Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Kolide: Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet.

Support Linux Action News

Links:

• A new privilege escalation vulnerability in the Linux kernel — The vulnerability consists of a stack buffer overflow due to an integer underflow vulnerability inside the nft_payload_copy_vlan function, which is invoked with nft_payload expressions as long as a VLAN tag is present in the current skb.
• netfilter: nft_payload: add C-VLAN support · torvalds/linux@f6ae9f1
• CVE-2023-0179
• CVE-2023-0179- Red Hat Customer Portal
• [net,3/3] netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits - Patchwork
• oss-sec: Re: CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup
• libvirt 9.0 Released For Latest Linux Virtualization API — Libvirt 9.0 adds support for external snapshot deletion with QEMU using its existing API, libvirt 9.0 with QEMU now supports PASST as "Plug A Simple Socket Transport" for connecting an emulated network device to the host's network, QEMU external back-end support for SWTPM as a software Trusted Platform Module (TPM), support for passing file descriptors rather than passing files for the QEMU disk, and other additions.
• JFS Filesystem’s Days are Numbered — IBM developed the JFS file-system originally in the 90's for AIX and the second-generation implementation then ported to Linux after it was made open-source.
• Firefox 109.0 Ships Manifest Version 3 — Manifest Version 3 (MV3) extension support is now enabled by default (MV2 remains enabled/supported). This major update also ushers an exciting user interface change in the form of the new extensions button.
• Here’s what’s going on in the world of extensions
• Manage your extensions using the extensions button in the toolbar
• Manifest v3 signing available November 21 on Firefox Nightly
• Google delays start of Manifest V2 Chrome extension deprecation — The original plan called for Chrome Beta, Dev, and Canary builds to start experiments that turned off Manifest V2 extension support. Additionally, Manifest V3 would be required to get the “Featured” badge in the Chrome Web Store. 
• Firefox 109 Adds New Extensions Button, Manifest V3 Support — The biggest new feature is the new Unified Extensions button in the toolbar.
• Chrome’s “Manifest V3” plan to limit ad-blocking extensions is delayed
• Chrome Users Beware: Manifest V3 is Deceitful and Threatening — Manifest V3, or Mv3 for short, is outright harmful to privacy efforts. It will restrict the capabilities of web extensions

Sponsored By:

• Kolide: Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet.
• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.

Support Linux Action News

Links:

• Android Gets RISC-Y — Google's keynote at the RISC-V Summit promises official, polished support.
• Keynote: The Android Open Source Project and RISC-V - Lars Bergstrom, Google Director of Engineering
• New Google Tool Goes Open — The OSV database is a distributed, open-source database that stores vulnerability information in the OSV format. The OSV-Scanner assesses a project's dependencies against the OSV database showing all vulnerabilities relating to the project.
• Ubuntu’s New Installer Milestone — With Ubuntu 23.04 "Lunar Lobster" in April that new desktop installer is poised to finally be used by default.
• HDR Beginning To Work For Linux Gaming — "New Linux gaming milestone: with the latest work from Josh Ashton, HDR can now be enabled for real games! Tested it tonight on my AMD desktop with Halo Infinite, Deep Rock Galactic, DEATH STRANDING DC. Very early and will still need some time to bake to be useful to most."
• Red Hat Planning HDR Hackfest
• GNOME Shell + Mutter 43 Alpha Released
• VKD3D-Proton 2.7 Released With Eight Months Worth Of Changes
• Google Home speakers allowed hackers to snoop on conversations — A bug in Google Home smart speaker allowed installing a backdoor account that could be used to control it remotely and to turn it into a snooping device by accessing the microphone feed.

Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Kolide: Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet.

Support Linux Action News

Links:

• Red Hat’s next steps, according to its new CEO — "We expect to see an 800% increase in edge applications built by 2024. We want those applications to be part of the open hybrid cloud. We think we have a unique position to connect end devices back to the assets that you have in your data centers and cloud that you use to run your company today."
• PREEMPT_RT Might Be Ready To Finally Land In Linux 5.20 — The Linux real-time patch series has been getting smaller with time and quite close to crossing the finish line with just around 50 patches to be merged.
• Google Engineers Go Big on Carbon - A Hopeful Successor To C++ — The Carbon programming language hopes to be the gradual successor to C++ and makes for an easy transition path moving forward.
• ByteDance Working To Make Kernel Booting Faster — This patch series touching around 100 lines of Linux kernel code is what they are now hoping to upstreamed.
• Happy Birthday This Week in GNOME — I am pleased to announce that TWIG is having its first anniversary!
• This Week in GNOME
• This Week in KDE
• #53 GUADEC 2022 · This Week in GNOME
• Btrfs Native Encryption Being Worked On — My goal in sending out this RFC is to get feedback on whether these are going in a reasonable direction; while there are a couple of additional parts, they're fundamentally minor compared to this.

Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.

Support Linux Action News

Links:

• Akamai Warns Of “Panchan” Linux Botnet — The botnet introduces a unique (and possibly novel) approach to lateral movement by harvesting of SSH keys. Instead of just using brute force or dictionary attacks on randomized IP addresses like most botnets do, the malware also reads the id_rsa and known_hosts files to harvest existing credentials and use them to move laterally across the network.
• Canonical Continues Working On Ubuntu’s Firefox Snap Performance — On the Ubuntu blog is a new post by Canonical's Oliver Smith about their latest efforts to improve the Firefox Snap performance and other outstanding issues with this sandboxed version of the Mozilla web browser.
• Lars Knoll Announces His Successor For Qt Chief Maintainer — The voting period for the new Chief Maintainer has ended yesterday. This means Volker Hilsheimer will be our new Chief Maintainer. Congratulations!
• New Chief Maintainer for the Qt Project
• Talisman: Debut of X — I've spent the last couple weeks writing a window system for the VS100. I stole a fair amount of code from W, surrounded it with an asynchronous rather than a synchronous interface, and called it X. Overall performance appears to be about twice that of W.
• X Window System Turns 38 Years Old — It was on 19 June 1984 that Bob Scheifler announced the initial X window system release "X1" at MIT.
• X Windows System Design Principles, a lecture by James Gettys
• A Political History of X - Keith Packard (LCA 2020)
• Linus Torvalds: Rust For The Kernel Could Possibly Be Merged For Linux 5.20 — Torvalds commented that real soon they expect to have the Rust infrastructure merged within the kernel, possibly even for the next release -- meaning Linux 5.20.
• Open Source Summit North America 2022: Keynote: Linus Torvalds
• How are we improving Firefox Snap performance? Part 2