NEWS
Vanilla OS Initial Release Is Now Available
A brand-new Linux distribution is now available with a unique feature you won't find in many operating systems. This distribution is called Vanilla OS and offers a stock Gnome experience (using Gnome 43), and is based on Ubuntu 22.10.
The key features of Vanilla OS include its own installer (written in GTK4 and libadwaita), a handy first-setup application to guide users through the first steps, an OS Control Center to help you install drivers and run things such as critical updates, and on-demand immutability.
It's the on-demand immutability that should excite many users. With this feature, core bits of the system are locked to prevent unwanted changes. This is achieved using ABRoot, which works in conjunction with the apt replacement, apx. Apx installs packages inside a managed container without modifying the root file system.
You'll also find VSO (Vanilla System Operator), which is a tool that periodically checks for an update and then downloads and installs it in the background, but only if the system isn't under heavy load.
You can read more about Vanilla OS on the official Kinetic announcement page (https://vanillaos.org/2022/12/29/vanilla-os-22-10-kinetic.html) and then download an ISO for installation from the distribution GitHub page (https://github.com/Vanilla-OS/os/releases/tag/22.10-r2).
Critical Linux Vulnerability Found toImpact SMB Servers
A new flaw has been discovered in the processing of SMB2_TREE_DISCONNECT commands which can lead to remote code execution in servers with KSMBD enabled. KSMBD is an in-kernel SMB file server that was mostly written by a team at Samsung Electronics and was merged into the 5.15 kernel on August 29, 2021. This kernel server implements the SMB3 protocol in kernel space for sharing files over a network.
According to the Zero Day Initiative (https://www.zerodayinitiative.com/advisories/ZDI-22-1690/), "The specific flaw exists within the processing of SMB2_TREE_DISCONNECT commands. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the kernel."
This new vulnerability was discovered back in July 2022 but was only disclosed to the public on December 22, 2022. The good news is twofold: First, the vulnerability has been patched (https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.61), and second, most are still using SMB and are not affected by this vulnerability. Even so, it's critical that you apply the patch for kernel 5.15.
Linux Mint 21.1 Now Available with Plenty ofLook and Feel Changes
Linux Mint 21.1 (Vera) is available now and includes a refreshed UI with a new cursor, plenty of new app icon themes to choose from, and a change from the previous "minty" accent color to the new aqua color.
The changes aren't just aesthetic. You'll also find the Driver Manager can now be launched without typing your password. The Driver Manager also now displays an offline page if you've lost connectivity, and the mounting of live USB media is much more user-friendly.
One important change is that both the Software and Update Managers now have support for Flatpak by default, which means Flatpak apps are installable via the GUI or command line.
The default desktop, Cinnamon, has also received a number of visual updates for item selection, dates, and the path bar. You'll also find that the system sounds have changed to help improve the experience. These new sounds are from the Material Design V2 (https://m2.material.io/) and are more modern.
You can read the full release notes here and download a copy of Linux Mint 21.1 here: https://www.linuxmint.com/download.php.
« Previous 1 2 3 Next »
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
So Long Neofetch and Thanks for the Info
Today is a day that every Linux user who enjoys bragging about their system(s) will mourn, as Neofetch has come to an end.
-
Ubuntu 24.04 Comes with a “Flaw"
If you're thinking you might want to upgrade from your current Ubuntu release to the latest, there's something you might want to consider before doing so.
-
Canonical Releases Ubuntu 24.04
After a brief pause because of the XZ vulnerability, Ubuntu 24.04 is now available for install.
-
Linux Servers Targeted by Akira Ransomware
A group of bad actors who have already extorted $42 million have their sights set on the Linux platform.
-
TUXEDO Computers Unveils Linux Laptop Featuring AMD Ryzen CPU
This latest release is the first laptop to include the new CPU from Ryzen and Linux preinstalled.
-
XZ Gets the All-Clear
The back door xz vulnerability has been officially reverted for Fedora 40 and versions 38 and 39 were never affected.
-
Canonical Collaborates with Qualcomm on New Venture
This new joint effort is geared toward bringing Ubuntu and Ubuntu Core to Qualcomm-powered devices.
-
Kodi 21.0 Open-Source Entertainment Hub Released
After a year of development, the award-winning Kodi cross-platform, media center software is now available with many new additions and improvements.
-
Linux Usage Increases in Two Key Areas
If market share is your thing, you'll be happy to know that Linux is on the rise in two areas that, if they keep climbing, could have serious meaning for Linux's future.
-
Vulnerability Discovered in xz Libraries
An urgent alert for Fedora 40 has been posted and users should pay attention.