Sponsored By:

• Kolide: Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet.
• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.

Support Linux Action News

Links:

• New FOSS Fund to Support Free and Open Source Projects — To help maintain and sustain this ecosystem, companies and nonprofits alike have experimented with a framework called a FOSS (Free and Open Source Software) Contributor Fund.
• Bloomberg Launches Open-Source Funding Initiative
• Encrypted Fedora — Owen Taylor of Red Hat laid out a mailing list post and Discourse thread today around the future of encryption with Fedora.
• Google’s VM Turbo Charger — With this series, a workload running in a VM gets the same task placement and DVFS treatment as it would when running in the host.
• Linux Plumbers Conference 2022 CPUfreq/sched and VM guest workload problems
• Google Posts KVM-CPUFreq Driver To Dramatically Boost VM Performance, Power Efficiency
• KDE Discuss — KDE Discuss is a place for questions, requests, suggestions, banter, and in general interacting closely with the people actively involved in KDE, as well as with fellow users.
• KDE Discuss is a new discussion service from KDE for everybody who makes and uses KDE software
• New MSI Laptop Driver — Functions handled by the embedded controller on recent MSI laptops.
• new msi-ec driver patch
• Ubuntu 23.04 Beta Hands On
• Jupiter Broadcasting Meetup — Two meetups in the month of April, join us!

Sponsored By:

• Kolide: Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet.
• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.

Support Linux Action News

Links:

• GNOME 44 Released — GNOME 44 is code-named “Kuala Lumpur”, in recognition of the work done by the organizers of GNOME.Asia 2022.
• GNOME 44 Released With Many Desktop Enhancements
• GNOME 44 Getting New Background Apps UI
• Ubuntu Touch OTA-1 Focal Release — This is the first OTA for Ubuntu 20.04 (Focal) with major features, this is an Opt-In and not mandatory update.
• First Ubuntu Touch OTA Release Based on Ubuntu 20.04 LTS Is Out Now
• Ubuntu Cinnamon Flavor Status Announcement — Ubuntu Cinnamon started as a small idea in my head, in 2019. I was ELEVEN.
• ItzSwirlz (Joshua Peisach)
• Ubuntu Cinnamon Remix Becomes Official Ubuntu Flavor
• Microsoft’s CBL-Mariner Linux Distribution Continues Cultivating More Packages — With today's CBL-Mariner 2.0.20230321 they have continued cultivating more packages for the distribution.
• CBL-Mariner GitHub
• We’re no longer sunsetting the Free Team plan — After listening to feedback and consulting our community, it’s clear that we made the wrong decision in sunsetting our Free Team plan.
• Google discloses CentOS Linux kernel vulnerabilities following failure to issue timely fixes — Google Project Zero's security researcher Jann Horn learned that kernel fixes made to stable trees are not backported to many enterprise versions of Linux.
• Google Security Researchers Accuse CentOS of Failing to Backport Kernel Fixes
• Project Zero Mailing List Thread on CentOS Kernel Patches
• CVE-2023-0590
• kernel-5.14.0-277.el9
• CVE-2023-1249
• CVE-2023-1252
• Berlin Meet Up #2 - Nextcloud Hackfest & Dev Community Introduction, Fri, Mar 31, 2023 — NOTE: the time detailed on Meetup.com is strictly set to PST, so don't be confused by the interface!

Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Kolide: Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet.

Support Linux Action News

Links:

• A new privilege escalation vulnerability in the Linux kernel — The vulnerability consists of a stack buffer overflow due to an integer underflow vulnerability inside the nft_payload_copy_vlan function, which is invoked with nft_payload expressions as long as a VLAN tag is present in the current skb.
• netfilter: nft_payload: add C-VLAN support · torvalds/linux@f6ae9f1
• CVE-2023-0179
• CVE-2023-0179- Red Hat Customer Portal
• [net,3/3] netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits - Patchwork
• oss-sec: Re: CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup
• libvirt 9.0 Released For Latest Linux Virtualization API — Libvirt 9.0 adds support for external snapshot deletion with QEMU using its existing API, libvirt 9.0 with QEMU now supports PASST as "Plug A Simple Socket Transport" for connecting an emulated network device to the host's network, QEMU external back-end support for SWTPM as a software Trusted Platform Module (TPM), support for passing file descriptors rather than passing files for the QEMU disk, and other additions.
• JFS Filesystem’s Days are Numbered — IBM developed the JFS file-system originally in the 90's for AIX and the second-generation implementation then ported to Linux after it was made open-source.
• Firefox 109.0 Ships Manifest Version 3 — Manifest Version 3 (MV3) extension support is now enabled by default (MV2 remains enabled/supported). This major update also ushers an exciting user interface change in the form of the new extensions button.
• Here’s what’s going on in the world of extensions
• Manage your extensions using the extensions button in the toolbar
• Manifest v3 signing available November 21 on Firefox Nightly
• Google delays start of Manifest V2 Chrome extension deprecation — The original plan called for Chrome Beta, Dev, and Canary builds to start experiments that turned off Manifest V2 extension support. Additionally, Manifest V3 would be required to get the “Featured” badge in the Chrome Web Store. 
• Firefox 109 Adds New Extensions Button, Manifest V3 Support — The biggest new feature is the new Unified Extensions button in the toolbar.
• Chrome’s “Manifest V3” plan to limit ad-blocking extensions is delayed
• Chrome Users Beware: Manifest V3 is Deceitful and Threatening — Manifest V3, or Mv3 for short, is outright harmful to privacy efforts. It will restrict the capabilities of web extensions

Sponsored By:

• Kolide: Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet.
• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.

Support Linux Action News

Links:

• Android Gets RISC-Y — Google's keynote at the RISC-V Summit promises official, polished support.
• Keynote: The Android Open Source Project and RISC-V - Lars Bergstrom, Google Director of Engineering
• New Google Tool Goes Open — The OSV database is a distributed, open-source database that stores vulnerability information in the OSV format. The OSV-Scanner assesses a project's dependencies against the OSV database showing all vulnerabilities relating to the project.
• Ubuntu’s New Installer Milestone — With Ubuntu 23.04 "Lunar Lobster" in April that new desktop installer is poised to finally be used by default.
• HDR Beginning To Work For Linux Gaming — "New Linux gaming milestone: with the latest work from Josh Ashton, HDR can now be enabled for real games! Tested it tonight on my AMD desktop with Halo Infinite, Deep Rock Galactic, DEATH STRANDING DC. Very early and will still need some time to bake to be useful to most."
• Red Hat Planning HDR Hackfest
• GNOME Shell + Mutter 43 Alpha Released
• VKD3D-Proton 2.7 Released With Eight Months Worth Of Changes
• Google Home speakers allowed hackers to snoop on conversations — A bug in Google Home smart speaker allowed installing a backdoor account that could be used to control it remotely and to turn it into a snooping device by accessing the microphone feed.

Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Kolide: Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet.

Support Linux Action News

Links:

• Microsoft Continues Improving Its Internal Linux Distro With Another Update — Microsoft has kept up with issuing one or more CBL-Mariner updates per month. This summer they rolled out CBL-Mariner 2.0 with many changes over its former 1.0 state, which continues to be maintained too. CBL-Mariner relies upon RPM SPEC files and other assets from Fedora, Photon OS, Openmamba, and Linux From Scratch. This week marked the release of CBL-Mariner 2.0 July 2022 Update 2.
• CBL-Mariner GitHub
• GitHub Moves to Guard Open Source Against Supply Chain Attacks — The popular Microsoft-owned code repository plans to roll out code signing, which will help beef up the security of open source projects.
• GitHub courts controversy by suspending Tornado Cash — GitHub over the past week has tested the trust of its users by enacting policies that call into question its commitment to free speech and privacy.
• ‘It Doesn’t Change Anything’ Says Tornado Cash After Code Disappears From GitHub
• Projects impacted by Tornando cash ban — TIL the creator address of the Eth2.0 Deposit contract was funded with Tornado cash, created the contract and donated the rest to Wikileaks
• Samuel JJ Gosling on Twitter — “@TornadoCash For those looking to host the frontend locally, I’ve uploaded the source code to @IPFS as I suspected this happening. Disclaimer: I’m a contributor to tornado but you should still verify the source code.
• Lucas Garron on Twitter
• Privacy Statement Updates September 2022 by olholder
• IPFS Supported In FFmpeg 5.1, IPFS Devs Envision Support In More Open-Source Projects — July's release of FFmpeg 5.1 introduced native IPFS support for this distributed peer-to-peer protocol.
• IPFS.io
• Ubuntu 22.04.1 LTS Delayed Due To An OEM Install Issue Leading To Broken Snaps — Ubuntu 22.04.1 LTS had been due for release today but has now been pushed back by one week after discovering an installer issue that led to Snaps like the default Mozilla Firefox browser failing to launch once installed.
• Linux 5.20 Likely To Be Called Linux 6.0 — With Linus Torvalds' modern versioning after 19~20 point releases has been when he bumps to the next major version number... Linux 4.0 succeeded Linux 3.19 while Linux 5.0 came after Linux 4.20.
• An io_uring-based user-space block driver [LWN.net] — The ublk driver starts by creating a special device called /dev/ublk-control. The user-space server (or servers, there can be more than one) starts by opening that device and setting up an io_uring ring to communicate with it.
• Linus' kernel source tree

Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Ting: Save $25 off your first device, or $25 in service credit if you bring one!

Support Linux Action News

Links:

• Arch Linux turned 20 years old
• Steam for Chrome OS teased at Google for Games Developer Summit — Steam for Chrome OS was announced as being available "right now" at the Google for Games Developer Summit on March 15, 2022.
• Google Finally Announces Steam For Chrome OS
• Valve sent the developer of Lutris a Steam Deck to help development
• Steam Survey Results For February 2022 Put Linux Right Above 1.0%
• Roadtest Proposed As A New Driver Testing Framework For Linux — Roadtest is a device driver testing framework whereby drivers are tested under User-Mode Linux against mocked/modelled hardware.
• GNOME 42 News
• The Best New Features in GNOME 42
• Download Fedora 36 Beta
• Ubuntu 22.04 LTS (Jammy Jellyfish) Daily Build
• Bump version to 42.0
• Mutter Bump version to 42.0

Plus, why Western Digital might be to thank for your next ultimate Linux workstation.

Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Ting: Save $25 off your first device, or $25 in service credit if you bring one!

Support Linux Action News

Links:

• Debian 11 “bullseye” Released — After 2 years, 1 month, and 9 days of development, the Debian project is proud to present its new stable version 11 (code name bullseye), which will be supported for the next 5 years thanks to the combined work of the Debian Security team and the Debian Long Term Support team.
• Phoronix: Debian 11 “Bullseye” Released
• Debian Live install images
• Microsoft & Others Form The eBPF Foundation - Phoronix — For driving eBPF usage moving forward for these sandboxed programs within the Linux kernel, the eBPF Foundation has been formed with backing from The Linux Foundation, Microsoft, Facebook, Netflix, Google, and others.
• Linux Foundation Press Release
• eBPF - Introduction, Tutorials & Community Resources
• RISC-V Developers Continue Working On KVM Support — This KVM RISC-V support has been led by Western Digital who remains very active with various elements of RISC-V Linux support.
• Progress Report: August 2021 - Asahi Linux
• Restore/upgrade firmware of iOS devices
• Apple M1 PCIe Driver Under Review For The Linux Kernel
• Elementary OS 6 Odin released on a ‘pay what you want’ basis • The Register
• Pantheon-tweaks: A system settings panel for the Pantheon desktop environment.

Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Ting: Save $25 off your first device, or $25 in service credit if you bring one!

Support Linux Action News

Links:

• Linux Foundation serves up free code-signing service — The Linux Foundation, with the support of Google, Red Hat, and Purdue University, is launching a service called sigstore to help developers sign the code they release.
• Linux Foundation announces new open-source software signing service
• Introducing sigstore — Installing most open source software today is equivalent to picking up a random thumb-drive off the sidewalk and plugging it into your machine.
• rekor: Signature Transparency Log — Rekor's goals are to provide an immutable tamper resistant ledger of metadata generated within a software projects supply chain.
• Fulcio: SigStore WebPKI — fulcio is a free Root-CA for code signing certs - issuing certificates based on an OIDC email address.
• cosign: Container Signing — Container Signing, Verification and Storage in an OCI registry.
• Diversity, Flexibility, and Linux: Prioritizing Generous Transfer
• German software company SUSE targets pre-summer IPO — SUSE is targeting a pre-summer initial public offering in a deal that may value the private equity-backed company with German roots at 7-8 billion euros ($8.3-9.5 billion), people close to the matter said.
• SUSE prepares for multi-billion Euro IPO
• VirtIO Sound Driver Coming — The virtual sound driver for VirtIO has been queued up into the sound-next code ahead of the Linux 5.13 merge window this spring.
• GNOME 40 Introducing Virtual Monitors — This headless native back-end that was merged today into GNOME 40's Mutter allows for running the native back-end atop a render node in a headless configuration without a physical display attached.
• GRUB 2.06 Release Candidate Available For Testing — Among the changes coming with GRUB 2.06 are expanded Btrfs RAID support, LUKS2 encrypted disk support, the BootHole patches and other security work,
• Progress Report Asahi Linux — To adapt the Apple world into a devicetree world, we are developing m1n1.
• Current status of the Corellium team's effort — Wifi now works on Linux on the M1.

Plus the impact of Google suspending business with Huawei, the recent ChromeOS feature silently dropped, and more.

Support Linux Action News

Links:

• ZombieLoad Attack — After Meltdown, Spectre, and Foreshadow, we discovered more critical vulnerabilities in modern processors. The ZombieLoad attack allows stealing sensitive data and keys while the computer accesses them.
• Understanding the MDS vulnerability: What it is, why it works and how to mitigate it
• Understanding Microarchitectural Data Sampling (aka MDS, ZombieLoad, RIDL & Fallout) from Red Hat - YouTube
• AMD Immune to Crippling MDS Vulnerabilities
• AMP to start hiding google from the URL — Signed-Exchange is something which can help you show your own domain in AMP page URLs, with all the AMP-Cache capabilities intact.
• A report from the AMP Advisory Committee Meeting
• Dual booting Windows on Chromebooks dead — Project Campfire turned up in the Chromium world this past August.
• Microsoft open-sources a crucial algorithm behind its Bing Search services — Microsoft today announced that it has open-sourced a key piece of what makes its Bing search services able to quickly return search results to its users
• Microsoft AI lab experiments
• South Korean government planning Linux migration as Windows 7 support ends — The Herald quotes the Interior Ministry as indicating that the transition to Linux, and the purchase of new PCs, would cost about 780 billion won ($655 million), but also anticipates long-term cost reductions with the adoption of Linux. The report doesn't mention a specific distro, instead "hopes to avoid building reliance on a single operating system."
• Windows dual booting no longer looking likely on Pixelbooks
• Google suspends business with Huawei — “Huawei will only be able to use the public version of Android and will not be able to get access to proprietary apps and services from Google,” the source said.
• Command Line Threat Hunting Video

Plus Debian joins KDE's council of wizards.

Sponsored By:

• Ting: Save $25 off your first device, or $25 in service credit if you bring one!

Support Linux Action News

Links:

• Arch Linux AUR Repository Found to Contain Malware
• Minimal Ubuntu released
• Guido van Rossum resigns as Python leader
• PEP 572 and decision-making in Python
• Firefox for Android enters maintenance phase as team prepares new browser
• Arm throws shade on RISC-V
• But then backtracks
• HTC's blockchain smartphone
• Debian Joins KDE's Advisory Board