Log for J - The New Vulnerability

The Log4Shell vulnerability is making waves this week; we'll explain why and break down how it works.

Plus, some good news for the Desktop and systemd-homed gets one step closer.

Sponsored By:

• Jupiter Network Membership: Support the entire network, and get access to every member's special feed for every show on the network. Sign-up before the end of the year and save $2/m for a year! Promo Code: thesignal
• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Ting: Save $25 off your first device, or $25 in service credit if you bring one!

Support Linux Action News

Links:

• GNOME 42 To Finally Allow Input Events To Happen Full-Rate — Up to now GNOME Shell has been compressing pointer motion events so they are synchronized to the monitor refresh rate, which can be anywhere from around 30 to 144 events per second depending upon display.
• An Eventful Instant – GNOME Shell & Mutter
• Do not throttle input in wayland event delivery
• FreeBSD 12.3-RELEASE Announcement — The FreeBSD Release Engineering Team is pleased to announce the availability of FreeBSD 12.3-RELEASE. This is the fourth release of the stable/12 branch.
• systemd 250 Is Coming With A Boat Load Of New Features — systemd 250 is packing a rather large number of new features and changes across the board for this dominant Linux init system and service manager.
• Log4Shell — RCE 0-day exploit found in log4j2, a popular Java logging package
• Apache - The ASF on Twitter — “Did you know that Ingenuity, the Mars 2020 Helicopter mission, is powered by Apache Log4j? https://t.co/gV0uyE1ylk #Apache #OpenSource #innovation #community #logging #services
• Tom (^-^) on Twitter
• Kevin Beaumont on Twitter — “Starting a new thread for log4j security vulnerability and fallout. Spoiler: although this emerged as a Minecraft issue (lol) there is going to be impacts across a wide range of enterprise software for some time.”
• Log4jAttackSurface MEMES