Ubuntu Weekly Newsletter Issue 943/944

Community Ubuntu Weekly News
1

header
header522×111 12.4 KB

Ubuntu Weekly News

UWN Issue 943/944 May 3-16 2026.

Welcome to the Ubuntu Weekly Newsletter, Issue 943/944 for the weeks of May 3 - 9 & 10 - 16, 2026.

This issue is being published outside of normal routine, as Ubuntu Discourse was down awhile, whilst some mitigations were applied related to the recent DDoS attacks [See UWN 942].

Ubuntu Weekly News Work-In-Progress

In this Issue

WORK IN PROGRESS

This is our next issue being built. If you'd like to be involved or have any suggestions, please get in contact with us at #ubuntu-news on libera.chat (https://web.libera.chat/?nick=Guest?#ubuntu-news), or matrix (https://matrix.to/#/#news:ubuntu.com) or email ubuntu-news-team@lists.ubuntu.com

:construction: :construction: :construction: :building_construction: :construction: :construction: :construction:

What we are working
/
Three weeks to go: A sneak peek of the Ubuntu Summit 26.04 experience
Dirty Frag Linux kernel local privilege escalation vulnerability mitigations
Fragnesia Linux kernel local privilege escalation vulnerability mitigations
Six-Year-Old Linux Kernel Flaw Lets Unprivileged Users Read Root-Owned Files
/
Fragnesia Linux kernel local privilege escalation vulnerability mitigationsFragnesia Linux kernel local privilege escalation vulnerability mitigations
/

  • Gabriela Bittencourt (gbittencourt): Kernel Upload Rights
    /
    Rocks Public Journal; 2026-05-05
    /

  • [daily] Server Triage Reports

  • Ubuntu Flavor sync meeting notes: April 27, 2026

  • Foundations Team Updates

  • Ubuntu Governance Sync Meeting Notes

  • Foundations Team Updates - 2026-05-14
    /
    UbuCon Korea X MiniDebConf Korea 2026
    Ubuntu 26.04 LTS Release Party @ Taipei
    Ubuntu 2604 +Fedora 44 Release Party
    Ubuntu 26.04 LTS Release Party @ Taichung
    Ubuntu 26.04 LTS Release Party & InstallFest was held in Daejeon
    Ubuntu Africa x Mojo Africa
    Status Update: Revitalizing the Ubuntu Ecuador Community
    /
    Ceph Rock: Tentacle (20.2.0) Release Notes
    Permissions Prompting: A Deep Dive
    Ubuntu Server Gazette - Issue 14 - Virtualization HWE: Stay LTS, stay modern
    Change in s2026.04.13 Security Cycle Schedule
    From writing code to understanding usersFrom writing code to understanding users
    Building Blocks and Patterns for the Agentic Age
    Ubuntu Concept goes CIX P1
    /
    Private snap manifests
    /
    KDE Plasma 6.7 Beta Release
    /

  • Rethinking BYOD security: protecting data without trusting devices

  • Finding the blind spot: How Canonical hunts logic flaws with AI
    /
    Ubuntu Studio’s New Home: What’s Changing and Why
    /
    7 Features I Like in Ptyxis (The New Default Ubuntu Terminal)
    Over a year later, AMD is bringing improved FSR 4 upscaling to its older GPUs
    /
    Ubuntu Touch OTA 1.3 Improves Handling of Desktop Apps
    NVIDIA-VAAPI-Driver 0.0.17 Fixes Support For GB10 Powered Systems
    Ubuntu 26.10 Stonking Stingray Release Date
    Ubuntu 26.04 LTS upgrade now open for Ubuntu 25.10 users
    /
    Podcast:

  • LINUX Unplugged: 665 - Patch Me If You Can [Jon Seager]

  • Late Night Linux: Episode 384

  • Ubuntu Portugal: E379 Vibecoding Snap de Bootloader em Rust com IA 


  • Linux User Space: Season 6 Episode 14
    /

General Community News

Dirty Frag Linux kernel local privilege escalation vulnerability mitigations

Luci Stanescu alerts us to the (two) “Dirty Frag” privilege escalation (LPE) vulnerabilities disclosed on May 7, 2026. We’re told one is CVE-2026-43284, and the other is still pending, and given details of the vulnerabilities and how it could impact our systems. This “post describes mitigations that disable the affected modules and can be applied when Linux kernel packages which implement the proposed patch will be released”. We’re also told it impacts all supported releases of Ubuntu back to and including Ubuntu releases supported via ESM.

https://ubuntu.com//blog/dirty-frag-linux-vulnerability-fixes-available

This vulnerability is widely covered, the following is a collection of articles selected by our editors:

Three weeks to go: A sneak peek of the Ubuntu Summit 26.04 experience

Mauro Gaspari reminds us we’re only weeks from Ubuntu Summit 26.04, and in this post gives us a ‘taste of the schedule’. We’re given links so we can learn more, view the timetable, find communities that maybe having local meetups, or where we can ‘join the conversation’.

https://ubuntu.com//blog/three-weeks-to-go-a-sneak-peek-of-the-ubuntu-summit-26-04-experience

Fragnesia Linux kernel local privilege escalation vulnerability mitigations

Luci Stanescu alerts us to a “local privilege escalation (LPE) vulnerability .. disclosed on May 13, 2026” that doesn’t have a CVE ID yet, but is referred to as “Fragnesia”. We’re given details of the problem, which is impacting all supported releases of Ubuntu, told the CVSS 3.1 score, and that Dirty Frag mitigations also prevent this. We’re also told how we can test for the flaw, and more.

https://ubuntu.com//blog/fragnesia-linux-vulnerability-fixes-available

Six-Year-Old Linux Kernel Flaw Lets Unprivileged Users Read Root-Owned Files

Marcus Nestor alerts us to another security flaw that has been disclosed recently. We’re told it was discovered by Qualys, and could “allow an unprivileged user to read root-owned files”. We’re given a link to a proof-of-concept with some description of that, and told the this and Fragnesia will be patched, with an update telling us patches have been released for a number of kernels.

https://9to5linux.com/six-year-old-linux-kernel-flaw-lets-unprivileged-users-read-root-owned-files

Welcome New Members and Developers

Congratulations to this contributor!

Ubuntu Stats

Bug Stats

  • Open: # (+/-#)
  • Critical: # (+/-#)
  • Unconfirmed: # (+/-#)

As always, the Bug Squad needs more help. If you want to get started, please see: https://wiki.ubuntu.com/BugSquad

Translations

Hot in Support

Ubuntu Community Discourse Trending Top 5 Threads

Find more support at: https://discourse.ubuntu.com/c/support-and-help/306

Ask Ubuntu Top 5 Questions

Ask (and answer!) questions at: https://askubuntu.com/

Meeting Reports

Team leads are responsible to summarize
Otherwise will be demoted to the “Other Meeting Reports” section as bulleted

Rocks Public Journal; 2026-05-05

26.04 release: the ubuntu-26.04 chisel-release is now under standard maintenance, and the Ubuntu 26.04 base rock is now also live in Docker Hub and ECR. New rock: curl is now available in Docker Hub and ECR.

Starcraft Clinic - XXXX

https://forum.snapcraft.io/t/starcraft-clinic-2024-aug-16/41427/4?u=soumyadghosh

Other Meeting Reports

Upcoming Meetings and Events

Times shown are UTC unless otherwise specified. For more details and further dates please visit: https://ubuntu.com/community | https://discourse.ubuntu.com/upcoming-events

Ubuntu Circles! (LoCo) News

UbuCon Korea X MiniDebConf Korea 2026

Youngbin Han has made an event post on this years UbuCon Korea, which is a joint event with MiniDebConf Korea at the same Microsoft Korea 13F venue. This post includes links for details, to register, call for propsals, venue and more.

https://discourse.ubuntu.com/t/ubucon-korea-x-minidebconf-korea-2026/81652

Ubuntu 26.04 LTS Release Party @ Taipei

Rj Hsiao has made an event post announcing the Ubuntu 26.04 LTS Release Party at Taipei, which is open for registration. The post gives us details including date, location, fee, and more.

https://discourse.ubuntu.com/t/ubuntu-26-04-lts-release-party-taipei/81876

Ubuntu 2604 +Fedora 44 Release Party

This short post gives details of a Ubuntu 26.04 LTS and Fedora 44 combined Release Party. Date, time, location and more are provided.

https://luma.com/ytanoy01

Ubuntu 26.04 LTS Release Party @ Taichung

https://forms.fillout.com/t/fNuGt7r8PNus

Ubuntu 26.04 LTS Release Party & InstallFest was held in Daejeon

Sae Jin Kim has posted about the Ubuntu 26.04 LTS Release Party held on May 2 at Daejeon City. We’re told 20 participants “checked in and tried to upgrade to Ubuntu 26.04 together”. We’re told of Ubuntu 26.04 LTS Desktop and Server installs, with thanks given to everyone who helped or participated in this event. Thanks is given to Jungmin Yoon who also presented, and ì €ëŠŹíŹì—(jelly__forever__) and 닀읞(Thine) cafe, and we’re shown some photos.

https://discourse.ubuntu.com/t/ubuntu-26-04-lts-release-party-installfest-was-held-in-daejeon/82009

Ubuntu Africa x Mojo Africa

Bright Adams has provided a meeting report for the Mojo Africa Premiere held on May 2 at Uyo Nigeria. We’re told of the event which was sponsored by Ubuntu Africa, given some key highlights, and told the event served as a ‘strong touchpoint’ for Ubuntu Africa in connecting to the wider community.

https://discourse.ubuntu.com/t/ubuntu-africa-x-mojo-africa/82020

Status Update: Revitalizing the Ubuntu Ecuador Community

JesĂșs Daniel Castro announces the start of a “revitalization process for the Ubuntu Ecuador LoCo Team”. We’re told of a new Core Team, and their current focus on their created plan, told of some upcoming milestones, and given a link to the team on Launchpad, and their telegram group.

https://discourse.ubuntu.com/t/loco-status-update-revitalizing-the-ubuntu-ecuador-community/82249

Ubuntu Circles! (LoCo) Events

The following LoCo team events are currently scheduled in the next two weeks:

Looking beyond the next two weeks? Visit the respective Circles!/LoCo Team calendar to browse upcoming events.

Please also see:

The Hub

Ceph Rock: Tentacle (20.2.0) Release Notes

Utkarsh Bhatt posts here the Ceph Tentacle 20.2.0 release notes. We’re given details of the release, which include how to find it for Ubuntu 26.04 LTS, and Ubuntu 24.04 LTS, and why 24.04 is in a PPA. A list of what’s new, patches applied at build time, known issues and more is provided.

https://discourse.ubuntu.com/t/ceph-rock-tentacle-20-2-0-release-notes/81613/

Permissions Prompting: A Deep Dive

Oliver Calder from the Snapd team at Canonical documents a new layer of user-defined security named ‘Permissions Prompting’. We’re given a link to a prior post by Oliver Smith who introduced the concept, with this post updating us on many improvements made since then which we’ll find in Ubuntu 26.04 LTS. This is a rather extensive post, with some examples given showing how we’ll experience this in operation, its contrasted with Portals, and more.

https://discourse.ubuntu.com/t/permissions-prompting-a-deep-dive/81785

Ubuntu Server Gazette - Issue 14 - Virtualization HWE: Stay LTS, stay modern

Hector Cao has published the Ubuntu Server Gazette 14, with a large update on the Hardware Enablement Stack usefulness for Ubuntu Server. We’re told Ubuntu 26.04 LTS Server has the Hardware Enablment (HWE) virtulization stack as its default, with some of the pros and cons of it and reasoning for it now being the default. The ubuntu_virt_helper script is covered being a management tool for the newer HWE stack, before reporting bugs for the newer HWE stack is mentioned. We’re asked to ‘try it out’, and given links if we have questions, or to the server documentation.

https://discourse.ubuntu.com/t/ubuntu-server-gazette-issue-14-virtualization-hwe-stay-lts-stay-modern/81842

Change in s2026.04.13 Security Cycle Schedule

Kleber Souza reminds us of the Stable Release Update (SRU) and security cycles, before telling us because of the ‘Copy Fail’ vulnerability (CVE-2026-31431) the normal cycle has been expedited so as to address the issue sooner. We are given very brief details, and told what we can do in the interim.

https://discourse.ubuntu.com/t/change-in-s2026-04-13-security-cycle-schedule/81889

From writing code to understanding users

Anusha Chaturvedi mentions that engineers often build systems that work, but that doesn’t mean users will find it works well for them. In this blog Anusha shares how she transitioned from purely focusing on implementation to running user testing. She outlines the ‘challenge’ of moving from an systems focus to end-user, covering how it was done, which resulted in a workshop for staff at the sprint at Gothenburg. This is an extensive post, which includes photo, example and links for further reading.

https://discourse.ubuntu.com/t/from-writing-code-to-understanding-users/82057

Building Blocks and Patterns for the Agentic Age

Pietro Pasotti gives us his ‘thoughts’ after months of ‘excessive AI’ usage. We’re given the lessons learn, told of productivity patterns, and even how to detect and avoid antipatterns. This is an extensive post, with warning that the roles are “heavily simplified” for clarity purposes, the workflows described are “very ‘manual’”, but it may help us to avoid the pitfalls of ‘slop’.

https://discourse.ubuntu.com/t/building-blocks-and-patterns-for-the-agentic-age/81929

Ubuntu Concept goes CIX P1

Tobias Heider introduces a concept image of Ubuntu 26.04 LTS for CIX Technology P1. We’re told this is “intentionally positioned as a developer-focused preview”, and given a link so we can download it, a list of platforms it was tested on, told how we can contribute if we’d like, or just report bugs, and thanks is given the CIX Technologies, Radx, Minisoforum and Metacomputing.

https://discourse.ubuntu.com/t/ubuntu-concept-goes-cix-p1/82213

The Planet

Private snap manifests

Clinton Fung announces “an improved approach to snap manifest generation for private projects”. This helps with security and transparency and addresses the supression of manifest.yaml files during private snap builds. The reasoning for prior behavior is touched on, as well as why the leaking of data isn’t now an issue with the explicit authorization. We’re told how we can share feedback too.

https://blog.launchpad.net/general/private-snap-manifests

Other Community News

Ubuntu Studio’s New Home: What’s Changing and Why

The Ubuntu Studio team remind us where their web presence has been, and that it was hosted on Canonical infrastructure, before telling us of their new home. We are walked through the new ‘home’ giving us details of each of the resources we have available, details on why the move has happened, what it means for contributors including the new ‘buckets’. We’re also told what hasn’t changed, before it finishes with a list of where we can find things now, and reminded to file a report if we find anything wrong.

https://ubuntustudio.org/2026/05/ubuntu-studios-new-home-whats-changing-and-why/

KDE Plasma 6.7 Beta Release

This post from the KDE Community is on the KDE Plasma 6.7 Beta release and its new modules. We’re asked to help ‘stress test’ the system especially new Union theming, giving a link to the full changelog, links to download a live image, the source code and more. We’re also given links to leave feedback, or support KDE

https://kde.org/announcements/plasma/6/6.6.90/

What Say You

Here we elicit your adventures, your trials and how you triumphed; your desktop, why it is your preference; have you made a bug report, tell the experience; coding or other development works worth the comment; tips - tricks and other neat things you have discovered 
 many other subjects too


Ubuntu Cloud News

Canonical News

In the Press

7 Features I Like in Ptyxis (The New Default Ubuntu Terminal)

Sreenath reminds us what Ptyxis is, and having used it for months now, outlines the reasons why he likes it (seamless container support) and more. Many points are illustrated via screenshots, in this rather lengthy and detailed post, before Sreenath mentions that he understands why Ubuntu and Fedora made it their new default.

https://itsfoss.com/ptyxis-terminal-features/

Over a year later, AMD is bringing improved FSR 4 upscaling to its older GPUs

Andrew Cunningham reminds us of “version 4 of its FidelityFX Super Resolution (FSR) graphics upscaling technology” back in 2025 for a handful of new cards, with this post telling us that FSR 4 is finally “coming to older GPUs”. We’re given details, which include why this benefit us, and more.

https://arstechnica.com/gadgets/2026/05/amd-promises-to-bring-improved-hardware-backed-fsr-4-upscaling-to-older-radeon-gpus/

In the Blogosphere

Ubuntu Touch OTA 1.3 Improves Handling of Desktop Apps on Lomiri and Fixes Bugs

Marcus Nestor tells us Ubuntu Touch 2.0 is ‘in the works’ with some quick details, before Marcus moves on to the release of Ubuntu Touch OTA 1.3. We’re given some details of the many improvements, before told there are other general fixes and security updates. A link to the release announcement page which contains the full changelog. Marcus also reminds us that although the rollout has started, not all users will receive the notification at the same time, so be patient.

https://9to5linux.com/ubuntu-touch-ota-1-3-improves-handling-of-desktop-apps-on-lomiri-and-fixes-bugs

NVIDIA-VAAPI-Driver 0.0.17 Fixes Support For GB10 Powered Systems

Michael Larabel reminds us what the NVIDIA-VAAPI-Driver driver does, and that it’s out with a new release that will help accelerated video decoding within Mozilla Firefox and more. We’re briefed on the changes, and given a link to the release page on GitHub.

https://www.phoronix.com/news/NVIDIA-VAAPI-Driver-0.0.17

Ubuntu 26.10 Stonking Stingray Release Date Set for October 15 by Canonical

https://www.ubuntupit.com/ubuntu-26-10-stonking-stingray-release-date-set-for-october-15-by-canonical/

Ubuntu 26.04 LTS upgrade now open for Ubuntu 25.10 users

Joey Sneddon tells us that Ubuntu 25.10 upgrades to Ubuntu 26.04 are now ‘officially live’. We’re reminded of the end of support coming for Ubuntu 25.10 in July 2026, before Joey touches on some of the improvements in Ubuntu 26.04 LTS. Joey reminds us to make backups first, walks us though the upgrade, some apps we may decide to uninstall (and why including the newer alternatives) and on the higher ‘honesty bump’ on recommended resources.

https://www.omgubuntu.co.uk/2026/05/ubuntu-2604-lts-upgrade-now-available

In Other News

Other Articles of Interest

Featured Audio and Video

LINUX Unplugged: 665 - Patch Me If You Can

“We dig into the Copy Fail vulnerability and test a proof-of-concept against our own box. Plus, Jon Seager, VP of Engineering at Canonical joins us, and we kick off the BSD Challenge!”

https://linuxunplugged.com/665

Late Night Linux: Episode 384

“There’s a new Ubuntu LTS release and quite a lot is new, Canonical’s infrastructure was taken down and we disagree about whether it could have been avoided, two recent examples of irresponsible vulnerability disclosure, and the Steam controller finally arrives with a hefty price tag.”

https://latenightlinux.com/late-night-linux-episode-384/

Portugal Podcast: Episode 379 - Vibecoding Snap de Bootloader em Rust com IA, em letras muito muito muito pequenas

“DRAMA, DRAMA, DRAMA. Na semana que passou sĂł tivemos dramas: vulnerabilidades que contaminaram um porradĂŁo de distribuiçÔes Linux, a Canonical com os servidores atacados por Iraquianos(?) e Ubuntu com IntelijumĂȘncia Artificial (IET, InferĂȘncia EstatĂ­stica Turbinada)! FalĂĄmos sobre tudo isso e ainda nos divertimos com redes LoRa Meshstasst
meshtatique
maxetatique; essa coisa - e revimos a nossa agenda, que passa pela SertĂŁ e SetĂșbal.”

https://podcastubuntuportugal.org/e379/

Linux User Space: Season 6 Episode 14 - Kernels of Truth with Nate Graham

“Today in User Space we start out by covering a couple of the newest Ubuntu issues. Namely, the outages, but that alone wasn’t terrible, until you added update failures that prevent folks that needed to from patching themselves against Copy Fail! Some good things, too, though. PS5 Linux is bringing all the nostalgia back from the PS3 era of full Linux desktop enjoyment. Then, we let a guest, Nate Graham of KDE, crash the back half of the show, and it goes quite long! In the first half we hear everything from why Snaps could, but ultimately don’t work for KDE Linux, Printing, and the possible future cadence of the OS once there’s a full release (and more, of course). We actually split the interview in two to be a little more digestible and postable later on. In the second half of the interview, we discuss our thoughts on AI, what’s good (and mostly bad) about it all, and how KDE and Nate look at submissions and humanity. What we don’t need, it seems, is unenforceable policies. Then, a couple final questions like what’s up with Full Disk Encryption?”

https://www.youtube.com/watch?v=wUQtmVpj1OE

Updates and Security for Ubuntu 22.04, 24.04, 25.10, and 26.04

Security Updates

Ubuntu 22.04 Updates

End of Standard Support: April 2027

Ubuntu 24.04 Updates

End of standard support: April 2029

Ubuntu 25.10 Updates

End of Life: July 2026

Ubuntu 26.04 Updates

End of Standard Support: April 2031

Subscribe

Get your copy of the Ubuntu Weekly Newsletter delivered each week to you via email at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-news

Or follow us via our various social media presences:

Archives

For recent issues of the Ubuntu Weekly Newsletter Issue 786 & later please visit our Discourse page: or our Portal page: that is easier to read. The older WIKI issues (809 and earlier) are available at: UbuntuWeeklyNewsletter/Archive.

Further News

As always you can find more Ubuntu news and announcements at:

Conclusion

Thank you for reading the Ubuntu Weekly Newsletter.

See you next week!

Credits

The Ubuntu Weekly Newsletter is brought to you by:

  • Krytarik Raido
  • Bashing-om
  • Chris Guiver
  • Wild Man
  • Cristovao Cordeiro (cjdc) - Rocks
  • irihapeti
  • And many others

Glossary of Terms

Other acronyms can be found at: Glossary (UWN)

Get Involved

The Ubuntu community consists of individuals and teams, working on different aspects of the distribution, giving advice and technical support, and helping to promote Ubuntu to a wider audience. No contribution is too small, and anyone can help. It’s your chance to get in on all the community fun associated with developing and promoting Ubuntu. More on this at: Contribute - Contribute - Ubuntu Community Hub

Or get involved with the Ubuntu Weekly Newsletter team! We always need summary writers and editors, if you’re interested, learn more at: Joining the Ubuntu Weekly Newsletter Team

Feedback

This document is maintained by the Ubuntu Weekly News Team. If you have a story idea or suggestions for the Weekly Newsletter, join the Ubuntu News Team mailing list at ubuntu-news-team Info Page and submit it. Ideas can also be added to the wiki at Ubuntu Weekly Newsletter Ideas . If you’d like to contribute to a future issue of the Ubuntu Weekly Newsletter, please feel free to edit the appropriate wiki page. If you have any technical support questions, please check https://community.ubuntu.com/help-information/ for more information on where to get help.

Except where otherwise noted, this issue of the Ubuntu Weekly Newsletter is licensed under a Creative Commons Attribution ShareAlike 3.0 License.

CCL

3 Likes