LAN 220: Linux Action News 220

• Air Date: 2021-12-19
• Duration: 19 mins 56 secs

About this episode

The nasty Log4Shell vulnerability isn't solved yet, this week saw a new round of attacks and patches.

Your hosts

• Chris Fisher
• Wes Payne

Sponsored by

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Ting: Save $25 off your first device, or $25 in service credit if you bring one!
• Jupiter Network Membership: Support the entire network, and get access to every member's special feed for every show on the network. Promo Code: thesignal

Episode links

• Log4j 2.15.0 and previously suggested mitigations may not be enough — It was discovered that version 2.15.0 would still be vulnerable when the configuration has a pattern layout containing a Context Lookup.
• Statement from CISA Director Easterly on “Log4j” Vulnerability
• PipeWire 0.3.41 Offers Improved Flatpak & JACK Compatibility, Apple AirPlay Streaming — PipeWire 0.3.41 also adds a new RAOP module (raop-sink and raop-discover) that can be used for streaming to Apple AirPlay devices.
• EXT4 Prepared To Switch To Linux’s New Mount API — Linux's new mount API is what came about in recent times as a set of system calls offering more flexibility than the long-standing mount syscall that is a one-shot effort while this new multi-step mounting procedure allows for more options.
• The End-Of-Year 2021 State Of Linux On Apple’s M1 SoC — The Asahi Linux project has published their October and November status update to provide an overview of where the Apple Silicon / Apple M1 open-source support is now at as we approach the end of 2021.
• Asahi Linux looks forward to exciting 2022 on Apple silicon
• Hector Martin on Twitter — Looks like Apple changed the requirements for Mach-O kernel files in 12.1, breaking our existing installation process... and they also added a raw image mode that will never break again and doesn't require Mach-Os. And people said they wouldn't help. This is intended for us.
• Podcastindex.org — The Podcast Index is here to preserve, protect and extend the open, independent podcasting ecosystem.
• Linux Action News on Podcastindex.org

Tags

airplay, alibaba cloud security team, apache, arm smmu, asahi, check point, christian brauner, cisa, crowdstrike, cve-2021-45046, cybersecurity, dave jones, echo-cancel module, ext4, hector martin, icloud, jack, java, jen easterly, linux 5.17, linux action news, linux news podcast, log4j, log4shell, m1, macos 12.1, mandiant, mount api, obs, pipewire, podcast index, podcasting 2.0, raw image mode, steam, wireplumber