Posts

Showing posts from November, 2008

Security Update: Ruby

Some small updates has been released on -Current, while there's one security update for previous version which is for Ruby. Here's the latest -Current changelog:
Sat Nov 29 14:21:53 CST 2008
a/lilo-22.8-i486-14.tgz: Fixed typo in liloconfig.

a/udev-130-i486-2.tgz: Rebuilt including a new /etc/modprobe.d/uhci-hci to make sure that the ehci-hcd module is always loaded before uhci-hci.

ap/lsscsi-0.21-i486-1.tgz: Upgraded to lsscsi-0.21.
Thanks to Darrell Anderson for pointing me to the new URL.

ap/mc-4.6.1_20070623p14-i486-2.tgz: Patched to fix a bug where moving or copying a file could cause mc to crash. Thanks to David Somero for the patch.

d/ruby-1.8.7_p72-i486-2.tgz: Recompiled with a patch to fix short name constants. Thanks to Marco Bonetti for pointing out the problem.

n/bridge-utils-1.2-i486-2.tgz: Patched to fix a corner case where brctl does not work if the name of the bridge is "bridge".

xap/audacious-plugins-1.5.1-i486-4.tgz: Patched to fix amidi-plug plugin.
Thanks t…

Security Update: Samba

One new Samba package has been released as a security update along with other packages (only in -Current). Even though there's no real proof-of-concept, it's still being included in the latest fix.

Here's the latest -Current changelog:
Fri Nov 28 17:43:24 CST 2008
ap/cdrtools-2.01.01a53-i486-1.tgz: Upgraded to cdrtools-2.01.01a53.

ap/dmidecode-2.10-i486-1.tgz: Upgraded to dmidecode-2.10.

ap/sqlite-3.6.6.2-i486-1.tgz: Upgraded to sqlite-3.6.6.2.

l/libgsf-1.14.10-i486-1.tgz: Upgraded to libgsf-1.14.10.

n/dnsmasq-2.46-i486-1.tgz: Upgraded to dnsmasq-2.46.

n/ntp-4.2.4p5-i486-2.tgz: Edited rc.ntpd to add status support for pm-utils.
Thanks to Robby Workman.

n/samba-3.2.5-i486-1.tgz: Upgraded to samba-3.2.5.
This package fixes an important barrier against rogue clients reading from uninitialized memory (though no proof-of-concept is known to exist).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4314
(* Security fix *)

KDE 4.1.3 Landed

KDE 4.1.3 has landed in -Current for further testing by all -Current followers. It probably won't be used as default window manager in next Slackware release, but it does bring new excitement to all Slackware users. Here's the latest -Current changelog:
Mon Nov 24 17:01:15 CST 2008
testing/packages/kde4/deps/eigen2-r888176-i486-1.tgz: Added eigen2-r888176.

testing/packages/kde4/extragear/amarok-1.98-i486-1.tgz: Upgraded to amarok-1.98.

testing/packages/kde4/extragear/guidance-power-manager-4.1.3-i486-1.tgz: Upgraded to guidance-power-manager-4.1.3.

testing/packages/kde4/extragear/kaudiocreator-r888119-i486-1.tgz: Upgraded to kaudiocreator-r888119.

testing/packages/kde4/extragear/konq-plugins-4.1.3-i486-1.tgz: Added konq-plugins-4.1.3.

testing/packages/kde4/extragear/ktorrent-3.1.5-i486-1.tgz: Upgraded to ktorrent-3.1.5.

testing/packages/kde4/kde/kdeaccessibility-4.1.3-i486-1.tgz: Upgraded to kdeaccessibility-4.1.3.

testing/packages/kde4/kde/kdeadmin-4.1.3-i486-1.tgz: Upgraded to kdeadm…

Small Update: qt

One small update has been released today. Qt-copy has been upgraded using revision 8877099. Here's the changelog:
Sat Nov 22 07:13:29 CST 2008
testing/packages/kde4/deps/qt-r887099-i486-1.tgz: Upgraded to qt-copy-r887099.

Security Update: Mozilla Thunderbird

One security update has been released to the public today and it is Mozilla Thunderbird. Along with this update, the -Current tree goes along with kernel updates as well as few changes on the tree. It now uses 2.6.27.7, the latest -Stable kernel available. Several packages gets an upgrade and it also add one new package: pm-utils. Here's the slack-desc for this package:
The pm -utils package provides simple shell command line tools to suspend and hibernate computers that can be used to run vendor or distribution supplied scripts on suspend and resume.Oh, i forgot to mention that at last, slackpkg has been officially been included in the main tree and no longer in /extra directory. Congratulations for Piter Punk. Here's the latest -Current changelog:
Fri Nov 21 13:51:57 CST 2008
a/aaa_base-12.1.0-noarch-3.tgz: Fixed an extra "../" at the beginning of the /var/X11R6 symlink. Thanks to Herbert Faleiros for pointing out the bug.

a/glibc-solibs-2.7-i486-17.tgz: Recompiled ag…

Security Update: libxml2

One security update has been released along with bunch of updates in x/ directory. While it may not be the latest version of the Xorg packages, it has proven to be the most stable version ever tested by Slackware team. Stability is more important than newer version which is buggy. Here's the latest -Current changelog:
Thu Nov 20 12:15:34 CST 2008
a/acpid-1.0.8-i486-2.tgz: Fixed a bug in the build script so that /etc/acpi/acpi_handler.sh.new is chmoded executable. If you installed the previous package, you should chmod 755 your /etc/acpi/acpi_handler.sh.
Thanks to Stuart Winter for pointing this out.

Wed Nov 19 19:52:15 CST 2008
a/acpid-1.0.8-i486-1.tgz: Upgraded to acpid-1.0.8.
/etc/acpi/acpi_handler.sh will be installed as a .new with future upgrades, but since whatever version already installed on the system owns /etc/acpi/acpi_handler.sh, it will still be overwritten one more time when this update is installed. If you've customized your script, be sure to back it up before upgrad…

Security Updates: Firefox, Seamonkey, and Net-SNMP

Three security packages has been released along with new kernel on the -Current tree. The kernel uses the latest -Stable kernel available from main Kernel site. Some packages were also recompiled to some changes today and few days ago. So here goes the -Current changelog entry:
Sat Nov 15 18:33:27 CST 2008
a/glibc-solibs-2.7-i486-16.tgz: Recompiled against Linux 2.6.27.6.

a/glibc-zoneinfo-2.7-noarch-16.tgz: Rebuilt.

a/kernel-firmware-2.6.27.6-i486-1.tgz: Upgraded to Linux 2.6.27.6 firmware.

a/kernel-generic-2.6.27.6-i486-1.tgz: Upgraded to Linux 2.6.27.6.

a/kernel-generic-smp-2.6.27.6_smp-i686-1.tgz: Upgraded to Linux 2.6.27.6.

a/kernel-huge-2.6.27.6-i486-1.tgz: Upgraded to Linux 2.6.27.6.

a/kernel-huge-smp-2.6.27.6_smp-i686-1.tgz: Upgraded to Linux 2.6.27.6.

a/kernel-modules-2.6.27.6-i486-1.tgz: Upgraded to Linux 2.6.27.6.

a/kernel-modules-smp-2.6.27.6_smp-i686-1.tgz: Upgraded to Linux 2.6.27.6.

d/kernel-headers-2.6.27.6_smp-x86-1.tgz: Upgraded to Linux 2.6.27.6 headers.

k/kernel-source-2.6.27.6…

Reverting Bluez Packages

The new bluez packages which has been released last week is now reverted to the previous version due to lack of userspace modules. Slackware takes the safe way and using the old version until the situation changes in the future.

Meanwhile, some updates has been revealed today, so grab it and test it. Here's the latest -Current changelog:
Thu Nov 13 11:46:26 CST 2008
ap/acct-6.4pre1-i486-1.tgz: Upgraded to acct-6.4pre1 to support the new kernel accounting file format (and the older log formats). Thanks to Jan Rafaj for letting me know this needed an update and where to find it.

ap/madplay-0.15.2b-i486-2.tgz: Recompiled. This fixes a problem (endian issue?) where madplay just outputs noise.
Thanks to Jan Rafaj for the bug report.

kde/kdepim-3.5.10-i486-4.tgz: Recompiled against bluez-libs and pilot-link.

l/pilot-link-0.12.3-i486-6.tgz: Recompiled against bluez-libs-3.36.

n/bluez-hcidump-1.42-i486-2.tgz: Recompiled against bluez-libs-3.36.

n/bluez-libs-3.36-i486-2.tgz: Switched back to the Bl…

Security Update: Gnutls

One security update has been release today along with Pidgin and KTorrent updates. Pidgin was recompiled with the new gnutls (which happened to be the security update package). Here's the latest -Current changelog:
Mon Nov 10 19:19:50 CST 2008
n/gnutls-2.6.1-i486-1.tgz: Upgraded to gnutls-2.6.1.
From the gnutls-2.6.1 NEWS file:
** libgnutls: Fix X.509 certificate chain validation error.
[GNUTLS-SA-2008-3] The flaw makes it possible for man in the middle attackers (i.e., active attackers) to assume any name and trick GNU TLS clients into trusting that name. Thanks for report and analysis from Martin von Gagern . [CVE-2008-4989]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4989
(* Security fix *)

xap/pidgin-2.5.2-i486-2.tgz: Recompiled against gnutls-2.6.1.

extra/ktorrent/ktorrent-2.2.8-i486-1.tgz: Upgraded to ktorrent-2.2.8. \รถ/
Thanks to Erik Jan Tromp for pointing this out, and the great use of umlaut.

Slackware in LiveCD

Image
Ok, time to vote for another poll. This time, the poll time frame is quite big and it will end at the end of this year (31 Dec 2008). The question is "What Do You Think About LiveCD Version of Slackware?"

I'm curious about people's interest about bringing Slackware into LiveCD edition. This is MY OWN idea, not Patrick's, so don't mind asking him to do so . It might inspired him to do so in the future though (even though i can't guarantee that).

So go for it and give your votes....

Poll Result

I totally forgot that the poll has been closed by the end of last month, so i should post the results. Well, sorry for that and here are the results for last month's poll:
I like XMMS 32 (36%)
I prefer Audacious 5 (5%)
I prefer Amarok 36 (41%)
I have other multimedia player 7 (8%)
I don't play music on my computer 2 (2%)
XMMS Sucks 5 (5%)

Well, most people that uses Slackware are already being migrating to AmaroK, the multimedia player for KDE (even though it could be installed without having all the KDE packages being installed. Only kdelibs and kdebase needed i guess). One interesting notes is that there are two people who voted that they don't play music on his/her computer. I can't imagine a computer who isn't being used to listen up music (unless it's a server of course).

From the poll we can also conclude that many people still like XMMS as their multimedia player, so the returning XMMS on -Current is a good news for them.

Stay tuned with another poll in shor…

All New Packages

Along with the CUPS security alert, PV has released HUGE changes to the Slackware-Current tree with new kernels and LOTS of upgraded packages (and also recompilation due to new kernel or new packages). This is the first update after being vacuum for almost a month. There were several new packages, which should simplify the package management because it replaces two packages and make it one (bluez package) and modularity achievement (kernel-firmware). New driver for Intel 5000 WLAN devices also has been incorporated by this batch of updates, so the hardware detection on next Slackware release will be definitely better.

OK, here they are, the -Current changelog
Fri Nov 7 22:37:26 CST 2008
a/cups-1.3.9-i486-1.tgz: Upgraded to cups-1.3.9.
This update fixes three vulnerabilities in the SGI image format filter, the texttops filter, and the HP-GL and HP-GL/2 plotter format filter. All three of these could result in a denial of service, and the plotter filter issue could possibly be used to execu…