Monday, August 31, 2009

New Poll

Since Slackware 13.0 has been released few days ago, it's time to know what changes in Slackware 13.0 do you like most. I have posted several big changes in Slackware 13.0, but it may not include all of them, so please vote on the available options. This time, i put other if there are other options which is not listed. You can give your votes on this post as a comment if your answer is not listed.

This poll will last for two months, so let's start voting guys big grin

Poll Result

One month has ended and it's time to post the result. The questions was about slackpkg and we have the final results:

I have been using it for long time 37 (41%)
I started using it recently 23 (25%)
I will use it when 13.0 released 6 (6%)
What is slackpkg? 24 (26%)

So almost 50% of the voters have used slackpkg for some time and i believe they will keep using it in the future. Great job and thanks to Piter Punk who created Slackpkg

Time for new vote big grin

Slackware 13.0 With LVM and LUKS

This post is contributed by Winlesky Burham and if you have any corrections, please contact him and CC it to me so i can update this post as well.

Hello slackers! My name is Winlesky Burham and on August 30, 2009, I managed to install Slackware 13.0 on my laptop. I would like to share my experience on installing this wonderful distro with LVM + LUKS support for better security and protection of computer's data by writing in the steps I took.

Before I continue, I would like to thank Willy Sudiarto Raharjo for his immense patience by filling me in the difference between KDE 3.5.X and KDE 4.2.x, for making me aware of the great possibilities that Linux in general, and Slackware in particular, has to offer, and also for the time he willingly sets aside to discuss the obstacles that present to me when I am dealing with Slackware, and also I would like to thank the people of the open source community that make such a wonderful system.

Now, I will begin with my laptop brand and specifications. The complete specs is not necessary, because we only need to know processor, memory and hdd to fully understand the steps (for people that have other brands of laptop, just use your imagination big grin) :

Laptop brand : Acer TravelMate 6291
Specifications : Intel(R) Core(TM) 2 Duo Processor T5500 (1.66 Ghz, 667 MHz FSB, 2MB L2 cache)
RAM: 1GB DDR2
HDD: 80GB

* First, we will insert Slackware 13.0 installation DVD into the DVD drive and reboot the laptop. The laptop will then perform its usual BIOS process. Press F12 to summon the "boot from other device" feature and choose the "boot from CD/DVD drive" option, wait until it needs your input.

* Slackware will now ask you to choose kernels it provides to boot the DVD, we will press 'enter' to use the default huge.smp.s kernel to begin the installation and wait until Slackware tells you to log-in by typing root, followed by pressing enter.

* We are now logged in :), we continue by partitioning the hard drive into 2 partitions. a /dev/sda1 100MB to hold /boot and the rest for /dev/sda2 to hold LVM partition. Use fdisk to split the hard drive. DON'T forget to set partition's system id to '83' for /dev/sda1 and '8e' for /dev/sda2 (read fdisk help pages to know how to split the hard drive)

* We are going to fill these partitions with random data to block any security experts efforts to determine where your encrypted data resides in those partitions: dd if=/dev/urandom of=/dev/sda1 ; dd if=/dev/urandom of=/dev/sda2. For a 80GB, my computer needs 6 hours and 25 minutes.

* Now we encrypt /dev/sda2 with cryptsetup:

# cryptsetup -y --cipher aes-xts-plain --key-size 512 luksFormat /dev/sda2 ( DON'T encrypt /dev/sda1 because we need /dev/sda1 unencrypted).

* Open the encrypted partition and also name it to 'acerluks':

# cryptsetup luksOpen /dev/sda2 acerluks

* Next we are going to create a physical volume '/dev/mapper/acerluks', a volume group called 'acercryptvg', three logical volumes; one swap 2GB partition, one / (root) 25 GB partition, and one /home '40ish' GB partition. You must be wondering why '40ish', it is because you have to keep the sum of the logical volumes sizes less than the total size of the physical volume. On my system, 44GB, but on your computer, who knows....

# pvcreate /dev/mapper/acerluks
# vgcreate acercryptvg /dev/mapper/acerluks
# lvcreate -L 2G -n swap acercryptvg
# lvcreate -L 25G -n root acercryptvg
# lvcreate -L 44G -n home acercryptvg

* Create the device nodes before activating the volumes:

# vgscan --mknodes

And activate the the volumes:

# vgchange -ay

* Run 'mkswap' so that the 'setup' program can identify the 'swap' logical volume as a valid swap partition.

# mkswap /dev/acercryptvg/swap

* Now run 'setup' by typing setup on the command prompt, and match swap, / (root), /home, /boot with respect to /dev/mapper/swap, /dev/mapper/root, /dev/mapper/home, /dev/sda1 (for /boot), and let Slackware install packages into your computer. (make sure you install generic.smp and huge.smp kernel packages and choose ext4 as the default filesystem).

* After Slackware has finished installing packages, Slackware will need you to install LILO. At LILO configuration screen, choose 'expert lilo configuration', and install LILO to Master Boot Record (MBR). Select '/dev/acercryptvg/root' as the / (root) partition to boot and select 'install LILO'.

* After the installation completed, exit to command prompt. DON'T reboot the system! We are going to fix the lilo.conf, but before that, we're going to chroot our new Slackware system: chroot /mnt.

* Create initrd.gz with LVM, Crypt, and Hibernation support so that Slackware can pass the boot process and also Slackware can perform the hibernation feature.

# mkinitrd -c -k 2.6.29.6-smp -m ext4 -f ext4 -h /dev/acercryptvg/swap -r /dev/acercryptvg/root -C /dev/sda2 -L -o /boot/initrd.gz

* Make sure for the last time that your lilo.conf contains the following:

append="vt.default_utf8=0 resume=/dev/acercryptvg/swap" (so that Slackware knows that you're using it as a hibernation partition)

bla..bla..bla..bla..

image = /boot/vmlinuz-generic-smp-2.6.29.6-smp
root = /dev/acercryptvg/root
initrd = /boot/initrd.gz

* Finally, run 'lilo' to update the lilo configuration you just set and make sure there are no problems.

* Reboot the laptop, and enjoy your new and shiny Slackware 13.0 with LVM + LUKS support!

Sunday, August 30, 2009

First Installation of Slackware 13.0

Yesterday, i went to my campus to meet with new students who have joined with UKDW Net Club. One of it's division is Linux User Group. I went there bringing the latest Slackware 13.0 ISOs on my hand, because one of them was asking for it and he wanted to install Slackware 13.0 on his laptop.

When i got there, one of the new students asked me to install Slackware 13.0 on his laptop and i agreed to do it. Everything works very fast, and in the end, he was very pleased to have Slackware works perfectly. All the major component were detected automatically. I have to run alsaconf for the sound card, but after that, it worked without no problem.

When i ran the X (using KDE), the resolution is set up for optimum resolution, without having to mess up with xorg.conf anymore. I tried to enable the desktop effect and it worked. I haven't installed NVidia drivers yet, but it's still working and very smooth. Many other students were amazed with Slackware, mostly the girls laughing

When he asked about the WiFI, i installed WICD tool and start scanning, it got an IP and he can start browsing the Internet. Meaning that his WiFI card was detected by the default Slackware kernel thumbs up

This is my fresh first installation of Slackware 13.0, because even though i'm using 13.0, i followed it from -Current tree, so it's not a fresh one.

I have a good impression on my first installation of Slackware 13.0. What about you? peace sign

Saturday, August 29, 2009

Indonesian Mirrors for Slackware 13.0

Good news for Indonesian Slackware users. There has been several mirror sites who have completed the 6 ISOs and the DVD ISO. They are Kambing, UGM, and FOSS-ID

More mirrors will be available on the next following days thumbs up

Updated (2:05 PM): New Mirrors: Indonesian Slackware Community Site (#1) and (#2). Thanks to Ozzie

Invalid File on Slackware 13.0 ISO

If you look at the CD ISO or DVD ISO tree structure, you will probably see ANNOUNCE_12.2 file located on top of the directory along with ANNOUNCE_13.0. I think Pat forgotten to delete the file after making the 13.0 version big grin

It's not critical though. Let's just say it's an added documentation laughing

K3B Burning Problem on Slackware 13.0

Several people complained that they couldn't have a successful burning using K3B provided in the Slackware 13.0. Most of the process stopped at 99% and it hang. When they canceled the job, the media will be useless.

AFAIK, this is known bugs and it has been written on the RELEASE NOTES:
One of the issues we're aware of is that k3b hasn't been working as well as the KDE3 version for some people (it works fine here, but we have heard some reports), and there are some other KDE applications where people still prefer the old versions.
To help with this, there are KDE3 compatibility packages that can be found in /extra/kde3-compat/. With these installed, most KDE3 programs will run. A KDE3 version of k3b is also included in that directory.
So if you need a K3B as a burning tool, install kde3 packages in /extra (which is located in disc 4) and install the old K3B version. It should work normally.

There is also a good post about how to burn DVD iso. Some people failed to burn at 16x, so drop it to 4x or 8x and it should be working.

Friday, August 28, 2009

All About Slackware

Since today is Slackware 13.0 release day, many sites are discussing about this new release, including Plurk and Twitter. So many comments and new posts are posted on Plurk and Twitter today and it's talking about Slackware.

There's one good news about Slackware 13.0. Some site (including Indonesian mirror sites) has got or still mirroring the official CD/DVD ISOs on their site, so by tomorrow, you will be able to start downloading it from the nearest mirror site. It's by far faster than the previous 12.2 release, where an ISO would be available days after the release date.

Please consider to give support for Slackware Linux by purchasing items in Slackware Store or give donations to project.

Slackware 13.0 Released

After almost nine months of development, Slackware 13.0 is finally released by Patrick Volkerding. The last update before the release is wicd, aaa_base, and the addition of new Intel driver which has just been released few days ago. It's still not yet tested, so it's included in /extra rather in x/.

Read the Announcement or Release Notes for information about Slackware 13.0.

Please consider supporting the Slackware project by picking up a copy of the Slackware 13.0 release from the Slackware Store.

Have fun with the new shinny Slackware 13.0 big grin

Thursday, August 27, 2009

OOo 3.1.1 Released, No More Manual Fix

OpenOffice.org 3.1.1 has been released and it is now being distributed to the mirror site around the world. It's just a matter of time before it will be officially announced and the download link is displayed on the download page.

As usual, on every OOo release, i would post a simple HOWTO to upgrade to the latest OOo. First of all, download the OpenOffice.org binary code (OOo_3.1.1_LinuxIntel_install_en-US.tar.gz). Next, extract using tar -xzvf OOo_3.1.1_LinuxIntel_install_en-US.tar.gz. Go to the RPMS directory and use rpm2tgz to convert the RPMs into tgz packages.

When you are done, remove the old packages by issuing this command:
cd /var/log/packages
removepkg ooobasis-* openoffice.org*

Next, go back to the RPMS directory and then install it using rpm2tgz. In the past, i had to manually fix the application due to truncation caused by the old version of tar used by rpm2tgz. Thanks to Pat, the rpm2tgz has been changed to use makepkg instead of tar on -Current
a/rpm2tgz-1.1-i486-1.txz: Upgraded. Make .tgz with makepkg, not tar.

This has fixed the truncation issues, so my post on the previous post is no longer needed. You can now enjoy OpenOffice.org 3.1.1 on Slackware big grin

Tuesday, August 25, 2009

More Packages Updated

More packages are being upgraded and fixed for the next Slackware release. Today, Pat released some updates on several packages as well. The image are being enhanced to work on slow CD drivers. It may be a sign that a release would be very close.

Here's the latest -Current changelog:
Tue Aug 25 05:31:05 CDT 2009
f/linux-howtos-20090805-noarch-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt.
Make the CD install disc swap more reliable on slow CD drives.

usb-and-pxe-installers/usbboot.img: Rebuilt.
Make the CD install disc swap more reliable on slow CD drives.
+--------------------------+
Mon Aug 24 23:44:38 CDT 2009
a/kbd-1.15-i486-3.txz: Rebuilt. Fixed the default font in unicode_start.
Thanks to Conraid and Dugan Chen.

ap/vim-7.2.245-i486-1.txz: Upgraded.

l/boost-1.38.0-i486-2.txz: Rebuilt.
Patched wrong BOOST_NO_EXCEPTIONS define placement.
Thanks to Steve from the GNOME SlackBuild project, and Christoph Willing.

n/network-scripts-13.0-noarch-2.txz: Rebuilt. Correct the comments about DHCP timeout to say that it is 10 seconds. Thanks to Mark Payne.

xap/vim-gvim-7.2.245-i486-1.txz: Upgraded.

Monday, August 24, 2009

Small changes occurred on -Current. Infozip and Sox have been upgraded while there are some rebuilt packages in the images and also bluez-utils.

Here's the latest -Current changelog:
Mon Aug 24 04:16:26 CDT 2009
a/infozip-6.0-i486-1.txz: Upgraded.
Upgraded to Zip 3.0 and Unzip 6.0.
Thanks to Michal Dorocinski for the notice.

ap/sox-14.3.0-i486-1.txz: Upgraded.

n/bluez-utils-3.36-i486-7.txz: Rebuilt.

isolinux/initrd.img: Rebuilt.
Fixed bad block checking option for ext* filesystems.
Thanks to Pete Cervasio.

usb-and-pxe-installers/usbboot.img: Rebuilt.
Fixed bad block checking option for ext* filesystems.
Thanks to Pete Cervasio.

Cryptsetup Upgraded

One one changes on today's changelog, which is cryptsetup. It's being upgraded and the image are also rebuilt.

Here's the latest -Current changelog:
Sun Aug 23 23:17:38 CDT 2009
a/cryptsetup-1.0.7-i486-1.txz: Upgraded.

isolinux/initrd.img: Rebuilt. Upgraded cryptsetup.

usb-and-pxe-installers/usbboot.img: Rebuilt. Upgraded cryptsetup.

Sunday, August 23, 2009

Kernel 2.6.30.5 on Testing

Get ready for Slackware 13.0, as Pat himself has given a sign that a release of Slackware 13.0 is close to an end. Good news is that there are still some small changes on -Current and there's one big thing happening on /testing, which is the addition of Linux Kernel 2.6.30.5. Many people would asked why on earth does Slackware doesn't ship 2.6.30.5 and instead going with 2.6.29.6?

We should all understand that newer kernel does bring new feature and better hardware detection as many drivers were added during development, but it *may* also breaks in some occasions. While the release date is getting closer, there's not enough time to do a full-blown testing on the new kernel and Slackware is stick with it's stable philosophy. Slackware isn't a bleeding-edge system that sacrifices the stability of a system.

That's why Pat has generously put 2.6.30.5 on /testing. This directory probably won't be included in the CD/DVD form, but you can download them manually from the mirror sites around the world. Pat has stated very clearly that you should read the README_FIRST.TXT in the kernel directory before you try to use this kernel packages.

There are some small changes in other packages, but most of them are just recompiled package.

Have fun with it and prepare for the next Slackware 13.0 party

Saturday, August 22, 2009

Minor CUPS Update

CUPS package has been updated with the latest version, thus aaa_elflibs is also updated. Gutenprint and ghostscript are also updated to reflect the latest development work of both application. Let's hope this new version does not bring any regression.

Here's the latest -Current changelog:
Sat Aug 22 02:00:23 CDT 2009
a/aaa_elflibs-13.0-i486-2.txz: Rebuilt. Updated CUPS libraries.

a/cups-1.3.11-i486-1.txz: Upgraded.

ap/ghostscript-8.70-i486-1.txz: Upgraded.

ap/gutenprint-5.2.4-i486-1.txz: Upgraded.

Friday, August 21, 2009

Security Update: Mozilla-Thunderbird

Mozilla-Thunderbird has been updated to the latest version which fixed some security problem. There is one new package added, which is mplayerplug-in, that enables users to use MPlayer to see the movies on the web.

Here's the latest -Current changelog:
Thu Aug 20 22:41:16 CDT 2009
x/xf86-input-evdev-2.2.5-i486-1.txz: Upgraded.

xap/mozilla-thunderbird-2.0.0.23-i686-1.txz: Upgraded.
This upgrade fixes a security bug.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html
(* Security fix *)

extra/brltty/brltty-4.0-i486-1.txz: Upgraded.

extra/mplayerplug-in/mplayerplug-in-3.55-i486-1.txz: Added.
Enables the use of mplayer for web-embedded media.

Thursday, August 20, 2009

Security Update: Pidgin

As i said yesterday, Pidgin 2.5.8 has a security problem and it's fixed in 2.5.9, so today, Slackware-current released one security update for pidgin.

Here's the changelog:
Wed Aug 19 16:02:54 CDT 2009
xap/pidgin-2.5.9-i486-1.txz: Upgraded.
This update fixes a bug in Pidgin's MSN protocol implementation can allow a remote attacker to send a malicious MSN message to a Pidgin user, which will possibly cause arbitrary code to be executed as that user.
This issue was discovered by Federico Muttis of Core Security Technologies.
For more information, see:
http://www.coresecurity.com/content/libpurple-arbitrary-write
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2694
(* Security fix *)

Wednesday, August 19, 2009

Running on Pidgin 2.6.1

I have successfully compiled and upgraded to Pidgin 2.6.1 using Slackware's SlackBuilds script. Unfortunately, even though Pidgin 2.6.1 supports audio/video, i can't use it since it will requires farsight. I have tried to compile farsight2 and it will requires another dependencies: libnice. When i tried to use the old version of farsight, the compilation stopped due to errors, so i have to use farsight2, but i'm too lazy to compile libnice (and probably more than just one dependency).

So for now, i am enjoying Pidgin 2.6.1. Slackware-Current's Pidgin package *might* be upgraded to 2.5.9 though, since it fixes security problem (CVE-2009-2694). We should see the updates on the changelog in the future big grin

Upgrading Pidgin Manually

Since it's probably kinda late to bring Pidgin 2.6.1 on Slackware-Current, i'm planning to upgrade Pidgin manually since the changelog entries are quite interesting for me. It's probably a major release for Pidgin (from 2.5.8 into 2.6.0, which is now superseded by 2.6.1). The list are huge and it's very exciting to have better audio and video support in Pidgin.

Security Updates : Kernels

The kernel stock in Slackware-Current has been patched to fix security problems and the kernel config option has enhanced to use 4096 in CONFIG_DEFAULT_MMAP_MIN_ADDR. Some packages were upgraded as well, such as pkgtool, libzip, pinentry, and foomatic-filters. One package is added, which is x11-ssh-askpass.

Here's the latest -Current changelog:
Tue Aug 18 18:50:46 CDT 2009
Patched kernels and kernel packages for Linux 2.6.29.6 to address a bug in proto_ops structures which could allow a user to use the kernel sendpage operation to execute arbitrary code in page zero.
This could allow local users to gain escalated privileges.
This flaw was discovered by Tavis Ormandy and Julien Tinnes of the Google Security Team.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692
In addition, these kernels change the CONFIG_DEFAULT_MMAP_MIN_ADDR kernel config option value to 4096, which should prevent the execution of arbitrary code by future NULL dereference bugs that might be found in the kernel. If you are compiling your own kernel, please check this option in your .config. If it is set to =0, you may wish to edit it to 4096 (or some other value > 0) and then reconfigure, or the kernel will not have default protection against zero page attacks from
userspace.
(* Security fix *)

a/kernel-firmware-2.6.29.6-noarch-1.txz: Rebuilt.

a/kernel-generic-2.6.29.6-i486-1.txz: Rebuilt.
Patched CVE-2009-2692, changed default vm.mmap_min_addr to 4096.
(* Security fix *)

a/kernel-generic-smp-2.6.29.6_smp-i686-1.txz: Rebuilt.
Patched CVE-2009-2692, changed default vm.mmap_min_addr to 4096.
(* Security fix *)

a/kernel-huge-2.6.29.6-i486-1.txz: Rebuilt.
Patched CVE-2009-2692, changed default vm.mmap_min_addr to 4096.
(* Security fix *)

a/kernel-huge-smp-2.6.29.6_smp-i686-1.txz: Rebuilt.
Patched CVE-2009-2692, changed default vm.mmap_min_addr to 4096.
(* Security fix *)

a/kernel-modules-2.6.29.6-i486-1.txz: Rebuilt.

a/kernel-modules-smp-2.6.29.6_smp-i686-1.txz: Rebuilt.

a/pkgtools-13.0-noarch-3.tgz: Rebuilt.
Fixed hardcoded gzip in installpkg --warn. Thanks to Mathieu Bouillaguet.
Fixed upgradepkg to reject invalid extensions. Thanks to Andrew Psaltis.

ap/foomatic-filters-4.0.2-i486-1.txz: Upgraded.

d/kernel-headers-2.6.29.6_smp-x86-1.txz: Rebuilt.

k/kernel-source-2.6.29.6_smp-noarch-1.txz: Rebuilt.
Patched CVE-2009-2692, changed default vm.mmap_min_addr to 4096.
(* Security fix *)

l/libzip-0.9-i486-2.txz: Rebuilt. Get rid of hardlinked man pages.

n/pinentry-0.7.6-i486-1.txz: Upgraded. Thanks to Stuart Winter.

xap/x11-ssh-askpass-1.2.4.1-i486-1.txz: Added.
Thanks to Vincent Batts for the build script.

extra/linux-2.6.29.6-nosmp-sdk/: Regenerated SMP to no-SMP kernel source patch.

isolinux/initrd.img: Rebuilt.
Patched CVE-2009-2692, changed default vm.mmap_min_addr to 4096.
(* Security fix *)

kernels/*: Rebuilt.
Patched CVE-2009-2692, changed default vm.mmap_min_addr to 4096.
(* Security fix *)

usb-and-pxe-installers/: Rebuilt.
Patched CVE-2009-2692, changed default vm.mmap_min_addr to 4096.
(* Security fix *)

SlackBasics Change License

After some discussion on the list, Daniel and other translators have agreed to change the licese used in SlackBasics into Creative Common Common Attribution 3.0. The changes has been merged into the source control and the zip files has been updated with the new license.

You can download the zip files on the main page of the SlackBasics-i18n project page.

Suggestion for New Slackware Users

If you are new to Slackware and looking for help, i would suggest that you read the philosophy of Slackware first. You will find it very helpful to understand why Slackware use different approaches compared to other Linux distributions, such as text-based installer, no GUI after installation, no automatic partition tools, and many more.

LinuxQuestions are good forum with good (or i could say best) people that helps people who just entered Slackware environment or even a guru. Many Slackware users and contributors helps each other on this forum. It's the best place for Slackware users to ask, discuss, and debate on Slackware.

But when it comes to insulting or trolling, there will be BIG (yes, i said BIG) problem. You won't get your problem solved, but rather, you will get a new label: TROLL. Looking for example? Check this thread Am I Missing Something? Why is Slackware is Still so far Behind?

I need several minutes to stop laughing after reading this thread rolling on the floor

Saturday, August 15, 2009

Security Update: Curl

One security update has been released along with many updates today. Java JRE and JDK has been upgraded to the latest version, while transfig and xfig were reverted due to problem on newer version. We are getting closer to 13.0 release.

Here's the latest -Current changelog:
Fri Aug 14 15:12:05 CDT 2009
a/aaa_elflibs-13.0-i486-1.txz: Upgraded.

a/mkinitrd-1.3.4-i486-3.txz: Rebuilt. Fixed quoting of "${MODULE_LIST}"

a/usbutils-0.82-i486-2.txz: Rebuilt. Updated usb.ids, removed usb.ids.gz.

ap/man-pages-3.22-noarch-2.txz: Rebuilt. Fixed missing part of doinst.sh.

kde/koffice-2.0.2-i486-1.txz: Upgraded.

kdei/koffice-l10n-*-2.0.2-noarch-1.txz: Upgraded to KOffice 2.0.2 l10n packages.

l/jre-6u16-i586-1.txz: Upgraded.
Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 16.

n/curl-7.19.6-i486-1.txz: Upgraded.
This update fixes a security issue where a zero byte embedded in an SSL or TLS certificate could fool cURL into validating the security of a connection to a system that the certificate was not issued for. It has been reported that at least one Certificate Authority allowed such certificates to be issued.
For more information, see:
http://curl.haxx.se/docs/security.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417
(* Security fix *)

n/elm-2.5.8-i486-3.txz: Rebuilt.

t/transfig-3.2.4-i486-2.txz: Reverted. This version is matched to xfig-3.2.4.

t/xfig-3.2.4-i486-4.txz: Reverted. This is due to xfig-3.2.5b not working correctly. .fig files will load, but making any changes causes xfig to hang consuming 100% CPU. We couldn't find a fix, and honestly RC2 just wasn't a good time to upgrade xfig (3.2.4 also required many patches to work right). Sorry, but we'll look at this again in the next -current.

extra/aspell-word-lists/aspell-nb-0.50.1_0-noarch-4.txz: Added.

extra/jdk-6/jdk-6u16-i586-1.txz: Upgraded.
Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 16.

extra/wicd/wicd-1.6.2-i486-2.txz: Rebuilt.
Fixed a problem with hidden networks. Thanks to Robby Workman.

isolinux/initrd.img: Rebuilt.

usb-and-pxe-installers/: Rebuilt.

Wednesday, August 12, 2009

Slackpkg HOWTO For Detik Mirror

Detik has launched a mirror site for several Linux distribution, including Slackware Linux. I have submitted HOWTO to use Slackpkg to use that repository and it has been published here.

Please feel free to use the mirror as an alternative to the current mirrors in Slackpkg because it's free and it's fast (for Indonesian, since it's connected to IIX network).

Thanks to Detik for providing another mirror for Slackware Linux.

Tuesday, August 11, 2009

More Updates Coming Through

Unlike the usual time to update, tonight, Slackware-Current received several updates across many directory. Some interesting updates are etc, which has been bumped into 13.0 and root user is now added to several groups. There's also Apache update and many more.

Here's the latest -Current Changelog:
Tue Aug 11 01:04:25 CDT 2009
a/etc-13.0-noarch-1.txz: Upgraded.
Added root to power, netdev, and scanner groups in /etc/group.

a/pciutils-3.1.3-i486-1.txz: Upgraded.

a/rpm2tgz-1.1-i486-1.txz: Upgraded. Make .tgz with makepkg, not tar.

ap/man-1.6f-i486-2.txz: In man.conf, change nroff from using -Tlatin1 to using -mandoc. Thanks to Ricardo Garcia.

ap/man-pages-3.22-noarch-1.txz: Upgraded.

d/guile-1.8.7-i486-1.txz: Upgraded.

kde/kaudiocreator-r1008583-i486-1.txz: Upgraded.

kde/kdelibs-4.2.4-i486-3.txz: Rebuilt. Patched kdesu to fix NOPASS option.
Thanks to Piter Punk!

l/imlib-1.9.15-i486-5.txz: Rebuilt. Fixed doc directory perms.

l/qt-r1008952-i486-1.txz: Upgraded.
Fixed symlink to QtDesignerComponents.pc. Thanks to oneforall.

n/httpd-2.2.13-i486-1.txz: Upgraded.
This is a bugfix release. It also upgrades the internal versions of apr and apr-util to address CVE-2009-2412, but Slackware uses the system versions of these libraries which have already been upgraded.

n/mailx-12.4-i486-1.txz: Upgraded.

n/netatalk-2.0.4-i486-2.txz: Rebuilt.
Don't install rc.atalk as executable by default.

t/transfig-3.2.5a-i486-1.txz: Upgraded.

t/xfig-3.2.5b-i486-1.txz: Upgraded.

x/xorg-cf-files-1.0.2-noarch-3.txz: Rebuilt.

xap/gnuplot-4.2.5-i486-1.txz: Upgraded.

xap/xlockmore-5.28-i486-1.txz: Upgraded.

Saturday, August 8, 2009

Wine 1.1.27

Thanks to Kyle Bradfield, i can enjoy freshly-compiled Wine 1.1.27 using SlackBuilds script and also added some patches from him. So far, i don't see any regression yet, but i will keep testing them in the meantime.

Again, thank you Kyle for quick update on Wine thumbs up

Friday, August 7, 2009

Security Updates: apr, apr-util, and subversion

Three security updates are released today. They are apr, apr-util, and subversion. There's also some improvement on qt and also httpd rebuild due to apr updates.

Here's the latest -Current changelog:
Fri Aug 7 01:26:38 CDT 2009
d/subversion-1.6.4-i486-1.txz: Upgraded.
Fixed heap overflow vulnerability on server and client.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2411
http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt
(* Security fix *)

l/apr-1.3.8-i486-1.txz: Upgraded.
Fix overflow in pools and rmm, where size alignment was taking place.
[Matt Lewis , Sander Striker]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
(* Security fix *)

l/apr-util-1.3.9-i486-1.txz: Upgraded.
Fix overflow in rmm, where size alignment was taking place.
[Matt Lewis , Sander Striker]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
(* Security fix *)

l/qt-r1008078-i486-1.txz: Upgraded.
Added some missing symlinks to binaries and pkgconfig files.
Thanks to Heinz Wiesinger for the build script improvements!

n/httpd-2.2.12-i486-2.txz: Rebuilt.
Recompiled against the new apr and apr-util. This allows external modules to be built without having to edit the new apr/apr-util version numbers into the httpd config files.

Wine 1.1.26 Looks Great

After having some regression which forced me to revert back to Wine 1.1.24, i have waited for an update to Wine for Slackware. It seems the wait is over when 1.1.26 version has been released on the Sourceforge download page. I take that version and testing it on my desktop.

The regression i had in the earlier version is now gone, and it's getting much much better (mostly are related to application layout and unhanded exception or API).

Let's hope Wine 1.1.27 will not have any more regression like before winking

Thursday, August 6, 2009

Security Update: Fetchmail and Slackware 13.0 RC2

Well, another security update has been release by Pat and this time, it comes with bunch of updates and also a tag of Slackware 13.0 RC 2. I think the release will be soon enough (i'm predicting by this month, Slackware 13.0 would have been released).

Here's the latest -Current update:
Thu Aug 6 00:48:30 CDT 2009
Hi folks! We're going to call this set of updates RC2. There are still README files to be handled (that's the nature of documentation, I guess), as well as some other things remaining on the TODO list, but X seems pretty stable now, and it seems like a release soon would be in order so that we can march right back into development territory with -current again soon. :-)
Enjoy, and let us know about any problems you run into!
ap/mysql-5.0.84-i486-1.txz: Upgraded.

kde/kdebase-runtime-4.2.4-i486-2.txz: Rebuilt.
Applied patchset 969192 to fix improper clipping of text labels under icons (such as in KMail). Thanks to Andrzej Szelachowski.

l/jre-6u15-i586-1.txz: Upgraded.
Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 15.

l/qt-r1006620-i486-1.txz: Upgraded to qt-copy r1006620 from svn.
We know about qt-copy.git and plan to adopt it sometime after the 13.0 release, but would like to stick to close to the same Qt branch that KDE 4.2.4 was developed on for now.

n/fetchmail-6.3.11-i486-1.txz: Upgraded.
This update fixes an SSL NUL prefix impersonation attack through NULs in a part of a X.509 certificate's CommonName and subjectAltName fields.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2666
(* Security fix *)

n/network-scripts-13.0-noarch-1.txz: Upgraded. Added new options to the rc.inet1.conf file to adjust debugging level, or to turn off ipv4ll (zeroconf) IP address assignment. Thanks to Eric Hameleers.

x/glew-1.5.1-i486-1.txz: Added. Needed by the Mesa demos.

x/libICE-1.0.5-i486-2.txz: Rebuilt.

x/libX11-1.2.2-i486-1.txz: Upgraded.

x/libdrm-2.4.12-i486-1.txz: Upgraded.

x/mesa-7.5-i486-1.txz: Upgraded.

x/pixman-0.15.18-i486-1.txz: Upgraded.

x/renderproto-0.11-noarch-1.txz: Upgraded.

x/rstart-1.0.3-i486-1.txz: Upgraded.

x/setxkbmap-1.1.0-i486-1.txz: Upgraded.

x/xf86-input-evdev-2.2.4-i486-1.txz: Upgraded.

x/xf86-input-synaptics-1.1.3-i486-1.txz: Upgraded.

x/xf86-video-apm-1.2.2-i486-1.txz: Upgraded.

x/xf86-video-ast-0.89.9-i486-1.txz: Upgraded.

x/xf86-video-cirrus-1.3.2-i486-1.txz: Upgraded.

x/xf86-video-glint-1.2.4-i486-1.txz: Upgraded.

x/xf86-video-i128-1.3.3-i486-1.txz: Upgraded.

x/xf86-video-i740-1.3.2-i486-1.txz: Upgraded.

x/xf86-video-intel-2.5.1-i486-1.txz: Upgraded.

x/xf86-video-intel-2.6.3-i486-1.txz: Upgraded.

x/xf86-video-intel-2.7.1-i486-1.txz: Upgraded.

x/xf86-video-intel-2.8.0-i486-1.txz: Upgraded.

x/xf86-video-mach64-6.8.2-i486-1.txz: Upgraded.

x/xf86-video-mga-1.4.11-i486-1.txz: Upgraded.

x/xf86-video-neomagic-1.2.4-i486-1.txz: Upgraded.

x/xf86-video-r128-6.8.1-i486-1.txz: Upgraded.

x/xf86-video-s3-0.6.3-i486-1.txz: Upgraded.

x/xf86-video-s3virge-1.10.4-i486-1.txz: Upgraded.

x/xf86-video-savage-2.3.1-i486-1.txz: Upgraded.

x/xf86-video-sis-0.10.2-i486-1.txz: Upgraded.

x/xf86-video-sisusb-0.9.3-i486-1.txz: Upgraded.

x/xf86-video-tdfx-1.4.3-i486-1.txz: Upgraded.

x/xf86-video-vesa-2.2.1-i486-1.txz: Upgraded.

x/xf86-video-voodoo-1.2.3-i486-1.txz: Upgraded.

x/xfs-1.1.0-i486-1.txz: Upgraded.

x/xkbcomp-1.1.0-i486-1.txz: Upgraded.

x/xorg-server-1.6.3-i486-1.txz: Upgraded.

x/xorg-server-xephyr-1.6.3-i486-1.txz: Upgraded.

x/xorg-server-xnest-1.6.3-i486-1.txz: Upgraded.

x/xorg-server-xvfb-1.6.3-i486-1.txz: Upgraded.

x/xtrans-1.2.4-noarch-1.txz: Upgraded.
Huge thanks to Robby Workman for preparing these X updates and getting people to help test them! The new libdrm, mesa, xorg-server, and the new Intel driver seem especially improved. :-)

xap/xfce-4.6.1-i486-5.txz: Rebuilt. Upgraded to Terminal-0.4.0 and added some missing icons. Thanks to Robby Workman.

extra/jdk-6/jdk-6u15-i586-1.txz: Upgraded.
Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 15.

Tuesday, August 4, 2009

Volume Indicator Now Displayed

When i was using my laptop today, i noticed something which i have wished for some time has come true. In the past, when i used Fn combination to increase/decrease my volume level, the desktop won't show any indicator and it won't work at all. The only combination that works is only for brightness indicator.

But today, the volume indicator works and there's a bar showing on my desktop displaying the volume level. I don't know what package which fixed this problem, but i guess it's part of the XOrg updates lately. It's getting better and better big grin

Mozilla Firefox Upgraded

It's not a security fix as usual, but Mozilla Firefox 3.5.2 is released as a regular update as the flaw doesn't affect Firefox 3.5.x series.

Here's the single change on -Current today:
Mon Aug 3 14:40:36 CDT 2009
xap/mozilla-firefox-3.5.2-i686-1.txz: Upgraded.
This is thought to be just a regular update, as MFSA 2009-42 and MFSA 2009-43
say that 3.5 is not vulnerable to those flaws.

Monday, August 3, 2009

Security Update: httpd

One security update on the first day of this week: httpd. It fixes so many security updates, so it's definitely a must upgrade package. Also an updated package for linuxdoc-tools which has solved the jade problem.

Here's the latest -Current changelog:
Sun Aug 2 16:25:44 CDT 2009
ap/linuxdoc-tools-0.9.56-i486-5.txz: Rebuilt. Added a symlink to isogrk4.ent that fixes the problems that we mentioned earlier.
Thanks to Niels Horn for the help!

d/git-1.6.4-i486-1.txz: Upgraded.

n/httpd-2.2.12-i486-1.txz: Upgraded.
This update fixes some security issues (from the CHANGES file):
*) SECURITY: CVE-2009-1891 (cve.mitre.org)
Fix a potential Denial-of-Service attack against mod_deflate or other modules, by forcing the server to consume CPU time in compressing a large file after a client disconnects. PR 39605.
[Joe Orton, Ruediger Pluem]
*) SECURITY: CVE-2009-1195 (cve.mitre.org)
Prevent the "Includes" Option from being enabled in an .htaccess file if the AllowOverride restrictions do not permit it.
[Jonathan Peatfield , Joe Orton, Ruediger Pluem, Jeff Trawick]
*) SECURITY: CVE-2009-1890 (cve.mitre.org)
Fix a potential Denial-of-Service attack against mod_proxy in a reverse proxy configuration, where a remote attacker can force a proxy process to consume CPU time indefinitely. [Nick Kew, Joe Orton]
*) SECURITY: CVE-2009-1191 (cve.mitre.org)
mod_proxy_ajp: Avoid delivering content from a previous request which failed to send a request body. PR 46949 [Ruediger Pluem]
*) SECURITY: CVE-2009-0023, CVE-2009-1955, CVE-2009-1956 (cve.mitre.org)
The bundled copy of the APR-util library has been updated, fixing three different security issues which may affect particular configurations and third-party modules.
These last three CVEs were addressed in Slackware previously with an update to new system apr and apr-util packages.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956
(* Security fix *)

n/irssi-0.8.14-i486-1.txz: Upgraded.

Saturday, August 1, 2009

New Poll

Slackpkg has been included in Slackware distribution for quite some time (even though in /extra), but only in -Current (which will be 13.0 in the future), it is placed on official directory (in /ap). I'm making a new poll which ask people about how well they know about Slackpkg utility.

Please start voting big grin

Poll Result

Two months has passed and it's time to announce the results of the poll. While Slackware 13.0 and Slackware64 13.0 hasn't been released yet (but soon i guess), most people who voted on the poll will likely to use 13.0 version with only 9 voters who will not migrate to this version.

Here's the result:
Slackware 13.0 32 bit
140 (41%)
Slackware 13.0 64 bit
95 (28%)
Slackware 13.0 32 bit + 64 bit
50 (14%)
Slackware-Current
40 (11%)
I'm not migrating
9 (2%)


Slackware(64) 13.0 is indeed interesting release, not by it's number but by it's feature that will bring new excitement of Slackware. Like always, major release is always a perfect time to see major changes happening on Slackware distribution. While most features do not change too much (such as curses-based installation), the overall system has changed quite a bit and the transition is going very well. You can see it when you are using -Current tree.

Latest slackpkg: Fix Indonesian Mirror Sites

Thanks to Piter Punk who accepted my suggestion about replacing broken Indonesian mirror sites with a newer one which should work and incorporate the changes in the latest slackpkg tool. Since this tool has been included as a default package (thus supported by default), this will make ease Slackware users in Indonesia to get a faster updates on Slackware once they installed this tool.

FYI: About mirrors in Indonesia, they are updated once a day, usually at midnight (Indonesian time), so updates will be seen by slackpkg at least one day after the announcements of the changes. If you want better and faster updates, consider running rsync service to synchronize the repository on your local computer big grin

Too bad, the mirrors is not copied to the Slackware's website.

Getting Closer

After few days without any updates, finally some updates come up on -Current. There are several things to be tested, so Pat wanted a public testing on linuxdoc-tools package. Also there's a change on hal.conf, so please make sure you merge the changes into the existing hal.conf.

Here's the latest -Current changelog:
Sat Aug 1 00:51:37 CDT 2009
a/shadow-4.0.3-i486-18.txz: Rebuilt. In adduser, adjusted the search of /etc/passwd to exclude the NIS inclusion string.
Thanks to Dominik L. Borkowski.

ap/linuxdoc-tools-0.9.56-i486-4.txz: Rebuilt. Upgraded a number of component packages.
We also need some help debugging a problem with this package.
For details please see:
/usr/doc/linuxdoc-tools-0.9.56/Slackware-ChangeLog.txt

ap/slackpkg-2.80.2-noarch-3.tgz: Upgraded. Thanks to Piter Punk.

l/hal-0.5.11-i486-6.txz: Rebuilt. Rebuilt with some backported patches from upstream to fix some bugs.
Patched the 10-keymap.fdi with comments and examples for configuring keyboard layouts, both with and without input hotplugging.
Important changes to /etc/dbus-1/system.d/hal.conf, so be sure to move the new config into place.
Thanks to Robby Workman.

l/hal-info-20090716-noarch-1.txz: Upgraded.