Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Kolide: Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet.

Support Linux Action News

Links:

• A new privilege escalation vulnerability in the Linux kernel — The vulnerability consists of a stack buffer overflow due to an integer underflow vulnerability inside the nft_payload_copy_vlan function, which is invoked with nft_payload expressions as long as a VLAN tag is present in the current skb.
• netfilter: nft_payload: add C-VLAN support · torvalds/linux@f6ae9f1
• CVE-2023-0179
• CVE-2023-0179- Red Hat Customer Portal
• [net,3/3] netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits - Patchwork
• oss-sec: Re: CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup
• libvirt 9.0 Released For Latest Linux Virtualization API — Libvirt 9.0 adds support for external snapshot deletion with QEMU using its existing API, libvirt 9.0 with QEMU now supports PASST as "Plug A Simple Socket Transport" for connecting an emulated network device to the host's network, QEMU external back-end support for SWTPM as a software Trusted Platform Module (TPM), support for passing file descriptors rather than passing files for the QEMU disk, and other additions.
• JFS Filesystem’s Days are Numbered — IBM developed the JFS file-system originally in the 90's for AIX and the second-generation implementation then ported to Linux after it was made open-source.
• Firefox 109.0 Ships Manifest Version 3 — Manifest Version 3 (MV3) extension support is now enabled by default (MV2 remains enabled/supported). This major update also ushers an exciting user interface change in the form of the new extensions button.
• Here’s what’s going on in the world of extensions
• Manage your extensions using the extensions button in the toolbar
• Manifest v3 signing available November 21 on Firefox Nightly
• Google delays start of Manifest V2 Chrome extension deprecation — The original plan called for Chrome Beta, Dev, and Canary builds to start experiments that turned off Manifest V2 extension support. Additionally, Manifest V3 would be required to get the “Featured” badge in the Chrome Web Store. 
• Firefox 109 Adds New Extensions Button, Manifest V3 Support — The biggest new feature is the new Unified Extensions button in the toolbar.
• Chrome’s “Manifest V3” plan to limit ad-blocking extensions is delayed
• Chrome Users Beware: Manifest V3 is Deceitful and Threatening — Manifest V3, or Mv3 for short, is outright harmful to privacy efforts. It will restrict the capabilities of web extensions

Sponsored By:

• Kolide: Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet.
• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.

Support Linux Action News

Links:

• New subsystem for compute accelerator devices — This is the fourth (and hopefully last) version of the patch set to add the new subsystem for compute accelerators.
• Compute Accelerator Subsystem Hopes To Be Ready For Linux 6.2
• Peter's Talk at Linux Plumbers Conference — All types of wireless in Linux are terrible and why the vendors should feel bad - Peter Robinson
• Intel’s IWD 2.0 Released For Modern Linux Wireless Daemon — Released this week was IWD 2.0 as the latest milestone for this open-source wireless daemon.
• Phoronix Premium Black Friday Deal — For this year's deal, you can go premium for just $30 per year or $150 for a lifetime subscription.
• Asahi Linux Updates — This month’s update is packed with new hardware support, new features, and fixes for longstanding pain points, as well as a new bleeding-edge kernel branch with long-awaited support for suspend and the display controller!
• Feature Support · AsahiLinux/docs Wiki

Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Kolide: Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet.

Support Linux Action News

Links:

• Announcing Fedora Linux 37 — Fedora Editions are flagship offerings targeted at a particular “market”. With Fedora Linux 37, we’re adding two new Editions.
• Fedora 37 Now Available With GNOME 43 Desktop, Official Raspberry Pi 4 Support
• Meta OSS’ Sapling — A new source control system with Git-compatible client.
• Get ready for Google Summer of Code 2023! — We are thrilled to announce the 2023 Google Summer of Code (GSoC) program and share the timeline with you to get involved! 2023 will be our 19th consecutive year of hosting GSoC.
• Google Summer of Code
• Rust in the Kernel Update — This patch series is the first batch of changes to upstream the rest of the Rust support.
• Rust Developers Preparing To Upstream More Code Into The Linux Kernel
• WSL 1.0 Released — Microsoft announces it is removing the Preview label and making WSL in the Microsoft Store "generally available".
• Release Notes for WSL kernel

Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Kolide: Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet.

Support Linux Action News

Links:

• New fwupd 1.8.4 starts work on BIOS control — fwupd now reads your system BIOS settings, and has the ability to change them if the user desires (and has authorization to do).
• Fwupd 1.8.4 Supports More Hardware, Starts Allowing To Make BIOS Changes From Linux
• Canonical Continues Snap’ing Up Linux Gaming For Ubuntu — Canonical has been indicating they want to improve the Linux gaming experience on Ubuntu (and hiring for it) and ensure its a dominant platform for Linux gaming.
• Pine’ Star64 RISC-V based Single Board Computer
• Pine64 reveals the Star64 RISC-V based Single Board Computer — Along the long leading edges you’ll find PCIe on one end and GPIO on the other. At one end of the board you’ll find a digital video output, a double-stacked Gigabit Ethernet port and a 12V barrel plug for power. On the opposite side, you’ll find 3x USB 2.0, 1x USB 3.0, an audio jack as well as a power button. There are also two U.FL ports for antennas – one for bluetooth and the other for WiFi.
• NetworkManager 1.40 Released With Multi-Path TCP Support — Multi-Path TCP has come together in the kernel over the past two years for this standard, allowing TCP connections to use multiple paths for greater performance/efficiency and added redundancy.
• Debian General Resolution To Decide What To Do With Non-Free Firmware — The basic problem is that the use of downloadable firmware in computer systems is on the rise and most of that firmware is not free software. The official Debian installer only incorporates free software (and firmware), which leads to serious problems for many users.
• Debian Proposes Better Discovery of non-free Firmware Images
• General Resolution: non-free firmware
• Office Hours 11 — We launch our new site LIVE!

Plus the Linux tech Greg KH is most excited about, and more.

Support Linux Action News

Links:

• Ubuntu fixes bugs that standard users could use to become root — A handful of commands was all it took for untrusted users to become all-powerful.
• Now-patched Ubuntu desktop vulnerability allows privilege escalation
• How to get root on Ubuntu 20.04 by pretending nobody’s /home
• Meet Proxmox Backup Server, a Debian-Based Open Source Enterprise Backup Solution — Proxmox launched today Proxmox Backup Server as a new edition of its Debian-based Linux distribution engineered to act as an enterprise solution for backing up and restoring physical hosts, virtual machines and containers.
• Proxmox Roadmap
• Proxmox Backup Server
• Proxmox Backup Git Repo
• PayPal's crypto trading goes live in the US — Customers will be able to trade up to $20,000 a week, rather than the originally announced $10,000.
• Systemd catches up with bind events — Perhaps the real lesson here is that the community would be better served by closer relations between the kernel project and projects managing low-level utilities like systemd.
• eBPF - The Future of Networking & Security — Cilium is an open source project that has been designed on top of eBPF to address the networking, security, and visibility requirements of container workloads. It provides a high-level abstraction on top of eBPF. Cilium is to eBPF what Kubernetes and container runtimes are to Linux kernel namespaces, cgroups, and seccomp
• Linux App Summit 2020

Plus an important Let's Encrypt update, and the next billion-dollar tech coming to Linux.

Support Linux Action News

Links:

• Raspberry Pi 400: the $70 desktop PC — The Raspberry Pi 400 Personal Computer Kit is the “Christmas morning” product, with the best possible out-of-box experience: a complete PC which plugs into your TV or monitor.
• Raspberry Pi 400 - First Impressions
• Raspberry Pi 400 review—the under-$100 desktop PC you didn’t know you needed
• Dell is Adding Webcam and Microphone Kill Switches — Dell is adding new code in Linux kernel that will enable you to disable newer Dell system’s webcam and microphone with keyboard shortcuts. Why? Because privacy.
• Dell Adding Hardware Privacy Driver For Linux
• Let's Encrypt warns about a third of Android devices will from next year stumble over sites that use its certs — Expiration of cross-signed root certificates spells trouble
• Standing on Our Own Two Feet - Let's Encrypt
• Chrome will soon have its own dedicated certificate root store — Currently, Chrome uses the certificate root store part of each operating system. Google plans to manage its own list of "approved" certificates from now on, similar to Firefox.
• BPF binaries: BTF, CO-RE, and the future of BPF perf tools — Two new technologies, BTF and CO-RE, are paving the way for BPF to become a billion-dollar industry.
• What is eBPF?
• eBPF: Put the Kubernetes Data Plane in the Kernel
• LINUX Unplugged 293: Netflix's Gift to Linux