Looks like a number of patches are landing in Ubuntu to address this: https://bugs.launchpad.net/ubuntu/+source/cups/+bug/2082335
Update: CUPS Remote Code Execution Vulnerability Fix Available
This is a great summary. Thanks!
It looks like you are running XFCE instead of GNOME (the normal Ubuntu desktop). I’m not sure how that happened… but you an always just install another desktop.
For instance, you can try to make sure you have the ubuntu-desktop
or ubuntu-desktop-minimal
metapackage installed:
sudo apt install ubuntu-desktop-minimal
After that, the login manager should allow you to select the Ubuntu session rather than the XFCE one.
Yes, based on the diagrams on their blog, it looks like this only impacts Snaps.
From the Discourse Blog:
The Linux desktop provides XDG Desktop Portals as a standardised way for applications to access resources that are outside of the sandbox. Applications that have been updated to use XDG Desktop Portals will continue to use them. Prompting is not intended to replace XDG Desktop Portals but to complement them by providing the desktop an alternative way to ask the user for permission. Either when an application has not been updated to use XDG Desktop Portals, or when it makes access requests not covered by XDG Desktop Portals.
Since prompting works at the syscall level, it does not require an application’s awareness or cooperation to work and extends the set of applications that can be run inside of a sandbox, allowing for a safer desktop. It is designed to enable desktop applications to take full advantage of snap packaging that might otherwise require classic confinement.
So this looks like it complements and not replaces the XDG Desktop Portals, especially for applications that have not implemented the Portals. It allows you to still run those applications in confinement while providing some more granular access controls.
I used to use VLC for music, but these days I use Symphony to play local files on my phone. VLC tended to struggle when scanning or indexing large folders (which it did all the time…), while Symphony is a bit better at that. That said, I still use VLC for video and for casting things from my DLNA server (VLC supports Chromecast).
For ebooks, I’ve used Librera FD and that has been mostly OK. I’ll checkout the two you mentioned though. Thanks!
I think you meant Pop!_OS (is developed by System76). TuxedoOS is developed by Tuxedo Computers, which is a European Linux focused hardware company.
That said, the point stands… there are hardware companies making Linux supported devices.
Coincidentally, I received a firmware (EFI) update from Dell today via LVFS. Really nice that it works so smoothly on native Linux (no more manually downloading firmware to USB drives, or relying on Windows).
+1 For xournal++. That is what I usually use for annotating slides and drawing with my wacom tablet.
I currently use Ubuntu for all my machines (desktops, laptops, and servers), but I used to use Void Linux on my machines for about 6 years, including on a couple of VPSes. Since you are familiar with Void Linux, you could stick with that and just use Docker/Podman for the individual services such as Matrix, Mastodon, etc.
In regards to Debian, while the packages are somewhat frozen, they do get security updates and backports by the Debian security team:
https://www.debian.org/security/
There is even a LTS version of Debian that will continue backporting security updates:
Good luck!
Not a bad list. Off the top of my head, I would say it is missing two things:
The “Introduction to Operating Systems” link no longer works (redirects to “Autonomous Systems” courses). Instead, I would recommend using Operating Systems: Three Easy Pieces, which is the textbook I use in my OS course.
Finally, something like The Missing Semester of Your CS Education would also be a nice extra.
I’m not so sure… for the following reasons:
Despite using a version of the Linux kernel in ChromeOS, Chromebooks don’t always have the best hardware (ie. driver) support from the mainline kernel used by most distributions. That’s why there are niche distributions like GalliumOS which provide tweaks to support the touchpad and audio devices in many Chromebooks. It’s similar to how Android is Linux, but it’s not standard Linux as we are familiar with (so the hardware support is different).
Many Chromebooks have really poor specs: low-wattage CPUs, small amounts of storage, low amounts of RAM. While they may be newer, they are actually probably less performant than older laptops. This has changed in recent years with the new Chromebook plus program (or whatever it is called) which mandates a reasonable set of baseline features, but that is talking about current Chromebooks and not the ones from the COVID era.
Related to the previous point, many Chromebooks are not serviceable or upgradeable while Thinkpads and some recent laptops are. You are unlikely to open up a Chromebook and be able to replace say the RAM or SSD, which would be a show stopper for a lot of people that like Thinkpads.
So… unfortunately, I think this take is a bit of a miss and I dont’ really see it happening. I would be happy to be proven wrong though since my kids have two Chromebooks from the COVID era :}
If you want something graphical to install a single deb, you can install gdebi
:
https://itsfoss.com/gdebi-default-ubuntu-software-center/
With this installed, anytime you download a deb, it will open the deb in gdebi
and allow you to install the package graphically.
No, most likely Pipewire would be used to implement the protocol for various compositors.
Think of the protocols as high-level descriptions of interfaces (or designs) that specify what needs to be implemented to support a particular feature (in this case capturing images of a “screen”). Looking at this one, it describes a ext_image_capture_source_v1
object that has various methods such as create_source
and destroy
. Different compositors could then implement or support this interface with whatever technology they wish (most will rely on Pipewire).
This is already the case with the existing screensharing protocol. For instance wlroots uses pipewire buffers in xdg-desktop-portal-wlr.
And that’s exactly what happened in your case David. Which is why I’m so happy (also because I fixed the tools from an author I like and already had the books at home :-P):
Really detailed and cool response from the kernel developer. I also found the use of the recent BPF feature to provide a workaround until a proper kernel fix lands really interesting.
Just to note… I’m not the author of the blog post, I just shared it b/c I thought it was an interesting story. I don’t think the author is on Lemmy.
I read that, but I don’t know if that means they will publish stable releases via the same repository. That just sounds like the packages themselves will end up being in those channels (which makes sense, nightly becomes beta, which becomes a release, which ends up as esr). It doesn’t necessarily mean this apt repository will be a release channel itself.
That said, there is the Mozilla Team PPA.
Over the course of the last 20 years, I’ve gone from Arch -> Void -> Pop!_OS -> Ubuntu, and that is what I use on all my machines (laptops, desktops, servers).