Posts

Showing posts from February, 2012

Default Kernel Upgraded

The default kernel for Slackware-Current has been raised to 3.2.7, the latest stable kernel released by Greg a week ago. This version has integrated the latest ASPM patches (on 3.2.5) that should reduce power consumption when being used on portable devices such as laptop and netbooks.

There isn't so much progress on Slackware-Current, but i believe Pat is taking his time to decide what should be included in the next Slackware release. Right now, the Xorg stack is stabilizing after Intel released their quarterly package and it should be fully working with Linux Kernel 3.2.7 and related packages, such as Mesa. Hopefully we will have a nice and working out-of-the-box, less painfull Xorg stack in the next Slackware release.

Testing Packages Upgraded

Bunch of Mozilla packages are being upgraded to the latest beta to see if there's something wrong during the build process. They are:
testing/packages/mozilla-firefox-11.0b4-i486-1.txz: Upgraded.
testing/packages/mozilla-thunderbird-11.0b3-i486-1.txz: Upgraded.
testing/packages/seamonkey-2.8b4-i486-1.txz: Upgraded.
testing/packages/seamonkey-solibs-2.8b4-i486-1.txz: Upgraded.

Security Updates: Libpng, Firefox, Thunderbird, and Seamonkey

More security updates coming up for -Current and previous version of Slackware. In total, there are 4 security updates that were released today and three of them came from the same vendor: Mozilla. The last update came from libpng which is now upgraded to 1.4.9.

Linux-PAM for -Current

Vincent Batts has announced that he has updated the Linux-PAM project synched up to Slackware-Current and also available for AlienBOB's KDE 4.8.0 packages as well.

To download, please visit this URL and for rsync, please visit: rsync://hashbangbash.com/pam/

Thunderbird Security Update

A single security update has been released today and it's Mozilla Thunderbird that is now upgraded to 10.0.1. So far, i haven't received any notifications from the security mailing list, but i think it will be delivered when the update has been propagated through mirror sites.

More Testing Packages Added

In the past, only Firefox beta build were added into testing/, but now, more Mozilla packages are being added. Seamonkey and Thunderbird joined the previous package and it's now being added into testing/

The reason for this is that because Mozilla employs a rapid release just like Google Chrome, but since building Mozilla packages requires more attention (due to increment of dependencies), it's probably the reason why it's now added into testing/. It's also a proper place for public to test the new version if they are an extension developers or beta testers.

So, here's the latest addition on -Current:
Sun Feb 12 23:26:00 UTC 2012 testing/packages/mozilla-thunderbird-11.0b1-i486-1.txz: Added. testing/packages/seamonkey-2.8b2-i486-1.txz: Added. testing/packages/seamonkey-solibs-2.8b2-i486-1.txz: Added.

Security Updates: Firefox, Thunderbird, Seamonkey

Three security updates are released at once because they all came from the same upstream : Mozilla. They are Firefox, Seamonkey, and Thunderbird. Along with this update is the second beta for next Firefox 11.

Not quite interesting, but still a worthy updates for those who concerns about security.

Security Mailing List is Back

For some time, the Slackware security mailing list is not functioning as it used to be, and news about lack of Security updates are also discussed on LWN. People may have forgotten that Slackware also have a changelog that provides all the information you need about any updates to Slackware.

Well, that kind of problem is now being fixed as i received bunch of security update posts that happened in the last batch of updates. Let's hope there will be no more problem like this in the future and negative news about Slackware will be gone.

Meanwhile, i suggest you to keep a good look on Slackware's changelog rather than relying on the list itself.

Bunch of Security Updates

Several pending security updates that has been around for few days are finally being released by Pat and some of this updates are backported to older Slackware releases up to Slackware-12.2. We also see some new updates on basic applications, such as alsa and hplip, and we will see more updates in the future.
Here's the summary of the latest update:
Glibc: rebuilt to fix CVE-2009-5029 Alsa-*: upgraded to 1.0.25sqlite: upgraded to 3.7.10hplip: upgraded to 3.11.12 httpd: upgraded to 2.2.22php: upgraded to 5.3.10proftpd: upgraded to 1.3.4avsftpd: upgraded to 2.3.5

ASPM Patch has Landed on Stable Kernel

Greg has released a special edition of a stable kernel with only a single fix, which is to fix the power consumption for portable devices, such as laptops and netbooks. The patch is touching the ASPM (Active State Power Management) area and it was previously poorly implemented so that it consumes more power than it should be.

Matthew Garrett worked on this problem and he finally pushed his work into Linux Kernel 3.3 which is now on development and Greg wanted to prepare a special release of stable kernel that only has one patch to make it easier for user to spot any differences compared to previous release.

I think it's worthed to have this kernel available on -Current since it will make laptops/netbooks life longer since there is a decreament in power consumption.

Adding More Protection Layer on PHP

Image
PHP is a well known and popular programming language that has been considered mature for years. It has a big community behind the stage and it's been used in most websites due to it's nature of being an open source project and widely supported by many Linux distributions.

Unfortunately, lately, they have been struggling to work with their security problems and even with Stefan Esser's help to improve the project, their ego was too high, so they ignored some of his proposal to improve PHP's security core. At the end, Stefan released Suhosin project to help users to get the better PHP service from the security point of view.

I always installed Suhosin on my servers since lately, PHP has changed it's way of rolling releases and it's not as often as it used to be. Some critical fixes are in pending for months until it's rolled out to users and sometimes, it's kinda late to prevent exploits coming around.

There are two ways of installing Suhosin. The first o…

GSB 3.2.2 Maintenance Patches

People working in GSB project has updated their repositories to add GNOME 3.2.2 maintenance patches. I actually missed this update because i didn't use GSB on my systems. I found out this update when running rsync script on my server. Here's the latest changelog:
Mon Jan 30 18:34:44 GMT 2012 GNOME 3.2.2 maintenance patches. patches/avahi-0.6.30-i486-2gsb.txz: Patched. Fix a potential problem where avahi could replace the /etc/HOSTNAME with incorrect information. Thanks to Robby Workman for pointing out the problem and sending a patch. patches/clutter-1.8.4-i486-1gsb.txz: Upgraded. patches/packages/gjs-1.30.1-i486-1gsb.txz: Upgraded. patches/packages/evolution-data-server-3.2.3-i486-1gsb.txz: Upgraded. patches/packages/gnome-icon-theme-symbolic-3.2.2-i486-1gsb.txz: Upgraded. patches/packages/gtkhtml-4.2.3-i486-1gsb.txz: Upgraded. patches/packages/evolution-3.2.3-i486-1gsb.txz: Upgraded. Fixes numerous crashes. For more information, see: http://download.gnome.org…

Kernel-firmware Updated and Firefox 11 Beta 1

Ysterday's update had some glitch in which one of the file had a FAILED checksums and that belongs to the kernel-firmware package. The checksums of the package is good, but the .asc file that is being used to verify it's not, so it's not really a serious problem, but Pat decided to fix this problem by building a fresh kernel-firmware package taken from the git source.

A new beta build of Firefox is also added on testing/. It surely follows the tradition of adding Firefox's beta builds on testing/ that has been executed in the last round of development cycle.

Updated Multilib and Qt

AlienBOB has updated his multilib packages to sync with the latest update in -Current that happened yesterday. People running multilib system won't be able to launch several applications if they don't upgrade their multilib packages since the application on -Current are built based on other version of GCC and GLIBC, so it must be re-adjusted once they are upgraded.

Another update from AlienBOB is the updated Qt package which fixed a security vulnerability (CVE-2011-3922) and should solve the path problem in several places, and this should fix the missing startup sound notification we all experienced soon after we upgraded to KDE 4.8.0. With this update, my previous article is no longer needed as it has been fixed by upstream.

Current Moving On

After a while, Pat has finally updated the public repository with a massive (as expected) updates with a great quote from the fortune package and everything looks shinny and interesting to see.

So, in general, this is what you will get with the latest -Current:
Linux Kernel 3.2.2 (fixed the mempodipper bug)Coreutil 8.15 (brings improvement for ext4)Cups 1.4.8 (brings fixes for LibreOffice printing problems, and have a chance to be backported to 13.37 as a patch)Glibc 2.14.1(latest stable version being rebuilt with new GCC)GCC 4.6.2 (also latest stable, with support of Go language from Google)Emacs 23.4 (surprisingly newer than in the original website)Mozilla Firefox/Thunderbird 10 (just released few days ago)Seamonkey 2.7 (along with GCC updates to have it working for ARM architecture, thanks to AlienBOB's work)OpenSSL 0.9.8t (still no 1.0 release yet, but it's 0.9.x still well maintained upstream)ca-certificates-20111211: removed untrusted certificates Some library and standar…