PodParley PodParley
PodParley
How Linux Distros Are Securing the Supply Chain with SBOMs episode artwork

EPISODE · Jun 3, 2026 · 12 MIN

How Linux Distros Are Securing the Supply Chain with SBOMs

from The Linux Podcast with Fexingo: Open Source Operating Systems, Distros, and Server Stack · host Fexingo

Supply chain attacks on open source software are surging, and Linux distributions are fighting back with a tool called the software bill of materials, or SBOM. In this episode, Lucas and Luna break down how distros like Fedora and Alpine are adopting SBOMs to provide a transparent list of every dependency in a package. They discuss a real attack on the xz-utils library in 2024 that bypassed maintainer scrutiny for years, and explain how SBOMs could have caught it earlier. The conversation covers the tension between SBOM completeness and developer usability, why container images make the problem harder, and the role of tools like SPDX and CycloneDX in standardizing the format. If you use Linux on a server, in a container, or on the desktop, your security posture depends on knowing what's actually in your software stack. #Linux #OpenSource #SBOM #SupplyChainSecurity #SoftwareBillOfMaterials #CycloneDX #SPDX #Fedora #AlpineLinux #xzUtils #ContainerSecurity #DependencyManagement #DevOps #Security #Technology #FexingoBusiness #BusinessPodcast #TechPodcast Keep every episode free: buymeacoffee.com/fexingo

What this episode covers

Supply chain attacks on open source software are surging, and Linux distributions are fighting back with a tool called the software bill of materials, or SBOM. In this episode, Lucas and Luna break down how distros like Fedora and Alpine are adopting SBOMs to provide a transparent list of every dependency in a package. They discuss a real attack on the xz-utils library in 2024 that bypassed maintainer scrutiny for years, and explain how SBOMs could have caught it earlier. The conversation covers the tension between SBOM completeness and developer usability, why container images make the problem harder, and the role of tools like SPDX and CycloneDX in standardizing the format. If you use Linux on a server, in a container, or on the desktop, your security posture depends on knowing what's actually in your software stack. #Linux #OpenSource #SBOM #SupplyChainSecurity #SoftwareBillOfMaterials #CycloneDX #SPDX #Fedora #AlpineLinux #xzUtils #ContainerSecurity #DependencyManagement #DevOps #Security #Technology #FexingoBusiness #BusinessPodcast #TechPodcast Keep every episode free: buymeacoffee.com/fexingo

NOW PLAYING

How Linux Distros Are Securing the Supply Chain with SBOMs

0:00 12:30

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Share this episode

Similar Episodes

I'm ok

Mar 26, 2026 ·1m

Food Saved My Life

Mar 19, 2026 ·34m

Eat More Vegetables: The 4 Foods That Beat Ozempic (Naturally)

Feb 18, 2026 ·11m

How to End Heart Disease with Dr. Fuhrman

Feb 11, 2026 ·45m

Revolutionizing Breast Health: QT Imaging, Overdiagnosis, and What to Do Instead

Jan 27, 2026 ·35m

REMIX: Why we over-shop and compulsively acquire, and how to stop, with Dr Jan Eppingstall

Jan 9, 2026 ·61m

Similar Podcasts

MG Show MG Show The MG Show, hosted by Jeffrey Pedersen and Shannon Townsend, is a leading alternative media platform dedicated to uncovering the truth behind today’s most pressing political issues. Launched in 2019, the show has grown exponentially, offering unfiltered insights, comprehensive research, and real-time analysis. With a commitment to independent journalism and factual integrity, the MG Show empowers its audience with knowledge and encourages active participation in the political discourse. Ask A Spaceman Archives - 365 Days of Astronomy Ask A Spaceman Archives - 365 Days of Astronomy Podcasting Astronomy Every Day of the Year Breaking News Show | eTurboNews Juergen Thomas Steinmetz News is relevant to the global travel and tourism industry, human rights and global issues.Breaking news when it happens and only from the source. Eat to Live Jenna Fuhrman, Dr. Fuhrman Our health is our most precious gift and smart nutrition can change your life. Each month, join Dr. Fuhrman and his daughter, Jenna Fuhrman as they discuss important topics in the world of nutrition. Eat to Live will change the way you eat and think about food.

Frequently Asked Questions

How long is this episode of The Linux Podcast with Fexingo: Open Source Operating Systems, Distros, and Server Stack?

This episode is 12 minutes long.

When was this The Linux Podcast with Fexingo: Open Source Operating Systems, Distros, and Server Stack episode published?

This episode was published on June 3, 2026.

What is this episode about?

Supply chain attacks on open source software are surging, and Linux distributions are fighting back with a tool called the software bill of materials, or SBOM. In this episode, Lucas and Luna break down how distros like Fedora and Alpine are...

Can I download this The Linux Podcast with Fexingo: Open Source Operating Systems, Distros, and Server Stack episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!