Tuesday, December 23, 2014

Security Advisories: ntp, xorg-server, and php

Three security advisories were released for -stable and -current branches of Slackware. They were:
  • ntp: Upgraded to 4.2.8 for all -stable and -current branches. This fixed several security vulnerabilities discovered by Neel Mehta and Stephen Roettger of the Google Security Team.
  • xorg-server: Rebuilt for Slackware 14.1 and -current to fix many security issues discovered by Ilja van Sprundel, a security researcher with IOActive.
  • php: Upgraded to 5.4.36 for Slackware 14.0, 14.1, and -current
Meanwhile, in -current, there are more packages included in this batch, including:
  • New LTS kernel release: 3.14.27
  • vim and vim-gvim are upgraded to 7.4.560
  • libusb upgraded to 1.0.19 (this allows USB passthrough for QEMU users)
  • libusb-compat upgraded to 0.1.5
  • libdrm upgraded to 2.4.58
  • libvdpau: Added (originally available via SlackBuilds)
  • mesa: Upgraded to 10.3.5
  • MPlayer: Rebuilt to add support for libvdpau
  • kernel 3.18.1 config files for kernel testers or developers

Monday, December 22, 2014

LibreOffice 4.3.5 for Slackware Users

Eric Hameleers has completed building LibreOffice 4.3.5 package for Slackware-Current (and 14.1) users and upload it on his repository which is mirrored through several mirror sites. This version fixes 70 bugs compared to the previous version.

As always, you can grab the source and binary packages on this mirror sites:
 A little note on this:
Reminder to all of you who also have my KDE 5 packages installed: do not use the updated harfbuzz from my ‘ktown‘ repository because it will break LibreOffice. If you are using Mario’s slackpkg+ extension to slackpkg then you can configure it so that Slackware’s own harfbuzz package is preferred over the version which accompanies my KDE 5 packages. See this LQ thread for the details.
You can also use LibreOffice from SBo repository along with it's helppack and langpack which uses a different ways of creating the binary output. It uses RPM binaries from upstream developers, while Eric build it from source.

Thursday, December 11, 2014

Multiple Security Advisories

Several security advisories has been released for all -stable and -current branches back to Slackware 13.0:
  • bind is upgraded to 9.9.6_P1 for -stable and bind-9.10.1_P1 for -current 
  • openvpn is upgraded to 2.3.6 for all branches
  • pidgin is upgraded to 2.10.11 (this package does not have any security advisory, but still included in all branch.
Some packages are only applicable to -stable 14.1 and -current branch:
  • firefox is upgraded to 31.3.0esr in 14.1 (current is already upgraded to 34.0.5 few days ago)
  • openssh is rebuilt to re-add tcpwrapper support that was removed by upstream
  • wpa_supplicant is upgraded to 0.7.3 in 13.37, 1.0 in 14.0, 2.3 in 14.1 and -current
  • seamonkey and seamonkey-solibs are upgraded to 2.31 in 14.1 and -current
  • gptfdisk is upgraded to 0.8.10 in -current only

Wednesday, December 3, 2014

Two Security Updates: Firefox and Thunderbird

There were two security updates released in December. One for Firefox, which is now upgraded to 34.0.5 (a strange version indeed) and Thunderbird which is now upgraded to 31.3.0. Thunderbird update is applied to 14.1 as well, but not for Firefox as 14.1 still use Firefox ESR 31.2.0 and there has been no update for this release.

Meanwhile, two more packages in -current gets an upgrade: groff and grep. Still no interesting activity happening in -current, but let's hope it's worth to wait for the big update. It happened very often in previous releases, but indeed this time, it's taking more time then before. Please be patient and let Pat do his job.