136: Linux Sudo Bug, KDE Plasma 5.21, Tails OS, Firefox 85, Ubuntu + Wayland


On this episode of This Week in Linux, we’re going to talk about the pretty nasty bug discovered in the Sudo tool which has been named “Baron Samedit”. We’ve got some distro news to discuss for Ubuntu 21.04 and Tails OS. Then we’ll check out some news in the desktop environment space from KDE Plasma and CDE, the Common Desktop Environment of all things. In App news, we’ll check out the latest releases of Mozilla Firefox, Xfce’s Thunar file manager and another browser called qutebrowser. Cute with a “Q” naturally. We’ll take a look at the excite plans UBports has for Ubuntu Touch in 2021. All that and much more on Your Weekly Source for Linux GNews!

Sponsored by: do.co/dln
Sponsored by: bitwarden.com/dln

Downloads & Media

 MP3 YouTube

[tdpodcast mode=”subscribe” podcast=”thisweekinlinux”]

Segment Index

Leave a Comment

Notable Replies

  1. Thanks, @MichaelTunnell - very interesting and informative, as usual :slight_smile:

    I remember the (proprietory) Motif widget set for X from back in the 90s. That was before either GNOME or KDE were around. We used Window Managers then and I seem to recall having to manually edit X configuration files for this. Was possible to fry multisync monitors quite easily in those days if you got refresh rates wrong when starting X manually!

    Glad Debian patched sudo promptly, as I’m sure everyone else did. Given how critical this program is, I wonder if it’s ever been independently audited? Might be useful. I’ve just started looking at GTK coding working from the C original then going upwards to C++ and other bindings. They recommend a classic (now online) text on security when coding for Linux as the types of errors that can cause security breaches often aren’t covered in programming courses.

    I am especially interested in UBPorts work and wonder if they’ll be affected much by Qt LTS becoming commercial only. Always good to hear of updates to stalwarts like Plasma and Firefox too!

  2. The logic behind Firefox removing SSB functionality because the feature had no “user benefit” seems flawed to me. Of course it didn’t benefit me as a user because I had no clue it even existed!!!

    I use Ice (a PeppermintOS project that I have installed on Kubuntu by manually downloading the deb from Launchpad) to achieve that functionality. Had the Firefox feature been presented in the UI somewhere I would absolutely have used it and it would have most likely been of benefit.

  3. Command to see if you have the sudo bug:

    sudoedit -s '\' `perl -e 'print "A" x 65536'`

    If your server/desktop has the bug it’ll output:

    malloc(): corrupted top size
    Aborted (core dumped)

    If not:

    usage: sudoedit [-AknS] [-r role] [-t type] [-C num] [-D directory] [-g group]
    [-h host] [-p prompt] [-R directory] [-T timeout] [-u user]
    file …

Continue the discussion at forum.tuxdigital.com


Avatar for Ulfnic Avatar for MichaelTunnell Avatar for ak2020 Avatar for WalJT