Friday, November 30, 2007

Security Update : SeaMonkey

Slackware security team has released an update for SeaMonkey package (shortly after Firefox update has been released). This updates only available for Slackware 11.0 and newer (up to -Current). Meanwhile, an update for mkinitrd package has also shown up for sometime in -Stable and also in -Current

Here's the latest -Current changelog:
Thu Nov 29 19:51:15 CST 2007
xap/seamonkey-1.1.7-i486-1.tgz:
Upgraded to seamonkey-1.1.7.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
(* Security fix *)

Thu Nov 29 17:38:37 CST 2007
a/mkinitrd-1.3.0-i486-3.tgz: Fixed a missing '--parents' in a cp command.
Thanks to Eric Hameleers for pointing out the bug.

Thursday, November 29, 2007

Big Changes on -Current

There's a BIG updates on -Current today. It's not about the amount of the packages that were released today, but on the version. Next Slackware release (it will be 12.1) will ship with the new GLIBC 2.7 (upgraded from 2.5 from 12.0). I actually quite surprised that Pat decided to use GLIBC 2.7 rather 2.6 (perhaps he already conduct some test and the results are quite good for him).

Well, it's a big change and i think i will leave it for a few days and see other people tested it first before i upgrade to GLIBC 2.7 (i'm downloading it right now) since it's a critical component on every Linux distribution. Using a wrong GLIBC version will results in segmentation faults everywhere, since every packages are compiled and linked to the GLIBC.

Here's the latest changes in -Current:
Thu Nov 29 01:06:48 CST 2007
ap/cdrtools-2.01.01a36-i486-1.tgz: Upgraded to cdrtools-2.01.01a36.
+--------------------------+
Thu Nov 29 01:02:12 CST 2007
a/glibc-solibs-2.7-i486-2.tgz: Upgraded to glibc-2.7 compiled against Linux 2.6.23.9 kernel headers.

a/glibc-zoneinfo-2.7-noarch-2.tgz: Upgraded to tzdata2007i.

a/kernel-generic-2.6.23.9-i486-1.tgz:
Upgraded to Linux 2.6.23.9 uniprocessor generic.s (requires initrd) kernel.

a/kernel-generic-smp-2.6.23.9_smp-i686-1.tgz:
Upgraded to Linux 2.6.23.9 SMP gensmp.s (requires initrd) kernel.

a/kernel-huge-2.6.23.9-i486-1.tgz:
Upgraded to Linux 2.6.23.9 uniprocessor huge.s (full-featured) kernel.

a/kernel-huge-smp-2.6.23.9_smp-i686-1.tgz:
Upgraded to Linux 2.6.23.9 SMP hugesmp.s (full-featured) kernel.

a/kernel-modules-2.6.23.9-i486-1.tgz
Upgraded to Linux 2.6.23.9 uniprocessor kernel modules.

a/kernel-modules-smp-2.6.23.9_smp-i686-1.tgz
Upgraded to Linux 2.6.23.9 SMP kernel modules.

ap/ghostscript-8.61-i486-1.tgz: Upgraded to ghostscript-8.61.
This is still under the GPL -- just FYI, I do not know why the package name changed. This package replaces gnu-ghostscript-8.60.0-i486-2.

d/kernel-headers-2.6.23.9_smp-i386-1.tgz:
Upgraded to Linux 2.6.23.9 SMP kernel headers.

k/kernel-source-2.6.23.9_smp-noarch-1.tgz
Upgraded to Linux 2.6.23.9 SMP kernel source.

l/gamin-0.1.9-i486-1.tgz: Upgraded to gamin-0.1.9.

l/glibc-2.7-i486-2.tgz: Upgraded to glibc-2.7, built against Linux 2.6.23.9 kernel headers.
* NOTE: Packages for -current built after this batch of packages (up to the datestamp above) will be linked against glibc-2.7 and _may_ not work on systems running earlier versions of glibc (such as Slackware 12.0 systems running glibc-2.5).

l/glibc-i18n-2.7-noarch-2.tgz: Upgraded to glibc-2.7 locale files.

l/glibc-profile-2.7-i486-2.tgz: Upgraded to glibc-2.7 profile libs.

l/svgalib_helper-1.9.25_2.6.23.9-i486-1.tgz: Recompiled for Linux 2.6.23.9.

extra/linux-2.6.23.9-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.

isolinux/initrd.img: Upgraded to glibc-2.7. Added dmidecode.

isolinux/network.dsk, pcmcia.dsk; Upgraded to 2.6.23.9 kernel modules.

kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.9.

kernels/hugesmp.s/*: Upgraded hugesmp.s kernel to 2.6.23.9 (SMP).

usb-and-pxe-installers/: Updated USB and PXE installers.

Wednesday, November 28, 2007

Forum Linux Beta

me and Budi from Baliwae (we both represents Slackware-ID community) is proud to announce an availability of a new Indonesian Linux distribution (based on Slackware) that (hopefully) can be used by peoples who wanted to have an offline version of Indonesian Linux Forum. This idea comes from Forum members about two years ago (23 January 2005). At that time, i tried to provide the database dump for people, but it's quite useless, because people still has to install phpBB and modify the application first. It's not suitable for everyone.

So at the last ILC 2007 Conference, Budi was offering a help for a new Linux distribution that can be used for that purpose. He has finished making targeT Linux, so it will be quite easy for him to modify it again for this new distro.

After working for about two days, he finally managed to create a new Linux distribution that we called Forum Linux. It's still in beta version and we hope that we can release this distribution at the end of this year (so it's like a new year gift from both of us big grin). We are planning to update this distribution every six months (like any other popular Linux distribution), so that your version will not be very out-dated.

Like targeT Linux, this new Linux distribution will be able to be executed via LiveCD or via USB, so you have more choices.

There's no ISO available for now (since Budi is trying to make the final version smaller by removing unneeded application so it's very prone to changes. So far, he managed to make it 230 MB, but it will decrease again soon). BUT, you can see the screenshots on http://cd.slackware-id.org/.

We wanted your feedbacks on this idea. Please send your inputs, critics, comments on this distro via mail to feedback@cd.slackware-id.org

Security Update: Firefox

Slackware security team has released a quick update for Firefox package for Slackware 10.2 and above (up to -Current). Meanwhile, the -Current also got an update for mkinitrd package to fix some bug that relate to modules to be ignored. Here's the latest -Current changelog:
Tue Nov 27 16:08:14 CST 2007
a/mkinitrd-1.3.0-i486-1.tgz: Upgraded to mkinitrd-1.3.0.
This fixes a bug where some module options could be ignored.
Thanks to Alan Hicks for the patch.
Thanks also to Richard Hoyle for showing me how to statically link busybox correctly when I wouldn't listen to the Makefile. ;-)

xap/mozilla-firefox-2.0.0.10-i686-1.tgz:
Upgraded to firefox-2.0.0.10.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
(* Security fix *)

Tuesday, November 27, 2007

Upgrading to 2.6.23.9

Today, i was so tired, but i spent my spare time to compile the latest -Stable kernel, 2.6.23.9 which has some important fixes described in their Changelog. I compared the compilation between my laptop and my desktop and guess who's the winner?

Of course my laptop won it big grin It has 1 GB of RAM while my desktop only have 512 MB. My desktop's processor is faster, but i guess amount of RAM has more influence when you are compiling. I ran the process in one step (we can do that by using ";" to separate each process) and when the laptop was done, my desktop is still compiling /drivers/usb laughing

I also had some problems when i wanted to build a tgz package for sshutout package. It comes with a default Makefile, so you don't use ./configure as usual, just make and make install. Due to no ./configure script, my SlackBuild script changed the owner of my home directory to root users, so i had problems starting my KDE application, since it couldn't wrote to my home directory. I had to open my laptop to see the correct permission and that's the reason why i start compiling my kernels (i rarely login to my Slackware on my laptop lately, so when i had time, i do lots of software maintenance). Finally, i managed to fix the permission problem, plus i got a new shinny kernels on my system batting eyelashes

Wednesday, November 21, 2007

Upgraded to 2.6.23.8

I just came back from Kedai Kopi in Kaliurang st. where i must accompany my girlfriend for her business meeting. Since i came back from lecturing, i brought my laptop with me. I took the time when they were start talking to upgrade my Slackware system to the latest -Current, including the kernel. At the beginning, my girlfriend was confused about the display of my laptop, since i didn't boot to X Window. I prefer to use console because it's faster and i don't want to spend too much power just to load X Window where i could do the process in terminal.

First, I upgraded the kernel-headers package and then i compile the kernel from the source (vanilla). It took me about 20-30 minutes to finish the compilation (including reboot and installing NVidia driver again). Lucky me, the battery was full, so i could do some testing after installing the new kernel.

So my laptop is fully sync with -Current, except that i used custom kernel rather than using Slackware's default kernel stock. Next will be upgrading my desktop system big grin

Kernel Updates and Security Fix : Libpng

The default kernel stock in -Current has been upgraded to 2.6.23.8 and also one security fix has been released for libpng package. This package will require some other package to be rebuild also, such as kernel-*, svgalib_helper, kernel configurations in kernels/, and the isolinux.
Wed Nov 21 00:11:24 CST 2007
a/kernel-generic-2.6.23.8-i486-1.tgz:
Upgraded to Linux 2.6.23.8 uniprocessor generic.s (requires initrd) kernel.

a/kernel-generic-smp-2.6.23.8_smp-i686-1.tgz:
Upgraded to Linux 2.6.23.8 SMP gensmp.s (requires initrd) kernel.

a/kernel-huge-2.6.23.8-i486-1.tgz:
Upgraded to Linux 2.6.23.8 uniprocessor huge.s (full-featured) kernel.

a/kernel-huge-smp-2.6.23.8_smp-i686-1.tgz:
Upgraded to Linux 2.6.23.8 SMP hugesmp.s (full-featured) kernel.

a/kernel-modules-2.6.23.8-i486-1.tgz
Upgraded to Linux 2.6.23.8 uniprocessor kernel modules.

a/kernel-modules-smp-2.6.23.8_smp-i686-1.tgz
Upgraded to Linux 2.6.23.8 SMP kernel modules.

d/kernel-headers-2.6.23.8_smp-i386-1.tgz:
Upgraded to Linux 2.6.23.8 SMP kernel headers.

k/kernel-source-2.6.23.8_smp-noarch-1.tgz
Upgraded to Linux 2.6.23.8 SMP kernel source.

l/libpng-1.2.23-i486-1.tgz:
Upgraded to libpng-1.2.23.
Previous libpng versions may crash when loading malformed PNG files.
It is not currently known if this vulnerability can be exploited to execute malicious code.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5266
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5267
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5268
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269
(* Security fix *)

l/svgalib_helper-1.9.25_2.6.23.8-i486-1.tgz: Recompiled for Linux 2.6.23.8.

extra/linux-2.6.23.8-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.

isolinux/network.dsk, pcmcia.dsk; upgraded to 2.6.23.8 kernel modules.

initrd.img: Upgraded to hdparm-7.6.

kernels/generic.s/*: Upgraded generic.s kernel to 2.6.23.8.

kernels/gensmp.s/*: Upgraded gensmp.s kernel to 2.6.23.8 (SMP).

kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.8.

kernels/hugesmp.s/*: Upgraded hugesmp.s kernel to 2.6.23.8 (SMP).

usb-and-pxe-installers/: Updated USB and PXE installers.

Security Update : Thunderbird

After being delayed for some time, finally Slackware security team has released an update for Thunderbird package for 10.2 up to -Current. Here's the latest changelog:
Tue Nov 20 16:49:58 CST 2007
xap/mozilla-thunderbird-2.0.0.9-i686-1.tgz:
Upgraded to thunderbird-2.0.0.9.
This update fixes the following security related issues:
URIs with invalid %-encoding mishandled by Windows (MFSA 2007-36).
Crashes with evidence of memory corruption (MFSA 2007-29).
OK, so the first one obviously does not affect us. :-) The second fix has to do with the same JavaScript handling problem fixed before in Firefox.
JavaScript is not enabled by default in Thunderbird, and the developers (at least in MFSA 2007-36) do not recommend turning it on.
For more information, see:
http://www.mozilla.org/security/announce/2007/mfsa2007-36.html
http://www.mozilla.org/security/announce/2007/mfsa2007-29.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5339
(* Security fix *)

Saturday, November 17, 2007

Pile of Kernel Packages

Today, i browsed Linux Kernel site and i found a huge updates on the -Stable version. The last time i saw a -Stable kernel was 2.6.23.1, and now it was 2.6.23.8. I was thinking "Did i miss that much?" I don't think so, since i usually browse the site daily (or once in two days).

So i ran a search on KernelTrap, but i couldn't find anything about it. Next stop would be LWN and i found this article which describes why there are a lot of kernel update series. It's a good step taken by Greg to release the updates in some series because it's easier to review rather than big chunk.

Anyways, i'm downloading it right now....

XOrg Package Updates

There are several threads in LinuxQuestions (here and here) that discussed about a glitch that affected people who upgraded to the new Xorg package that was released last Wednesday (14 Nov) in -Current tree. People lost their control over their keyboard. This was caused by the new feature input hotplugging support that was introduced by PV on Xorg-server package. Several possible workaround has been proposed and finally PV release the recompiled xorg-server-* packages as well as some minor updates to cdparanoia, xf86-video-* and xscreensaver packages. Here's the latest -Current changelog:
Sat Nov 17 00:19:20 CST 2007
ap/cdparanoia-IIIalpha9.8-i486-3.tgz: Recompiled with SG_IO patch. This didn't seem to make a noticable difference, but to someone it might.
x/xf86-video-intel-2.2.0-i486-1.tgz: Upgraded to xf86-video-intel-2.2.0
x/xf86-video-sis-0.9.4-i486-1.tgz: Upgraded to xf86-video-sis-0.9.4.
OK, now that that Samba fix is done, we can give you a working X server. :-)
Evidently, the HAL/D-Bus enabled X server, xf86-input-evdev, and one of HAL's .fdi files aren't playing well together. After considering three possible workarounds, it was decided to disable D-Bus/HAL support in the X server for now. If you really want to play with X input hotplugging, it's easy enough to modify the source/x/x11/configure xorg-server configure file to enable D-Bus and HAL and run: ./x11.SlackBuild xserver xorg-server
Xdmx remains gone per X build recommendations.
x/xorg-server-1.4-i486-4.tgz: Recompiled without input hotplugging support.
x/xorg-server-xnest-1.4-i486-4.tgz: Rebuilt.
x/xorg-server-xvfb-1.4-i486-4.tgz: Rebuilt.
xap/xscreensaver-5.04-i486-1.tgz: Upgraded to xscreensaver-5.04.

Security Update : Samba

Slackware security team has released an update for Samba package to fix security problems. This package has been released for 10.1 and above (up to -Current). Here's the latest -Current changelog
Fri Nov 16 17:22:18 CST 2007
n/samba-3.0.27-i486-1.tgz:
Upgraded to samba-3.0.27.
Samba 3.0.27 is a security release in order to address a stack buffer overflow in nmbd's logon request processing, and remote code execution in Samba's WINS server daemon (nmbd) when processing name registration followed name query requests.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398
(* Security fix *)

Thursday, November 15, 2007

Bunch of X Updates

There has been a slightly updates on -Current which took Mesa to 7.0.2 version and some other updates on xf86-* package plus some rebuild on xorg-server-* packages to remove support for XDMX and sync with the latest Mesa version. Here's the latest -Current changelog:

Wed Nov 14 15:25:14 CST 2007
x/mesa-7.0.2-i486-1.tgz: Upgraded to mesa-7.0.2.
x/xf86-video-ati-6.7.196-i486-1.tgz: Upgraded to xf86-video-ati-6.7.196.
x/xf86-video-intel-2.1.99-i486-1.tgz: Upgraded to xf86-video-intel-2.1.99.
x/xorg-server-1.4-i486-3.tgz: Rebuilt against Mesa 7.0.2.
Removed support for XDMX, as the code is not maintained and interferes with input hotplug support. Thanks to Carlos Corbacho for the help. :-)
x/xorg-server-xdmx-1.4-i486-2.tgz: Removed.
x/xorg-server-xnest-1.4-i486-3.tgz: Rebuilt.
x/xorg-server-xvfb-1.4-i486-3.tgz: Rebuilt.

Tuesday, November 13, 2007

Slow Boot

Ever since i upgraded to 2.6.23, my laptop's boot time has increased, due to a problem which i hadn't time to analyze it further, but my guest is that i pick the wrong options when new questions arose when i build the new kernel, so today, i upgrade my laptop's kernel to 2.6.23.1. I know, it's not related to any boot up, since it only fix sata problem, but i want to start a new fresh kernel compilation, so i used the old 2.6.22.x kernel configuration and use make oldconfig to make the configurator asked for new features/drivers.

Now my laptop does boot faster then before, but still one problem left. It took too much time when detecting Yenta TI device. I don't know what that is, but i guess it's PCMCIA devices. I didn't start rc.pcmcia, but udev probably loads it, so my option will be disabling it by adding it to /etc/modprobe.d/blacklist. I'll let it be for the moment, as long as it doesn't take more than 5 minutes to boot big grin

This Yenta problem seems to be a known issue. And it only appears on my system after i upgrade to 2.6.23-based kernels. I don't have this issue on 2.6.22. I hope they will fix it on 2.6.24.

Btw, here's the report from dmesg:
Yenta: CardBus bridge found at 0000:02:04.0 [1025:007a]
Yenta: Using CSCINT to route CSC interrupts to PCI
Yenta: Routing CardBus interrupts to PCI
Yenta TI: socket 0000:02:04.0, mfunc 0x89501212, devctl 0x44
Yenta: ISA IRQ mask 0x00d8, PCI irq 10
Socket status: 30000006
Yenta: Raising subordinate bus# of parent bus (#02) from #02 to #06

The bold one indicates where the process stopped for some time (probbing i guess).

Monday, November 12, 2007

4 Security Patches Coming Through

Five patches (four are security fixes) are going through -Current and -Stable today. Most of them are related to xpdf bugs, except for PCRE. Check the changelog for more detail about the changes. Here's the -Current changelog:

Mon Nov 12 01:25:34 CST 2007
kde/kdegraphics-3.5.8-i486-2.tgz:
Patched xpdf related bugs.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393
(* Security fix *)

kde/koffice-1.6.3-i486-2.tgz:
Patched xpdf related bugs.
For more information, see:
http://www.kde.org/info/security/advisory-20071107-1.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393
(* Security fix *)

l/pcre-7.4-i486-1.tgz: Upgraded to pcre-7.4.
l/poppler-0.6.2-i486-1.tgz: Upgraded to poppler-0.6.2.
This release fixes xpdf related bugs.
For more information, see:
http://poppler.freedesktop.org/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393
(* Security fix *)

xap/xpdf-3.02pl2-i486-1.tgz: Upgraded to xpdf-3.02pl2.
The pl2 patch fixes a crash in xpdf.
Some theorize that this could be used to execute arbitrary code if an untrusted PDF file is opened, but no real-world examples are known (yet).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393
(* Security fix *)

Sunday, November 11, 2007

PHP Updates on -Current

As expected, PHP package has been updated to 5.2.5, the latest stable version that fixes more than 60 bug fixes. Here's the latest -Current changelog:

Sat Nov 10 14:27:42 CST 2007
n/php-5.2.5-i486-1.tgz:
Upgraded to php-5.2.5.
This fixes bugs and security issues.
For more information, see:
http://www.php.net/releases/5_2_5.php
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4887
(* Security fix *)
Update (08:52): It seems that PHP updates go through up to Slackware 10.1. I just received a newsletter from Slackware Security Team

Saturday, November 10, 2007

Another Small Updates on -Current

A week has passed since the last update son -Current and here it comes again, even though it's relatively small. Only a rebuild package for gnu-ghostscript, and updates for Firefox and SeaMonkey packages. Here's the latest -Current changelog:
Fri Nov 9 16:07:43 CST 2007
ap/gnu-ghostscript-8.60.0-i486-2.tgz: ./configured with --disable-compile-inits option, which disables a new default of compiling in various configuration values (such as paper size) rather than reading them from the traditional config file. Thanks to Jonathan Woithe for pointing this change out.

xap/mozilla-firefox-2.0.0.9-i686-1.tgz:
Upgraded to firefox-2.0.0.9.
This upgrade improves the stability of Firefox.
For more information, see:
http://developer.mozilla.org/devnews/index.php/2007/11/01/firefox-2009-stability-update-now-available-for-download/

xap/seamonkey-1.1.6-i486-1.tgz:
Upgraded to SeaMonkey 1.1.6.
This upgrade fixes SeaMonkey's ability to display certain types of web pages.
That's about all we could find about it here:
http://www.mozilla.org/projects/seamonkey/

Thursday, November 8, 2007

Gathering at ILC 2007

As ILC 2007 event is going to be held this month, i would like to invite all Indonesian Slackware users to gather at ILC event. There will be lots of communities, like slackware-id, ubuntu-id, opensuse-id, etc. Many people will come and meet each others. It's a good opportunities to know each other. Most of us have only meet via email, chat rooms, YM, etc. It's very nice to see each other face to face.

Soo... i'll be waiting at this year's ILC in Jogja....

Tuesday, November 6, 2007

Hardware Compatibility

Sometimes, when we buy new hardware, we always have a perspective that the new thing will work flawlessly under Linux as it does under Windows (since the vendor supply the required driver). The problem is that most vendor is not willing to share or publish their specification for their products, resulting to a broken or unusable devices when being used in Linux. Thanks to lots of people (mostly are hackers, not crackers), they tried to make some magic by doing some research (perhaps reverse engineering) and make the driver for that device.

There are lots of reference to consult with before you buy new hardware. For example, you have LinuxHardware, Mandriva's HCL and many more. You can also check Linux Driver Project to see some devices that still doesn't have a driver. You can use the information to help you decide which hardware should you buy. Most of the time, the availability of a driver is only a matter of time. Soon or later, the driver will come up. Most of the problems is sound card. My friend also had a problem with his new Lenovo laptop which can't produce any sound (it works well on Windows though). Few days ago, he installed Mandriva 2008.0 and the sound card is detected and sound is available. He was very happy with it. It only took 1-2 months to get the driver available in ALSA Project.

The power of community is very dominant and absolutely amazing. Sometimes they don't get paid for doing that, but they do it for fun and hobby big grin

My First SlackBuild

I have been using Slackware for about two years and in this period, i have used lots of packages made by SlackBuild (from official Slackware repository or any other repository). I never thought that building my own SlackBuild is very challenging, so last night, i tried to make my first SlackBuild script. The package i choose was bmon. Here's the description about the project:
bmon is a portable bandwidth monitor and rate estimator running on various operating systems. It supports various input methods for different architectures. Various output modes exist including an interactive curses interface, lightweight HTML output but also formatable ASCII output.

Statistics may be distributed over a network using multicast or unicast and collected at some point to generate a summary of statistics for a set of nodes.
I use PV's SlackBuild and then i modified it to make this package works well on Slackware 12.0 (probably also in earlier version, but i didn't try it out, as i only have one version installed). Well, the result is great and i have upload it to Indonesian SlackBuild repository. I hope this package will be quite useful for everyone running a server.

Sunday, November 4, 2007

One More

One more package has been recompiled to fix font rendering issue, which was libXft. It's included in the new modular Xorg release. Here's the latest -Current changelog:
Sat Nov 3 15:24:00 CDT 2007
x/libXft-2.1.12-i486-2.tgz: Recompiled to fix issues with bold font
rendering. Thanks to Bruce Hill and Eric Hameleers.

Saturday, November 3, 2007

Small Updates on -Current

PV pushed some new and updated packages to -Current after only pushing security updates yesterday. Here's the latest -Current changelog:

Fri Nov 2 17:37:13 CDT 2007
n/links-2.1pre31-i486-1.tgz: Upgraded to links-2.1pre31.
n/mcabber-0.9.4-i486-1.tgz: Upgraded to mcabber-0.9.4.
n/openldap-client-2.3.38-i486-1.tgz: Upgraded to openldap-client-2.3.38.
n/sendmail-8.14.2-i486-1.tgz: Upgraded to sendmail-8.14.2.
n/sendmail-cf-8.14.2-noarch-1.tgz: Upgraded to sendmail-8.14.2 config files.
x/dejavu-ttf-2.21-noarch-1.tgz: Upgraded to dejavu-ttf-2.21.
xap/gimp-2.4.1-i486-1.tgz: Upgraded to gimp-2.4.1.
xap/pan-0.132-i486-1.tgz: Upgraded to pan-0.132.
xap/pidgin-2.2.2-i486-1.tgz: Upgraded to pidgin-2.2.2.
+--------------------------+

Friday, November 2, 2007

Security Update : CUPS

A new security update has been released by Slackware security team. This update consists of one update to CUPS package which may lead to crash CUPS. Here's the -Stable changelog:

Thu Nov 1 22:03:53 CDT 2007
patches/packages/cups-1.2.11-i486-2_slack12.0.tgz:
Patched cups-1.2.11.
An off-by-one error in ipp.c may allow a remote attacker to crash CUPS resulting in a denial of service.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351
(* Security fix *)
+--------------------------+

New Release of GIMP

GIMP developer team has released GIMP 2.4.1, the first maintenance release for stable branch 2.4.x. It has fixed a couple of issues:

- fixed a minor display rendering problem
- improved the workaround for broken graphics card drivers
- fixed a crash with broken scripts and plug-ins
- fixed potential syntax error in configure script
- fixed parsing of floating point numbers in Script-Fu
- fixed potential crash when converting an indexed image to RGB
- update the histogram while doing color corrections
- fixed another crash with broken plug-ins
- fixed problems on Win32 when GIMP is installed into a non-ASCII path
- fixed handling of truncated ASCII PNM files
- make sure that there's always a cursor, even for small brushes
- fixed line-drawing with a tablet and the Shift key
- added code to use the system monitor profile on OS X
- show changes to the rounded corners in the Rectangle Select tool
- reduced rounding errors in the display render routines
- translation updates (ca, de, et, lt, mk, pa, sv)

I think it should be on the -Current soon big grin

Thursday, November 1, 2007

Slow Updates

Things have been so idle in -Current changelog lately. It's four days since the last updates and the only thing new is the update for pkgtool (fix some problems on removepkg) and also added a new shinny glibc packages which is meant for testing (PLEASE, take consideration to CAREFULLY READ the CHANGELOG before you upgrade to this version of GLIBC as it's not easy to revert to your old glibc if you are having trouble with this version).

I'm sure Pat will release more packages soon.