Spring | With the *Network>Connections* settings what does the 'Wi-Fi (shared)' option do? Is it an ad-hoc network with any connected devices or does it assume some separate interface is providing internet and sharing that? | 01:48 |
---|---|---|
dreamhawk | I've tried nvidia 525, 535 and 545 driver. And everytime i boot into wayland with my kubuntu 23.10, i get a blank screen with a solid underscore. I cant Alt+F6 to another terminal, i cant ctrl alt delete, i need to kill the power to the computer... | 05:50 |
IrcsomeBot | <Stefan> Niwahr? | 06:09 |
Spring | Seems to indeed just be an ad-hoc network | 07:26 |
=== alucardromero4 is now known as alucardromero | ||
tuxinator | Hi all | 08:28 |
tuxinator | other having big trouble with snap since some days/since some updates of Kubuntu? | 08:28 |
tuxinator | using 23.10 | 08:29 |
tuxinator | also all flatpaks fail with "bwrap: setting up uid map: Permission denied error: ldconfig failed, exit status 256" | 08:31 |
=== root is now known as Guest4358 | ||
=== TomTom_ is now known as TomTom | ||
=== ucz_ is now known as ucz__ | ||
ucz | okok | 10:21 |
ucz | okkokkokk | 10:21 |
ucz | koooooooooooo | 10:21 |
ucz | okkkkkkkkkkkkkkk | 10:21 |
ucz | okkkkkkkkkkkkkkkkkkkkkkkkkkkk | 10:21 |
=== kaj is now known as BluesKaj | ||
=== Lord_of_Life_ is now known as Lord_of_Life | ||
=== mfa is now known as mfa__ | ||
tuxinator | others also having big trouble with flatpaks and snaps since some days/since some updates of Kubuntu? | 11:46 |
tuxinator | using 23.10 | 11:46 |
IrcsomeBot | <mwr777> Can I use Kubuntu 24.04 dev now despite security breach of xz backdoor? Did they pull back the older version? Is it safe to use now? | 14:26 |
IrcsomeBot | <RikMills> Wait for the beta on 11th April. We are rebuilding a huge amount of packages to make sure that nothing even built in an environment where the bad xz was present (re @mwr777: Can I use Kubuntu 24.04 dev now despite security breach of xz backdoor? Did they pull back the older version? Is it safe to use now?) | 14:35 |
IrcsomeBot | <RikMills> This is a bit nuclear as nothing suggests that harm was done, but to be safe it is be done anyway | 14:36 |
IrcsomeBot | <mwr777> But did current vulnerability get patched or like downgraded? (re @RikMills: Wait for the beta on 11th April. We are rebuilding a huge amount of packages to make sure that nothing even built in an environment where the bad xz was present) | 16:16 |
IrcsomeBot | <mwr777> I'd be okay if they downgraded and start using. And finally upgrade on apr 11 with rebuild. | 16:23 |
IrcsomeBot | <mwr777> Install failed for 24.04. What can be done? : https://irc-attachments.kde.org/e2b44877/file_74205.jpg | 16:51 |
Elliria | Do we have reason for concern about the backdoor that was just found in xz? The xz-utils package is installed in my Kubuntu 22.04 LTS. | 19:04 |
bprompt | Elliria: last I checked, there was a fix issue already | 19:05 |
Elliria | So, we're good? | 19:05 |
Elliria | This just was announced on Friday. | 19:05 |
bprompt | lemme check with the bot | 19:06 |
bprompt | !xz | 19:06 |
bprompt | hmm nothing | 19:06 |
Elliria | It's the xz-utils package. | 19:07 |
bprompt | right | 19:07 |
bprompt | hmmm my connection is a bit spotty | 19:10 |
Elliria | Good news. It specifically targets versions 5.6.0 and 5.6.1 of xz-utils on systems using glibc, systemd, and patched OpenSSH. The version of xz-utils on Kubuntu 22.04 LTS is much lower than that. | 19:11 |
bprompt | hmmmm | 19:13 |
bprompt | Elliria: try going to https://xz.fail <---- the webpage does a quick heuristic test from what I've read | 19:18 |
Elliria | I don't go to unknown sites, but thanks. It targets a higher version of xz-utils than we use in this release, so we're good for now. Hopefully, by the time we update to that version, they will have sorted this out. | 19:20 |
bprompt | ohhh hehhe | 19:21 |
bprompt | Elliria: the website simply does quick checks on your system, if it detects the xz exploit, it doesn't install anything, installing requires permission anyhow | 19:22 |
bprompt | Elliria: https://github.com/amlweems/xzbot <----- is a project with a few fixes as well | 19:23 |
bprompt | Elliria: either way, it'll be just about 3 weeks when you'd be upgrading to 24.04 :) | 19:23 |
Elliria | Heh. I'm a pretty naughty girl and delay upgrading way longer than I should. | 19:26 |
Elliria | One of these days that will be my undoing. Heh. | 19:26 |
Elliria | Anyway, this is serious enough that I doubt they would delay that long to fix it. | 19:27 |
Elliria | It seems its official name is CVE-2024-3094. | 19:27 |
-ubottu:#kubuntu- Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used ... <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3094> | 19:27 | |
bprompt | Elliria: well, the bot agrees =) | 19:28 |
Elliria | Heh. | 19:28 |
Elliria | Did I trigger that by typing that name? | 19:28 |
Elliria | My system is currently using the 5.2.5-2ubuntu1 version. | 19:29 |
bprompt | right | 19:30 |
bprompt | as I said, the project at xzbot has a few fixed | 19:31 |
bprompt | fixes even | 19:31 |
Elliria | Ah, good. Now I can write back to my family member who alerted me to this and let him know that all is well here. | 19:31 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!