Monday, February 27, 2012

Default Kernel Upgraded

The default kernel for Slackware-Current has been raised to 3.2.7, the latest stable kernel released by Greg a week ago. This version has integrated the latest ASPM patches (on 3.2.5) that should reduce power consumption when being used on portable devices such as laptop and netbooks.

There isn't so much progress on Slackware-Current, but i believe Pat is taking his time to decide what should be included in the next Slackware release. Right now, the Xorg stack is stabilizing after Intel released their quarterly package and it should be fully working with Linux Kernel 3.2.7 and related packages, such as Mesa. Hopefully we will have a nice and working out-of-the-box, less painfull Xorg stack in the next Slackware release.

Sunday, February 26, 2012

Testing Packages Upgraded

Bunch of Mozilla packages are being upgraded to the latest beta to see if there's something wrong during the build process. They are:
testing/packages/mozilla-firefox-11.0b4-i486-1.txz: Upgraded.
testing/packages/mozilla-thunderbird-11.0b3-i486-1.txz: Upgraded.
testing/packages/seamonkey-2.8b4-i486-1.txz: Upgraded.
testing/packages/seamonkey-solibs-2.8b4-i486-1.txz: Upgraded.

Thursday, February 23, 2012

Security Updates: Libpng, Firefox, Thunderbird, and Seamonkey

More security updates coming up for -Current and previous version of Slackware. In total, there are 4 security updates that were released today and three of them came from the same vendor: Mozilla. The last update came from libpng which is now upgraded to 1.4.9.

Saturday, February 18, 2012

Linux-PAM for -Current

Vincent Batts has announced that he has updated the Linux-PAM project synched up to Slackware-Current and also available for AlienBOB's KDE 4.8.0 packages as well.

To download, please visit this URL and for rsync, please visit: rsync://hashbangbash.com/pam/

Tuesday, February 14, 2012

Thunderbird Security Update

A single security update has been released today and it's Mozilla Thunderbird that is now upgraded to 10.0.1. So far, i haven't received any notifications from the security mailing list, but i think it will be delivered when the update has been propagated through mirror sites.

Monday, February 13, 2012

More Testing Packages Added

In the past, only Firefox beta build were added into testing/, but now, more Mozilla packages are being added. Seamonkey and Thunderbird joined the previous package and it's now being added into testing/

The reason for this is that because Mozilla employs a rapid release just like Google Chrome, but since building Mozilla packages requires more attention (due to increment of dependencies), it's probably the reason why it's now added into testing/. It's also a proper place for public to test the new version if they are an extension developers or beta testers.

So, here's the latest addition on -Current:
Sun Feb 12 23:26:00 UTC 2012
testing/packages/mozilla-thunderbird-11.0b1-i486-1.txz: Added.
testing/packages/seamonkey-2.8b2-i486-1.txz: Added.
testing/packages/seamonkey-solibs-2.8b2-i486-1.txz: Added.

Saturday, February 11, 2012

Security Updates: Firefox, Thunderbird, Seamonkey

Three security updates are released at once because they all came from the same upstream : Mozilla. They are Firefox, Seamonkey, and Thunderbird. Along with this update is the second beta for next Firefox 11.

Not quite interesting, but still a worthy updates for those who concerns about security.

Security Mailing List is Back

For some time, the Slackware security mailing list is not functioning as it used to be, and news about lack of Security updates are also discussed on LWN. People may have forgotten that Slackware also have a changelog that provides all the information you need about any updates to Slackware.

Well, that kind of problem is now being fixed as i received bunch of security update posts that happened in the last batch of updates. Let's hope there will be no more problem like this in the future and negative news about Slackware will be gone.

Meanwhile, i suggest you to keep a good look on Slackware's changelog rather than relying on the list itself.

Thursday, February 9, 2012

Bunch of Security Updates

Several pending security updates that has been around for few days are finally being released by Pat and some of this updates are backported to older Slackware releases up to Slackware-12.2. We also see some new updates on basic applications, such as alsa and hplip, and we will see more updates in the future.
Here's the summary of the latest update:
  • Glibc: rebuilt to fix CVE-2009-5029 
  • Alsa-*: upgraded to 1.0.25
  • sqlite: upgraded to 3.7.10 
  • hplip: upgraded to 3.11.12
  • httpd: upgraded to 2.2.22
  • php: upgraded to 5.3.10
  • proftpd: upgraded to 1.3.4a
  • vsftpd: upgraded to 2.3.5

Tuesday, February 7, 2012

ASPM Patch has Landed on Stable Kernel

Greg has released a special edition of a stable kernel with only a single fix, which is to fix the power consumption for portable devices, such as laptops and netbooks. The patch is touching the ASPM (Active State Power Management) area and it was previously poorly implemented so that it consumes more power than it should be.

Matthew Garrett worked on this problem and he finally pushed his work into Linux Kernel 3.3 which is now on development and Greg wanted to prepare a special release of stable kernel that only has one patch to make it easier for user to spot any differences compared to previous release.

I think it's worthed to have this kernel available on -Current since it will make laptops/netbooks life longer since there is a decreament in power consumption.

Sunday, February 5, 2012

Adding More Protection Layer on PHP

PHP is a well known and popular programming language that has been considered mature for years. It has a big community behind the stage and it's been used in most websites due to it's nature of being an open source project and widely supported by many Linux distributions.

Unfortunately, lately, they have been struggling to work with their security problems and even with Stefan Esser's help to improve the project, their ego was too high, so they ignored some of his proposal to improve PHP's security core. At the end, Stefan released Suhosin project to help users to get the better PHP service from the security point of view.

I always installed Suhosin on my servers since lately, PHP has changed it's way of rolling releases and it's not as often as it used to be. Some critical fixes are in pending for months until it's rolled out to users and sometimes, it's kinda late to prevent exploits coming around.

There are two ways of installing Suhosin. The first one comes as a PHP patch which will be used against PHP source code prior compilation and the second option come as an extension. If you plan to compile your first PHP and release it as a bundle, it's better for you to pick the first option as it will patch PHP directly into the source. However, sometimes you have your PHP up and running and you want to add additional security layer on top of it and that's when the second option is preferred.

Here's how you compile and install Suhosin on top of running PHP
  • Download the latest release of Suhosin Extension
  • Extract the package (tar -xzvf suhosin-0.9.33.tgz)
  • Change to suhosin directory (cd suhosin-0.9.33)
  • Ran the magic command (phpize; ./configure; make;)
  • Install the package using root account (make install
  • Add this line into your php.ini file (extension=suhosin.so)
  • Add the appropriate location of the module in extension_dir variable in php.ini
  • Restart your Apache (/etc/rc.d/rc.httpd restart)
  • Confirm your PHP is protected by Suhosin (php -v)
  • If you ran the phpinfo() function, you will get something like this

Friday, February 3, 2012

GSB 3.2.2 Maintenance Patches

People working in GSB project has updated their repositories to add GNOME 3.2.2 maintenance patches. I actually missed this update because i didn't use GSB on my systems. I found out this update when running rsync script on my server. Here's the latest changelog:
Mon Jan 30 18:34:44 GMT 2012
  GNOME 3.2.2 maintenance patches.
patches/avahi-0.6.30-i486-2gsb.txz: Patched.
  Fix a potential problem where avahi could replace the /etc/HOSTNAME with
  incorrect information.  Thanks to Robby Workman for pointing out the problem
  and sending a patch.
patches/clutter-1.8.4-i486-1gsb.txz: Upgraded.
patches/packages/gjs-1.30.1-i486-1gsb.txz: Upgraded.
patches/packages/evolution-data-server-3.2.3-i486-1gsb.txz: Upgraded.
patches/packages/gnome-icon-theme-symbolic-3.2.2-i486-1gsb.txz: Upgraded.
patches/packages/gtkhtml-4.2.3-i486-1gsb.txz: Upgraded.
patches/packages/evolution-3.2.3-i486-1gsb.txz: Upgraded.
  Fixes numerous crashes.  For more information, see:
     http://download.gnome.org/sources/evolution/3.2/evolution-3.2.3.changes.
patches/packages/evolution-exchange-3.2.3-i486-1gsb.txz: Upgraded.
patches/packages/evolution-groupwise-3.2.3-i486-1gsb.txz: Upgraded.
patches/packages/gedit-3.2.6-i486-1gsb.txz: Upgraded.
patches/packages/gnome-nettool-3.0.1-i486-1gsb.txz: Upgraded.
patches/packages/mutter-3.2.2-i486-1gsb.txz: Upgraded.
  Fixes a major memory leak with gnome-shell.  For more information, see:
    https://bugzilla.gnome.org/show_bug.cgi?id=642652
patches/packages/clutter-gst-1.4.6-i486-1gsb.txz: Upgraded.
patches/packages/libgee-0.6.4-i486-1gsb.txz: Upgraded.
patches/packages/gnome-shell-3.2.2.1-i486-1gsb.txz: Upgraded.
  Fixes numerous crashes and brings improvements for the message tray.  For
  more information, see: 
    https://bugzilla.gnome.org/show_bug.cgi?id=663815
    https://bugzilla.gnome.org/show_bug.cgi?id=664138
    https://bugzilla.gnome.org/show_bug.cgi?id=648450
    https://bugzilla.gnome.org/show_bug.cgi?id=667652
    https://bugzilla.gnome.org/show_bug.cgi?id=668048
patches/packages/heimdal-libraries-1.5.2-i486-1gsb.txz: Upgraded.
  This contains two security fixes for the libtelnet library and for libkrb5
  checksums (2012-01-11, 2012-01-10). For more information, see:
    http://www.l5l.org/advisories.html?show=2012-01-10
    http://www.l5l.org/advisories.html?show=2012-01-11
  (* Security fix *)
testing/gnote-0.8.2-i486-1gsb.txz: Added.
testing/tdb-1.2.9-i486-1gsb.txz: Added.
  An upgraded tdb package is needed by rhythmbox;  this version of the library
  will conflict with the tdb in the samba package.  
testing/rhythmbox-2.95-i486-1gsb.txz: Added.

Kernel-firmware Updated and Firefox 11 Beta 1

Ysterday's update had some glitch in which one of the file had a FAILED checksums and that belongs to the kernel-firmware package. The checksums of the package is good, but the .asc file that is being used to verify it's not, so it's not really a serious problem, but Pat decided to fix this problem by building a fresh kernel-firmware package taken from the git source.

A new beta build of Firefox is also added on testing/. It surely follows the tradition of adding Firefox's beta builds on testing/ that has been executed in the last round of development cycle.

Updated Multilib and Qt

AlienBOB has updated his multilib packages to sync with the latest update in -Current that happened yesterday. People running multilib system won't be able to launch several applications if they don't upgrade their multilib packages since the application on -Current are built based on other version of GCC and GLIBC, so it must be re-adjusted once they are upgraded.

Another update from AlienBOB is the updated Qt package which fixed a security vulnerability (CVE-2011-3922) and should solve the path problem in several places, and this should fix the missing startup sound notification we all experienced soon after we upgraded to KDE 4.8.0. With this update, my previous article is no longer needed as it has been fixed by upstream.

Thursday, February 2, 2012

Current Moving On

After a while, Pat has finally updated the public repository with a massive (as expected) updates with a great quote from the fortune package and everything looks shinny and interesting to see.

So, in general, this is what you will get with the latest -Current:
  • Linux Kernel 3.2.2 (fixed the mempodipper bug)
  • Coreutil 8.15 (brings improvement for ext4)
  • Cups 1.4.8 (brings fixes for LibreOffice printing problems, and have a chance to be backported to 13.37 as a patch)
  • Glibc 2.14.1(latest stable version being rebuilt with new GCC)
  • GCC 4.6.2 (also latest stable, with support of Go language from Google)
  • Emacs 23.4 (surprisingly newer than in the original website)
  • Mozilla Firefox/Thunderbird 10 (just released few days ago)
  • Seamonkey 2.7 (along with GCC updates to have it working for ARM architecture, thanks to AlienBOB's work)
  • OpenSSL 0.9.8t (still no 1.0 release yet, but it's 0.9.x still well maintained upstream)
  • ca-certificates-20111211: removed untrusted certificates 
  • Some library and standard updates
More packages will come soon enough, so start your engine and bandwidth for the whole new excitement of Slackware-Current.

I will start by syncing with the latest update on Slackware-Current in UKDW Repository