Looks like a number of patches are landing in Ubuntu to address this: https://bugs.launchpad.net/ubuntu/+source/cups/+bug/2082335
Update: CUPS Remote Code Execution Vulnerability Fix Available
This is a great summary. Thanks!
It looks like you are running XFCE instead of GNOME (the normal Ubuntu desktop). I’m not sure how that happened… but you an always just install another desktop.
For instance, you can try to make sure you have the ubuntu-desktop
or ubuntu-desktop-minimal
metapackage installed:
sudo apt install ubuntu-desktop-minimal
After that, the login manager should allow you to select the Ubuntu session rather than the XFCE one.
Yes, based on the diagrams on their blog, it looks like this only impacts Snaps.
From the Discourse Blog:
The Linux desktop provides XDG Desktop Portals as a standardised way for applications to access resources that are outside of the sandbox. Applications that have been updated to use XDG Desktop Portals will continue to use them. Prompting is not intended to replace XDG Desktop Portals but to complement them by providing the desktop an alternative way to ask the user for permission. Either when an application has not been updated to use XDG Desktop Portals, or when it makes access requests not covered by XDG Desktop Portals.
Since prompting works at the syscall level, it does not require an application’s awareness or cooperation to work and extends the set of applications that can be run inside of a sandbox, allowing for a safer desktop. It is designed to enable desktop applications to take full advantage of snap packaging that might otherwise require classic confinement.
So this looks like it complements and not replaces the XDG Desktop Portals, especially for applications that have not implemented the Portals. It allows you to still run those applications in confinement while providing some more granular access controls.
I used to use VLC for music, but these days I use Symphony to play local files on my phone. VLC tended to struggle when scanning or indexing large folders (which it did all the time…), while Symphony is a bit better at that. That said, I still use VLC for video and for casting things from my DLNA server (VLC supports Chromecast).
For ebooks, I’ve used Librera FD and that has been mostly OK. I’ll checkout the two you mentioned though. Thanks!
I think you meant Pop!_OS (is developed by System76). TuxedoOS is developed by Tuxedo Computers, which is a European Linux focused hardware company.
That said, the point stands… there are hardware companies making Linux supported devices.
I’ve been using Weechat-Android to connect to my self-hosted Weechat for over a decade. This is one of the killer mobile apps that keeps me on Android and I love it.
I also have a couple instances of thelounge that people use on mobile via the PWA (progressive web app).
I think the WINE project was maintaining a fork of Mono that was used to support running certain Windows applications:
So in addition to translating traditional WIN32 system calls, WINE also supports .NET applications, which a number of Windows programs require.
Coincidentally, I received a firmware (EFI) update from Dell today via LVFS. Really nice that it works so smoothly on native Linux (no more manually downloading firmware to USB drives, or relying on Windows).
The reasons for this shift in budget away from funding Free Software and the NGI initiative seems to be an allocation of more funds for AI, leaving internet infrastructure by the wayside. Meanwhile, the EC has thus far declined to comment to share its official reasoning for striking this funding from its budget.
Sigh. It appears that they are chasing after the latest “shiny” thing instead of investing in existing infrastructure. Not surprising, but disappointing.
Pretty happy that we opted out of the Slack AI “feature” at work.
+1 For xournal++. That is what I usually use for annotating slides and drawing with my wacom tablet.
Maybe. It is true that people who would have cheated in the past are now just using AI in addition to the previous means. But from my experience teaching, the number of students cheating is also increasing because of how prevalent AI has become and how easy it is to use it.
AI has made cheating more frictionless, which means that a student who might not have say used Chegg (requires some effort) or copied a friend (requires social interaction) in the past, can now just open a textbox and get a solution without much effort. LLMs have made cheating much easier, quicker, and safer (people regularly get caught using Chegg or copying other people, AI cheating can be much harder to detect). It is a huge temptation where the [short-term] benefits can greatly dwarf the risks.
Based on what I can tell (I don’t usually use Windows), a patch was released on August 13th. As long as you are current with your Windows Updates, this shouldn’t be an issue.
I’m a masochist, so I usually do “New”. Lemmy is small enough that I can usually get through most of the new posts in a reasonable amount of time.
That said, if I want to a bit chiller experience, I will use “Scaled” which sometimes bubbles up something I might have missed.
Finally, I will use “Active” if I’m really bored and what to see what most people are engaged with… but that is pretty rare.
I currently use Ubuntu for all my machines (desktops, laptops, and servers), but I used to use Void Linux on my machines for about 6 years, including on a couple of VPSes. Since you are familiar with Void Linux, you could stick with that and just use Docker/Podman for the individual services such as Matrix, Mastodon, etc.
In regards to Debian, while the packages are somewhat frozen, they do get security updates and backports by the Debian security team:
https://www.debian.org/security/
There is even a LTS version of Debian that will continue backporting security updates:
Good luck!
Not a bad list. Off the top of my head, I would say it is missing two things:
The “Introduction to Operating Systems” link no longer works (redirects to “Autonomous Systems” courses). Instead, I would recommend using Operating Systems: Three Easy Pieces, which is the textbook I use in my OS course.
Finally, something like The Missing Semester of Your CS Education would also be a nice extra.
I think the “Ubuntu Core 22” means it is the snap based version of Steam rather than the deb version.
If you look at the snapcraft.yaml for the Steam snap, it uses
core22
as its base.