Tuesday, February 9, 2016

Security Update: libsndfile and curl

Two security advisories has been released today to fix security vulnerabilities in two packages: libsndfile and curl. Both have been applied back to all Slackware releases back to 13.0 (13.37 for libsndfile). For stable version, please note that flac is also upgraded since it's needed by the new version of libsndfile.

In current, there isn't any big changes as before, but more like polishing toward stability. Here are the summary:
  • Update blacklist entry in mkinitrd to prevent error message at boot
  • Upgraded cups, loudmouth, mcabber, stunnel, xf86-video-intel, firefox, and wicd to the latest version
  • Fix an internal compiler error on GCC to fix building wine
  • Revert to older version of ghostscript since it caused some problems with GIMP opening ps or eps files.

Thursday, February 4, 2016

Slackware 14.2 Beta 2 Announced

Good news for everyone. Slackware 14.2 is getting close to release as Pat now announced Slackware 14.2 Beta 2 on the latest changelog. This update also brings some security changes for all supported Slackware releases back to Slackware 13.0!!!

Here are the highlights for older Slackware releases:
  • Updated glibc-zoneinfo for latest timezone update
  • Updated MPlayer identical to MPlayer 1.2.1 stable releases
  • Updated openssl to 1.0.1r
  • Updated PHP to 5.6 since PHP 5.4 is no longer supported. Last PHP 5.4.x packages can still be found in pasture just in case you are not ready for 5.6.
Here are the highlights for slackware current:
  • New kernel 4.4.1
  • Coreutils upgraded to 8.25
  • lvm2 upgraded to 2.02.141
  • cups-filter upgraded to 1.8.1
  • Latest update on development tool (binutils, cmake, mercurial, oprofile, python-setuptools)
  • Latest update on libraries (gst-plugins-*, gstreamer, gtk+3, harfbuzz, librsvg, pulseaudio)
  • Latest update on networking tools (proftpd and traceroute)
  • Xterm upgraded to 322
  • Added two new packages: GParted and HexChat (Replacing XChat)
  • Firefox upgraded to 44.0 (re-built with -O2 again)
  • Pidgin upgraded to 2.10.12
  • xine-lib Rebuilt against new ffmpeg 2.8.5

Sunday, January 17, 2016

Help Testing SBo scripts for upcoming Slackware 14.2

The development branch (current-wip) is now merged into SBo's master branch and that means that you can help us testing all scripts in SBo for the upcoming Slackware 14.2.

If you are using sbopkg, you can do so easily just by switching the repository to use SBo's GIT repository. Here's how to do that:
  • Open your /etc/sbopkg/sbopkg.conf
  • Change
    REPO_BRANCH=${REPO_BRANCH:-14.1}
    into
    REPO_BRANCH=${REPO_BRANCH:-master} 
    
    
  • run sbopkg -r
Happy testing :)

Less MATE deps for 14.2

Since the introduction of PulseAudio to -current branch along with all the supporting packages including the deps (mainly gtkmmX packages), some of the deps that were previously available in SBo and also MSB project are now gone since it's now included in -current.

For me personally it's a good news. I can get rid of around 5 packages in my MSB packages, which leads to less build time and have faster release when Slackware 14.2 gets cleared for public. My list of packages to maintain will be lot less now. When someday we are ready to move to GTK+3 build, the list of additional packages needed are getting smaller as well since gtkmm3 is also included in current.

Overall, it's working very good now. The upstream developers have fixed some of their roadmap entries which will lead to MATE 1.14 someday this year.

At the moment, i'm building MATE on a new fresh VM to test out the list of packages and build orders.

Security Update: openssh

Yesterday, there was a security advisory regarding openssh client vulnerability that have been in the repository for few years back. Most of the focus is on the server side, but this time, the vulnerable part is the client side. Instead of backporting the relevant fixes, Pat decided to upgrade all OpenSSH packages in all supported Slackware releases to 7.1p2. As you may know, OpenSSH 7.0 introduced several changes which might be backward-incompatible changes:
  * Support for the legacy SSH version 1 protocol is disabled by
    default at compile time.
  * Support for the 1024-bit diffie-hellman-group1-sha1 key exchange
    is disabled by default at run-time. It may be re-enabled using
    the instructions at http://www.openssh.com/legacy.html
  * Support for ssh-dss, ssh-dss-cert-* host and user keys is disabled
    by default at run-time. These may be re-enabled using the
    instructions at http://www.openssh.com/legacy.html
  * Support for the legacy v00 cert format has been removed.
  * The default for the sshd_config(5) PermitRootLogin option has
    changed from "yes" to "prohibit-password".
  * PermitRootLogin=without-password/prohibit-password now bans all

    interactive authentication methods, allowing only public-key,
    hostbased and GSSAPI authentication (previously it permitted
    keyboard-interactive and password-less authentication if those
    were enabled).

Wednesday, January 13, 2016

Security Update: dhcp

Patrick has released a new update for dhcp for all supported Slackware releases back to Slackware 13.0. In 14.1, thunderbird is also updated to the latest release, while xscreensaver is also updated to keep the nag screen completely gone due to faulty year checking.

In current, a LOT of changes are introduced and it might be a little bit controversial, since we introduced PULSEAUDIO (yes, your eyes is correct. It's PULSEAUDIO), but please read AlienBOB's blog post about it. So here's the highlight of the latest batch:
  • New kernel 4.4.
  • New gtkmm3 stacks (atkmm, cairomm, libsigc++, pangomm, glibmm, gtkmm3)
  • New pulseaudio stacks (pulseaudio, speexdsp, libasyncns, json-c, pamixer, pavucontrol, alsa-plugins)
  • Some removed packages (apmd, xf86-video-modesettings, xfce4-mixer, xfce4-volumed)
  • New package for xf86-video-amdgpu
  • Lots of upgraded and rebuilt packages due to new PulseAudio.
Pulseaudio transition is very SMOOTH. Just disable execute permission on rc.alsa and then reboot and pulseaudio will handle the rest. Sound in my MATE desktop works very well too, so i got no complaints :)

For those who are still using legacy NVIDIA GPU drivers, i have bad news. Upstream developers have made a commit which breaks the older NVidia drivers. You need to wait until next driver releases or you can patch the kernels by using this patch.

I still haven't got a patch for VMWare Workstation 11 as well, so for now i'm staying with Linux Kernel 4.1.15.

Friday, December 25, 2015

Slackware Live Edition - Beta 3

Eric Hameleers has published his latest work on Slackware Live Edition - Beta 3. Many have suggested improvements and suggestions following up Beta 2 announcement. It seems that many people are interested in this idea and they helped on testing it, which is a good sign. It has been requested by some people long long time ago and with squashfs-tools being added into current, this long wishlist has become a reality.

More boot options are now supported in this release:
  • 0|1|2|3|4|5|6|S|s|single (Select another runlevel to start with; the default is 4 for graphical login)
  • lang=nl_NL kbd=nl tz=Europe/Amsterdam (Example of language, keyboard and/or timezone customization)
  • nop (No persistence, i.e. boot the virgin installation in case your ‘persistence’ directory got corrupted)
  • nomodeset (Boot with kernel mode setting for graphics — needed with some machines)
  • load=nvidia (Load and configure binary Nvidia drivers that are present in some of the ISOs)
  • rootdelay=10 (Add 10 second delay to give the kernel more time to initialize USB – try this if the Live OS fails to boot)
  • hostname=aliens (Change the hostname for the OS; default hostname is “darkstar
  • livepw=”somestring” (Change the password for the ‘live’ user)
  • rootpw=”somestring” (Change the password for the ‘root’ user)
  • load=mod1[,mod2[…]] (load one or more squashfs modules that are present in the directory “/liveslack/optional”; by default none of the modules in the “optional” directory are loaded)
  • noload=mod1[,mod2[…]] (Prevent loading of one or more squashfs modules that are present in the directory “/liveslack/addons”; by default all of the modules in the “addons” directory are loaded on boot)
  • rescue (After initialization, you will be dropped in a rescue shell where you can perform lowlevel maintenance; the same happens anyway if the OS fails to boot)
  • debug (During init, pause at strategical locations while assembling the overlay filesystem and show relevant mount information)
  • swap (Allow the Live OS to activate all swap partitions it finds on the local hardware; by default, the hard drive will not be touched at all)
  • livemedia=/dev/sdX (Tell the init script which partition contains the Slackware Live OS you want to boot; this can become necessary if you have another copy of Slackware Live already installed to another drive partition)
  • livemain=directoryname (Use this if you copied the content of the ISO to a different directory than the default “liveslak” directory)

In this beta 3, all packages are updated with the latest -current update per December 23, KDE 5_15.12, and also MATE 1.12 (switched back to GTK+2 build). These ISOs should give you a real snapshot of what -current looks like at these moments. Cinnamon ISO was deleted due to disk space limitations, but it wasn't changed so if you have the old one, it's still the same.

Go get them now from these sites:
If you wish to create your own custom Slackware ISO, get the scripts here:
  • http://www.slackware.com/~alien/liveslak/
  • http://taper.alienbase.nl/mirrors/people/alien/liveslak/

Thursday, December 24, 2015

MATE for 14.2 Will be Based on GTK+2

After testing the GTK+3 build of MATE 1.12 in Slackware-Current for few weeks and discussed many things with upstream developers, i decided to cancel the migration to GTK+3 build for next Slackware release and switch back to GTK+2 build. The reason is simple: we don't want users to have bad user experience when they upgraded to the new version. While GTK+3 build is pretty solid, it still have many major blocker such as glitches theme preview, color change problem, panel freeze after adding shortcut, no python plugin support in pluma and eom, and many others. You can see all the GTK+3 issues in Github. I think it's enough reason to postpone the idea until it's stable enough.

Even though the MATE developers wanted to kill GTK+2 code someday, it will not happen soon as GTK+3 build is still so buggy and with every GTK+3 releases, they have to adapt changes made by upstream project. For that reason, in the next major release (1.14), MATE developers will set a minimum GTK version that they support to minimize the load of maintaining several GTK releases. See the roadmap for more information.

So, what happened to MSB repository? Since all the good changes happening on GTK3 branch, i cherry-picked them to master branch already and push it to github. There were some conflict but i managed to fix them locally before it gets pushed, so you will get a clean history in master branch. Just run git pull on master branch and you will get the latest changes in MATE 1.12.x tested for slackware-current.

Unfortunately for those who have been using GTK3 branch, you will have to make some extra steps since GTK3 branch is rebased from master after the big changes and there were some conflicts and i had to fix them and used force option. So here's what you need to do if you want to grab the latest GTK3 branch:
git checkout master
git pull
git branch -D GTK3
git checkout GTK3
If you noticed in the commit logs, i have removed the NUMJOBS parameter. For those who have many CPUs, you can override your MAKEFLAGS environment variable to compile using more than 1 CPU.

At the moment, i'm rebuilding latest MATE 1.12.x on top of latest -current update (Dec 23) and will upload it to usual testing location (GTK+3 build will be removed) but probably only for x86_64. This will be used as a base packages for the next Slackware Live Beta 3 from AlienBOB.

Update: The repository is now updated with GTK+2 build for x86 and x86_64 packages.

WARNING: The testing repository will contain GTK+2 build. If you happened to install GTK+3 build already, you need to remove all MATE packages first before installing/upgrading the new packages.

Security Update: blueman, thunderbird

There were 2 security updates released in the last two days: blueman and thunderbird. They were applied for Slackware 14.1 and current (thunderbird) and for Slackware 13.37 and newer (blueman).

Meanwhile current keeps rolling with new updates and bug fixes reported by many users in LQ. Here are some of the highlights:
  • blueman-2.0.3 (requires new package: Cython)
  • bluez-5.36
  • cups-filters 1.5.0
  • curl-7.46.0
  • fuse-2.9.4
  • ghostscript-9.18
  • libssh-0.7.2
  • libxml-2.9.3 
  • links-2.12
  • lvm2-2.02.138
  • mesa 11.0.8
  • pixman-0.33.6
  • rpm 4.12.0
  • rsync-3.1.2
  • sbc-1.3 (Added)
  • sharutils-4.15.2
  • ModemManager-1.4.12 and NetworkManager 1.0.10
  • Fixed random crash issues on Firefox by changing optimization level
  • package removal: obexfs and obex-data-server

Friday, December 18, 2015

Security Update: libpng and grub

Two more security vulnerabilities are fixed in latest batch of update in Slackware-Current: libpng and grub. Grub applies to Slackware 14.1 and current, while libpng applies to Slackware 13.0 and newer.

In current, more packages are updated. Here are some the highlights:
  • glibc restructurization
  • gnupg and all related libraries (gpgme, gpa, libassuan, libgcrypt, libgpg-error, libksba, pinentry, keyutils, M2Crypto)
  • joe 4.1
  • os/device related packages (pcmciautils, sdparm, usbutils, mcelog, os-prober)
  • ulogd 2.0.5
  • Updated bash-completion-2.1

Thursday, December 17, 2015

Security Update: firefox, libpng, bind, openssl

Slackware has released security advisories for 4 packages: firefox, libpng, bind, and openssl. They were targetted for different releases:
  • firefox applies to Slackware 14.1 and current
  • libpng, bind, and openssl applies to all supported Slackware releases (13.0 and newer)
Things are moving forward again in current after Pat pushed many packages to public repository in the latest batch of update. Here are some of the highlights:
  • Kernel 4.1.15
  • GCC 5.3.0
  • OpenSSL-1.0.2e
  • cgmanager-0.39
  • CUPS 2.1.2
  • nano 2.5.0
  • qpdf 6.0
  • cmake 3.4.1
  • flex 2.6.0
  • git 2.6.4
  • python 2.7.11
  • cairo 1.14.6
  • gtk+2-2.24.29 and gtk+3-3.18.6
  • bind 9.10.3_P2
  • dnsmasq 2.75
  • ethtool 4.2
  • samba 4.3.2
  • wget 1.17.1
  • mesa 11.0.7
Meanwhile, Robby Workman has started another thread in LQ about requests for -current after this batch of update, closing the previous thread since it's long enough and probably getting harder to track.

NOTE: the thread are meant for input for next Slackware release. We don't have any timeframe when will the next Beta or next Slackware gets released. Only Patrick himself knows about it and as always, it will be released when it's ready.

Thursday, December 3, 2015

Cinnamon Version of Slackware Live

I mentioned about the possibility of adding Cinnamon version for Slackware Live edition and now the ISO has been generated by Eric Hameleers last night. It consist of latest cinnamon 2.8.x packages taken from my CSB repository (development tree).

Besides adding cinnamon version, Eric also fixed the login loop issue along with adding an option to set the default runlevel during the ISO creation. This should give you plenty of options when you want to make your own custom ISO in the future.

I'm going to test the cinnamon version later today. I just tested the MATE version and it's working very nice indeed.

As always, please download the latest ISO here: http://taper.alienbase.nl/mirrors/slackware-live/

Tuesday, December 1, 2015

Slackware Live Beta 2 + MATE Version

Eric Hameleers have published his Beta 2 of his Project X - Slackware Live edition. On this release, some new options have been added after getting feedback from many users and based on his personal TODO list.

One interesting comment was asking whether there will be MATE/Cinnamon based Slackware Live. Eric pinged me via IRC last night and we decided to try to make MATE version of Slackware Live. I also used this chance to rebuilt all MATE packages after that big batch of update, including latest MATE 1.12.1 updates that were released yesterday.

I quickly create a new VM based on latest -current update and soon after that, build all MATE packages from scratch so that it's fresh from the VM. Last part is uploading the binary packages. While Eric built the ISO from 64 bit packages, i started the build for 32 bit and in the end, i have all 32/64 bit packages updated in the repository provided by Darren Austin this morning.

If you happened to use previous packages, please use upgradepkg --reinstall --install-new to make sure everything is reinstalled since it's rebuilt against latest slackware-current update. Some packages were removed as well, so it might be best to look for the commits in the github.

Even better news, i created another new VM this morning to test the new Cinnamon packages for Slackware Current. I don't know whether it can be included for Slackware Live or not, since it uses PAM even though it only installed just to satisfy all deps required by cinnamon. It's building cinnamon 2.8 at the moment and if nothing goes wrong, it should be ready when i got home later today.

Please enjoy MSB version of Slackware Live and again, big thanks to Eric Hameleers for his great work on Slackware Live Project.

You can download the ISOs here: http://taper.alienbase.nl/mirrors/slackware-live/