Making Linux Approachable
Kevin Backhouse discovered that GLib incorrectly handled certain memory
allocations. A remote attacker could use this issue to cause applications
linked to GLib to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2021-27219)
Original advisory details:
Yiğit Can Yılmaz discovered that GNOME Autoar could extract files outside
of the intended directory. If a user were tricked into extracting a
specially crafted archive, a remote attacker could create files in
arbitrary locations, possibly leading to code execution.
Have you ever wanted to know how many packages you’ve installed? It’s actually a really simple process. I’ll show you!
This is only useful if your distro uses ‘dpkg’, which is actually quite a few distros. If you remember correctly, I’ve previously told you how to use ‘dpkg’ to get a list of installed applications. It was a pretty simple command.
Well, so isn’t this a simple command.
Like pretty much every time, let’s get that terminal opened up. (
Now, if you’d followed the above link’s directions, you’d have a file called ‘installed_apps.txt’ and it would be in your Documents directory. If you open that file, you’ll see that not all the lines are actually installed applications. There are some lines that contain data that isn’t an installed application.
But, if you look carefully, you’ll see that the lines with the applications all begin with ‘ii’. We can use that to make our work more accurate.
Now, you could try this:
If you’re curious, ‘cat‘ stands for concatenate. It has been around since pretty much Unix v. 1. It basically reads a file and spits out the content. The man page describes it as thus:
cat – concatenate files and print on the standard output
See? Pretty simple.
Next, you’re telling it which file to work on (installed_apps.txt in the Documents directory). Then you’re telling it to look for the letters ‘ii’ and to count the lines that contain them.
Note: In some cases, this will not be 100% accurate. If you have something installed with ‘ii’ in the name then it will count that as well. However, the goal here isn’t actually 100% accuracy, the goal here is to help you get familiar with some of these terminal commands.
So, what if you haven’t followed along and don’t actually have that file? Can you still do this? Absolutely! Watch this:
To be a bit more clear, that little ‘|’ character is called a pipe. You’ll see it fairly often. It’s used to take the commands from one command and use them in another. It goes back to the philosophy of ‘hiding the internals’, with the goal being simplicity and clarity. But, you never have to make the text file to perform this counting exercise.
Again, this command will give you an inaccurate result if you happen to have an application that has an ‘ii’ in the name. That’s fine. This is great for estimation and you really don’t need a hard number for anything. In a quick look, I have exactly zero apps with ‘ii’ in the name. So, in my case the count should be spot on. The goal is to help you get more comfortable in the terminal and get used to some of these commands. They’re surprisingly useful, even in day-to-day operations.
Like always, thanks for reading. If you want, you can sign up for the email newsletter. It’s over there, in the right sidebar. I promise, I won’t send you any spam, I won’t sell your email address, I won’t give your email address away, and I won’t send you pics of my dinner. So, sign up and be the first person on the block to read new articles!
