Linux Action News 220

The nasty Log4Shell vulnerability isn't solved yet, this week saw a new round of attacks and patches.

Plus how the work to port Linux to the Apple M1 resulted in fixing a bug that impacted all Linux distros.

• Log4j 2.15.0 and previously suggested mitigations may not be enough — It was discovered that version 2.15.0 would still be vulnerable when the configuration has a pattern layout containing a Context Lookup.
• Statement from CISA Director Easterly on “Log4j” Vulnerability
• PipeWire 0.3.41 Offers Improved Flatpak & JACK Compatibility, Apple AirPlay Streaming — PipeWire 0.3.41 also adds a new RAOP module (raop-sink and raop-discover) that can be used for streaming to Apple AirPlay devices.
• EXT4 Prepared To Switch To Linux’s New Mount API — Linux's new mount API is what came about in recent times as a set of system calls offering more flexibility than the long-standing mount syscall that is a one-shot effort while this new multi-step mounting procedure allows for more options.
• The End-Of-Year 2021 State Of Linux On Apple’s M1 SoC — The Asahi Linux project has published their October and November status update to provide an overview of where the Apple Silicon / Apple M1 open-source support is now at as we approach the end of 2021.
• Asahi Linux looks forward to exciting 2022 on Apple silicon
• Hector Martin on Twitter — Looks like Apple changed the requirements for Mach-O kernel files in 12.1, breaking our existing installation process... and they *also* added a raw image mode that will never break again and doesn't require Mach-Os. And people said they wouldn't help. This is intended for us.
• Podcastindex.org — The Podcast Index is here to preserve, protect and extend the open, independent podcasting ecosystem.
• Linux Action News on Podcastindex.org