Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Kolide: Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet.

Support Linux Action News

Links:

• A new privilege escalation vulnerability in the Linux kernel — The vulnerability consists of a stack buffer overflow due to an integer underflow vulnerability inside the nft_payload_copy_vlan function, which is invoked with nft_payload expressions as long as a VLAN tag is present in the current skb.
• netfilter: nft_payload: add C-VLAN support · torvalds/linux@f6ae9f1
• CVE-2023-0179
• CVE-2023-0179- Red Hat Customer Portal
• [net,3/3] netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits - Patchwork
• oss-sec: Re: CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup
• libvirt 9.0 Released For Latest Linux Virtualization API — Libvirt 9.0 adds support for external snapshot deletion with QEMU using its existing API, libvirt 9.0 with QEMU now supports PASST as "Plug A Simple Socket Transport" for connecting an emulated network device to the host's network, QEMU external back-end support for SWTPM as a software Trusted Platform Module (TPM), support for passing file descriptors rather than passing files for the QEMU disk, and other additions.
• JFS Filesystem’s Days are Numbered — IBM developed the JFS file-system originally in the 90's for AIX and the second-generation implementation then ported to Linux after it was made open-source.
• Firefox 109.0 Ships Manifest Version 3 — Manifest Version 3 (MV3) extension support is now enabled by default (MV2 remains enabled/supported). This major update also ushers an exciting user interface change in the form of the new extensions button.
• Here’s what’s going on in the world of extensions
• Manage your extensions using the extensions button in the toolbar
• Manifest v3 signing available November 21 on Firefox Nightly
• Google delays start of Manifest V2 Chrome extension deprecation — The original plan called for Chrome Beta, Dev, and Canary builds to start experiments that turned off Manifest V2 extension support. Additionally, Manifest V3 would be required to get the “Featured” badge in the Chrome Web Store. 
• Firefox 109 Adds New Extensions Button, Manifest V3 Support — The biggest new feature is the new Unified Extensions button in the toolbar.
• Chrome’s “Manifest V3” plan to limit ad-blocking extensions is delayed
• Chrome Users Beware: Manifest V3 is Deceitful and Threatening — Manifest V3, or Mv3 for short, is outright harmful to privacy efforts. It will restrict the capabilities of web extensions

Plus the imminent problem KDE solved this week, and more.

Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Ting: Save $25 off your first device, or $25 in service credit if you bring one!

Support Linux Action News

Links:

• Initial Apple M1 SoC Support Aims For Linux 5.13 Kernel — This initial Apple M1 Linux port gets the UART, interrupts, SMP, and DeviceTree bits in place for offering basic functionality.
• “Challenge accepted”
• Ars: Apple M1 hardware support merged into Linux 5.13
• Official support for Linux on the M1 Macs could come as soon as June
• [GIT PULL] Apple M1 SoC platform bring-up for 5.13
• Asahi Linux on Twitter — Initial M1 support has been merged into the Linux SoC tree and will be coming to Linux 5.13!
• SiFive FU740 PCIe Support Queued Ahead Of Linux 5.13 — The HiFive Unmatched has a FU740 RISC-V SoC that features four U74-MC cores and one S7 embedded core, 16GB of RAM, USB 3.2 Gen 1, one PCI Express x16 slot (operating at x8 speeds), an NVMe slot, and Gigabit Ethernet.
• How to Secure phpMyAdmin
• Firefox Is Making WebRender The Default Rendering Engine On Linux This Month And There Is A Facelift Coming In May — The Firefox web browser is finally making the long-anticipated WebRender rendering engine the default on GNU/Linux when Firefox 88 is released later this month.
• uBlock Origin works best on Firefox — The Firefox version of uBO makes use of WebAssembly code for core filtering code paths. This is not the case with Chromium-based browsers because this would require an extra permission in the extension manifest which could cause friction when publishing the extension in the Chrome Web Store.
• Wayland Is Driving Fragmentation Around EDID Parsing - A Call To Fix That — Currently there is no de facto EDID parsing library for Linux but many different choices and most Wayland compositors rolling their own. Rather than exposing all of the parsed information from the kernel, there is now a call to have a more unified Linux EDID parsing library.
• vgpu_unlock — Unlock vGPU functionality for consumer-grade GPUs.
• Hacker figures how to unlock vGPU functionality intentionally hidden from certain NVIDIA cards for marketing purposes
• Announcing KDE’s Qt 5 Patch Collection — As Qt 5 support is drawing to a close, and we shift to Qt 6, we need to ensure that KDE products are as reliable as ever. To this end, KDE will be maintaining a set of patches with security and functional fixes so that we can enjoy good KDE Software still based on Qt5 until our software is reliably based on Qt 6.
• Mars Helicopter Flight Delayed to No Earlier than April 14 — During a high-speed spin test of the rotors on Friday, the command sequence controlling the test ended early due to a “watchdog” timer expiration.
• LUP 400 Beer Stein