TTT 52: Ubuntu PSA & Linux Mobile News

TTT 52.1 – Running Ubuntu? Here’s Another Reminder to Keep it Updated
Well, Canonical has released a new round of CVE (Critical Vulnerability Exploit) Patches, so run your updates to close these 9 attack surfaces down for your machine:
· CVE 2022-2196
o Could leave your VMs open to leaking private data from either the host or a fellow guest OS
·  CVE-2022-42328 and CVE-2022-42329
o Which are both race conditions in the Xen networking backend and could cause the kernel to crash
§ What’s a race condition?
· A situation where two drivers are trying to access the same resource at the same time, and do not get scheduled properly by the kernel and it causes problems, often a denial of service (crash, etc)
·  CVE-2023-0266
o a use-after-free vulnerability discovered in the ALSA subsystem that could allow a local attacker to crash the system by causing a denial of service
· CVE-2023-0469
o a use-after-free vulnerability discovered in the io_uring subsystem
· CVE-2023-1195
o another user-after-free vulnerability found in the CIFS network file system. Both vulnerabilities could allow a local attacker to cause a denial of service (system crash) or execute arbitrary code
· CVE-2022-4382
o A race condition in the USB Gadget file system implementation, which could lead to a use-after-free vulnerability in some situations and allow a local attacker to crash the system by causing a denial of service or possibly execute arbitrary code
· CVE-2023-0045
o a flaw in the prctl syscall implementation that made the kernel fail to protect against indirect branch prediction attacks and allowed a local attacker to expose sensitive information
· CVE-2023-23559
o an integer overflow vulnerability found in the RNDIS USB driver that could allow a local attacker with physical access to cause a denial of service (system crash) or execute arbitrary code by plugging in a malicious USB device

https://9to5linux.com/ubuntu-22-10-users-get-new-linux-kernel-security-update-9-vulnerabilities-patched
#TTT #patches #ubuntu #security #Linux #PSA #FOSSNews #TechFreedom
TTT 52.2 – UB Touch OTA-1 Out Now for you Linux Mobile Devotees
Wow, I just talked about OTA 25 last week, and the devs shocked us with the first rebased OTA update already... Welcome to Focal Fossa, everyone. What else is new with this surprise (limited) release? Which devices is it currently available for?
· Devices
o Fairphone 4
o Google Pixel 3a
o Vollaphone 22
o Vollaphone X
o Vollaphone
· New Stuff
o Focal Fossa LTS
o Lomiri UI
o The systemd init system
o Ayatana Indicators
o Waydroid
o a new porting style for device porters
o support for building many components against GCC 12 and Qt 5.15 LTS
· Improvements
o fix for an issue when trying to mute the phone’s microphone during phone calls
o a fix for a context menu issue in the Morph Browser
o fixes for various issues when receiving MMS messages.
o XWayland integration
o support for running legacy X11 apps on Lomiri,
o support for PIN codes between 4 and 12 digits
o updates broadband provider data
o adds support for USB-C USB-PD
o improves PAM/logind integration
o and refreshes various Lomiri effects.
· New
o Morph Browser
§ received hardware-accelerated video decoding with support for up to 2K video playback and video chat support
o Camera app
§ supports barcode reading
o Messaging app
§ now lets you zoom in on conversation text using a pinch and spread gesture, and the Addressbook app now lets users add notes for a contact and a URL address

https://9to5linux.com/first-ubuntu-touch-ota-release-based-on-ubuntu-20-04-lts-is-out-now
#TTT #UBTouch #Linuxmobile #updates #FOSS #TechFreedom #FOSSnews

Free Your Internet

http://techfreedom.pro/internet-freedom/

One-stop shop for getting you and your business transitioned off of Big Tech online platforms and tools, so that you have control of your data once again. I will also help you to find better alternatives.

#TTT #techtips #TechFreedom #internetfreedom #nogoogle #nometa #noyahoo #nomicrosoft #Truth
TTT 52.3 – Ventoy 1.0.90 With Support for Even More Stuff
The boys and girls on the Ventoy team have expanded support even further by adding updated LibreElec and Chimera Linux to their repertoire. That means that the easiest USB/SD Card/ external storage bootable media creation and management solution that much better. If you ever

https://9to5linux.com/ventoy-1-0-90-adds-support-for-libreelec-11-0-and-chimera-linux
#TTT #FOSS #Linux #crossplatform #ventoy #multiusb #TechFreedom #FOSSnews
a.
10 Things My Wife Thinks You Should Know about Tech Freedom.

https://rumble.com/v19elx6-10-things-about-tech-freedom.html?mref=2jfr3&mc=anr3y

#TechFreedom #wifeysauce #getfree #explainer