Thursday, May 29, 2008

Security Fix: Samba

A new security fix has been released by Slackware Security Team. This time, it affects Samba 3.0.0 through 3.0.29. Here's the latest Changelog entry:
Wed May 28 19:48:34 CDT 2008
n/samba-3.0.30-i486-1.tgz:
Upgraded to samba-3.0.30.
This is a security release in order to address CVE-2008-1105 ("Boundary failure when parsing SMB responses can result in a buffer overrun").
For more information on the security issue, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105
(* Security fix *)

Wednesday, May 28, 2008

Security Fix: RDesktop

One security fix and two updated packages get it's way through -Current and also -Stable today. The security fix was released for rdesktop application, while mkinitrd and ktorrent gets a updated version.
Tue May 27 22:12:01 CDT 2008
a/mkinitrd-1.3.2-i486-3.tgz: Initialize RAID earlier so that the combination of RAID+LUKS+LVM works. Thanks to Eric Hameleers.

xap/rdesktop-1.6.0-i486-1.tgz: Upgraded to rdesktop-1.6.0.
According to the rdesktop ChangeLog, this contains a: "* Fix for potential vulnerability against compromised/malicious servers (reported by iDefense)"
This package build also includes the new alsa driver (--with-sound=alsa), though I couldn't get local sound redirection. Perhaps it was just my command line error though, so the driver remains included for testing.
For more information on the security issue, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1801
(* Security fix *)

extra/ktorrent/ktorrent-2.2.7-i486-1.tgz: Upgraded to ktorrent-2.2.7.

Sunday, May 18, 2008

A Little Hack on Pidgin SlackBuild Script

Newer Pidgin has been released. Since Slackware-Current is in idle state (it's not really idle, but the development was not publicized yet), you won't see many updated version unless it's related to security. So if you want to use PV's Slackbuild to build a new Pidgin, you will be surprised to see that it won't work. Why? The reason is already mentioned on the Pidgin 2.4.2's Changelog:
The configure script now dies on more absent dependencies. The --disable-xxx arguments to configure can be used to bypass unneeded dependencies. This will also cause the configure script to die if an --enable-xxx option is used and the dependencies it requires are missing.
If you use default Slackware 12.1 installation, you will not have gtkspell, avahi, NetworkManager, and meanwhile libraries, so this four requirement are not met. In order to make the SlackBuild works again, you will need to add this four lines in the configuration parameters:
--disable-gtkspell \
--disable-meanwhile \
--disable-avahi \
--disable-nm \

After adding this four line, re-run your SlackBuild script and it will work big grin

Friday, May 16, 2008

Slackpkg Updates

Another update comes through -Current tree. Slackpkg is now updated to build -4 to fix a bug where the "x86" ARCH was not recognized in a package name, leading to the kernel-headers package not getting properly upgraded.
Wed May 14 17:22:14 CDT 2008
extra/slackpkg/slackpkg-2.70.4-noarch-1.tgz:
Upgraded to slackpkg 2.70.4-noarch-1. This fixes a bug where the "x86" ARCH was not recognized in a package name, leading to the kernel-headers package not getting properly upgraded. Thanks to Piter Punk! -:)

Sunday, May 11, 2008

Growing Community

It has been ten months since i created id-slackware mailing list using a free service from GoogleGroups. Currently, it has around 200 members from all around Indonesia. They came from different background and we all share about Slackware in our daily activities. Some of the members are using Slackware for servers, but others used it for primary desktop operating system (including me).

I never thought that we would grow this big, but thanks to the members, we are able to gather in one place to discuss about Slackware and give support to those who have just migrated to Slackware (whether it's from Windows or any Linux distribution). We welcome all of you big hug

I would also say thank you PV for his dedication building and maintaining Slackware for more than 10 years up to now. It has evolved from a "scary" Linux distribution (well, it's not that scary, but for most people in Indonesia, they thought so in the early version of Slackware) into a user-friendly Linux distribution, mostly when 12.0 comes out with kernel 2.6.x and also big changes to the desktop, like auto-mount feature, better hardware support, and many other big changes introduced during development process.

With the release of 12.1, it showed that Slackware keeps evolving and it's getting more fans here in Indonesia. I have seen it myself. Some of my students are willing to try to use Slackware instead of other Linux distribution (i never forced them to use Slackware though). May this good community keep growing in the future....

Thursday, May 8, 2008

First Update For 12.1

First updates for Slackware 12.1 (and also for other Slackware releases) are now available through Slackware mirrors. It contains two updated packages, PHP and Mozilla Thunderbird. Here's the latest -Current changelog (it's quite strange, since usually updated packages are only available in -Stable changelog after -Stable has been released):
Wed May 7 16:13:31 CDT 2008
n/php-5.2.6-i486-1.tgz:
Upgraded to PHP 5.2.6.
This version of PHP contains many fixes and enhancements. Some of the fixes are security related, and the PHP release announcement provides this list:
* Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin.
* Fixed integer overflow in printf() identified by Maksymilian Aciemowicz.
* Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh.
* Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz.
* Properly address incomplete multibyte chars inside escapeshellcmd() identified by Stefan Esser.
* Upgraded bundled PCRE to version 7.6
When last checked, CVE-2008-0599 was not yet open. However, additional information should become available at this URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599
The list reproduced above, as well as additional information about other fixes in PHP 5.2.6 may be found in the PHP release announcement here: http://www.php.net/releases/5_2_6.php

xap/mozilla-thunderbird-2.0.0.14-i686-1.tgz:
Upgraded to thunderbird-2.0.0.14.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird
(* Security fix *)

Monday, May 5, 2008

Indonesian Mirror For Slackware 12.1

Good news for Indonesian Slackers!!!

Slackware 12.1 ISOs have arrived in several local mirrors, including Kambing, Slackware-ID, VIP, Indonesian Slackware Linux Community and UGM. I hope other mirrors will mirror this mirror and spread the Slackware ISOs like other ISO as well. Please note that some mirror doesn't provide Source CD (CD 4 - 6) and also DVD ISOs (yet, but i don't know whether they would provide it in the future or not). If you are looking for a DVD ISOs, i suggest that should wait for international mirror which has bigger bandwidth big grin

I also have provided a local mirror on my office computer that serves several popular Linux distribution besides Slackware (this is a MUST). It can help students to get Linux distribution ISOs easily without having to download them directly. I can use my campus bandwidth at night, since i can access my computer remotely from anywhere.

Too bad i couldn't get rsync get through the proxy server, so i couldn't provide SlackBuilds repository (this is very helpful to help Slackware users find their way to install third-party application).

Sunday, May 4, 2008

HTTP/FTP Installation Support

Just in case you haven't noticed yet, Slackware 12.1 has been released and it brings lots of new improvements compared to 12.0 and any other releases. It's still being developed with KISS mindset, meaning that most of the components won't have big changes (like GUI installer and fancy desktop, even though LILO has a new fancy splash screen now), but it focused on the stability, security, and huge control access on your own system.

While most of the big changes are already noted in the Release Notes or in CHANGES_AND_HINTS, there's one addition that it very handy to make Slackware installation easier, which is the new support of HTTP/FTP during installation process. It's documented in the Slackware-Howto in the Slackware mirrors site:
For the network options, you'll need to have a network card that's supported by one of the installer's modules, and preferably a DHCP server running to make the network setup easy. The network install options are to use as your source an NFS server, an FTP server, or an HTTP server (along with an optional port). If you use DHCP to set up, odds are you'll have working name resolution and won't need to enter an IP address to specify the server (but you can if you wish, of course).

The network installation feature is intended primarily to facilitate installing to many machines on a local network. Please don't use it to bog down the Slackware mirror sites.

Thanks to Eric Hameleers for finally bringing FTP/HTTP installation support to the Slackware installer. :-)

So, if you have a bunch of computers to be upgraded/migrated to Slackware and you have a good network connection, this method might be useful to ease your job big grin

Saturday, May 3, 2008

New Poll

Since Slackware 12.1 has been released, it's time for a new poll again and this time, the duration for you to vote has been extended for two months (it will be ended in June, 30). The question is related to release of Slackware 12.1 : Slackware 12.1 Released. What would you do? I have several options for you:
  • Run fresh installation
  • Manually upgrade (using upgradepkg)
  • Automatic upgrade (using tools, such as slackpkg)
  • Wait for public review and testing
  • Running test in other test system
  • Running in virtualization system
  • Stick with the old version for now
  • Stick with the Linux distribution i used currently
  • Migrating to Slackware
I hope the options represents all available options out there. Enjoy the poll and also the new shiny Slackware 12.1 love struck

Slackware 12.1 Released

Finally, the waiting time is over. Slackware 12.1 has been released by Patrick Volkerding with only one changes from the last batch of updates. I would like to thank you to Patrick Volkerding for his dedication this time maintaining Slackware, thus giving us a wonderful Linux distribution.

The official announcement will tell you everything you should know about this version, but it would be nice to see the CHANGES_AND_HINTS which describes changes made from previous 12.0 release. It may also give you hints to solve several problem you *may* encountered while playing with Slackware 12.1 (believe me, you would see the magic of this file, don't matter whether you are doing manual upgrade or fresh installation).

For now, the ISO are only available on Torrents, so if you are interested, please download and seed as long as you can. It will helps many other people to get the ISO as fast as possible. Also, don't forget to support this project by donations or buying the official CD/DVD set from Slackware Store. Your donation will help this project financially.

At last, but least, have fun with Slackware 12.1 and congatulations to Patrick Volkerding party
Thu May 1 13:36:34 CDT 2008
Slackware 12.1 is released as -stable. :-) Again, huge thanks to everybody who pitched in and helped with bug reports, patches, testing, suggestions, other comments, and everything else. Without this valuable input, Slackware would be nowhere near what it is today. Special thanks to the CREW, to the people developing and testing for slackbuilds.org (where many of Slackware's
future additions are first built and tested), and to everyone on linuxquestions.org, various #slackware or ##slackware IRC channels, other Slackware related web sites, and other places where the community shares their needs and concerns with the team. On behalf of everyone here, thanks.
We think you'll enjoy this new release, and hope that you'll find it to be much more than 0.1 better than Slackware 12.0. ;-)
Have fun! -P.

extra/slackpkg/slackpkg-2.70.3-noarch-2.tgz: Updated the version in the slackpkg script from 2.70.2 to 2.70.3.

Thursday, May 1, 2008

Poll Results

Another month has passed, so a poll has ended too. Last month's question is "Which New Features in Next Slackware 12.1 That You Like?" I gave several options for you to vote and here's the results:

Updated Toolchain (Glibc 2.7 and GCC 4.2.3) 47 (40%)
Kernel 2.6.24.x based 55 (47%)
Updated XOrg 7.3 50 (42%)
Updated Window Manager (KDE 3.5.9 and XFCE 4.2.2) 41 (35%)
Splash Screen in LILO 42 (35%)
Inclusion of New Fonts 27 (23%)
Inclusion of SCIM Packages 9 (7%)
Inclusion of Tango Icons 21 (17%)
Inclusion of Py* Packages 22 (18%)
Inclusion of Many Wireless Firmware 38 (32%)
NTFS Read/Write Support (via NTFS-3G, NTFSPROGS, and FUSE) 56 (47%)

We have two winners. People tends to like the inclusion of NTFS Read/Write Support via NTFS-3G, FUSE and NTFSPROGS and also a new kernel based on 2.6.24.x (currently it will be released using 2.6.24.5).

New kernel meaning new features and also more hardware support, so it's likely a great option for those who has just bought new hardware as it will have bigger chance to detect their new shiny hardware big grin

As i expected, the SCIM inclusion is not very popular since most Slackware users are normally using English as their preference. It only got 9 votes from 117 voters.

Slackware 12.1 RC 4

Only two changes here on RC 4, which are kernel patches to fix security issue in fs/dnotify.c and also slackpkg updates from Piter Punk. PV thinks this should be the last one, so we are hoping Slackware 12.1 should be released this month
Wed Apr 30 20:36:48 CDT 2008
12.1 RC4. We think this should be the last one.
a/kernel-generic-2.6.24.5-i486-2.tgz: Patched to fix a security issue in fs/dnotify.c. The use of dnotify (largely replaced by inotify on 2.6.x systems) could lead to a local DoS, or possibly a local root hole. We said we wouldn't make changes now unless something was "critical" -- and it seems we got what we wished for. ;-) This flaw will also be addressed in the kernels for previous releases as soon as possible. The patch itself may be found in source/k/linux-2.6.24.5-CVE-2008-1375-patch/.
For additional information (when the CVE candidate is opened), see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1375
All the kernel packages below should also be considered security fixes.
(* Security fix *)

a/kernel-generic-smp-2.6.24.5_smp-i686-2.tgz: Patched and recompiled.

a/kernel-huge-2.6.24.5-i486-2.tgz: Patched and recompiled.

a/kernel-huge-smp-2.6.24.5_smp-i686-2.tgz: Patched and recompiled.

a/kernel-modules-2.6.24.5-i486-2.tgz: Patched and recompiled.

a/kernel-modules-smp-2.6.24.5_smp-i686-2.tgz: Patched and recompiled.

d/kernel-headers-2.6.24.5_smp-x86-2.tgz: Rebuilt from a patched source tree.

k/kernel-source-2.6.24.5_smp-noarch-2.tgz: Patched (leaving dnotify.c.orig for comparison and/or reverting to patch up to a newer kernel later).

l/svgalib_helper-1.9.25_2.6.24.5-i486-2.tgz: Recompiled.

extra/linux-2.6.24.5-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.

extra/slackpkg/slackpkg-2.70.3-noarch-1.tgz: Upgraded to slackpkg-2.70.3-noarch-1 (release ready). Thanks to Piter Punk! -:)

kernels/huge.s/*: Patched and recompiled.

kernels/hugesmp.s/*: Patched and recompiled.

kernels/speakup.s/*: Patched and recompiled.

isolinux/initrd.img: Rebuilt with newly compiled kernel modules.

usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled kernel modules.