Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Kolide: Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet.

Support Linux Action News

Links:

• A new privilege escalation vulnerability in the Linux kernel — The vulnerability consists of a stack buffer overflow due to an integer underflow vulnerability inside the nft_payload_copy_vlan function, which is invoked with nft_payload expressions as long as a VLAN tag is present in the current skb.
• netfilter: nft_payload: add C-VLAN support · torvalds/linux@f6ae9f1
• CVE-2023-0179
• CVE-2023-0179- Red Hat Customer Portal
• [net,3/3] netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits - Patchwork
• oss-sec: Re: CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup
• libvirt 9.0 Released For Latest Linux Virtualization API — Libvirt 9.0 adds support for external snapshot deletion with QEMU using its existing API, libvirt 9.0 with QEMU now supports PASST as "Plug A Simple Socket Transport" for connecting an emulated network device to the host's network, QEMU external back-end support for SWTPM as a software Trusted Platform Module (TPM), support for passing file descriptors rather than passing files for the QEMU disk, and other additions.
• JFS Filesystem’s Days are Numbered — IBM developed the JFS file-system originally in the 90's for AIX and the second-generation implementation then ported to Linux after it was made open-source.
• Firefox 109.0 Ships Manifest Version 3 — Manifest Version 3 (MV3) extension support is now enabled by default (MV2 remains enabled/supported). This major update also ushers an exciting user interface change in the form of the new extensions button.
• Here’s what’s going on in the world of extensions
• Manage your extensions using the extensions button in the toolbar
• Manifest v3 signing available November 21 on Firefox Nightly
• Google delays start of Manifest V2 Chrome extension deprecation — The original plan called for Chrome Beta, Dev, and Canary builds to start experiments that turned off Manifest V2 extension support. Additionally, Manifest V3 would be required to get the “Featured” badge in the Chrome Web Store. 
• Firefox 109 Adds New Extensions Button, Manifest V3 Support — The biggest new feature is the new Unified Extensions button in the toolbar.
• Chrome’s “Manifest V3” plan to limit ad-blocking extensions is delayed
• Chrome Users Beware: Manifest V3 is Deceitful and Threatening — Manifest V3, or Mv3 for short, is outright harmful to privacy efforts. It will restrict the capabilities of web extensions

Plus we announce a new Linux podcast, and run down the many ways to run Ubuntu on Windows.

Support Linux Action News

Links:

• Choose Linux - New JB Show — The show that captures the excitement of discovering Linux.
• Steam For Linux Now Lets You Play Windows Games From Other Stores — Users can now launch Windows games purchased on platforms outside of Steam from inside the Steam for Linux client.
• Looks like it’s still using Wine 3.16
• Wine 4.0 Released — This release represents a year of development effort and over 6,000 individual changes.
• Microsoft Employee Hints at Windows Core OS Open Source Components — The Security Program Manager then said that he "improved the security posture of Windows Open Source Components through initiatives that investigate vulnerabilities found and establish a process for remediation.”
• Multipass for Win10 public beta — Multipass, at its core, is a service to manage Linux (in this case, Ubuntu) virtual machines in Windows 10 without the overhead of faffing about with Hyper-V (although Hyper-V is most definitely required to make the thing work).
• Ubuntu Core 18 gets 10 years of support — Dell has been working closely with Canonical over the past three years to certify Ubuntu Core on all our Edge Gateway platforms.
• Debian releases new images with apt fix — This point release incorporates the recent security update for APT, in order to help ensure that new installations of stretch are not vulnerable. No other updates are included.
• It might be harder to block ads in Chromium — Google engineers have proposed changes to the open-source Chromium browser that will break content-blocking extensions, including ad blockers.
• Google poaches 14-year Mac veteran from Apple to bring Fuchsia to market — Stevenson started at Apple in 2004 as a Product Release Engineer for OS X. In this role, he “triaged and diagnosed” application and framework issues, while also working with third-party developers.