Ubuntu Security Podcast - podcast cover

Ubuntu Security Podcast

Ubuntu Security Teamubuntusecuritypodcast.org
Technology
A fortnightly podcast talking about the latest developments and updates from the Ubuntu Security team, including a summary of recent security vulnerabilities and fixes as well as a discussion on some of the goings on in the wider Ubuntu Security community.
Last refreshed:
Follow this podcast in the Metacast mobile app to refresh it and see new episodes.
Follow on
Apple Podcasts
Spotify
RSS
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Podcasts are better in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episodes

Episode 213

As we ease back into regular programming, we cover the various activities the team got up to over the past few weeks whilst away in Riga for the Ubuntu Summit and Ubuntu Engineering Sprint.

Nov 17, 20239 min

Episode 212

With the Ubuntu Summit just around the corner, we preview a couple talks by the Ubuntu Security team, plus we look at security updates for OpenSSL, Sofia-SIP, AOM, ncurses, the Linux kernel and more.

Oct 27, 202323 min

Episode 211

After a well-deserved break, we're back looking at the recent Ubuntu 23.10 release and the significant security technologies it introduces along with a call for testing of unprivileged user namespace restrictions, plus the details of security updates for curl, Samba, iperf3, CUE and more.

Oct 20, 202320 min

Episode 210

It's the Linux Security Summit in Bilbao this week and we bring you some highlights from our favourite talks, plus we cover the 25 most stubborn software weaknesses, and we look at security updates for Open VM Tools, libwebp, Django, binutils, Indent, the Linux kernel and more.

Sep 22, 202321 min

Episode 209

Andrei is back this week with a deep dive into recent research around CVSS scoring inconsistencies, plus we look at a recent Ubuntu blog post on the internals of package updates and the repositories, and we cover security updates in Apache Shiro, GRUB2, CUPS, RedCloth, curl and more.

Sep 15, 202325 min

Episode 208

This week we detail the recently announced and long-awaited feature of TPM-backed full-disk encryption for the upcoming Ubuntu 23.10 release, plus we cover security updates for elfutils, GitPython, atftp, BusyBox, Docker Registry and more.

Sep 08, 202325 min

Episode 207

This week we cover reports of "fake" CVEs and their impact on the FOSS security ecosystem, plus we look at security updates for PHP, Fast DDS, JOSE for C/C++, the Linux kernel, AMD Microcode and more.

Sep 01, 202322 min

Episode 206

This week we talk about HTTP Content-Length handling, intricacies of group management in container environments and making sure you check your return codes while covering vulns in HAProxy, Podman, Inetutils and more, plus we put a call out for input on using open source tools to secure your SDLC.

Aug 25, 202316 min

Episode 205

We're back after unexpectedly going AWOL last week to bring you the latest in Ubuntu Security including the recently announced Downfall and GameOver(lay) vulnerabilities, plus we look at security updates for OpenSSH and GStreamer **and** we detail plans for using AppArmor to restrict the use of unprivileged user namespaces as an attack vector in future Ubuntu releases.

Aug 18, 202320 min

Episode 204

This week we look at the recent Zenbleed vulnerability affecting some AMD processors, plus we cover security updates for the Linux kernel, a high profile OpenSSH vulnerability and finally Andrei is back with a deep dive into recent academic research around how to safeguard machine learning systems when used across distributed deployments.

Aug 04, 202328 min

Episode 203

This week we talk about the dual use purposes of eBPF - both for security and for exploitation, and how you can keep your systems safe, plus we cover security updates for the Linux kernel, Ruby, SciPy, YAJL, ConnMan, curl and more.

Jul 21, 202317 min

Episode 202

We take a sneak peek at the upcoming AppArmor 4.0 release, plus we cover vulnerabilities in AccountsService, the Linux Kernel, ReportLab, GNU Screen, containerd and more.

Jul 07, 202322 min

Episode 201

This week we look at the top 25 most dangerous vulnerability types, as well as the announcement of the program for LSS EU, and we cover security updates for Bind, the Linux kernel, CUPS, etcd and more.

Jun 30, 202320 min

Episode 200

For our 200th episode, we discuss the impact of Red Hat's decision to stop publicly releasing the RHEL source code, plus we cover security updates for libX11, GNU SASL, QEMU, VLC, pngcheck, the Linux kernel and a whole lot more.

Jun 23, 202320 min

Episode 199

For our 199th episode Andrei looks at Fuzzing Configurations of Program Options plus we discuss Google's findings on the `io_uring` kernel subsystem and we look at vulnerability fixes for Netatalk, Jupyter Core, Vim, SSSD, GNU binutils, GLib and more.

Jun 16, 202327 min

Episode 198

This week we investigate the mystery of failing GPG signatures for the 16.04 ISO images, plus we look at security updates for CUPS, Avahi, the Linux kernel, FRR, Go and more.

Jun 09, 202318 min

Episode 197

The venerable Ubuntu 18.04 LTS release has transitioned into ESM, plus we look at Till Kamppeter's excellent guide on how to set up your GitHub projects to receive private vulnerability reports, and we cover the week in security updates including PostgreSQL, Jhead, the Linux kernel, Linux PTP, snapd and a whole lot more.

Jun 02, 202324 min

Episode 196

This week we look at some recent security developments from PyPI, the Linux Security Summit North America and the pending transition of Ubuntu 18.04 to ESM, plus we cover security updates for cups-filter, the Linux kernel, Git, runC, ncurses, cloud-init and more.

May 26, 202321 min

Episode 195

Alex and Camila discuss security update management strategies after a recent outage at Datadog was attributed to a security update for systemd on Ubuntu, plus we look at security vulnerabilities in the Linux kernel, OpenStack, Synapse, OpenJDK and more.

May 19, 202327 min

Episode 194

The team are back from Prague and bring with them a new segment, drilling into recent academic research in the cybersecurity space - for this inaugural segment new team member Andrei looks at modelling of attacks against network intrusion detections systems, plus we cover the week in security updates looking at vulnerabilities in Django, Ruby, Linux kernel, Erlang, OpenStack and more.

May 11, 202325 min

Episode 193

The release of Ubuntu 23.04 Lunar Lobster is nigh so we take a look at some of the things the security team has been doing along the way, plus it's our 6000th USN so we look back at the last 19 years of USNs whilst covering security updates for the Linux kernel, Emacs, Irssi, Sudo, Firefox and more.

Apr 13, 202315 min

Episode 192

Ubuntu gets pwned at Pwn2Own 2023, plus we cover security updates for vulns in GitPython, object-path, amanda, url-parse and the Linux kernel - and we mention the recording of Alex's Everything Open 2023 presentation as well.

Mar 31, 202316 min

Episode 191

This week saw the unexpected release of Ubuntu 20.04.6 so we go into the detail behind that, plus we talk Everything Open and we cover security updates including Emacs, LibreCAD, Python, vim and more.

Mar 24, 202314 min

Episode 190

The Ubuntu Security Podcast is on a two week break to focus on [Everything Open 2023](https://2023.everythingopen.au/) in Melbourne next week - come hear Alex talk about [Securing a distribution and securing your own open source project](https://2023.everythingopen.au/schedule/presentation/64/) in person if you can.

Mar 10, 20231 min

Episode 189

This week we dive into the BlackLotus UEFI bootkit teardown and find out how this malware has some roots in the FOSS ecosystem, plus we look at security updates for the Linux kernel, DCMTK, ZoneMinder, Python, tar and more.

Mar 03, 202317 min

Episode 188

This week the common theme is vulnerabilities in setuid-root binaries and their use of environment variables, so we take a look at a great blog post from the Trail of Bits team about one such example in the venerable `chfn` plus we look at some security vulnerabilities in, and updates for the Linux kernel, Go Text, the X Server and more, and finally we cover the recent announcement of Ubuntu 22.04.2 LTS.

Feb 24, 202319 min

Episode 187

After the announcement of Ubuntu Pro GA last week, we take the time to dispel some myths around all things Ubuntu Pro, esm-apps and apt etc, plus Camila sits down with Mark and David to discuss the backstory of Editorconfig [CVE-2023-0341](https://ubuntu.com/security/CVE-2023-0341) and we also have a brief summary of the security updates from the past week.

Feb 17, 202327 min

Episode 186

The Ubuntu Security Podcast is back for 2023! We ease into the year with coverage of the recently announced launch of Ubuntu Pro as GA, plus we look at some recent vulns in git, sudo, OpenSSL and more.

Feb 10, 202316 min

Episode 185

For our final episode of 2022, Camila is back with a special holiday themed discussion of the security of open source code, plus we hint at what is in store for the podcast for 2023 and we cover some recent security updates including Python, PostgreSQL, Squid and more.

Dec 16, 202237 min

Episode 184

This week we cover Mark Esler's keynote address from UbuCon Asia 2022 on Improving FOSS Security, plus we look at security vulnerabilities and updates for snapd, the Linux kernel, ca-certificates and more.

Dec 09, 202213 min
← PrevNext →
For the best experience, listen in Metacast app for iOS or Android