I'm still annoyed/disappointed that #fwupd does not work properly when /boot is bind mounted and esp partition at /efi. Bugs opened and "fixed" for a long time, new changes to cleanup the uefi capsules override esp setting and now just having the "EspLocation" under "fwupd" to supposedly set it correctly and still does not work. Only solution keeps being to manually umount /boot and force a fwupdmgr refresh/update 😮💨😮💨
Pretty sure it worked for a few days sometime in the past.
the recent bug that was introduced on 0.5.0 where the inputs / microphones were not working when using a bluetooth headset should be fixed now... ? at least that's what it says 😅 🎉
There's a huge backdoor (#CVE -2024-3094) allowing remote SSH access (as far as I can tell at this moment) caused by a util called #xz affecting a ton of systems (#Linux and #macOS, well not really) and it's causing quite a huge panic. I honestly don't know much about it just yet, but just sharing some pieces to read about the huge vulnerability.
The person who had maliciously planted this vulnerability into xz-utils, Jia Tan, has made at least 750 contributions to the project over the past 2 years. They even have direct push access to the code repo, allowing them to have pushed commits with forged authors. Being "free" from this vulnerability is not as simple as reverting to a previous version due to just how much and how long they've contributed to the project, and people are rightfully suspicious that this person might have hidden other backdoors in xz.
Unlike most other vulnerabilities, it's a lot harder to pinpoint versions affected by this but the most likely case is most systems out there have xz installed on their system that are impacted - which at this moment, the info being thrown around is any version past 5.3.1, 5.4.6, or 5.6.0 (latest is 5.6.1).
[REFER to post update below, Arch is most likely not affected] Mine, on #ArchLinux is certainly affected lol (people kept saying it most likely only affects #Ubuntu and #Fedora based distros):
❯ xz --version
xz (XZ Utils) 5.6.0
liblzma 5.6.0
Libraries installed on my system requiring xz (i.e. just about everything lol):
:: removing xz breaks dependency 'xz' required by base
:: removing xz breaks dependency 'xz' required by bind
:: removing xz breaks dependency 'xz' required by ffmpeg
:: removing xz breaks dependency 'xz' required by ffmpeg4.4
:: removing xz breaks dependency 'xz' required by file
:: removing xz breaks dependency 'xz' required by fsarchiver
:: removing xz breaks dependency 'xz' required by gdb
:: removing xz breaks dependency 'xz' required by grub
:: removing xz breaks dependency 'xz' required by imagemagick
:: removing xz breaks dependency 'xz' required by imlib2
:: removing xz breaks dependency 'xz' required by kmod
:: removing xz breaks dependency 'xz' required by lib32-xz
:: removing xz breaks dependency 'xz' required by libarchive
:: removing xz breaks dependency 'xz' required by libelf
:: removing xz breaks dependency 'liblzma.so=5-64' required by libelf
:: removing xz breaks dependency 'xz' required by libtiff
:: removing xz breaks dependency 'xz' required by libunwind
:: removing xz breaks dependency 'xz' required by libxml2
:: removing xz breaks dependency 'xz' required by libxmlb
:: removing xz breaks dependency 'xz' required by libxslt
:: removing xz breaks dependency 'xz' required by ostree
:: removing xz breaks dependency 'liblzma.so=5-64' required by ostree
:: removing xz breaks dependency 'xz' required by raptor
:: removing xz breaks dependency 'xz' required by systemd
:: removing xz breaks dependency 'xz' required by systemd-libs
:: removing xz breaks dependency 'xz' required by wxwidgets-common
:: removing xz breaks dependency 'xz' required by zstd
Let go and let God, I say. Free for all SSH open house.
UPDATE:
Saw some reports informing that this vulnerability was only bundled in the release tarballs, not in the #Git source itself - hence, Arch Linux should be safe since Arch builds/installs packages directly from source.
The backdoor also appears to to only run when built by the Debian build system or as an RPM package.
I'm actually really enjoying #KDE after using if on #EndeavourOS for a few weeks now. There are some hidden power user things that help, that you don't notice until you start using it more.
The #ArchLinux environment isn't so bad either.. but then again, I haven't had to fix it yet.
Good to know that #qt6 intentionally broke the fontconfig fallback font configuration on #linux and having the separate "Symbols Nerd Font" installed instead of having to install a custom patched nerd font no longer works and #kde konsole doesn't show the nerd symbols anymore 🎉.
Does anyone know of easy ways to configure #Latex in #Emacs (on #Archlinux) ? I've compiled Emacs with the PGTK option if that helps.
Oh, and how do I export these Org docs to a PDF? Do I also require Latex packages for these, or is pandoc-bin enough? I don't want to bloat my system with too many packages, and so I'd love minimal solutions.