OPERATING SYSTEMSOS Linux

More HDR work for Linux, Ubuntu revamps PPAs, KeePass security flaw: Linux & Open Source News

Check out TuxCare’s newsletter for news about Linux security: https://bit.ly/3If3kn0

Grab a brand new laptop or desktop running Linux: https://www.tuxedocomputers.com/en#

👏 SUPPORT THE CHANNEL:
Get access to a weekly podcast, vote on the next topics I cover, and get your name in the credits:

YouTube: https://www.youtube.com/@thelinuxexp/join
Patreon: https://www.patreon.com/thelinuxexperiment
Liberapay: https://liberapay.com/TheLinuxExperiment/

Or, you can donate whatever you want: https://paypal.me/thelinuxexp

👕 GET TLE MERCH
Support the channel AND get cool new gear: https://the-linux-experiment.creator-spring.com/

🎙️ LINUX AND OPEN SOURCE NEWS PODCAST:
Listen to the latest Linux and open source news, with more in depth coverage, and ad-free! https://podcast.thelinuxexp.com

🏆 FOLLOW ME ELSEWHERE:
Website: https://thelinuxexp.com
Mastodon: https://mastodon.social/web/@thelinuxEXP
Pixelfed: https://pixelfed.social/TLENick
Twitter : http://twitter.com/thelinuxEXP
PeerTube: https://tilvids.com/c/thelinuxexperiment_channel/videos

This video is distributed under the Creative Commons Share Alike license.

#Linux #OpenSource #TechNews

00:00 Intro
00:33 Sponsor: Check out TuxCare’s newsletter for news about Linux security
01:19 More HDR work on Linux
03:14 Ubuntu makes PPAs more secure
04:42 KeePass is vulnerable to an exploit
06:19 Cinnamon joins the official variants of AlmaLinux
07:46 Rhino Linux makes its own XFCE based desktop
09:23 GNOME has some big updates
11:42 Gaming News: Big Picture on Nvidia, Roblox on Linux, Wine 8.8
13:51 Sponsor: Get a PC that runs Linux perfectly
14:50 Support the channel

More HDR work on Linux

https://zamundaaa.github.io/wayland/2023/05/18/hdr-and-color-management-in-kwin.html

Ubuntu makes PPAs more secure

Ubuntu Makes ‘Significant’ Security Change to PPAs for 23.10

KeePass is vulnerable to an exploit

KeePass flaw allows retrieval of master password, PoC is public (CVE-2023-32784)

Cinnamon joins the official variants of AlmaLinux

https://linuxiac.com/cinnamon-can-join-almalinuxs-family-of-live-images/

Rhino Linux makes its own XFCE baed desktop

https://rhinolinux.org/unicorn/index.html

GNOME has some big updates

https://thisweek.gnome.org/posts/2023/05/twig-96/

Codeweavers moves to an Employee Trust to manage the company

https://www.codeweavers.com/blog/jwhite/2023/5/19/a-new-chapter-for-codeweavers-and-myself-trust-me

Gaming News: Valve sued, Big Picture on Nvidia, Wine 8.8…

https://www.gamingonlinux.com/2023/05/roblox-still-plan-to-make-it-work-with-wine-on-linux/

https://www.winehq.org/announce/8.8

https://www.gamingonlinux.com/2023/05/valve-tries-to-improve-big-picture-mode-on-linux-for-nvidia-gpus/

source

ubuntu

50 thoughts on “More HDR work for Linux, Ubuntu revamps PPAs, KeePass security flaw: Linux & Open Source News

  • 5:15 "Have other issues" should not be an excuse trivialize the exploit.

  • From what I understood the statement from Roblox about not supporting WINE was intended to be limited to a beta version, to avoid bad data while they look at every error log created.

  • The features being added for Flatpaks have nothing to do with Flatpak specifically. Every "App in a single file" format out there can do what was shown off in this video. Flatpak is a terrible file format for other reasons. Maybe Red Hat and the Gnome team should have finished the Flatpak specification before pushing it so hard and then people wouldn't be so adverse to it, but pushing software before it's ready and forcing the rest of the Linux community to use it by making Gnome depend on it is RHEL's favorite thing to do.

  • I wish to thank you kindly for the KeePass vulnerability report. My guess as to why the PoC tool exploitation being low when it comes to KeePass probably has something to do with KeePass, just like Linux, may not be widely used among consumers. However, even if someone did create Malware to exploit the PoC tool in such a way to capture a RAM dump, Windows swapfile dump and/or Windows hibernation file dump, my guess is each of these dumps might be huge to transmit which might then send alarms to the Windows end-user since such a huge amount to system resources (disk, memory, cpu) will mostly be used by an unknown process.

  • Correction, keyloggers are a thing on wayland. Just a single attack vector isnt an option due to the wayland implementation of gui isolation. This does not cover you from other vectors of keylogging.

  • All that Roblox shitshow is a great demonstration on how SteamDeck is shaping Linux gaming space. Drop WINE support is not as easy right now because you automatically will loose "SteamDeck approved" badge with it, and while SteamDeck is still a hot topic nobody wants deliberately doing that. I personally expected Roblox to unwind that controversial WINE decision and here we go…

  • I'm so surprised to see people are still using/maintaining KeePass instead of KeePassXC? I thought it was dead actually.

  • Security guy here : you really shouldn't worry about the keepass exploit. Honestly, if something has enough access to exploit this, you're already way pas worrying about this : if a malware has full access to another program's memory, that means that basically everything on your computer is totally compromised. Honestly, it's can be a bit tiring when minor exploits like this have so much reach in the media, with so many articles often much less nuanced than your take on this Nick. Thank you for doing your due dilligence on this !

  • I heard KeepassXC is not affected by that critical bug.
    Hope that's true.

  • Probably my favorite news program.

  • Vulnerability just on KeePass but not KeePassXC right?

  • So, should I just never use a password manager then?

  • Spent a decent amount of time outside lately huh Nicholas? 😊

  • Based on my experience of getting permissions worked out under Wayland,
    if somebody manages to install a functioning keylogger on my newer installs they deserve my passwords.
    That's hard work.
    But in all seriousness, KeepassXC is my goto. Guess I'm going beta until July.

  • The KeePass vulnerability only affects KeePass 2 clients. The database file itself is unaffected, and the KeePassXC client is unaffected as well.

  • Since apt-key got deprecated ppa's have kinda been a mess because ubuntu didn't create a new one-liner command for adding a ppa. Hopefully this will address that

  • You should have said whether KeePassXC is vulnerable or not!

  • I was shocked when I installed chimera os and saw it had an HDR toggle. Very happy I can use the HDR on my TV while playing on my steam machine.

  • Wayland's adoption will create problems with compatibility between desktop environments. You see, unlike X11 (that had its own compositor), each environment needs to develop its own compositor, on top of Wayland. These are different implementations, and they are all subsets. With the advent of 10bit, HDR, etc, gnome apps will look weird (if not crashy) under KDE, and the other way around. Wayland should have made its own compositor, and let environments build on top of that universal level, rather than letting each environment hack its own. Fragmentation yet again, at a different level and scape.

  • Nick, do you have a video that could help us decide on a suitable computer for our everyday needs? More I watch videos about new computers, they focus on the gamer angle and not the everyday user. I know Tuxedo, your sponsor, is an option, but what specs should we look for to get the best bang for buck?

  • I had NO IDEA Alma Linux had other flavours. I'm gonna take a look at them right now.

  • HDR on Linux is starting to come together! Seeing HDR video playback on the KDE desktop brings a tear to my eye. It's getting somewhere! It's happening!

  • That's sad news about KeePass. Although, I'm immune due to using a second factor which doesn't type things into a text field. I love my Yubikey!

  • If more Windows users knew about Cinnamon, there'd be a lot fewer Windows users.

  • "Unicorn" is "Licorne" en francais! Merci beaucoup, Nick, pour vos nouvelles de GNU/Linux.

  • That part about Roblox planning to enable Wine would be great. Would finally make me move off (Busybox+Explorer+alot of random libraries not packaged up in winget/)Windows for anything that I can do on Linux.
    Not sure when my daily driving period of Windows again for a few weeks will end.

  • I not found Combo or Kombo app. (API tester) Please show the name of new apps in video please.
    What is app before Combo?

  • It’s so great for Roblox after that there’s just R6 and fortnite support left to do for Linux gaming to become a really great option !

  • It's nice to see Cinnamon getting added to all these different distro's. Gnome and Cinnamon are my favourite DE's, I can't choose one as my #1 but KDE and XFCE are a million miles away in terms of my faves. KDE has it's priorities all wrong, they leave glaring bugs to focus on the visual fidelity of some random icon or panel and it blows my mind that they think it's acceptable. Not many people will keep KDE on their system more than 1 month. Some people yes but it's not hard to see the general consensus from a few Google searches.

  • 13:55 Impressive that you can open that laptop just by resting your finger on the lid and pulling up! Took me a second to realize this shot is reversed 😂

  • I'd love to have a system that tells me if I have packages installed from the PPAs I've added – so I remember to remove them.

  • Is that KeePass vulnerability applicable to KeePass , KeePassX or KeePassXC or all of them?
    Anywhoo ,I use a keyfile as well as a master password so any exploiter needs to find that as well as the password.

    Edit: It is reported to only affect KeePass 2.X branch for Windows:
    Linux users should be using KeepassXC as it is more actively maintained than the other versions

    "KeepassXC – a fork of KeePassX, which is a cross-platform port of KeePass – is not affected."

    "The vulnerability affects the KeePass 2.X branch for Windows, and possibly for Linux and macOS. It has been fixed in the test versions of KeePass v2.54 – the official release is expected by July 2023."

  • 2:00 GNOME's Mutter already supports color profiles, at least on Wayland (haven't tried on X) — it's in the Colors panel. Yeah, I know, not the best panel… I tried to move the functionality into other panels, but kind of abandoned the work for now.

  • HDR support is essentially the final piece of the puzzle for migrating my desktop gaming rig from Windows 10 to Linux. Currently test driving Nobara for this exact purpose, so glad to see the community working so hard in this.

  • 1080p@50? that's probably the first time I've noticed that.

  • 8:18 to 8:26 so …the devs for Rhino linux..claim it's based on xfce..but it LOOKS like vanilla gnome wtf? LOL. No thanks.

  • You're french, you don't need to make a joke about you being horny, we know you're horny all the time.

  • Every weekly gnome update makes me think more and more on how little interest people have on working with kirigami and how KDE really need to rethink it from the ground up to make it as attractive to developers as libadwaita has been (that and to make its HID layout guidelines and widgets not look like heavily themed windows xp/gnome 2 era applications)

Comments are closed.