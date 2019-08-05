Language Selection

English French German Italian Portuguese Spanish

Audiocasts/Shows: Python Bytes, Bad Voltage, Choose Linux, BSD Now

Submitted by Roy Schestowitz on Thursday 8th of August 2019 03:36:55 PM Filed under
Interviews
»

Ubuntu Podcast from the UK LoCo: S12E18 – Pilotwings

Submitted by Roy Schestowitz on Thursday 8th of August 2019 04:13:40 PM.
  • Ubuntu Podcast from the UK LoCo: S12E18 – Pilotwings

    This week we’ve been running Steam in the cloud via an NVIDIA SHIELD TV. We discuss if we even need new distros and whether its more Linux apps we need. Plus we bring you some GUI love and go over all your feedback.

    It’s Season 12 Episode 18 of the Ubuntu Podcast! Mark Johnson, Martin Wimpress and Mattias Wernér are connected and speaking to your brain.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Android Leftovers

Security: Patches, KDE and CNCF Audit

  • Security updates for Thursday

    Security updates have been issued by Arch Linux (exim, python-django, python2-django, and sdl2), Debian (proftpd-dfsg), Fedora (php and sqlite), openSUSE (proftpd), Red Hat (kernel), Slackware (kdelibs), SUSE (nodejs10, squid, and tcpdump), and Ubuntu (php5 and ruby-rack).

  • KDE rips out ability for KConfig to run shell code [Ed: This is hardly a threat unless you download and then tamper with malicious files from arbitrary, untrusted sources]

    KDE has fixed a vulnerability within its KDE Framework that allowed for malicious code execution simply by viewing a .desktop file, by removing the feature being exploited altogether. Earlier this week, a security researcher Dominik Penner published a proof of concept that showed how users could be compromised simply by viewing a malicious .desktop file, which is typically used to show an icon for a file or directory, in the KDE file browser. The researcher did not notify KDE before dropping the vulnerability.

  • Captain, we've detected a disturbance in space-time. It's coming from Earth. Someone audited the Kubernetes source

    The Cloud Native Computing Foundation (CNCF) today released a security audit of Kubernetes, the widely used container orchestration software, and the findings are about what you'd expect for a project with about two million lines of code: there are plenty of flaws that need to be addressed. The CNCF engaged two security firms, Trail of Bits and Atredis Partners, to poke around Kubernetes code over the course of four months. The companies looked at Kubernetes components involved in networking, cryptography, authentication, authorization, secrets management, and multi-tenancy. Having identified 34 vulnerabilities – 4 high severity, 15 medium severity, 8 low severity and 7 informational severity – the Trail of Bits report advises project developers to rely more on standard libraries, to avoid custom parsers and specialized configuration systems, to choose "sane defaults," and to ensure correct filesystem and kernel interactions prior to performing operations.

  • Kubernetes reports the results of its open-source security audit

    Unless you've been living under a rock, hardly a day goes by anymore without a new software security problem popping up. The folks at the Cloud Native Computing Foundation (CNCF) certainly have noticed. So, when it came time to give Kubernetes, the most important container orchestration program, a security audit, the CNCF tried an open-source approach for checking it for security problems. This wasn't a new idea. That credit goes to the Core Infrastructure Initiative (CII) Best Practices Badge program. Open-source projects that get this badge must show they follow security best practices. The CII used this approach on three other projects: CoreDNS, Envoy, and Prometheus. Then, it used it on the big one: Kubernetes.

Newcomer EndeavourOS Offers a Friendlier Arch Linux Experience

EndeavourOS has a lot of potential. It is an impressive addition to the shortlist of distros that want to make using Arch a more rewarding experience. For a Linux distro built around one of the more challenging Linux families, EndeavourOS is a stable, solid performer with few, if any, noticeable quirks. That shouts volumes, given the relative youth of the first stable release following beta development. EndeavourOS is not an easy choice for Linux users with no hands-on experience with the Arch Linux ecosystem. Despite its newness, though, it is a better Arch Linux choice than other Arch variants. It is a great choice for those willing to roll up their sleeves and learn Arch Linux's inner workings. Hopefully, EndeavourOS succeeds in making the Arch-based neighborhood a more inviting place for new users and seasoned Arch users as well. Read more

Ubuntu 18.04.3 LTS Is Out with Linux Kernel 5.0 from Ubuntu 19.04, Download Now

Coming six months after the Ubuntu 18.04.2 LTS release, which shipped with the hardware enablement (HWE) kernel from the not deprecated Ubuntu 18.10 (Cosmic Cuttlefish) operating system, Ubuntu 18.04.3 LTS here as the third point release in the Ubuntu 18.04 LTS (Bionic Beaver) series with up-to-date components. Ubuntu 18.04.3 LTS includes all the latest software and security fixes that have been published on the official repositories of the Ubuntu 18.04 LTS release since February 14th, 2019, when Ubuntu 18.04.2 LTS hit the streets. It also ships with updated kernel and graphics stacks from Ubuntu 19.04 (Disco Dingo), such as Linux kernel 5.0. Read more

More on Tux Machines: AboutGalleryForumBlogsSearchNewsRSS Feed

Part of Bytes Media ● Sister sites below.

TechBytes Techrights button

Powered by Drupal, an open source content management system

Content available under CC-BY-SA CC

© by original authors

Powered by CentOS 6.5 (GNU/Linux), Varnish, and Drupal 6