Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Ting: Save $25 off your first device, or $25 in service credit if you bring one!

Support Linux Action News

Links:

• Ubuntu gets a new rolling-release remix — The new flavor is the brainchild of MrBeeBenson, building on work by Martin Wimpress, who is the project leader of the Ubuntu MATE remix.
• AMD Recruiting More Linux Engineers For Debug, CXL Enablement & More — Notable with their latest batch of Linux openings is hiring a CXL engineer. This role will focus on AMD's support for Compute Express Link (CXL) hardware enablement under Linux.
• WirePlumber 0.4.9 Fixes Surround Sound For Some Linux Games — It was reported that some games within Steam were not able to enjoy 5.1 surround sound with PipeWire in a year-old bug report. A fix landed in WirePlumber a month ago to relax the format parsing within the si-audio-adapter module and this appears to fix up that issue
• New Linux kernel patch speeds up server shutdowns — The problem is caused by the relatively long time it takes to properly shut down an NVMe drive: apparently, as much as four-and-a-half seconds.
• Linux 5.18 Hardens The Kernel For 64-bit Arm With Shadow Call Stack Support — With the Linux 5.18 hardening updates there is support added for ARM64 (AArch64) Shadow Call Stack support when building the Linux kernel with GCC 12 and newer.
• Linux 5.18 Power Management Brings Improvements For Both Intel & AMD — Intel's P-State driver will now use the default default Energy Performance Preference (EPP) exposed by the firmware, and over on the AMD CPU side, the CPUPower utility that lives within the kernel source tree now supports running in conjunction with the AMD P-State driver.
• Linux 5.18 Moves Ahead With Deprecating ReiserFS — The plan is to treat it as deprecated and formally remove it from the mainline Linux kernel in 2025.
• XFS Online Repair Functionality To Undergo A Massive Design Review — XFS online repair has been talked about for years along with online scrubbing and it looks like it's about all buttoned up. Darrick Wong will be spending the next roughly two months focusing on the "massive" design review for XFS online repair code.
• Problems emerge for a unified /dev/*random — A bunch of changes for the kernel random-number generator (RNG) were merged by Linus Torvalds on March 21. Unfortunately a user-space regression surfaced that led Torvalds to say that he would revert the patch. The idea was good, but it "causes problems for various platforms that can't do jitter entropy and have nothing else happening either".

Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.

Support Linux Action News

Links:

• Element suspended on Google Play Store — At 2021-01-29 at 21:35 UTC Google suspended Element from the Play Store without warning or notification
• Element sees fivefold increase in signups after Whatsapp privacy debacle — After Whatsapp’s announcement, rival app Telegram reported a 500% increase in users and Signal saw an 18-fold increase in download numbers, putting it on track to cross 1m new users each day.
• Element team waiting hours — Update: we’re still waiting for a response from Google to our explanatory mail sent ~8 hours ago. Thanks all for your patience while we get this sorted...
• New Linux SUDO flaw lets local users gain root privileges — The issue is a heap-based buffer overflow exploitable by any local user (normal users and system users, listed in the sudoers file or not), with attackers not being required to know the user's password to successfully exploit the flaw. The vulnerability was introduced in the Sudo program almost 9 years ago, in July 2011.
• 10-year-old Sudo bug lets Linux users gain root-level access
• Buffer overflow in command line unescaping
• Sudo vulnerability allows attackers to gain root privileges on Linux systems (CVE-2021-3156) - Help Net Security — "This vulnerability is perhaps the most significant sudo vulnerability in recent memory (both in terms of scope and impact) and has been hiding in plain sight for nearly 10 years."
• New Linux Kernel Vulnerabilities Patched in All Supported Ubuntu Releases
• Mitre - CVE-2020-28374
• Red Hat Customer Portal: CVE-2020-28374
• Debian: CVE-2020-28374
• Ubuntu: CVE-2020-28374
• The killing of CentOS Linux: ‘The CentOS board doesn’t get to decide what Red Hat engineering teams do’ — Brian Exelbierd, responsible for Red Hat liaison with the CentOS project and a board member of that project, has told The Register that CentOS Linux is ending because Red Hat simply refused to invest in it.
• Rocky Linux gets a new sponsor—Gregory Kurtzer’s startup, Ctrl IQ — Rocky Linux is to be a beneficiary of Ctrl IQ's revenue, not its source—the company describes itself in its announcement as the suppliers of a "full technology stack integrating key capabilities of enterprise, hyper-scale, cloud and high-performance computing."
• Linux maintainer says long-term support for 5.10 will stay at two years unless biz world steps up and actually uses it — Linux kernel maintainer Greg Kroah-Hartman has responded to complaints that the current promise of two years for 5.10 is not enough, explaining that support is not automatic but requires commercial help.
• Rust Game Server One-Click App Linode — A free-for-all battle in a harsh open-world environment.