On this episode of This Week in Linux, we’ve got a jam packed episode, in fact, so much I might even need break out one of the topics into a separate video so it can be more thoroughly covered, we’ll see though. We’re going to be covering new releases including the Linux kernel itself with version 5.8. In App News we got releases from Firefox, Jellyfin and Nano. In Distro News we got new releases from Nitrux, BunsenLabs Linux and Gecko Linux. Then we’ll tackle the big Security News for GRUB2 called BootHole that came out this week. All that and much more on Your Weekly Source for Linux GNews!
Downloads & Media
[tdpodcast mode=”subscribe” podcast=”thisweekinlinux”]
Segment Index
- 00:00 = Intro
- 02:23 = Linux 5.8 Kernel Released
- 06:12 = Firefox 79 Released
- 09:05 = Jellyfin 10.6 Released
- 13:18 = Digital Ocean – https://do.co/dln
- 14:16 = BootHole & GRUB2 Vulnerabilities Patched
- 20:48 = Red Hat System Booting Issues Due to BootHole
- 25:32 = GNU/Nano 5.0 Released
- 28:45 = Bitwarden – https://bitwarden.com/dln
- 31:32 = Nitrux 1.3.1 Released
- 35:19 = BunsenLabs Linux – Lithium Release
- 38:20 = GeckoLinux Leap & Tumbleweed Releases
- 42:47 = Outro
Excellent show, as usual, @MichaelTunnell, though on our forum I think the tag does list main topics covered, but the body of your post is perhaps referring to last week’s show?
I’m glad the community pulled-together and had a look at GRUB2 and related flaws. Apparently the Debian team have fixed it as of a few days ago with 10.5 release including updates to shim, as far as I understand this link:
https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot/
I think the nano snobbery might be originating from system administrators who long consider vi to be the standard for professional use. nano’s supposed to be easier but coming from an Emacs background, I’m happy enough with vim rather than nano, though I have nothing against it myself.
I’m wondering to what extent Coreboot is an open replacement for SecureBoot? Does it get around the problem of code/certificates being authorised only by Microsoft?
Thanks for that, didnt notice that problem. I have fixed it now.
This is why the topic was complicated in the show . . . the fixes for the GRUB2 issue created its own problems so when I said Debian had an issue it was because the one I was talking about was the side-effect of the fixes. This seems to have been solved now though as of this morning. I don’t know but I will do some more research on this piece before the separate video.
You are probably right. I think were just tired of the snobbery in general and that is what made us want to have that story in the show
I am pretty sure CoreBoot doesn’t replace SecureBoot because that is a part of the hardware itself
Thanks for the clarifications and updates, Michael
I reserve the right to add a flame background to any terminal app that adds a “scroll bar”. Like living in 2050!!
Continue the discussion at forum.tuxdigital.com