Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Tuesday, 15 Oct 19 - Tux Machines is a community-driven public service/news site which has been around for over a decade and a half and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Android Leftovers Rianne Schestowitz 15/10/2019 - 7:49pm
Story Proprietary Software Security and FOSS Patches Roy Schestowitz 15/10/2019 - 4:48pm
Story Plasma 5.17.0 Roy Schestowitz 3 15/10/2019 - 4:40pm
Story Linux security hole: Much sudo about nothing Rianne Schestowitz 1 15/10/2019 - 4:28pm
Story Android Leftovers Rianne Schestowitz 15/10/2019 - 4:27pm
Story Ubuntu 19.10 (Eoan Ermine) Enters Final Freeze Ahead of October 17th Release Rianne Schestowitz 15/10/2019 - 4:21pm
Story Games: The Universim, POSTAL 4: No Regerts, RPCS3, Shadow of the Tomb Raider, Games Archive and X-Plane Roy Schestowitz 1 15/10/2019 - 4:18pm
Story KDE neon 5.17 Rianne Schestowitz 15/10/2019 - 4:17pm
Story 7 Linux Applications You Should Start Using Right Now Roy Schestowitz 15/10/2019 - 3:40pm
Story Firefox’s New WebSocket Inspector Rianne Schestowitz 15/10/2019 - 3:30pm

Proprietary Software Security and FOSS Patches

Filed under
Security
  • Compromised AWS API Key Allowed Access to Imperva Customer Data

    Imperva has shared more information on how [attackers] managed to obtain information on Cloud Web Application Firewall (WAF) customers, and revealed that the incident involved a compromised administrative API key.

  • Oil Refiner Reports Major IT Incident in Finland

    It’s not yet clear whether the cause is a malfunction or a cyber attack, according to spokeswoman Susanna Sieppi. The issue is under investigation, and it’s too early to estimate when the systems will be fixed, she said by phone.

  • WordPress 5.2.4 Security Release

    WordPress 5.2.4 is now available! This security release fixes 6 security issues.

    WordPress versions 5.2.3 and earlier are affected by these bugs, which are fixed in version 5.2.4. Updated versions of WordPress 5.1 and earlier are also available for any users who have not yet updated to 5.2.

  • Ubuntu Releases Patch for Major ‘sudo’ Security Exploit

    Canonical has issued an urgent security fix to the ‘sudo’ package in the Ubuntu archives following the discovery of a major security flaw.

    A critical fix has rolled out to all users of Ubuntu 16.04 LTS, 18.04 LTS, 19.04 and 19.10 (and one assumes Ubuntu 14.04 ESR too) — just run a sudo apt upgrade to install it.

    But what about the flaw inquisition? Well, if you’re yet to hear about it I appreciate meditative disconnect from social media. The oft toxic waste pools of chatter were with wet with alarm — some manufactured, the rest well weighted — over CVE-2019-14287 when it was announced yesterday, October 14.

  • Security updates for Tuesday

    Security updates have been issued by Debian (sudo and xtrlock), openSUSE (sudo), Red Hat (Single Sign-On), Slackware (sudo), SUSE (binutils, dhcp, ffmpeg, kernel, kubernetes-salt, sudo, and tcpdump), and Ubuntu (sudo).

Linux security hole: Much sudo about nothing

Filed under
Linux
Security

There's a lot of hubbub out there now about a security hole in the Unix/Linux family's sudo command. Sudo is the command, which enables normal users to run commands as if they were the root user, aka the system administrator. While this sudo security vulnerability is a real problem and needs patching, it's not nearly as bad as some people make it out to be.

At first glance the problem looks like a bad one. With it, a user who is allowed to use sudo to run commands as any other user, except root, can still use it to run root commands. For this to happen, several things must be set up just wrong.

First the sudo user group must give a user the right to use sudo but doesn't give the privilege of using it to run root commands. That can happen when you want a user to have the right to run specific commands that they wouldn't normally be able to use. Next, sudo must be configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification.

Read more

Ubuntu 19.10 (Eoan Ermine) Enters Final Freeze Ahead of October 17th Release

Filed under
Ubuntu

As of October 10th, the Ubuntu 19.10 release is officially in Final Freeze, the last step of its development stage, which means that only release critical bugs affecting the ISO images or the installers will be accepted in the archives. Release Candidate images are also now available for testing to ensure an uneventful and smooth release.

"We will shut down cronjobs and spin some RC images late Friday or early Saturday once the archive and proposed-migration have settled a bit, and we expect everyone with a vested interest in a flavour (or two) and a few spare hours here and there to get to testing to make sure we have another uneventful release next week," said Adam Conrad.

Read more

KDE neon 5.17

Filed under
GNU
KDE
Linux

KDE neon 5.17 is out. You can upgrade your existing KDE neon User Edition install or install fresh from an ISO image or run the Docker image. Featuring Plasma 5.17 it is packed full of new features according to OMG Ubuntu.

Read more

Games: The Universim, POSTAL 4: No Regerts, RPCS3, Shadow of the Tomb Raider, Games Archive and X-Plane

Filed under
Gaming
  • City building god sim 'The Universim' will now let you launch rockets with satellites into orbit

    The Universim is slowly turning into a city building god game truly worth playing, with the Sky High update now available expanding the game into planetary orbit.

    Being able to actually launch things into space is a stepping stone towards visiting other planets. Currently, the Cosmodrome will allow you to send up Defence Satellites that will enable ground to air defences for your Defence Towers. So now you have a reasonable chance to take down meteors and other threats from space.

  • POSTAL 4: No Regerts released into Early Access, Linux version likely in future

    Running With Scissors are back, with a surprise release of POSTAL 4: No Regerts on Steam and a Linux version is looking likely in future.

    Naturally, someone posted on Steam to ask about the possibility of Linux support. This is something that happens a lot but here it's a bit different. RWS already supported Linux with multiple previous Postal releases.

  • PlayStation 3 emulator RPCS3 is coming along quickly with their August progress report up

    Delayed as usual due to the progress reports being done by contributors, the team working on the PlayStation 3 emulator RPCS3 have another post up to show off more incredible progress.

    To start with, they have again changed how they list what games are playable and not with the removal of games that won't work due to servers being shut down. They said even if RPCS3 becomes 100% complete, they wouldn't work unless someone accurately emulated and hosted servers for them. With that in mind, they also did a lot of testing of games that previously only went in-game to see how many are now properly playable. Thanks to all the testing, the Playable category has jumped up to 1,426 titles!

  • Shadow of the Tomb Raider Definitive Edition arrives on Linux on November 5th

    Feral Interactive have finally confirmed the Linux release date for Shadow of the Tomb Raider after announcing it for Linux back in November last year.

    They've said today it will officially release as "Shadow of the Tomb Raider Definitive Edition" on November 5th! Looking around at dates, technically this is the earliest we've seen any of the newer Tomb Raider series arrive on Linux. The first Tomb Raider came to Linux in 2016 after an original 2013 release, with Rise of the Tomb Raider arriving on Linux 2018 after an original 2016 release and we get the final game in the reboot trilogy next month!

  • The Internet Archive website has added another 2,500 MS-DOS games

    Another point scored for game preservation. The Internet Archive have added another 2,500 MS-DOS games you can play right in your browser.

    In their official announcement, they said that while they've added a few more to their collection here and there this is the biggest yet and it ranges from "tiny recent independent productions to long-forgotten big-name releases from decades ago".

  • 2,500 More MS-DOS Games Playable at the Archive

    Another few thousand DOS Games are playable at the Internet Archive! Since our initial announcement in 2015, we’ve added occasional new games here and there to the collection, but this will be our biggest update yet, ranging from tiny recent independent productions to long-forgotten big-name releases from decades ago.

  • Vulkan support is not far away now for the flight sim X-Plane 11, physics & flight model updates coming

    X-Plane 11, the detailed flight simulator is finally closing in on an update that will bring in Vulkan support as detailed in a new developer blog post.

7 Linux Applications You Should Start Using Right Now

Filed under
GNU
Linux
Software

Linux used to be the go-to operating system among the tech-savvy crowd. Because back in the day, it was a lot more demanding to use. Now Linux has modern, user-friendly distributions such as Ubuntu and Mint. The application repository they have in common has matured too. Customizing it to your heart’s desire is now easier than ever before. And this should be the end goal — to mold the OS into a tool that’s custom-tailored to your needs. So if you haven’t already, consider installing the following types of applications.

Read more

Firefox’s New WebSocket Inspector

Filed under
Moz/FF

The Firefox DevTools team and our contributors were hard at work over the summer, getting Firefox 70 jam-packed with improvements. We are especially excited about our new WebSocket inspection feature, because you told us in feedback how important it would be for your daily work.

To use the inspector now, download Firefox Developer Edition, open DevTools’ Network panel to find the Messages tab. Then, keep reading to learn more about WebSockets and the tricks that the new panel has up its sleeve.

But first, big thanks to Heng Yeow Tan, the Google Summer of Code (GSoC) student who’s responsible for the implementation.

Read more

Windows 10 vs. Linux OpenGL/Vulkan Driver Performance With Intel Icelake Iris Plus Graphics

Filed under
Graphics/Benchmarks

With picking up the Dell XPS 7390 with Intel Core i7-1065G7 for being able to deliver timely benchmarks from Intel's long-awaited 10nm+ Icelake generation, one of the first areas we have been testing is the Iris Plus "Gen 11" graphics performance. In this article are our initial Windows 10 vs. Linux graphics performance numbers for Ice Lake.

For this very first Intel Iris Plus Gen11 graphics testing are results from Windows 10 compared to Ubuntu 19.10. Ubuntu Linux was benchmarked with its stock driver stack comprised of Mesa 19.2.1 as well as opting for the "Iris" Gallium3D driver and also testing Mesa 19.3-devel both with the default i965 OpenGL driver and the Iris Gallium3D driver. Of course, for the Vulkan tests on Linux is their sole "ANV" Vulkan driver.

The Dell XPS 7390 was equipped with the Intel Core i7-1065G7 Ice Lake processor and its Iris Plus Graphics, 2 x 8GB LPDDR4 3733MHz memory, 500GB Toshiba NVMe solid-state drive, and 1920x1200 panel.

Read more

Coffee Lake embedded PC has six USB 3.0 ports and GbE with BMC

Filed under
Linux

Trenton Systems is prepping a compact, Linux-friendly “Ion Mini PC” with 8th or 9th Gen Coffee Lake options and up to 32GB DDR4, SATA, DP, 6x USB 3.0, and 3x GbE, including one BMC-linked port for out-of-band, remote management.

Trenton Systems has released a photo and preliminary documentation for an Ion Mini PC due to begin sampling by the end of the month. Although this Mini-ITX-based, 178 x 173 x 36mm system is a bit larger than what we typically consider to be a mini-PC these days, it packs in a lot of features including 6x USB 3.0 ports and a Gigabit Ethernet port linked to a Baseboard Management Controller (BMC) chip for remote, out-of-band management of networking connections.

Read more

Android Leftovers

Filed under
Android

Linux Kernel 5.2 Reached End of Life, Users Urged to Upgrade to Linux Kernel 5.3

Filed under
Linux

Released in early July 2019, the Linux 5.2 kernel series brought various new features and enhancements, among which we can mention an open-source firmware to support DSP audio devices, support for case-insensitive names in the EXT4 file system, a new file system mount API, better resource monitoring for Android devices, as well as new open-source GPU drivers for ARM Mali devices.

Additionally, Linux kernel 5.2 introduced some performance improvements to the BFQ I/O scheduler, a new CPU bug infrastructure that better protects your computers against the recently disclosed Intel MDS (Microarchitectural Data Sampling) hardware vulnerabilities, and a new device mapper "dust" target for simulating devices with failing sectors and read failures.

Read more

Meet the Villupuram group of engineers educating students about free and open software

Filed under
GNU

A small group of software engineers are changing the face of computer education in Tamil Nadu’s Villupuram, empowering students from working class families by giving them a strong foundation in software programming. The Villupuram GNU/Linux Users Group (GLUG) is a not-for-profit initiative by a group of software professionals and students who believe in software freedom.

Stared in 2013 by a group of six software engineers, the Villupuram chapter of GLUG was formed as part of a global social movement aimed at educating people about free software.

Vijisulochana (Viji), the group’s current representative, tells TNM that the Villupuram GLUG is focused on training interested students so as to make them technically strong.

“Students can always get trained in software training centres, but those centres may not be best equipped to teach them all the latest software developments. We also choose a handful of deserving students based out of Villupuram for whom travelling to Chennai or to other centres in town may not be financially viable. Here, we do it for free,” she says. Their weekly sessions are attended by hundreds of students.

Read more

Plasma 5.17.0

Filed under
KDE

Plasma 5.17 is the version where the desktop anticipates your needs. Night Color, the color-grading system that relaxes your eyes when the sun sets, has landed for X11. Your Plasma desktop also recognizes when you are giving a presentation, and stops messages popping up in the middle of your slideshow. If you are using Wayland, Plasma now comes with fractional scaling, which means that you can adjust the size of all your desktop elements, windows, fonts and panels perfectly to your HiDPI monitor.

The best part? All these improvements do not tax your hardware! Plasma 5.17 is as lightweight and thrifty with resources as ever.

Read more

Debian and Ubuntu Patch Critical Sudo Security Vulnerability, Update Now

Filed under
Security
Debian
Ubuntu

Discovered by Joe Vennix, the security vulnerability (CVE-2019-14287) could be exploited by an attacker to execute arbitrary commands as the root user (system administrator) because sudo incorrectly handled certain user IDs when it was configured to allow users to run commands as an arbitrary user through the ALL keyword in a Runas specification.

"Joe Vennix discovered that sudo, a program designed to provide limited super user privileges to specific users, when configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, allows to run commands as root by specifying the user ID- -1 or 4294967295," reads Debian's security advisory.

Read more

State of Calibre in Debian

Filed under
Debian

To counter some recent FUD spread about Calibre in general and Calibre in Debian in particular, here a concise explanation of the current state.

Many might have read my previous post on Calibre as a moratorium, but that was not my intention. Development of Calibre in Debian is continuing, despite the current stall.

Since it seems to be unclear what the current blockers are, there are two orthogonal problems regarding recent Calibre in Debian: One is the update to version 4 and the switch to qtwebengine, one is the purge of Python 2 from Debian.

Read more

How GNOME uses Git

Filed under
GNOME

“What’s your GitLab?” is one of the first questions I was asked on my first day working for the GNOME Foundation—the nonprofit that supports GNOME projects, including the desktop environment, GTK, and GStreamer. The person was referring to my username on GNOME’s GitLab instance. In my time with GNOME, I’ve been asked for my GitLab a lot.

We use GitLab for basically everything. In a typical day, I get several issues and reference bug reports, and I occasionally need to modify a file. I don’t do this in the capacity of being a developer or a sysadmin. I’m involved with the Engagement and Inclusion & Diversity (I&D) teams. I write newsletters for Friends of GNOME and interview contributors to the project. I work on sponsorships for GNOME events. I don’t write code, and I use GitLab every day.

Read more

Syndicate content