Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Kolide: Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet.

Support Linux Action News

Links:

• HDR hackfest wrap-up — People from various organizations were on-site: Red Hat, KDE, System76, AMD, Igalia, Collabora, Canonical, etc. Some more people from NVIDIA, Intel and Google joined us remotely (some of them waking up at 2 AM due to their timezone!).
• Fakespot is acquired by Mozilla — I have exciting news to share, Fakespot has been acquired by Mozilla! We are joining a company that develops one of the most popular browsers in the world in Firefox with a lineage that dates back to the origins of the internet.
• Apple removes Fakespot from App Store after Amazon complains
• More Rust Code Readied For Linux 6.4 — New Rust code for Linux 6.4 includes the introduction of the pin-init API, which is for dealing with safe pinned initialization and allows reducing the amount of "unsafe" Rust code within the kernel.
• Asahi Lina on Twitter: My Rust contributions for Linux 6.4 are finally merged upstream! 🦀🐧 — The next big challenge is going to be the DRM subsystem abstractions!
• India blocks 14 mobile apps used by terrorists in Pakistan to send information in J-K — As inputs received that these applications are being used to further terror propaganda and incite youths in Jammu and Kashmir, the Central government blocked them under Section 69A of the Information Technology Act, 2000.
• India removes ban on VLC media player after cybersecurity concerns addressed
• Text of the RESTRICT Act — To authorize the Secretary of Commerce to review and prohibit certain transactions between persons in the United States and foreign adversaries, and for other purposes...
• Tell Congress: Don’t Outlaw Encrypted Applications

Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Kolide: Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet.

Support Linux Action News

Links:

• IBM Takes Over Red Hat Storage to IBM Offerings — IBM announced today it will add Red Hat storage product roadmaps and Red Hat associate teams to the IBM Storage business unit, bringing consistent application and data storage across on-premises infrastructure and cloud.
• Why Whitehurst is stepping away from IBM
• IBM Does A “Quasi-Acquisition” Of Red Hat Storage — Red Hat OpenShift Data Foundation is also being absorbed into IBM Spectrum Fusion. IBM is assuming the Premier Sponsorship role of the Ceph Foundation from Red Hat.
• Announcing Nextcloud Hub 3 — Our design always followed three principles. Focus on content, ease of use, and great accessibility. For this refresh, we added a fourth: make it your own.
• Introducing NVK — NVK is a new open-source Vulkan driver for NVIDIA hardware in Mesa.
• Debian’s firmware vote results — The winning option allows the installer image to include firmware necessary to use the system.
• Intel Laptop Users Should Avoid Linux 5.19.12 — After looking at some logs we do end up with potentially bogus panel power sequencing delays, which may harm the LCD panel.
• Intel Laptop Users Should Avoid Linux 5.19.12 To Avoid Potentially Damaging The Display - Phoronix
• Linux 6.0 Released With Many Intel & AMD Driver Additions — Linus Torvalds just promoted Linux 6.0 to stable on-schedule and thereby now ushering in the Linux 6.1 merge window to officially get underway tomorrow.
• Some 6.0 development statistics — A total of 2,034 developers contributed to the 6.0 release; of those, 236 made their first contribution during this cycle. The total number of developers is just short of the record (2,086) set for 5.19, but the number of first-time contributors is the lowest seen since the 5.6 release (216) in 2020.
• Linux 6.0 Supporting New Intel/AMD Hardware
• Btrfs Brings Some Great Performance Improvements With Linux 6.1
• The Initial Rust Infrastructure Has Been Merged Into Linux 6.1 — As a follow-up to the Rust infrastructure pull request for Linux 6.1, Linus Torvalds pulled the initial Rust code into the mainline Linux kernel this evening.

Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Ting: Save $25 off your first device, or $25 in service credit if you bring one!

Support Linux Action News

Links:

• Linux has been bitten by its most high-severity vulnerability in years — Dirty Pipe has the potential to smudge people using Linux and Linux derivitives.
• Catalin Cimpanu on Twitter — “DirtyPipe (CVE-2022-0847) is a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation. It is similar to CVE-2016-5195 “Dirty Cow” but is easier to exploit.
• Ron Amadeo on Twitter — “By my count, Dirty Pipe affects only brand-new Android 12 devices like the Pixel 6 and S22. Linux 5.8 and above has only been an Android option for five months."
• Canonical Patches “Dirty Pipe” Vulnerability in Ubuntu 21.10 and 20.04 LTS
• BLASTY on Twitter: “Hacked up a quick Dirty Pipe PoC that spawns a shell by hijacking (and restoring) the contents of a setuid binary.”
• The Dirty Pipe Vulnerability — The Dirty Pipe Vulnerability documentation
• AMD Posts Some New Linux Job Openings From Client CPU To Server — AMD would need a lot more Linux engineers to achieve the same level of timely Linux support and low-level kernel enhancements that Intel has been focused on for years, especially when it comes to Intel's open-source work beyond just the actual hardware device enablement.
• Introducing Native Matrix VoIP with Element Call! — What’s more, Element Call is built entirely on Matrix: it doesn’t need any additional servers to get going. You can run it against your existing Matrix homeserver to provide complete self-sovereignty… while still being able to talk to anyone else anywhere on the wider Matrix network! We will also be able to automatically use Matrix’s end-to-end encryption to secure all Element Call conferences
• call.element.io
• https://github.com/vector-im/element-call/issues
• Extending Matrix’s E2EE calls to multiparty
• Danielle Foré on Twitter — Okay it’s been a full month and this situation still isn’t resolved, and it sucks for you to just be completely in the dark and it’s pretty obvious something is up and people are asking what’s going on, so here is my side of the story 🧵
• Danielle gives an update on elementary Reddit Thread
• Jupiter Broadcasting East Coast Meetup