Ubuntu Security Podcast Ubuntu Security Team

This week we bring you a special edition of the podcast, featuring an interview
between Ijlal Loutfi and Karen Horovitz who deep-dive into Confidential
Computing. Ranging from a high-level discussion of the need for and the features
provided by confidential computing, through to the specifics of how this is
implemented in Ubuntu and a look at similar future security technologies that
are on the horizon.

As the podcast winds down for a break over the next month, this week we talk
about RSA timing side-channel attacks and the recently announced DNSBomb
vulnerability as we cover security updates in VLC, OpenSSL, Netatalk, WebKitGTK,
amavisd-new, Unbound, Intel Microcode and more.

The team is back from Madrid and this week we bring you some of our plans for
the upcoming Ubuntu 24.10 release, plus we talk about Google's kernelCTF project
and Mozilla's PDF.js sandbox when covering security updates for the Linux
kernel, Firefox, Spreadsheet::ParseExcel, idna and more.

Ubuntu 24.04 LTS is finally released and we cover all the new security features
it brings, plus we look at security vulnerabilities in, and updates for,
FreeRDP, Zabbix, CryptoJS, cpio, less, JSON5 and a heap more.

John and Georgia are at the Linux Security Summit presenting on some long
awaited developments in AppArmor and we give you all the details in a sneak peek
preview as well as some of the other talks to look out for, plus we cover
security updates for NSS, Squid, Apache, libvirt and more and we put out a call
for testing of a pending AppArmor security fix too.

This week we cover the recent reports of a new local privilege escalation
exploit against the Linux kernel, follow-up on the xz-utils backdoor from last
week and it's the beta release of Ubuntu 24.04 LTS - plus we talk security
vulnerabilities in the X Server, Django, util-linux and more.