Sunday, November 30, 2008

Security Update: Ruby

Some small updates has been released on -Current, while there's one security update for previous version which is for Ruby. Here's the latest -Current changelog:
Sat Nov 29 14:21:53 CST 2008
a/lilo-22.8-i486-14.tgz: Fixed typo in liloconfig.

a/udev-130-i486-2.tgz: Rebuilt including a new /etc/modprobe.d/uhci-hci to make sure that the ehci-hcd module is always loaded before uhci-hci.

ap/lsscsi-0.21-i486-1.tgz: Upgraded to lsscsi-0.21.
Thanks to Darrell Anderson for pointing me to the new URL.

ap/mc-4.6.1_20070623p14-i486-2.tgz: Patched to fix a bug where moving or copying a file could cause mc to crash. Thanks to David Somero for the patch.

d/ruby-1.8.7_p72-i486-2.tgz: Recompiled with a patch to fix short name constants. Thanks to Marco Bonetti for pointing out the problem.

n/bridge-utils-1.2-i486-2.tgz: Patched to fix a corner case where brctl does not work if the name of the bridge is "bridge".

xap/audacious-plugins-1.5.1-i486-4.tgz: Patched to fix amidi-plug plugin.
Thanks to Giacomo Lozito.

Saturday, November 29, 2008

Security Update: Samba

One new Samba package has been released as a security update along with other packages (only in -Current). Even though there's no real proof-of-concept, it's still being included in the latest fix.

Here's the latest -Current changelog:
Fri Nov 28 17:43:24 CST 2008
ap/cdrtools-2.01.01a53-i486-1.tgz: Upgraded to cdrtools-2.01.01a53.

ap/dmidecode-2.10-i486-1.tgz: Upgraded to dmidecode-2.10.

ap/sqlite-3.6.6.2-i486-1.tgz: Upgraded to sqlite-3.6.6.2.

l/libgsf-1.14.10-i486-1.tgz: Upgraded to libgsf-1.14.10.

n/dnsmasq-2.46-i486-1.tgz: Upgraded to dnsmasq-2.46.

n/ntp-4.2.4p5-i486-2.tgz: Edited rc.ntpd to add status support for pm-utils.
Thanks to Robby Workman.

n/samba-3.2.5-i486-1.tgz: Upgraded to samba-3.2.5.
This package fixes an important barrier against rogue clients reading from uninitialized memory (though no proof-of-concept is known to exist).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4314
(* Security fix *)

Tuesday, November 25, 2008

KDE 4.1.3 Landed

KDE 4.1.3 has landed in -Current for further testing by all -Current followers. It probably won't be used as default window manager in next Slackware release, but it does bring new excitement to all Slackware users. Here's the latest -Current changelog:
Mon Nov 24 17:01:15 CST 2008
testing/packages/kde4/deps/eigen2-r888176-i486-1.tgz: Added eigen2-r888176.

testing/packages/kde4/extragear/amarok-1.98-i486-1.tgz: Upgraded to amarok-1.98.

testing/packages/kde4/extragear/guidance-power-manager-4.1.3-i486-1.tgz: Upgraded to guidance-power-manager-4.1.3.

testing/packages/kde4/extragear/kaudiocreator-r888119-i486-1.tgz: Upgraded to kaudiocreator-r888119.

testing/packages/kde4/extragear/konq-plugins-4.1.3-i486-1.tgz: Added konq-plugins-4.1.3.

testing/packages/kde4/extragear/ktorrent-3.1.5-i486-1.tgz: Upgraded to ktorrent-3.1.5.

testing/packages/kde4/kde/kdeaccessibility-4.1.3-i486-1.tgz: Upgraded to kdeaccessibility-4.1.3.

testing/packages/kde4/kde/kdeadmin-4.1.3-i486-1.tgz: Upgraded to kdeadmin-4.1.3.

testing/packages/kde4/kde/kdeartwork-4.1.3-i486-1.tgz: Upgraded to kdeartwork-4.1.3.

testing/packages/kde4/kde/kdebase-4.1.3-i486-1.tgz: Upgraded to kdebase-4.1.3.

testing/packages/kde4/kde/kdebase-runtime-4.1.3-i486-1.tgz: Upgraded to kdebase-runtime-4.1.3.

testing/packages/kde4/kde/kdebase-workspace-4.1.3-i486-1.tgz: Upgraded to kdebase-workspace-4.1.3.

testing/packages/kde4/kde/kdebindings-4.1.3-i486-1.tgz: Upgraded to kdebindings-4.1.3.

testing/packages/kde4/kde/kdeedu-4.1.3-i486-1.tgz: Upgraded to kdeedu-4.1.3.

testing/packages/kde4/kde/kdegames-4.1.3-i486-1.tgz: Upgraded to kdegames-4.1.3.

testing/packages/kde4/kde/kdegraphics-4.1.3-i486-1.tgz: Upgraded to kdegraphics-4.1.3.

testing/packages/kde4/kde/kdelibs-4.1.3-i486-1.tgz: Upgraded to kdelibs-4.1.3.

testing/packages/kde4/kde/kdemultimedia-4.1.3-i486-1.tgz: Upgraded to kdemultimedia-4.1.3.

testing/packages/kde4/kde/kdenetwork-4.1.3-i486-1.tgz: Upgraded to kdenetwork-4.1.3.

testing/packages/kde4/kde/kdepim-4.1.3-i486-1.tgz: Upgraded to kdepim-4.1.3.

testing/packages/kde4/kde/kdepimlibs-4.1.3-i486-1.tgz: Upgraded to kdepimlibs-4.1.3.

testing/packages/kde4/kde/kdeplasma-addons-4.1.3-i486-1.tgz: Upgraded to kdeplasma-addons-4.1.3.

testing/packages/kde4/kde/kdesdk-4.1.3-i486-1.tgz: Upgraded to kdesdk-4.1.3.

testing/packages/kde4/kde/kdetoys-4.1.3-i486-1.tgz: Upgraded to kdetoys-4.1.3.

testing/packages/kde4/kde/kdeutils-4.1.3-i486-1.tgz: Upgraded to kdeutils-4.1.3.

testing/packages/kde4/kde/kdewebdev-4.1.3-i486-1.tgz: Upgraded to kdewebdev-4.1.3.

testing/packages/kde4/kde/koffice-1.9.98.2-i486-1.tgz: Upgraded to koffice-1.9.98.2.

testing/packages/kde4/kde-l10n/kde-l10n-*.tgz: Upgraded to kde-l10n-*-4.1.3.

testing/packages/kde4/kde-l10n/koffice-l10n-*.tgz: Added koffice-l10n-*-1.9.98.2.

Sunday, November 23, 2008

Small Update: qt

One small update has been released today. Qt-copy has been upgraded using revision 8877099. Here's the changelog:
Sat Nov 22 07:13:29 CST 2008
testing/packages/kde4/deps/qt-r887099-i486-1.tgz: Upgraded to qt-copy-r887099.

Saturday, November 22, 2008

Security Update: Mozilla Thunderbird

One security update has been released to the public today and it is Mozilla Thunderbird. Along with this update, the -Current tree goes along with kernel updates as well as few changes on the tree. It now uses 2.6.27.7, the latest -Stable kernel available. Several packages gets an upgrade and it also add one new package: pm-utils. Here's the slack-desc for this package:
The pm -utils package provides simple shell command line tools to suspend and hibernate computers that can be used to run vendor or distribution supplied scripts on suspend and resume.
Oh, i forgot to mention that at last, slackpkg has been officially been included in the main tree and no longer in /extra directory. Congratulations for Piter Punk. Here's the latest -Current changelog:
Fri Nov 21 13:51:57 CST 2008
a/aaa_base-12.1.0-noarch-3.tgz: Fixed an extra "../" at the beginning of the /var/X11R6 symlink. Thanks to Herbert Faleiros for pointing out the bug.

a/glibc-solibs-2.7-i486-17.tgz: Recompiled against Linux 2.6.27.7.


a/glibc-zoneinfo-2.7-noarch-17.tgz: Rebuilt.

a/kernel-firmware-2.6.27.7-i486-1.tgz: Upgraded to Linux 2.6.27.7 firmware.

a/kernel-generic-2.6.27.7-i486-1.tgz: Upgraded to Linux 2.6.27.7.

a/kernel-generic-smp-2.6.27.7_smp-i686-1.tgz: Upgraded to Linux 2.6.27.7.

a/kernel-huge-2.6.27.7-i486-1.tgz: Upgraded to Linux 2.6.27.7.

a/kernel-huge-smp-2.6.27.7_smp-i686-1.tgz: Upgraded to Linux 2.6.27.7.

a/kernel-modules-2.6.27.7-i486-1.tgz: Upgraded to Linux 2.6.27.7.

a/kernel-modules-smp-2.6.27.7_smp-i686-1.tgz: Upgraded to Linux 2.6.27.7.

ap/hplip-2.8.10-i486-1.tgz: Upgraded to hplip-2.8.10.

ap/pm-utils-1.2.2.1-i486-1.tgz: Added pm-utils-1.2.2.1.

ap/slackpkg-2.70.4-noarch-1.tgz: Added slackpkg-2.70.4. Moving this into the main tree was long overdue. Thanks to Piter Punk! :-)

ap/texinfo-4.13a-i486-2.tgz: Patched the install script to replace /usr/info/dir if the topmost node is missing.

d/kernel-headers-2.6.27.7_smp-x86-1.tgz: Upgraded to Linux 2.6.27.7 headers.

e/emacs-22.3-i486-2.tgz: Rebuilt with compressed info pages and using the emacs PNG icon from the sources. Thanks to Edward Trumbo for the patch.

k/kernel-source-2.6.27.7_smp-noarch-1.tgz: Upgraded to Linux 2.6.27.7.

l/glibc-2.7-i486-17.tgz: Recompiled against Linux 2.6.27.7.

l/glibc-i18n-2.7-noarch-17.tgz: Rebuilt.

l/glibc-profile-2.7-i486-17.tgz: Recompiled against Linux 2.6.27.7.

l/svgalib_helper-1.9.25_2.6.27.7-i486-1.tgz: Recompiled for Linux 2.6.27.7.

n/alpine-2.00-i486-1.tgz: Upgraded to alpine-2.00.

n/imapd-2.00-i486-1.tgz: Upgraded to imapd from alpine-2.00.

n/curl-7.19.2-i486-1.tgz: Upgraded to curl-7.19.2.

n/ntp-4.2.4p5-i486-1.tgz: Upgraded to ntp-4.2.4p5.

n/sendmail-8.14.3-i486-1.tgz: Upgraded to sendmail-8.14.3.

n/sendmail-cf-8.14.3-noarch-1.tgz: Upgraded to sendmail-8.14.3 config files.

x/scim-1.4.7-i486-7.tgz: Recompiled.

x/scim-bridge-0.4.14-i486-3.tgz: Recompiled.

xap/mozilla-thunderbird-2.0.0.18-i686-1.tgz: Upgraded to thunderbird-2.0.0.18.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html
(* Security fix *)

extra/linux-2.6.27.7-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.

isolinux/initrd.img: Rebuilt with newly compiled kernel modules.

usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled kernel modules.

Friday, November 21, 2008

Security Update: libxml2

One security update has been released along with bunch of updates in x/ directory. While it may not be the latest version of the Xorg packages, it has proven to be the most stable version ever tested by Slackware team. Stability is more important than newer version which is buggy. Here's the latest -Current changelog:
Thu Nov 20 12:15:34 CST 2008
a/acpid-1.0.8-i486-2.tgz: Fixed a bug in the build script so that /etc/acpi/acpi_handler.sh.new is chmoded executable. If you installed the previous package, you should chmod 755 your /etc/acpi/acpi_handler.sh.
Thanks to Stuart Winter for pointing this out.

Wed Nov 19 19:52:15 CST 2008
a/acpid-1.0.8-i486-1.tgz: Upgraded to acpid-1.0.8.
/etc/acpi/acpi_handler.sh will be installed as a .new with future upgrades, but since whatever version already installed on the system owns /etc/acpi/acpi_handler.sh, it will still be overwritten one more time when this update is installed. If you've customized your script, be sure to back it up before upgrading.

a/mkinitrd-1.3.2-i486-4.tgz: Fixed a bug where unless -F was the first option given, other command line options would not override the contents of /etc/mkinitrd.conf as documented in the man page.
Thanks to David Somero for the patch.

l/libxml2-2.6.32-i486-2.tgz: Patched and recompiled.
This fixes vulnerabilities including denial of service, or possibly the execution of arbitrary code as the user running a libxml2 linked application if untrusted XML content is parsed.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226
(* Security fix *)

x/compiz-0.7.8-i486-1.tgz: Upgraded to compiz-0.7.8.

x/dejavu-fonts-ttf-2.27-noarch-1.tgz: Upgraded to dejavu-fonts-ttf-2.27.

x/xf86-input-acecad-1.2.2-i486-1.tgz: Added xf86-input-acecad-1.2.2.

x/xf86-input-calcomp-1.1.2-i486-1.tgz: Upgraded to xf86-input-calcomp-1.1.2-i486-1.tgz.

x/xf86-input-digitaledge-1.1.1-i486-1.tgz: Upgraded to xf86-input-digitaledge-1.1.1.

x/xf86-input-dmc-1.1.2-i486-1.tgz: Added xf86-input-dmc-1.1.2.

x/xf86-input-dynapro-1.1.2-i486-1.tgz: Upgraded to xf86-input-dynapro-1.1.2.

x/xf86-input-elo2300-1.1.2-i486-1.tgz: Upgraded to xf86-input-elo2300-1.1.2.

x/xf86-input-elographics-1.2.3-i486-1.tgz: Upgraded to xf86-input-elographics-1.2.3.

x/xf86-input-evdev-2.0.8-i486-1.tgz: Upgraded to xf86-input-evdev-2.0.8.

x/xf86-input-fpit-1.2.0-i486-1.tgz: Upgraded to xf86-input-fpit-1.2.0.

x/xf86-input-hyperpen-1.2.0-i486-1.tgz: Upgraded to xf86-input-hyperpen-1.2.0.

x/xf86-input-jamstudio-1.2.0-i486-1.tgz: Upgraded to xf86-input-jamstudio-1.2.0.

x/xf86-input-joystick-1.3.3-i486-1.tgz: Upgraded to xf86-input-joystick-1.3.3.

x/xf86-input-keyboard-1.3.1-i486-1.tgz: Upgraded to xf86-input-keyboard-1.3.1.

x/xf86-input-magellan-1.2.0-i486-1.tgz: Upgraded to xf86-input-magellan-1.2.0.

x/xf86-input-microtouch-1.2.0-i486-1.tgz: Upgraded to xf86-input-microtouch-1.2.0.

x/xf86-input-mutouch-1.2.1-i486-1.tgz: Upgraded to xf86-input-mutouch-1.2.1.

x/xf86-input-palmax-1.2.0-i486-1.tgz: Upgraded to xf86-input-palmax-1.2.0.

x/xf86-input-penmount-1.3.0-i486-1.tgz: Upgraded to xf86-input-penmount-1.3.0.

x/xf86-input-summa-1.2.0-i486-1.tgz: Upgraded to xf86-input-summa-1.2.0.

x/xf86-input-synaptics-0.15.2-i486-1.tgz: Added xf86-input-synaptics-0.15.2.

x/xf86-input-tek4957-1.2.0-i486-1.tgz: Upgraded to xf86-input-tek4957-1.2.0.

x/xf86-input-vmmouse-12.5.2-i486-1.tgz: Upgraded to xf86-input-vmmouse-12.5.2.

x/xf86-input-void-1.1.1-i486-1.tgz: Added xf86-input-void-1.1.1.

x/xf86-video-cirrus-1.2.1-i486-1.tgz: Upgraded to xf86-video-cirrus-1.2.1.

x/xf86-video-glint-1.2.1-i486-1.tgz: Upgraded to xf86-video-glint-1.2.1.

x/xf86-video-i128-1.3.1-i486-1.tgz: Upgraded to xf86-video-i128-1.3.1.

x/xf86-video-intel-2.4.3-i486-1.tgz: Upgraded to xf86-video-intel-2.4.3.

x/xf86-video-mga-1.4.9-i486-1.tgz: Upgraded to xf86-video-mga-1.4.9.

x/xf86-video-neomagic-1.2.1-i486-1.tgz: Upgraded to xf86-video-neomagic-1.2.1.

x/xf86-video-nv-2.1.12-i486-1.tgz: Upgraded to xf86-video-nv-2.1.12.

x/xf86-video-openchrome-0.2.903-i486-1.tgz: Added xf86-video-openchrome-0.2.903.

x/xf86-video-radeonhd-1.2.3-i486-1.tgz: Upgraded to xf86-video-radeonhd-1.2.3.

x/xf86-video-s3virge-1.10.1-i486-1.tgz: Upgraded to xf86-video-s3virge-1.10.1.

x/xf86-video-savage-2.2.1-i486-1.tgz: Upgraded to xf86-video-savage-2.2.1.

x/xf86-video-vmware-10.16.5-i486-1.tgz: Upgraded to xf86-video-vmware-10.16.5.

x/xkeyboard-config-1.4-noarch-1.tgz: Upgraded to xkeyboard-config-1.4.
NOTE: These are some of the more important updates for X.Org. For the last several days we have been building and testing the very newest X updates, and it seems that the more intrusive updates are probably best left to develop until sometime after the coming -stable Slackware 12.2 release. Those will require a lot of testing and some things don't seem to be quite there yet.
"X -configure" is hanging the console, DRI is not yet working on all the hardware tested, and the new xorg-server will render most existing xorg.conf files non-functional until several changes are made.

extra/slacktrack/slacktrack-2.01-noarch-1.tgz: Upgraded to slacktrack-2.01.
Thanks to Stuart Winter.

Sunday, November 16, 2008

Security Updates: Firefox, Seamonkey, and Net-SNMP

Three security packages has been released along with new kernel on the -Current tree. The kernel uses the latest -Stable kernel available from main Kernel site. Some packages were also recompiled to some changes today and few days ago. So here goes the -Current changelog entry:
Sat Nov 15 18:33:27 CST 2008
a/glibc-solibs-2.7-i486-16.tgz: Recompiled against Linux 2.6.27.6.

a/glibc-zoneinfo-2.7-noarch-16.tgz: Rebuilt.

a/kernel-firmware-2.6.27.6-i486-1.tgz: Upgraded to Linux 2.6.27.6 firmware.

a/kernel-generic-2.6.27.6-i486-1.tgz: Upgraded to Linux 2.6.27.6.

a/kernel-generic-smp-2.6.27.6_smp-i686-1.tgz: Upgraded to Linux 2.6.27.6.

a/kernel-huge-2.6.27.6-i486-1.tgz: Upgraded to Linux 2.6.27.6.

a/kernel-huge-smp-2.6.27.6_smp-i686-1.tgz: Upgraded to Linux 2.6.27.6.

a/kernel-modules-2.6.27.6-i486-1.tgz: Upgraded to Linux 2.6.27.6.

a/kernel-modules-smp-2.6.27.6_smp-i686-1.tgz: Upgraded to Linux 2.6.27.6.

d/kernel-headers-2.6.27.6_smp-x86-1.tgz: Upgraded to Linux 2.6.27.6 headers.

k/kernel-source-2.6.27.6_smp-noarch-1.tgz: Upgraded to Linux 2.6.27.6.

l/glibc-2.7-i486-16.tgz: Recompiled against Linux 2.6.27.6.

l/glibc-i18n-2.7-noarch-16.tgz: Rebuilt.

l/glibc-profile-2.7-i486-16.tgz: Recompiled against Linux 2.6.27.6.

l/svgalib_helper-1.9.25_2.6.27.6-i486-1.tgz: Recompiled for Linux 2.6.27.6.

n/gnutls-2.6.2-i486-1.tgz: Upgraded to gnutls-2.6.2. The security fix in gnutls-2.6.1 had a flaw in cases where the certificate chain contained only one self-signed certificate. This update fixes the issue.

n/net-snmp-5.4.2.1-i486-1.tgz: Upgraded to net-snmp-5.4.2.1.
This fixes a problem where a user with read access could cause snmpd to crash, resulting in a denial of service.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309
(* Security fix *)

n/proftpd-1.3.1-i486-3.tgz: Recompiled. This seems to be picky about having an exact version of OpenSSL. Thanks to Adam Kennedy for the bug report.

xap/mozilla-firefox-3.0.4-i686-1.tgz:
Upgraded to firefox-3.0.4.
This fixes some security issues:
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox30.html
(* Security fix *)

xap/seamonkey-1.1.13-i486-1.tgz:
Upgraded to seamonkey-1.1.13.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
(* Security fix *)

extra/linux-2.6.27.6-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.

isolinux/initrd.img: Rebuilt with newly compiled kernel modules.

usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled kernel modules.

Friday, November 14, 2008

Reverting Bluez Packages

The new bluez packages which has been released last week is now reverted to the previous version due to lack of userspace modules. Slackware takes the safe way and using the old version until the situation changes in the future.

Meanwhile, some updates has been revealed today, so grab it and test it. Here's the latest -Current changelog:
Thu Nov 13 11:46:26 CST 2008
ap/acct-6.4pre1-i486-1.tgz: Upgraded to acct-6.4pre1 to support the new kernel accounting file format (and the older log formats). Thanks to Jan Rafaj for letting me know this needed an update and where to find it.

ap/madplay-0.15.2b-i486-2.tgz: Recompiled. This fixes a problem (endian issue?) where madplay just outputs noise.
Thanks to Jan Rafaj for the bug report.

kde/kdepim-3.5.10-i486-4.tgz: Recompiled against bluez-libs and pilot-link.

l/pilot-link-0.12.3-i486-6.tgz: Recompiled against bluez-libs-3.36.

n/bluez-hcidump-1.42-i486-2.tgz: Recompiled against bluez-libs-3.36.

n/bluez-libs-3.36-i486-2.tgz: Switched back to the BlueZ 3.x series. As the website says, "without support from the userspace these modules are useless." Well, it seems as if the userspace support for BlueZ 3.x is still much better than the support for 4.x, so we'll move back to these packages (recompiled) until the situation changes. Thanks to Tom Nardi for the detailed report concerning the usability of BlueZ 3.x versus BlueZ 4.x.

n/bluez-utils-3.36-i486-4.tgz: Switched back to bluez-utils-3.36, with the udev rules moved into /lib/udev/rules.d/.

n/obexftp-0.22-i486-3.tgz: Recompiled against openobex-1.3.

n/openobex-1.3-i486-3.tgz: Recompiled against bluez-libs-3.36.

n/slrn-0.9.9p1-i486-2.tgz: Fixed slack-desc to properly note that the original author, John E. Davis, is now maintaining slrn again.
Thanks to Andrew Strong for pointing out this error.

Tuesday, November 11, 2008

Security Update: Gnutls

One security update has been release today along with Pidgin and KTorrent updates. Pidgin was recompiled with the new gnutls (which happened to be the security update package). Here's the latest -Current changelog:
Mon Nov 10 19:19:50 CST 2008
n/gnutls-2.6.1-i486-1.tgz: Upgraded to gnutls-2.6.1.
From the gnutls-2.6.1 NEWS file:
** libgnutls: Fix X.509 certificate chain validation error.
[GNUTLS-SA-2008-3] The flaw makes it possible for man in the middle attackers (i.e., active attackers) to assume any name and trick GNU TLS clients into trusting that name. Thanks for report and analysis from Martin von Gagern . [CVE-2008-4989]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4989
(* Security fix *)

xap/pidgin-2.5.2-i486-2.tgz: Recompiled against gnutls-2.6.1.

extra/ktorrent/ktorrent-2.2.8-i486-1.tgz: Upgraded to ktorrent-2.2.8. \รถ/
Thanks to Erik Jan Tromp for pointing this out, and the great use of umlaut.

Sunday, November 9, 2008

Slackware in LiveCD

Ok, time to vote for another poll. This time, the poll time frame is quite big and it will end at the end of this year (31 Dec 2008). The question is "What Do You Think About LiveCD Version of Slackware?"

I'm curious about people's interest about bringing Slackware into LiveCD edition. This is MY OWN idea, not Patrick's, so don't mind asking him to do so big grin. It might inspired him to do so in the future though (even though i can't guarantee that).

So go for it and give your votes....

Poll Result

I totally forgot that the poll has been closed by the end of last month, so i should post the results. Well, sorry for that and here are the results for last month's poll:
I like XMMS 32 (36%)
I prefer Audacious 5 (5%)
I prefer Amarok 36 (41%)
I have other multimedia player 7 (8%)
I don't play music on my computer 2 (2%)
XMMS Sucks 5 (5%)

Well, most people that uses Slackware are already being migrating to AmaroK, the multimedia player for KDE (even though it could be installed without having all the KDE packages being installed. Only kdelibs and kdebase needed i guess). One interesting notes is that there are two people who voted that they don't play music on his/her computer. I can't imagine a computer who isn't being used to listen up music (unless it's a server of course).

From the poll we can also conclude that many people still like XMMS as their multimedia player, so the returning XMMS on -Current is a good news for them.

Stay tuned with another poll in short time

All New Packages

Along with the CUPS security alert, PV has released HUGE changes to the Slackware-Current tree with new kernels and LOTS of upgraded packages (and also recompilation due to new kernel or new packages). This is the first update after being vacuum for almost a month. There were several new packages, which should simplify the package management because it replaces two packages and make it one (bluez package) and modularity achievement (kernel-firmware). New driver for Intel 5000 WLAN devices also has been incorporated by this batch of updates, so the hardware detection on next Slackware release will be definitely better.

OK, here they are, the -Current changelog
Fri Nov 7 22:37:26 CST 2008
a/cups-1.3.9-i486-1.tgz: Upgraded to cups-1.3.9.
This update fixes three vulnerabilities in the SGI image format filter, the texttops filter, and the HP-GL and HP-GL/2 plotter format filter. All three of these could result in a denial of service, and the plotter filter issue could possibly be used to execute code as the print spooler user.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641
(* Security fix *)

a/e2fsprogs-1.41.3-i486-1.tgz: Upgraded to e2fsprogs-1.41.3.

a/glibc-solibs-2.7-i486-15.tgz: Recompiled against Linux 2.6.27.5.

a/glibc-zoneinfo-2.7-noarch-15.tgz: Rebuilt with tzdata2008i.

a/kernel-firmware-2.6.27.5-i486-1.tgz: Added Linux 2.6.27.5 firmware (mostly for sound cards).

a/kernel-generic-2.6.27.5-i486-1.tgz: Upgraded to Linux 2.6.27.5.
Note that some drives that were previously seen as /dev/hd? might now show up as /dev/sd?, so be prepared for that possibility. This should only happen on machines that could have used libata with hd?=noprobe, but did not. The CONFIG_PATA_LEGACY (libata, /dev/sd?) is the default now for PATA controllers that require a generic driver.

a/kernel-generic-smp-2.6.27.5_smp-i686-1.tgz: Upgraded to Linux 2.6.27.5.

a/kernel-huge-2.6.27.5-i486-1.tgz: Upgraded to Linux 2.6.27.5.

a/kernel-huge-smp-2.6.27.5_smp-i686-1.tgz: Upgraded to Linux 2.6.27.5.

a/kernel-modules-2.6.27.5-i486-1.tgz: Upgraded to Linux 2.6.27.5.

a/kernel-modules-smp-2.6.27.5_smp-i686-1.tgz: Upgraded to Linux 2.6.27.5.

a/module-init-tools-3.5-i486-1.tgz: Upgraded to module-init-tools-3.5.

a/ntfs-3g-1.5012-i486-1.tgz: Upgraded to ntfs-3g-1.5012.

a/openssl-solibs-0.9.8i-i486-1.tgz: Upgraded to openssl-0.9.8i.

ap/cdparanoia-III_10.2-i486-1.tgz: Upgraded to cdparanoia-III-10.2.

ap/gphoto2-2.4.3-i486-1.tgz: Upgraded to gphoto2-2.4.3.

ap/hplip-2.8.9-i486-1.tgz: Upgraded to hplip-2.8.9.

ap/lm_sensors-3.0.3-i486-1.tgz: Upgraded to lm_sensors-3.0.3.

ap/rpm-4.4.2.3-i486-2.tgz: Recompiled against neon-0.28.3.

ap/sqlite-3.6.4-i486-1.tgz: Upgraded to sqlite-3.6.4.

d/binutils-2.18.50.0.9-i486-1.tgz: Upgraded to binutils-2.18.50.0.9.

d/cmake-2.6.2-i486-1.tgz: Upgraded to cmake-2.6.2.

d/git-1.6.0.3-i486-1.tgz: Upgraded to git-1.6.0.3.

d/intltool-0.40.5-i486-1.tgz: Upgraded to intltool-0.40.5.

d/kernel-headers-2.6.27.5_smp-x86-1.tgz: Upgraded to Linux 2.6.27.5 headers.

d/m4-1.4.12-i486-1.tgz: Upgraded to m4-1.4.12.

d/subversion-1.5.4-i486-1.tgz: Upgraded to subversion-1.5.4.

k/kernel-source-2.6.27.5_smp-noarch-1.tgz: Upgraded to Linux 2.6.27.5.

kde/kdebase-3.5.10-i486-3.tgz: Recompiled against the new libsensors. (the recompile also seems to have stabilized Flash)

kde/kdepim-3.5.10-i486-3.tgz: Recompiled against the upgraded bluez and pilot-link packages.

kde/kdesdk-3.5.10-i486-3.tgz: Recompiled against apr-1.3.3 and neon-0.28.3.

kde/kdevelop-3.5.3-i486-3.tgz: Recompiled against neon-0.28.3.

l/apr-1.3.3-i486-1.tgz: Upgraded to apr-1.3.3.

l/apr-util-1.3.4-i486-1.tgz: Upgraded to apr-util-1.3.4.

l/dbus-1.2.4-i486-1.tgz: Upgraded to dbus-1.2.4.

l/fuse-2.7.4-i486-2.tgz: Moved udev rules to /lib/udev/rules.d/.

l/glibc-2.7-i486-15.tgz: Recompiled against Linux 2.6.27.5.

l/glibc-i18n-2.7-noarch-15.tgz: Rebuilt.

l/glibc-profile-2.7-i486-15.tgz: Recompiled against Linux 2.6.27.5.

l/hal-info-20081022-noarch-1.tgz: Upgraded to hal-info-20081022.

l/hicolor-icon-theme-0.10-noarch-4.tgz: Rebuilt.

l/jre-6u10-i586-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 10.

l/libcap-2.14-i486-1.tgz: Upgraded to libcap-2.14.

l/libgphoto2-2.4.3-i486-1.tgz: Upgraded to libgphoto2-2.4.3.

l/libmtp-0.3.3-i486-1.tgz: Upgraded to libmtp-0.3.3.

l/libnjb-2.2.6-i486-3.tgz: Moved udev rules to /lib/udev/rules.d/.

l/neon-0.28.3-i486-1.tgz: Upgraded to neon-0.28.3.

l/pilot-link-0.12.3-i486-5.tgz: Moved udev rules to /lib/udev/rules.d/. Recompiled against bluez-4.17.

l/svgalib_helper-1.9.25_2.6.27.5-i486-1.tgz: Recompiled for Linux 2.6.27.5.

n/bluez-4.17-i486-1.tgz: Added bluez-4.17, which replaces the blues-libs and blues-utils packages.

n/bluez-hcidump-1.42-i486-1.tgz: Upgraded to bluez-hcidump-1.42.

n/httpd-2.2.10-i486-1.tgz: Upgraded to httpd-2.2.10.

n/iproute2-2.6.26-i486-1.tgz: Upgraded to iproute2-2.6.26.

n/iptables-1.4.2-i486-1.tgz: Upgraded to iptables-1.4.2.

n/iwlwifi-3945-ucode-15.28.2.8-fw-1.tgz: Upgraded to iwlwifi-3945-ucode-15.28.2.8.

n/iwlwifi-4965-ucode-228.57.2.21-fw-1.tgz: Upgraded to iwlwifi-4965-ucode-228.57.2.21.

n/iwlwifi-5000-ucode-5.4.A.11-fw-1.tgz: Added iwlwifi-5000-ucode-5.4.A.11.

n/nfs-utils-1.1.4-i486-1.tgz: Upgraded to nfs-utils-1.1.4.

n/obexftp-0.22-i486-2.tgz: Recompiled.

n/openobex-1.3-i486-2.tgz: Recompiled against bluez-4.17.

n/openssl-0.9.8i-i486-1.tgz: Upgraded to openssl-0.9.8i.

n/samba-3.2.4-i486-1.tgz: Upgraded to samba-3.2.4.

n/slrn-0.9.9p1-i486-1.tgz: Upgraded to slrn-0.9.9p1.

n/tcpdump-4.0.0-i486-1.tgz: Upgraded to libpcap-1.0.0 and tcpdump-4.0.0.

tcl/expect-5.44.1.11-i486-1.tgz: Upgraded to expect-5.44.1.11.

xap/audacious-plugins-1.5.1-i486-3.tgz: Recompiled against neon-0.28.3.

xap/gkrellm-2.3.2-i486-1.tgz: Upgraded to gkrellm-2.3.2 compiled against lm_sensors-3.0.3.

xap/pidgin-2.5.2-i486-1.tgz: Upgraded to pidgin-2.5.2.

xap/sane-1.0.19-i486-3.tgz: Moved udev rules to /lib/udev/rules.d/.

xap/xfce-4.4.3-i486-1.tgz: Upgraded to xfce-4.4.3.

xap/xsane-0.996-i486-1.tgz: Upgraded to xsane-0.996.

xap/xscreensaver-5.07-i486-2.tgz: Fixed a problem that can occur when RANDR reports incorrect data. Patch from upstream -- thanks to Piter Punk for finding it.

extra/jdk-6/jdk-6u10-i586-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 10.

extra/linux-2.6.27.5-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.

isolinux/initrd.img: Rebuilt with newly compiled kernel modules.

testing/packages/kde4/kde/kdebase-workspace-4.1.2-i486-2.tgz: Recompiled against lm_sensors-3.0.3.

testing/packages/kde4/kde/kdelibs-4.1.2-i486-2.tgz: Included an upstream patch to fix crashes with kded.

usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled kernel modules.
Thanks to Robby Workman, Piter Punk, Eric Hameleers, and Stuart Winter for helping to update these packages! There are still various trivial fixes that need to happen in other packages, and other updates to consider as well. Now that we have a new kernel (with the TCP options ordering problem fixed), I hope there will be time soon to look at those things.