Navigating CVEs and Security Classifications in Linux

Sixty vulnerabilities and exposures disclosed in one week sounds like a lot. We'll explain why it's just business as usual.

Sponsored By:

• Core Contributor Membership: Take $1 a month of your membership for a lifetime!
• Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices!
• 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps.

Support LINUX Unplugged

Links:

• 💥 Gets Sats Quick and Easy with Strike
• 📻 LINUX Unplugged on Fountain.FM
• Toronto Meetup — Thursday, Aug 29, 2024
• Berlin with Brent — September Meetup @ Nextcloud Conference, Saturday, Sep 14, 2024
• Check out Alex’s “Building a Colo Server” video
• Microsoft’s latest security update has ruined dual-boot Windows and Linux PCs — The cause: an update Microsoft issued as part of its monthly patch release. It was intended to close a 2-year-old vulnerability in GRUB, an open source boot loader used to start up many Linux devices.
• What the f*** is an SBAT and why does everyone suddenly care — This update was not supposed to apply to dual-boot systems, but did anyway.
• SBAT Revocations: Boot Process - Ubuntu Community Hub
• “Something has gone seriously wrong,” dual-boot systems warn after Microsoft update
• Ubuntu Will Be Skipping Non-Critical Linux Kernel Updates For September - Phoronix
• SRU Mailing List Annoucement
• Canonical Moves To Shipping Very Latest Upstream Kernel Code For Ubuntu Releases
• Kernel Version Selection for Ubuntu Releases - Kernel - Ubuntu Community Hub
• Linus Torvalds Begins Expressing Regrets Merging Bcachefs — The bcachefs patches have become these kinds of "lots of development during the release cycles rather than before it", to the point where I'm starting to regret merging bcachefs.
• Re: [GIT PULL] bcachefs fixes for 6.11-rc5 - Linus Torvalds — No one is being jerks here, Linus and I are just sitting in different places with different perspectives. He has a resonsibility as someone managing a huge project to enforce rules as he sees best, while I have a responsibility to support users with working code, and to do that to the best of my abilities.
• LINUX Unplugged 545: 3,062 Days Later — Kent Overstreet, the creator of bcachefs, helps us understand where his new filesystem fits, what it's like to upstream a new filesystem, and how they've solved the RAID write hole.
• Linux is a CNA — As was recently announced, the Linux kernel project has been accepted as a CNA as a CVE Numbering Authority (CNA) for vulnerabilities found in Linux.
• The Linux security team issues 60 CVEs a week, but don't stress. Do this instead
• What is a "good" Linux Kernel bug?
• Keynote: Linux Kernel Security Demystified - Greg Kroah-Hartman - YouTube
• Membership Summer Discount — Take $1 a month of your membership for a lifetime!
• added pihole nix module by Tdback · Pull Request #3 · JupiterBroadcasting/nixconfigs — Recently, I wanted to start 'nixifying' some of my docker-compose setup. I've created a simple module for spinning up a podman container running pihole as a systemd service, so that way I can just stick it on any NixOS machine and easily make it my DNS server.
• NetworkManager cli (nmci) wrapper to easily create a new network connection
• Distrohopper Wheel
• No idea where to distrohop next? Let the ultimate distrohopper decide for you!
• Proxmox Virtual Environment - NixOS Wiki
• Pick: SaunaFS is a distributed file system — A robust distributed POSIX file system meticulously designed to revolutionize your storage solutions by offering unmatched efficiency, security, and redundancy. At its core, SaunaFS is a distributed file system primarily written in C++, inspired by the pioneering concepts introduced by Google File System.
• Google File System - Wikipedia
• saunafs/INSTALL.md