Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Kolide: Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet.

Support Linux Action News

Links:

• Android 13 is in AOSP — Today we’re pushing the Android 13 source to the Android Open Source Project (AOSP) and officially releasing the newest version of Android.
• Android 13 Sources Released To AOSP
• Glibc 2.36 Dropping DT_HASH Has Been Breaking Easy Anti Cheat Games — The breakage stems from the DT_HASH section being dropped in GNU C Library but EAC being among the few software still expecting that section rather than DT_GNU_HASH.
• Pierre-Loup Griffais on Twitter — Unfortunate that upstream glibc discussion on DT_HASH isn't coming out strongly in favor of prioritizing compatibility with pre-existing applications. Every such instance contributes to damaging the idea of desktop Linux as a viable target for third-party developers.
• Carlos O’Donell on Twitter — How far should Linux ELF follow the generic ELF standard (gABI)? We recently let distributions drop DT_HASH from glibc builds (mandatory under the gABI). This broke EPIC's Easy Anti-Cheat. We *should* ask the gABI for DT_HASH to be optional.
• GLIBC update broke EAC for most games that use it — Issue #6051 · ValveSoftware/Proton
• Should we make DT_HASH dynamic section for glibc?
• gapi discussion: Making DT_HASH optional?
• Linux 6.0 debuts, missing some Rusty bits — Emperor Penguin Linus Torvalds has released the first release candidate for Linux 6.0, but doesn't mind what you call it.
• Linux 6.0 arrives with performance improvements and more Rust coming
• Linux 6.0-rc1 Released With Exciting Performance Optimizations
• Real-Time “PREEMPT_RT” Not in 6.0-rc1 — Of the 50 patches, it's not too bad either as there are five patches for example that are rather trivial for just enabling real-time (RT) support in the Kconfig files for ARM / ARM64 / POWER / x86 / x86_64. There are also a handful of patches each specific to POWER and the i915 graphics driver code.
• Debian turns 29! — Today is Debian's 29th anniversary. We recently wrote about some ideas to celebrate DebianDay, and several events have been planned in more than 14 locations.
• LocalGroups - Debian Wiki
• A New Jailbreak for John Deere Tractors Rides the Right-to-Repair Wave — An exploit that provides root access to two popular models of the company’s farm equipment.
• mu on Twitter — Sick Codes has jailbroken a John Deere, and this is just the beginning. Turns out our entire food system is built on outdated, unpatched Linux and Windows CE hardware with LTE modems.
• How a version of Doom running on a John Deere tractor champions the right-to-repair movement — Sick Codes achieved this by working with different tractor control touchscreen consoles, narrowing it down to a select few models, and finding a way to exploit these devices.
• Right to repair movement goes Deere hunting
• The debate over right to repair in 2022 | Successful Farming
• Deere Hit with Class Action Lawsuit Over Right to Repair
• Late Night Linux – Episode 190

Plus what happened to NHoS, and more!

Support Linux Action News

Links:

• Wine 3.0 Released — This includes in particular Direct3D 12 and Vulkan support, as well as OpenGL ES support to enable Direct3D on Android.
• Oneplus pwned — One of our systems was attacked, and a malicious script was injected into the payment page code to sniff out credit card info while it was being entered.
• ​Google moves to Debian for in-house Linux desktop — Google has officially confirmed the company is shifting its in-house Linux desktop from the Ubuntu-based Goobuntu to a new Linux distro, the DebianTesting-based gLinux.
• Meltdown and Spectre Linux kernel status — Some “enterprise” distributions did not backport the changes for this reporting, so if you are running one of those types of kernels, go bug the vendor to fix that, you really want a unified way of knowing the state of your system.
• Red Hat pulls microcode update — Which, er, sounds like Red Hat has given up and, to avoid any blame, has told its customers to just get whatever firmware your CPU maker is offering. And if it works, it works, and if it makes your box fall over, uh, don't look at Red Hat.
• Red Hat: We Didn't Pull CPU Microcode Update — "It's actually an encrypted, signed binary image, so we don't have the capability, even if we wanted to produce microcode. It's a binary blob that we cannot generate. The only people who can actually generate that are the CPU vendors."
• Ubuntu almost ready to patch against Spectre — This week we published candidate Ubuntu kernels providing mitigation for CVE-2017-5715 and CVE-2017-5753 (ie, Spectre / Variants 1 & 2) to their respective -proposed pockets for Ubuntu 17.10 (Artful), 16.04 LTS (Xenial), and 14.04 LTS (Trusty).  
• Skyfall and Solace: Meltdown and Spectre are just the beginning — Skyfall and Solace are two speculative attacks based on the work highlighted by Meltdown and Spectre. Full details are still under embargo and will be published soon when chip manufacturers and Operating System vendors have prepared patches.
• NHoS shut down — The small team behind an ambitious NHoS Linux project are calling it a day, citing receipt of a trademark infringement warning from the UK Department of Health's (DoH) "brand police" as the "final straw."

Plus a big moment for the Kernel, Red Hat goes ARM, and OpenPlus has a backdoor with a twist.

Sponsored By:

• Ting: Save $25 off your first device, or $25 in service credit if you bring one!

Support Linux Action News

Links:

• Fedora 27 released — The Workstation edition of Fedora 27 features GNOME 3.26. In the new release, both the Display and Network configuration panels have been updated, along with the overall Settings panel appearance improvement.
• Firefox 57 arrives — It’s by far the biggest update we’ve had since we launched Firefox 1.0 in 2004
• There's an option for people who don't like change — a fork of the Mozilla code-base pre-Servo/Rust... Basically for those not liking the direction of Firefox with v57 rolling out the Quantum changes, etc.
• Ubuntu Unity 7 flavour might be on the horizon — A proposal to create a new community Ubuntu flavor which uses the Unity 7 desktop by default is gathering support within the Ubuntu community.
• LTS kernel 4.14 released — Anyway, go out and test the new 4.14 release, that is slated to be the next LTS kernel - and start sending me pull request for the 4.15 merge window.
• RISC-V support may be coming to 4.15 — RISC-V is hoping to see mainline with Linux 4.15. We've known for a while now about their mainline ambitions for 4.15 and a pull request was sent today, but it remains to be seen yet if Linus Torvalds will pull it for this merge window.
• Red Hat announces ARM version of RHEL — Red Hat Enterprise Linux 7.4 for ARM, the first commercial release for this architecture.
• Oneplus backdoor — OnePlus accidentally left in place a diagnostic testing application made by Qualcomm. After decompiling this application, he discovered that it can be exploited to grant root access—effectively acting as a backdoor.

Plus some key project updates & more!

Support Linux Action News

Links:

• Solus pushing forward Steam with Snaps — That snap, as some people have already guessed as much, will be the linux-steam-integration project, using a strict-mode LSI intercept module. We can also make various tweaks on top of that runtime to enforce ABI compatibility where it might be missing.
• AAC will be supported in Fedora Workstation 27 — What we will be shipping in Fedora is a modified version of the AAC implementation released by Google, which was originally written by Frauenhoffer. On top of that we will of course be providing GStreamer plugins to enable full support for playing and creating AAC files for GStreamer applications.
• Plasma 5.11 released — Plasma 5.11 brings a redesigned settings app, improved notifications, a more powerful task manager. Plasma 5.11 is the first release to contain the new “Vault”, a system to allow the user to encrypt and open sets of documents in a secure and user-friendly way, making Plasma an excellent choice for people dealing with private and confidential information.
• 5.12 aims for Wayland improvements — If we all just use Wayland and report and fix the bugs we run into I'm sure that 5.12 will be an awesome release on Wayland. So please help to make it happen!
• KDE turns 21 — t was on 14 October 1996 that the "Kool Desktop Environment" was founded by Matthias Ettrich. At the time he wanted KDE to be a "consistent, nice looking free desktop-environment."
• Fwupd 1.0 Released — fwupd now supports 72 different kinds of hardware, support for another ~12 devices is currently being worked on, many vendors continue using or exploring fwupd, and around 165,000 devices each month get updated firmware using fwupd with LVFS.
• Oneplus collecting data in Oxygen OS — Moore discovered that some of the data being sent to OnePlus' servers included the phone's IMEI number, the phone number, MAC addresses, mobile network names and IMSI prefixes, Wi-Fi connection info, and the phone's serial number.
• Say they'll stop — By the end of October, “all OnePlus phones running OxygenOS will have a prompt in the setup wizard that asks users if they want to join our user experience program.” Not only that, but he also stated that OnePlus “will no longer be collecting telephone numbers, MAC Addresses and WiFi information.
• Librem 5 funded — 14 days early, we have crossed a historic milestone.
• Purism Collaborates with Cryptocurrency Monero — The Monero Project is a grassroots, community-driven initiative that advocates for privacy on a global scale by producing several free libre open source software projects, with the flagship offering being Monero, a fungible and decentralized cryptocurrency.