Tuesday, April 29, 2008

Slackware 12.1 RC 3

Another RC release towards 12.1 and it's been officially freezed for non-critical updates and save further big changes after -Current gets started again (we don't know yet, but most of the time two or three months after the -Stable has been released, even though it could be longer than that).
Mon Apr 28 23:43:55 CDT 2008
We'll call this Slackware 12.1 RC3, and freeze the tree for anything that isn't critical. Things seem very stable, so it's probably a good idea to save any further upgrades and additions until -current restarts.

a/cups-1.3.7-i486-2.tgz: Applied patch str2790 to fix crash bugs in the PNG image filter. The issues are not believed to be capable of either a DoS (at worst, it simply crashes the filter processing the current job and does not crash the scheduler daemon, which just moves on to the next job in the print queue), nor arbitrary code execution (data from the image is never stored in the affected tile array). Still, it seems to be worth fixing here just in case. The CUPS bug report may be found here:
http://www.cups.org/str.php?L2790

ap/mysql-5.0.51b-i486-1.tgz: Upgraded to mysql-5.0.51b (which appears to be nothing more than a version bump...)

l/imlib-1.9.15-i486-3.tgz: Patched to fix rendering issues on Intel and possibly other graphics chipsets. Thanks to Iain Paton.

l/libmtp-0.2.6.1-i486-1.tgz: Upgraded to libmtp-0.2.6.1. The udev rules are now sed processed during build. Thanks much to Joerg Germeroth. :-)

l/libpng-1.2.27-i486-1.tgz: Upgraded to libpng-1.2.27.
This fixes various bugs, the most important of which have to do with the handling of unknown chunks containing zero-length data. Processing a PNG image that contains these could cause the application using libpng to crash (possibly resulting in a denial of service), could potentially expose the contents of uninitialized memory, or could cause the execution of arbitrary code as the user running libpng (though it would probably be quite difficult to cause the execution of attacker-chosen code). We recommend upgrading the package as soon as possible.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382
ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng-1.2.27-README.txt
(* Security fix *)

x/xf86-input-joystick-1.3.2-i486-1.tgz: Upgraded to xf86-input-joystick-1.3.2.

x/xf86-video-radeonhd-1.2.1-i486-1.tgz: Upgraded to xf86-video-radeonhd-1.2.1.

x/xf86-video-vmware-10.16.1-i486-1.tgz: Upgraded to xf86-video-vmware-10.16.1.

isolinux/initrd.img: Fixed minimum RAM amount in /etc/issue, and made some edits to other documentation within the installer.

usb-and-pxe-installers/: In usbboot.img, fixed minimum RAM amount in /etc/issue, and made some edits to other documentation within the installer.

Sunday, April 27, 2008

Restored MMX Optimization

One small update has been released. This update restored MMX optimization which should fix slow performance during playing Flash format.
Sat Apr 26 16:38:32 CDT 2008
x/pixman-0.10.0-i486-4.tgz: Restored MMX optimizations, which should fix the issues some machines were having with slow Flash playback.
Thanks very much to Zielony for getting me to take a closer look at this. :-)

Saturday, April 26, 2008

Security Fix: kdelibs

One security fix has been released to fix KDE problem that affects KDE 3.5.5 up to KDE 3.5.9. KTorrent is also upgraded to the latest version.
Fri Apr 25 23:09:23 CDT 2008
kde/kdelibs-3.5.9-i486-4.tgz: Patched to fix a security problem.
From the KDE advisory: "If start_kdeinit is installed as setuid root, a local user might be able to send unix signals to other processes, cause a denial of service or even possibly execute arbitrary code."
This issue affects KDE 3.5.5 through KDE 3.5.9.
We recommend upgrading to the new kdelibs package as soon as possible.
For more information, see:
http://www.kde.org/info/security/advisory-20080426-2.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1671
(* Security fix *)

extra/ktorrent/ktorrent-2.2.6-i486-1.tgz: Upgraded to ktorrent-2.2.6.

isolinux/initrd.img: Patched /sbin/probe to look for formatted swap on RAID.

usb-and-pxe-installers/: Patched /sbin/probe in usbboot.img to look for formatted swap on RAID.

Thursday, April 24, 2008

Not Yet...

Few packages still have issues and references to the old 12.0 version, so here comes another updates for -Current.
Wed Apr 23 19:42:28 CDT 2008
Not quite yet, but it's getting closer.
a/aaa_base-12.1.0-noarch-2.tgz: Updated the initial emails.
l/jre-6u6-i586-3.tgz: Adjusted the installation script to fix an issue causing broken symlinks in /. Thanks to Corrado "Conraid" Franco for the report.

n/wireless-tools-29-i486-3.tgz: Increased the sleep time after bringing up an interface to 3 seconds, since some of the new drivers need the additional time to fully initialize. Thanks to bstrik on LQ.

extra/jdk-6/jdk-6u6-i586-3.tgz: Adjusted the installation script to fix an issue causing broken symlinks in /.
Thanks to Corrado "Conraid" Franco for the report.

isolinux/initrd.img: Fixed (hopefully) the last remaining "12.0" version number (this one found in /etc/issue).
Thanks to Franck Barbenoire for spotting it.

usb-and-pxe-installers/: Fixed the "12.0" version number in usbboot.img.

Wednesday, April 23, 2008

Slackware 12.1 Real Soon

While it's not yet officially released right now, but if you look at the -Current tree, it already contained an Announcement and also Release Notes for the next 12.1 release. Meaning that in the next few days, the final Slackware 12.1 will be released, as Pat and the rest of the Slackware team may have to update the website, preparing the mirrors to hold the new ISO, prepare the store for new subscriptions, and many things to be dealt to make sure everything worked as planned.

Slackware 12.1 is a result of nine month of development cycle by Slackware contributors around the world coordinated with Patrick Volkerding as the man in charge of all decisions that goes in and out of Slackware tree.

Continuing from previous Slackware 12.0 release, this release is the best Slackware release ever as it still hold the tradition to be a KISS-based Linux distribution, while keeping the application up-to-date without sacrificing the security of the whole system.

Please welcome to new baby, Slackware 12.1 party

Tuesday, April 22, 2008

Slackware 12.1 RC 2

After few days without updates, PV has announced the next milestone towards Slackware 12.1. It's now on RC 2 states and he hoped that this will be the final RC before the final 12.1 if there's no major problems found during testing cycle.

I personally would like to see newer PHP and libpng updates on the -Current, but they are not ready yet. Let's hope Pat is willing to wait for those updates, as it will be a critical updates.

Anyway, here's the latest -Current changelog which states the RC 2 announcements:
Mon Apr 21 16:47:32 CDT 2008
We have now reached the Slackware 12.1 RC2 milestone. :-) We're beyond updating packages or fixing minor cosmetic bugs at this point (actually, we had hoped to be past that with RC1, but there were still items in need of attention). What we have here now has proven to be stable for our testers,
so unless some real showstoppers are found we'll be releasing this as Slackware 12.1-final soon.
a/glibc-solibs-2.7-i486-10.tgz: Recompiled against Linux 2.6.24.5 headers.

a/glibc-zoneinfo-2.7-noarch-10.tgz: Rebuilt.

a/kernel-generic-2.6.24.5-i486-1.tgz: Upgraded to Linux 2.6.24.5 uniprocessor generic.s (requires initrd) kernel.

a/kernel-generic-smp-2.6.24.5_smp-i686-1.tgz: Upgraded to Linux 2.6.24.5 SMP gensmp.s (requires initrd) kernel.

a/kernel-huge-2.6.24.5-i486-1.tgz: Upgraded to Linux 2.6.24.5 uniprocessor huge.s (full-featured) kernel.

a/kernel-huge-smp-2.6.24.5_smp-i686-1.tgz: Upgraded to Linux 2.6.24.5 SMP hugesmp.s (full-featured) kernel.

a/kernel-modules-2.6.24.5-i486-1.tgz: Upgraded to Linux 2.6.24.5 uniprocessor kernel modules.

a/kernel-modules-smp-2.6.24.5_smp-i686-1.tgz: Upgraded to Linux 2.6.24.5 SMP kernel modules.

a/pkgtools-12.1.0-noarch-7.tgz: Removed obsolete modem setup script (any /dev/modem symlink would be wiped out by udev anyway).

ap/lm_sensors-2.10.6-i486-1.tgz: Upgraded to lm_sensors-2.10.6.

d/kernel-headers-2.6.24.5_smp-x86-1.tgz: Upgraded to Linux 2.6.24.5 SMP kernel headers.

a/mkinitrd-1.3.2-i486-2.tgz: Updated the version numbers in README.initrd and manpage.

k/kernel-source-2.6.24.5_smp-noarch-1.tgz: Upgraded to Linux 2.6.24.5 SMP kernel source package.

l/glibc-2.7-i486-10.tgz: Recompiled against Linux 2.6.24.5 headers.

l/glibc-i18n-2.7-noarch-10.tgz: Rebuilt.

l/glibc-profile-2.7-i486-10.tgz: Recompiled against Linux 2.6.24.5 headers.

l/jre-6u6-i586-2.tgz: Adjusted installation directory to avoid removing files from kdebindings. Thanks to Kris Karas for pointing out this collision.

l/svgalib_helper-1.9.25_2.6.24.5-i486-1.tgz: Recompiled for Linux 2.6.24.5.

n/mcabber-0.9.7-i486-1.tgz: Upgraded to mcabber-0.9.7.

xap/xine-lib-1.1.11.1-i686-3.tgz: Recompiled, with --without-speex (we didn't ship the speex library in Slackware anyway, but for reference this issue would be CVE-2008-1686), and with --disable-nosefart (the recently reported as insecurely demuxed NSF format).
As before in -2, this package fixes the two regressions mentioned in the release notes for xine-lib-1.1.12:
http://sourceforge.net/project/shownotes.php?release_id=592185&group_id=9655
Moving to xine-lib-1.1.12 right now doesn't seem prudent for RC2, as the diff between 1.1.11.1 and 1.1.12 is many thousands of lines long.
(* Security fix *)

extra/brltty/brltty-3.9-i486-1.tgz: Upgraded to brltty-3.9.

extra/jdk-6/jdk-6u6-i586-2.tgz: Adjusted installation directory to avoid removing files from kdebindings. Thanks to Kris Karas.

isolinux/initrd.img: Replaced kernel modules with 2.6.24.5 versions.

kernels/huge.s/*: Upgraded to huge.s 2.6.24.5 kernel.

kernels/hugesmp.s/*: Upgraded to hugesmp.s 2.6.24.5 kernel.

kernels/speakup.s/*: Upgraded to speakup.s 2.6.24.5 kernel.

usb-and-pxe-installers/: Replaced kernel modules with 2.6.24.5 versions.
Thanks to Amritpal Bath for writing a new README_RAID document explaining how to install Slackware using various RAID levels. :-)

Friday, April 18, 2008

Security Fix: Mozilla Firefox

As expected, a new Firefox build has been included in the -Current, since it contains fixes for possible security bug. rc.mysqld is also patched for missing "=" noticed by Mark. Here's the latest -Current (nothing big really)
Thu Apr 17 16:25:55 CDT 2008
ap/mysql-5.0.51a-i486-3.tgz: Edited rc.mysql to fix a missing '=' in the example for mysql_install_db. Thanks to Mark.

xap/mozilla-firefox-2.0.0.14-i686-1.tgz:
Upgraded to firefox-2.0.0.14.
This upgrade fixes a potential security bug.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
(* Security fix *)

Thursday, April 17, 2008

Java Updates

Java packages are now updated to Update 6. One fix on wireless-tools is also included. So far, no more new packages are coming through and it's only testing and bug fixing to make the next Slackware release as stable as possible. Probably the next batch of updates will include Firefox updates, since it has been released today.

Can't wait to see 12.1 gets released big hug

Here's the latest -Current changelog:
Wed Apr 16 16:18:22 CDT 2008
l/jre-6u6-i586-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 6.

n/wireless-tools-29-i486-2.tgz: Make sure that HWADDR in rc.wireless is all uppercase. Thanks to Ken L. and Masanori Kobayasi for reporting the issue.

extra/jdk-6/jdk-6u6-i586-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 6.

Wednesday, April 16, 2008

Speakup Kernel Updated

Only one changes today on -Current, which is a rebuilt of kernel speakup which has been updated from the latest pull from the GIT source.
Wed Apr 16 02:12:25 CDT 2008
kernels/speakup.s/: Rebuilt with the latest 2008-04-16 GIT pull. Hopefully this has a better chance of working now. I saw output (though not text) testing the dummy driver using a null modem.

Tuesday, April 15, 2008

Emacs Update

After for some time left without any updates, finally Emacs gets updated today. The last version in 12.0 was 21.4a. The version included in -Current is 22.4. Along with Emacs updates, a new RadeonHD package is also included. Here's the latest -Current changelog:
Mon Apr 14 22:23:29 CDT 2008
e/emacs-22.2-i486-1.tgz: Upgraded to GNU emacs-22.2.

x/xf86-video-radeonhd-1.2.1-i486-1.tgz: Upgraded to xf86-video-radeonhd-1.2.1.

extra/emacspeak/emacspeak-27.0-i486-1.tgz: Upgraded to emacspeak-27.0.

Monday, April 14, 2008

First Update This Week

Another pile of updates are coming through -Current changelog and it's getting up-to-date with most of the newest application available on mainstream. Meanwhile, the quality on each packages is being maintained by contributors who tested application on -Current.

Here's the latest -Current changelog:
Mon Apr 14 00:39:23 CDT 2008
a/smartmontools-5.38-i486-1.tgz: Upgraded to smartmontools-5.38.

d/git-1.5.5-i486-1.tgz: Upgraded to git-1.5.5.

kde/amarok-1.4.9.1-i486-1.tgz: Upgraded to amarok-1.4.9.1.

n/bind-9.4.2-i486-2.tgz: Patched rc.bind to add a short wait after starting named, so that the startup script doesn't match "named " with a failing startup and too quick a check. Thanks to Luis.
Upgraded to the latest named.root file. Thanks to giovanni.

t/xfig-3.2.4-i486-3.tgz: Patched to fix a wrong XFIGLIBDIR that was causing some minor errors. Thanks to Dario Nicodemi for the patch.

tcl/tclx-8.4-i486-2.tgz: Recompiled. Since some of the Tcl/Tk headers are now considered "private", this needs -I flags to compile (for now).

xap/xscreensaver-5.05-i486-1.tgz: Upgraded to xscreensaver-5.05.

Sunday, April 13, 2008

Delayed Update

Actually, Pat already pushed an update yesterday, but somehow, the updates didn't showed up in the primary mirror (OSUOSL), so i postponed to post an update on this blog in order to wait until the primary mirror is ready to server all slackers that are eager to test the next batch of updates.

So this morning, the mirror is already synchronized and here's the latest -Current changelog:
Sat Apr 12 02:20:06 CDT 2008
ap/ghostscript-8.62-i486-5.tgz: Edited /usr/share/ghostscript/8.62/lib/cidfmap to attempt support for Simplified Chinese (though Traditional Chinese and Korean will still require cidfmap changes and additional fonts).
Thanks to ABE Shin-ichi for providing the cidfmap that the new one is based upon. Any errors in the new cidfmap are most likely my own...

ap/man-1.6f-i486-1.tgz: Upgraded to man-1.6f. Thanks to Robby Workman.

d/cscope-15.6-i486-1.tgz: Upgraded to cscope-15.6.

f/linux-howtos-20080411-noarch-1.tgz: Updated to Linux-HOWTOs-20080411.

l/svgalib_helper-1.9.25_2.6.24.4-i486-2.tgz: Recompiled.

n/iproute2-2.6.16_060323-i486-2.tgz: Fixed hardcoded "/usr/local/lib/iptables" path in two places within the source. Thanks to Marco Berizzi.

n/sendmail-8.14.2-i486-2.tgz: Recompiled. Fixed issues in the install script with properly adding the smmsp user/group. Thanks to Valentin Stoykov.
When using SSL/TLS, disable SSLv2 by default. Fixed the line ordering in sendmail-slackware-tls-sasl.mc. Thanks to Strykar.
Fixed typos at the top of example .mc files. Thanks to Bart Dumon.
Clamp down on security in the defaults some more by requiring authentication when using the TLS/SASL .mc/.cf. Allow SSLv3 in both TLS configurations.
Thanks to Leonardo Roman.

n/sendmail-cf-8.14.2-noarch-2.tgz

x/xf86-video-radeonhd-1.2.0-i486-1.tgz: Upgraded to xf86-video-radeonhd-1.2.0, which adds support for RV620, RV635, and R680 chipsets, and 2D acceleration for R5xx (including RS6xx) chipsets, both XAA and EXA. This driver also enables the use of the second digital output on the RS690 chipset.

usb-and-pxe-installers/etherboot: Updated the populate_tftpboot scripts.
Thanks to Erik Jan Tromp.

Friday, April 11, 2008

Recompile to Static Library

Small changes on the latest batch of updates includes some recompilation of the packages to include static libraries and also small changes to fix some problem appeared in the -Current packages.

Here's the -Current changelog:
Fri Apr 11 00:32:00 CDT 2008
a/cryptsetup-1.0.5-i486-4.tgz: Recompiled against static libgpg-error and got rid of --disable-libcrypt in cryptsetup.static's ./configure to prevent the error "Command failed: Key processing error: No hash backend found" when creating a new cryptographic volume. Thanks to TaQ for the heads-up.

a/ed-0.9-i486-2.tgz: Fixed missing man page. Thanks to Selkfoster.

d/guile-1.8.4-i486-1.tgz: Upgraded to guile-1.8.4.
Thanks to Jean-Francois L. Blavier for the upgrade suggestion.

n/ipw2200-fw-3.0-fw-2.tgz: Add an extra copy of the LICENSE file to the /usr/doc/ipw2200-fw-3.0/ directory in addition to the one with the firmware.
Thanks to Stuart Winter for reporting the package build problem.

n/libgcrypt-1.4.0-i486-2.tgz: Recompiled to include the static library.

n/libgpg-error-1.6-i486-3.tgz: Recompiled to include the static library.

n/mailx-12.3-i486-1.tgz: Upgraded to mailx-12.3.
Thanks again to Jean-Francois L. Blavier.

xap/gnuplot-4.2.3-i486-1.tgz: Upgraded to gnuplot-4.2.3.
Thanks again to Jean-Francois L. Blavier.

isolinux/initrd.img: Replaced /sbin/cryptsetup.static.

usb-and-pxe-installers/: Replaced /sbin/cryptsetup.static.

Thursday, April 10, 2008

Security Fix : Rsync

One security fix has been released by PV along with bunch of updates today on -Current, which is Rsync. The security fix is only valid for -Current since the package affected is not yet released to -Stable. It's not the only updates today, since the kernel itself is now compiled to add the experimental CONFIG_PATA_MARVELL option, since some newer Intel motherboards are already using this chipset. One new package also find it's way to the official Slackware packages today: libaio (Asyncronous I/O Library).

Here's the latest -Current changelog:
Wed Apr 9 23:57:07 CDT 2008
The kernels were recompiled to add the experimental CONFIG_PATA_MARVELL option, since some newer Intel motherboards are already using this chipset. Like everything else, use it at your own risk. It was decided that having some driver that was tested and found to work was better than no support at all.
Thanks to David Somero for reporting the issue.

a/kernel-generic-2.6.24.4-i486-2.tgz: Recompiled Linux 2.6.24.4 uniprocessor generic.s (requires initrd) kernel.

a/kernel-generic-smp-2.6.24.4_smp-i686-2.tgz: Recompiled Linux 2.6.24.4 SMP gensmp.s (requires initrd) kernel.

a/kernel-huge-2.6.24.4-i486-2.tgz: Recompiled Linux 2.6.24.4 uniprocessor huge.s (full-featured) kernel.

a/kernel-huge-smp-2.6.24.4_smp-i686-2.tgz: Recompiled Linux 2.6.24.4 SMP hugesmp.s (full-featured) kernel.

a/kernel-modules-2.6.24.4-i486-2.tgz: Recompiled Linux 2.6.24.4 uniprocessor kernel modules.

a/kernel-modules-smp-2.6.24.4_smp-i686-2.tgz: Recompiled Linux 2.6.24.4 SMP kernel modules.

d/kernel-headers-2.6.24.4_smp-x86-2.tgz: Rebuild Linux 2.6.24.4 SMP kernel headers.

d/pkg-config-0.23-i486-2.tgz: Prevent unwanted output during package install.

d/ruby-1.8.6_p114-i486-1.tgz: Upgraded to ruby-1.8.6-p114.

k/kernel-source-2.6.24.4_smp-noarch-2.tgz: Rebuilt Linux 2.6.24.4 SMP kernel source package.

l/libaio-0.3.106-i486-1.tgz: Added libaio-0.3.106 (asynchronous I/O library).

l/glib2-2.14.6-i486-4.tgz: Renamed /etc/profile.d/glib2.{csh,sh} to /etc/profile.d/libglib2.{csh,sh} so that the lang.{csh,sh} scripts will run first, setting the $LANG variable which these scripts require.
Thanks to Carl Bartels.

n/dhcp-3.0.6-i486-1.tgz: Upgraded to dhcp-3.0.6.

n/lftp-3.7.0-i486-1.tgz: Upgraded to lftp-3.7.0.

n/links-2.1pre33-i486-1.tgz: Upgraded to links-2.1pre33.

n/ncftp-3.2.1-i486-1.tgz: Upgraded to ncftp-3.2.1.

n/rsync-3.0.2-i486-1.tgz: Upgraded to rsync-3.0.2.
From the NEWS file:
"BUG FIXES: - Fixed a potential buffer overflow in the xattr code."
This is the security advisory, as the issue was present in -current only.
(* Security fix *)

n/tcpdump-3.9.8-i486-1.tgz: Upgraded to libpcap-0.9.8 and tcpdump-3.9.8.

x/compiz-0.7.4-i486-1.tgz: Upgraded to compiz-0.7.4.

x/pixman-0.10.0-i486-3.tgz: Fixed build script post-install. Thanks to arny.

x/scim-1.4.7-i486-6.tgz: Fixed locale example typo in profile.d scripts.

x/xf86-input-mouse-1.3.0-i486-1.tgz: Upgraded to xf86-input-mouse-1.3.0 to fix a copy/paste bug when switching between the virtual consoles and X.
Thanks to Daryl Bunce for reporting the problem.

extra/slackpkg/slackpkg-2.70.2-noarch-1.tgz: Upgraded to slackpkg-2.70.2-noarch-1. Thanks to Piter Punk!

isolinux/initrd.img: Replaced kernel modules with recompiled versions.

kernels/huge.s/*: Recompiled huge.s 2.6.24.4 kernel.

kernels/hugesmp.s/*: Recompiled hugesmp.s 2.6.24.4 kernel.

kernels/speakup.s/*: Recompiled speakup.s 2.6.24.4 kernel.
Upgraded speakup to GIT pull of 2008-04-09.
Fixed a blunder on my part where I started with the wrong .config, making installation impossible. Thanks to Stephen C. Greeley for reporting this.

usb-and-pxe-installers/: Replaced kernel modules with recompiled versions.

Wednesday, April 9, 2008

Small Changes Today

Sorry that i kinda busy today, so i forgot to update the notification list about Slackware-Current development. Today, Pat pushed a small updates which fixes three problems occured in fribidi, pixman, and xine-lib. CMake also gets upgraded. Here's the latest -Current changelog:
Tue Apr 8 00:20:39 CDT 2008
d/cmake-2.4.8-i486-1.tgz: Upgraded to cmake-2.4.8.

l/fribidi-0.10.9-i486-2.tgz: Recompiled. "left-to-right" was far too egregious a mistake to leave in the slack-desc. Sorry about that.
Thanks to Russell Whitaker for spotting this error.

x/pixman-0.10.0-i486-2.tgz: Symlink the headers into /usr/include to temporarily accommodate software that isn't yet using pixman.pc to get the -I/usr/include/pixman-1/ include path.

xap/xine-lib-1.1.11.1-i686-2.tgz: Patched to fix playback failure affecting several media formats accidentally broken in the xine-lib-1.1.11.1 release.
Thanks to Diogo Sousa for pointing me to the new release notes on xinehq.de.

Tuesday, April 8, 2008

Security Fix : m4 and bzip2

Two security updates has been released along with another batch of updates in Slackware-Current tree. Nothing major happened on this batch, except for iptables which gets a significant upgrade and also improvement to the installer to support installation from HTTP source with port number, such as: http://somehost:8080.

Here's the latest -Current changelog:

Mon Apr 7 12:25:10 CDT 2008
a/aaa_elflibs-12.1.0-i486-1.tgz: Added libfuse. Updated libbz2 (which still has the shared library name "libbz2.so.1.0.4").

a/bzip2-1.0.5-i486-1.tgz: Upgraded to bzip2-1.0.5.
Previous versions of bzip2 contained a buffer overread error that could cause applications linked to libbz2 to crash, resulting in a denial of service.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1372
(* Security fix *)

a/cryptsetup-1.0.5-i486-3.tgz: Make cryptsetup in /sbin and /usr/sbin both symlinks to /sbin/cryptsetup.static. This prevents "cryptsetup" failure if someone installs only the A package series. Thanks to Piter Punk.

ap/cdrtools-2.01.01a38-i486-1.tgz: Upgraded to cdrtools-2.01.01a38.

ap/dvd+rw-tools-7.1-i486-1.tgz: Upgraded to dvd+rw-tools-7.1.

ap/ghostscript-8.62-i486-4.tgz: Fixed cidfmap for printing with the wqy-zenhei.ttf font. Thanks to ABE Shin-ichi.

d/m4-1.4.11-i486-1.tgz: Upgraded to m4-1.4.11.
In addition to bugfixes and enhancements, this version of m4 also fixes two issues with possible security implications. A minor security fix with the use of "maketemp" and "mkstemp" -- these are now quoted to prevent the (rather unlikely) possibility that an unquoted string could match an existing macro causing operations to be done on the wrong file. Also, a problem with the '-F' option (introduced with version 1.4) could cause a core dump or possibly (with certain file names) the execution of arbitrary code.
For more information on these issues, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1688
(* Security fix *)

n/iptables-1.4.0-i486-1.tgz: Upgraded to iptables-1.4.0. Thanks to giovanni for testing this version and suggesting it as a safe upgrade.
On x86, explicitly set i486 compile flags (though this is the compiler's default anyway). Thanks to kanedaaa.

n/network-scripts-12.1-noarch-1.tgz: Fixed WLAN_IWPRIV[4] example generated by netconfig. Thanks to Eric Hameleers for pointing it out.

n/whois-4.7.26-i486-1.tgz: Upgraded to whois-4.7.26.

xap/xfce-4.4.2-i486-4.tgz: Fixed the build script to apply a couple of bugfix patches correctly. Thanks to Carlos Corbacho for the bug report.
Fixed xfcalendar.desktop (orage) to only show in the Xfce menus.
Thanks to Frank Duignan for prompting me to take a closer look.

isolinux/initrd.img: Patched to fix expert mode FTP/HTTP installation, and to allow installation from HTTP source with port number, such as: http://somehost:8080
Thanks to Dario Nicodemi for the bug report and patches, and to Eric Hameleers for making some adjustments to the HTTP port patch.

usb-and-pxe-installers/: Patched to fix expert mode FTP/HTTP installation, and to allow installation from HTTP source with port number, such as: http://somehost:8080
Thanks to Dario Nicodemi for the bug report and patches, and to Eric Hameleers for making some adjustments to the HTTP port patch.

Saturday, April 5, 2008

Glibc Updates

All of glibc packages has been recompiled to fix the bad symlink that was broken in the previous release. This batch of update also upgrade rsync and also a testing package for bash-3.2 with patch level 029. I have been using Bash 3.2 for some time and i never had problem so far, so i guess it's quite safe.

Here's the latest -Current changelog:
Fri Apr 4 22:08:08 CDT 2008
a/glibc-solibs-2.7-i486-9.tgz: Recompiled.

a/glibc-zoneinfo-2.7-noarch-9.tgz: Rebuilt.

l/glibc-2.7-i486-9.tgz: Recompiled to fix a bad sln symlink (noticed by many, thanks).

l/glibc-i18n-2.7-noarch-9.tgz: Rebuilt.

l/glibc-profile-2.7-i486-9.tgz: Recompiled.

n/rsync-3.0.1-i486-1.tgz: Upgraded to rsync-3.0.1.

testing/packages/bash-3.2.029-i486-1.tgz: Brought up to patchlevel 029.
Last time we tried this as our main shell, it was still causing problems with a lot of the scripts out there, but perhaps it will be tried again in the next development cycle.

SlackBook Translation

Indonesian translations of SlackBook has been listed in the translation site of SlackBook. Please have a look on the site to check the latest Translations of the SlackBook. The translated version is the chunk version (split). The full one page is not yet translated.

Thanks to Ozzie for the notifications on Indonesian Linux Forum

Security Fix : OpenSSH

A new advisories has been released for OpenSSH package which is now upgraded to 5.0. Along with this are update to mercurial and mkinitrd and also inclusion of dbus-python. Here's the latest -Current changelog:
Fri Apr 4 13:47:24 CDT 2008
a/mkinitrd-1.3.2-i486-1.tgz: Patched to fix problems with previous settings getting overwritten with a plain "mkinitrd", and added support for non-US keyboards. Thanks to Eric Hameleers.

d/mercurial-1.0-i486-1.tgz: Upgraded to mercurial-1.0.

l/dbus-python-0.82.4-i486-1.tgz: Added dbus-python-0.82.4, which is needed for the correct operation of hplip. Thanks to Robby Workman.

n/openssh-5.0p1-i486-1.tgz: Upgraded to openssh-5.0p1.
This version fixes a security issue where local users could hijack forwarded X connections. Upgrading to the new package is highly recommended.
For more information on this security issue, please see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483
(* Security fix *)

usb-and-pxe-installers/initrd.img. Removed. Use the initrd.img from isolinux/ as the installer images had become identical. Also see Eric Hameleers' updated README_PXE.TXT.

Thursday, April 3, 2008

Slackware 12.1 RC1

Finally, Slackware 12.1 RC 1 has been officially announced by Patrick Volkerding. He noted that some minor works still to be done, but we are getting closer to final version that leads to Slackware 12.1. Here's the latest batch update that makes the 12.1 RC 1:
Thu Apr 3 01:16:15 CDT 2008
OK, we're going to call this Slackware 12.1-rc1, though there is still some more minor work to do. Please help test! And if we're missing anything major, please let me know at volkerdi@slackware.com. Thanks. :-)

a/aaa_elflibs-12.1.0-i486-1.tgz: Updated the initial "starter" library package to the latest versions in -current.

a/cups-1.3.7-i486-1.tgz: Upgraded to cups-1.3.7.
This version of CUPS fixes some buffer overflows in the GIF image filter and in cgiCompileSearch. Those running CUPS servers should upgrade.
For more information on these security issues, please see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373
(* Security fix *)

a/cxxlibs-6.0.9-i486-1.tgz: Upgraded to libstdc++.so.6.0.9 from gcc-4.2.3.

a/mdadm-2.6.4-i486-1.tgz: Upgraded to mdadm-2.6.4.

a/pciutils-2.2.10-i486-1.tgz: Upgraded to pciutils-2.2.10.

a/sysvinit-2.86-i486-6.tgz: Fixed the /sbin/initscript path to match the man pages. Thanks to Michiel Broek for the patch.

ap/hplip-2.8.4-i486-1.tgz: Upgraded to hplip-2.8.4.

ap/zsh-4.3.6-i486-1.tgz: Upgraded to zsh-4.3.6. Thanks to Haakon Riiser for alerting me to the new release.

d/gdb-6.8-i486-1.tgz: Upgraded to gdb-6.8.

l/hal-0.5.10-i486-2.tgz: Recompiled with --enable-umount-helper, which allows non-root users to umount hotplugged devices from the command line.
Thanks to Robby Workman for the suggestion.

l/hal-info-20080317-noarch-1.tgz: Upgraded to hal-info-20080317.

n/bind-9.4.2-i486-1.tgz: Upgraded to bind-9.4.2.

n/wpa_supplicant-0.5.10-i486-1.tgz: Upgraded to wpa_supplicant-0.5.10.

x/wqy-zenhei-font-ttf-0.5.23-noarch-1.tgz: Upgraded to wqy-zenhei-0.5.23.
Thanks to Eric Hameleers for noticing the new release (only linked from the Chinese version of the development website :-)

x/xf86-video-amd-2.7.7.7-i486-1.tgz: Removed. (see below)

x/xf86-video-geode-2.8.0-i486-1.tgz: Upgraded to xf86-video-geode-2.8.0.
This package has been renamed from xf86-video-amd to avoid confusion with other AMD video products.

x/xf86-video-intel-2.2.1-i486-1.tgz: Reverted to xf86-video-intel-2.2.1. We suspected that might be needed, given the version number and development status of the newer driver we tried, but gave it a try anyway. Probably there will be no more driver updates at this point unless bugs are reported that newer drivers fix.

xap/pidgin-2.4.1-i486-1.tgz: Upgraded to pidgin-2.4.1.

Tuesday, April 1, 2008

Linux Kernel Development Paper

Greg Kroah-Hartman, Jonathan Corbet, and Amanda McPherson have published a paper about Linux Kernel Development. This paper discussed about the kernel development process, starting from the background, development model, release frequency, statistics, and many more. It's an interesting paper for those who would like to see Linux Kernel development process.

Security Fix: xine-lib

Another batch of updates has been released today along with one security fix for xine-lib. This time, a replacement for util-linux is now available along with some modification for mysql (administrator should look on the /etc/rc.d/rc.mysqld for changes that Pat noted).

Here's the latest -Current changelog:
Tue Apr 1 02:41:32 CDT 2008
a/acl-2.2.47_1-i486-1.tgz: Upgraded to acl-2.2.47_1.

a/attr-2.4.41_1-i486-1.tgz: Upgraded to attr-2.4.41_1.

a/etc-12.1-noarch-4.tgz: Give the mysql user a /bin/false "shell".
Thanks to Noel for the suggestion.

a/lilo-22.8-i486-12.tgz: Fixed a bug where liloconfig might not properly determine the root directory where /boot is found.

a/sysvinit-scripts-1.2-noarch-20.tgz: Fixed a bug in rescan-scsi-bus that was exposed by the CONFIG_SCSI_MULTI_LUN kernel option (which _should_ also make rescan-scsi-bus unneccessary). Thanks to Kem Prims for the bug report.
Keep /usr/share/mime's mime.cache file updated.

a/util-linux-2.12r-i486-6.tgz: Removed. See below.

a/util-linux-ng-2.13.1-i486-1.tgz: Added util-linux-ng-2.13.1, which replaces the old util-linux package. To install, either use upgradepkg with the "%" option, or do this: installpkg util-linux-ng-2.13.1-i486-1.tgz ; removepkg util-linux ; installpkg util-linux-ng-2.13.1-i486-1.tgz
Thanks to Robby Workman for a lot of help with this package update.

a/xfsprogs-2.9.7_1-i486-1.tgz: Upgraded to xfsprogs-2.9.7_1.

ap/alsa-utils-1.0.15-i486-3.tgz: Don't load the mixer settings until after the OSS modules have been loaded. Eliminate 'awk' usage in rc.alsa, using sed and tr instead. Thanks to Tomas Matejicek for the patch.

ap/dmapi-2.2.8_1-i486-1.tgz: Upgraded to dmapi-2.2.8_1.

ap/man-pages-2.79-noarch-1.tgz: Upgraded to man-pages-2.79, and retained the POSIX pthread_* man pages this time. Thanks to Rastislav Stanik.

ap/mysql-5.0.51a-i486-2.tgz: Modified /etc/rc.d/rc.mysqld's database installation instructions to take into consideration that the mysql user no longer has a login shell. In addition, the admin is told to consider locking the database server down even further (if possible) by using the mysql_secure_installation utility. Thanks again to Noel.

ap/xfsdump-2.2.48_1-i486-1.tgz: Upgraded to xfsdump-2.2.48_1.

l/libglade-2.6.2-i486-2.tgz: Rebuilt with --libdir=/usr/lib. Without this, libglade-2.0.la incorrectly inserts '/usr/local/lib' in the .la file.
Thanks to Steve Kennedy for the bug report.

l/libgsf-1.14.8-i486-1.tgz: Upgraded to libgsf-1.14.8.

n/net-tools-1.60-i486-2.tgz: Recompiled with latest Debian patch.

n/nfs-utils-1.1.2-i486-1.tgz: Upgraded to nfs-utils-1.1.2.

n/nmap-4.60-i486-3.tgz: Fixed the build script (third time's the charm?) to use DESTDIR and remove the one item (useless, IMHO, within a package system) that still can't get DESTDIR right: uninstall_zenmap.
Thanks to Conraid and Mauro Ghisoni for walking me through this one. :-)

n/openssh-4.9p1-i486-1.tgz: Upgraded to openssh-4.9p1.

n/wget-1.11.1-i486-1.tgz: Upgraded to wget-1.11.1.

x/scim-1.4.7-i486-5.tgz: Fixed scim.desktop to have more information, and to place the SCIM startup utility in the "Utilities" menu rather than having it fall into "Lost & Found". Thanks to Hon Yuen Kwun for the initial patch.

x/xf86-video-intel-2.2.99.902-i486-1.tgz: Upgraded to xf86-video-intel-2.2.99.902.

xap/xine-lib-1.1.11.1-i686-1.tgz: Earlier versions of xine-lib suffer from an integer overflow which may lead to a buffer overflow that could potentially be used to gain unauthorized access to the machine if a malicious media file is played back. File types affected this time include .flv, .mov, .rm, .mve, .mkv, and .cak.
For more information on this security issue, please see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1482
(* Security fix *)

isolinux/initrd.img: Patched to have /etc/fstab mount /dev/shm. Updated XFS utilities.
usb-and-pxe-installers/: Patched to have /etc/fstab mount /dev/shm.
Updated XFS utilities.

New Poll Has Been Rolled Out

Ok, April is here and here's the new questions for the poll for this month : "Which New Features in Next Slackware 12.1 That You Like?" I have listed several options that i compiled from the -Current changelog (it may change in the future as -Current development is still going on, but it's the latest snapshot up to the time i write this post):
  • Updated Toolchain (Glibc 2.7 and GCC 4.2.3)
  • Kernel 2.6.24.x based
  • Updated XOrg 7.3
  • Updated Window Manager (KDE 3.5.9 and XFCE 4.2.2)
  • Splash Screen in LILO
  • Inclusion of New Fonts
  • Inclusion of SCIM Packages
  • Inclusion of Tango Icons
  • Inclusion of Py* Packages
  • Inclusion of Many Wireless Firmware
  • NTFS Read/Write Support (via NTFS-3G, NTFSPROGS, and FUSE)
You may choose more than one option.

Have fun and enjoy the poll peace sign

Poll Results : KDE Wins

OK, March has ended and so does the Poll. Last month's question was "What Is Your Favorite Desktop Manager?" and here's the results:
  • KDE 126 (52%)
  • GNOME 44 (18%)
  • XFCE 25 (10%)
  • IceWM 2 (0%)
  • Blackbox 2 (0%)
  • Fluxbox 27 (11%)
  • Fvm 2 (0%)
  • Windowmaker 7 (2%)
  • Others 7 (2%)
And the winner for last month's Poll is KDE. It was voted by more than 50% of the voters (126 out of 242). I was quite surprised, since in some forums, i noticed that most Slackware users do not use KDE very often. I had some thoughts that not all visitors of this blog uses Slackware, and probably are using other Linux Distribution as well, so it's a global poll rather than specific to Slackware.

Well, it's over now and i'll be posting this month's poll in short time. Just be patient big grin