Podcasts by Ubuntu Security Podcast
A weekly podcast talking about the latest developments and updates from the Ubuntu Security team, including a summary of the security vulnerabilities and fixes from the last week as well as a discussion on some of the goings on in the wider Ubuntu Security community.
Further podcasts by Ubuntu Security Team
Podcast on the topic Technologie
All episodes
Episode 215 from 2023-12-08T16:42
Mark Esler is our special guest on the podcast this week to discuss the OpenSSF's Compiler Options Hardening Guide for C/C++plus we cover vulnerabilities and updates for GIMP, FreeRDP, GStreame...
ListenEpisode 214 from 2023-12-01T18:51
This week we take a deep dive into the Reptar vuln in Intel processors plus we look into some relic vulnerabilities in Squid and OpenZFS and finally we detailnew hardening measures in tracker-min...
ListenEpisode 213 from 2023-11-17T16:59
As we ease back into regular programming, we cover the various activities the team got up to over the past few weeks whilst away in Riga for the Ubuntu Summitand Ubuntu Engineering Sprint.
ListenEpisode 212 from 2023-10-27T17:17
With the Ubuntu Summit just around the corner, we preview a couple talks by the Ubuntu Security team, plus we look at security updates for OpenSSL, Sofia-SIP,AOM, ncurses, the Linux kernel and more.
ListenEpisode 211 from 2023-10-20T17:14
After a well-deserved break, we're back looking at the recent Ubuntu 23.10 release and the significant security technologies it introduces along with acall for testing of unprivileged user namesp...
ListenEpisode 210 from 2023-09-22T12:39
It's the Linux Security Summit in Bilbao this week and we bring you some highlights from our favourite talks, plus we cover the 25 most stubborn softwareweaknesses, and we look at security update...
ListenEpisode 209 from 2023-09-15T22:12
Andrei is back this week with a deep dive into recent research around CVSSscoring inconsistencies, plus we look at a recent Ubuntu blog post on the internals of package updates and the repositori...
ListenEpisode 208 from 2023-09-08T23:18
This week we detail the recently announced and long-awaited feature of TPM-backed full-disk encryption for the upcoming Ubuntu 23.10 release, plus wecover security updates for elfutils, GitPython...
ListenEpisode 207 from 2023-09-01T23:16
This week we cover reports of"fake"CVEs and their impact on the FOSS security ecosystem, plus we look at security updates for PHP, Fast DDS, JOSE for C/C++, the Linux kernel, AMD Microcode and ...
ListenEpisode 206 from 2023-08-25T18:47
This week we talk about HTTP Content-Length handling, intricacies of group management in container environments and making sure you check your return codeswhile covering vulns in HAProxy, Podman,...
ListenEpisode 205 from 2023-08-18T18:29
We're back after unexpectedly going AWOL last week to bring you the latest in Ubuntu Security including the recently announced Downfall and GameOver(lay)vulnerabilities, plus we look at security ...
ListenEpisode 204 from 2023-08-04T18:38
This week we look at the recent Zenbleed vulnerability affecting some AMD processors, plus we cover security updates for the Linux kernel, a highprofile OpenSSH vulnerability and finally Andrei i...
ListenEpisode 203 from 2023-07-21T21:00
This week we talk about the dual use purposes of eBPF - both for security and for exploitation, and how you can keep your systems safe, plus we cover securityupdates for the Linux kernel, Ruby, S...
ListenEpisode 202 from 2023-07-07T16:41
We take a sneak peek at the upcoming AppArmor 4.0 release, plus we cover vulnerabilities in AccountsService, the Linux Kernel, ReportLab, GNU Screen,containerd and more.
ListenEpisode 201 from 2023-06-30T14:49
This week we look at the top 25 most dangerous vulnerability types, as well as the announcement of the program for LSS EU, and we cover security updates forBind, the Linux kernel, CUPS, etcd and ...
ListenEpisode 200 from 2023-06-23T18:47
For our 200th episode, we discuss the impact of Red Hat's decision to stop publicly releasing the RHEL source code, plus we cover security updates forlibX11, GNU SASL, QEMU, VLC, pngcheck, the Li...
ListenEpisode 199 from 2023-06-16T18:47
For our 199th episode Andrei looks at Fuzzing Configurations of Program Options plus we discuss Google's findings on the `io_uring` kernel subsystem and we look at vulnerability fixes for Netat...
ListenEpisode 198 from 2023-06-09T17:12
This week we investigate the mystery of failing GPG signatures for the 16.04 ISO images, plus we look at security updates for CUPS, Avahi, the Linux kernel, FRR,Go and more.
ListenEpisode 197 from 2023-06-02T21:20
The venerable Ubuntu 18.04 LTS release has transitioned into ESM, plus we look at Till Kamppeter's excellent guide on how to set up your GitHub projects to receive private vulnerability reports...
ListenEpisode 196 from 2023-05-26T17:24
This week we look at some recent security developments from PyPI, the Linux Security Summit North America and the pending transition of Ubuntu 18.04 to ESM,plus we cover security updates for cups...
ListenEpisode 195 from 2023-05-19T09:39
Alex and Camila discuss security update management strategies after a recent outage at Datadog was attributed to a security update for systemd on Ubuntu,plus we look at security vulnerabilities i...
ListenEpisode 194 from 2023-05-11T22:13
The team are back from Prague and bring with them a new segment, drilling into recent academic research in the cybersecurity space - for this inaugural segmentnew team member Andrei looks at mode...
ListenEpisode 193 from 2023-04-13T23:12
The release of Ubuntu 23.04 Lunar Lobster is nigh so we take a look at some of the things the security team has been doing along the way, plus it's our 6000th USN so we look back at the last 19...
ListenEpisode 192 from 2023-03-31T23:25
Ubuntu gets pwned at Pwn2Own 2023, plus we cover security updates for vulns in GitPython, object-path, amanda, url-parse and the Linux kernel - and we mentionthe recording of Alex's Everything Op...
ListenEpisode 191 from 2023-03-24T13:51
This week saw the unexpected release of Ubuntu 20.04.6 so we go into the detail behind that, plus we talk Everything Open and we cover security updatesincluding Emacs, LibreCAD, Python, vim and m...
ListenEpisode 190 from 2023-03-10T19:30
The Ubuntu Security Podcast is on a two week break to focus on [Everything Open 2023](https://2023.everythingopen.au/) in Melbourne next week - come hear Alex talk about [Securing a distribution ...
ListenEpisode 189 from 2023-03-03T22:22
This week we dive into the BlackLotus UEFI bootkit teardown and find out how this malware has some roots in the FOSS ecosystem, plus we look at securityupdates for the Linux kernel, DCMTK, ZoneMi...
ListenEpisode 188 from 2023-02-24T21:27
This week the common theme is vulnerabilities in setuid-root binaries and their use of environment variables, so we take a look at a great blog post from theTrail of Bits team about one such exam...
ListenEpisode 187 from 2023-02-17T21:44
After the announcement of Ubuntu Pro GA last week, we take the time to dispel some myths around all things Ubuntu Pro, esm-apps and apt etc, plus Camila sitsdown with Mark and David to discuss th...
ListenEpisode 186 from 2023-02-10T14:14
The Ubuntu Security Podcast is back for 2023! We ease into the year with coverage of the recently announced launch of Ubuntu Pro as GA, plus we look atsome recent vulns in git, sudo, OpenSSL and ...
ListenEpisode 185 from 2022-12-16T17:11
For our final episode of 2022, Camila is back with a special holiday themed discussion of the security of open source code, plus we hint at what is in storefor the podcast for 2023 and we cover s...
ListenEpisode 184 from 2022-12-09T16:24
This week we cover Mark Esler's keynote address from UbuCon Asia 2022 on Improving FOSS Security, plus we look at security vulnerabilities and updatesfor snapd, the Linux kernel, ca-certificates ...
ListenEpisode 183 from 2022-12-02T17:48
This week we look at a recent report from Elastic Security Labs on the global Linux threat landscape, plus we look at a few of the security vulnerabilitiespatched by the team in the past 7 days.
ListenEpisode 182 from 2022-11-25T22:22
After a longer-than-expected break, the Ubuntu Security Podcast is back, covering some highlights of the various security items planned during the 23.04development cycle, our entrance into the fe...
ListenEpisode 181 from 2022-10-21T14:45
It's the release of Ubuntu 22.10 Kinetic Kudu, and we give you all the details on what's new and improved, with a particular focus on the security features, plus we cover a high priority vulner...
ListenEpisode 180 from 2022-10-14T16:30
Ubuntu Pro beta is announced and we cover all the details with Lech Sandecki and Eduardo Barretto, plus we cover security updates for DHCP, kitty, Thunderbird,LibreOffice, the Linux kernel, .NET ...
ListenEpisode 179 from 2022-09-30T15:41
Finer grained control for unprivileged user namespaces is on the horizon for Ubuntu 22.10, plus we cover security updates for PCRE, etcd, OAuthLib, SoS,Squid and more.
ListenEpisode 178 from 2022-09-23T15:36
You can't test your way out of security vulnerabilities (at least when writing your code in C), plus we cover security updates for Intel Microcode, vim,Wayland, the Linux kernel, SQLite and more.
ListenEpisode 177 from 2022-09-16T16:18
Alex talks with special guests Nishit Majithia and Matthew Ruffell about a recent systemd regression on Ubuntu 18.04 LTS plus we cover security updates forDnsmasq, the Linux kernel, poppler, .NET...
ListenEpisode 176 from 2022-09-09T14:20
On this week's episode we dive into the Shikitega Linux malware report from AT&T Alien Labs, plus we cover security updates for the Linux kernel, curl andZstandard as well as some open positi...
ListenEpisode 175 from 2022-09-02T22:24
An increased rate of CVEs in curl is a good thing, and we'll tell you why, plus we cover security updates for the Linux kernel, Firefox, Schroot, systemd andmore.
ListenEpisode 174 from 2022-08-26T16:25
This week we cover the debate around the decision in Ubuntu 22.10 to disable presenting platform security assessments to end users via GNOME, plus we look atsecurity updates for zlib, PostgreSQL,...
ListenEpisode 173 from 2022-08-19T17:51
This week we take a look at the recent announcement of .NET 6 for Ubuntu 22.04 LTS, plus we cover security updates for the Linux kernel, Booth,WebKitGTK, Unbound and more.
ListenEpisode 172 from 2022-08-12T17:31
Finally, Ubuntu 22.04.1 LTS is released and we look at how best to upgrade, plus we cover security updates for NVIDIA graphics drivers, OpenJDK,Django, libxml, the Linux kernel and more.
ListenEpisode 171 from 2022-08-05T22:18
This week we dig into what community sponsored security updates are all about, plus Ubuntu 22.04.1 LTS gets delayed by a week and we cover securityupdates for MySQL, the Linux kernel, Samba, Net-...
ListenEpisode 170 from 2022-07-29T14:36
This week we're diving down into the depths of binary exploitation and analysis, looking at a number of recent vulnerability and malwareteardowns, plus we cover security updates for FreeType, PHP...
ListenEpisode 169 from 2022-07-22T23:17
It's the 22.10 mid-cycle roadmap sprint at Canonical this week plus we look at security updates for Git, the Linux kernel, Vim, Python, PyJWT and more.
ListenEpisode 168 from 2022-07-15T15:33
This week we rocket back into your podcast feed with a look at the OrBit Linux malware teardown from Intezer, plus we cover security updates forcloud-init, Vim, the Linux kernel, GnuPG, Dovecot a...
ListenEpisode 167 from 2022-07-11T16:42
This week we bring you part 3 of Camila's cybersecurity buzzwords series - looking at blockchain, zero trust and quantum / post-quantum security.
ListenEpisode 166 from 2022-07-02T13:43
From the deep-web to encryption we decode more cybersecurity buzzwords, plus we cover security updates for Squid, Vim, the Linux kernel, curl andmore.
ListenEpisode 165 from 2022-06-24T16:02
This week Camila dives into the details on some of the most prolific buzzwords flying around the cybersecurity community, plus we cover securityupdates for BlueZ, the Linux kernel, Intel Microcod...
ListenEpisode 164 from 2022-06-17T19:17
More Intel CPU issues, including Hertzbleed and MMIO stale data, plus we cover security vulnerabilities and updates for ca-certificates, VarnishCache, FFmpeg, Firefox, PHP and more.
ListenEpisode 163 from 2022-06-10T15:40
This week we dig into some of the details of another recent Linux malware sample called Symbiote, plus we cover security updates for the Linuxkernel, vim, FreeRDP, NTFS-3G and more.
ListenEpisode 162 from 2022-06-03T16:50
This week we cover security updates for dpkg, logrotate, GnuPG, CUPS, InfluxDB and more, plus we take a quick look at some open positions on theteam - come join us!
ListenEpisode 161 from 2022-05-27T14:54
This week we take a look into BPFDoor, a newsworthy backdoor piece of malware which has been targeting Linux machines, plus we cover securityupdates for Bind, Vim, Firefox, PostgreSQL and more.
ListenEpisode 160 from 2022-05-20T17:36
Ubuntu get's pwned again at Pwn2Own Vancouver 2022, plus we look at security updates for the Linux kernel, RSyslog, ClamAV, Apport and more.
ListenEpisode 159 from 2022-05-15T17:31
This week we bring you part 2 of our look at the new Ubuntu 22.04 LTS release and what's in it for security, plus we cover security updates forDPDK, OpenSSL, Cron, RSyslog, Curl and more.
ListenEpisode 158 from 2022-05-06T16:46
Microsoft's Nimbuspwn sets the Linux security media ablaze but where there's smoke there's not always fire, plus we bring you the first part of a 2 part series looking at some of the security f...
ListenEpisode 157 from 2022-04-22T11:33
Ubuntu 22.04 LTS (Jammy Jellyfish) is officially released 🎉and so this week we take a quick look at the new features and enhancements, with aparticular focus on security, plus we cover security ...
ListenEpisode 156 from 2022-04-08T15:52
This week we bring you the TL;DL (too-long, didn't listen 😉) version of Camila's recent 4-part Ubuntu hardening series, plus we look at security updates for Twisted, rsync, the Linux kernel, D...
ListenEpisode 155 from 2022-04-01T15:36
It's an off-by-one error in the podcast this week as we bring you part 4 of Camila's 3-part Ubuntu hardening series, plus we look at security updates for Thunderbird, OpenVPN, Python, Paramiko ...
ListenEpisode 154 from 2022-03-25T15:56
It's PIE🥧for everyone this week as Python finally becomes a position independent executable for Ubuntu 22.04, plus Camila brings you the thirdpart in her Ubuntu server hardening guide and we cov...
ListenEpisode 153 from 2022-03-18T13:35
This week we bring you part 2 of Camila's guide on Ubuntu server hardening, plus we cover vulnerabilities and updates in Expat, Firefox, OpenSSL,LibreOffice and more.
ListenEpisode 152 from 2022-03-11T14:19
It's a big week for kernel security vulnerabilities - we cover Dirty Pipe and fixes for the latest microarchitectural side channel issues, plus webring you the first in a 3 part series on hardeni...
ListenEpisode 151 from 2022-03-04T15:31
This week we do the usual round-up of security vulnerability fixes for the various Ubuntu releases, plus we discuss enabling PIE for Python andpreview some upcoming content on Ubuntu system harde...
ListenEpisode 150 from 2022-02-25T14:40
Ubuntu 20.04.4 LTS is released, plus we talk about Google Project Zero's metrics report as well as security updates for the Linux kernel, expat,c3p0, Cyrus SASL and more.
ListenEpisode 149 from 2022-02-18T16:51
This week Qualys dominate the week in security updates, disclosing details of 4 different SUID-root vulnerabilities, including Oh Snap! More Lemmings(Local Privilege Escalation in snap-confine), ...
ListenEpisode 148 from 2022-02-11T14:28
It's main vs universe as we take a deep dive into the Ubuntu archive and look at these components plus what goes into each and how the security teamgoes about reviewing software destined for main...
ListenEpisode 147 from 2022-02-04T16:33
We're back after a few weeks off to cover the launch of the Ubuntu Security Guide for DISA-STIG, plus we detail the latest vulnerabilities and updatesfor lxml, PolicyKit, the Linux Kernel, system...
ListenEpisode 146 from 2022-01-14T17:54
Ubuntu 21.04 goes EOL soon, plus we cover security updates for Django, the Linux kernel, Apache httpd2+Log4j2, Ghostscript and more.
ListenEpisode 145 from 2022-01-06T16:09
The Ubuntu Security Podcast is back for 2022 and we're starting off the year with a bang💥! This week we bring you a special interview with Kees Cook of Google and the Linux Kernel Self Protect...
ListenEpisode 144 from 2021-12-31T11:00
Happy holidays! This week we bring you the second part of a special two-part holiday themed feature by Camila from the Ubuntu Security teamdiscussing how best to protect yourself and your systems...
ListenEpisode 143 from 2021-12-25T09:40
Happy holidays! This week we bring you the first part of a special two-part holiday themed feature by Camila from the Ubuntu Security team discussingthe top cyber threats faced during the holidays.
ListenEpisode 142 from 2021-12-16T17:23
Just in time for the holidays, Log4Shell comes along to wreck everyone's weekend - so we take a deep dive into the vulnerability that has set theinternet on fire, plus we cover security updates f...
ListenEpisode 141 from 2021-12-10T16:27
A preview of some things to come for the Ubuntu Security Podcast plus we cover security updates for Samba, uriparser, libmodbus, MariaDB, Mailmanand more.
ListenEpisode 140 from 2021-12-03T11:57
A gnarly old bug in NSS is unearthed, plus we cover security updates for ICU, the Linux kernel and ImageMagick as well.
ListenEpisode 139 from 2021-11-26T15:19
This week we put out a call for testing and feedback on proposed Samba updates for Ubuntu 18.04 LTS plus we look at security updates for Mailman,Thunderbird, LibreOffice, BlueZ and more.
ListenEpisode 138 from 2021-11-19T14:21
This week we discuss some of the challenges and trade-offs encountered when providing security support for ageing software, plus we discuss securityupdates for the Linux kernel, Firejail, Samba, ...
ListenEpisode 137 from 2021-11-12T14:48
This week we look at some details of the 29 unique CVEs addressed across the supported Ubuntu releases in the past 7 days and more.
ListenEpisode 136 from 2021-11-05T15:22
The road to Ubuntu 22.04 LTS begins so we look at some of its planned features plus we cover security updates for the Linux kernel, Mailman,Apport, PHP, Bind and more.
ListenEpisode 135 from 2021-10-22T14:51
Ubuntu 20.04 LTS targeted at Tianfu Cup 2021 plus we cover security updates for Linux kernel, nginx, Ardour and strongSwan.
ListenEpisode 134 from 2021-10-15T14:47
It's release week! As Ubuntu 21.10 Impish Indri is released we take a look at some of the new security features it brings, plus we cover security updates for containerd, MongoDB, Mercurial, docker....
ListenEpisode 133 from 2021-10-01T15:10
This week we look at a Wifi lookalike attack dubbed"SSID stripping"plus updates for ca-certificates, EDK II, Apache, the Linux kernel and even vim!
ListenEpisode 132 from 2021-09-24T15:05
Extended Security Maintenance gets an extension, Linux disk encryption and authentication goes under the microscope and we cover security updates forlibgcrypt, the Linux kernel, Python, and more.
ListenEpisode 131 from 2021-09-17T13:55
OWASP Top 10 gets updated for 2021 and we look at security vulnerabilities in the Linux kernel, Ghostscript, Git, curl and more.
ListenEpisode 130 from 2021-09-10T14:21
This week we discuss compiler warnings as build errors in the Linux kernel, plus we look at security updates for HAProxy, GNU cpio, PySAML2,mod-auth-mellon and more.
ListenEpisode 129 from 2021-09-03T14:23
This week we look at a malware campaign associated with the popular Krita painting application, plus we cover security updates for MongoDB, libssh,Squashfs-Tools, Thunderbird and more.
ListenEpisode 128 from 2021-08-27T12:23
This week we dive into Trend Micro's recent Linux Threat Report and the release of Ubuntu 20.04.3 LTS, plus we detail security updates forInetutils telnetd, the Linux kernel and OpenSSL.
ListenEpisode 127 from 2021-08-20T12:47
This week we look at security updates for Firefox, PostgreSQL, MariaDB, HAProxy, the Linux kernel and more, plus we cover some current openings onthe team - come join us ☺
ListenEpisode 126 from 2021-08-13T15:04
This week Ubuntu 20.04 LTS was FIPS 140-2 certified plus the AppArmor project made some point releases, and we released security updates forDocker, Perl, c-ares, GPSd and more.
ListenEpisode 125 from 2021-08-06T16:02
This week we discuss new kernel memory hardening and security development proposals from Ubuntu Security Alumnus Kees Cook, plus we look at detailsof security updates for WebKitGTK, libsndfile, G...
ListenEpisode 124 from 2021-07-30T14:46
It's another week when too many security updates are never enough as we cover 240 CVE fixes across Avahi, QEMU, the Linux kernel, containerd,binutils and more, plus the Ubuntu 20.10 Groovy Gorill...
ListenEpisode 123 from 2021-07-09T13:48
Is npm audit more harm than good? Plus this week we look at security updates for DjVuLibre, libuv, PHP and more.
ListenEpisode 122 from 2021-07-02T16:14
This week we look at some new Linux kernel security features including the Landlock LSM and Core Scheduling plus we cover security updates forRabbitMQ, Ceph, Thunderbird and more.
ListenEpisode 121 from 2021-06-25T12:36
Ubuntu One opens up two-factor authentication for all, plus we cover security updates for Nettle, libxml2, GRUB2, the Linux kernel and more.
ListenEpisode 120 from 2021-06-18T16:21
In this week's episode we look at how to get media coverage for your shiny new vulnerability, plus we cover security updates for ExifTool,ImageMagick, BlueZ and more.
ListenEpisode 119 from 2021-06-11T10:53
This week we cover security updates for the Linux kernel, PolicyKit, Intel Microcode and more, plus we look at a report of an apparent malicious snapin the Snap Store and some of the mechanics be...
ListenEpisode 118 from 2021-06-04T15:04
This week we look at DMCA notices sent against Ubuntu ISOs plus security updates for nginx, DHCP, Lasso, Django, Dnsmasq and more.
ListenEpisode 117 from 2021-05-28T17:21
This week we're talking about moving IRC networks plus security updates for Pillow, Babel, Apport, X11 and more.
ListenEpisode 116 from 2021-05-21T13:41
With 60 CVEs fixed across MySQL, Django, Please and the Linux kernel this week we take a look at some of these details, plus look at the recentannouncement of 1Password for Linux and some open po...
ListenEpisode 115 from 2021-05-14T14:49
This week we look at some details of the 90 unique CVEs addressed across the supported Ubuntu releases and more.
ListenEpisode 114 from 2021-05-07T00:03
This week we look at the response from the Linux Technical Advisory Board to the UMN Linux kernel incident, plus we cover the 21Nails Eximvulnerabilities as well as updates for Bind, Samba, OpenV...
ListenEpisode 113 from 2021-04-30T14:33
With 21 CVEs fixed this week we look at updates for Dnsmasq, Firefox, OpenJDK and more, plus we discuss the recent release of Ubuntu 21.04 andmalicious commits in the upstream Linux kernel.
ListenEpisode 112 from 2021-04-16T17:18
This week we look at a reboot of the DWF project, Rust in the Linux kernel, an Ubuntu security webinar plus some details of the 45 CVEs addressedacross the Ubuntu releases this last week and more.
ListenEpisode 111 from 2021-04-08T12:04
This week we look at how Ubuntu is faring at Pwn2Own 2021 (which still has 1 day and 2 more attempts at pwning Ubuntu 20.10 to go) plus we look atsecurity updates for SpamAssassin, the Linux kern...
ListenEpisode 110 from 2021-04-01T11:38
This week we look at 2 years of 14.04 ESM, a kernel Livepatch issue, DNS-over-HTTPS for Google Chrome plus security updates for ldb, OpenSSL,Squid, curl and more.
ListenEpisode 109 from 2021-03-26T21:38
This week we look at security updates for containerd, Ruby, the Linux kernel, Pygments and more, plus we cover some open positions within theteam as well.
ListenEpisode 108 from 2021-03-19T11:19
This week we start preparing for 16.04 LTS to transition to Extended Security Maintenance, plus we look at security updates for OpenSSH, Python,the Linux kernel and more, as well as some currentl...
ListenEpisode 107 from 2021-03-12T15:49
This week we check on the status of the pending GRUB2 Secure Boot updates and detail some open positions within the team, plus we look at securityupdates for GLib, zstd, Go, Git and more.
ListenEpisode 106 from 2021-03-04T15:38
This week we talk about more BootHole-like vulnerabilities in GRUB2, a Spectre exploit found in-the-wild, security updates for xterm, screen,Python, wpa_supplicant and more.
ListenEpisode 105 from 2021-02-25T15:38
This week we discuss security updates in Linux Mint, Google funding Linux kernel security development and details for security updates in BIND,OpenSSL, Jackson, OpenLDAP and more.
ListenEpisode 104 from 2021-02-19T22:44
This week we take a look at a long-awaited update of Thunderbird in Ubuntu 20.04LTS, plus security updates for Open vSwitch, JUnit 4, PostSRSd, GNOMEAutoar and more.
ListenEpisode 103 from 2021-02-12T14:07
This week we take a deep dive look at 2 recent vulnerabilities in the popular application containerisation frameworks, snapd and flatpak, plus wecover security updates for MiniDLNA, PHP-PEAR, the...
ListenEpisode 102 from 2021-02-05T13:31
This week we discuss the recent high profile vulnerability found in libcrypt 1.9.0, plus we look at updates for the Linux kernel, XStream,Django, Apport and more.
ListenEpisode 101 from 2021-01-28T19:42
In the first episode for 2021 we bring back Joe McManus to discuss the SolarWinds hack plus we look at vulnerabilities in sudo, NVIDIA graphicsdrivers and mutt. We also cover some open positions ...
ListenEpisode 100 from 2020-12-11T17:26
For the last episode of 2020, we look back at the most"popular"packages on this podcast for this year as well as the biggest vulnerabilities from 2020, plus a BootHole presentation at Ubuntu Mast...
ListenEpisode 99 from 2020-12-04T13:45
This week we look at security updates for Mutt, Thunderbird, Poppler, QEMU, containerd, Linux kernel& more, plus we discuss the 2020 State of the Octoverse Security Report from Github, Laun...
ListenEpisode 98 from 2020-11-27T14:38
This week we look at updates for c-ares, PulseAudio, phpMyAdmin and more, plus we cover security news from the Ubuntu community including planningfor 16.04 LTS to transition to ESM, libgcrypt FIP...
ListenEpisode 97 from 2020-11-21T12:13
This week we look at vulnerabilities in MoinMoin, OpenLDAP, Kerberos, Raptor (including a discussion of CVE workflows and the oss-securitymailing list) and more, whilst in community news we talk ...
ListenEpisode 96 from 2020-11-13T12:35
This week we look at results from the Tianfu Cup 2020, the PLATYPUS attack against Intel CPUs, a detailed writeup of the GDM/accountsservicevulnerabilities covered in [Episode 95](https://ubuntus...
ListenEpisode 95 from 2020-11-06T15:37
This week we look at vulnerabilities in Samba, GDM, AccountsService, GOsa and more, plus we cover some AppArmor related Ubuntu Security communityupdates as well.
ListenEpisode 94 from 2020-10-30T16:14
This week we cover news of the CITL drop of 7000"vulnerabilities", the Ubuntu Security disclosure and embargo policy plus we look at securityupdates for pip, blueman, the Linux kernel and more.
ListenEpisode 93 from 2020-10-23T15:08
This week we cover security updates for NTP, Brotli, Spice, the Linux kernel (including BleedingTooth) and a FreeType vulnerability which isbeing exploited in-the-wild, plus we talk about the NSA...
ListenEpisode 92 from 2020-10-02T10:14
It's CVE bankruptcy! With a deluge of CVEs to cover from the last 2 weeks, we take a particular look at the ZeroLogon vulnerability in Samba thisweek, plus Alex covers the AppArmor 3 release and ...
ListenEpisode 91 from 2020-09-18T16:51
This week we look at security updates for GUPnP, OpenJPEG, bsdiff and more.
ListenEpisode 90 from 2020-09-11T15:26
This week we look at security updates for the X server, the Linux kernel and GnuTLS plus we preview the upcoming AppArmor3 release that is slatedfor Ubuntu 20.10 (Groovy Gorilla).
ListenEpisode 89 from 2020-09-03T17:20
This week we farewell Joe McManus plus we look at security updates for Firefox, Chrony, Squid, Django, the Linux kernel and more.
ListenEpisode 88 from 2020-08-27T16:16
This week we talk antivirus scanners and false positives in the Ubuntu archive, plus we look at security updates for QEMU, Bind, Net-SNMP,sane-backends and more.
ListenEpisode 87 from 2020-08-21T14:10
This week we look at the Drovorub Linux malware outed by the NSA/FBI plus we detail security updates for Dovecot, Apache, Salt, the Linux kernel andmore.
ListenEpisode 86 from 2020-08-13T15:05
This week we discuss the recent announcement of a long-awaited native client for 1password, plus Google Chrome experiments with anti-phishingtechniques, and we take a look at security updates for...
ListenEpisode 85 from 2020-08-06T17:40
Dr. Levi Perigo is our special guest this week to discuss SDN and NFV with Joe, plus Alex does the weekly roundup of security updates, includingGhostscript, Squid, Apport, Whoopsie, libvirt and m...
ListenEpisode 84 from 2020-07-30T16:00
In a week when too many security updates are never enough, we cover the biggest one of them all for a while, BootHole, with an interview betweenJoe McManus and Alex Murray for some behind-the-sce...
ListenEpisode 83 from 2020-07-24T15:48
This week Joe talks Linux Security Modules stacking with John Johansen and Steve Beattie plus Alex looks at security updates for snapd, the Linuxkernel and more.
ListenEpisode 82 from 2020-07-17T15:57
With Ubuntu 19.10 going EOL, we have a special interview by Joe with Chris Coulson and Steve Beattie from the Ubuntu Security Team to talk TPMs andUbuntu Core 20, plus Alex looks at some of the 7...
ListenEpisode 81 from 2020-07-03T12:28
Joe talks cyber security policy with Dr David Reed from CU Boulder, plus Alex covers the week in security updates including Mutt, NVIDIA graphicsdrivers, Mailman and more.
ListenEpisode 80 from 2020-06-25T15:21
This week, Sid Faber and Kyle Fazzari of the Ubuntu Robotics team interview Vijay Sarvepalli from CERT about the recent Ripple20 vulnerabilitiesannouncement, plus we look at security updates for ...
ListenEpisode 79 from 2020-06-19T16:06
This week Joe discusses Intel's CET announcement with John Johansen, plus Alex details recent security fixes including SQLite, fwupd, NSS, DBus andmore.
ListenEpisode 78 from 2020-06-12T16:23
SRBDS aka CrossTalk, the latest Intel speculative execution attack, is the big news this week in security updates for Ubuntu, as well as fixes forGnuTLS, Firefox and more, plus Alex and Joe talk ...
ListenEpisode 77 from 2020-06-07T17:39
This week we look at security updates for Unbound, OpenSSL, Flask, FreeRDP, Django and more, plus Joe and Alex discuss the Octopus malware infectingNetbeans projects.
ListenEpisode 76 from 2020-05-28T15:10
This week we welcome back Vineetha Kamath, Ubuntu Security Certifications Manager, to discuss the recent release of FIPS modules for Ubuntu 18.04 LTSand we look at security updates for Bind, Clam...
ListenEpisode 75 from 2020-05-22T16:55
In episode 75 we look at security updates for APT, json-c, Bind, the Linux kernel and more, plus Joe and Alex discuss recent phishing attacks and theWired biopic of Marcus Hutchins.
ListenEpisode 74 from 2020-05-15T16:36
Special guest, Tim McNamara, author of Rust In Action talks all things Rust plus we look at security updates for Linux bluetooth firmware, OpenLDAP,PulseAudio, Squid and more.
ListenEpisode 73 from 2020-05-08T16:33
After the recent release of Ubuntu 20.04 LTS, we look at security fixes for OpenJDK, CUPS, the Linux kernel, Samba andmore, plus Joe and Alex discuss robot kits and the Kaiji botnet.
ListenEpisode 72 from 2020-04-24T10:46
A huge number of CVEs fixed in the various Ubuntu releases, including for PHP, Git, Thunderbird, GNU binutils and more, plus Joe McManus discussesROS with Sid Faber.
ListenEpisode 71 from 2020-04-16T12:57
This week Joe discusses Ubuntu's involvement in ZDI's Pwn2Own with special guests Steve Beattie and Marc Deslauriers from the Ubuntu Security team,plus we do the usual roundup of fixed vulnerabil...
ListenEpisode 70 from 2020-04-10T14:12
This week we have a great interview between Joe McManus and Emilia Torino from the Ubuntu Security team, plus we cover security updates for Apport, Firefox, GnuTLS,the Linux kernel and more.
ListenEpisode 69 from 2020-04-02T16:32
This week we cover security updates for a Linux kernel vulnerability disclosed during pwn2own, Timeshift, pam-krb5 and more, plus we have aspecial guest, Vineetha Kamath, to discuss security cert...
ListenEpisode 68 from 2020-03-26T13:57
This week we cover security updates for Apache, Twisted, Vim a kernel livepatch and more, plus Alex and Joe discuss OVAL data feeds and thecvescan snap for vulnerability awareness.
ListenEpisode 67 from 2020-03-19T20:25
A big week in security updates, including the Linux kernel, Ceph, ICU, Firefox, Dino and more, plus Joe and Alex discuss tips for securely workingfrom home in light of Coronavirus.
ListenEpisode 66 from 2020-03-12T22:39
This week we cover security updates for Django, runC and SQLite, plus Alex and Joe discuss the AMD speculative execution Take A Way attack and welook at some recent blog posts by the team too.
ListenEpisode 65 from 2020-03-05T14:35
Whilst avoiding Coronavirus, this week we look at updates for libarchive, OpenSMTPD, rake and more, plus Joe and Alex discuss ROS, the RobotOperating System and how the Ubuntu Security Team is in...
ListenEpisode 64 from 2020-02-27T22:01
This week we look at security updates for ppp, Squid, rsync+more, and Joe and Alex discuss the wide scope of the Ubuntu Security Team including somecurrent open positions.
ListenEpisode 63 from 2020-02-20T15:51
Security updates for Firefox, QEMU, Linux kernel, ClamAV and more, plus we discuss our recommended reading list for getting into infosec and farewelllong-time member of the Ubuntu Security Team /...
ListenEpisode 62 from 2020-02-13T21:53
This week Alex and Joe take an indepth look at the recent Sudo vulnerability CVE-2019-18634 plus we look at security updates forOpenSMTPD, systemd, Mesa, Yubico PIV tool and more. We also look at...
ListenEpisode 61 from 2020-02-07T16:15
Joe is back to discuss a recent breach against Wawa, plus we detail security updates from the past week including Apache Solr, OpenStackKeystone, Sudo, Django and more.
ListenEpisode 60 from 2020-01-30T17:12
Security updates for python-apt, GnuTLS, tcpdump, the Linux kernel and more, plus we look at plans to integrate Ubuntu Security Notices within themain ubuntu.com website.
ListenEpisode 59 from 2020-01-24T08:57
After a weeks break we are back to look at updates for ClamAV, GnuTLS, nginx, Samba and more, plus we briefly discuss the current 20.04 Mid-CycleRoadmap Review sprint for the Ubuntu Security Team
ListenEpisode 58 from 2020-01-09T16:18
In the first episode for 2020, we look at security updates for Django and the Linux kernel, plus Alex and Joe discuss security and privacy aspects ofsmart assistant connected devices.
ListenEpisode 57 from 2019-12-19T13:36
In the final episode of 2019, we look at security updates for RabbitMQ, GraphicsMagick, OpenJDK and more, plus Joe and Alex discuss a typicalday-in-the-life of a Ubuntu Security Team member.
ListenEpisode 56 from 2019-12-13T20:49
In the second to last episode for 2019, we look at security updates for Samba, Squid, Git, HAProxy and more, plus Alex and Joe discuss Evil Corphacker indictments, unsecured AWS S3 buckets and more.
ListenEpisode 55 from 2019-12-09T13:05
This week we cover security updates for NSS, SQLite, the Linux kernel and more, plus Joe and Alex discuss a recent FBI advisory warning aboutpossible dangers of Smart TVs.
ListenEpisode 54 from 2019-11-24T10:16
Security updates for DPDK, Linux kernel, QEMU, ImageMagick, Ghostscript and more, plus Joe and Alex talk about how to get into information security.
ListenEpisode 53 from 2019-11-15T18:21
This week we look at the details of the latest Intel hardware vulnerabilities, including security updates for the Linux kerneland Intel microcode, plus Bash, cpio, FriBidi and more.
ListenEpisode 52 from 2019-11-08T21:48
This week we look at security updates for FreeTDS, HAProxy, Nokogiri, plus some regressions in Whoopsie, Apport and Firefox, and Joe and Alex discussthe release of 14.04 ESM for personal use unde...
ListenEpisode 51 from 2019-10-31T18:00
In this Halloween Special, Joe and Alex talk about what scares them in security, plus we look at security updates for Firefox, PHP, Samba,Whoopsie, Apport and more.
ListenEpisode 50 from 2019-10-24T15:28
Alex and Joe discuss the big news of this week - the release of Ubuntu 19.10 Eoan Ermine - plus we look at updates for the Linux kernel, libxslt,UW IMAP and more.
ListenEpisode 49 from 2019-10-18T14:18
This week we look at updates for Sudo, Python, OpenStack Octavia and more, plus we discuss a recent CVE for Python which resulted in erroneousscientific research results, and we go over some of y...
ListenEpisode 48 from 2019-10-10T20:37
This week we look at security updates for the Linux kernel, SDL 2, ClamAV and more, plus Alex and Joe talk security and performance trade-offs, snapsand OWASP Top 10 Cloud Security recommendation...
ListenEpisode 47 from 2019-10-03T20:22
We catch up on details of the past few weeks of security updates, including Python, curl, Linux kernel, Exim and more, plus Alex and Joe discuss therecent Ubuntu Engineering Sprint in Paris and b...
ListenEpisode 46 from 2019-09-12T23:02
A massive 85 CVEs addressed this week, including updates for Exim, the Linux Kernel, Samba, systemd and more, plus we discuss hacking BMCs viaremote USB devices and password stashes.
ListenEpisode 45 from 2019-09-04T21:25
This week we look at security updates for Dovecot, Ghostscript, a livepatch update for the Linux kernel, Ceph and Apache, plus Alex and Joe discuss recent Wordpress plugin vulnerabilities and the H...
ListenEpisode 44 from 2019-08-26T20:35
This week Joe and Alex discuss a recently disclosed backdoor in Webmin, plus we cover security updates from the past week, including for Nova, KDE, LibreOffice, Docker, CUPS and more.
ListenEpisode 43 from 2019-08-21T20:58
This week we cover vulnerabilities in Ghostscript, the Linux kernel, nginx and more, and we follow up last weeks interview with another interview with Jamie Strandboge, this time talking about the ...
ListenEpisode 42 from 2019-08-14T21:13
This week we have a special interview with Ubuntu Security Team member Jamie Strandboge,talking about security aspects of the Snap packaging system, as well as the usual roundup of security fix...
ListenEpisode 41 from 2019-08-05T20:15
With Alex and Joe having been away at a Canonical sprint last week, we look back at the past fortnight's security updates including new Linux kernel releases, MySQL, VLC, Django and more plus we di...
ListenEpisode 40 from 2019-07-24T09:27
Big roundup of security updates from the past 2 weeks including Docker, ZeroMQ, Squid, Redis and more, plus we talk with Joe McManus about somerecent big fines for companies breaching their GDPR ...
ListenEpisode 39 from 2019-07-09T14:52
A look at security updates for Django, Thunderbird, ZNC, Irssi and more, plus news on the CanonicalLtd GitHub account credentials compromise, SKSPGP keyservers under attack and Ubuntu 18.10 Cosmi...
ListenEpisode 38 from 2019-07-02T17:00
This week we look at the latest security updates for the Linux kernel, Firefox, ImageMagick, OpenStack and more, plus we have a special guest, the maintainer and lead developer of the AppArmor proj...
ListenEpisode 37 from 2019-06-28T00:00
The big new this week is SackPANIC! updates for the Linux kernel, plus we look at vulnerabilities in, and updates for, Samba, SQLite, Bind, Thunderbird and more, and we are hiring!
ListenEpisode 36 from 2019-06-17T00:00
Security updates for DBus, vim, elfutils, GLib and more, plus Joe and Alex look at another npm package hijack as well as some wider discussions around the big vim RCE of this week.
ListenEpisode 35 from 2019-06-11T00:00
We look at vulnerabilities and updates for Exim, the Linux kernel, Berkeley DB, Qt and more, plus Joe and Alex discuss some recent malware campaigns including Hiddenwasp, and we cover some open pos...
ListenEpisode 34 from 2019-06-03T00:00
This week we look at security updates for Keepalived, Corosync, GnuTLS, libseccomp and more, plus we talk insider threats with Joe McManus.
ListenEpisode 33 from 2019-05-27T00:00
Updated Intel microcode for Cherry + Bay Trial CPUs, fixes for
vulnerabilities in curl, Firefox, PHP and MariaDB, plus we talk
configuration of virtualised guests to mitigate speculat...
Episode 32 from 2019-05-20T00:00
This week we look at updates to cover the latest Intel CPU vulnerabilities
(MDS - aka RIDL, Fallout, ZombieLoad), plus other vulnerabilies in
PostgreSQL, ISC DHCP, Samba and more, whi...
Episode 31 from 2019-05-13T00:00
This week we cover security fixes for GNOME Shell, FFmpeg, Sudo, Ghostscript and others, and we talk to Joe McManus about malicious Dockerhub images, Git repos being ransomed more.
ListenEpisode 30 from 2019-05-06T00:00
Fixes for 19 different vulnerabilities across MySQL, Dovecot, Memcached and others, plus we talk to Joe McManus about the recent iLnkP2P IoT hack and the compromise of DockerHub's credentials datab...
ListenEpisode 29 from 2019-04-30T00:00
This week we look at fixes from the past two weeks including BIND, NTFS-3G,
Dovecot, Pacemaker and more, plus we follow up last episodes IoT security
discussion with Joe McManus talki...
Episode 28 from 2019-04-15T00:00
This week we look at updates for vulnerabilities in wpa\_supplicant, Samba, systemd, wget and more and we talk to Joe about IoT security (or the prevailing lack-thereof).
ListenEpisode 27 from 2019-04-08T00:00
Carpe Diem for Apache HTTP Server, plus updates for Dovecot, PolicyKit and the Linux kernel, and we talk to Joe McManus about the recent Asus ShadowHammer supply chain attack and more.
ListenEpisode 26 from 2019-04-01T00:00
This week we look security updates for a heap of packages including
Firefox & Thunderbird, PHP & QEMU, plus we discuss Facebook's recent
password storage incident as well as some list...
Episode 25 from 2019-03-25T00:00
Ghostscript is back to haunt us for another week, plus we look at vulnerabilities in ntfs-3g, snapd, firefox and more.
ListenEpisode 24 from 2019-03-19T00:00
A look at recent fixes for vulnerabilities in poppler, WALinuxAgent, the
Linux kernel and more. We also talk about some listener feedback on
Ubuntu hardening and the launch of Ubuntu ...
Episode 23 from 2019-03-12T00:00
This week we look at security updates for the Linux kernel, PHP and NVIDIA drivers, revealing recent research into GPU based side-channel attacks plus we call for suggestions on hardening features ...
ListenEpisode 22 from 2019-03-04T00:00
This week we cover security updates including Firefox, Thunderbird, OpenSSL and another Ghostscript regression, plus we look at a recent report from Capsule8 comparing Linux hardening features acro...
ListenEpisode 21 from 2019-02-21T00:00
Double episode covering the security updates from the last 2 weeks, including snapd (DirtySock), systemd and more, plus we talk responsible disclosure and some open positions on the Ubuntu Security...
ListenEpisode 20 from 2019-02-11T00:00
This week we look at Linux kernel updates for all releases, OpenSSH, dovecot, curl and more. Plus we answer some frequently asked questions for Ubuntu security, in particular the perennial favourit...
ListenEpisode 19 from 2019-02-04T00:00
This week we look at updates to the Linux kernel in preparation for the 18.04.2 release, plus updates for Open vSwitch, Firefox, Avahi, LibVNCServer and more. We also revisit and discuss upstream c...
ListenEpisode 18 from 2019-01-29T00:00
This week we look at some details of the 46 unique CVEs addressed across the supported Ubuntu releases and take a deep dive into the recent apt security bug.
ListenEpisode 17 from 2019-01-22T00:00
First episode of 2019! This week we look "System Down" in systemd, as well as updates for the Linux kernel, GnuPG, PolicyKit and more, and discuss a recent cache-side channel attack using the minco...
ListenEpisode 16 from 2018-12-17T00:00
Last episode for 2018! This week we look at CVEs in lxml, CUPS, pixman, FreeRDP & more, plus we discuss the security of home routers as evaluated by C-ITL.
ListenEpisode 15 from 2018-12-10T00:00
Security updates for 29 CVEs including Perl, the kernel, OpenSSL (PortSmash)
and more, plus in response to some listener questions, we discuss how to make
sure you always have the lat...
Episode 14 from 2018-12-03T00:00
This week we look at some details of the 32 unique CVEs addressed across the supported Ubuntu releases and talk open source software supply chain integrity and how this relates to Ubuntu compared t...
ListenEpisode 13 from 2018-11-26T00:00
This week we look at some details of the 16 unique CVEs addressed across the supported Ubuntu releases and more.
ListenEpisode 12 from 2018-11-19T00:00
This week we look at some details of the 33 unique CVEs addressed across the supported Ubuntu releases, including some significant updates for systemd and the kernel, plus we talk about even more I...
ListenEpisode 11 from 2018-11-12T00:00
This week we look at some details of the 23 unique CVEs addressed across the supported Ubuntu releases, discuss the latest purported Intel side-channel vulnerability PortSmash and more.
ListenEpisode 10 from 2018-11-05T00:00
This week we look at some details of the 17 unique CVEs addressed across the supported Ubuntu releases, have a brief look at some Canonical presentations from LSS-EU and more.
Listen