Saturday, August 31, 2013

Gnutls Package Revised

It appears that earlier update about Gnutls didn't fix the security vulnerabilities as the minimum version that has fixes was 3.0.28. Pat took the package from GNU's FTP Archive, which was one month late compared to the original FTP Server, so he took the wrong version. It is fixed now and Pat upgraded GnuTLS to 3.0.31, the latest version available on their FTP Server.

Another typo concerning the EOL of Slackware 12.* has been fixed in Slackware-12.2 ChangeLog. Previously, it was mentioned that Slackware 12.1 and 12.0, but now it has been changed to 12.1 and 12.2, since Slackware 12.0 has been EOL'ed along with other older Slackware releases as far as Slackware 8.0.

Friday, August 30, 2013

Slackware 12.* are EOL This Year

Patrick has decided to reduce the maintenance load by EOL'ing Slackware 12.* (12.1 and 12.2) which has been maintained over 5 years old this year. The decision is not announced explicitly, but it was noticed by one member of LQ and posted it on LQ.

This mean, by next year, the only supported Slackware version is Slackware 13.0, 13.1, 13.37, 14.0, and of course 14.1, the latest -Stable which should be released this year. Considering that this maintenance process was handled single-handed by Patrick himself, it was still considered an amazing process since not many other distribution supported more than five years. Even Ubuntu just lifted their life span of their server version to 5 years recently, while Slackware has been doing this for years.

For those who are still running Slackware 12.1 and 12.2, please be advised and start your planning to upgrade to newer Slackware version. You can use slackpkg to help you to upgrade to the next version safely. Just be sure to read the ChangeLog and CHANGES_AND_HINTS documentations before upgrading to make sure you have noted added/removed packages on the new version.

Security Update: Gnutls and PHP

Two security vulnerabilities have been fixed on Slackware-14.0 and -Current. They are gnutls and PHP.

On Slackware-Current, more packages are being upgraded to the latest version:
  • kmod to 15
  • lvm2 to 2.02.100
  • doxygen to 1.8.5
  • oxygen-gtk2 to 1.4.0
  • oxygen-gtk3 to 1.2.0
  • gnupg2 to 2.0.21
  • lftp to 4.4.9
  • nettle to 2.7.1
  • samba to 4.0.9
  • xlockmore to 5.43
  • xscreensaver to 5.22

Thursday, August 22, 2013

Security Update: hplip, poppler, and xpdf

Three security vulnerabilities has been fixed in the recent Slackware updates: hplip, poppler, and xpdf. Some of them are backported to earlier Slackware releases back to Slackware 12.1.

Meanwhile, on the -current branch, the default kernel stock has been upgraded to the latest version of 3.10.x branch: 3.10.9 which was released yesterday. Greg decided to change his -Stable tree rule so that new patches must wait until new RC comes out from Linus' tree before it gets backported to his tree. This way, accidents like in 3.10.8 announcement will hopefully not happened again.

Calligra is also upgraded to 2.7.2 along with some translations, zlib and pixman are upgraded as well as several XOrg packages and drivers, both in main x/ and testing/ directory. Lastly, thumbler is rebuilt due to other changes happening on this cycle.

I'm hoping that Pat will pull Samba 4.0.9 and GnuPG 2.0.21 before Slackware 14.1 comes out

Tuesday, August 20, 2013

lilo 24 comes in -current

Two years since their last release, finally Lilo 24.0 comes in and it will be part of the next Slackware 14.1. This is considered a major changes and what have they done in the past two years? Here they are:
  • Update many manpages and add some from Debian.
  • Add old documentation as (static) html.
  • Better support for GPT hard disks.
  • Support for use with kernel 3.x.
  • Fix to be compatible with gcc 4.8 and higher.
Well, not much, but at least it will make Slackware works better with Linux Kernel 3.x and also GPT-based hard disks.

We also have strace and MPlayer upgraded to the latest version, both to the stable release and also to the git snapshots.

Monday, August 19, 2013

New Qt, Amarok, and Firefox Packages

There are three new packages arriving on -Current tree today and they are Amarok 2.8, Qt-4.8.5, and Firefox 23.0.1. This is indeed good news for those who are eager to use KDE 4.11 since on some machines (including mine), i had to build Qt 4.8.5 before i can use KDE 4.11 normally, otherwise KWin keep crashing here. Lucky for you, Pat decided to help build Qt 4.8.5 for all Slackware users so that the transition to KDE 4.11 will be much smoother.

AmaroK 2.8 has been pushed to -Current as well. This is a good thing since AmaroK 2.7.1 has some compatibility issues with KDE 4.11, so it's better to use 2.8 when you are using KDE 4.11.

Lastly, Firefox has been upgraded to 23.0.1 to fix some minor regressions found shortly after 23 Final has been pushed to public.

Again, big thanks to Eric for providing KDE 4.11 and Pat for helping us to migrate to KDE 4.11 easier :)

Finally, a Working KDE 4.11

I have been trying to use KDE 4.11 twice. My first attempt was 4.11 RC1 and it failed miserably since KWin keep crashing on my desktop so i had to postponed of testing it further. My second attempt was 4.11 Final and again, it failed due to the same reason. After that i gave up and downgraded to KDE 4.10.5 which was rock solid and stable.

I discussed this matter with Walecha and some other Slackware user in AlienBOB's blog post about KDE 4.11 and we thought that it might be Qt who need to be upgraded to 4.8.5 so that it should work fine. So i pulled Qt 4.8.5 and adjust Slackware's Qt SlackBuild (since there are two patches that are already part of Qt 4.8.5, so no longer needed) and build the package by myself.

After upgrading Qt, i continue by upgrading to KDE 4.11 and reboot my system. I logged in to my desktop and surprisingly, no more crashes here. It's still less than 24 hours, but i hope this will work in the future as well.

So, for those who wanted to try KDE 4.11 and having a crashed KWin all the time, please try to build Qt 4.8.5 and upgrade it before installing KDE 4.11. Don't forget to make a backup copy of your .kde directory under your home directory just to be safe. You can delete it later when you have make sure that KDE 4.11 is working on your system.

After this, i will need to rebuild digiKam since KDE libraries has changed, but i will not rebuild amarok as Eric has stated that amaroK 2.8 will be pushed to -Current on the next batch of update. I can live with 2.7 for few days.

Saturday, August 17, 2013

Fixing Broken Installer

There have been two posts on LQ about broken installer on -Current tree (here and here) and both are now fixed on the latest -Current batch of updates. They were broken due to changes in dialog which was upgraded few days ago.

Another changes is to fix the conflict between e2fsprogs and util-linux and sysvinit and util-linux. fsck now belongs to util-linux, so in e2fsprogs, they are renamed to fsck-e2fsprogs. mountpoint is removed from sysvinit since it will be provided by util-linux. This was reported by Sl4ck3ver on LQ.

Last, boost was rebuilt to revert some changes (#82498) that broke MariaDB compilation so it prevented MariaDB 5.5.32 to be built. Now everything has been resolved and MariaDB 5.5.32 is available on Slackware-Current as well.

Friday, August 16, 2013

Kernel Packages Upgraded

In less than 24 hours after Pat upgraded to Linux Kernel 3.10.6, he upgraded the kernel packages to the latest one, 3.10.7 after some users reported that there's a serious bug on 3.10.6 on LQ. Hopefully this version will bring better stability on the Slackware tree.

Besides the kernel, there are two upgraded packages and they are bash which is now upgraded to 4.2.045 and also bash-completion to 2.1.

Thursday, August 15, 2013

Kernel Upgrade

Patrick has just bumped several packages in latest batch of update, including the default kernel being used. It is currently using Linux Kernel 3.10.6 as the supported kernel. For detailed changes, please have a look on the ChangeLog or human-friendly ChangeLog from LWN

Beside the kernel, there are several changes as well, including upgraded dialog and recompiled seamonkey and seamonkey-solibs to remove --enable-shared-js configure parameter which broke the lightning extension. dhcpcd is also rebuilt to not run the wpa_supplicant hook since it will be taken care by wicd, NetworkManager, or rc.inet1.

Pat is also upgrading the flashplayer-plugins on the extra/ directory along with the linux kernel source for non-SMP machine.

KDE 4.11.0 Packages for Slackware-Current

Eric Hameleers has pushed his KDE 4.11.0 packages to public just few hours after the official announcement. He has made this packages last week and i already mirrored them while i was away for holiday (but thanks to a WiFI facility, i can remotely mirror the packages on my server). I haven't really test this packages on my computers as i just arrived home yesterday and i'm too tired to do more testing this packages. I will probably do the upgrade today.

So, what big changes on KDE 4.11.0 ? According to the release announcement
latest major updates to the Plasma Workspaces, Applications and Development Platform delivering new features and fixes while readying the platform for further evolution. The Plasma Workspaces 4.11 will receive long term support as the team focuses on the technical transition to Frameworks 5. This then presents the last combined release of the Workspaces, Applications and Platform under the same version number.
The release of KDE Platform 4.11 has a focus on stability, bugfixes and performance improvements. Basically, the platform libraries have been feature-frozen since 4.9 already. New features are being implemented for the future KDE Frameworks 5.0. (with an exception made for further optimizations to the Nepomuk framework which went into the stable release).

There are 4 new meta-packages due to splitting decision and they are: kdeadmin, kdetoys, kdesdk and kdenetwork.

As always, read the README before installing/upgrading to this release as this is intended for Slackware-Current/14.1 users only and NOT for older release (14.0 and previous releases).

Get the KDE packages from one of this mirrors below:

Thursday, August 8, 2013

Mozilla Updates

All of the Mozilla products are upgraded to the latest version, two of them are considered a security update (Thunderbird and Seamonkey). Firefox now has reached version 23 and it's likely be the final version that will go to  Slackware 14.1 unless Slackware 14.1 gets released next year.

util-linux is rebuilt to fix the data type in partx to prevent partx from silently truncating kernel table partition sizes/offsets to 4GB on 32-bit platforms, while glib is upgraded to fix sync issues on EXT4 on LVM machine as mentioned on their news page of the 2.36.4 release:
This change addresses a major issue: despite assurances in the documentation for the ext4 filesystem, it is still unsafe to omit a call to fsync() when doing atomic replaces, as per g_file_set_contents(). Some patches have gone into the kernel already, but we are putting the fsync() back for safety reasons.
The original bug report: #701560

Tuesday, August 6, 2013

Security Update: bind and httpd

Two common services has been updated to fix security vulnerabilities and they are bind and httpd. They are backported back to Slackware 12.1.

Few days ago Greg has released 3.10.5 and declared it as LTS and more importantly, fixed the resume issue on Sandy Bridge machine, so Pat decided to take this kernel as the default kernel stock in Slackware-Current (soon to be 14.1). This finally ends the speculations happening in LQ and in many discussion forum about what kernel should be used in the next Slackware release. What makes Linux Kernel 3.10.x interested? See the features in KernelNewbies.

Sunday, August 4, 2013

Linux Kernel 3.10.x Will be LTS

Greg has just released Linux Kernel 3.10.5 and he also posted a new blog post about a new kernel being labeled as LTS (Long Term Support) and that is 3.10.x. It's been some time since he is willing to take a stable kernel into LTS and the last time was 3.4.x.

I'm still not sure whether Pat is willing to take Linux Kernel 3.10 as the default kernel in Slackware, but if the fix for the Sandy Bridge resume bug has been fixed in 3.10.x along with other fixes, i guess there's a chance that it will be used as the default kernel stock used in Slackware 14.1.

I'm already running Linux Kernel 3.10.5 on my main desktop at home and so far, everything works as i hoped. There has been a patch for NVidia driver (although i must admit that it's an ugly hack) and also VMWare Workstation and Player.

Security Update: gnupg and libgcrypt

In order to mitigate a flush+reload side-channel attack on RSA secret keys, a new gnupg/libgcrypt/libgpg-error are now pushed to several Slackware version, back to Slackware 12.1. The new libgpg-error is needed since the current version on some Slackware releases are not new enough to compile the libgcrypt library.

On -Current, there has been a bigger changes rather than security update only. Here are the recap:
  • etc upgraded to 14.1 
  • floppy upgraded to 5.5
  • calligra upgraded to 2.7.1
  • dhcpcd upgraded to 6.0.5
  • ethtool upgraded to 3.10
  • iproute2 upgraded to 3.10.0
  • several packages in x/ and testing/xorg-server-1.14.x are upgraded to the latest version. 
  • Packages on testing are suffixed with _testing so that it can have the same build number as the main packages