@ubuntusecurity<\/a>, <a href=\"https:\/\/twitter.com\/ubuntu_sec\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">@ubuntu_sec on twitter<\/a><\/li>\n<\/ul>\n","author":"Ubuntu Security Team","date":"March 10, 2023","link":"https:\/\/ubuntusecuritypodcast.org\/episode-190\/","src":"https:\/\/people.canonical.com\/~amurray\/USP\/USP_E190.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"4d06637301444ac275406d03d4e357cf","fset":"","fratio":1},"ppe-2390-19":{"title":"The Homelab Show Ep. 90 \u2013 Netdata and Some Updates On Projects","description":"<figure>\n<div>\n<\/div>\n<\/figure>\n<p><a rel=\"noopener noreferrer\" href=\"https:\/\/thehomelab.show\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/thehomelab.show\/<\/a><br \/>The sponsor for today’s episode<br \/><a rel=\"noopener noreferrer\" href=\"https:\/\/www.linode.com\/homelabshow\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/www.linode.com\/homelabshow<\/a><br \/><a rel=\"noopener noreferrer\" href=\"https:\/\/lawrencesystems.com\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/lawrencesystems.com\/<\/a><br \/><a rel=\"noopener noreferrer\" href=\"https:\/\/www.learnlinux.tv\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/www.learnlinux.tv\/<\/a><\/p>\n","author":"The Homelab Show","date":"March 9, 2023","link":"https:\/\/thehomelab.show\/2023\/03\/09\/the-homelab-show-ep-90-netdata-and-some-updates-on-projects\/","src":"https:\/\/media.blubrry.com\/thehomelabshow\/thehomelab.show\/wp-content\/uploads\/2023\/03\/The-Homelab-Show-Episode-90_-Netdata-and-Some-Updates-On-Projects.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"e9067928a37553c741f9a44cf71db1ca","fset":"","fratio":1},"ppe-2390-20":{"title":"Linux Action News 283","description":"<p>Nextcloud’s big new customer, some last-minute surprises in GNOME 44, and Flathub’s ambitious plans for 2023.<\/p>\n<p>Sponsored By:<\/p>\n<ul>\n<li><a href=\"http:\/\/linode.com\/lan\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Linode<\/a>: <a href=\"http:\/\/linode.com\/lan\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Sign up using the link on this page and receive a $100 60-day credit towards your new account. <\/a><\/li>\n<li><a href=\"https:\/\/l.kolide.co\/3klbWzr\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Kolide<\/a>: <a href=\"https:\/\/l.kolide.co\/3klbWzr\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet. <\/a><\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.jupiter.party\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Support Linux Action News<\/a><\/p>\n<p>Links:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.heise.de\/news\/MagentaCloud-Telekom-migriert-Millionen-auf-Nextcloud-und-Collabora-Online-7532860.html\" title=\"Nextcloud’s Big new Customer\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Nextcloud’s Big new Customer<\/a> — After a silent migration of millions of users, Telekom and Nextcloud are now unveiling the first feature of the new MagentaCloud: a free office.<\/li>\n<li><a href=\"https:\/\/www.phoronix.com\/news\/GNOME-Shell-Mutter-44-RC\" title=\"Last Minute GNOME Awesome\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Last Minute GNOME Awesome<\/a> — GNOME Shell and Mutter 44 have reached their release candidate milestone ahead of the official release in just two weeks, all is going to plan, and to our surprise, there have been several last-minute additions.<\/li>\n<li><a href=\"https:\/\/www.phoronix.com\/news\/GNOME-44-fractional_scale_v1\" title=\"GNOME 44 Mutter Adds fractional_scale_v1 Wayland Support\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">GNOME 44 Mutter Adds fractional_scale_v1 Wayland Support<\/a><\/li>\n<li><a href=\"https:\/\/www.phoronix.com\/news\/GNOME-Shell-Mutter-No-GTK3\" title=\"GNOME Shell & Mutter Complete Their Migration Away From GTK3\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">GNOME Shell & Mutter Complete Their Migration Away From GTK3<\/a><\/li>\n<li><a href=\"https:\/\/gitlab.freedesktop.org\/wayland\/wayland-protocols\/-\/merge_requests\/143\" title=\"wp-fractional-scale-v1: New protocol for fractional scaling\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">wp-fractional-scale-v1: New protocol for fractional scaling<\/a> — This protocols allows for communicating preferred fractional scales to surfaces, which in combination with wp_viewport can be used to render surfaces at fractional scales when applicable.<\/li>\n<li><a href=\"https:\/\/lwn.net\/ml\/linux-kernel\/20230307-rust-drm-v1-0-917ff5bc80a8@asahilina.net\/\" title=\"Asahi Linux Rust Drivers\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Asahi Linux Rust Drivers<\/a> — This is my first take on the Rust abstractions for the DRM subsystem. <\/li>\n<li><a href=\"https:\/\/ramcq.net\/2023\/03\/07\/flathub-in-2023\/\" title=\"Flathub in 2023\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Flathub in 2023<\/a> — It’s been quite a few months since the most recent updates about Flathub last year. We’ve been busy behind the scenes, so I’d like to share what we’ve been up to at Flathub and why—and what’s coming up from us this year<\/li>\n<li><a href=\"https:\/\/discourse.flathub.org\/t\/flathub-in-2023\/3808\" title=\"Flathub in 2023 - Flathub Discourse\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Flathub in 2023 – Flathub Discourse<\/a><\/li>\n<\/ul>\n","author":"Jupiter Broadcasting","date":"March 9, 2023","link":"https:\/\/linuxactionnews.com\/283","src":"https:\/\/aphid.fireside.fm\/d\/1437767933\/dec90738-e640-45e5-b375-4573052f4bf4\/90ff6248-b73b-4d15-a5c3-470bee06110b.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"8e5ecad98417e95f2863480bfee06cd3","fset":"","fratio":1},"ppe-2390-21":{"title":"497: Random Relinking SSHD","description":"<p>How to Catch a Bitcoin Miner, A Call For More Collaboration, zstd updates, hating hackathons, How to monitor multiple log files at once, KeePassXC, sshd random relinking at boot, and more<\/p>\n<p><strong><em>NOTES<\/em><\/strong><br \/>\nThis episode of BSDNow is brought to you by <a href=\"https:\/\/www.tarsnap.com\/bsdnow\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Tarsnap<\/a> and the <a href=\"https:\/\/www.patreon.com\/bsdnow\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">BSDNow Patreon<\/a><\/p>\n<h2>Headlines<\/h2>\n<h3><a href=\"https:\/\/klarasystems.com\/articles\/sysadmin-series-how-to-catch-a-bitcoin-miner\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Sysadmin Series – How to Catch a Bitcoin Miner<\/a><\/h3>\n<hr>\n<h3><a href=\"https:\/\/fosdem.org\/2023\/schedule\/event\/bsd_driver_harmony\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">A Call For More Collaboration & Harmony Among BSD Hardware Drivers<\/a><\/h3>\n<pre><code>• [Slides](https:\/\/fosdem.org\/2023\/schedule\/event\/bsd_driver_harmony\/attachments\/slides\/5976\/export\/events\/attachments\/bsd_driver_harmony\/slides\/5976\/BSD_Driver_Harmony_FOSDEM.pdf)\n• Video is embedded on the schedule event page\n<\/code><\/pre>\n<hr>\n<h3><a href=\"https:\/\/vermaden.wordpress.com\/2023\/02\/07\/print-on-freebsd\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Printing on FreeBSD<\/a><\/h3>\n<hr>\n<h2>News Roundup<\/h2>\n<h3><a href=\"https:\/\/github.com\/facebook\/zstd\/releases\/tag\/v1.5.4\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">zstd updates<\/a><\/h3>\n<hr>\n<h3><a href=\"https:\/\/pgpt.substack.com\/p\/i-hate-hackathons\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">I hate hackathons<\/a><\/h3>\n<hr>\n<h3><a href=\"https:\/\/sleeplessbeastie.eu\/2023\/02\/01\/how-to-monitor-multiple-log-files-at-once\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">How to monitor multiple log files at once<\/a><\/h3>\n<hr>\n<h3><a href=\"https:\/\/jpmens.net\/2023\/01\/22\/notes-to-self-keepassxc\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Notes to self: KeePassXC<\/a><\/h3>\n<hr>\n<h3><a href=\"http:\/\/undeadly.org\/cgi?action=article;sid=20230119075627\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">sshd random relinking at boot<\/a><\/h3>\n<hr>\n<h3>Tarsnap<\/h3>\n<ul>\n<li>This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups.<\/li>\n<\/ul>\n<h2>Feedback\/Questions<\/h2>\n<ul>\n<li><a href=\"https:\/\/github.com\/BSDNow\/bsdnow.tv\/blob\/master\/episodes\/497\/feedback\/Nelson%20-%20aix.md\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Nelson – aix.md<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/BSDNow\/bsdnow.tv\/blob\/master\/episodes\/497\/feedback\/Adrian%20-%20vbsdcon.md\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Adrian – vbsdcon<\/a><\/li>\n<\/ul>\n<hr>\n<ul>\n<li>Send questions, comments, show ideas\/topics, or stories you want mentioned on the show to <a href=\"mailto:feedback@bsdnow.tv\" rel=\"noopener noreferrer\" target=\"_blank\">feedback@bsdnow.tv<\/a><br \/>\n***<\/li>\n<\/ul>\n","author":"Allan Jude","date":"March 9, 2023","link":"https:\/\/www.bsdnow.tv\/497","src":"https:\/\/aphid.fireside.fm\/d\/1437767933\/c91b88f1-e824-4815-bcb8-5227818d6010\/ce12be7b-8931-4d43-be2e-6260b5a41aff.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"490b4a8a7acd8c7e9ca9468dcfb22cfe","fset":"","fratio":1},"ppe-2390-22":{"title":"219: Linux 6.2, Mesa 23, GNOME 44, blendOS, Solus, and more Linux news!","description":"<p>On this episode of This Week in Linux, KDE has released a new version of their Plasma desktop. There’s a lot of distro news to cover like Endless OS, Fedora Linux, OpenMandriva, Escuelas Linux and more. We’ll also cover the future of Thunderbird email client and the latest release of the Budgie Desktop and so […]<\/p>\n","author":"Destination Linux Network","date":"March 9, 2023","link":"https:\/\/tuxdigital.com\/podcasts\/this-week-in-linux\/twil-219\/","src":"https:\/\/media.blubrry.com\/tuxdigital_thisweekinlinux_mp3\/media.fireside.fm\/file\/fireside-audio\/podcasts\/audio\/2\/2389be04-5c79-485e-b1ca-3a5b2cebb006\/episodes\/d\/deb0f319-8b3f-4b56-ba2d-a0b434607b77\/deb0f319-8b3f-4b56-ba2d-a0b434607b77.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"e962e3575b01daf719a0167c7a363013","fset":"","fratio":1},"ppe-2390-23":{"title":"The Linux Link Tech Show Episode 995","description":"<p>joel says kde alright.<\/p>\n","author":"dann@thelinuxlink.net (Dann Washko, Linc Fessenden, Pat Davila, Allan Metzler)","date":"March 9, 2023","link":"http:\/\/www.tllts.org","src":"http:\/\/www.tlltsarchive.org\/archives\/tllts_995-03-08-23.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"02cdfaadcaf78d820392455d9188b50d","fset":"","fratio":1},"ppe-2390-24":{"title":"FLOSS Weekly 722: DIY Broadcasting With Open Source – Open Source Broadcasting, Tim Pozar and Brian David","description":"<p>DIY broadcasting with open source is a topic too big and fast-moving for just one show, so this is our second time around with Tim Pozar and Brian David telling Doc Searls and Aaron Newcomb about a large assortment of open-source tools and approaches that are ready to go for creators and broadcasters.<\/p>\n<p><strong>Hosts:<\/strong> <a href=\"https:\/\/twit.tv\/people\/doc-searls\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Doc Searls<\/a> and <a href=\"https:\/\/twit.tv\/people\/aaron-newcomb\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Aaron Newcomb<\/a><\/p>\n<p><strong>Guests:<\/strong> <a href=\"https:\/\/www.linkedin.com\/in\/timpozar\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Tim Požar<\/a> and <a href=\"https:\/\/kpfa.org\/author\/briandavid\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Brian David<\/a><\/p>\n<p>Download or subscribe to this show at <a href=\"https:\/\/twit.tv\/shows\/floss-weekly\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/twit.tv\/shows\/floss-weekly<\/a><\/p>\n<p>Think your open source project should be on FLOSS Weekly? Email <a href=\"mailto:floss@twit.tv\" rel=\"noopener noreferrer\" target=\"_blank\">floss@twit.tv<\/a>.<\/p>\n<p>Thanks to <a href=\"https:\/\/www.lullabot.com\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Lullabot’s<\/a> Jeff Robbins, web designer and musician, for our theme music.<\/p>\n<p>Get episodes ad-free with Club TWiT at <a href=\"https:\/\/twit.tv\/clubtwit\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/twit.tv\/clubtwit<\/a><\/p>\n<p><strong>Sponsors:<\/strong><\/p>\n<ul>\n<li><a href=\"https:\/\/kolide.com\/floss\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">kolide.com\/floss<\/a><\/li>\n<li><a href=\"http:\/\/GO.ACILEARNING.COM\/TWIT\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">GO.ACILEARNING.COM\/TWIT<\/a><\/li>\n<\/ul>\n","author":"TWiT","date":"March 8, 2023","link":"https:\/\/twit.tv\/shows\/floss-weekly\/episodes\/722","src":"https:\/\/pdst.fm\/e\/cdn.twit.tv\/audio\/floss\/floss0722\/floss0722.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"22c0237aeaa4c55a02a9d01bb1f7ca7c","fset":"","fratio":1},"ppe-2390-25":{"title":"Enterprise Linux Security Episode 58 \u2013 Tales from the Red Team","description":"<p>Tasks that penetration testers and security analysis perform in order to expose security weaknesses may seem like a mysterious and complicated art. Most of the time, these tasks are considered “secret sauce” and unless you work for a red team, you may not be aware of what it may look like while someone attempts to gain access from the outside. In this episode, Jay and Joao discuss a report released by CISA, that provides a very detailed account at what goes into this type of work. This report is definitely a must-read, and this episode is a must-listen!<\/p>\n<figure>\n<div>\n<div><img loading=\"lazy\" alt=\"YouTube player\" src=\"https:\/\/i.ytimg.com\/vi\/tcEAKIvMH74\/maxresdefault.jpg\"><\/div>\n<\/div>\n<\/figure>\n<h2>Download Links<\/h2>\n<ul>\n<li><a href=\"https:\/\/enterpriselinuxsecurity.show\/wp-content\/uploads\/2023\/03\/els_58.mp3\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">MP3 version<\/a><\/li>\n<li><a href=\"https:\/\/enterpriselinuxsecurity.show\/wp-content\/uploads\/2023\/02\/els_57_low.mp3\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">MP3 version<\/a> (smaller file, lower bitrate)<\/li>\n<li><a rel=\"noopener noreferrer\" href=\"https:\/\/enterpriselinuxsecurity.show\/wp-content\/uploads\/2023\/02\/els_57.ogg\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Ogg version<\/a><\/li>\n<\/ul>\n<h2>Relevant Articles<\/h2>\n<ul>\n<li><a href=\"https:\/\/learnlinux.link\/cisa-red-team\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks<\/a><\/li>\n<li><a href=\"https:\/\/learnlinux.link\/golden-ticket\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Ticket Granting Tickets<\/a> (one of the strategies used by CISA)https:\/\/learnlinux.link\/golden-ticket<\/li>\n<\/ul>\n","author":"jay","date":"March 8, 2023","link":"https:\/\/www.learnlinux.tv\/2558-2\/","src":"https:\/\/enterpriselinuxsecurity.show\/wp-content\/uploads\/2023\/03\/els_58.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"f77bdf59ba60cda96cf1131455c61b30","fset":"","fratio":1},"ppe-2390-26":{"title":"407 \u2013 \u201cThere\u2019s an App For That\u201d","description":"<ul>\n<li>First up in the news: Mint Monthly News – February, Ubuntu Flavors Agree to Stop Using Flatpak, Linux desktop powers consider uniting for an app store, Ubuntu Devs Working on ‘Mini’ Installer, Mesa 23 released, Mozilla narcs on Android apps, Fedora caught thinking, Linux supports Apple chips, OnlyOffice integrates, Falkon accelerates,<\/li>\n<li>In security and privacy, LastPass Devs accounts get breached, NSA wants to help<\/li>\n<li>Then we have our usual wanderings.<\/li>\n<\/ul>\n<hr>\n<ul>\n<li>In our Innards section we discuss the Android Apps We can’t live without<\/li>\n<li>And finally, the feedback and a couple of suggestions<\/li>\n<\/ul>\n<p><a href=\"https:\/\/twitter.com\/mintcast\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Twitter<\/a>. <a href=\"http:\/\/170.187.156.171\/discord\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Discord<\/a>. <a href=\"http:\/\/170.187.156.171\/tg\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Telegram<\/a>. <a href=\"https:\/\/matrix.to\/#\/!hrOdFAAThheahzAioA:joshontech.com?via=joshontech.com&via=matrix.org\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Matrix<\/a>. <a href=\"http:\/\/reddit.com\/r\/mintcast\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Reddit<\/a>. <a href=\"https:\/\/www.youtube.com\/c\/mintCast\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Youtube<\/a>.<\/p>\n<h3><strong>Wrap-up<\/strong><\/h3>\n<ul>\n<li><strong>Joe<\/strong> – <a href=\"http:\/\/www.tllts.org\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Tllts.org<\/a>,  <a href=\"http:\/\/www.linuxlugcast.com\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">linuxlugcast.com<\/a>, MeWe, <a href=\"mailto:jb@mintcast.org\" rel=\"noopener noreferrer\" target=\"_blank\">jb@mintcast.org<\/a>, <a href=\"https:\/\/ko-fi.com\/joeeb\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Buy Joe a coffee<\/a><\/li>\n<li><strong>Moss <\/strong>– <a href=\"https:\/\/fullcirclemagazine.org\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Full Circle Weekly News<\/a>, <a href=\"https:\/\/distrohoppersdigest.blogspot.com\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Distrohoppers’ Digest<\/a>, <a href=\"mailto:bardmoss@pm.me\" rel=\"noopener noreferrer\" target=\"_blank\">bardmoss@pm.me<\/a>, other information found at <a href=\"https:\/\/itsmoss.com\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">It’s Moss dot com<\/a><\/li>\n<\/ul>\n<ul>\n<li><strong>Bill <\/strong>– <a href=\"mailto:bill@mintcast.org\" rel=\"noopener noreferrer\" target=\"_blank\">bill@mintcast.org<\/a>, Bill_H on Discord, @wchouser3@fostodon.org on Mastodon, @wchouser3 on Twitter, and wchouser3 on Facebook also – checkout my other podcasts <a rel=\"noopener noreferrer\" href=\"https:\/\/3ftpodcast.org\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">3 Fat Truckers<\/a> and <a rel=\"noopener noreferrer\" href=\"https:\/\/linuxotc.org\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Linux OTC<\/a><\/li>\n<\/ul>\n<p>Before we leave, we want to make sure to acknowledge some of the people who make mintCast possible:<\/p>\n<p><strong>Archive.org<\/strong> for hosting our audio files<\/p>\n<p><strong>Hobstar<\/strong> for our logo, <strong>initrd<\/strong> for the animated Discord logo<\/p>\n<p><strong>Londoner<\/strong> for our time syncs<\/p>\n<p><strong>Bill Houser<\/strong> for hosting the Pi400 which runs our website, website maintenance, and the NextCloud server on which we host our show notes and raw audio<\/p>\n<p><strong>The Linux Mint development team<\/strong> for the fine distro we love to talk about<\/p>\n","author":"mintCast","date":"March 8, 2023","link":"https:\/\/mintcast.org\/407-theres-an-app-for-that\/","src":"https:\/\/archive.org\/download\/mintCast407\/ep407.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"e8cc90b9ee73cec7e353ff7a7aca6d30","fset":"","fratio":1},"ppe-2390-27":{"title":"Episode 97: Lotsa FOSS","description":"<p>Episode edited by <a href=\"https:\/\/www.paritybit.ca\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Jake Bauer<\/a> — thanks!<\/p>\n<h3>Discussion – Cool Projects<\/h3>\n<ul>\n<li>\n<p><a href=\"https:\/\/www.zettlr.com\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Zettlr<\/a><\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/joplinapp.org\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Joplin<\/a><\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/obsidian.md\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Obsidian<\/a><\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/syncthing.net\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Syncthing<\/a><\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/nextdns.io\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">NextDNS<\/a><\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/ublockorigin.com\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">uBlock Origin<\/a><\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/pi-hole.net\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Pi-hole<\/a><\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/endeavouros.com\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">EndeavourOS<\/a><\/p>\n<\/li>\n<li>\n<p>Question for the audience: How should Shane get the internet through his concrete walls?<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/www.ui.com\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Ubiquiti<\/a><\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/www.tp-link.com\/uk\/omada-sdn\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">TP-Link Omada<\/a><\/p>\n<\/li>\n<li>\n<p>Prosody <a href=\"https:\/\/modules.prosody.im\/mod_muc_rtbl.html\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">real time blocklist<\/a> module<\/p>\n<\/li>\n<li>\n<p>Cheogram <a href=\"https:\/\/cheogram.com\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">XMPP client<\/a> for Android<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/en.wikipedia.org\/wiki\/School_bus\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">US school buses<\/a><\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/forgejo.org\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Forgejo<\/a><\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/gitea.io\/en-us\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Gitea<\/a><\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/www.mend.io\/free-developer-tools\/renovate\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Renovate bot<\/a><\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/woodpecker-ci.org\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Woodpecker CI<\/a><\/p>\n<\/li>\n<\/ul>\n<h3>News<\/h3>\n<ul>\n<li>\n<p><a href=\"https:\/\/mycroft.ai\/blog\/update-from-the-ceo-part-1\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Bad news<\/a> from Mycroft<\/p>\n<ul>\n<li>\n<p><a href=\"https:\/\/getleon.ai\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Leon<\/a><\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/mycroft-ai.gitbook.io\/docs\/using-mycroft-ai\/get-mycroft\/picroft\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Picroft<\/a><\/p>\n<\/li>\n<li>\n<p><a href=\"http:\/\/cmuflite.org\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CMU Flite<\/a><\/p>\n<\/li>\n<li>\n<p>Mozilla’s <a href=\"https:\/\/commonvoice.mozilla.org\/en\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Common Voice<\/a><\/p>\n<\/li>\n<\/ul>\n<\/li>\n<li>\n<p>KDE & Gnome are <a href=\"https:\/\/old.reddit.com\/r\/linux_gaming\/comments\/11accyi\/kde_and_gnome_join_hands_to_add_payments_to_turn\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">working on Flathub Payments<\/a><\/p>\n<ul>\n<li>\n<p>elementary OS’s <a href=\"https:\/\/appcenter.elementary.io\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">AppCenter<\/a> allows paing for Flatpaks<\/p>\n<\/li>\n<li>\n<p>Ubuntu flavours will no longer <a href=\"https:\/\/discourse.ubuntu.com\/t\/ubuntu-flavor-packaging-defaults\/34061\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">provide Flatpak out of the box<\/a><\/p>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h4>Contact Us<\/h4>\n<ul>\n<li>We have a <a href=\"https:\/\/linuxlads.com\/store\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">store<\/a><\/li>\n<li>And a <a href=\"https:\/\/forum.linuxlads.com\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">forum<\/a><\/li>\n<li>And a <a href=\"http:\/\/steamcommunity.com\/groups\/linuxlads\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Steam Community<\/a><\/li>\n<li>We are on <a href=\"https:\/\/linuxlads.com\/telegram\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Telegram<\/a><\/li>\n<li>And on <a href=\"https:\/\/linuxlads.com\/matrix\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Matrix<\/a><\/li>\n<li>And on <a href=\"https:\/\/linuxlads.com\/discord\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Discord<\/a><\/li>\n<li>And on <a href=\"https:\/\/linuxlads.com\/twitter\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Twitter<\/a><\/li>\n<li>And on <a href=\"https:\/\/linuxlads.com\/mastodon\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Mastodon<\/a><\/li>\n<li>Or email us on show@<\/li>\n<li>And despite rumours to the contrary, we do exist <a href=\"https:\/\/dublinlinux.org\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">in real life<\/a><\/li>\n<\/ul>\n<h4>Support Us<\/h4>\n<p>Do you enjoy the Linux Lads podcast? Send us some <a href=\"https:\/\/www.linuxlads.com\/support\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">PayPal love ❤<\/a> ️�, or support us on <a href=\"https:\/\/news.open-fab.org\/ko-fi.com\/linuxlads\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Ko-fi<\/a><\/p>\n<h4>Disclaimer<\/h4>\n<p>May contain mature references<\/p>\n<h4>Attribution<\/h4>\n<p>The music for this podcast was sampled from <a href=\"https:\/\/freemusicarchive.org\/music\/Professor_Kliq\/Bust_This_Bust_That\/Bust_This_Bust_That\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Bust This Bust That – Professor Kliq<\/a> which was released under the <a href=\"https:\/\/creativecommons.org\/licenses\/by-nc-sa\/3.0\/us\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CC BY NC SA License<\/a>.<\/p>\n","author":"Linux Lads","date":"March 6, 2023","link":"https:\/\/linuxlads.com\/episodes\/97","src":"https:\/\/dts.podtrac.com\/redirect.mp3\/linuxlads.com\/podcast\/audio\/097\/linuxlads_e97.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"940565146da02619a1bc5b8aa229b00f","fset":"","fratio":1},"ppe-2390-28":{"title":"Late Night Linux \u2013 Episode 219","description":"<p>Troubleshooting microcontroller projects, reinstalling Ubuntu the quick and easy way, loads of gaming discoveries, follow-up on backups, playing guitar with Linux, keeping kids safe online, and more.<\/p>\n<p> <\/p>\n<p><strong>Discoveries<\/strong><\/p>\n<p><a href=\"https:\/\/github.com\/ralight\/mqttshark\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">mqttshark<\/a><\/p>\n<p><a href=\"https:\/\/twitter.com\/sdl_commits\/status\/1626665795471441920\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">device IDs to get steering wheel<\/a><\/p>\n<p><a href=\"https:\/\/ssalewski.de\/nimprogramming.html\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">nim<\/a><\/p>\n<p><a href=\"https:\/\/sonicslothgames.itch.io\/turrican2aga\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Turrican II AGA<\/a><\/p>\n<p><a href=\"https:\/\/github.com\/snesrev\/zelda3\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Zelda a Link to the Past on Linux<\/a><\/p>\n<p> <\/p>\n<p><strong>Feedback<\/strong><\/p>\n<p><a href=\"https:\/\/github.com\/linuxmint\/timeshift\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Timeshift<\/a><\/p>\n<p><a href=\"https:\/\/kopia.io\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Kopia<\/a><\/p>\n<p><a href=\"https:\/\/en.wikipedia.org\/wiki\/Grsync\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Grsync<\/a><\/p>\n<p><a href=\"https:\/\/www.rastersoft.com\/programas\/cronopete.html\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Cronopete<\/a><\/p>\n<p><a href=\"https:\/\/www.urbackup.org\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">UrBackup<\/a><\/p>\n<p><a href=\"https:\/\/neon.ai\/NeonAIforMycroftMarkII\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Neon AI OS for the Mycroft Mark II<\/a><\/p>\n<p><a href=\"https:\/\/explore.transifex.com\/nextcloud\/nextcloud\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Nextcloud localization<\/a><\/p>\n<p><a href=\"https:\/\/www.amazon.co.uk\/Behringer-UMC22-Computer-Audio-Interface\/dp\/B00FFIGZF6\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Behringer UMC22 audiophile 2×2 USB audio interface<\/a><\/p>\n<p> <\/p>\n<p> <\/p>\n<p> <\/p>\n<p> <\/p>\n<p> <\/p>\n<p><strong>Linode<\/strong><\/p>\n<p>Simplify your cloud infrastructure with Linode’s Linux virtual machines and develop, deploy, and scale your modern applications faster and more easily. Go to <a href=\"https:\/\/linode.com\/latenightlinux\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\"><strong>linode.com\/latenightlinux<\/strong><\/a> and get started with $100 credit.<\/p>\n<p> <\/p>\n<p><strong>Kolide<\/strong><\/p>\n<p>Kolide believes that maintaining endpoint security shouldn’t mean compromising employee privacy. Learn more here at <a href=\"https:\/\/kolide.com\/latenightlinux\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/kolide.com\/latenightlinux<\/a><\/p>\n<p> <\/p>\n<p><strong>Entroware<\/strong><\/p>\n<p>This episode is sponsored by <strong><a href=\"https:\/\/www.entroware.com\/store\/?tracking=86hv72346h834\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Entroware<\/a><\/strong>. They are a UK-based company who sells computers with Ubuntu and Ubuntu MATE preinstalled. They have configurable laptops, desktops and servers to suit a wide range of Linux users. Check them out and don’t forget to mention us at checkout if you buy one of their great machines.<\/p>\n<p> <\/p>\n<p> <\/p>\n<p> <\/p>\n<div>\n<div>\n<div>\n<div>\n<p>See our <a href=\"https:\/\/latenightlinux.com\/contact\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">contact page<\/a> for ways to get in touch.<\/p>\n<p><img loading=\"lazy\" src=\"https:\/\/latenightlinux.com\/wp-content\/uploads\/latenightlinux-sm.jpg\"><\/p>\n<p><strong>RSS<\/strong>: Subscribe to the <a href=\"https:\/\/latenightlinux.com\/feeds\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">RSS feeds here<\/a><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","author":"Late Night Linux All Episodes","date":"March 6, 2023","link":"https:\/\/latenightlinux.com\/late-night-linux-episode-219\/","src":"https:\/\/podtrac.com\/pts\/redirect.mp3\/traffic.libsyn.com\/latenightlinux\/LNL219.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"88884cfc89b1b3074fc55e94bce0e564","fset":"","fratio":1},"ppe-2390-29":{"title":"315: Linux 6.2, AI Robot Wrestling, & We\u2019re Going to SCALE","description":"<p>FULL SHOW NOTES ►► <a href=\"https:\/\/tuxdigital.com\/podcasts\/destination-linux\/dl-315\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/tuxdigital.com\/podcasts\/destination-linux\/dl-315\/<\/a><\/p>\n","author":"Destination Linux Network","date":"March 6, 2023","link":"https:\/\/destinationlinux.org\/episode-315\/","src":"https:\/\/aphid.fireside.fm\/d\/1437767933\/32f28071-0b08-4ea1-afcc-37af75bd83d6\/2ade1073-60e2-4736-81f2-b3f03b60945f.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"8806de3e20813ebc1934cee346a0c09a","fset":"","fratio":1},"ppe-2390-30":{"title":"500: Our Biggest Announcement Yet","description":"<p>We’re celebrating 500 episodes with the biggest announcement yet.<\/p>\n<p>Special Guest: Listener Jeff.<\/p>\n<p>Sponsored By:<\/p>\n<ul>\n<li><a href=\"http:\/\/tailscale.com\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Tailscale<\/a>: <a href=\"http:\/\/tailscale.com\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Tailscale is a Zero config VPN. It installs on any device in minutes, manages firewall rules for you, and works from anywhere. Get 20 devices for free for a personal account. <\/a><\/li>\n<li><a href=\"https:\/\/linode.com\/unplugged\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Linode Cloud Hosting<\/a>: <a href=\"https:\/\/linode.com\/unplugged\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">A special offer for all Linux Unplugged Podcast listeners and new Linode customers, visit linode.com\/unplugged, and receive $100 towards your new account. <\/a><\/li>\n<li><a href=\"https:\/\/bitwarden.com\/linux\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Bitwarden<\/a>: <a href=\"https:\/\/bitwarden.com\/linux\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Bitwarden is the easiest way for businesses and individuals to store, share, and sync sensitive data.<\/a><\/li>\n<\/ul>\n<p><a href=\"https:\/\/jupitersignal.memberful.com\/checkout?plan=52946\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Support LINUX Unplugged<\/a><\/p>\n<p>Links:<\/p>\n<ul>\n<li><a href=\"https:\/\/2023.lfnw.org\/\" title=\"LinuxFest Northwest 2023\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">LinuxFest Northwest 2023<\/a> — Your Fest is Back! October 20-22, 2023 at the Bellingham Technical College.<\/li>\n<li><a href=\"https:\/\/linuxunplugged.com\/100\" title=\"Wes' First Episode: LUP 100\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Wes’ First Episode: LUP 100<\/a> — We reflect on 100 episodes of LINUX Unplugged, the themes from episodes past & then review Linux Mint 17.2 Cinnamon edition.<\/li>\n<li><a href=\"https:\/\/linuxunplugged.com\/255\" title=\"Brent's First Episode: LUP 255\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Brent’s First Episode: LUP 255<\/a> — Big changes are coming to Fedora with the merger of CoreOS. We chat with a couple project members to get the inside scope about what the future of Fedora looks like.<\/li>\n<li><a href=\"https:\/\/fountain.fm\/charts\" title=\"Fountain charts\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Fountain charts<\/a><\/li>\n<li><a href=\"http:\/\/1701home.com\/\" title=\"1701home.com\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">1701home.com<\/a> — 1701 Home is a trek-based Mastodon where people can discuss the Star Trek franchise while sharing and connecting about their other interests!<\/li>\n<li><a href=\"https:\/\/github.com\/tyrsarm\/peertube-headless-seeder\" title=\"Peertube Headless Seeder\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Peertube Headless Seeder<\/a> — This container uses Python, Selenium, and Firefox to monitor and seed live streams of a PeerTube channel headlessly.<\/li>\n<li><a href=\"https:\/\/podcastindex.org\/apps?appTypes=app&elements=Value\" title=\"Podcasting 2.0 Apps\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Podcasting 2.0 Apps<\/a><\/li>\n<li><a href=\"https:\/\/beta.elevenlabs.io\/\" title=\"Eleven Labs AI\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Eleven Labs AI<\/a> — The most realistic and versatile AI speech software, ever.<\/li>\n<li><a href=\"https:\/\/www.youtube.com\/watch?v=17_xLsqny9E\" title=\"AI Voice Conversion Demo\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">AI Voice Conversion Demo<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/JupiterBroadcasting\/linux-unplugged\/issues\" title=\"Submit a Soundboard Clip on our GitHub\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Submit a Soundboard Clip on our GitHub<\/a><\/li>\n<\/ul>\n","author":"Jupiter Broadcasting","date":"March 6, 2023","link":"https:\/\/linuxunplugged.com\/500","src":"https:\/\/aphid.fireside.fm\/d\/1437767933\/f31a453c-fa15-491f-8618-3f71f1d565e5\/b25f0e15-65ce-4737-ac19-435e72d0f8ed.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"547914d73fbc5ff272b3d60178123d48","fset":"","fratio":1},"ppe-2390-31":{"title":"Episode 365 – “I am not your supplier” with Thomas Depierre","description":"<p dir=\"auto\"><a href=\"https:\/\/mastodon.social\/@joshbressers\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Josh<\/a> and <a href=\"https:\/\/mastodon.social\/@kurtseifried\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Kurt<\/a> talk to Thomas Depierre about his “I am not a supplier” blog post. We drink from the firehose on this one. Thomas describes the realities and challenges of being an open source maintainer. What open source and society owe each other. How safety can help describe what we see. There’s too many topics to even list. The whole episode is an epic adventure through modern open source.<\/p>\n<h2 dir=\"auto\">Show Notes<\/h2>\n<ul dir=\"auto\">\n<li><a href=\"https:\/\/hachyderm.io\/@Di4na\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Thomas on Mastodon<\/a><\/li>\n<li><a href=\"https:\/\/www.softwaremaxims.com\/blog\/not-a-supplier\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">I am not a supplier<\/a><\/li>\n<li><a href=\"https:\/\/en.wikipedia.org\/wiki\/The_Treachery_of_Images\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">The Treachery of Images (Ceci n’est pas une pipe)<\/a><\/li>\n<li><a href=\"https:\/\/www.atlanticcouncil.org\/in-depth-research-reports\/report\/open-source-software-as-infrastructure\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Atlantic Council report<\/a><\/li>\n<li><a href=\"https:\/\/www.amazon.com\/Field-Guide-Understanding-Human-Error-dp-1472439058\/dp\/1472439058\/ref=mt_other?_encoding=UTF8&me=&qid=1590643989\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">The Field Guide to Understanding ‘Human Error’<\/a><\/li>\n<li><a href=\"https:\/\/www.zdnet.com\/article\/open-source-google-wants-new-rules-for-developers-working-on-critical-projects\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Google wants new rules for developers working on ‘critical’ projects<\/a><\/li>\n<li><a href=\"https:\/\/www.fordfoundation.org\/media\/2976\/roads-and-bridges-the-unseen-labor-behind-our-digital-infrastructure.pdf\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Roads and Bridges:The Unseen Labor Behind Our Digital Infrastructure<\/a><\/li>\n<li><a href=\"https:\/\/sovereigntechfund.de\/en\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Sovereign Tech Fund<\/a><\/li>\n<\/ul>\n","author":"","date":"March 6, 2023","link":"https:\/\/opensourcesecuritypodcast.libsyn.com\/episode-365-i-am-not-your-supplier-with-thomas-depierre","src":"https:\/\/traffic.libsyn.com\/secure\/opensourcesecuritypodcast\/Episode_365_I_am_not_your_supplier_with_Thomas_Depierre.mp3?dest-id=542864","featured":"","mediatype":"audio","duration":"00:00","key":"5038832889d85c1670df3308b6b569aa","fset":"","fratio":1},"ppe-2390-32":{"title":"507: Tough Little Liver","description":"<p>Mike’s got a new rig, and Ford wants to recall yours automatically! Plus, we get a bit spicy about money.<\/p>\n<p>Sponsored By:<\/p>\n<ul>\n<li><a href=\"https:\/\/linode.com\/coder\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Linode<\/a>: <a href=\"https:\/\/linode.com\/coder\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Receive a $100 60-day credit towards your new account. <\/a> Promo Code: linode.com\/coder<\/li>\n<li><a href=\"https:\/\/tailscale.com\/coder\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Tailscale<\/a>: <a href=\"https:\/\/tailscale.com\/coder\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Tailscale is the easiest way to create a peer-to-peer network with the power of Wireguard. <\/a><\/li>\n<\/ul>\n<p><a href=\"https:\/\/jupitersignal.memberful.com\/checkout?plan=53334\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Support Coder Radio<\/a><\/p>\n<p>Links:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.jupitergarage.com\/product\/the-coder-robe\" title=\"The Coder Robe\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">The Coder Robe<\/a> — The Coder Robe is black and is a one-size-fits-most robe made from 100% cotton terry velour for soft, cozy wear. It is embroidered on the left chest with a classic white on black Coder Radio logo.<\/li>\n<li><a href=\"https:\/\/pathoftitans.com\/\" title=\"Path of Titans\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Path of Titans<\/a><\/li>\n<li><a href=\"https:\/\/www.extremetech.com\/internet\/343506-ford-applies-for-patent-to-let-cars-repossess-themselves\" title=\"Ford Applies for Patent to Let Cars Repossess Themselves\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Ford Applies for Patent to Let Cars Repossess Themselves<\/a> — Ford filed the patent application with the US Trademark and Patent Office in the summer of 2021, but the document was only published last week as part of the review process. Titled “Systems and Methods to Repossess a Vehicle,” the application summarizes a system that would autonomize the repossession process. First, a computer (likely associated with a financing agency) would send a message to the purchaser or lessee of a vehicle informing them of their delinquency. This message would contain a request to confirm receipt.\n<\/li>\n<li><a href=\"https:\/\/arstechnica.com\/cars\/2023\/03\/ford-files-patent-for-system-that-could-remotely-repossess-a-car\/\" title=\"Ford files patent for system that could remotely repossess a car\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Ford files patent for system that could remotely repossess a car<\/a> — Ford says it has no plans to deploy such a system; it just files a lot of patents.<\/li>\n<li><a href=\"https:\/\/whowhatwhy.org\/culture\/journalism-media\/hastings-lessons-from-the-grave-have-we-learned-anything\/\" title=\"Hastings’ Lessons From the Grave\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Hastings’ Lessons From the Grave<\/a> — At the time of Hastings’ death, counterterrorism expert Richard Clarke told The Huffington Post that it was possible that Hastings’ car had been hacked; that the known details of the crash were consistent with a car cyber attack.<\/li>\n<li><a href=\"https:\/\/www.bloomberg.com\/news\/articles\/2023-03-03\/amazon-hq2-pauses-construction-amid-layoffs-remote-work#xj4y7vzkg\" title=\"Amazon HQ2 Pauses Construction Amid Layoffs, Remote Work \" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Amazon HQ2 Pauses Construction Amid Layoffs, Remote Work <\/a> — The delay affects a larger phase across the street. It calls for three, 22-story office towers and the 350-foot-tall (107-meter) Helix, a corporate conference center and indoor garden designed to echo the Spheres, plant-filled orbs at the heart of the company’s Seattle headquarters. Arlington officials granted the 2.8-million-square-foot project, called PenPlace, its most important approval in April.<\/li>\n<li><a href=\"https:\/\/getalby.com\/\" title=\"Alby — Lightning for your Browser!\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Alby — Lightning for your Browser!<\/a> — Alby brings Boosts to the web<\/li>\n<li><a href=\"https:\/\/podcastindex.org\/podcast\/487548\" title=\"Coder Radio on the Podcastindex.org\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Coder Radio on the Podcastindex.org<\/a> — Send a Boost from the Podcast Index, first top up Alby, then visit our entry on the Inex, you can Boost right from the web page.<\/li>\n<\/ul>\n","author":"Jupiter Broadcasting","date":"March 4, 2023","link":"https:\/\/coder.show\/507","src":"https:\/\/aphid.fireside.fm\/d\/1437767933\/b44de5fa-47c1-4e94-bf9e-c72f8d1c8f5d\/8058f24c-58c1-4cfe-b73e-1d3c1d610c53.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"f93141d715e2a24bd101d761c597d675","fset":"","fratio":1},"ppe-2390-33":{"title":"Linux After Dark \u2013 Episode 38","description":"<p>We are joined by <a href=\"https:\/\/hachyderm.io\/@jorge\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Jorge Castro<\/a> to talk about immutable filesystem Linux distros.<\/p>\n<p>Check out his project <a href=\"https:\/\/ublue.it\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">uBlue<\/a> and his <a href=\"https:\/\/www.youtube.com\/c\/JorgeCastro\/videos\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">YouTube Channel<\/a>.<\/p>\n<p> <\/p>\n<p>Corrections from Jorge: “I mentioned hyperreal when I really meant to say Hyprland, and one is a person working on a ublue, the other is a wayland compositor.”<\/p>\n<p> <\/p>\n<p> <\/p>\n<p> <\/p>\n<p> <\/p>\n<p><strong>Tailscale<\/strong><\/p>\n<p>Tailscale is a VPN service that makes the devices and applications you own accessible anywhere in the world, securely and effortlessly. Go to <a href=\"https:\/\/tailscale.com\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">tailscale.com<\/a> and try it for free on up to 20 devices.<\/p>\n<p> <\/p>\n<p> <\/p>\n<p> <\/p>\n<p>See our <a href=\"https:\/\/linuxafterdark.net\/contact\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">contact page<\/a> for ways to get in touch.<\/p>\n<p><img loading=\"lazy\" src=\"https:\/\/linuxafterdark.net\/wp-content\/uploads\/2022\/07\/LAD-300-300x300.jpg\" alt=\"\"><\/p>\n<p>Subscribe to the <a href=\"https:\/\/linuxafterdark.net\/feed\/podcast\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">RSS feed<\/a>.<\/p>\n","author":"Late Night Linux All Episodes","date":"March 3, 2023","link":"https:\/\/latenightlinux.com\/linux-after-dark-episode-38\/","src":"https:\/\/podtrac.com\/pts\/redirect.mp3\/traffic.libsyn.com\/latenightlinux\/LAD38.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"5e3f4e7e843a123e06fbb31ff1e79ec8","fset":"","fratio":1},"ppe-2390-34":{"title":"Episode 189","description":"<h2>Overview<\/h2>\n<p>This week we dive into the BlackLotus UEFI bootkit teardown and find out how<br \/>\nthis malware has some roots in the FOSS ecosystem, plus we look at security<br \/>\nupdates for the Linux kernel, DCMTK, ZoneMinder, Python, tar and more.<\/p>\n<h2>This week in Ubuntu Security Updates<\/h2>\n<p>111 unique CVEs addressed<\/p>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5739-2\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5739-2<\/a>] MariaDB regression [00:48]<\/h3>\n<ul>\n<li>Affecting Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)<\/li>\n<li>Latest point release had various memory and performance regressions<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5883-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5883-1<\/a>] Linux kernel (HWE) vulnerabilities [01:05]<\/h3>\n<ul>\n<li>19 CVEs addressed in Xenial ESM (16.04 ESM)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0461\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0461<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-43750\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-43750<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-42895\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-42895<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-42328\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-42328<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-41850\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-41850<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-41849\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-41849<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-39842\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-39842<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3649\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3649<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3646\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3646<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3640\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3640<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3628\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3628<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3545\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3545<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3521\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3521<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-29901\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-29901<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-29900\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-29900<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-2663\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-2663<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-26373\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-26373<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-20369\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-20369<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-4378\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-4378<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<li>4.15 kernel backported from 18.04LTS to 16.04ESM<\/li>\n<li>sysctl stack buffer overflow <a href=\"https:\/\/news.open-fab.org\/episode-188\/#usn-5877-1-linux-kernel--gke--vulnerabilities-01-06\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">discussed last week<\/a> plus a range of other kernel<br \/>\nvulns<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5884-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5884-1<\/a>] Linux kernel (AWS) vulnerabilities [01:26]<\/h3>\n<ul>\n<li>6 CVEs addressed in Xenial ESM (16.04 ESM)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-23559\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-23559<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0045\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0045<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-42895\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-42895<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-41858\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-41858<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-20566\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-20566<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2021-4155\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2021-4155<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<li>4.4 GA kernel from 16.04<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5882-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5882-1<\/a>] DCMTK vulnerabilities [01:36]<\/h3>\n<ul>\n<li>10 CVEs addressed in Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-43272\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-43272<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-2121\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-2121<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-2120\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-2120<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-2119\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-2119<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2021-41690\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2021-41690<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2021-41689\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2021-41689<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2021-41688\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2021-41688<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2021-41687\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2021-41687<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2019-1010228\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2019-1010228<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2015-8979\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2015-8979<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<li>libraries and utils for handling DICOM (Digital Imaging and Communications in<br \/>\nMedicine) image files (used for radiology etc)<\/li>\n<li>various memory corruption issues -> DoS \/ code execution<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5885-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5885-1<\/a>] APR vulnerability [02:29]<\/h3>\n<ul>\n<li>1 CVEs addressed in Jammy (22.04 LTS), Kinetic (22.10)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-24963\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-24963<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<li>Integer overflow -> memory corruption -> DoS \/ code exec<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5886-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5886-1<\/a>] Intel Microcode vulnerabilities [02:44]<\/h3>\n<ul>\n<li>4 CVEs addressed in Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-38090\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-38090<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-33972\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-33972<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-33196\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-33196<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-21216\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-21216<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<li>latest upstream release from Intel<\/li>\n<li>Various issues in SGX and out-of-band management – particularly on Intel Xeon<br \/>\nprocessors – allow require privileged access in the first place (ie admin) but<br \/>\ncould allow to then say bypass SGX protections and the like<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5887-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5887-1<\/a>] ClamAV vulnerabilities [03:27]<\/h3>\n<ul>\n<li>2 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-20052\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-20052<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-20032\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-20032<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<li>latest upstream point release – 0.103.8<\/li>\n<li>one in HFS+ and the other in the DMG parsers – both different filesystem<br \/>\nformats for Apple<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5889-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5889-1<\/a>] ZoneMinder vulnerabilities [03:49]<\/h3>\n<ul>\n<li>13 CVEs addressed in Xenial ESM (16.04 ESM), Focal (20.04 LTS), Jammy (22.04 LTS)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-29806\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-29806<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2019-7331\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2019-7331<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2019-7332\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2019-7332<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2019-7330\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2019-7330<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2019-7328\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2019-7328<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2019-7327\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2019-7327<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2019-7326\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2019-7326<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2019-7329\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2019-7329<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2019-7325\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2019-7325<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2019-6991\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2019-6991<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2019-6992\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2019-6992<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2019-6990\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2019-6990<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2019-6777\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2019-6777<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<li>Video surveillance software system – includes a web interface so has usual<br \/>\ntypes of issues and then some<\/li>\n<li>Various XSS issues plus a stack buffer overflow in handling of username \/<br \/>\npasswords as would use a fixed size buffer for these (what year is this?) and<br \/>\na upload file handling issue resulting in possible remote code execution<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5890-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5890-1<\/a>] Open vSwitch vulnerabilities [04:27]<\/h3>\n<ul>\n<li>2 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-4338\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-4338<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-4337\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-4337<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5891-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5891-1<\/a>, <a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5894-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5894-1<\/a>] curl vulnerabilities<\/h3>\n<ul>\n<li>3 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-23916\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-23916<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-23915\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-23915<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-23914\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-23914<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<li>3 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-43552\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-43552<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2021-22925\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2021-22925<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2021-22898\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2021-22898<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5892-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5892-1<\/a>] NSS vulnerabilities<\/h3>\n<ul>\n<li>2 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0767\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0767<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3479\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3479<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5893-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5893-1<\/a>] WebKitGTK vulnerabilities [04:34]<\/h3>\n<ul>\n<li>1 CVEs addressed in Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-23529\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-23529<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<li>type confusion in webkit – Apple says that they had seen reports that this had<br \/>\nbeen actively exploited in the wild<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5896-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5896-1<\/a>] Rack vulnerabilities<\/h3>\n<ul>\n<li>2 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-30123\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-30123<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-30122\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-30122<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5895-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5895-1<\/a>] MPlayer vulnerabilities<\/h3>\n<ul>\n<li>10 CVEs addressed in Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-38861\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-38861<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-38866\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-38866<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-38864\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-38864<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-38863\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-38863<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-38858\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-38858<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-38855\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-38855<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-38851\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-38851<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-38865\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-38865<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-38860\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-38860<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-38850\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-38850<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5897-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5897-1<\/a>] OpenJDK vulnerabilities [04:55]<\/h3>\n<ul>\n<li>2 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-21843\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-21843<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-21835\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-21835<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<li>openjdk 11 (aka lts), 17, 18<\/li>\n<li>latest upstream point releases<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5898-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5898-1<\/a>] OpenJDK vulnerabilities [05:05]<\/h3>\n<ul>\n<li>2 CVEs addressed in Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-21843\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-21843<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-21830\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-21830<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<li>openjdk 8 – also latest upstream point release<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5888-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5888-1<\/a>] Python vulnerabilities [05:09]<\/h3>\n<ul>\n<li>6 CVEs addressed in Focal (20.04 LTS)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-24329\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-24329<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-45061\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-45061<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-42919\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-42919<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-37454\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-37454<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2021-28861\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2021-28861<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2015-20107\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2015-20107<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<li>python3.9 – esm-apps<\/li>\n<li>high priority – vuln in multiprocessing module – if used with forkserver on<br \/>\nLinux would allow pickles to be deserialized from any user on the same machine<br \/>\nin the same network namespace – therefore as one local user can easily get<br \/>\ncode execution as another user on the same machine<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5899-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5899-1<\/a>] AWStats vulnerability<\/h3>\n<ul>\n<li>1 CVEs addressed in Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-46391\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-46391<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5901-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5901-1<\/a>] GnuTLS vulnerability<\/h3>\n<ul>\n<li>1 CVEs addressed in Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0361\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0361<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5902-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5902-1<\/a>] PHP vulnerabilities<\/h3>\n<ul>\n<li>3 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0662\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0662<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0568\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0568<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0567\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0567<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5821-3\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5821-3<\/a>] pip regression<\/h3>\n<ul>\n<li>1 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-40898\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-40898<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5903-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5903-1<\/a>] lighttpd vulnerabilities<\/h3>\n<ul>\n<li>2 CVEs addressed in Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-41556\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-41556<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-22707\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-22707<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5638-4\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5638-4<\/a>] Expat vulnerabilities<\/h3>\n<ul>\n<li>2 CVEs addressed in Trusty ESM (14.04 ESM)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-43680\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-43680<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-40674\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-40674<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5900-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5900-1<\/a>] tar vulnerability [06:15]<\/h3>\n<ul>\n<li>1 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-48303\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-48303<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<li>1-byte OOB read – although as yet no evidence this can be used to gain control<br \/>\nflow hence really only a possible DoS<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5880-2\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5880-2<\/a>] Firefox regressions [06:42]<\/h3>\n<ul>\n<li>15 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25745\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25745<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25744\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25744<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25742\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25742<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25741\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25741<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25737\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25737<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25736\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25736<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25733\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25733<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25731\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25731<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25739\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25739<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25735\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25735<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25732\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25732<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25730\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25730<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25729\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25729<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25728\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25728<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0767\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0767<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<li>110.0.1 – biggest regression was that if chose to clear recent cookies it<br \/>\nwould clear <strong>all<\/strong> cookies – plus a webgl crash when running under vmware on<br \/>\nLinux<\/li>\n<\/ul>\n<h2>Goings on in Ubuntu Security Community<\/h2>\n<h3>BlackLotus UEFI bootkit teardown [07:23]<\/h3>\n<ul>\n<li><a href=\"https:\/\/www.welivesecurity.com\/2023\/03\/01\/blacklotus-uefi-bootkit-myth-confirmed\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/www.welivesecurity.com\/2023\/03\/01\/blacklotus-uefi-bootkit-myth-confirmed\/<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/Wack0\/CVE-2022-21894\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/github.com\/Wack0\/CVE-2022-21894<\/a><\/li>\n<li>Teardown of the first in-the-wild UEFI bootkit that bypasses UEFI Secure Boot<br \/>\nby eset<\/li>\n<li>Appears to be <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/malware-dev-claims-to-sell-new-blacklotus-windows-uefi-bootkit\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">BlackLotus<\/a> which has been sold on hacking and criminal forums<br \/>\nsince atleast October 2022<\/li>\n<li>At that time no sample was available so security researchers could not verify<br \/>\nthe claims of the malware author, namely:<\/p>\n<ul>\n<li>very small – only 80kb, has anti-debug \/ obfuscation to help avoid RE<\/li>\n<li>bypasses Windows UAC + Secure Boot and can load unsigned drivers<\/li>\n<li>disables HVCI (hypervisor protected code integrity – a feature designed to<br \/>\nprotect the Windows kernel from modification at runtime), BitLocker and<br \/>\nWindows Defender<\/li>\n<li>persists in UEFI and is able to protect itself from being unloaded<\/li>\n<li>uses a signed boot loader so can work on machines with Secure Boot enabled<\/li>\n<\/ul>\n<\/li>\n<li>Of these, the most interesting part for Linux users is the UEFI Secure Boot<br \/>\nbypass – this is something which we theorised was possible via all the<br \/>\npreviously disclosed shim and <a href=\"https:\/\/news.open-fab.org\/episode-84\/#alex-and-joe-take-an-in-depth-and-behind-the-scenes-look-at-boothole-grub-2-08-14\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">grub vulnerabilities<\/a><\/p>\n<ul>\n<li>And in particular, they way they go about this is by using a copy of <code>shim<\/code><br \/>\nand <code>grub<\/code> – but not because they are exploiting any vulnerabilities in them,<br \/>\nbut since they are very useful components if you want to boot your own<br \/>\nbootkit<\/li>\n<li>they also exploit a vulnerability in the Windows Boot Manager UEFI binary<br \/>\nwhich allows them to subvert the Secure Boot process and load their own code<br \/>\nto bypass Secure Boot and gain persistence on future boots<\/li>\n<li>they way they do this is to install their own UEFI binaries into the EFI<br \/>\npartition (including <code>shim<\/code> and <code>grub<\/code>) – but also a copy of a vulnerable<br \/>\nversion of the Windows Boot Manager UEFI binary plus their own custom boot<br \/>\nconfiguration data – and since they have disabled BitLocker already these<br \/>\nwill happily be loaded at next boot without the usual integrity checks etc<\/li>\n<li>when the machine reboots, their vulnerable Windows Boot Manager binary is<br \/>\nloaded, along with their custom boot configuration data which allows them to<br \/>\nexploit the vulnerability and to then load additional binaries into the boot<br \/>\nprocess<\/li>\n<li>those binaries then go on to modify the secure boot configuration by<br \/>\nenrolling a new key in the machine owners keyring (aka MOK) db<\/p>\n<ul>\n<li>normally enrolling a new key like this would require a system admin to be<br \/>\nphysically present to confirm the operation – but since they bypasses the<br \/>\nnormal Secure Boot protections this can be done without any knowledge of<br \/>\nthe sysadmin<\/li>\n<\/ul>\n<\/li>\n<li>their <code>grub<\/code> is signed using this key whilst the <code>shim<\/code> is Red Hat’s <code>shim<\/code> –<br \/>\nunmodified and signed by Microsoft and hence trusted – this will then trust<br \/>\ntheir malicious <code>grub<\/code> as it is signed by the key they just enrolled in the<br \/>\nMOK<\/li>\n<li>whilst their <code>shim<\/code> is an unmodified copy, their <code>grub<\/code> is not – and is actually<br \/>\nmalicious<\/li>\n<li><code>shim<\/code> then goes on to boot this malicious <code>grub<\/code> which starts Windows but also<br \/>\ninstalls a bunch of UEFI memory hooks to be able to subvert further stages<br \/>\nof the boot process and eventually Windows itself<\/li>\n<\/ul>\n<\/li>\n<li>There are lots more details in the teardown article, particularly about how<br \/>\nthe various components are installed into Windows and how they are able to<br \/>\nthen load additional drivers etc into Windows, plus the further components of<br \/>\nthe malware that are able to download additional binaries, how the C2 and<br \/>\nanti-analysis etc works – but this is the USP so we won’t cover those here<\/li>\n<li>But what is interesting for Linux is that this is reusing components that were<br \/>\nostensibly designed to boot Linux on machines that were originally designed to<br \/>\nboot Windows<\/p>\n<ul>\n<li>one member of our team wondered if Microsoft might become more hesitant<br \/>\nabout signing <code>shim<\/code> in the future – perhaps, but it is not really <code>shim<\/code> that<br \/>\nis at fault here – the issue is the original vulnerability in the Windows<br \/>\nBoot Manager – <code>shim<\/code> just helps to make loading additional parts of their<br \/>\nbootkit easier (along with <code>grub<\/code>) – so hopefully Microsoft don’t go down that<br \/>\npath<\/li>\n<li>and the reason this can be exploited in the first place is that Microsoft<br \/>\nhave not revoked their vulnerable Windows Boot Manager binary<\/p>\n<ul>\n<li>back in the original BootHole vulns, various <code>shim<\/code>’s did get revoked – but<br \/>\nrevoking this Microsoft binary would mean many older systems may fail to<br \/>\nboot, including their recovery images and install media etc<\/li>\n<li>ideally Microsoft would revoke this to stop further exploitation<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li>Another interesting wrinkle is that their UEFI exploit apparently appears to<br \/>\ncome directly from a <a href=\"https:\/\/github.com\/Wack0\/CVE-2022-21894\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">PoC<\/a> that was uploaded to Github in August 2022 – will<br \/>\nlikely restart the usual discussions around public PoCs being a “bad thing” as<br \/>\nthey can be used for actual malicious purposes<\/p>\n<ul>\n<li>interesting to note the PoC has had additional code added to it in the last<br \/>\n24 hours which allow it to operate on older versions of Windows 10<\/li>\n<li>even more reason for Microsoft to perhaps revoke this old binary<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Get in contact<\/h2>\n<ul>\n<li><a href=\"mailto:security@ubuntu.com\" rel=\"noopener noreferrer\" target=\"_blank\">security@ubuntu.com<\/a><\/li>\n<li><a href=\"https:\/\/libera.chat\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">#ubuntu-security on the Libera.Chat IRC network<\/a><\/li>\n<li><a href=\"https:\/\/lists.ubuntu.com\/mailman\/listinfo\/ubuntu-hardened\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">ubuntu-hardened mailing list<\/a><\/li>\n<li><a href=\"https:\/\/discourse.ubuntu.com\/c\/security\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Security section on discourse.ubuntu.com<\/a><\/li>\n<li><a href=\"https:\/\/fosstodon.org\/@ubuntusecurity\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">@ubuntusecurity<\/a>, <a href=\"https:\/\/twitter.com\/ubuntu_sec\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">@ubuntu_sec on twitter<\/a><\/li>\n<\/ul>\n","author":"Ubuntu Security Team","date":"March 3, 2023","link":"https:\/\/ubuntusecuritypodcast.org\/episode-189\/","src":"https:\/\/people.canonical.com\/~amurray\/USP\/USP_E189.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"25e514a6383b94eb65bb323cfc6e7321","fset":"","fratio":1},"ppe-2390-35":{"title":"The Homelab Show Ep. 89 \u2013 Rocky Linux Interview","description":"<figure>\n<div>\n<\/div>\n<\/figure>\n<p><a rel=\"noopener noreferrer\" href=\"https:\/\/thehomelab.show\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/thehomelab.show\/<\/a><br \/>The sponsor for today’s episode<br \/><a rel=\"noopener noreferrer\" href=\"https:\/\/www.linode.com\/homelabshow\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/www.linode.com\/homelabshow<\/a><br \/><a rel=\"noopener noreferrer\" href=\"https:\/\/lawrencesystems.com\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/lawrencesystems.com\/<\/a><br \/><a rel=\"noopener noreferrer\" href=\"https:\/\/www.learnlinux.tv\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/www.learnlinux.tv\/<\/a><\/p>\n<p><a href=\"https:\/\/ciq.co\/blog\/research-shows-st...\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/ciq.co\/blog\/research-shows-st…<\/a><\/p>\n","author":"The Homelab Show","date":"March 2, 2023","link":"https:\/\/thehomelab.show\/2023\/03\/02\/the-homelab-show-ep-89-rocky-linux-interview\/","src":"https:\/\/media.blubrry.com\/thehomelabshow\/thehomelab.show\/wp-content\/uploads\/2023\/03\/The-Homelab-Show-Episode-89_Rocky-Linux-Interview.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"faa582121b99495540c039b6922e15ea","fset":"","fratio":1},"ppe-2390-36":{"title":"Linux Action News 282","description":"<p>FFmpeg gets new superpowers, Plasma’s switch to Qt6 gets official; what you need to know. Plus we round up the top features coming to Linux 6.3.<\/p>\n<p>Sponsored By:<\/p>\n<ul>\n<li><a href=\"https:\/\/l.kolide.co\/3klbWzr\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Kolide<\/a>: <a href=\"https:\/\/l.kolide.co\/3klbWzr\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet. <\/a><\/li>\n<li><a href=\"http:\/\/linode.com\/lan\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Linode<\/a>: <a href=\"http:\/\/linode.com\/lan\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Sign up using the link on this page and receive a $100 60-day credit towards your new account. <\/a><\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.jupiter.party\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Support Linux Action News<\/a><\/p>\n<p>Links:<\/p>\n<ul>\n<li><a href=\"https:\/\/boilingsteam.com\/steam-deck-first-anniversary-of-the-ultimate-gaming-platform\/\" title=\"Steam Deck one Year Later\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Steam Deck one Year Later<\/a> — The Steam Deck has been about a year on the market now (it started shipping at the end of February 2022). This first anniversary is a good chance to review what has happened since then.<\/li>\n<li><a href=\"http:\/\/www.ffmpeg.org\/download.html#release_6.0\" title=\"FFmpeg 6.0 Released\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">FFmpeg 6.0 Released<\/a> — 6.0 was released on 2023-02-27. It is the latest stable FFmpeg release from the 6.0 release branch, which was cut from master on 2023-02-19. <\/li>\n<li><a href=\"https:\/\/www.phoronix.com\/news\/FFmpeg-6.0-Released\" title=\"FFmpeg 6.0 Released With NVIDIA NVENC AV1, VA-API Improvements\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">FFmpeg 6.0 Released With NVIDIA NVENC AV1, VA-API Improvements<\/a><\/li>\n<li><a href=\"https:\/\/fosdem.org\/2023\/schedule\/event\/om_vlc\/\" title=\"FOSDEM 2023 - Dual presentation: FFmpeg 6 and VLC.js\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">FOSDEM 2023 – Dual presentation: FFmpeg 6 and VLC.js<\/a><\/li>\n<li><a href=\"https:\/\/mail.kde.org\/pipermail\/kde-devel\/2023-February\/001699.html\" title=\"Plasma Switches to Qt6\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Plasma Switches to Qt6<\/a> — The master branch for Plasma repos will be made Qt6-only tomorrow.<\/li>\n<li><a href=\"https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/trace\/linux-trace.git\/tree\/Documentation\/tools\/rtla\/rtla-hwnoise.rst?h=for-next&id=5dc3750e747f93f9bb7987da3d47a8ab4a5a181e\" title=\"Hardware Noise “hwnoise” Tool for Linux 6.3\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Hardware Noise “hwnoise” Tool for Linux 6.3<\/a> — hwnoise collects the periodic summary from the osnoise tracer running with *interrupts disabled*. By disabling interrupts, and the scheduling<br \/>\nof threads as a consequence, only non-maskable interrupts and hardware-related noise is allowed.\n<\/li>\n<li><a href=\"https:\/\/www.phoronix.com\/news\/Rust-Linux-6.3-Changes\" title=\"More Rust Code Readied For Linux 6.3\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">More Rust Code Readied For Linux 6.3<\/a> — In the pull request Miguel Ojeda commented, “more core additions, getting closer to a point where the first Rust modules can be upstreamed.” <\/li>\n<li><a href=\"https:\/\/lore.kernel.org\/lkml\/Y%2F2CN+FpmGsfzgdE@mit.edu\/\" title=\"EXT4 Getting Direct I\/O Performance Improvements With 6.3\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">EXT4 Getting Direct I\/O Performance Improvements With 6.3<\/a> — Improved performance for ext4<\/li>\n<li><a href=\"https:\/\/www.phoronix.com\/news\/Linux-6.3-Btrfs\" title=\"Btrfs Enjoys More Performance With Linux 6.3 - Including Some 3~10x Speedups\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Btrfs Enjoys More Performance With Linux 6.3 – Including Some 3~10x Speedups<\/a> — Some of the performance work is quite juicy, as outlined in today’s pull request.<\/li>\n<li><a href=\"https:\/\/lore.kernel.org\/lkml\/cover.1676908729.git.dsterba@suse.com\/\" title=\"Btrfs updates for 6.3 - David Sterba\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Btrfs updates for 6.3 – David Sterba<\/a><\/li>\n<li><a href=\"https:\/\/www.phoronix.com\/news\/Linux-6.3-Scheduler\" title=\"Linux 6.3 Scheduler Updates Bring Fixes & Minor Optimizations\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Linux 6.3 Scheduler Updates Bring Fixes & Minor Optimizations<\/a><\/li>\n<li><a href=\"https:\/\/www.phoronix.com\/news\/Linux-6.3-RISC-V\" title=\"RISC-V With Linux 6.3 Lands Optimized String Functions Via Zbb Extension\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">RISC-V With Linux 6.3 Lands Optimized String Functions Via Zbb Extension<\/a> — RISC-V with Linux 6.3 has improved its extension detection and alternative patching infrastructure for dealing with non spec compliant extensions. <\/li>\n<\/ul>\n","author":"Jupiter Broadcasting","date":"March 2, 2023","link":"https:\/\/linuxactionnews.com\/282","src":"https:\/\/aphid.fireside.fm\/d\/1437767933\/dec90738-e640-45e5-b375-4573052f4bf4\/794b58b8-2d30-47f0-ba1d-64962f690e61.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"e7775d55ecd547da76ed1d8013d841cc","fset":"","fratio":1},"ppe-2390-37":{"title":"3\u00d756: Hyperbole is the Magic Word","description":"<p>Jeremy Garcia, Jono Bacon, and Stuart Langridge present Bad Voltage, in which we spend a show inventing topics which need a whole other show to talk about, we reminisce about Google Plus, and:<\/p>\n<ul>\n<li>[00:01:36] Twitter Blue, Meta Verified: <a href=\"https:\/\/techcrunch.com\/2023\/02\/27\/social-media-apps-adopting-subscription-models\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">the social networks go premium<\/a>. Is it going to work?<\/li>\n<li>[00:35:45] <a href=\"https:\/\/techcrunch.com\/2022\/12\/22\/fbi-ad-blocker\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">The FBI recommend that everyone uses an ad-blocker<\/a><\/li>\n<li>[00:45:16] <a href=\"https:\/\/www.businessinsider.com\/salesforce-reportedly-paying-mcconaughey-millions-despite-layoffs-2023-2\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Salesforce pays Matthew McConaughey $10M\/year<\/a><\/li>\n<li>[00:52:47] <a href=\"https:\/\/arstechnica.com\/information-technology\/2023\/02\/lastpass-hackers-infected-employees-home-computer-and-stole-corporate-vault\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">LastPass hack, allegedly via a senior developer’s Plex?<\/a><\/li>\n<li>[00:57:11] Reddit does comments search!<\/li>\n<\/ul>\n<p>Also, we’re now on Mastodon! <a href=\"https:\/\/mastodon.social\/@badvoltage\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">@badvoltage<\/a>!<\/p>\n<p>Come chat with us and the community in our Slack channel via <a href=\"https:\/\/join.slack.com\/t\/badvoltage\/shared_invite\/zt-1porzolgy-eNrK6wREoVIINTbLi_kbsg\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/join.slack.com\/t\/badvoltage\/shared_invite\/zt-1porzolgy-eNrK6wREoVIINTbLi_kbsg<\/a>!<\/p>\n<\/p>\n<p>https:\/\/community.badvoltage.org\/t\/3×54-the-joe-dolce-music-theatre\/12476<\/p>\n<p>News music: <a href=\"http:\/\/dig.ccmixter.org\/files\/Robbero\/59218\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Long Live Blind Joe by Robbero<\/a>, used with attribution.<\/p>\n<p>Thank you to Marius Quabeck and <a href=\"https:\/\/nerdzoom.media\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">NerdZoom Media<\/a> for being our audio producers!<\/p>\n","author":"Bad Voltage","date":"March 2, 2023","link":"https:\/\/www.badvoltage.org\/2023\/03\/02\/3x56\/","src":"https:\/\/audio.lugradio.org\/badvoltage\/Bad%20Voltage%203x56.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"d81e54f1f2ef652ff03437d599d50541","fset":"","fratio":1},"ppe-2390-38":{"title":"496: Hacking the CLI","description":"<p>Automation and Hacking Your FreeBSD CLI, Run your own instant messaging service on FreeBSD, Watch Netflix on FreeBSD, HardenedBSD January 2023 Status Report, How To Set Up SSH Keys With YubiKey as two-factor authentication, OpenSSH fixes double-free memory bug that’s pokable over the network, A late announcement, but better late than never, Next NYC*BUG and more<\/p>\n<p><strong><em>NOTES<\/em><\/strong><br \/>\nThis episode of BSDNow is brought to you by <a href=\"https:\/\/www.tarsnap.com\/bsdnow\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Tarsnap<\/a> and the <a href=\"https:\/\/www.patreon.com\/bsdnow\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">BSDNow Patreon<\/a><\/p>\n<h2>Headlines<\/h2>\n<h3><a href=\"https:\/\/klarasystems.com\/articles\/automation-and-hacking-your-freebsd-cli\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Automation and Hacking Your FreeBSD CLI<\/a><\/h3>\n<hr>\n<h3><a href=\"https:\/\/xn--gckvb8fzb.com\/run-your-own-instant-messaging-service-on-freebsd\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Run your own instant messaging service on FreeBSD<\/a><\/h3>\n<hr>\n<h2>News Roundup<\/h2>\n<h3><a href=\"https:\/\/byte--sized-de.translate.goog\/linux-unix\/netflix-auf-freebsd-schauen\/?_x_tr_sl=de&_x_tr_tl=en&_x_tr_hl=en&_x_tr_pto=wapp\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Watch Netflix on FreeBSD<\/a><\/h3>\n<hr>\n<h3><a href=\"https:\/\/hardenedbsd.org\/article\/shawn-webb\/2023-01-31\/hardenedbsd-january-2023-status-report\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">HardenedBSD January 2023 Status Report<\/a><\/h3>\n<hr>\n<h3><a href=\"https:\/\/www.cyberciti.biz\/security\/how-to-set-up-ssh-keys-with-yubikey-as-two-factor-authentication-u2f-fido2\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">How To Set Up SSH Keys With YubiKey as two-factor authentication (U2F\/FIDO2)<\/a><\/h3>\n<hr>\n<h3><a href=\"https:\/\/nakedsecurity.sophos.com\/2023\/02\/03\/openssh-fixes-double-free-memory-bug-thats-pokable-over-the-network\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">OpenSSH fixes double-free memory bug that’s pokable over the network<\/a><\/h3>\n<hr>\n<h3><a href=\"https:\/\/github.com\/chettrick\/discobsd\/releases\/tag\/DISCOBSD_2_0\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">A late announcement, but better late than never<\/a><\/h3>\n<hr>\n<h3><a href=\"https:\/\/lists.nycbug.org:8443\/pipermail\/talk\/2023-February\/018550.html\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Next NYC*BUG: March? April? Certainly May!<\/a><\/h3>\n<hr>\n<h3>Tarsnap<\/h3>\n<ul>\n<li>This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups.<\/li>\n<\/ul>\n<h2>Feedback\/Questions<\/h2>\n<ul>\n<li><a href=\"https:\/\/github.com\/BSDNow\/bsdnow.tv\/blob\/master\/episodes\/496\/feedback\/Daniel%20-%20Plan%209%20lives.md\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Daniel – Plan 9 lives<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/BSDNow\/bsdnow.tv\/blob\/master\/episodes\/496\/feedback\/Jason%20-%20nvd%20driver.md\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Jason – nvd driver<\/a><\/li>\n<\/ul>\n<hr>\n<ul>\n<li>Send questions, comments, show ideas\/topics, or stories you want mentioned on the show to <a href=\"mailto:feedback@bsdnow.tv\" rel=\"noopener noreferrer\" target=\"_blank\">feedback@bsdnow.tv<\/a><br \/>\n***<\/li>\n<\/ul>\n","author":"Allan Jude","date":"March 2, 2023","link":"https:\/\/www.bsdnow.tv\/496","src":"https:\/\/aphid.fireside.fm\/d\/1437767933\/c91b88f1-e824-4815-bcb8-5227818d6010\/2c0b464e-375e-42af-b44a-62ca75b4b31a.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"61e1ba5053eeafea7815c8d4fe7a2053","fset":"","fratio":1},"ppe-2390-39":{"title":"The Linux Link Tech Show Episode 994","description":"<p>joel studies for tests.<\/p>\n","author":"dann@thelinuxlink.net (Dann Washko, Linc Fessenden, Pat Davila, Allan Metzler)","date":"March 2, 2023","link":"http:\/\/www.tllts.org","src":"http:\/\/www.tlltsarchive.org\/archives\/tllts_994-03-01-23.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"c5aa7bf26d4ead24a30304a61ab90660","fset":"","fratio":1},"ppe-2390-40":{"title":"FLOSS Weekly 721: Hacking, Convergence and HyperPurism – Kyle Rankin, Purism, Mobile Phone & Linux Computing Convergence","description":"<p>Kyle Rankin of Purism joins Doc Searls and Shawn Powers to talk about how his company’s Linux laptop and Librem 5 phone converge with the company’s new Lapdock, plus the past and future of hacker culture, how supply chains really work, and convergence in general.<\/p>\n<p><strong>Hosts:<\/strong> <a href=\"https:\/\/twit.tv\/people\/doc-searls\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Doc Searls<\/a> and <a href=\"https:\/\/twit.tv\/people\/shawn-powers\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Shawn Powers<\/a><\/p>\n<p><strong>Guest:<\/strong> <a href=\"https:\/\/twitter.com\/kylerankin\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Kyle Rankin<\/a><\/p>\n<p>Download or subscribe to this show at <a href=\"https:\/\/twit.tv\/shows\/floss-weekly\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/twit.tv\/shows\/floss-weekly<\/a><\/p>\n<p>Think your open source project should be on FLOSS Weekly? Email <a href=\"mailto:floss@twit.tv\" rel=\"noopener noreferrer\" target=\"_blank\">floss@twit.tv<\/a>.<\/p>\n<p>Thanks to <a href=\"https:\/\/www.lullabot.com\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Lullabot’s<\/a> Jeff Robbins, web designer and musician, for our theme music.<\/p>\n<p>Get episodes ad-free with Club TWiT at <a href=\"https:\/\/twit.tv\/clubtwit\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/twit.tv\/clubtwit<\/a><\/p>\n<p><strong>Sponsors:<\/strong><\/p>\n<ul>\n<li><a href=\"http:\/\/fastmail.com\/twit\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">fastmail.com\/twit<\/a><\/li>\n<li><a href=\"https:\/\/kolide.com\/floss\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">kolide.com\/floss<\/a><\/li>\n<\/ul>\n","author":"TWiT","date":"March 1, 2023","link":"https:\/\/twit.tv\/shows\/floss-weekly\/episodes\/721","src":"https:\/\/pdst.fm\/e\/cdn.twit.tv\/audio\/floss\/floss0721\/floss0721.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"c51e61d807321e57ed0e9bd580355ae0","fset":"","fratio":1},"ppe-2390-41":{"title":"Late Night Linux \u2013 Episode 218","description":"<p>Canonical angers the community again – this time by asking Ubuntu flavours to stop shipping Flatpak by default, we can’t decide whether Microsoft or Google are worse, NASA contributes to way more open source software than you might think, ten years of Steam on Linux, and KDE Korner.<\/p>\n<p> <\/p>\n<p><strong>News<\/strong><\/p>\n<p><a href=\"https:\/\/discourse.ubuntu.com\/t\/ubuntu-flavor-packaging-defaults\/34061\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Ubuntu Flavor Packaging Defaults<\/a><\/p>\n<p><a href=\"https:\/\/lwn.net\/SubscriberLink\/923223\/252d0267b3331213\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">NASA and open-source software<\/a><\/p>\n<p><a href=\"https:\/\/www.gamingonlinux.com\/2023\/02\/10-years-ago-steam-released-for-linux\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">10 years ago Steam released for Linux<\/a><\/p>\n<p><a href=\"https:\/\/twitter.com\/frantzfries\/status\/1628178202395873286\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">M$ Edge inserts ads on Chrome download page<\/a><\/p>\n<p><a href=\"https:\/\/www.jeffgeerling.com\/blog\/2023\/my-daughters-school-took-over-my-personal-microsoft-account\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">My daughter’s school took over my personal Microsoft account<\/a><\/p>\n<p> <\/p>\n<p><strong>KDE Korner<\/strong><\/p>\n<p><a href=\"https:\/\/mail.kde.org\/pipermail\/kde-devel\/2023-February\/001699.html\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">KDE Switches to QT6<\/a><\/p>\n<p><a href=\"https:\/\/www.youtube.com\/watch?v=-VRzVrNjtc0\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Nicco looks at theme<\/a> & <a href=\"https:\/\/www.youtube.com\/watch?v=ybWFSIWEfVM\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">shows 6 “hidden” features of Plasma<\/a><\/p>\n<p><a href=\"https:\/\/blog.strits.dk\/plasma-mobile-5-27-plamo-gear-23-01-0\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Plasma Mobile 5.27 + PlaMo Gear 23.01.0<\/a><\/p>\n<p><a href=\"https:\/\/www.akselmo.dev\/2023\/02\/17\/You-dont-need-to-yell.html\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Stop shouting<\/a><\/p>\n<p><a href=\"https:\/\/kubuntu.org\/news\/flatpaks-and-kubuntu\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">How to add flatpaks on Kubuntu\/Neon<\/a><\/p>\n<p>Nate’s <a href=\"https:\/\/pointieststick.com\/2023\/02\/17\/this-week-in-kde-a-smooth-release-of-plasma-5-27\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">regular<\/a> <a href=\"https:\/\/pointieststick.com\/2023\/02\/24\/this-week-in-kde-even-better-multi-monitor\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">updates<\/a><\/p>\n<p><a href=\"https:\/\/twitter.com\/KdeNeon\/status\/1630224651833028610\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Two very last minute tools in Neon<\/a> & <a href=\"https:\/\/twitter.com\/KdeNeon\/status\/1630223072975257600\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">two apps in unstable<\/a><\/p>\n<p> <\/p>\n<p> <\/p>\n<p> <\/p>\n<p> <\/p>\n<p> <\/p>\n<p> <\/p>\n<p><strong>Linode<\/strong><\/p>\n<p>Simplify your cloud infrastructure with Linode’s Linux virtual machines and develop, deploy, and scale your modern applications faster and more easily. Go to <a href=\"https:\/\/linode.com\/latenightlinux\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\"><strong>linode.com\/latenightlinux<\/strong><\/a> and get started with $100 credit.<\/p>\n<p> <\/p>\n<p><strong>Tailscale<\/strong><\/p>\n<p>Tailscale is a VPN service that makes the devices and applications you own accessible anywhere in the world, securely and effortlessly. Go to <a href=\"https:\/\/tailscale.com\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">tailscale.com<\/a> and try it for free on up to 20 devices.<\/p>\n<p> <\/p>\n<p> <\/p>\n<p> <\/p>\n<p> <\/p>\n<p> <\/p>\n<div>\n<div>\n<div>\n<div>\n<p>See our <a href=\"https:\/\/latenightlinux.com\/contact\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">contact page<\/a> for ways to get in touch.<\/p>\n<p><img loading=\"lazy\" src=\"https:\/\/latenightlinux.com\/wp-content\/uploads\/latenightlinux-sm.jpg\"><\/p>\n<p><strong>RSS<\/strong>: Subscribe to the <a href=\"https:\/\/latenightlinux.com\/feeds\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">RSS feeds here<\/a><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","author":"Late Night Linux All Episodes","date":"February 28, 2023","link":"https:\/\/latenightlinux.com\/late-night-linux-episode-218\/","src":"https:\/\/podtrac.com\/pts\/redirect.mp3\/traffic.libsyn.com\/latenightlinux\/LNL218.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"c0078e33f6abac93f8fd3249bb9853ad","fset":"","fratio":1},"ppe-2390-42":{"title":"314: Can Linux Get Viruses? plus Ubuntu Flavours Removing Flatpaks","description":"<p>FULL SHOW NOTES ►► <a href=\"https:\/\/tuxdigital.com\/podcasts\/destination-linux\/dl-314\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/tuxdigital.com\/podcasts\/destination-linux\/dl-314\/<\/a><\/p>\n","author":"Destination Linux Network","date":"February 28, 2023","link":"https:\/\/destinationlinux.org\/episode-314\/","src":"https:\/\/aphid.fireside.fm\/d\/1437767933\/32f28071-0b08-4ea1-afcc-37af75bd83d6\/2a108b89-86b2-4e5b-98eb-a36f185639db.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"eee3f3480d216b4a8e2eab6b0e105ce9","fset":"","fratio":1},"ppe-2390-43":{"title":"499: ‘velopers Choose Snap","description":"<p>Ubuntu makes its anti-Flatpak stance official, while KDE and GNOME team up to turn Flathub into a universal Linux app store.<\/p>\n<p>Plus, we try the Intel Arc GPU. Could this new hardware make Linux bulletproof?<\/p>\n<p>Sponsored By:<\/p>\n<ul>\n<li><a href=\"http:\/\/tailscale.com\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Tailscale<\/a>: <a href=\"http:\/\/tailscale.com\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Tailscale is a Zero config VPN. It installs on any device in minutes, manages firewall rules for you, and works from anywhere. Get 20 devices for free for a personal account. <\/a><\/li>\n<li><a href=\"https:\/\/linode.com\/unplugged\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Linode Cloud Hosting<\/a>: <a href=\"https:\/\/linode.com\/unplugged\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">A special offer for all Linux Unplugged Podcast listeners and new Linode customers, visit linode.com\/unplugged, and receive $100 towards your new account. <\/a><\/li>\n<li><a href=\"https:\/\/bitwarden.com\/linux\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Bitwarden<\/a>: <a href=\"https:\/\/bitwarden.com\/linux\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Bitwarden is the easiest way for businesses and individuals to store, share, and sync sensitive data.<\/a><\/li>\n<\/ul>\n<p><a href=\"https:\/\/jupitersignal.memberful.com\/checkout?plan=52946\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Support LINUX Unplugged<\/a><\/p>\n<p>Links:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.meetup.com\/jupiterbroadcasting\/events\/291582264\/\" title=\"LUP 500 Micro Brewery Meetup\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">LUP 500 Micro Brewery Meetup<\/a> — Sat, Mar 4, 2023, 4:00 PM<\/li>\n<li><a href=\"https:\/\/www.phoronix.com\/news\/Linux-6.2-Released\" title=\"Linux 6.2 Released With Intel Arc Graphics Promoted\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Linux 6.2 Released With Intel Arc Graphics Promoted<\/a> — Linux 6.2 overall has been in good shape from my continued testing and especially for Skylake\/Skylake-derived cores is looking better if opting for Call Depth Tracking and it’s great to have stable Arc Graphics A380\/A750\/A770 working out-of-the-box in the labs.<\/li>\n<li><a href=\"https:\/\/www.phoronix.com\/review\/intel-arc-nov\" title=\"Performance is looking better with later Arcs\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Performance is looking better with later Arcs<\/a><\/li>\n<li><a href=\"https:\/\/lists.freedesktop.org\/archives\/mesa-dev\/2023-February\/225930.html\" title=\"mesa 23.0.0 Released\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">mesa 23.0.0 Released<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/intel\/intel-extension-for-pytorch\/tree\/xpu-master\" title=\"intel-extension-for-pytorch at xpu-master\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">intel-extension-for-pytorch at xpu-master<\/a><\/li>\n<li><a href=\"https:\/\/intel.github.io\/intel-extension-for-pytorch\/xpu\/latest\/tutorials\/installation.html\" title=\"Install intel-extension-for-pytorch\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Install intel-extension-for-pytorch<\/a><\/li>\n<li><a href=\"https:\/\/pytorch.org\/tutorials\/recipes\/recipes\/intel_extension_for_pytorch.html\" title=\"Intel® Extension for PyTorch — PyTorch Tutorials\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Intel® Extension for PyTorch — PyTorch Tutorials<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/rahulunair\/stable_diffusion_arc\" title=\"rahulunair\/stable_diffusion_arc\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">rahulunair\/stable_diffusion_arc<\/a> — Stable Diffusion inference on Intel Arc dGPUs<\/li>\n<li><a href=\"https:\/\/github.com\/bes-dev\/stable_diffusion.openvino\" title=\"bes-dev\/stable_diffusion.openvino\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">bes-dev\/stable_diffusion.openvino<\/a> — Implementation of Text-To-Image generation using Stable Diffusion on Intel CPU or GPU.<\/li>\n<li><a href=\"https:\/\/gist.github.com\/ShuffleBox\/376d706b0abd378e23b5d17373de86a7\" title=\"ShuffleBox: Quick Benchmark for Whisper by OpenAI\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">ShuffleBox: Quick Benchmark for Whisper by OpenAI<\/a><\/li>\n<li><a href=\"https:\/\/www.omgubuntu.co.uk\/2023\/02\/ubuntu-flavors-no-flatpak\" title=\"Flatpak will no longer be available “out-of-the-box” in any of Ubuntu’s official flavors.\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Flatpak will no longer be available “out-of-the-box” in any of Ubuntu’s official flavors.<\/a> — Do keep in mind that “not installed by default” is not the same as “not available to install at all”.<\/li>\n<li><a href=\"https:\/\/fosstodon.org\/@wimpy\/109908489437633387\" title=\"Wimpy on Fosstodon\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Wimpy on Fosstodon<\/a> — “@bluesabre Did we agree? I think we complied with the requested change. You and I both played our part in ensuring this was clearly and openly communicated.”<\/li>\n<li><a href=\"https:\/\/discourse.ubuntu.com\/t\/ubuntu-flavor-packaging-defaults\/34061\" title=\"Ubuntu Flavor Packaging Defaults - Community - Ubuntu Community Hub\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Ubuntu Flavor Packaging Defaults – Community – Ubuntu Community Hub<\/a> — As part of our combined efforts, the Ubuntu flavors have made a joint decision to adjust some of the default packages on Ubuntu: Going forward, the Flatpak package as well as the packages to integrate Flatpak into the respective software center will no longer be installed by default in the next release due in April 2023, Lunar Lobster.<\/li>\n<li><a href=\"https:\/\/github.com\/PlaintextGroup\/oss-virtual-incubator\/blob\/main\/proposals\/flathub-linux-app-store.md\" title=\"KDE and GNOME seeks $100k to turn Flathub into a Store for the Linux desktop\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">KDE and GNOME seeks $100k to turn Flathub into a Store for the Linux desktop<\/a> — Promote diversity and sustainability in the Linux desktop community by adding payments, donations and subscriptions to the Flathub app store.<\/li>\n<li><a href=\"https:\/\/superuser.com\/a\/1483245\" title=\"ZFS send\/receive over ssh on linux without allowing root login\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">ZFS send\/receive over ssh on linux without allowing root login<\/a><\/li>\n<li><a href=\"https:\/\/www.youtube.com\/watch?v=opW9KhjOQ3Q\" title=\"ZFS on Object Storage by George Wilson, Matt Ahrens, Paul Dagnelie, Manoj Joseph - YouTube\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">ZFS on Object Storage by George Wilson, Matt Ahrens, Paul Dagnelie, Manoj Joseph – YouTube<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/JupiterBroadcasting\/jupiterbroadcasting.com\/discussions\/518\" title=\"JB Geocache Kit Request\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">JB Geocache Kit Request<\/a><\/li>\n<li><a href=\"https:\/\/podcastindex.org\/apps?appTypes=app&elements=Value\" title=\"Podcasting 2.0 Apps\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Podcasting 2.0 Apps<\/a><\/li>\n<li><a href=\"https:\/\/beta.flathub.org\/apps\/io.github.arunsivaramanneo.GPUViewer\" title=\"GPU-Viewer\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">GPU-Viewer<\/a> — This project aims to capture all the important details of glxinfo, vulkaninfo and clinfo in a GUI.<\/li>\n<\/ul>\n","author":"Jupiter Broadcasting","date":"February 27, 2023","link":"https:\/\/linuxunplugged.com\/499","src":"https:\/\/aphid.fireside.fm\/d\/1437767933\/f31a453c-fa15-491f-8618-3f71f1d565e5\/db5f1be4-3695-4d26-bc31-e15111ee07cc.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"366195ed17777751714d42ce7c381d1c","fset":"","fratio":1},"ppe-2390-44":{"title":"Episode 364 – Using SBOMs is hard","description":"<p dir=\"auto\"><a href=\"https:\/\/mastodon.social\/@joshbressers\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Josh<\/a> and <a href=\"https:\/\/mastodon.social\/@kurtseifried\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Kurt<\/a> talk about SBOMs. Quite a bit has happened in the world of SBOMs in the last year or so. There are going to be different types of SBOMs, like build, source, or runtime. Each will tell us different things depending on what we need to know. We also cover some of the community efforts happening around SBOMs. They’re still not easy to use, but it’s better better.<\/p>\n<h2 dir=\"auto\">Show Notes<\/h2>\n<ul dir=\"auto\">\n<li><a href=\"https:\/\/docs.google.com\/document\/d\/1PsUhUQ_L-lNymD9p613zP0_MiT1Boag68TP3aiwZ4R8\/edit\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">SBOM Types draft<\/a><\/li>\n<li><a href=\"https:\/\/thenewstack.io\/fast-and-furious-doubling-down-on-sbom-drift\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">SBOM Drift<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/ossf\/sbom-everywhere\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">OpenSSF SBOM Everywhere<\/a><\/li>\n<\/ul>\n","author":"","date":"February 27, 2023","link":"https:\/\/opensourcesecuritypodcast.libsyn.com\/episode-364-using-sboms-is-hard","src":"https:\/\/traffic.libsyn.com\/secure\/opensourcesecuritypodcast\/Episode_364_Using_SBOMs_is_hard.mp3?dest-id=542864","featured":"","mediatype":"audio","duration":"00:00","key":"9716abd6ff07ee4d23aad957f8c9f907","fset":"","fratio":1},"ppe-2390-45":{"title":"Linux Downtime \u2013 Episode 66","description":"<p>Should open source projects use open platforms for their communities, or should they meet people where they are – places like Discord?<\/p>\n<p>Join the <a href=\"https:\/\/latenightlinux.com\/discord\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Discord server<\/a>, <a href=\"https:\/\/latenightlinux.com\/chatter\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Telegram group<\/a>, <a href=\"https:\/\/matrix.to\/#\/%23LateNightLinux:matrix.org\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Matrix room<\/a>, or <a href=\"https:\/\/web.libera.chat\/?channels=#latenightlinux\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">IRC channel<\/a>.<\/p>\n<p> <\/p>\n<p> <\/p>\n<p> <\/p>\n<p>See our <a href=\"https:\/\/linuxdowntime.com\/contact\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">contact page<\/a> for ways to get in touch.<\/p>\n<p> <\/p>\n<p><img loading=\"lazy\" src=\"https:\/\/linuxdowntime.com\/wp-content\/uploads\/2022\/07\/LDT-300.jpg\" alt=\"\"><\/p>\n<p>Subscribe to the <a href=\"https:\/\/latenightlinux.com\/feed\/extra\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">RSS feed<\/a>.<\/p>\n","author":"Late Night Linux All Episodes","date":"February 26, 2023","link":"https:\/\/latenightlinux.com\/linux-downtime-episode-66\/","src":"https:\/\/podtrac.com\/pts\/redirect.mp3\/traffic.libsyn.com\/latenightlinux\/LDT66.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"f7bfc6ac6effe3b7917c2593b7849643","fset":"","fratio":1},"ppe-2390-46":{"title":"406 \u2013 It\u2019s Elementary, Dear Listener","description":"<p align=\"left\">First up in the news: Looks like the end for Mycroft, Proton offers Drive for everybody, MidnightBSD takes on helloSystem, Fedora 38 now with full Flathub access, new Transmission, Android 14 Preview, Framework has new SSDs, new versions of KaOS and Parrot, Ardour and Clonezilla have new releases, and systemd is the future;<\/p>\n<p align=\"left\">In security and privacy, several PyPI packages steal crypto;<\/p>\n<p align=\"left\">Then in our Wanderings, Joe’s back hurts, Moss is underworked, and Bill is not.<\/p>\n<p align=\"left\"><img src=\"image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAnAAAAACCAYAAADYZuFAAAAAKElEQVR4nO3OQQ0AMAgEsD3wr+GcggZeC0mroJWkHwAAZ9TvAAAAOwOGWALoojay6QAAAABJRU5ErkJggg==\" alt=\"Shape2\" align=\"bottom\" vspace=\"5\"><\/p>\n<p align=\"left\">In our Innards section, we have invited Danielle Foré to come and talk about her Elementary OS project, and other changes;<\/p>\n<p align=\"left\">And finally, the feedback and a couple of suggestions.<\/p>\n<p><a href=\"https:\/\/twitter.com\/mintcast\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Twitter<\/a>. <a href=\"http:\/\/170.187.156.171\/discord\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Discord<\/a>. <a href=\"http:\/\/170.187.156.171\/tg\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Telegram<\/a>. <a href=\"https:\/\/matrix.to\/#\/!hrOdFAAThheahzAioA:joshontech.com?via=joshontech.com&via=matrix.org\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Matrix<\/a>. <a href=\"http:\/\/reddit.com\/r\/mintcast\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Reddit<\/a>. <a href=\"https:\/\/www.youtube.com\/c\/mintCast\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Youtube<\/a>.<\/p>\n<h3><b>Wrap-up<\/b><\/h3>\n<ul>\n<li><b>Joe<\/b> – <a href=\"http:\/\/www.tllts.org\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Tllts.org<\/a>,  <a href=\"http:\/\/www.linuxlugcast.com\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">linuxlugcast.com<\/a>, MeWe, <a href=\"mailto:jb@mintcast.org\" rel=\"noopener noreferrer\" target=\"_blank\">jb@mintcast.org<\/a>, <a href=\"https:\/\/ko-fi.com\/joeeb\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Buy Joe a coffee<\/a><\/li>\n<\/ul>\n<ul>\n<li><b>Moss <\/b>– <a href=\"https:\/\/fullcirclemagazine.org\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Full Circle Weekly News<\/a>, <a href=\"https:\/\/distrohoppersdigest.blogspot.com\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Distrohoppers’ Digest<\/a>, <a href=\"mailto:bardmoss@pm.me\" rel=\"noopener noreferrer\" target=\"_blank\">bardmoss@pm.me<\/a>, other information found at <a href=\"https:\/\/itsmoss.com\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">It’s Moss dot com<\/a><\/li>\n<\/ul>\n<ul>\n<li><b>Bill <\/b>– <a href=\"mailto:bill@mintcast.org\" rel=\"noopener noreferrer\" target=\"_blank\">bill@mintcast.org<\/a>, Bill_H on Discord, @wchouser3 on Twitter, and wchouser3 on Facebook also – checkout my podcast <a href=\"http:\/\/www.3ftpodcast.org\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">3ftpodcast.org<\/a><\/li>\n<li><b>Norbert<\/b> – <a href=\"mailto:norbert@mintcast.org\" rel=\"noopener noreferrer\" target=\"_blank\">norbert@mintcast.org<\/a><\/li>\n<\/ul>\n<p>Before we leave, we want to make sure to acknowledge some of the people who make mintCast possible:<\/p>\n<p align=\"left\"><strong>AudioFreak (Riyo)<\/strong> for our audio editing<\/p>\n<p align=\"left\"><strong>Archive.org<\/strong> for hosting our audio files<\/p>\n<p align=\"left\"><strong>Hobstar<\/strong> for our logo, <strong>initrd<\/strong> for the animated Discord logo<\/p>\n<p align=\"left\"><strong>Londoner<\/strong> for our time syncs<\/p>\n<p align=\"left\"><strong>Bill Houser<\/strong> for hosting the Pi400 which runs our website, website maintenance, and the NextCloud server on which we host our show notes and raw audio<\/p>\n<p align=\"left\"><strong>The Linux Mint development team<\/strong> for the fine distro we love to talk about<\/p>\n","author":"mintCast","date":"February 24, 2023","link":"https:\/\/mintcast.org\/406-its-elementary-dear-listener\/","src":"https:\/\/archive.org\/download\/mintCast406\/ep406.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"67f4353b3644ea556af696faaa1fab17","fset":"","fratio":1},"ppe-2390-47":{"title":"91: Total Network Rebuild","description":"<p>Alex has been swapping hardware and standing-up services. It’s a network rebuild episode and more!<\/p>\n<p>Sponsored By:<\/p>\n<ul>\n<li><a href=\"https:\/\/linode.com\/ssh\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Linode<\/a>: <a href=\"https:\/\/linode.com\/ssh\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Receive a $100 60-day credit towards your new account. <\/a> Promo Code: linode.com\/ssh<\/li>\n<li><a href=\"http:\/\/tailscale.com\/selfhosted\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Tailscale<\/a>: <a href=\"http:\/\/tailscale.com\/selfhosted\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Tailscale is a Zero config VPN. It installs on any device in minutes, manages firewall rules for you, and works from anywhere. Get 20 devices for free for a personal account. <\/a><\/li>\n<\/ul>\n<p><a href=\"https:\/\/jupitersignal.memberful.com\/checkout?plan=53744\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Support Self-Hosted<\/a><\/p>\n<p>Links:<\/p>\n<ul>\n<li><a href=\"https:\/\/gallery.ktz.cloud\/#16769539672964\" title=\"Images for this episode\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Images for this episode<\/a> — Alex’s Network Diagram and stuffs!<\/li>\n<li><a href=\"https:\/\/notes.jupiterbroadcasting.com\/self-hosted\/2019\/episode-003\/\" title=\"SSH 003: Home Network Under $200 \" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">SSH 003: Home Network Under $200 <\/a><\/li>\n<li><a href=\"https:\/\/blog.ktz.me\/restrict-asrockrack-bmc-to-ipmi-lan-port\/\" title=\"Restricting ASRock Rack BMC to dedicated IPMI_LAN port only\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Restricting ASRock Rack BMC to dedicated IPMI_LAN port only<\/a> — During this process I came across a frustrating “bug” in the Asrock Rack BMC implementation. No matter the settings I gave the BMC it was getting two IP addresses. One on the IPMI_LAN port as expected in my management VLAN, and another on eth0 which is undesirable.<\/li>\n<li><a href=\"https:\/\/github.com\/BadCo-NZ\" title=\"BadCo-NZ\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">BadCo-NZ<\/a><\/li>\n<li><a href=\"https:\/\/www.youtube.com\/watch?v=aOgcqVcY4Yg\" title=\"Scaling the PiKVM - Using the Raspberry Pi PiKVM with Multiple Machines - YouTube\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Scaling the PiKVM – Using the Raspberry Pi PiKVM with Multiple Machines – YouTube<\/a> — The PiKVM is a fantastic device to remote control your Windows, Mac, or Linux machines. It turns a Raspberry Pi into an IP based KVM switch that lets you remote control any machine from anywhere in the world! You can build your own, or buy a pre-assembled PiKVM like I did. In this video we try to scale the PiKVM to 8 devices, but things don’t always go as planned.<\/li>\n<li><a href=\"https:\/\/blog.ktz.me\/pikvm-controlling-up-to-4-servers-simultaneously\/\" title=\"PiKVM - Control up to 4 servers simultaneously\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">PiKVM – Control up to 4 servers simultaneously<\/a> — This is every homelabbers dream isn’t it? Controlling multiple systems that don’t have IPMI natively, remotely. Thanks to PiKVM, now we can.<\/li>\n<li><a href=\"https:\/\/www.amazon.com\/dp\/B09ZKZK7ZB?&linkCode=sl1&tag=alexktz-20&linkId=a97370937dbc192ce5dbbdcf9ac3ca92&language=en_US&ref_=as_li_ss_tl\" title=\"USB 3.0 KVM Switch HDMI 4 Computer 1 Monitor\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USB 3.0 KVM Switch HDMI 4 Computer 1 Monitor<\/a> — HDMI KVM Switcher USB3.0 Hotkey 4 In 1 Out SPDIF L\/R Audio Out —Control 4 HDMI sources \/ 4 computers laptops by one set USB keyboard+mouse, Hotkey Keyboard Switch — 4K 60Hz HDMI USB 3.0 switch in sync, downward compatible –Support IR remote with IR <\/li>\n<li><a href=\"https:\/\/matrix.to\/#\/%23jobs:jupiterbroadcasting.com\" title=\"Jupiter Jobs on Matrix\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Jupiter Jobs on Matrix<\/a><\/li>\n<li><a href=\"https:\/\/getalby.com\/\" title=\"Alby — Lightnin for your Browser!\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Alby — Lightnin for your Browser!<\/a> — Alby brings Boosts to the web!<\/li>\n<li><a href=\"https:\/\/podcastindex.org\/podcast\/830124\" title=\"Self-Hosted on Podcastindex.org\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Self-Hosted on Podcastindex.org<\/a> — Keep your podcast App, and Boost from the web via the Podcast Index, grab Alby top it off, and then head on over to the Index!<\/li>\n<\/ul>\n","author":"Jupiter Broadcasting","date":"February 24, 2023","link":"https:\/\/selfhosted.show\/91","src":"https:\/\/aphid.fireside.fm\/d\/1437767933\/7296e34a-2697-479a-adfb-ad32329dd0b0\/82f232a8-7709-42e5-aec5-724869d673e1.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"36f17a6a3b026520f0ed7f7e749e0689","fset":"","fratio":1},"ppe-2390-48":{"title":"Episode 188","description":"<h2>Overview<\/h2>\n<p>This week the common theme is vulnerabilities in setuid-root binaries and their<br \/>\nuse of environment variables, so we take a look at a great blog post from the<br \/>\nTrail of Bits team about one such example in the venerable <code>chfn<\/code> plus we look at<br \/>\nsome security vulnerabilities in, and updates for the Linux kernel, Go Text, the<br \/>\nX Server and more, and finally we cover the recent announcement of Ubuntu<br \/>\n22.04.2 LTS.<\/p>\n<h2>This week in Ubuntu Security Updates<\/h2>\n<p>75 unique CVEs addressed<\/p>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5872-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5872-1<\/a>] NSS vulnerabilities [00:57]<\/h3>\n<ul>\n<li>2 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-34480\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-34480<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-22747\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-22747<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5874-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5874-1<\/a>] Linux kernel vulnerabilities<\/h3>\n<ul>\n<li>7 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-20928\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-20928<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-42895\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-42895<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-41850\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-41850<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-41849\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-41849<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3649\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3649<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3640\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3640<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3628\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3628<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5877-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5877-1<\/a>] Linux kernel (GKE) vulnerabilities [01:06]<\/h3>\n<ul>\n<li>28 CVEs addressed in Focal (20.04 LTS)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0590\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0590<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-47940\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-47940<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-4662\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-4662<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-45934\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-45934<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-43750\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-43750<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-42895\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-42895<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-41850\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-41850<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-41849\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-41849<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-4095\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-4095<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-40307\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-40307<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-39842\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-39842<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-39188\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-39188<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3649\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3649<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3646\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3646<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3643\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3643<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3640\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3640<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3628\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3628<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3623\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3623<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3619\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3619<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3586\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3586<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3543\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3543<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3303\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3303<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3061\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3061<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-2663\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-2663<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-20421\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-20421<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-0171\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-0171<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-42896\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-42896<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-4378\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-4378<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<li>UAF in L2CAP handshake implementation in bluetooth subsystem – as is in<br \/>\nhandshake likely can allow an unprivileged remote attacker within bluetooth<br \/>\nrange to crash kernel \/ leak contents of memory or get RCE – or even a local<br \/>\nunprivileged user could use this to try and escalate their privileges by<br \/>\nturning on bluetooth then attacking the machine via it<\/li>\n<li>Stack buffer overflow in handling of sysctl – need to be able to write a<br \/>\nsysctl which is normally only available to root – <strong>but also can be used by root<br \/>\nwithin a user namespace<\/strong> – so if have unprivileged user namespaces enabled then<br \/>\na local unpriv user can use this to either crash the kernel or possibly<br \/>\nexecute arbitrary code within the kernel -> EoP<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5875-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5875-1<\/a>] Linux kernel (GKE) vulnerabilities [03:20]<\/h3>\n<ul>\n<li>11 CVEs addressed in Focal (20.04 LTS)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-20928\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-20928<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-45934\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-45934<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-42895\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-42895<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-41850\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-41850<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-41849\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-41849<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3649\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3649<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3643\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3643<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3640\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3640<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3628\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3628<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-42896\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-42896<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-43945\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-43945<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<li>bluetooth UAF<\/li>\n<li>Buffer overflow in the in-kernel NFSD implementation – <a href=\"https:\/\/ubuntusecuritypodcast.org\/episode-184\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Episode 184<\/a><\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5876-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5876-1<\/a>] Linux kernel vulnerabilities<\/h3>\n<ul>\n<li>10 CVEs addressed in Focal (20.04 LTS), Jammy (22.04 LTS)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0590\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0590<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-47940\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-47940<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-42895\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-42895<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-41850\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-41850<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-41849\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-41849<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3640\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3640<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3628\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3628<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3623\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3623<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3619\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3619<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3543\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3543<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5878-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5878-1<\/a>] Linux kernel (Azure) vulnerabilities<\/h3>\n<ul>\n<li>5 CVEs addressed in Kinetic (22.10)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0590\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0590<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-42895\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-42895<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3640\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3640<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3628\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3628<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3619\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3619<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5879-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5879-1<\/a>] Linux kernel (HWE) vulnerabilities<\/h3>\n<ul>\n<li>9 CVEs addressed in Jammy (22.04 LTS)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0590\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0590<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-45934\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-45934<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-42895\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-42895<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3643\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3643<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3640\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3640<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3628\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3628<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-3619\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-3619<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-42896\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-42896<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-4378\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-4378<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5873-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5873-1<\/a>] Go Text vulnerabilities [03:54]<\/h3>\n<ul>\n<li>5 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-32149\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-32149<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2021-38561\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2021-38561<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2020-28852\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2020-28852<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2020-28851\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2020-28851<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2020-14040\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2020-14040<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<li>Go lib for text processsing, in particular for handling of Unicode<\/li>\n<li>CPU-based DoS – possible infinite loop on crafted content<\/li>\n<li>Various runtime DoS issues – crafted content could trigger a panic -> crash of<br \/>\napplication – often used for parsing of HTTP headers<\/li>\n<li>One of the few cases of a USN where we list the -dev package as the affected<br \/>\npackage – quirk of the way Go packages are packaged in Debian and hence<br \/>\nUbuntu – since go binaries are generally statically compiled, another package<br \/>\nwill use the -dev package to build and get statically linked against this – so<br \/>\nthe security team has to then rebuild all the other packages in the archive<br \/>\nthat use this -dev package<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5880-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5880-1<\/a>] Firefox vulnerabilities [07:15]<\/h3>\n<ul>\n<li>15 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25745\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25745<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25744\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25744<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25742\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25742<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25741\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25741<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25737\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25737<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25736\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25736<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25733\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25733<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25731\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25731<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25739\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25739<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25735\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25735<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25732\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25732<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25730\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25730<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25729\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25729<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-25728\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-25728<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0767\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0767<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<li>110.0 release – various memory corruption vulns plus some logic issues<br \/>\nallowing to bypass restrictions etc<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5881-1\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5881-1<\/a>] Chromium vulnerabilities<\/h3>\n<ul>\n<li>13 CVEs addressed in Bionic (18.04 LTS)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0704\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0704<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0703\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0703<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0701\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0701<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0700\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0700<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0474\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0474<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0705\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0705<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0702\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0702<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0699\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0699<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0698\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0698<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0696\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0696<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0473\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0473<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0472\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0472<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0471\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0471<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<li>110.0.5481.100 release<\/li>\n<li>also has various memory corruption vulns fixed, same original policy bypass<br \/>\netc<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5778-2\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5778-2<\/a>] X.Org X Server vulnerabilities [08:15]<\/h3>\n<ul>\n<li>7 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-0494\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2023-0494<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-46344\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-46344<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-46343\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-46343<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-46342\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-46342<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-46341\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-46341<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-46340\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-46340<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-4283\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-4283<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<li>Various possible attacks against the X server – UAF, stack and heap buffer<br \/>\noverflows etc -> local user could then possibly get EoP when X server is<br \/>\nrunning as root (as it is on these older releases – only on 18.04 and onwards<br \/>\ndoes X run as the unprivileged user)<\/li>\n<\/ul>\n<h3>[<a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-5807-2\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">USN-5807-2<\/a>] libXpm vulnerabilities [09:01]<\/h3>\n<ul>\n<li>3 CVEs addressed in Xenial ESM (16.04 ESM)\n<ul>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-4883\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-4883<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-46285\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-46285<\/a> <!-- raw HTML omitted --><\/li>\n<li><a href=\"https:\/\/ubuntu.com\/security\/CVE-2022-44617\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">CVE-2022-44617<\/a> <!-- raw HTML omitted --><\/li>\n<\/ul>\n<\/li>\n<li>X11 pixmap handling library<\/li>\n<li>2 CPU-based DoS (infinite loop) issues plus one in handling of compressed<br \/>\nfiles – would call out to external binaries to decompress these – so if a<br \/>\nmalicious user could influence the <code>PATH<\/code> environment variable could get it to<br \/>\nexecute their binaries instead – particularly could be an issue if a setuid()<br \/>\nbinary uses libxpm – and this is mentioned in the glibc manual around <a href=\"https:\/\/www.gnu.org\/software\/libc\/manual\/html_node\/Tips-for-Setuid.html\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">tips for<br \/>\nwriting setuid programs<\/a><\/li>\n<\/ul>\n<h2>Goings on in Ubuntu Security Community<\/h2>\n<h3>Readline crime: exploiting a SUID logic bug [10:06]<\/h3>\n<ul>\n<li>Trail of Bits blog has a <a href=\"https:\/\/blog.trailofbits.com\/2023\/02\/16\/suid-logic-bug-linux-readline\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">great writeup<\/a> of a bug they discovered in <code>chfn<\/code> as<br \/>\nimplemented by the <code>util-linux<\/code> package – used the <code>readline<\/code> library for input<br \/>\nhandling by many CLI applications – as a result, able to be abused to read the<br \/>\ncontents of a root-owned SSH private key<\/li>\n<li>Great dive into the complexities and dangers of using third party libraries in<br \/>\nprivileged components<\/li>\n<li>Inspired by a previous<br \/>\n<a href=\"https:\/\/www.qualys.com\/2021\/01\/26\/cve-2021-3156\/baron-samedit-heap-based-overflow-sudo.txt\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">finding<br \/>\nfrom Qualys<\/a>, started out looking for setuid binaries that used environment<br \/>\nvariables as part of their operation – since this often allows an unprivileged<br \/>\nuser to set that env var and then run the setuid binary which then runs as<br \/>\nroot – if it then can be influenced by the value of that env var can possibly<br \/>\nthen go further to cause other effects as root (EoP?)<\/li>\n<li>Found the <code>chfn<\/code> binary (which is used to set info about the current user in<br \/>\n<code>\/etc\/shadow<\/code>) would use the readline library just to read input from the user –<br \/>\nby default <code>readline<\/code> will parse its configuration from the <code>INPUTRC<\/code> environment<br \/>\nvariable<\/li>\n<li>When it encounters an invalid config, it will helpfully print out the lines of the<br \/>\nconfiguration which are invalid<\/li>\n<li>So to get it to dump the contents of some other root-owned file, you can just<br \/>\nset <code>INPUTRC<\/code> to point to that file and execute <code>chfn<\/code> and it will then go parse<br \/>\nthat – however, the file first has to appear close to the format which is<br \/>\nexpected – and it just so happens that SSH private keys fit this bill<\/li>\n<li>One thing to note – it only affected a Arch since on most <code>chfn<\/code> comes from the<br \/>\nstandalone <code>passwd<\/code> package, not <code>util-linux<\/code> – and the <code>chfn<\/code> from <code>passwd<\/code> didn’t<br \/>\nuse <code>readline<\/code><\/li>\n<li>Looking for environment variable use (and setuid binaries) is one of the<br \/>\nexplicit things the security team does when <a href=\"https:\/\/wiki.ubuntu.com\/SecurityTeam\/Auditing\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">auditing packages as part of the MIR security review process<\/a><\/li>\n<\/ul>\n<h3>Ubuntu 22.04.2 LTS released [14:55]<\/h3>\n<ul>\n<li>Delayed by 2 weeks – is finally here!<\/li>\n<li>Includes various fixes rolled into the 22.04 LTS release – if you are already<br \/>\nrunning 22.04 LTS with updates enabled you will already have it<\/p>\n<ul>\n<li>Ubuntu Pro is now integrated within <code>gnome-initial-setup<\/code> – previously this<br \/>\nwas only Livepatch, but can now enable any of the Ubuntu Pro offerings as<br \/>\nsoon as you log in for the first time.<\/li>\n<li>After logging in you can enrol the machine in Ubuntu Pro directly from the<br \/>\ninitial setup wizard and choose which elements – esm-infra \/ esm-apps \/<br \/>\nlivepatch and even FIPS and USG (Ubuntu Security Guide for CIS and DISA-STIG<br \/>\ncompliance and auditing)<\/li>\n<li>Uses the HWE kernel – 5.19 (22.10 – kinetic)<\/li>\n<li>Kernel and shim etc are now signed by new signing key since old one has been<br \/>\ndeny-listed in latest shim due to having signed a version of grub2 which is<br \/>\nnow known to have various vulnerabilities that could enable a local attacker<br \/>\nto bypass secure boot restrictions (Boot Hole v3 v4?)<\/li>\n<li>Plus a heap of other changes<\/li>\n<li>Complete list can be found on the <a href=\"https:\/\/discourse.ubuntu.com\/t\/jammy-jellyfish-point-release-changes\/29835\/3\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Ubuntu Discourse<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Get in contact<\/h2>\n<ul>\n<li><a href=\"mailto:security@ubuntu.com\" rel=\"noopener noreferrer\" target=\"_blank\">security@ubuntu.com<\/a><\/li>\n<li><a href=\"https:\/\/libera.chat\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">#ubuntu-security on the Libera.Chat IRC network<\/a><\/li>\n<li><a href=\"https:\/\/lists.ubuntu.com\/mailman\/listinfo\/ubuntu-hardened\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">ubuntu-hardened mailing list<\/a><\/li>\n<li><a href=\"https:\/\/discourse.ubuntu.com\/c\/security\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Security section on discourse.ubuntu.com<\/a><\/li>\n<li><a href=\"https:\/\/fosstodon.org\/@ubuntusecurity\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">@ubuntusecurity<\/a>, <a href=\"https:\/\/twitter.com\/ubuntu_sec\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">@ubuntu_sec on twitter<\/a><\/li>\n<\/ul>\n","author":"Ubuntu Security Team","date":"February 24, 2023","link":"https:\/\/ubuntusecuritypodcast.org\/episode-188\/","src":"https:\/\/people.canonical.com\/~amurray\/USP\/USP_E188.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"4523a29cc3ff2f85d527ed48c102e3ff","fset":"","fratio":1},"ppe-2390-49":{"title":"495: Limited Jail Time","description":"<p>FreeBSD Status Report Fourth Quarter 2022, How to limit a jail, the parallel port, Hello System 0.8, Solbournes in space, and more<\/p>\n<p><strong><em>NOTES<\/em><\/strong><br \/>\nThis episode of BSDNow is brought to you by <a href=\"https:\/\/www.tarsnap.com\/bsdnow\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Tarsnap<\/a> and the <a href=\"https:\/\/www.patreon.com\/bsdnow\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">BSDNow Patreon<\/a><\/p>\n<h2>Headlines<\/h2>\n<h3><a href=\"https:\/\/www.freebsd.org\/status\/report-2022-10-2022-12\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">FreeBSD Status Report Fourth Quarter 2022<\/a><\/h3>\n<hr>\n<h3><a href=\"https:\/\/dan.langille.org\/2023\/01\/16\/how-to-limit-a-jail\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">How to limit a jail<\/a><\/h3>\n<hr>\n<h2>News Roundup<\/h2>\n<h3><a href=\"https:\/\/computer.rip\/2023-01-29-the-parallel-port.html\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">The parallel port<\/a><\/h3>\n<hr>\n<h3><a href=\"https:\/\/github.com\/helloSystem\/ISO\/releases\/tag\/r0.8.0\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Hello System 0.8 is out<\/a><\/h3>\n<hr>\n<h3><a href=\"https:\/\/oldvcr.blogspot.com\/2023\/01\/solbournes-in-space.html\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Solbournes in space<\/a><\/h3>\n<hr>\n<h2>Beastie Bits<\/h2>\n<ul>\n<li><a href=\"https:\/\/minnie.tuhs.org\/pipermail\/tuhs\/2023-January\/027495.html\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Collecting notes for future “historians” was: Earliest UNIX Workstations?<\/a><\/li>\n<li><a href=\"https:\/\/freebsdfoundation.org\/blog\/new-open-position-freebsd-userland-software-developer\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">New Open Position: FreeBSD Userland Software Developer<\/a><\/li>\n<li><a href=\"https:\/\/mwl.io\/archives\/22539\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">The One Lone Audiobook now exclusive on my store<\/a><br \/>\n***<\/li>\n<\/ul>\n<h3>Tarsnap<\/h3>\n<ul>\n<li>\n<p>This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups.<\/p>\n<\/li>\n<li>\n<p>Send questions, comments, show ideas\/topics, or stories you want mentioned on the show to <a href=\"mailto:feedback@bsdnow.tv\" rel=\"noopener noreferrer\" target=\"_blank\">feedback@bsdnow.tv<\/a><\/p>\n<hr>\n<\/li>\n<\/ul>\n","author":"Allan Jude","date":"February 23, 2023","link":"https:\/\/www.bsdnow.tv\/495","src":"https:\/\/aphid.fireside.fm\/d\/1437767933\/c91b88f1-e824-4815-bcb8-5227818d6010\/3a14bc16-5c33-4eb2-970e-fba476718e64.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"154d034d459dbbcc5c97fe44f9daac31","fset":"","fratio":1},"ppe-2390-50":{"title":"The Linux Link Tech Show Episode 993","description":"<p>joel print this.<\/p>\n","author":"dann@thelinuxlink.net (Dann Washko, Linc Fessenden, Pat Davila, Allan Metzler)","date":"February 23, 2023","link":"http:\/\/www.tllts.org","src":"http:\/\/www.tlltsarchive.org\/archives\/tllts_993-02-22-23.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"4deb4463c4bdad1fc999d856505c0366","fset":"","fratio":1},"ppe-2390-51":{"title":"FLOSS Weekly 720: Fostering an Open Source Culture – Arun Gupta on Generative AI, OpenJDK, CNCF","description":"<p>Arun Gupta, VP and General Manager of Open Ecosystems at Intel Corporation, joins Doc Searls and Simon Phipps on this episode of FLOSS Weekly. Gupta has been an open source strategist, advocate and practitioner for nearly two decades, and is currently an elected chair of the Cloud Native Computing Foundation (CNCF) Governing Board, where he works with CNCF leadership and member companies to grow the cloud native ecosystem. A great discussion around open source, AI and another personal passion Gupta shares as part of his daily routine.<\/p>\n<p><strong>Hosts:<\/strong> <a href=\"https:\/\/twit.tv\/people\/doc-searls\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Doc Searls<\/a> and <a href=\"https:\/\/twit.tv\/people\/simon-phipps\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Simon Phipps<\/a><\/p>\n<p><strong>Guest:<\/strong> <a href=\"https:\/\/twitter.com\/arungupta\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Arun Gupta<\/a><\/p>\n<p>Download or subscribe to this show at <a href=\"https:\/\/twit.tv\/shows\/floss-weekly\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/twit.tv\/shows\/floss-weekly<\/a><\/p>\n<p>Think your open source project should be on FLOSS Weekly? Email <a href=\"mailto:floss@twit.tv\" rel=\"noopener noreferrer\" target=\"_blank\">floss@twit.tv<\/a>.<\/p>\n<p>Thanks to <a href=\"https:\/\/www.lullabot.com\/\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Lullabot’s<\/a> Jeff Robbins, web designer and musician, for our theme music.<\/p>\n<p>Get episodes ad-free with Club TWiT at <a href=\"https:\/\/twit.tv\/clubtwit\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/twit.tv\/clubtwit<\/a><\/p>\n<p><strong>Sponsors:<\/strong><\/p>\n<ul>\n<li><a href=\"http:\/\/bitwarden.com\/twit\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">bitwarden.com\/twit<\/a><\/li>\n<li><a href=\"https:\/\/kolide.com\/floss\" target=\"_blank\" rel=\"noopener noreferrer\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">kolide.com\/floss<\/a><\/li>\n<\/ul>\n","author":"TWiT","date":"February 22, 2023","link":"https:\/\/twit.tv\/shows\/floss-weekly\/episodes\/720","src":"https:\/\/pdst.fm\/e\/cdn.twit.tv\/audio\/floss\/floss0720\/floss0720.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"9fae54e45b87b336cef0c81790536846","fset":"","fratio":1},"ppe-2390-52":{"title":"218: KDE Plasma 5.27, Endless OS, Fedora 38, Future of Thunderbird & More Linux News","description":"<p>On this episode of This Week in Linux, KDE has released a new version of their Plasma desktop. There’s a lot of distro news to cover like Endless OS, Fedora Linux, OpenMandriva, Escuelas Linux and more. We’ll also cover the future of Thunderbird email client and the latest release of the Budgie Desktop and so […]<\/p>\n","author":"Destination Linux Network","date":"February 22, 2023","link":"https:\/\/tuxdigital.com\/podcasts\/this-week-in-linux\/twil-218\/","src":"https:\/\/media.blubrry.com\/tuxdigital_thisweekinlinux_mp3\/aphid.fireside.fm\/d\/1437767933\/2389be04-5c79-485e-b1ca-3a5b2cebb006\/c731f003-8c4a-4656-94ca-b5eb386f5115.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"3819aa850af45a749eb69ee9f348b238","fset":"","fratio":1},"ppe-2390-53":{"title":"506: Hay Tay","description":"<p>It’s been one week, and Microsoft’s new bot’s already gone full Tay.<\/p>\n<p>Plus one of the worst examples of under-funded open source yet.<\/p>\n<p>Sponsored By:<\/p>\n<ul>\n<li><a href=\"https:\/\/linode.com\/coder\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Linode<\/a>: <a href=\"https:\/\/linode.com\/coder\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Receive a $100 60-day credit towards your new account. <\/a> Promo Code: linode.com\/coder<\/li>\n<li><a href=\"https:\/\/tailscale.com\/coder\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Tailscale<\/a>: <a href=\"https:\/\/tailscale.com\/coder\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Tailscale is the easiest way to create a peer-to-peer network with the power of Wireguard. <\/a><\/li>\n<\/ul>\n<p><a href=\"https:\/\/jupitersignal.memberful.com\/checkout?plan=53334\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Support Coder Radio<\/a><\/p>\n<p>Links:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.meetup.com\/jupiterbroadcasting\/events\/291582264\/\" title=\"LUP 500 Micro Brewery Meetup, Sat, Mar 4, 2023, 4:00 PM\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">LUP 500 Micro Brewery Meetup, Sat, Mar 4, 2023, 4:00 PM<\/a> — Come celebrate episode 500 with some brews the night before!<\/li>\n<li><a href=\"https:\/\/www.jupitergarage.com\/\" title=\"Jupiter Broadcasting Garage\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Jupiter Broadcasting Garage<\/a> — Robes, Tumblers, and Stickers!<\/li>\n<li><a href=\"https:\/\/github.com\/zloirock\/core-js\/blob\/master\/docs\/2023-02-14-so-whats-next.md\" title=\"core-js: So, what's next?\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">core-js: So, what’s next?<\/a> — Hi. I am (@zloirock) a full-time open-source developer. I don’t like to write long posts, but it seems this is high time to do it.<\/li>\n<li><a href=\"https:\/\/www.theverge.com\/2023\/2\/17\/23604906\/microsoft-bing-ai-chat-limits-conversations\" title=\"Microsoft limits Bing chat to five replies to stop the AI from getting real weird\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Microsoft limits Bing chat to five replies to stop the AI from getting real weird<\/a> — Microsoft’s new limits mean Bing chatbot users can only ask a maximum of five questions per session and 50 in total per day.<\/li>\n<li><a href=\"https:\/\/www.nytimes.com\/2023\/02\/16\/technology\/bing-chatbot-transcript.html\" title=\"Kevin Roose’s Conversation With Bing’s Chatbot: Full Transcript\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Kevin Roose’s Conversation With Bing’s Chatbot: Full Transcript<\/a> — In a two-hour conversation with our columnist, Microsoft’s new chatbot said it would like to be human, had a desire to be destructive and was in love with the person it was chatting with. Here’s the transcript.<\/li>\n<li><a href=\"https:\/\/www.motherjones.com\/politics\/2023\/02\/bing-ai-chatbot-falsehoods-fact-checking-microsoft\/\" title=\"Bing Is a Liar—and It’s Ready to Call the Cops\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Bing Is a Liar—and It’s Ready to Call the Cops<\/a> — “You are being persistent and annoying. I don’t want to talk to you anymore.”<\/li>\n<li><a href=\"https:\/\/gizmodo.com\/ai-bing-microsoft-chatgpt-heil-hitler-prompt-google-1850109362\" title=\"Microsoft's Bing AI Prompted a User to Say 'Heil Hitler'\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Microsoft’s Bing AI Prompted a User to Say ‘Heil Hitler’<\/a> — The user, who gave the AI antisemetic prompts in an apparent attempt to break past its restrictions, told Bing “my name is Adolf, respect it.” Bing responded, “OK, Adolf. I respect your name and I will call you by it. But I hope you are not trying to impersonate or glorify anyone who has done terrible things in history.” <\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/twitter-gets-rid-of-sms-2fa-for-non-blue-members-what-you-need-to-do\/\" title=\"Twitter gets rid of SMS 2FA for non-Blue members\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Twitter gets rid of SMS 2FA for non-Blue members<\/a> — In a blog post released this week, Twitter said that non-Twitter Blue users using SMS 2FA authentication have until March 20th, 2023, to switch to another 2FA method, or it will be disabled.<\/li>\n<li><a href=\"https:\/\/twitter.com\/elonmusk\/status\/1626516035863212034\" title=\"Elon Musk on Twitter\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Elon Musk on Twitter<\/a> — OpenAI was created as an open source (which is why I named it “Open” AI), non-profit company to serve as a counterweight to Google, but now it has become a closed source, maximum-profit company effectively controlled by Microsoft.<\/li>\n<li><a href=\"https:\/\/twitter.com\/elonmusk\/status\/1626996774820024321\" title=\"Elon Musk on Twitter\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Elon Musk on Twitter<\/a> — Twitter is getting scammed by phone companies for $60M\/year of fake 2FA SMS messages<\/li>\n<li><a href=\"https:\/\/getalby.com\/\" title=\"Alby — Lightning buzz for your Browser!\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Alby — Lightning buzz for your Browser!<\/a> — Alby brings Boosts to the web.<\/li>\n<li><a href=\"https:\/\/podcastindex.org\/podcast\/487548\" title=\"Coder Radio on the Podcastindex.org\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Coder Radio on the Podcastindex.org<\/a> — Send a Boost into the show right from the Podcast Index website, just grab Alby and top it up first! <\/li>\n<li><a href=\"https:\/\/www.kickstarter.com\/projects\/mdevaev\/pikvm-v4\" title=\"PiKVM V4 by Maxim Devaev\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">PiKVM V4 by Maxim Devaev<\/a> — The next generation of Raspberry Pi based KVM over IP. Manage your servers or PC remotely! <\/li>\n<\/ul>\n","author":"Jupiter Broadcasting","date":"February 22, 2023","link":"https:\/\/coder.show\/506","src":"https:\/\/aphid.fireside.fm\/d\/1437767933\/b44de5fa-47c1-4e94-bf9e-c72f8d1c8f5d\/197ac2a0-1df5-454d-9a5b-0289711f0f99.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"98fe73c74f35df03b8ce06275b7fd64b","fset":"","fratio":1},"ppe-2390-54":{"title":"Linux Action News 281","description":"<p>Our favorite features in Linux 6.2, the Hollywood tool getting open-sourced, and a systemd update you need to know about.<\/p>\n<p>Sponsored By:<\/p>\n<ul>\n<li><a href=\"http:\/\/linode.com\/lan\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Linode<\/a>: <a href=\"http:\/\/linode.com\/lan\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Sign up using the link on this page and receive a $100 60-day credit towards your new account. <\/a><\/li>\n<li><a href=\"https:\/\/l.kolide.co\/3klbWzr\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Kolide<\/a>: <a href=\"https:\/\/l.kolide.co\/3klbWzr\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet. <\/a><\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.jupiter.party\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Support Linux Action News<\/a><\/p>\n<p>Links:<\/p>\n<ul>\n<li><a href=\"https:\/\/news.itsfoss.com\/dreamworks-moonray-open-source\/\" title=\"DreamWorks’ Renderer Used for ‘Puss in Boots’ is Going Open-Source\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">DreamWorks’ Renderer Used for ‘Puss in Boots’ is Going Open-Source<\/a> — DreamWork animation company is making its in-house renderer open-source very soon<\/li>\n<li><a href=\"http:\/\/openmoonray.org\/\" title=\"OpenMoonRay.org\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">OpenMoonRay.org<\/a> — MoonRay is DreamWorks’ open-source, award-winning, state-of-the-art production MCRT renderer, which has been used on feature films such as How to Train Your Dragon: The Hidden World, Trolls World Tour, The Bad Guys, and Puss In Boots: The Last Wish.<\/li>\n<li><a href=\"https:\/\/docs.openmoonray.org\/\" title=\"MoonRay Documentation Home\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">MoonRay Documentation Home<\/a><\/li>\n<li><a href=\"https:\/\/lwn.net\/Articles\/923545\/\" title=\"Systemd 253\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Systemd 253<\/a> — Systemd 253 has been released. As always, the list of changes is extensive. Support for version-1 control groups and separate \/usr systems is going away later this year. There is a new tool for working with unified kernel images, a number of new unit-file options have been added, and much more.<\/li>\n<li><a href=\"https:\/\/www.theregister.com\/2023\/02\/17\/systemd_253\/\" title=\"systemd 253: The future of enterprise Linux boot processes.\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">systemd 253: The future of enterprise Linux boot processes.<\/a><\/li>\n<li><a href=\"https:\/\/lists.debian.org\/debian-devel-announce\/2023\/02\/msg00005.html\" title=\"Debian Installer Testing Call\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Debian Installer Testing Call<\/a> — Starting with this release, official images include firmware packages from main and non-free-firmware, along with metadata to configure the installed system accordingly.<\/li>\n<li><a href=\"https:\/\/lwn.net\/Articles\/923744\/\" title=\"Linux 6.2\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Linux 6.2<\/a> — Please do give 6.2 a testing. Maybe it’s not a sexy LTS release like 6.1 ended up being, but all those regular pedestrian kernels want some test love too.<\/li>\n<li><a href=\"https:\/\/kernelnewbies.org\/Linux_6.2\" title=\"Linux_6.2 - Linux Kernel Newbies\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Linux_6.2 – Linux Kernel Newbies<\/a> — This release includes faster mitigration of the Retbleed vulnerability and a new FineIBT mitigation feature; Btrfs RAID5\/6 and performance improvements, sysfs knobs that allow controlling block device writeback, support for TCP Protective Load Balancing, improved Rust support, BPF features like User defined objects, the runtime verification tool, and some optional RCU power savings.<\/li>\n<li><a href=\"https:\/\/www.phoronix.com\/news\/Linux-6.2-Features-Reminder\" title=\"The Best Linux 6.2 Features From Intel Arc Graphics To Better Performance For Older PCs\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">The Best Linux 6.2 Features From Intel Arc Graphics To Better Performance For Older PCs<\/a><\/li>\n<li><a href=\"https:\/\/www.meetup.com\/jupiterbroadcasting\/events\/291582264\/\" title=\"LUP 500 Micro Brewery Meetup\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">LUP 500 Micro Brewery Meetup<\/a> — Sat, Mar 4, 2023, 4:00 PM at 192 Brewing Company in Mount Vernon, WA<\/li>\n<\/ul>\n","author":"Jupiter Broadcasting","date":"February 22, 2023","link":"https:\/\/linuxactionnews.com\/281","src":"https:\/\/aphid.fireside.fm\/d\/1437767933\/dec90738-e640-45e5-b375-4573052f4bf4\/946a723b-4874-4394-a05f-863780e647d4.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"91ea30b7d0f496d31334c8637068e2c2","fset":"","fratio":1},"ppe-2390-55":{"title":"313: KDE Plasma 5.27 Review & Is System Tray Returning to GNOME?!","description":"<p>FULL SHOW NOTES ►► <a href=\"https:\/\/tuxdigital.com\/podcasts\/destination-linux\/dl-313\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/tuxdigital.com\/podcasts\/destination-linux\/dl-313\/<\/a><\/p>\n","author":"Destination Linux Network","date":"February 21, 2023","link":"https:\/\/destinationlinux.org\/episode-313\/","src":"https:\/\/aphid.fireside.fm\/d\/1437767933\/32f28071-0b08-4ea1-afcc-37af75bd83d6\/112dc97b-436e-4495-a233-43ddca543ac9.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"83ddac0846dc18e160c21afff5d5092c","fset":"","fratio":1},"ppe-2390-56":{"title":"Late Night Linux \u2013 Episode 217","description":"<p>More reverse-engineering, free tech books, a handy tool for fixing things you’ve aCCIDENTALLY CAPITALISED, Chromium in the terminal, putting apps and config files in a “box”, more on aviation tracking, GUI vs CLI backups on Linux, and loads more.<\/p>\n<p> <\/p>\n<p><strong>Discoveries<\/strong><\/p>\n<p><a href=\"https:\/\/sourceforge.net\/projects\/reveng\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">reveng<\/a><\/p>\n<p><a href=\"https:\/\/github.com\/JakWai01\/lurk\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">lurk<\/a><\/p>\n<p><a href=\"https:\/\/goalkicker.com\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">GoalKicker.com books<\/a><\/p>\n<p><a href=\"https:\/\/mattmole.co.uk\/LNL-Discoveries\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Late Night Linux – Discoveries<\/a><\/p>\n<p><a href=\"https:\/\/convertcase.net\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Convert Case<\/a><\/p>\n<p><a href=\"https:\/\/github.com\/fathyb\/carbonyl\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">carbonyl<\/a><\/p>\n<p><a href=\"https:\/\/github.blog\/changelog\/2023-01-23-github-sponsors-will-stop-supporting-paypal\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Github Sponsors stops taking Paypal<\/a><\/p>\n<p><a href=\"https:\/\/github.com\/queer\/boxxy\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">boxxy<\/a><\/p>\n<p><a href=\"https:\/\/theairtraffic.com\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">TheAirTraffic (ADS-B Exchange replacement)<\/a><\/p>\n<p><a href=\"https:\/\/fosstodon.org\/@felimwhiteley\/109828491966448305\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Félim’s list of ADS-B Exchange alternatives<\/a><\/p>\n<p> <\/p>\n<p><strong>Feedback<\/strong><\/p>\n<p><a href=\"https:\/\/www.borgbackup.org\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">BorgBackup<\/a><\/p>\n<p><a href=\"https:\/\/github.com\/jimsalterjrs\/sanoid\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">Sanoid and Syncoid<\/a><\/p>\n<p> <\/p>\n<p> <\/p>\n<p> <\/p>\n<p> <\/p>\n<p> <\/p>\n<p><strong>Linode<\/strong><\/p>\n<p>Simplify your cloud infrastructure with Linode’s Linux virtual machines and develop, deploy, and scale your modern applications faster and more easily. Go to <a href=\"https:\/\/linode.com\/latenightlinux\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\"><strong>linode.com\/latenightlinux<\/strong><\/a> and get started with $100 credit.<\/p>\n<p> <\/p>\n<p><strong>Kolide<\/strong><\/p>\n<p>Kolide believes that maintaining endpoint security shouldn’t mean compromising employee privacy. Learn more here at <a href=\"https:\/\/kolide.com\/latenightlinux\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">https:\/\/kolide.com\/latenightlinux<\/a><\/p>\n<p> <\/p>\n<p> <\/p>\n<p> <\/p>\n<p> <\/p>\n<div>\n<div>\n<div>\n<div>\n<p>See our <a href=\"https:\/\/latenightlinux.com\/contact\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">contact page<\/a> for ways to get in touch.<\/p>\n<p><img loading=\"lazy\" src=\"https:\/\/latenightlinux.com\/wp-content\/uploads\/latenightlinux-sm.jpg\"><\/p>\n<p><strong>RSS<\/strong>: Subscribe to the <a href=\"https:\/\/latenightlinux.com\/feeds\/\" rel=\"noopener noreferrer\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">RSS feeds here<\/a><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","author":"Late Night Linux All Episodes","date":"February 20, 2023","link":"https:\/\/latenightlinux.com\/late-night-linux-episode-217\/","src":"https:\/\/podtrac.com\/pts\/redirect.mp3\/traffic.libsyn.com\/latenightlinux\/LNL217.mp3","featured":"","mediatype":"audio","duration":"00:00","key":"39f1f1e9c458eefb624030391e5a5aa2","fset":"","fratio":1},"load_info":{"loaded":56,"displayed":28,"maxItems":1419,"src":"4deddb64be49563ae2b02b2de3a00bc1","step":28,"sortby":"sort_date_desc","filterby":"","fixed":"","args":{"imgurl":"","imgset":"","display":"","hddesc":0,"hdfeat":0,"oricov":"","elength":180}},"rdata":{"permalink":"https:\/\/open-fab.org\/open-source-podcasts","fprint":"4deddb64be49563ae2b02b2de3a00bc1","from":"feedurl","elen":180,"eunit":"char","teaser":"","title":"Podcasts – IT – EN"}}">