Linux Open Source Daily Report – September 9, 2025

Note: Swipe left on the briefing content to view the event timeline, historical background, technical details, and quick Q&A information.

Mozilla to End Support for 32-bit Linux Version of Firefox in 2026

Linux Open Source Daily Report - September 9, 2025

Mozilla will stop building the 32-bit Linux version of Firefox starting with version 145 in 2026; the final 32-bit regular version will be Firefox 144, while Firefox ESR 140 will continue to receive security updates on 32-bit Linux until September 2026.

Reports indicate that Mozilla maintained the 32-bit Linux version for a long time after other browsers had dropped support, and that 32-bit builds are now “increasingly difficult to build,” aligning Firefox with the broader shift to 64-bit while providing a clear transition period.

Event Timeline

❶ September 2025 Reports indicate that Mozilla plans to terminate support for the 32-bit Linux version of Firefox.

❷ 2026 Firefox 145 will cease 32-bit Linux builds; Firefox 144 will be the last non-ESR 32-bit version.

❸ September 2026 Security updates provided through Firefox ESR 140 for 32-bit Linux will end.

Historical Background

Google Chrome abandoned 32-bit Linux support about a decade ago, setting a precedent for mainstream browsers to focus on 64-bit architecture. In contrast, Mozilla continued to provide the 32-bit Linux version of Firefox long after most other browsers and operating systems ended support, helping users extend hardware lifespan and avoid premature obsolescence.

Did you know?

If you build from source, LibreWolf still supports 32-bit Linux, providing a privacy-focused alternative for older systems.

Technical Details

32-bit vs 64-bit: 64-bit systems can handle more memory and are the standard configuration for modern Linux distributions, while 32-bit architecture is legacy and increasingly uncommon.

Firefox ESR: The Extended Support Release (ESR) provides security and stability updates without frequent feature changes, offering a longer, predictable maintenance window — in this case, support for 32-bit Linux will last until September 2026.

Build Complexity: Mozilla and related reports indicate that 32-bit Linux builds have become difficult to produce and maintain, reflecting the challenges of toolchains and dependencies on older architectures.

Quick Q&A

When will Firefox stop releasing the 32-bit Linux version? Starting with Firefox 145 in 2026; Firefox 144 is the last regular 32-bit version.

How long will 32-bit Linux receive Firefox security updates? Firefox ESR 140 will receive security updates on 32-bit Linux until September 2026.

Why is Mozilla terminating support for 32-bit Linux? Mozilla states that the 32-bit Linux version is increasingly difficult to build and that the ecosystem has largely shifted to 64-bit.

Linux Weekly News: Debian 13.1, Mint 22.2

Two Linux media outlets reviewed the highlights of week 36 in 2025.

Linuxiac’s summary highlights the release of Debian 13.1, Linux Mint 22.2, LKRG 1.0, the release date of the COSMIC beta, Mozilla’s abandonment of 32-bit support, and GNOME 49’s reintroduction of X11.

Additionally, 9to5Linux published the 256th weekly review as of September 7, 2025.

Event Timeline

❶ September 1–7, 2025 Linuxiac covers the highlights of week 36.

❷ Week ending September 7, 2025 9to5Linux publishes the 256th weekly review.

Technical Details

X11 (X.Org): X11 is a long-standing Linux display server; GNOME 49’s “reintroduction of X11” indicates regained support or availability beyond the updated Wayland option.

LKRG: Linux Kernel Runtime Guard is a kernel security module focused on runtime integrity checks and vulnerability detection; version 1.0 reflects the maturity of the project.

32-bit Support: Dropping 32-bit support can reduce maintenance complexity for developers but may impact users with older hardware and niche environments.

Quick Q&A

What releases did Linuxiac highlight in week 36? Debian 13.1, Linux Mint 22.2, and LKRG 1.0, along with news about the COSMIC beta release date, GNOME 49’s reintroduction of X11, and Mozilla’s abandonment of 32-bit support.

How has the 9to5Linux weekly review series progressed? As of September 7, 2025, it has reached its 256th issue.

Linux 6.18 Expected to Add eUSB2V2 Camera Support; Versal TRNG Driver Queued

The upcoming Linux 6.18 kernel is expected to add eUSB2V2 support for next-generation high-resolution laptop cameras, thanks to the work of open-source Intel engineers over the past few months.

AMD has also queued a true random number generator (TRNG) driver for the AMD-Xilinx Versal SoC for the 6.18 cycle.

Other display updates include Intel’s Wildcat Lake support and the “enable_panel_replay” option.

A community post also noted that 6.18 will support the TH1520 PVR IMG BXM-4-64 GPU.

Historical Background

Each Linux kernel version routinely integrates upstream drivers and platform enablement from vendors like Intel and AMD, as well as community contributors, to expand hardware support and improve performance. Hardware RNG has long enhanced cryptographic operations by providing higher quality entropy than software alone.

Did you know?

The eUSB2V2 work in Linux 6.18 is specifically aimed at enabling next-generation high-resolution laptop cameras.

Technical Details

eUSB2V2: Embedded USB2 version 2.0 is aimed at internal device links; in this context, it enables higher resolution laptop cameras in Linux 6.18, reflecting months of work by Intel open-source engineers.

Versal TRNG: The new driver will expose the true random number generator available on the AMD-Xilinx Versal SoC to the kernel, providing hardware-generated entropy for cryptographic and security use cases.

enable_panel_replay: Intel’s drm-intel-next adds the “enable_panel_replay” option beyond Wildcat Lake display support, which is part of the display-related changes queued for Linux 6.18.

Quick Q&A

What is the main benefit of eUSB2V2 support in Linux 6.18? It enables next-generation high-resolution laptop cameras to work via embedded USB2 version 2.0 on Linux.

Which AMD hardware is getting the new TRNG driver? The AMD-Xilinx Versal SoC is receiving the true random number generator driver queued for Linux 6.18.

What Intel display updates are queued for 6.18? Intel has prepared Wildcat Lake display support and added the “enable_panel_replay” option in drm-intel-next for 6.18.

Salesloft Data Breach Linked to GitHub; Report Indicates Over 700 Organizations Affected

Salesloft stated that an investigation led by Mandiant found that the Salesloft/Drift data breach originated from the compromise of its GitHub account, where attackers exploited the account to steal OAuth credentials used to connect the Drift chatbot to customer Salesforce instances.

Data was stolen in early August, and Salesloft publicly disclosed the incident on August 26.

Reports indicate that the incident affected hundreds of organizations, with one media outlet stating that over 700 organizations were impacted.

Additionally, Tenable confirmed a related customer data breach, highlighting downstream supply chain risks.

Event Timeline

❶ As early as March 2025 According to the investigation report, the compromise of Salesloft’s GitHub account began.

❷ Early August 2025 Data theft occurred via stolen OAuth credentials from the Drift-Salesforce integration.

❸ August 26, 2025 Salesloft publicly disclosed the incident.

❹ September 6, 2025 Updates confirmed that the GitHub compromise was the root cause following the Mandiant investigation.

Historical Background

OAuth tokens grant applications limited delegated access without sharing passwords; if stolen and still valid, they can be used to access linked resources until revoked or expired. Software supply chain attacks — where attackers compromise vendors to reach many downstream customers — have become a prominent enterprise risk, prompting increased scrutiny of CI/CD systems and third-party integrations.

Did you know?

Salesloft publicly disclosed the breach on August 26, just days before attributing its root cause to the compromise of its GitHub account — providing customers with a clearer path for remediation.

Technical Details

OAuth Tokens: OAuth tokens authorize applications like chatbots to access specific Salesforce data; if attackers steal these tokens before they are revoked, they can query that data within the token’s scope.

Supply Chain Attacks: By compromising the vendor (Salesloft) and its integrations, attackers reached many customers’ Salesforce environments — expanding the impact to over 700 organizations.

GitHub Account Compromise: Access to a company’s source code control may expose credentials or integration secrets, leading to subsequent abuses such as token theft and data access in connected services.

Quick Q&A

How did the attackers gain access to customer Salesforce data? They exploited OAuth credentials stolen from the Drift (Salesloft) integration to access data in customer Salesforce instances.

When did the breach begin? Reports indicate that the GitHub breach began as early as March 2025.

Which organizations have acknowledged downstream impacts? Tenable confirmed a customer data breach related to the Salesloft Drift incident.

Leave a Comment