Linux Action News 220
The nasty Log4Shell vulnerability isn't solved yet, this week saw a new round of attacks and patches.
December 20, 202119m 56s
Audio is streamed directly from the publisher (aphid.fireside.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
The nasty Log4Shell vulnerability isn't solved yet, this week saw a new round of attacks and patches.
Plus how the work to port Linux to the Apple M1 resulted in fixing a bug that impacted all Linux distros.
Sponsored By:
- Jupiter Network Membership: Support the entire network, and get access to every member's special feed for every show on the network. Promo Code: thesignal
- Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
- Ting: Save $25 off your first device, or $25 in service credit if you bring one!
Links:
- Log4j 2.15.0 and previously suggested mitigations may not be enough — It was discovered that version 2.15.0 would still be vulnerable when the configuration has a pattern layout containing a Context Lookup.
- Statement from CISA Director Easterly on “Log4j” Vulnerability
- PipeWire 0.3.41 Offers Improved Flatpak & JACK Compatibility, Apple AirPlay Streaming — PipeWire 0.3.41 also adds a new RAOP module (raop-sink and raop-discover) that can be used for streaming to Apple AirPlay devices.
- EXT4 Prepared To Switch To Linux’s New Mount API — Linux's new mount API is what came about in recent times as a set of system calls offering more flexibility than the long-standing mount syscall that is a one-shot effort while this new multi-step mounting procedure allows for more options.
- The End-Of-Year 2021 State Of Linux On Apple’s M1 SoC — The Asahi Linux project has published their October and November status update to provide an overview of where the Apple Silicon / Apple M1 open-source support is now at as we approach the end of 2021.
- Asahi Linux looks forward to exciting 2022 on Apple silicon
- Hector Martin on Twitter — Looks like Apple changed the requirements for Mach-O kernel files in 12.1, breaking our existing installation process... and they *also* added a raw image mode that will never break again and doesn't require Mach-Os. And people said they wouldn't help. This is intended for us.
- Podcastindex.org — The Podcast Index is here to preserve, protect and extend the open, independent podcasting ecosystem.
- Linux Action News on Podcastindex.org
Topics
Linux News PodcastLinux Action NewsLog4ShellLog4jJavaApacheCheck PointAlibaba Cloud Security TeamSteamiCloudJen EasterlyCISACybersecurityCrowdStrikeMandiantCVE-2021-45046PipeWireJACKOBSWirePlumberAirPlayecho-cancel moduleEXT4Mount APIChristian BraunerLinux 5.17Hector MartinARM SMMUM1macOS 12.1raw image modeAsahiPodcast IndexPodcasting 2.0Dave Jones