Errata patches for pledge tmppath in ldconfig have been released
for OpenBSD 7.7 and 7.8.
Binary updates for the amd64, arm64 and i386 platform are available
via the syspatch utility. Source code patches can be found on the
respective errata page:
https://www.openbsd.org/errata77.html
https://www.openbsd.org/errata78.html
Monday, March 2, 2026
[USN-5376-6] Git regression
==========================================================================
Ubuntu Security Notice USN-5376-6
March 02, 2026
git regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
USN-5376-1 introduced a regression in Git
Software Description:
- git: fast, scalable, distributed revision control system
Details:
USN-5376-4 fixed a regression in Git. This update provides the
corresponding update for Ubuntu 18.04 LTS.
We apologize for the inconvenience.
Original advisory details:
俞晨东 discovered that Git incorrectly handled certain repository paths
in platforms with multiple users support. An attacker could possibly use
this issue to run arbitrary commands.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
git 1:2.17.1-1ubuntu0.18+esm8
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5376-6
https://ubuntu.com/security/notices/USN-5376-5
https://ubuntu.com/security/notices/USN-5376-4
https://ubuntu.com/security/notices/USN-5376-3
https://ubuntu.com/security/notices/USN-5376-2
https://ubuntu.com/security/notices/USN-5376-1
https://launchpad.net/bugs/2142239
Ubuntu Security Notice USN-5376-6
March 02, 2026
git regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
USN-5376-1 introduced a regression in Git
Software Description:
- git: fast, scalable, distributed revision control system
Details:
USN-5376-4 fixed a regression in Git. This update provides the
corresponding update for Ubuntu 18.04 LTS.
We apologize for the inconvenience.
Original advisory details:
俞晨东 discovered that Git incorrectly handled certain repository paths
in platforms with multiple users support. An attacker could possibly use
this issue to run arbitrary commands.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
git 1:2.17.1-1ubuntu0.18+esm8
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5376-6
https://ubuntu.com/security/notices/USN-5376-5
https://ubuntu.com/security/notices/USN-5376-4
https://ubuntu.com/security/notices/USN-5376-3
https://ubuntu.com/security/notices/USN-5376-2
https://ubuntu.com/security/notices/USN-5376-1
https://launchpad.net/bugs/2142239
F45 Change Proposal: DrmPanicFrontend [SelfContained]
Wiki: https://fedoraproject.org/wiki/Changes/DrmPanicFrontend
Discussion Thread: https://discussion.fedoraproject.org/t/182239
**This is a proposed Change for Fedora Linux.**
This document represents a proposed Change. As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee.
== Summary ==
Deploy a web-based frontend application for Fedora's DRM Panic feature that provides users with an accessible, user-friendly interface for understanding kernel panic information and facilitating bug reports through Bugzilla integration.
== Owner ==
* Name: [[User:Jexposit| José Expósito]]
* Email: jexposit@redhat.com
== Detailed Description ==
=== Background ===
With Fedora 42, the [https://fedoraproject.org/wiki/Changes/EnableDrmPanic DRM Panic] feature was enabled by default, allowing the Linux kernel to display panic screens with QR codes that encode error traces when kernel panics occur. While this feature successfully captures technical information, the raw kernel traces encoded in QR codes are largely incomprehensible to average users and provide no guidance on next steps.
=== Solution ===
The DRM Panic Frontend is a web application that bridges the gap between technical kernel panic data and user-friendly presentation. When users scan a QR code from a DRM Panic screen with their mobile device, they are directed to a Fedora-hosted web interface that:
# **Provides contextual information** - Explains what happened in accessible language
# **Decodes and displays panic information** - Presents kernel version, architecture, and error traces in a structured, readable format
# **Facilitates bug reporting** - Offers streamlined integration with Fedora Bugzilla, pre-filling bug reports with relevant system information and error traces
# **Improves user experience** - Uses PatternFly design patterns to provide interface consistent with Fedora's design language
=== Technical Details ===
**Technology Stack:**
* Built with React 19 for dynamic user interfaces
* PatternFly 6 for consistent Fedora design language
* Webpack-based build system
* Static HTML/CSS/JavaScript output (no server-side processing required)
**Deployment Requirements:**
* Static web hosting on Fedora infrastructure
* Updating the kernel to point to the new endpoint
* No database or server-side runtime required
**Configuration:**
The application requires minimal configuration [https://github.com/JoseExposito/drm-panic-frontend/blob/main/.env.example via .env file]:
* <code>WEBPACK_BUGZILLA_URL</code> - URL of the Fedora Bugzilla instance (for example, https://bugzilla.redhat.com)
<code>npm run build:production</code> generates a website pointing to the configured Bugzilla URL.
**Information Flow:**
# DRM Panic generates QR code containing compressed panic data (URL with query parameters)
# User scans QR code with mobile device
# Browser loads web application from Fedora infrastructure
# JavaScript decodes URL parameters and decompresses trace data
# Application presents information and provides bug reporting workflow
# No information leaves the user mobile device. The trace is encoded in the URL hash, which is not sent to the server
**Demo:**
The following link displays an screenshot of a DRM Panic. Scan the QR code with your phone to test the application:
https://jexposit.fedorapeople.org/drm-panic-demo.png
=== Current Implementation Status ===
The DRM Panic Frontend is fully functional and includes:
* Complete panic information display with system details (kernel version, architecture)
* Modal dialogs for detailed error traces and bug reporting instructions
* Bugzilla integration with pre-filled bug report URLs
* Responsive design for mobile and desktop viewing
* Minimal test coverage with Jest
== Feedback ==
Initial community feedback from the devel@lists.fedoraproject.org announcement has been positive, with recognition that improving the user experience for kernel panics is valuable.
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/JMGIBLN6EXSASOFGGTVEB7U23WND6SA6/
== Benefit to Fedora ==
# **Improved User Experience** - Transforms a technical, intimidating error screen into an approachable interface that guides users through understanding and reporting issues
# **Increased Bug Reports** - By lowering the barrier to bug reporting, Fedora and upstream developers will receive more actionable panic reports, leading to better kernel stability
# **Accessibility** - Makes kernel debugging information accessible to non-technical users who can now effectively report issues even without understanding kernel internals
== Scope ==
* Proposal owners:
** Maintain the DRM Panic Frontend application
** Respond to bug reports and feature requests
** Keep dependencies up to date
* Other developers:
** **Fedora Infrastructure team** - Provide hosting for the static web application, configure domains, and set up deployment pipeline
** **Fedora Design team** (optional) - Review and suggest improvements to the user interface
** **Kernel team** - Coordinate on QR code URL format and ensure DRM Panic QR codes point to the hosted frontend
* Release engineering: N/A (not a System Wide Change)
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with the Fedora Strategy:
This change aligns with the Fedora Strategy by improving user experience and making Fedora more accessible to non-technical users while also improving the quality of bug reports that help make Fedora more stable and reliable.
== Upgrade/compatibility impact ==
This change has no impact on existing systems. The DRM Panic Frontend is an optional, additive feature that enhances the existing DRM Panic functionality without modifying kernel behavior.
== Early Testing (Optional) ==
N/A
== How To Test ==
=== Testing the Web Application ===
**Local Development Testing:**
<pre>
git clone https://github.com/JoseExposito/drm-panic-frontend.git
cd drm-panic-frontend
npm install
cp .env.example .env
npm start
</pre>
**Access Test URL:** Navigate to the example URL provided in HACKING.md which simulates a DRM Panic QR code
**Verify Functionality:**
* Panic information displays correctly (kernel version, architecture)
* Error trace is readable and properly formatted
* "Report Issue" modal provides clear instructions
* Bugzilla link is correctly formatted with pre-filled fields
* Copy-to-clipboard functionality works
* Responsive design works on mobile devices
**Production Build Testing:**
<pre>
npm run build:production
</pre>
Verify the <code>dist/</code> directory contains optimized static files ready for deployment
== User Experience ==
=== Before This Change ===
When a user experiences a kernel panic with DRM Panic enabled:
# Screen displays a kernel panic message with a QR code
# User scans QR code
# User sees technical information with no context
# No clear path to report the issue or get help
=== After This Change ===
When a user experiences a kernel panic:
# Screen displays a kernel panic message with a QR code
# User scans QR code
# Browser loads a Fedora-branded web page
# User sees:
#* Clear explanation of what happened
#* System information in readable format (kernel version, architecture)
#* Structured error trace display
#* Step-by-step bug reporting instructions
== Dependencies ==
=== Build Dependencies ===
* Node.js 18+ (for development and building)
* npm or yarn package manager
=== Runtime Dependencies ===
* Modern web browser with JavaScript enabled
* No server-side runtime dependencies (static files only)
=== Integration Dependencies ===
* DRM Panic kernel feature (enabled in Fedora 42+)
* QR code configuration pointing to the hosted frontend URL
== Contingency Plan ==
* Contingency mechanism: If the DRM Panic Frontend cannot be deployed for Fedora 45, DRM Panic continues to function with raw QR code data URLs. Users experience the pre-existing workflow (direct URL with encoded data). No regression or loss of functionality. Deployment can be attempted in a future release.
* Contingency deadline: Beta freeze. If hosting infrastructure is not ready by Beta, the deployment can be postponed without impact.
* Blocks release? No. This is a web application deployment separate from the Fedora release compose process.
== Documentation ==
=== Application Documentation ===
* [https://github.com/JoseExposito/drm-panic-frontend GitHub Repository]
* HACKING.md - Development and testing guide
=== Related Documentation ===
* [https://fedoraproject.org/wiki/Changes/EnableDrmPanic Fedora Change: Enable DRM Panic]
* [https://docs.kernel.org/gpu/drm-kms-helpers.html#drm-panic-infrastructure Kernel DRM Panic Documentation]
* [https://www.phoronix.com/news/DRM-Panic-Nicer-Fedora-Idea Phoronix Coverage]
== Release Notes ==
Fedora 45 introduces the DRM Panic Frontend, a user-friendly web interface for kernel panic reporting. When you scan a QR code from a kernel panic screen, you'll be directed to a helpful Fedora web page that explains what happened and guides you through reporting the issue to help improve Fedora. This makes it easier for everyone to contribute to Fedora's stability.
Discussion Thread: https://discussion.fedoraproject.org/t/182239
**This is a proposed Change for Fedora Linux.**
This document represents a proposed Change. As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee.
== Summary ==
Deploy a web-based frontend application for Fedora's DRM Panic feature that provides users with an accessible, user-friendly interface for understanding kernel panic information and facilitating bug reports through Bugzilla integration.
== Owner ==
* Name: [[User:Jexposit| José Expósito]]
* Email: jexposit@redhat.com
== Detailed Description ==
=== Background ===
With Fedora 42, the [https://fedoraproject.org/wiki/Changes/EnableDrmPanic DRM Panic] feature was enabled by default, allowing the Linux kernel to display panic screens with QR codes that encode error traces when kernel panics occur. While this feature successfully captures technical information, the raw kernel traces encoded in QR codes are largely incomprehensible to average users and provide no guidance on next steps.
=== Solution ===
The DRM Panic Frontend is a web application that bridges the gap between technical kernel panic data and user-friendly presentation. When users scan a QR code from a DRM Panic screen with their mobile device, they are directed to a Fedora-hosted web interface that:
# **Provides contextual information** - Explains what happened in accessible language
# **Decodes and displays panic information** - Presents kernel version, architecture, and error traces in a structured, readable format
# **Facilitates bug reporting** - Offers streamlined integration with Fedora Bugzilla, pre-filling bug reports with relevant system information and error traces
# **Improves user experience** - Uses PatternFly design patterns to provide interface consistent with Fedora's design language
=== Technical Details ===
**Technology Stack:**
* Built with React 19 for dynamic user interfaces
* PatternFly 6 for consistent Fedora design language
* Webpack-based build system
* Static HTML/CSS/JavaScript output (no server-side processing required)
**Deployment Requirements:**
* Static web hosting on Fedora infrastructure
* Updating the kernel to point to the new endpoint
* No database or server-side runtime required
**Configuration:**
The application requires minimal configuration [https://github.com/JoseExposito/drm-panic-frontend/blob/main/.env.example via .env file]:
* <code>WEBPACK_BUGZILLA_URL</code> - URL of the Fedora Bugzilla instance (for example, https://bugzilla.redhat.com)
<code>npm run build:production</code> generates a website pointing to the configured Bugzilla URL.
**Information Flow:**
# DRM Panic generates QR code containing compressed panic data (URL with query parameters)
# User scans QR code with mobile device
# Browser loads web application from Fedora infrastructure
# JavaScript decodes URL parameters and decompresses trace data
# Application presents information and provides bug reporting workflow
# No information leaves the user mobile device. The trace is encoded in the URL hash, which is not sent to the server
**Demo:**
The following link displays an screenshot of a DRM Panic. Scan the QR code with your phone to test the application:
https://jexposit.fedorapeople.org/drm-panic-demo.png
=== Current Implementation Status ===
The DRM Panic Frontend is fully functional and includes:
* Complete panic information display with system details (kernel version, architecture)
* Modal dialogs for detailed error traces and bug reporting instructions
* Bugzilla integration with pre-filled bug report URLs
* Responsive design for mobile and desktop viewing
* Minimal test coverage with Jest
== Feedback ==
Initial community feedback from the devel@lists.fedoraproject.org announcement has been positive, with recognition that improving the user experience for kernel panics is valuable.
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/JMGIBLN6EXSASOFGGTVEB7U23WND6SA6/
== Benefit to Fedora ==
# **Improved User Experience** - Transforms a technical, intimidating error screen into an approachable interface that guides users through understanding and reporting issues
# **Increased Bug Reports** - By lowering the barrier to bug reporting, Fedora and upstream developers will receive more actionable panic reports, leading to better kernel stability
# **Accessibility** - Makes kernel debugging information accessible to non-technical users who can now effectively report issues even without understanding kernel internals
== Scope ==
* Proposal owners:
** Maintain the DRM Panic Frontend application
** Respond to bug reports and feature requests
** Keep dependencies up to date
* Other developers:
** **Fedora Infrastructure team** - Provide hosting for the static web application, configure domains, and set up deployment pipeline
** **Fedora Design team** (optional) - Review and suggest improvements to the user interface
** **Kernel team** - Coordinate on QR code URL format and ensure DRM Panic QR codes point to the hosted frontend
* Release engineering: N/A (not a System Wide Change)
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with the Fedora Strategy:
This change aligns with the Fedora Strategy by improving user experience and making Fedora more accessible to non-technical users while also improving the quality of bug reports that help make Fedora more stable and reliable.
== Upgrade/compatibility impact ==
This change has no impact on existing systems. The DRM Panic Frontend is an optional, additive feature that enhances the existing DRM Panic functionality without modifying kernel behavior.
== Early Testing (Optional) ==
N/A
== How To Test ==
=== Testing the Web Application ===
**Local Development Testing:**
<pre>
git clone https://github.com/JoseExposito/drm-panic-frontend.git
cd drm-panic-frontend
npm install
cp .env.example .env
npm start
</pre>
**Access Test URL:** Navigate to the example URL provided in HACKING.md which simulates a DRM Panic QR code
**Verify Functionality:**
* Panic information displays correctly (kernel version, architecture)
* Error trace is readable and properly formatted
* "Report Issue" modal provides clear instructions
* Bugzilla link is correctly formatted with pre-filled fields
* Copy-to-clipboard functionality works
* Responsive design works on mobile devices
**Production Build Testing:**
<pre>
npm run build:production
</pre>
Verify the <code>dist/</code> directory contains optimized static files ready for deployment
== User Experience ==
=== Before This Change ===
When a user experiences a kernel panic with DRM Panic enabled:
# Screen displays a kernel panic message with a QR code
# User scans QR code
# User sees technical information with no context
# No clear path to report the issue or get help
=== After This Change ===
When a user experiences a kernel panic:
# Screen displays a kernel panic message with a QR code
# User scans QR code
# Browser loads a Fedora-branded web page
# User sees:
#* Clear explanation of what happened
#* System information in readable format (kernel version, architecture)
#* Structured error trace display
#* Step-by-step bug reporting instructions
== Dependencies ==
=== Build Dependencies ===
* Node.js 18+ (for development and building)
* npm or yarn package manager
=== Runtime Dependencies ===
* Modern web browser with JavaScript enabled
* No server-side runtime dependencies (static files only)
=== Integration Dependencies ===
* DRM Panic kernel feature (enabled in Fedora 42+)
* QR code configuration pointing to the hosted frontend URL
== Contingency Plan ==
* Contingency mechanism: If the DRM Panic Frontend cannot be deployed for Fedora 45, DRM Panic continues to function with raw QR code data URLs. Users experience the pre-existing workflow (direct URL with encoded data). No regression or loss of functionality. Deployment can be attempted in a future release.
* Contingency deadline: Beta freeze. If hosting infrastructure is not ready by Beta, the deployment can be postponed without impact.
* Blocks release? No. This is a web application deployment separate from the Fedora release compose process.
== Documentation ==
=== Application Documentation ===
* [https://github.com/JoseExposito/drm-panic-frontend GitHub Repository]
* HACKING.md - Development and testing guide
=== Related Documentation ===
* [https://fedoraproject.org/wiki/Changes/EnableDrmPanic Fedora Change: Enable DRM Panic]
* [https://docs.kernel.org/gpu/drm-kms-helpers.html#drm-panic-infrastructure Kernel DRM Panic Documentation]
* [https://www.phoronix.com/news/DRM-Panic-Nicer-Fedora-Idea Phoronix Coverage]
== Release Notes ==
Fedora 45 introduces the DRM Panic Frontend, a user-friendly web interface for kernel panic reporting. When you scan a QR code from a kernel panic screen, you'll be directed to a helpful Fedora web page that explains what happened and guides you through reporting the issue to help improve Fedora. This makes it easier for everyone to contribute to Fedora's stability.
Subscribe to:
Comments (Atom)