Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.

Support Linux Action News

Links:

• Element suspended on Google Play Store — At 2021-01-29 at 21:35 UTC Google suspended Element from the Play Store without warning or notification
• Element sees fivefold increase in signups after Whatsapp privacy debacle — After Whatsapp’s announcement, rival app Telegram reported a 500% increase in users and Signal saw an 18-fold increase in download numbers, putting it on track to cross 1m new users each day.
• Element team waiting hours — Update: we’re still waiting for a response from Google to our explanatory mail sent ~8 hours ago. Thanks all for your patience while we get this sorted...
• New Linux SUDO flaw lets local users gain root privileges — The issue is a heap-based buffer overflow exploitable by any local user (normal users and system users, listed in the sudoers file or not), with attackers not being required to know the user's password to successfully exploit the flaw. The vulnerability was introduced in the Sudo program almost 9 years ago, in July 2011.
• 10-year-old Sudo bug lets Linux users gain root-level access
• Buffer overflow in command line unescaping
• Sudo vulnerability allows attackers to gain root privileges on Linux systems (CVE-2021-3156) - Help Net Security — "This vulnerability is perhaps the most significant sudo vulnerability in recent memory (both in terms of scope and impact) and has been hiding in plain sight for nearly 10 years."
• New Linux Kernel Vulnerabilities Patched in All Supported Ubuntu Releases
• Mitre - CVE-2020-28374
• Red Hat Customer Portal: CVE-2020-28374
• Debian: CVE-2020-28374
• Ubuntu: CVE-2020-28374
• The killing of CentOS Linux: ‘The CentOS board doesn’t get to decide what Red Hat engineering teams do’ — Brian Exelbierd, responsible for Red Hat liaison with the CentOS project and a board member of that project, has told The Register that CentOS Linux is ending because Red Hat simply refused to invest in it.
• Rocky Linux gets a new sponsor—Gregory Kurtzer’s startup, Ctrl IQ — Rocky Linux is to be a beneficiary of Ctrl IQ's revenue, not its source—the company describes itself in its announcement as the suppliers of a "full technology stack integrating key capabilities of enterprise, hyper-scale, cloud and high-performance computing."
• Linux maintainer says long-term support for 5.10 will stay at two years unless biz world steps up and actually uses it — Linux kernel maintainer Greg Kroah-Hartman has responded to complaints that the current promise of two years for 5.10 is not enough, explaining that support is not automatic but requires commercial help.
• Rust Game Server One-Click App Linode — A free-for-all battle in a harsh open-world environment.

Plus Google Cardboard goes open source, and a neat machine-learning tool to pull songs apart.

Special Guest: Wes Payne.

Support Linux Action News

Links:

• Google gives most Chromebooks an extra year of software support — Seven Chromebooks from Lenovo recently had their support lifespan extended, and now Google has updated the EOL date for 135 more models from several manufacturers. Most models received another year of support, others only got another six months, and some now have two more years.
• What’s new in Chrome OS: Virtual Desks, simpler printing and more — Think of Virtual Desks as separate workspaces within your Chromebook. Use this feature to create helpful boundaries between projects or activities. If you’re working on multiple projects, you can dedicate a desk to each one. Open Overview and tap New Desk in the top right-hand corner of your screen to try out Virtual Desks.
• Google Enlists Outside Help to Clean Up Android's Malware Mess — Today Google is announcing a partnership with three antivirus firms—ESET, Lookout, and Zimperium—to create an App Defense Alliance.
• Open sourcing Google Cardboard — Today, we’re releasing the Cardboard open source project to let the developer community continue to build Cardboard experiences and add support to their apps for an ever increasing diversity of smartphone screen resolutions and configurations.
• Access ESM, now free to the community, via the updated Ubuntu Advantage client — Canonical is happy to announce that all community users are entitled to a free Ubuntu Advantage for Infrastructure account for access to Extended Security Maintenance (ESM) and Kernel Livepatch* for Ubuntu 14.04 LTS (Trusty Tahr) for up to three machines, and up to 50 machines for all official Ubuntu Members.
• Releasing Spleeter: Deezer Research source separation engine — We are releasing Spleeter to help the research community in Music Information Retrieval (MIR) leverage the power of a state-of-the-art source separation algorithm. It comes in the form of a Python Library based on Tensorflow, with pretrained models for 2, 4 and 5 stems separation.
• Microsoft Will Release Their Edge Web Browser For Linux — Microsoft announced at their Ignite conference in Seattle that their Edge web-browser will see a Linux release