The widely-used curl project is preparing to release curl 8.4 early to address a severe vulnerability in the library. Details on the vulnerability are limited, as it is still under embargo, but curl lead developer Daniel Stenberg has described it as “probably the worst curl security flaw in a long time.” The release, scheduled for October 11, will include fixes for this high severity vulnerability, as well as a low severity one. Stenberg has not provided specific details about which version range is affected, but he has stated that it impacts all curl versions from the past few years. This vulnerability is expected to be particularly impactful for users of the libcurl library and curl command-line tool.

Source: Phoronix.

GMK has expanded its lineup of mini PCs with the introduction of the NucBox G2 and NucBox G3. Both models are powered by the energy-efficient 6-watt Intel Processor N100 chip, offering a budget-friendly option for those interested in compact computing.

The NucBox G2 features a palm-sized design measuring just 3.4″ x 3.4″ x 1.6″. Despite its small size, it offers a robust set of ports, including two HDMI 2.0 ports, one DisplayPort 1.4 port, dual Gigabit Ethernet ports, three USB-A ports, an audio jack, and a USB-C port for power. However, it does have some limitations, such as non-upgradeable LPDDR5 memory and an M.2 2242 slot for SATA storage instead of the larger M.2 2280 slot for NVMe storage.

The NucBox G2 is available in various configurations, including a model with 12GB of RAM and 512GB of storage for $190. Additionally, it can be purchased from Amazon, with a 12GB/18GB model priced at $153.

On the other hand, the NucBox G3 boasts a slightly larger form factor, measuring 4.5″ x 4.2″ x 1.7″. It offers DDR4 memory and an M.2 2280 PCIe 3.0 NVMe SSD. However, it has fewer video outputs and only a single Ethernet jack. The NucBox G3 is available on Amazon, with prices starting at $180 for an 8GB/128GB configuration.

Here are the specifications for both models:

GMK NucBox G2

• CPU: Intel N100, 4-cores/4-threads, up to 3.5 GHz, 6-25 watts
• Graphics: Intel UHD, 24 execution units, up to 750 MHz
• RAM: LPDDR5-4800
• Storage: M.2 2242 SATA SSD
• Ports: 2 x HDMI 2.0, 1 x DisplayPort 1.4, 2 x Gigabit Ethernet, 3 x USB 3.2 Gen 1 Type-A, 1 x 3.5mm audio, 1 x Type-C (12V/3A power input only)
• Wireless: WiFi 6, Bluetooth 5.2
• Dimensions: 3.4″ x 3.4″ x 1.6″

GMK NucBox G3

• CPU: Intel N100, 4-cores/4-threads, up to 3.5 GHz, 6-25 watts
• Graphics: Intel UHD, 24 execution units, up to 750 MHz
• RAM: DDR4
• Storage: M.2 2280 PCIe 3.0 NVMe
• Ports: 2 x HDMI 2.0, 4 x USB 3.2 Gen 1 Type-A, 1 x USB-C, 1 x Gigabit Ethernet, 1 x 3.5mm audio, 1 x DC power input
• Wireless: WiFi 6, Bluetooth 5.2
• Dimensions: 4.5″ x 4.2″ x 1.7″

Overall, the GMK NucBox G2 and G3 offer affordable options for those in need of a compact and versatile mini PC. With their energy-efficient processors and various port options, these devices cater to the needs of users interested in servers, Linux, DevOps, and home labs.

Source: Liliputing.

AdGuard DNS Proxy has recently released version v0.56.1, which comes with some important fixes. One of the major fixes addresses the issue where queries of DS type were being incorrectly routed to the exactly matched domain-specific upstream. This behavior was in contrast to the recommendations outlined in RFC 4035 Section 2.4.

By releasing this new version, AdGuard DNS Proxy ensures that the routing of DS type queries is now in accordance with the RFC 4035 Section 2.4 recommendations. This fix enhances the overall performance and reliability of the DNS proxy. Users can now have confidence that their queries of DS type will be handled correctly and routed to the appropriate upstream destinations.

Uptime Kuma has recently released version 1.23.3, bringing important bug fixes and security updates to its server monitoring software.

One important note for users is that due to a security fix, all login sessions will be logged out after updating to this version. This is a necessary measure to ensure the security of the system.

If you are using any unofficial or third-party tools with Uptime Kuma, it is important to be aware that this update may introduce breaking changes. In such cases, it may be necessary to re-generate an authentication token to ensure compatibility.

The latest release includes several bug fixes that address various issues reported by the user community. These bug fixes include:

• Fixed an issue where notifications were not working if the configuration was too long. This improvement was contributed by @FJBlok.
• Enabled status page certificate expiry badge for all HTTP(s) monitors, thanks to @marvinruder.
• Fixed bugs related to the Kafka producer, with contributions from @mhkarimi1383.
• Addressed an issue where x-forwarded-host was not being utilized correctly. This fix was provided by @xuexb.
• Resolved a race condition issue in the status page editor that prevented some data from being saved when clicked too quickly. This fix was made possible by @chakflying.

In addition to bug fixes, version 1.23.3 also brings important security fixes. One notable fix addresses a persistent session tokens issue. Prior to this update, there was no way to revoke session tokens even if the password was changed. With this update, users can now revoke session tokens by changing their password. More information about this security fix can be found here.

This latest release of Uptime Kuma provides users with important bug fixes and security updates, ensuring a more reliable and secure server monitoring experience.

Debian 12.2 has been released, incorporating the latest security fixes and stable back-ports for Debian 12 Bookworm. This stable point release includes a new version of the Linux 6.1 kernel and the latest linux-firmware/microcode support.

One of the notable updates in Debian 12.2 is the inclusion of mitigations for the AMD Inception (SRSO) vulnerability, which was made public in August. Additionally, the release addresses the Intel Downfall vulnerability, also disclosed in August.

Furthermore, Debian 12.2 includes several other security fixes, enhancing overall system security. For a detailed list of package updates and security fixes, refer to the release announcement on Debian’s website.

Source: Phoronix.

Linux Containers has released Incus 0.1, the first formal release of their community fork of the LXD project. Incus was created after Canonical took control of LXD. Incus 0.1 is similar to the LXD 5.18 release but includes several changes and improvements. The project has dropped unused or problematic features from the LXD codebase and will now focus on backwards compatibility. Notable changes include renaming the project to Incus and replacing /dev/lxd with /dev/incus. More details and downloads can be found at LinuxContainers.org.

Source: Phoronix.