[GTALUG] why I like shared libraries -- no longer a popular position

[D. Hugh Redelmeier via talk]

A bug was found  (painfully -- a zero day) in Apple's Safari and 
(separately) in  Google's Chrome.  This is a pretty serious bug -- it was 
used to spy on an opposition politician in Egypt.

It is the same bug, and this was not reported.

It turns out that the bug is in libwebp.  "WebP codec is a library to 
encode and decode images in WebP format."

libwebp is used in a lot of programs.  On my Fedora 38 system, it is a 
shared library so it can be fixed in one update.  Except where the library 
is copied (for example, statically linked, or used in a container of some 
sort).

Electron is one thing that requires copies and the article lists a lot of 
applications built on Electron

What a mess.  What a mistake.
---
Post to this mailing list talk@gtalug.org
Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] looking for a general purpose boot media to keep in case of distasters

[James Knott via talk]

On 2023-09-20 13:50, bitmap wrote:
IME the bootable linux systems are typically read only. Sure you can 
install anything transiently. Once you connect to the internet, 
configure the repos, add keys, update the package lists, possibly run 
an update of the whole system, and idiosyncratic troubleshooting per 
distro/release/platform. Then you can install something, probably. 
But, if you reboot, it is all gone and you have to do it all over 
again. And when it comes to repairing the system there is a lot of 
rebooting.


I might try it if you are saying the open suse behaves in a different 
way than the others, but are you?


This one does what you want.  I just installed Wireshark on it and it 
survives a reboot.


https://download.opensuse.org/tumbleweed/iso/openSUSE-Tumbleweed-KDE-Live-x86_64-Snapshot20230920-Media.iso.mirrorlist
---
Post to this mailing list talk@gtalug.org
Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk