Friday, July 18, 2014

Slackware is 21 Years Old

On July 16 1993, Patrick Volkerding announced the availability of Slackware 1.00 on comp.os.linux usenet and since then, Slackware has become one of the oldest Linux distribution that are still actively maintained up to now.

These is his official announcement at that time:

From: Patrick J. Volkerding (bf703@cleveland.Freenet.Edu)
   Subject: ANNOUNCE: Slackware Linux 1.00
   Newsgroups: comp.os.linux
   Date: 1993-07-16 17:21:20 PST

 The Slackware Linux distribution (v. 1.00) is now available for
 anonymous FTP. This is a complete installation system designed for
 systems with a 3.5" boot floppy. It has been tested extensively with
 a 386/IDE system. The standard kernel included does not support SCSI,
 but if there's a great demand, I might be persuaded to compile a few
 custom kernels to put up for FTP.

 This release is based largely on the SLS system, but has been enhanced and
 modified substantially. There are two main disk series, A (13 disks) and
 X (11 disks). Some of the features:  

 Series A:
   About what you'd expect from SLS series A, B, and C. Plus:
   Source for the Linux DOS emulator version 0.49.
   The FAQ for kernel level 99pl10.
   Kernel source and image at .99pl11 Alpha.
     [compiled with these options: math emulation support, normal hard drive
     support, TCP/IP, System V IPC, -m486, minix fs, ext2 fs, msdos fs, nfs,
     proc support, and PS/2 style mouse support. You may need to recompile if
     you have some other type of busmouse. The kernel was compiled with libc
     4.4.1, g++ 2.4.5]
   The new keytable utilities.
   The NET-2 networking package, preconfigured to use loopback.
   A public domain version of ksh, and tcsh 6.04 (with the bugs worked out)
   GNU gcc, g++, and Objective-C at versions 2.4.5
   Includes and libraries at version 4.4.1
   mailx, quota utilities, experimental winapi source, sound drivers.
   The TCL toolkit and samples.

   In addition, the installation program has been improved to offer more
   information about the packages (and the installation procedure itself)
   as you install.

   The install program can also automatically install LILO, configuring it
   to boot either from your master boot record or from OS/2's Boot Manager.

 Series X:
   Also, all the packages you would get in the SLS X series, plus:
   XFree-86 version 1.3.
   Open Look Virtual Window Manager made the default window manager.
   XS3 server offers support for S3 based video cards.
   XV 3.00 Image viewer is included.
   PEX files from the XFree-86 distribution are included.

 Although TEX support is not included in the Slackware release, the you may
 install the SLS T series from the install program.

 At this point, the install disk itself is running .99pl8. I'm working on it :^)
 Also, installation from other than a 3.5" floppy has not been tested, but might
 work. 5.25" floppy will not work because of file sizes. At this point, I have
 no plans to support a 5.25" version.

 How to get the Slackware(tm) release:

 The Slackware release may be obtained be anonymous FTP from
 mhd3.moorhead.msus.edu in directory /pub/linux/slackware. At least initially,
 this release will be in the form of 3.5" disk images which should be copied
 to floppies using the RAWRITE.EXE program, or dd under Linux.

 Please note that our FTP software does not support limiting the number of
 concurrent anonymous logins. PLEASE try to go easy on this machine. If things
 get out of hand, access may be restricted.

 Other sites are, of course, welcome to help out with the load by mirroring
 the distribution.

 If you find any problems with the distribution, or if you have any suggestions
 for improvements, please let me know. If you know of more up-to-date versions
 of software in the distribution, I'd like to hear about that, too.

 --
 Patrick Volkerding
 volkerdi@mhd1.moorhead.msus.edu
 bf703@cleveland.freenet.edu
Happy Birthday to Slackware Linux Project !!
Big thanks to Patrick Volkerding !!

Wednesday, July 16, 2014

KDE 4.13.3 for Slackware-Current

Eric Hameleers has just released his KDE 4.13.3 packages into his KTown repository. KDE 4.13.3 is a maintenance release, fixing more than 50 bugs, so it should be a safe pleasant upgrade for anyone.

Eric also upgraded kdeconnect and calligra in his packages.

You can always get the updated KDE packages here:

Major X Updates

Pat has pushed major XOrg updates today and this is the biggest update since some time ago. The XOrg is now upgraded to 1.15.2 and Mesa is upgraded to 10.1.5. Most of the proprietary drivers already have support for this version, so grab the latest version of your proprietary driver before upgrading to this version if you are using NVidia/ATI and use the proprietary driver.

Other than X update, there are some other packages that are upgraded:
  • lxc upgraded to 1.0.5
  • automake upgraded to 1.14.1
  • llvm upgraded to 3.4.2
  • calligra upgraded to 2.8.5
  • lesstif removed and replaced by motif
  • tetex rebuilt against new motif
  • ddd rebuilt against new motif
  • xpdf upgraded to 3.0.4

Saturday, July 12, 2014

Security Update: php

PHP has been upgraded to the latest version (5.4.30) for Slackware 14.0, 14.1, and current which should fixed several security vulnerabilities, mainly related to fileinfo module.

Meanwhile, for -current, there has been some progress:
  • Linux kernel stock is now upgraded to 3.14.12, following the LTS release that will be maintained by Greg K-H until 2016.
  • Bash is upgraded to 4.3.018
  • Shadow is upgraded to 4.2.1 and added support for subuid and subgid needed for unprivileged containers
  • Added several new packages: cgmanager, lzip, and libnih
  • Renamed open-cobol to gnu-cobol
  • Upgraded several more packages: nano, slacktrack, and taglib
  • slackpkg is rebuilt to support $ROOT and $CONF environment variables.
  • Added Linux kernel 3.15.x configuration in testing for those brave enough to try

Wednesday, June 25, 2014

Multiple Security Updates

Slackware has issued 5 security advisories today, accumulated from upstream releases on various projects. They are:
  • GnuPG: Upgraded to 1.4.17 and backported back to Slackware 13.0 to fix a denial of service using garbled compressed data packets.
  • GnuPG2: Upgraded to 2.0.24 to stop a denial of service using
    garbled compressed data packets which can be used to put gpg into an  infinite loop. This update is backported back to Slackware 13.37
  • Samba: Upgraded to 3.6.24 for Slackware 14.0 and 4.1.9 for Slackware 14.1 and current to bring fixes and security issues which can cause a denial of service, and reveal potentially private server information
  • Seamonkey: Upgraded to 2.26.1 for Slackware 14.0, 14.1, and current
  • Bind: Upgraded to 9.8.7_P1 for Slackware 13.0, 13.1, and 13.37, 9.9.5_P1 for Slackware 14.0, 14.1, and Current. There's also a new package in testing for Bind 9.10.0_P2.
For Slackware-Current, there are two additional packages: man (rebuilt to move config to /etc) and  man-pages upgraded to 3.69.

Wednesday, June 18, 2014

Slow Pace of Current Progress

It's mid June and the development for the next Slackware release is still slow without significant changes over packages. Pat only updates small number of packages which is considered safe without breaking other applications besides security updates.

The latest changes including rebuilding ncurses to apply upstream patch which should fixed a screen problem (reported in LQ), rebuilding yptools to fix non-changeable password in yppasswd, and upgrading xscreensaver to 5.29.

Thursday, June 12, 2014

Security Updates: Mozilla Thunderbird

Following Firefox update in -Stable, Thunderbird is now updated to 24.6.0 in Slackware 14.1 and -Current. Slackware-Current also updated Firefox to 30.0 and dddrescue to 1.18.1.

There are no big changes in basic toolchains and packages which usually gets upgraded on the very early stage of development.

Tuesday, June 10, 2014

KDE Maintenance Updates: 4.13.2 Released

KDE Team has released another monthly maintenance release for 4.13.x branch: KDE 4.13.2. This release brings more bug fixes and translations updates, along with updated Plasma Workspaces 4.11.10.

This release incorporated more than 40 bug fixes across all modules, including improvements to Personal Information Management suite Kontact, Umbrello UML Modeller, the Desktop search functionality, web browser Konqueror and the file manager Dolphin. More info taken from KDE's announcement:
Additional and noteworthy: this release of KDE Applications includes a number of important fixes for Kopete: a decrease in the exit time of Kopete with enabled statistics plugin, a fix for the compilation of jabber libjingle for non x86 architectures and another fix for voice call support in the jabber libjingle library. Without this last fix, voice calls worked only with the old Google Talk windows jingle client. Now after applying the patches it was tested with GMail web plugin, old Google Talk windows client, telepathy-gabble and other Kopete versions.
Eric Hameleers has built this version and announce it on his blog. You can grab KDE packages for Slackware-Current users from AlienBOB's KTown repository mirror sites below:

PHP Security Update

PHP Package has been updated to the latest version for all supported Slackware release to fix security vulnerabilities, including a possible denial of service, and an issue where insecure default permissions on the FPM socket may allow local users to run arbitrary code as the apache user.

Slackware 13.0 up to 13.37 will get PHP 5.3.28 update while 14.0 and newer will get PHP 5.4.29 

Friday, June 6, 2014

Multiple Security Advisories: OpenSSL, Sendmail, GnuTLS, and Libtasn1

There are multiple security fixes released today and they were backported back to Slackware 13.0 whenever possible:
  • libtasn1 is upgraded to 2.1.4 for Slackware 14.0 and 3.6 for Slackware 14.1 and Slackware-Current
  • sendmail is upgraded to 8.14.9 for Slackware 13.0 and newer
  • gnutls is upgraded to 2.8.4 for Slackware 13.0, 2.8.6 for Slackware 13.1, 2.10.5 for Slackware 13.37, 3.0.32 for Slackware 14.0, 3.1.25 for Slackware 14.1, and 3.2.5 for Slackware-Current.
  • openssl is upgraded to 0.9.8za for Slackware 13.0, 13.1, and 13.37, 1.0.1h for Slackware 14.0 and newer
For Slackware-Current, there are additional packages:
  • nano is upgraded to 2.3.4
  • irssi is upgraded to 0.8.16

Monday, June 2, 2014

Security Update: MariaDB

After two weeks without any updates, Slackware development and maintenance phase continues and issued one security advisory for mariadb for Slackware 14.1 and current users (now upgraded to 5.5.37). This fixed many security advisories released by CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0384 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2419 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2430 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2431 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2432 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2436 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2438 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2440
 On -current, several new changes has been introduced, such as:
  • Linux Kernel 3.14.5
  • GCC 4.8.3
  • nano 2.3.3
Also there were 2 packages gets rebuilt:
  • gawk: remove symlink and compress man page
  • make:  Patched to fix a bug with parallel builds.

Wednesday, May 14, 2014

KDE 4.13.1 and LibreOffice 4.2.4 Packages

Eric Hameleers has pushed his update on KDE 4.13.1 for Slackware-Current users and also LibreOffice 4.2.4 for Slackware 14.1 and also Slackware-Current users.

One big change in KDE 4.13.1 is that Baloo now enables you to completely disabled desktop search from System Settings GUI. There has been so many improvements on Baloo as well on this release which can be seen on the issue tracker. LibRaw, KDevelop, oxygen-gtk2, and libkscreen are also upgraded to the latest version following the previous KDE 4.12.x updates.

Get the KDE packages from these mirror sites:
Meanwhile, LibreOffice is also moving forward with 4.2.4 release and it also fixed lots of bugs and getting more mature on every release. Eric will also build LibreOffice 4.1.6 for conservatives or corporate users who still prefer more mature releases soon.

You can grab the LibreOffice packages from these mirror sites:

Kernel 3.14.4 Landed in Current

Slackware-Current has moved to the latest kernel 3.14.4 which brings two changes: disabling CONFIG_DEBUG_KERNEL which disabled some proprietary NVidia drivers to be built against Linux Kernel 3.14.x and also it fixed CVE-2014-0196 which was a race condition that could cause a kernel panic, memory corruption and system crash if the exploit were ran in current machine. I have tested the exploit code and it did freeze my desktop and i had to do a hard reset.

There are several packages which is changed on this batch of updates:
  • gdb upgraded to 7.7.1
  • libelf rebuilt to link headers in /usr/include and enable -D_FILE_OFFSET_BITS=64 parameter on 32 bit machine
  • ddd rebuilt to fix the machine code view
Go download and test :)