Linux Action News 219

The Log4Shell vulnerability is making waves this week; we'll explain why and break down how it works.

Plus, some good news for the Desktop and systemd-homed gets one step closer.

• GNOME 42 To Finally Allow Input Events To Happen Full-Rate — Up to now GNOME Shell has been compressing pointer motion events so they are synchronized to the monitor refresh rate, which can be anywhere from around 30 to 144 events per second depending upon display.
• An Eventful Instant – GNOME Shell & Mutter
• Do not throttle input in wayland event delivery
• FreeBSD 12.3-RELEASE Announcement — The FreeBSD Release Engineering Team is pleased to announce the availability of FreeBSD 12.3-RELEASE. This is the fourth release of the stable/12 branch.
• systemd 250 Is Coming With A Boat Load Of New Features — systemd 250 is packing a rather large number of new features and changes across the board for this dominant Linux init system and service manager.
• Log4Shell — RCE 0-day exploit found in log4j2, a popular Java logging package
• Apache - The ASF on Twitter — “Did you know that Ingenuity, the Mars 2020 Helicopter mission, is powered by Apache Log4j? https://t.co/gV0uyE1ylk #Apache #OpenSource #innovation #community #logging #services
• Tom (^-^) on Twitter
• Kevin Beaumont on Twitter — “Starting a new thread for log4j security vulnerability and fallout. Spoiler: although this emerged as a Minecraft issue (lol) there is going to be impacts across a wide range of enterprise software for some time.”
• Log4jAttackSurface MEMES