’re completely volunteer-run, we don’t have the time or resources to do this. Instead, we recommend you download the official flavor for the desktop environment of your choice and use Ubuntu Studio Installer to get Ubuntu Studio – which does *not* convert that flavor to Ubuntu Studio but adds its benefits.
Q: What if I don’t want all these packages installed on my machine?
A: Simply use the Ubuntu Studio Installer to remove the features of Ubuntu Studio you don’t want or need! Additionally, we include a Minimal Install option that, when used with Ubuntu Studio Installer, will give you the Ubuntu Studio experience for whatever your desktop studio needs!
A wonderful way to contribute is to get involved with the project directly! We’re always looking for new volunteers to help with packaging, documentation, tutorials, user support, and MORE! Check out all the ways you can contribute!
Our project leader, Erich Eickmeyer, is now working on Ubuntu Studio at least part-time, and is hoping that the users of Ubuntu Studio can give enough to generate a monthly part-time income. We’re not there, but if every Ubuntu Studio user donated monthly, we’d be there! Your donations are appreciated! If other distributions can do it, surely we can! See the sidebar for ways to give!
The best way to contact the Ubuntu Studio team is via the Ubuntu Discourse.
Huge special thanks for this release go to:
09 October, 2025 09:49AM by Joseph Lee
October 9, 2025
Today Canonical announced the release of Ubuntu 25.10, codenamed “Questing Quokka,” available to download and install from ubuntu.com/download.
Alongside GNOME 49 and new default applications such as the Ptyxis terminal emulator and the Loupe image viewer, Ubuntu 25.10 introduces notable platform upgrades, from improved Bluetooth audio handling to expanded support for confidential computing features. Ubuntu 25.10 is the first to benefit from memory-safe implementations of “coreutils” and “sudo-rs,” as well as improvements in TPM-backed full disk encryption and support for nested virtualization on Arm.
Ubuntu 25.10 is a statement of intent for the next Ubuntu LTS in 2026. Canonical continues to deliver a resilient, performant Linux operating system trusted by individuals and enterprises alike, from makers and developers to Fortune 500 companies, across hardware from IoT devices to modern datacenters. I’m particularly pleased with the progress on memory-safe utilities, and the enhancements to our TPM-backed full disk encryption.
Jon Seager, VP of Ubuntu Engineering at Canonical
This Ubuntu release is also the first to coincide with a new format of the Ubuntu Summit, where viewers around the world can learn about the latest developments in Ubuntu and open source.
Ubuntu 25.10 features GNOME 49. This update introduces media and power controls on the lock screen, improved accessibility and HDR brightness settings. Users will also find two new applications: Loupe, a modern image viewer, and Ptyxis, a new terminal emulator. These additions are part of a broader effort to modernize Ubuntu’s application set. Selecting the “install restricted extras” option in the installer will now enable support for more Bluetooth codecs (AAC) and enable hardware accelerated screen recording in GNOME, further improving performance.
In line with the European Accessibility Act (EAA), Canonical continues its long-standing effort to make Linux easy for everyone to use. Ubuntu’s App Center and Settings panels come with better support for high contrast mode, keyboard navigation, and screen reading. The login screen also introduces a more prominent accessibility menu, making assistive technologies easier to access from the start.
Ubuntu 25.10 ships with OpenJDK 25, the latest version of Java, and the latest upstream versions for Python (3.14 RC3), Golang (1.25), and GCC (15). Rust 1.85 will be the default, and 1.88 is also available. A preview of the new Zig language compiler is available in this release for amd64
and arm64
.
In addition, this release includes a preview of .NET 10, which is the upcoming .NET LTS due for release in November.
Canonical continues to improve the .NET developer experience on Ubuntu with an enhanced .NET Snapcraft plugin to improve support for monorepo setups, delivering better developer experience with MSBuild through custom flag attributes. In addition, the popular tools from Powershell on Windows are now available in Ubuntu on arm64
, ppc64el
and s390x
platforms through the Powershell snap.
sudo
and coreutils
for improved memory safetyCanonical is committed to increase the resilience of critical system software in Ubuntu by adopting modern implementations of key components like sudo
and coreutils
. As part of this initiative, Ubuntu 25.10 uses sudo-rs
, a new Rust implementation of the sudo
tool. While the Rust-based sudo
is the default in this new release, the traditional sudo
tool is still available for users who need it.
The introduction of a memory-safe sudo delivers many benefits compared to the traditional implementation. For users, a reduced attack surface in the sudo tool will improve Ubuntu’s overall security posture. Canonical welcomes users to test the tool and provide feedback ahead of its inclusion in the upcoming Ubuntu 26.04 LTS.
“At Trifecta Tech Foundation, we aim to make essential building blocks like sudo more secure and robust for everyone,” said Erik Jonkers, Chair at Trifecta Tech Foundation. “Seeing sudo-rs landing in Ubuntu is a huge achievement we’re very excited about. We applaud Canonical for pushing for memory safety and thank them for the collaboration over the past months to get sudo-rs ready for the 25.10 release. We’re confident that by working together and taking in feedback, we can make this a seamless shift that will improve security for Ubuntu’s users.”
Similarly, Ubuntu 25.10 is the first major Linux distribution release to adopt uutils
‘ implementation of coreutils
, which is a ground up reimplementation of the traditional GNU coreutils package in Rust with like-for-like compatibility and memory safety as key goals.
Ubuntu 25.10 offers experimental support for TPM-backed Full Disk Encryption (FDE), providing a way to ensure all content on the disk is encrypted and inaccessible at rest. A TPM, or Trusted Platform Module is a chip found in most modern computers.
TPM-backed FDE is a security method that uses the Trusted Platform Module to store cryptographic keys to encrypt the hard drive, making data unreadable without the correct key at boot time. New features include passphrase support and management, regeneration of the recovery key and better integration with firmware updates, alongside stabilization of the core components of the system to pave the way for the next Ubuntu LTS release. Security-focused users can test this FDE implementation in 25.10, but it’s not yet recommended for production environments.
Following the initial inclusion of Network Time Security (NTS) in Ubuntu 25.04, Questing Quokka ships with NTS enabled by default. NTS enhances Network Time Protocol (NTP) security by providing a cryptographic layer of authentication for the time synchronization process. This increases resilience against man-in-the-middle attacks and similar types of security risks. NTS uses Transport Layer Security (TLS) to ensure that time data comes from a trusted source.
In line with Canonical’s commitment to enable the latest features and hardware support, Ubuntu 25.10 ships with the latest Linux kernel, version 6.17.
Ubuntu 25.10 brings early access to the nested virtualization feature on Arm, following its inclusion in the upstream Linux kernel. Nested virtualization allows cloud providers and developers to run hypervisors inside virtual machines, enabling advanced CI/CD pipelines, flexible testing environments, and stronger workload isolation. Ubuntu 25.10 introduces support of this technology on platforms like NVIDIA Grace and AmpereOne, paving the way for broader use and maturity of nested virtualization on Arm.
As cloud infrastructure becomes more dynamic, the ability to run securely nested workloads is essential to scaling services efficiently while maintaining strong isolation and operational flexibility. With Ubuntu 25.10 enabling nested virtualization on Arm-based platforms both in the cloud and on-premises, developers and operators can advance development and deployment of this powerful capability. Together with Canonical, we’re accelerating the adoption of secure, scalable Arm-based cloud solutions.
Bhumik Patel, Director, Server Ecosystem Development, Infrastructure Business, Arm
This latest interim release of Ubuntu also lays the foundation for native support of Intel TDX with Ubuntu 26.04 LTS as the host operating system. Intel TDX is a technology that creates hardware-isolated virtual machines for confidential computing, making it ideal to support data clean rooms and confidential AI workloads. Ubuntu 25.10 kernels will ship with Intel TDX host support, enabling enterprises to run and receive support for confidential computing on their data centers or private clouds.
With Ubuntu 25.10, Canonical is adopting the recently ratified RVA23 as the baseline profile for its RISC-V builds. RVA23 helps accelerate the growth of the RISC-V ecosystem ensuring compatibility across RISC-V implementations. This early move aligns Ubuntu with RVA23-class solutions reaching the market, and enables early rigorous testing, bug fixing and issue triage. This effort enables RVA23 readiness in Ubuntu 26.04 LTS and provides the RISC-V ecosystem with a predictable roadmap and target.
RISC-V International is excited to see Canonical adopting the RVA23 profile for Ubuntu. RVA23 was ratified to help accelerate widespread implementation of RISC-V among toolchains and operating systems, set the base for high performing modern application processors with support for vectors and hypervisors, and ensure binary compatibility at the application level. Our collaboration with Canonical strengthens the RISC-V software ecosystem and advances the adoption of RISC-V in enterprise applications from IoT to HPC.
Andrea Gallo, CEO of RISC-V International
Readers can tune into the Ubuntu Summit on October 23-24 for a behind-the-scenes look at RVA23 advancements.
Canonical, the publisher of Ubuntu, provides open source security, support and services. Our portfolio covers critical systems, from the smallest devices to the largest clouds, from the kernel to containers, from databases to AI. With customers that include top tech brands, emerging startups, governments and home users, Canonical delivers trusted open source for everyone.
Learn more at canonical.com
A Critical Moment and a Glimpse of the Future
Xubuntu 25.10, codenamed "Questing Quokka," is the fortieth release of the Xfce-powered Ubuntu flavor. Built on the 6.17 Linux kernel, Xfce 4.20, MATE 1.26, and GNOME 49, this release continues to deliver the fast, tightly-integrated, and user-friendly experience that Xubuntu users expect, even on modest hardware.
Today, I&aposll explore where Xubuntu stands as it approaches its twentieth anniversary and share what&aposs new (and what&aposs still rough around the edges) in this release.
The "Questing Quokka" arrives at a pivotal time in Xubuntu&aposs history. In just six months, we&aposll celebrate Xubuntu&aposs twentieth anniversary (technically eight months: 6.06 marks the only time Ubuntu was released in June).
In recent years, our small development team has faced the same challenges as many open-source projects: contributors stepping back, real-world responsibilities growing, and less time to dedicate to day-to-day development.
Beyond that, our involvement with the upstream Xfce project has slowed. Many of us, myself included, once played major roles in shaping Xfce’s direction, contributing countless hours to its design, code, and outreach. Those efforts helped establish the strong foundation Xfce enjoys today.
While we remain proud supporters and collaborators, Xubuntu’s continued growth depends on fresh energy and new contributors. If you’ve ever wanted to make a tangible impact on an open-source desktop environment, this is your moment. Visit the Get Involved page to learn how to help with artwork, development, documentation, QA, marketing, and more.
Now, let’s look at what’s new (and what still needs work) in 25.10.
As mentioned, Xubuntu 25.10 ships with Xfce 4.20, GNOME 49, and MATE 1.26. Like other Ubuntu flavors, it also introduces the new Rust-based sudo-rs
.
If you’re upgrading from Xubuntu 25.04, you’ll find the experience familiar. Most applications have received incremental updates, theming remains consistent, and there are few new user-facing features. The most noticeable changes this cycle? The bugs. 🐞
Late in the cycle, we discovered that several GNOME and libadwaita-based apps have empty window close buttons when using the elementary-xfce icon theme. This affects Disk Usage Analyzer (baobab
), Document Scanner (simple-scan
), Fonts (gnome-font-viewer
), Mines (gnome-mines
), and Sudoku (gnome-sudoku
).
The Scan Options menu icon in Document Scanner is currently invisible. This issue has been reported upstream to the elementary-xfce GitHub tracker.
Due to a Fuse/AppArmor conflict in Ubuntu 25.10, installing Flatpak packages currently fails. Work is underway to resolve this, and Flatpak support should return soon.
Xubuntu 25.10’s graphical SSH agent isn’t functioning as expected. Without it, SSH key passphrases must be entered each time. Investigation continues, and a fix may land before the next release.
Some users may see duplicate network icons, especially in virtual machines. One appears via the Xfce Indicator Plugin and the other via the Systray Plugin. Removing the Indicator Plugin resolves this... something we’re considering doing by default for 26.04.
When first locking your screen, you might notice that the lock screen wallpaper defaults to Xfce’s background instead of Xubuntu’s. Changing (and reapplying) your wallpaper fixes the mismatch.
At first glance, Xubuntu 25.10 might seem rough around the edges: more bugs than usual, fewer active contributors, and an LTS release on the horizon. But known issues are solvable issues. With six months until 26.04, we have time to address these challenges, polish the experience, and deliver a release worthy of Xubuntu’s twentieth anniversary.
If you want to help shape that milestone release—whether through code, documentation, design, or outreach—please reach out. Together, we can ensure Xubuntu continues to thrive for another twenty years.
Everyone can participate in the Xubuntu community on many levels, from simply giving advice to fellow Xubuntu users to becoming a maintainer of core packages. Any contribution, even the smallest, is valued.
The Xubuntu team is happy to announce the immediate release of Xubuntu 25.10.
Xubuntu 25.10, codenamed Questing Quokka, is a regular release and will be supported for 9 months, until July 2026.
Xubuntu 25.10 features the latest Xfce 4.20 and GNOME 49 updates. Xfce 4.20 updates feature stability improvements and enhanced Wayland support, for those adventurous enough to use it. GNOME 49 apps have received further polish and are well-suited for Xubuntu. MATE 1.26 apps are still included to round out Xubuntu’s office suite.
The final release images for Xubuntu Desktop and Xubuntu Minimal are available as torrents and direct downloads from xubuntu.org/download/.
As the main server might be busy the first few days after the release, we recommend using the torrents if possible.
We want to thank everybody who contributed to this release of Xubuntu!
Please refer to the Xubuntu Release Notes for more obscure known issues, information on affecting bugs, bug fixes, and a list of new package versions.
The main Ubuntu Release Notes cover many other packages we carry and more generic issues.
For support with the release, navigate to Help & Support for a complete list of methods to get help.
About 90% of my Debian contributions this month were sponsored by Freexian.
You can also support my work directly via Liberapay or GitHub Sponsors.
Some months I feel like I’m pedalling furiously just to keep everything in a roughly working state. This was one of those months.
I upgraded these packages to new upstream versions:
I had to spend a fair bit of time this month chasing down build/test regressions in various packages due to some other upgrades, particularly to pydantic, python-pytest-asyncio, and rust-pyo3:
After some upstream discussion I requested removal of pydantic-compat, since it was more trouble than it was worth to keep it working with the latest pydantic version.
I filed dh-python: pybuild-plugin-pyproject doesn’t know about
headers and added it to
Python/PybuildPluginPyproject,
and converted some packages to pybuild-plugin-pyproject
:
I updated dh-python to suppress generated dependencies that would be satisfied by python3 >= 3.11.
pkg_resources
is
deprecated. In most cases
replacing it is a relatively simple matter of porting to
importlib.resources
,
but packages that used its old namespace package support need more
complicated work to port them to implicit namespace
packages. We had quite a few bugs about
this on zope.*
packages, but fortunately upstream did the hard part of
this recently. I went
round and cleaned up most of the remaining loose ends, with some help from
Alexandre Detiste. Some of these aren’t completely done yet as they’re
awaiting new upstream releases:
This work also caused a couple of build regressions, which I fixed:
I fixed jupyter-client so that its autopkgtests would work in Debusine.
I fixed waitress to build with the
nocheck
profile.
I fixed several other build/test failures:
I fixed some other bugs:
I fixed several CMake 4 build failures:
I got CI for debbugs passing (!22, !23).
I fixed a build failure with GCC 15 in trn4.
I filed a release-notes bug about the tzdata reorganization in the trixie cycle.
I filed and fixed a git-dpm regression with bash 5.3.
I upgraded libfilter-perl to a new upstream version.
I optimized some code in ubuntu-dev-tools that made O(1) HTTP requests when it could instead make O(n).
Ubuntu Budgie 25.10 (Questing Quokka) is a Standard Release with 9 months of support by your distro maintainers and Canonical, from Oct 2025 to July 2026. These release notes showcase the key takeaways for 25.04 upgraders to 25.10. Please note – there is no direct upgrade path from 24.04.3 to 25.10; you must uplift to 24.10 first or perform a fresh install. In these release notes the areas…
8 October 2025 – Today Canonical, the publisher of Ubuntu, announced that Ubuntu worker nodes for Oracle Kubernetes Engine (OKE) are now available in Limited Availability. This means that OKE now supports Ubuntu images for worker nodes natively, with no need for custom images. You can find more detail on how to start using these in our documentation.
While applications on Kubernetes run within containers, the underlying operating system and kernel of the worker node still plays a critical role in performance, security, and management. Ubuntu provides a stable, widely-supported and securely-designed host environment that can optimize resource utilization for your Kubernetes workloads. Ubuntu’s familiar tooling also simplifies debugging, maintenance, and integration with existing infrastructure across all the major public clouds, offering a consistent and reliable foundation for your containerized applications.
With the availability of Ubuntu worker nodes on OKE, developers can now enjoy a consistent Ubuntu experience across worker nodes on the managed Kubernetes offerings of Amazon AWS, Google Cloud Platform, IBM Cloud, Microsoft Azure and Oracle OCI – all without having to build or deploy any custom images.
You can find details on the Ubuntu releases and Kubernetes versions available on OKE in the Ubuntu Availability documentation.
Ubuntu worker images for Oracle OKE users were first released in August 2024. Today’s announcement is the latest step in our efforts to make Ubuntu more accessible across a greater diversity of platforms and environments, particularly for AI/ML use cases or to have a consistent experience across on-premise and other public cloud environments.
Oracle and Canonical have been close partners since 2015, bringing Ubuntu images onto Oracle Cloud Infrastructure (OCI). Today, all currently-supported Long-Term Support releases of Ubuntu are available on OCI as images for VM instances (see, for example, Ubuntu 24.04).
We are working with Oracle to make Ubuntu OKE node pools a fully-integrated experience. We have prepared specific guides on setting these up using the Oracle Cloud Console, CLI and Terraform.
If you’re interested in using Ubuntu OKE nodes, please contact your Oracle account or support teams to express interest and explore access to this program.
If you’d like to share any feedback with us or the Oracle team, we’d love to hear your thoughts and experiences, which you can share with us on Discourse.
Slowness in web applications and critical services isn’t just frustrating for users: it directly affects revenue, productivity, and trust in your infrastructure. Every second of delay in page load or service response can cause frustration, lost customers, and operational challenges for your IT team.
The problem is that, in many cases, teams don’t know exactly where the bottlenecks are occurring. Is there a delay in the network? In the backend? In client communication, or in the security layer? Without detailed visibility, diagnosing and fixing these issues can turn into a slow and costly trial-and-error process.
This is where SKUDONET Profiling Timers comes in.
SKUDONET acts as the critical point of your infrastructure: it balances loads, filters traffic, and protects your applications. Thanks to profiling timers, every request and response passing through your SKUDONET is analyzed with millisecond precision, generating detailed information about the timing of each phase of HTTP(S) communication.
The most relevant timers include:
Each timer allows you to see exactly where delays occur and makes it easier to identify problems that were previously invisible. For example:
You can immediately identify whether delays originate from clients, network, backend, or the security layer (WAF).
Every request and response is logged with precise timing, size, and error data, enabling detailed analysis and historical tracking.
By continuously monitoring timers, you can identify trends in slowness and take action before users are affected.
Granular information lets you fine-tune load balancing configurations, identify slow endpoints, or adjust WAF rules to improve efficiency without compromising security.
Enabling profiling timers in SKUDONET is straightforward and gives you precise data for every request and response passing through your infrastructure. Once enabled, logs record all timers in milliseconds, providing detailed insight into where bottlenecks occur. These logs can be integrated with analysis tools like Grafana or ELK to visualize trends, detect anomalies, and monitor infrastructure performance in real time—without interrupting traffic or modifying your applications.
To enable them, follow these steps:
From that moment on, SKUDONET will automatically measure all timers for each request and response, generating detailed logs that allow you to:
If you want to learn how to activate profiling timers and understand each field in detail, visit our technical article: [How to activate and understand SKUDONET HTTP(S) profiling timers]
Slowness in your infrastructure is no longer a mystery when you have profiling timers. SKUDONET provides the visibility needed to diagnose, understand, and optimize every phase of communication between clients and backend systems. With this information, your team can resolve issues quickly, enhance the user experience, and ensure that your critical applications continue running at peak performance.
Try SKUDONET Enterprise Edition free for 30 days and experience a more secure, scalable, and easy-to-manage infrastructure.
07 October, 2025 12:02PM by Nieves Álvarez
Happy birthday, OpenStack!
It’s astonishing how fast time flies – fifteen years already. Yet, here we are: OpenStack cloud still stands as a de facto standard for open source cloud infrastructure implementation. It powers thousands of organisations around the world, across telco, finserv, public sector, IT, research, manufacturing and more.
With more than 45 millions of cores in production, OpenStack is undoubtedly one of the most successful open source projects ever. Thus, let’s take a moment to celebrate its anniversary together, review how we got here, and think about what the next 5 years are going to bring.
When the OpenStack cloud project was launched in 2010, led by NASA and Rackspace, it sought to solve a fundamental set of challenges: how to implement a standard, scalable, and interoperable cloud platform for compute, networking, and storage across modern datacenters. Proprietary stacks and vendor lock-in limited innovation; OpenStack’s goal was to deliver an open source, community-driven, and modular foundation for cloud computing at scale.
Canonical recognized the promise of that vision early on. We committed to packaging OpenStack for Ubuntu, ensuring that operators could use the power of OpenStack cloud on top of the world’s leading Linux distro. Over time, we extended support for OpenStack under Ubuntu’s long-term support (LTS) releases, offering users the desired level of stability, and security updates, now available for up to 12 years under Legacy Support. We also built an automation framework to simplify OpenStack’s deployment and operations, all while actively steering upstream development towards emerging use cases and market needs.
In 2014, Canonical formally launched its OpenStack cloud distribution – Canonical OpenStack. That timing coincided with the early “technology trigger” phase of the hype cycle. Many were testing private cloud ideas, and Canonical OpenStack gained traction precisely because it lowered the operational barrier.
Over the last decade and a half, OpenStack has evolved from a “cloud experiment” into a rock-solid, production-proven platform. It has been pushed to its limits in high-stakes sectors: from telco NFV deployments to sophisticated AI/ML workloads and mission-critical enterprise cloud environments. What was once a cutting edge technology is now mature, stable, and trusted by CEOs worldwide.
In parallel, Canonical has maintained its commitments: over 5 million lines of code (and many thousands of commits, and code reviews) have flowed into the OpenStack project from Canonical since its initial release. Over the years, we became the second biggest contributor – and we’re still going strong.
On the distribution front, Canonical OpenStack has become a leading choice: more than 500 clouds run our distribution in production globally under Ubuntu Pro. Meanwhile, Ubuntu Server has emerged as the preferred OS for OpenStack cloud deployments. In the 2024 edition of the OpenStack User Survey, 54% of respondents reported they run their OpenStack cloud on top of Ubuntu Server.
The story of OpenStack is far from being over. With the project now under the governance of the Linux Foundation, OpenStack is set to play an even greater role in shaping the future of cloud-native infrastructure. Moreover, emerging use cases such as digital sovereignty, AI, and confidential computing will be central to its next phase, and will steer directions for future development for sure.
And Canonical remains committed to driving this story, and to the overall OpenStack’s success. Our primary focus remains on modernising its operational experience with cloud-native principles, simplifying its adoption, refining the code base, and ensuring that OpenStack remains accessible to all.
These efforts converge in project Sunbeam – a reimagined OpenStack cloud that is composable yet opinionated by default, enterprise-grade yet simple to deploy, and capable of running anywhere, at any scale.
Canonical is honoured to mark OpenStack’s 15th anniversary. We have been there from early days, through every architectural shift, every release, every challenge, and we are more optimistic now about its future than we have ever been before.
To OpenStack – happy birthday! We hope that when you turn 18, we’ll be raising glasses of champagne together.
To learn more about Canonical OpenStack and Sunbeam, visit the following resources:
London has called, and the Ubuntu community has answered!
This year, the Ubuntu Summit has the ambitious goal of extending its reach to everyone, no matter where they are in the world. The event has not started yet, and we have been blown away by the excitement already! The desire to contribute to the community with Ubuntu Extended events, remote participation, remote lightning talks and other incredible ideas has been humbling, and inspiring.
Now, with the Summit just a heartbeat away, we want to make sure you have everything you need to be a part of this unforgettable experience.
The Ubuntu Summit is now a fully remote event. No matter where you are, and how big your circle of friends is, we have a spot for you. Remote registrations are free for everyone. Join us onOctober 23 and 24, 2025, for two days packed with inspiring talks, and stay for the community! There will be exciting interviews, polls, giveaways, FOSS music, and much more. What are you waiting for? Register for the Ubuntu Summit 25.10!
We are incredibly excited to welcome a diverse and talented group of speakers to the Ubuntu Summit stage. Here’s just a glimpse of the people you’ll get to hear from:
We have a stellar lineup ready for you! From deep dives into system profiling, to the heights of autonomous flying 5g antennas, and playing videogames in space, there’s something for everyone. Head over to the official timetable and start planning your personal Summit schedule!
Starting with this edition, the Ubuntu Summit is all about bringing the community together. If you are asking yourself how a remote event brings people together, you are in the right place, keep reading. You can host your own “Ubuntu Summit Extended” event! Gather your local Ubuntu Community, open source meetup, or group of friends to watch the livestream, share ideas, and celebrate the release of Ubuntu. Tell us about your Extended Event..
Ubuntu Summit 25.10 is a showcase for the innovative and the ambitious. Let’s demonstrate that the best technology is made in the open. We can’t wait to see you there on October 23 and 24!
A newly revealed WIRED investigation shows that the United States Government is creating a vast social media surveillance network, one that will operate around the clock and rely heavily on private contractors. Officials insist the system targets foreign nationals—but its scope and design make it inevitable that millions of Americans’ online activity will also be swept up. This is unconstitutional.
The post Purism Defends the Fourth Amendment in the Digital Age appeared first on Purism.
06 October, 2025 12:31PM by Purism
When a company collapses, its debts and assets are tallied, auctioned, and parceled out. But what happens when the “asset” in question is your very biology? That’s the question millions of 23andMe customers now face in the wake of the company’s bankruptcy.
The post From the Browser to the Bloodstream appeared first on Purism.
02 October, 2025 03:20PM by Purism
The 9th monthly Sparky project and donate report of the 2025: – Linux kernel updated up to 6.17.0, 6.12.49-LTS, 6.6.108-LTS – Sparky 8.0.1 released (new stable) https://sparkylinux.org/sparky-8-0-1/ – Sparky 2025.09 released (new rolling) https://sparkylinux.org/sparky-2025-09/ – Sparky 2025.09 Special Editions released https://sparkylinux.org/sparky-2025-09-special-editions/
02 October, 2025 06:01AM by pavroo
On September 30, 2025, The Washington Post reported a quiet trend in Washington, D.C.: the return of landline phones among officials and journalists seeking refuge from the omnipresent surveillance of smartphones. In a recent story, NBC News spotlighted parents in Maine and Seattle who are reviving landlines for their children—creating “landline pods” so kids can connect without the addictive pull of screens or the predatory reach of social media platforms.
The post Dialing Back to Move Forward: Why the Landline Revival Signals a Future for Privacy appeared first on Purism.
01 October, 2025 03:55PM by Purism
The lawsuits now circling Apple are not just about stolen phones. They are about stolen selves—stolen data, stolen memories, stolen identities.
The post Who Owns Your Digital Self? appeared first on Purism.
01 October, 2025 02:52PM by Purism
01 October, 2025 12:22PM by Joseph Lee
01 October, 2025 12:13PM by t.lamprecht (invalid@example.com)