/// 18 May 2026, 9:02 am ////// Linux Links ///
The MINISFORUM M2 is a compact mini PC built around Intel’s Panther Lake platform. I'm reviewing it using CachyOS and Ubuntu.
The post MINISFORUM M2 Intel Panther Lake Mini PC Running Linux: Introduction appeared first on LinuxLinks.
/// 17 May 2026, 10:50 pm ////// Reddit ///
[link] [comments]
/// 18 May 2026, 3:34 am ////// Slashdot ///
Read more of this story at Slashdot.
/// 18 May 2026, 6:46 am ////// The Hacker News ///
Review: Sylve on FreeBSD
News: Debian commits to reproducible builds, Debian publishes updated install media, Haiku introduces SMP support on ARM64 processors, Rocky Linux creates opt-in security repository, Fedora reconsiders AI tools, KDE receives generous donation
Questions and answers: The benefit of BleachBit
Released last week:....
/// 17 May 2026, 6:51 am ////// Linuxtech ///
/// 18 May 2026, 5:47 am ////// Tux Machines ///
/// 14 May 2026, 3:31 pm ////// Linux Magazine ///
Fedora Hummingbird brings the same approach to the host OS as it does to containers to level up security.
/// 13 May 2026, 5:03 pm ////// Phoronix ///
/// 18 May 2026, 9:33 am ////// GamingOnLinux ///
Read the full article on GamingOnLinux.
9to5Linux Weekly Roundup for May 17th, 2026, brings news about Debian 13.5, KDE Plasma 6.6.5, Fragnesia and ssh-keysign-pwn flaws, GStreamer 1.28.3, KDE Plasma 6.7 beta, fwupd 2.1.3, SparkyLinux 8.3, LibreOffice 25.8.7, Sovereign Tech Fund's €1M donation to KDE, PipeWire 1.6.5, Shelly 2.3, Rescuezilla 2.6.2, MX Linux 25.2 beta, and more.
The post 9to5Linux Weekly Roundup: May 17th, 2026 appeared first on 9to5Linux - do not reproduce this article without permission. This RSS feed is intended for readers, not scrapers.
/// 15 May 2026, 2:40 pm ////// Fedora Magazine ///
The last few weeks have seen a significant spike in reports of security vulnerabilities in the Linux Kernel. CopyFail, DirtyFrag, and Fragnesia have all exposed a path for a malicious user to escalate their privileges on a system from a standard user to root, and it’s possible there are more vulnerabilities that will be found. The Fedora Project is committed to keeping its users secure and patched against vulnerabilities as quickly as possible when they are disclosed, so let’s talk about how we try to do that.
Recent developments in machine learning have lead to a veritable gold rush for security researchers who can now rely on LLMs to analyze massive code bases like the Linux Kernel and find vulnerabilities at a rate well above what was previously possible. LLMs are also being used to weaponize these vulnerabilities once they’ve been found, allowing attackers to significantly shorten the gap between vulnerability disclosure and exploitation in the wild (source). All this means that it’s more important than ever for Fedora to have a robust process for tracking these vulnerabilities and distributing fixes for them.
What Fedora is doing
There are a number of ways the Fedora Package Maintainers get notified of new security vulnerabilities, the simplest of which is through security bulletins. Many projects post about their security updates on places like the oss-security mailing list and several Fedora contributors monitor these mailing lists for relevant vulnerabilities. The Red Hat Product Security team will also often raise Bugzilla bugs against Fedora packages for CVEs they are tracking, allowing Fedora to take advantage of the work being done to support RHEL customers.
Often security updates will flow through the usual Fedora package update process. Fedora uses tools like Anitya and Packit to monitor for new releases of upstream packages and automatically prepare updates for them. This automation helps across all updates with achieving Fedora’s “First” foundation, but they’re especially helpful for security updates which can be extremely time-sensitive to publish. If everything works as designed, by the time a human gets involved in preparing the update, there could already be a pull request and scratch build ready for testing.
Once the Fedora Package Maintainers are aware of a security vulnerability in a package we distribute, we’ll evaluate the best way to make the patch available to users of supported Fedora releases. Often this just means publishing the latest version of the package, but sometimes this isn’t possible. If the fix has not yet been merged in the upstream project (as happened with the recent kernel vulnerabilities) or if the latest version is too far from the current package version in that Fedora release (more information), the fix may be applied as a standalone patch. This can lead to a situation where a fixed version of the package is available but the version number still shows the vulnerable version, so you can use the dnf changelog command to check the update history for the package and see if a patch has been applied.
Keeping your system secure
It may sound cliché, but for most users the best thing you can do to keep your system secure is regularly updating it. Security package updates in Fedora are tagged with their severity and CVE numbers, so you can keep track of when security updates are published into Bodhi (for example). You can also apply all the pending security updates on your system using the following command:
dnf update --security
Some desktop environments will proactively notify users if there are pending security updates for their system. For example, GNOME Software will periodically check for pending updates and send the user a toast notification like the one below prompting to install the updates.
If you’d like to automate patching vulnerable packages, dnf-automatic can be configured to automatically download and apply security updates on a schedule, although applying kernel upgrades will require rebooting the system. You can learn more about this in the documentation here.
Getting involved
If this kind of Open Source security sounds interesting to you, why not consider becoming a Fedora contributor? We’re always looking for more people to get involved with projects like the Security SIG and Kernel Maintenance!
/// 16 May 2026, 5:45 am ////// ITS FOSS ///
If you are someone who has to tackle many emails throughout the day, an email client is most likely part of your workflow. For the uninitiated, these desktop applications let you manage one or more email accounts from a single place without having to open a browser tab for each one.
Think of them as a local home for your inbox that comes equipped with the necessary tools for composing, organizing, and syncing your content. 📥
I had one of my earliest experiences with these through Thunderbird, which I used at a previous workplace. It did the job well enough at the time, and I have no real complaints about it from back then.
Eventually I drifted toward just using the web apps of whatever email service I was on. So, when I came across Aerion, I thought to myself, why not give email clients another shot?
Aerion: A Home For Your E-Mails
This is an open source, lightweight desktop email client maintained by a team of developers that is sponsored by 3DF, which covers the infrastructure and human resource-related costs.
The project takes inspiration from GNOME's email client Geary, with a focus on being resource efficient and offering a clean interface without the baggage that tends to weigh down the older solutions on Linux.
Before you blurt out "Electron!," know that Aerion uses Wails and Svelte under the hood. It also comes with a CASA Tier 2 certification, which was assessed by TAC Security, a Google authorized assessor under the App Defense Alliance.
This means that the app's codebase has been scanned and verified against the OWASP ASVS standards by an independent third party. For a small indie project that handles your email credentials and account access, that is a big reassurance.
Feature-wise, it covers the essentials like support for multiple accounts, conversation threading, a WYSIWYG composer powered by TipTap, contact sync (via CardDAV, Google, and Microsoft), multiple color themes, and keyboard navigation with vim-style shortcuts.
For email providers, Aerion works with Gmail, Microsoft 365/Outlook, Proton Mail (via paywalled Proton Bridge), iCloud Mail, GMX Mail, and generic IMAP/SMTP setups.
Yahoo, Fastmail, Zoho Mail, AOL Mail, and Mail.com are listed as well, though these were marked as untested at the time of writing.
I Used It
Getting started meant adding my Gmail account, and that process was smoother than I expected. Aerion hands you off to the browser for the OAuth flow, where you go through Google's usual permissions and disclaimers routine, at the end of which you land back in Aerion, authenticated and ready to go.
Adding a new Gmail account to Aerion.
There's a nasty catch here, though. If you accidentally click somewhere outside the "Add Email Account" window while it is open, the whole thing closes and discards whatever progress you made. You won't get any warning or confirmation popup; it will just f*ck right off.
Mails being fetched on the left, a filled inbox on the right.
When Aerion finishes fetching your emails, you will notice that remote image loading is blocked by default. You can manually allow loading per email or add specific domains to an allowlist to avoid having to do it every time.
With Gmail connected, I spent some time sending and receiving mail, and the basics work as you would want them to. The composer has all the tools you need to put together a well-written email, and new messages are delivered with proper sync happening with the Gmail servers.
Below is a quick example of me sending a test mail from Aerion to my Proton Mail account. It landed without issue, showing up in Gmail's sent folder and in the Proton Mail inbox.
Checking the mail I sent using Aerion on the web apps for Gmail and Proton Mail.
Where things got a bit less clean was with notifications and sync. When I received new mail, I received no notification in Aerion's interface or GNOME's notification dropdown.
I had to manually hit the sync button to get the mail to appear, though Aerion does auto-sync in the background. The catch is that there is no way to configure how often it syncs, at least for Gmail, so if you are used to mail showing up the moment it lands, adjust your expectations accordingly.
And if you like keeping your mailbox clean, Aerion has you covered. You can mass delete emails that land in the "Bin" first, or you can go the extra step and permanently wipe them to free up cloud storage. Either way, the changes reflect on Gmail's servers without issue.
Though there's one more inconvenience that some of you might not like. Before you can start using Aerion, you are asked to agree to its Terms of Use and Privacy Policy.
The terms are fairly standard. It is pre-release software, so bugs and shifting features are part of the deal, there are no warranties, and the whole thing is provided under the Apache 2.0 license.
On the privacy side, things are more reassuring. Aerion does not collect or transmit any of your data to external servers, so no telemetry, no analytics, and no ads to worry about. When it connects to Google or Microsoft APIs, that access is limited strictly to the email functionality you configured.
Install it Now
People running Linux-powered distributions can get Aerion from Flathub. Those on platforms like ARM64, Windows, and macOS will have to visit the releases page to get the relevant packages.
If neither of the options are your thing, then you could always build from source.
/// 14 May 2026, 4:15 am ////// Tecmint ///
MySQL ships with decent built-in diagnostics, but when your database is slowing down under load, you need command-line tools that
The post 6 Open Source Tools to Monitor MySQL Performance in Linux first appeared on Tecmint: Linux Howtos, Tutorials & Guides.