Bonum Certa Men Certa

Links 9/3/2022: Red Hat Boycotts Russia and Belarus, Another Security Lapse in Rust



  • GNU/Linux

    • Desktop/Laptop

      • System76 Launch review: Linux-friendly keyboard with a USB hub [Ed: Review or marketing? Also, this is a keyboard. Nothing to do with Linux.]

        The Launch is System76's first mechanical keyboard, but it could be the last keyboard you need. With hot-swappable mechanical switches, legends that won't fade, a durable build, and a pair of detachable cables, this tenkeyless board can evolve with you.

        It's also open source—from its chassis to its PCB and firmware—allowing for deeper tinkering. There are even some extra keycaps for when you want a new look. And in true System76 style, the board favors Linux users.

        At $285, though, the Launch is a big investment, and many won't like how hard it is to press the keys. The clicky mechanical switches are so tactile that they'll tire some fingers out.

      • 6 Best Programmable and Mechanical Keyboards For Linux 2022

        With Windows all keyboards are compatible but most are with Mac as well. If we talk about Linux/Unix then there are few which are compatible with it in which some functions might not work at all or work partially. These are mostly for Ubuntu, CentOS, Debian and even Kali Linux. We have tested the 6 best Mechanical and Programmable Keyboards available for Linux that are suitable for gaming and programming, with typing in mind.

        [...]

        Linux is the second most popular OS after Windows. There is a very large community that prefers it and uses it as their primary operating system. This is why we have put together a list of the 6 best Linux mechanical and programmable keyboards that are both great for gaming, developers and programmers. We have written this with compatibility in mind so there are wired and wireless choices available.

    • Audiocasts/Shows

    • Kernel Space

      • LWNLinux 5.16.13
        I'm announcing the release of the 5.16.13 kernel.
        
        

        All users of the 5.16 kernel series must upgrade.

        The updated 5.16.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.16.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...

        thanks,

        greg k-h
      • LWNLinux 5.15.27
      • LWNLinux 5.10.104
      • LWNLinux 5.4.183
      • LWNLinux 4.19.233
      • LWNLinux 4.14.270
      • LWNLinux 4.9.305
      • Graphics Stack

        • PipeWire: A year in review & a look ahead

          The PipeWire project has made major strides over the past few years, bringing shiny new features, and paving the way for new possibilities in the Linux multimedia scene. With 2021 seeing significant progress made on all fronts, let's take a moment to look back at what was accomplished, and what lies ahead for 2022.

          Last year began with busywork on the Bluetooth€® front, with amazing volunteers testing and fixing things on PipeWire's Bluetooth€® plugin. Throughout the year, the plugin evolved to become perhaps one of the best - if not the best - open source Bluetooth€® audio stack implementations that I am aware of. Based on an extensible plugin architecture, Pipewire already supports all current audio profiles and codecs. It is also future proof, enabling it to be integrated with other stacks like ofono. It's a solid base for any Bluetooth€® audio use case.

          Then, in April, Fedora 34 became the first Linux distribution to ship PipeWire as its default audio service. While PipeWire was there before as a video transport service to enable screen sharing on Wayland, the addition of the audio layer by default exposed all of PipeWire's incredible capabilities to a broader audience. This led to a significant number of improvements that were made to fix issues and improve the experience of several users.

          In the meantime, at Collabora, we have been tirelessly working on getting WirePlumber ready to become the default session manager for PipeWire. With the 0.4.0 release that came out in June, WirePlumber introduced all those needed elements to achieve this goal. First and foremost, its Lua scripting engine made it possible to write most of the session management logic in a relatively simple scripting language. With the scripting engine available, it became so much easier for us to then sync all the policy logic with pipewire-media-session in order to replace PulseAudio. It also allowed us to maintain the embedded policy that Automotive Grade Linux uses with much more ease.

        • LWNPipeWire: A year in review & a look ahead (Collabora blog)

          The Collabora blog looks at recent developments in the PipeWire media system and looks forward to what is yet to come

        • New ray-tracing benchmark software Relic of Life released for free — see system requirements - Gamepur

          It’s called Relic of Life, and it’s totally free to download. Windows 10/11, Ubuntu, and Linux Flatpak versions are available on Basemark’s website. Relic of Life is meant for any device that utilizes ray-tracing and meets the system requirements (listed at the bottom of this article), including mobile devices to consoles, but if you’re grabbing the free version, you’ll most likely be doing so to test your PC gaming rig. Note that the free version requires you to be connected online and will automatically share your scores on Basemark’s Powerboard page — that’s the tradeoff for getting it at no cost.

    • Instructionals/Technical

      • ID RootHow To Install Scrot on Ubuntu 20.04 LTS - idroot

        In this tutorial, we will show you how to install Scrot on Ubuntu 20.04 LTS. For those of you who didn’t know, Scrot is an excellent command-line utility that allows users to take snapshots of the whole screen or a particular window. It supports multiple image formats (JPG, PNG, GIF, etc).

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Scrot screenshot tool on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

      • Linux Made SimpleHow to install SuperTux on a Chromebook

        Today we are looking at how to install SuperTux on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

      • How to use Kubernetes and OpenStack together | Opensource.com

        In OpenStack's 2021 User Survey, the majority of respondents said they use Kubernetes as the container orchestration or Platform-as-a-Service (PaaS) tool to manage their OpenStack applications. Simply put, OpenStack and Kubernetes work together to benefit sysadmins, developers, and users alike.

        It's one thing to say that users rely on these two technologies, but I wanted to know how. I've found several typical use cases.

      • EGroupware administration tips to meet your collaboration needs | Opensource.com

        In my previous article, I explained how to install and set up EGroupware on your own server. It also introduced the modules and external applications of the open source groupware solution. This article shows you how to take care of an existing installation and manage backups.

      • ID RootHow To Install MySQL on CentOS 9 Stream - idroot

        In this tutorial, we will show you how to install MySQL on CentOS 9 Stream. For those of you who didn’t know, MySQL is an open-source free relational database management system (RDBMS) released under GNU (General Public License). MySQL is used for data warehousing, e-commerce, and logging applications, but its more commonly used feature is a web database storage and management.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the MySQL database on CentOS 9 Stream.

      • TechRepublicHow to install the OTRS community edition help desktop platform on Ubuntu Server 20.04 | TechRepublic

        Jack Wallen shows you how to use this open-source ticketing system that can be a challenge to install.

      • Convert records in columns to csv Using awk
      • VituxSnort – A Network Intrusion Detection System for Ubuntu – VITUX

        Snort is a well-known open-source network intrusion detection and prevention system (IDS). Snort is very useful to monitor the package sent and received through a network interface. You can specify the network interface to monitor the traffic flow. Snort works on the basis of signature-based detection. Snort uses different types of rulesets to detect network intrusions such as community. Registered and subscription rules. Correctly installed and configured Snort can be very useful in detecting different kinds of attacks and threats like SMB probes, malware infections, compromised systems, etc. In this article, we will learn how to install and configure Snort on an Ubuntu 20.04 system.

      • ID RootHow To Install Neovim on Ubuntu 20.04 LTS - idroot

        In this tutorial, we will show you how to install Neovim on Ubuntu 20.04 LTS. For those of you who didn’t know, Neovim is a highly customizable, Vim-based text editor for Linux, as well as other platforms such as Microsoft Windows, and macOS. It is a hyperextensible text editor and seeks to maximize usability and extensibility, simplify maintenance and encourage contributions.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Neovim open-source code editor on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

      • VideoRecovering Files from your PC (using Linux) - Invidious
      • OSNoteInstall and use Vagrant VM Automation Tool on Ubuntu 20.04 – OSNote

        Vagrant is one of the useful automation software. It is a command line tool that is used by developers to build and manage their preferred virtual machines. It grants the developers a developing environment that works on many operating systems.

        A hypervisor must be needed to provision virtual machines on top of it. In this article, we are going to install virtualbox to provide a hypervisor. We are going to install vagrant on Ubuntu 20.04 server.

      • HowTo ForgeHow to Install Puppet Server and Agent on Debian 11

        Puppet is a centralized configuration management and automation tool. DevOps creates configuration management to deploy servers and applications, and all configuration for automation is stored on the central "Puppet Server". After that "Agent" nodes will pull a new configuration from the "Puppet Server" and apply the state as defined.

        All connections between "Puppet Server" and "Agent" nodes are encrypted by default using SSL/TLS certificate. Puppet uses Domain Specific Language (DSL) to describe system configuration, and it's similar to Ruby syntax.

        In this guide, you will install and configure the Puppet server and agent on the Debian 11 Bullseye. You'll install the Puppet server on the server hostname 'puppet-server' and the Puppet agent on the server with the hostname 'agent'. In the end, you'll be creating the first puppet manifests for installing the basic LEMP stack on the 'agent' node.

      • HowTo ForgeHow to monitor Windows systems with Checkmk in a Docker container

        Using a monitoring tool gives you a great opportunity to increase the uptime and the reliability of your infrastructure. In fact, monitoring is essential for any organization. In my previous tutorial, I already mentioned the importance of monitoring and showed how to install Checkmk on a Linux server. Now, I am using a normal PC running on Windows 10 to run Checkmk in Docker and want to show you how you can run Checkmk on a normal computer. You do not need any monitoring or Linux experience. This tutorial is also suited for Windows users and gives you an easy introduction to the professional monitoring world.

      • Ubuntu HandbookInstall the Latest Sigil Ebook Editor in Ubuntu 20.04 | 22.04 via Flatpak | UbuntuHandbook

        This simple tutorial shows how to install the latest Sigil epub editor and keep it up-to-date in Ubuntu Linux via Flatpak package.

        Since Sigil package in Ubuntu repositories is always old and no PPA now maintains the most recent packages, the Flatpak now can be the only easy way to get the epub editor in Debian/Ubuntu based Linux.

    • Games

      • GamingOnLinuxAn update on installing Epic Games on Steam Deck, plus accessing the SD Card | GamingOnLinux

        This is a short update to my previous guide on installing the Epic Games store on the Steam Deck using Proton, plus how to enable access to an SD Card.

        My original guide was included in this article in a video, which has gone on to see a lot of people happy with it. It's now been used across PCGamer, Gamespot, CNET and no doubt others who decided to use it. CNET even ended up making their own video, which I had to poke them to actually credit me for — so that was fun (they now have).

      • VideoSteam Deck release notes now in the update menu! - Invidious
      • Godot EngineGodot Engine - Release candidate: Godot 3.4.4 RC 1

        Godot 3.4.3 was released less than 2 weeks ago, but a few significant regressions were found in that release, so we're fast-tracking the release of Godot 3.4.4 to solve those.

        This Release Candidate adds a handful of fixes, including several regression fixes. Please make sure to test it on your projects and to report any issue, so that we can release 3.4.4 stable in the coming days.

        Jump to the Downloads section.

        As usual, you can try it live with the online version of the Godot editor updated for this release.

      • Godot EngineGodot Engine - Dev snapshot: Godot 4.0 alpha 4

        We're continuing on our fortnightly release schedule for alpha snapshots of Godot 4.0 - this time with 4.0 alpha 4. See past alpha releases for details (alpha 1, alpha 2, alpha 3).

        Be aware that during the alpha stage the engine is still not feature-complete or stable. There will likely be breaking changes between this release and the first beta release. Only the beta will mark the so-called "feature freeze".

        As such, we do not recommend porting existing projects to this and other upcoming alpha releases unless you are prepared to do it again to fix future incompatibilities. However, if you can port some existing projects and demos to the new version, that may provide a lot of useful information about critical issues still left to fix.

        Most importantly: Make backups before opening any existing project in Godot 4.0 alpha builds. There is no easy way back once a project has been (partially) converted.

      • ScummVM has been accepted to the Google Summer of Code 2022

        This year our project once again was accepted to the Google Summer of Code program.

        In previous years, Google only allowed students to participate. This year, however, both students and non-students are welcome to join us and hack together. There are now two sets of tasks, for 175 hours and for 350 hours. Some of our tasks could be either of the two.

        ScummVM is looking for applicants! A list of suggested projects can be found on this page, but we’re open to your own ideas too. Please make sure you provide the required information in your application before submitting.

      • Boiling SteamAlready 1100 Games On The Steam Deck - Boiling Steam

        It’s been just a few days and we have (almost) reached 1100 games working on the Steam Deck – the real number if 1099 at the time of writing but give it a few hours and we will cross the 1100 mark for sure.

      • Boiling SteamNew Steam Games with Native Linux Clients - 2022-03-08 Edition - Boiling Steam

        Between 2022-03-01 and 2022-03-08 there were 29 New Steam games released with Native Linux clients. For reference, during the same time, there were 295 games released for Windows on Steam, so the Linux versions represent about 9.8 % of total released titles.

      • GamingOnLinuxBudgie 10.6 is out now and looking fresh | GamingOnLinux

        The Linux desktop Budgie 10.6 is out now, as the first release under the new Buddies Of Budgie organization and it's really looking good. This release brings a bunch of styling changes, as the team has been focusing a lot on the little things to make the experience smoother.

      • GamingOnLinuxFan game Sonic Robo Blast 2 gets a new tutorial, various improvements | GamingOnLinux

        Are you a Sonic fan and love checking out fan games? What about a 3D game made with the Doom Legacy port of Doom? Sonic Robo Blast 2 is a quality addition to the collection that's quite unique. It's not just another 2D platformer like the classics, instead attempts to be a full 3D recreation.

        You control movement with WASD and spacebar to jump, with camera being moved with either mouse or arrows. It's genuinely good and available free. As someone who grew up with Sonic, I appreciate this. Hopefully you will enjoy it too.

    • Desktop Environments/WMs

      • Linux MagazineWhat’s Old Is News Again €» Linux Magazine

        Tiling desktops are graphical environments in which windows open in a grid. They appeared early in Linux’s history and have always had a few followers, especially among developers. However, for the last two decades, tiling desktops were often ignored in the efforts to mimic Windows and macOS and to improve usability. However, in the last few years, tiling desktops have become more popular, most likely because modern computing power means that more users are working with more windows open. Today, users can choose from a variety of tiling desktops: Some have been around for years, and others are more recent.

        The idea behind tiling desktops is to reduce clutter on the desktop and make windows easier to find. By contrast, the standard or stacking desktop becomes less orderly with each open window. Most stacking desktops open windows in the upper left corner or some other default location. As users search through windows, the unwanted ones tend to be dragged aside, destroying what little order existed. In fact, the clutter is so great that many stacking desktops have a Show Desktop icon or widget. Others, like Ubuntu’s discarded Unity desktop, encourage users to open only one window at a time. Tiling desktops, on the other hand, arrange windows in a grid, making them easy to find. Should the windows become too numerous and too small for comfortable browsing, users can use virtual workspaces to add another grid. You can remove windows from the grid to increase their size and temporarily stack them on top of the grid. Another advantage of tiling desktops is that they can be easily navigated from the keyboard, although many also support a mouse.

      • GNOME Desktop/GTK

        • HowTo GeekWhat’s New in GNOME 42?

          GNOME 42, currently in beta, will be released on March 23, 2022. Fedora 36 and Ubuntu 22.04 will include this release of the popular Linux desktop environment. We spin it up and see what’s new.

          GNOME 40 brought a new workflow with horizontal theming and layouts. GNOME 41 built upon this new foundation by introducing the libadwaita shared library. This library provides the GNOME theming engine. It’s the software layer that gives GNOME the ability to use themes.

          The toolkit used to develop the GNOME desktop and native GNOME programs is called GTK. At one time it was an initialism that stood for GIMP ToolKit, but now the name is simply GTK. Well-behaved GTK applications that follow the GNOME human interface guidelines will reference libadwaita for stylesheets and other theme-centric information.

        • OMG UbuntuThe Best New Features in GNOME 42

          GNOME 42 is released in a few weeks. I figured I’d whet your appetite by serving up a tasty sneak peek at the new features and key changes the update is set to bring.

          And boy is there plenty to talk about!

          GNOME 40 set a new direction for the course of free software’s most widely used desktop environment, a direction that GNOME 42 very much follows.

          With the horizontal desktop layout now in place developers turned their attention to upgrading other parts of the desktop stack. GNOME 42 features a plethora of GTK4/libawaita app ports, intros a retooled screenshot experience, and makes several notable performance upticks.

        • OMG UbuntuYou Can Install GNOME's New Terminal and Text Editor Apps on Ubuntu 22.04 - OMG! Ubuntu!

          GNOME 42‘s new Console and Text Editor apps are available to install in Ubuntu 22.04 LTS.

          Don’t get too excited by that sentence, mind. Neither Console nor Text Editor have bagged themselves a spot on Ubuntu’s (increasingly engorged) .iso. But both tools are, along with a bevvy of other GTK4/libadwaita ports, available in the Ubuntu 22.04 repo.

          All you have to do to try them out is run sudo apt install gnome-console gnome-text-editor (or take the scenic route by way of the Ubuntu Software app) and you’re away.

          But are they actually any good?

          Well, yes — but you have to keep in mind they aren’t designed to be power-user replacements.

    • Distributions

      • IBM/Red Hat/Fedora

        • Raleigh News And ObserverRed Hat halting business operations in Russia, moves some employees out of Ukraine

          Red Hat, the Raleigh-based open-source software company, said Tuesday it is halting all sales and services to companies in Russia and Belarus — a response to the Russian invasion of Ukraine that has put Red Hat employees in harm’s way.

        • Update on our actions: War in Ukraine

          I've heard from many of you in response to last week's announcement regarding the war in Ukraine, and I appreciate your feedback. First, let me be very clear -- we have suspended all business in Russia. In addition, I want to give you an update on a few of the efforts underway to support our colleagues in the region. IBMers' support for Ukrainian refugees in neighboring countries is truly inspiring. For example, a newly developed and deployed IBMer Resource Finder Map connects Ukrainian IBMers and IBM contractors fleeing their country with IBM colleagues in the immediate CEE region who can offer assistance, including lodging, transportation, food and supplies, for them and their families. It is heartening to see that hundreds of CEE employees have already signed on as volunteers in less than 24 hours.

        • Red Hat Is Discontinuing Sales and Services In Russia and Belarus

          Red Hat, the Raleigh-based open-source software company, said Tuesday it is halting all sales and services to companies in Russia and Belarus -- a response to the Russian invasion of Ukraine that has put Red Hat employees in harm's way.

        • Red Hat moves out of Russia | ZDNet

          The wave of companies cutting ties to the Russian government and companies now includes two top Linux and open-source powers: Red Hat and SUSE.

          SUSE moved first. SUSE CEO Melissa Di Donato watched with deep despair at Russia's unwarranted invasion of Ukraine. On March 7th, Di Donato decided that SUSE would support humanitarian efforts to help refugees and victims of war. This is an especially challenging time for SUSE since many SUSE employees have Ukrainian family members.

          Now, SUSE is "evaluating all of our business relationships in Russia and has suspended all direct sales in Russia." SUSE is also "observing all economic sanctions" and ready to comply with any additional sanctions.

          In the meantime, in the States, Paul Cormier, Red Hat's president and CEO, went further. For Red Hat, with employees in both Ukraine and Russia, this wasn't easy.

        • Red Hat OfficialBulk Convert2RHEL with Red Hat Satellite 6.10

          In Red Hat Satellite 6.10, we introduced a new feature that enables the bulk conversion of multiple hosts to Red Hat Enterprise Linux (RHEL) using the Convert2RHEL utility. In this post, I will walk through the individual steps required to convert a CentOS Linux 7.9 host to Red Hat Enterprise Linux 7.9.

      • Debian Family

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • The Register UKDataStax updates K8ssandra to help Cassandra operate worldwide

        DataStax has released a new open-source Kubernetes operator for Cassandra, the wide-column store distributed database about to work across multiple clusters for the first time.

        K8ssandra is DataStax's open-source distribution of Apache Cassandra which is designed specifically for Kubernetes and supports stateful workloads. Released today, the update also supports multiple clusters.

        The idea, DataStax says, is to allow users to deploy Cassandra-based applications that require high availability on Kubernetes, across multiple regions.

      • CrowdSec: Why we support the OSI

        CrowdSec is a next-gen security tool. It’s open source and free. It locally blocks attacks based on both behavior and crowd-generated block lists, then calls on its community of sysadmins, devops & secops professionals to share back IPs detected as aggressive with other members of the CrowdSec community. It runs seamlessly on virtual machines, bare-metal servers, and containers, or it can be called directly from code via API. CrowdSec’s philosophy, culture and values mirror that of the Open Source Initiative, believing that if cybercriminals are collaborating to attack, then collaboration is also the best defense.

        [...]

        Having an open source approach brings us visibility, virality, new recruits, trust from our peers, and so much more. Scaling a network effect in cybersecurity with a tool like CrowdSec would just be impossible without open source. So for us, it’s natural to commit to giving back to the community, helping other projects, and supporting open source as broadly as we can.

        By sponsoring the OSI, we want to advance its mission to protect open source software, boost development, and build bridges among various open source communities so they can organize open source cooperation. There are so many projects that are created and maintained on goodwill and spare time by great professionals who often are not paid or even recognized for what they do. OSI is an organization that works to protect those projects and those collaborators. There are many companies out there benefitting from open source that don’t give back. At CrowdSec we know that because of our involvement with OSI, even if we fail as a company, our good work will live on.

      • Web Browsers

        • Mozilla

          • LWNFirefox 98 released [LWN.net]

            Version 98.0 of the Firefox browser is out. The big change this time is a new "optimized download flow" that is alleged to make the process of downloading files go much more smoothly. There are also some significant security fixes in this release.

          • LinuxiacFirefox 98 Arrives with a New Optimized Download Flow

            Mozilla releases Firefox 98, a new major version of the browser. The most notable change is the new optimized download flow.

            Firefox’s typical release period is four weeks (excluding urgent patch updates), which means a new version of Firefox is released every month. Following this release cycle, Firefox 98 is the third major browser update in 2022. Let’s cover some of the notable changes in this new version.

      • FSF

        • FSFFSF job opportunity: program manager

          The Free Software Foundation (FSF), a Massachusetts 501(c)(3) charity with a worldwide mission to protect computer user freedom, seeks a motivated and talented Boston-based individual to be our full-time program manager.

          Reporting to the executive director, the program manager co-leads our campaigns team. This position develops and promotes longer-term resources and advocacy programs related to increasing the use of free software and expanding and advancing the free software movement. The program manager plays a key role in external communications, fundraising, member engagement, and special events.

        • GNU Projects

      • Programming/Development

        • Update on GemView and Eva

          I've been working off and on mostly on squashing bugs and making these projects more robust. There were (and still are) a number of rough edges to smooth over. Things like making sure that the window and tab titles generally always match what is going on, giving the user more visual feedback about what is going on, and reporting errors. Ive added a spinner to the tab labels in Eva, which spins to indicate that a page is currently being loaded. No we set the title to "bookmarks" when viewing bookmark pages. And now when a page fails to load you get an error page instead, indicating the error.

        • Python

          • Program in Visual and Modular Blocks in Python

            PyFlow is an interactive Python development tool structured in open source graphs.

            With PyFlow you can create code blocks in which you can edit and run Python code, you can move and resize blocks in an infinite 2D plane. Just link the blocks to highlight dependencies, Pyflow will automatically run your blocks in the correct order.

        • Shell/Bash/Zsh/Ksh

        • Rust

          • The Rust Programming Language Blog: Security advisory for the regex crate (CVE-2022-24713)

            The Rust Security Response WG was notified that the regex crate did not properly limit the complexity of the regular expressions (regex) it parses. An attacker could use this security issue to perform a denial of service, by sending a specially crafted regex to a service accepting untrusted regexes. No known vulnerability is present when parsing untrusted input with trusted regexes.

            This issue has been assigned CVE-2022-24713. The severity of this vulnerability is "high" when the regex crate is used to parse untrusted regexes. Other uses of the regex crate are not affected by this vulnerability.

    • Standards/Consortia

      • Linux JournalSimple Network Management Protocol - Not As Simple As You Would Suggest | Linux Journal

        The Simple Network Management Protocol (SNMP) has been an integral part of monitoring network environments since its introduction in 1988. It has established itself as the de facto standard in network monitoring. Many manufacturers support the protocol and have implemented an SNMP agent on their network devices. These agents allow monitoring solutions to query various data, such as bandwidth, CPU load, network interfaces, etc., without installing an additional agent on network equipment.

        Especially with the increasing number of devices on a network, a simple and established method such as SNMP sounds like a great help to include components in monitoring quickly. Unfortunately, SNMP has a few flaws. The first part of this article will explain how SNMP works, while the second part will drill deeper into the issues with SNMP and how to deal with them.

        The protocol offers two methods to retrieve data from devices: polling and traps. With SNMP polling, a monitoring solution queries the data at user-specified time intervals from the SNMP agent. This active polling is used for status-based monitoring and is generally the recommended method. However, the disadvantage of SNMP polling is that the administrator does not notice if an event occurs between two queries, such as a brief change in the network interface status.



Recent Techrights' Posts

2025 Will be Fought and Fraught With LLM Slop or Fake 'Articles' (Former Media/News Sites Turning to Marketing Spam)
The elephant in the room?
Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
 
Microsoft Openwashing Stunts Initiative (OSI) is A Vulture in "Open" Clothing
it's quite telling that the OSI isn't protecting the Open Source Definition
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
Links 26/12/2024: Japan-China Mitigations and Mozambique Prison Escape (1,500 Prisoners)
Links for the day
Links 26/12/2024: Ukraine's Energy Supplies Bombed on Christmas Day, Energy Lines Cut/Disrupted in the Baltic Sea Again
Links for the day
Gemini Links 26/12/2024: Rot Economy, Self-hosted Tinylogs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 25, 2024
IRC logs for Wednesday, December 25, 2024
[Meme] Time to Also Investigate Bill Gaetz
Investigation overdue
IBM Has Almost Obliterated or Killed the Entire Fedora Community (Not IBM Staff)
Remaining Fedora insiders are well aware of this, but bringing this up (an "accusation" against IBM) might be a CoC violation
Links 25/12/2024: Fentanylware (TikTok) Scams and "Zelle Scams Lead to $870M Loss"
Links for the day
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day
Brittany Day Connects Windows Ransomware to "Linux" Using Microsoft LLMs (FUD Galore, Zero Effort, No Accountability)
FUD and misinformation made by Microsoft LLMs again?
Links 24/12/2024: Labour Strikes and TikTok Scrambling to Prop Up Radical Politicians That Would Protect TikTok
Links for the day
Where the Population is Controlled by Skinnerboxes Inside People's Pockets (or Purses)
A very small fraction of mobile users practise or exercise freedom/control over the skinnerbox
[Meme] Coin-Operated Publishers (Gaming the Message, Buying the Narrative)
Advertise (sponsor) to 'play'
Advertisers and Their Covert Impact on Publications' Output (or Writers' Topics of Choice, as Assigned or Approved by Editors)
It cannot be trivially denied that sponsorship in the form of "advertising" impacts where publishers go (or don't go, won't go)
Terrible Year for Microsoft Windows in Cyprus
down from 86% to 72% since January
[Meme] How to Kill Unions (Staff on Shoestring Budget Cannot Afford Lawyers)
What next for the EPO? "Gig economy"?
The EPO's Staff Union (SUEPO) Takes Legal Action to Rectify the Decrease in Wages (Lessening of Purchasing Power)
here is what the union published
Gemini Links 24/12/2024: Deedum Gemini Client Gets Colour Support, Advent of Code 2024
Links for the day
Microsoft Windows Slides to New Lows in Colombia
Now Windows is at an all-time low
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 23, 2024
IRC logs for Monday, December 23, 2024