Sunday, June 26, 2016

MATE Packages Refreshed

I took this Sunday morning to rebuild all MATE packages for both mix build GTK+2/3 and fully GTK+3 build and upload it to the testing playground as usual. They are built against Slackware Current latest batch of update per Sun Jun 26 01:28:27 UTC 2016.

It's been a while since i update the content of the repository and since Patrick upgrade poppler, it broke Atril, so instead of just rebuilding Atril, i decided to rebuilt everything from scratch. It's also a good drill to make sure the build is fine.


Once Slackware 14.2 is released, a new branch (14.2-mate-1.14) will be created and future update of MATE 1.14 will be built from this branch. Master branch will then follow the next development cycle of MATE which will lead to MATE 1.16. Several interesting changes have been merged and you can see them in their ROADMAP. We will see more GTK+3 porting in MATE 1.16 and it's likely that MATE 1.16 will be out this year as it tried to follow Fedora and Ubuntu's release schedule.

Saturday, June 25, 2016

Security Update: kernel, php

It seems that the release of Slackware 14.2 will have to wait again since Pat just bumped the kernel to 4.4.14 to fix 2 security vulnerabilities which he mentioned in detail in the latest batch of updates:
This kernel release fixes two security issues:
  Corrupted offset allows for arbitrary decrements in compat
  IPT_SO_SET_REPLACE setsockopt.  Risk:  High.  Impact:  Kernel memory
  corruption, leading to elevation of privileges or kernel code execution.
  This occurs in a compat_setsockopt() call that is normally restricted to
  root, however, Linux 3/4 kernels that support user and network namespaces
  can allow an unprivileged user to trigger this functionality.  This is
  exploitable from inside a container.
  Out of bounds reads when processing IPT_SO_SET_REPLACE setsockopt.
  Risk:  Medium.  Impact:  Out of bounds heap memory access, leading to a
  Denial of Service (or possibly heap disclosure or further impact).
  This occurs in a setsockopt() call that is normally restricted to root,
  however, Linux 3/4 kernels that support user and network namespaces can
  allow an unprivileged user to trigger this functionality.  This is
  exploitable from inside a container.
  For more information, see:
    http://www.openwall.com/lists/oss-security/2016/06/24/5
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4997
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4998
  (* Security fix *)
Other than kernel update which was only applied for current, php is also updated to 5.6.23 for Slackware 14.0, 14.1, and current. This update is also considered a security update.

In current, we have more updates coming in:
  • mariadb: Upgraded to 10.0.26
  • libpng: Upgraded to 1.6.23
  • librsvg: Upgraded to 2.40

Thursday, June 23, 2016

PulseAudio 9.0 is now included in Current

More bug fixes are going through Slackware Current as bug reports keep flowing in in LQ and Pat thoroughly reviewed most of them and apply them as needed.

The latest request was to apply PulseAudio 9.0 since it introduced an automatic routing when devices gets plugged/unplugged and many new features that were commonly reported happening in Slackware Current. Hopefully this new version fixed most of them. Other than PulseAudio, other packages gets updated/rebuilt as well:
  • etc: Rebuilt to add root to audio group
  • kernel-firmware: Upgraded to latest version
  • nano: Upgraded to 2.6.0
  • sip: Upgraded to 4.18 (needed to build PyQt 5-5.6)
  • xfce4-pulseaudio-plugin: Rebuilt to fix icon issue in dark GTK+3 theme
  • gmp: Upgraded to 6.1.1
  • screen: Upgraded to 4.4.0 in testing/

Tuesday, June 21, 2016

Security Update: gd, libarchive, pcre

Three security vulnerabilities were fixed in the last few batch of updates:
  • gd: Upgraded to 2.2.1 (only in current)
  • libarchive: Upgraded to 3.2.1 for 14.1 and current
  • pcre: Upgraded to 8.39 for 14.1 and current
There has been some improvements on other packages as well
  • php: Added a new configure option to specify vpx-dir
  • imagemagick: Upgraded to 6.9.4_9
  • mkinitrd: Added few more USB keyboard modules
  • cairo: Added patch to fix MATE applets in GTK+3 build

Thursday, June 16, 2016

Slackware/Slackware Live ISO, HTTPS Transition, and Indonesian Community Updates

I wanted to give several news in a single post today. Let's start with Slackware updates.

It has been a week since my last post about Slackware updates and i just want to give a recap on what's happening on Slackware-Current development cycle:
  • e2fsprogs: Upgraded to 1.43.1
  • kdelibs: Upgraded to 4.14.21
  • xf86-video-intel: Upgraded to latest git snapshot
  • grub: Rebuilt to use correct option
  • mkinitrd: Rebuilt to fix USB partition detection, adding more USB-based storage/keyboard modules and fix support for LUKS password in newer keyboards
  • sysvinit-scripts: Rebuilt to support password in non-swap partitions and new option.
  • cups-filters: Upgraded to 1.9.0
  • cups: Upgraded to 2.1.4
  • hicolor-icon-theme: Upgraded to 0.15
  • NetworkManager: Rebuilt to fix udev location
  • samba: Rebuilt to move any files to the new location, not just .tbd files
  • vsftpd: Rebuilt to handle crypt() changes in new GLIBC
  • wget: Upgraded to 1.18 (security fix)
  • xterm: Upgraded to 325
  • gettext/gettext-tools: Upgraded to 0.19.8.1
  • pidgin: Rebuilt to use larger collection of SSL certs
  • pkgtool: Rebuilt to remove greedy pattern maching, adding internationalized man-pages, and fix boot issues on unpartitioned devices
  • glibc-zoneinfo: Upgraded to latest timezone
  • slackpkg: Rebuilt to add internationalized man-pages
  • vim/gvim: Upgraded to 7.4.1938
  • git: Upgraded to 2.9.0
  • gparted: Upgraded to 0.26.1
  • libjpeg-turbo: Upgraded to 1.5.0
  • libgcrypt: Upgraded to 1.7.1
  • libgpg-error: Upgraded to 1.23
Pat will be more selective on upgrading new packages or rebuilding packages, focusing to critical bug fixes only. This helps on stabilizing Slackware since there are no ends to new version requests.

On the other hands, Eric Hameleers have updated his Slackware Live ISOs to 1.1.0 with the latest update from Slackware Current including latest KDE 5 combination: KDE Frameworks 5.23.0, Plasma 5.6.5 and Applications 16.04.2. I haven't rebuilt nor upgrade any packages in MATE so you will get the same packages just like in previous version. Nevertheless, you should try to download the new ISO for testing purposes. Eric has also made some changes to the iso2usb script and added some new features:
  • Add ‘-r’ option to iso2usb.sh to refresh an existing Live USB stick with content from a newer Live ISO image file.
  • New boot parameter ‘nop=wipe’ allows you to wipe persistent data in case of boot- or usability issues.
  • Deal properly with new kernel drivers that are introduced to the Live OS, such as when using the boot parameter ‘load=broadcom_sta’. Now the kernel can use them immediately after boot.
Blogger has enabled HTTPS support for some time and i don't know how i missed them. I thought i already activated them in the past, but turns out it haven't. Well, anyway it's now turned on by default, so you will be served using a more secure HTTPS protocol instead of the plain HTTP protocol while browsing my blog.

The Indonesian Slackware community planetplanet has been inactive for few months due to incompatibilities with the new hosting server, but now thanks to the owner of the hosting service, it's now functional again and the application has been replaced with Venus. There are some tweaks that we need to do to fix the layout, so stay tune. Big thanks to Baliwae who supported us by maintaining the domain name and also give us free hosting for the Indonesian Slackware Community.

Sunday, June 12, 2016

Moving Cinnamon SlackBuild Project to a new Organization

Cinnamon SlackBuild (CSB) project is now maturing and i believe it should be organized in an open organization instead of being my personal project only, so i decided to create a new organization CinnamonSlackBuilds and move my csb repository under https://github.com/CinnamonSlackBuilds/csb.

For users who have been following CSB development, you only need to change the git configuration located in /path/to/csb/.git/config. Change the url part in [remote "origin"] section into https://github.com/CinnamonSlackBuilds/csb.git and you will still be able to pull latest changes from the repository.

Upgrading Slackware 14.1 to Current and MATE 1.12 to 1.14

Since Slackware 14.2 is getting closer to release, i decided to try migrating my wife's desktop machine from Slackware 14.1 to Slackware 14.2 (current). It still uses MATE 1.12 since i don't build MATE 1.14 for Slackware 14.1 (mostly because some deps require higher version of library that what's included in 14.1), so it's a good opportunity to try the upgrade process from MATE 1.12 to MATE 1.14 as well.

Since my wife's usage on this machine is limited to simple activities, i didn't install many third party packages besides LibreOffice and some other packages (less than 10 i counted). This gives me an easy start because i can simply wipe all of them during the upgrade process and reinstall it later if deemed necessary.

Here's what i did :
  • rsync a backup copy of slackware-current repository from my desktop
  • change the mirror in slackpkg to local file instead of remote repository
  • slackpkg install-new (install new packages introduced in 14.2)
  • slackpkg upgrade-all (upgrade all packages)
  • slackpkg clean-system (remove deprecated Slackware + third party packages)
  • reboot
For MATE, it was wiped clean during slackpkg clean-system procedure. I haven't built MATE 1.14 for x86 architecture, so i had to clone the repository and built it manually using the build scripts and in short time, i have MATE 1.14 ready and i can enter the MATE desktop again. She will never notice that the underlying OS and Desktop Environment have been upgraded.

In short, the upgrade procedure from Slackware 14.1 to 14.2 and MATE 1.12 to 1.14 is straightforward and smooth. When MATE 1.14 packages is ready for Slackware 14.2, if you use slackpkg+ and configured msb repository in the configuration, the above procedure will also upgrade MATE 1.12 to MATE 1.14 so no need to built it manually.

Saturday, June 11, 2016

10th Anniversary of SBo Project

This week (5th of June) marks the tenth anniversary of SlackBuilds.org.

AlienBOB wrote a detailed post in his blog about the birth of the project and how he become one of the admins at that time. It should give users a nice history about how it all started. I also want to share some background how i become one of Slackware user and now one of the admin in SBo project.

I started to use Slackware in 2005 when i couldn't get Mandriva 2005 working properly on my first laptop (Acer Travelmate). The installation went well, but it always ended in a kernel panic situation. I described them on my first post to this blog in 2006 (took me several months to decide to make a new blog that discuss my daily live with Slackware). I used Slackware 10.2 at that time.

I remembered those times when i still had to do "./configure; make; make install" on every packages i wanted to install on my laptop. It was pretty challenging at the beginning, but it become more and more complicated when some packages need patches or any other treatment to get it build properly. Later i found out about LinuxPackages and started to use their binary packages. It was working well until i learn more about Slackware's philosophy and the risk of taking binary packages from unknown third party site. That's where i reached SBo project. It was a great resource for newbie like me and i had been using it since then to build packages i need.

It took me 5 years before i made my first contribution to the SBo project in 2010. It was guvcview and Erik Hanson was the admin who approved it. Since then i started to maintain more packages.

In late 2013 during Slackware 14.1 development cycle, Robby Workman contacted me whether i was willing to go online in IRC. I fired up my IRC client and he asked me to join the project as one of their admin. I was honored because this opportunity is not available to everybody. Almost the same condition as in G.I. Joe movie in 2009:
You don't ask to be part of SBo admin. You get asked.
My first commit as an admin was in 2013-11-13 (Thanks to GIT that tracked all changes in the repository) for PyOpenSSL and finally Slackware 14.1 repository was published in November 26 by Heinz along with the introduction of me as one of their admin.

It's been a nice 2,5 years working with the SBo admins and community to grow the script collection in our repository while maintaining it's quality from time to time. We couldn't done it without the support from many Slackware users worldwide.

Big thanks to all Slackware users out there and HAPPY 10th BIRTHDAY to SBo Project. Get bigger and better!!!

Thursday, June 9, 2016

More Bug Fixes Towards 14.2

In the last few days, more and more bug fixes are pushed to public. Pat is becoming more selective when accepting requests from people in LQ, otherwise it will drag Slackware 14.2 release longer. Here are the updates since my last blog post:
  • nftables: Upgraded to 0.6
  • xf86-input-evdev: Upgraded to 2.10.3
  • aspell-en: Upgraded to 7.1_0
  • yptools: Rebuilt to make it work on x86_64 platform
  • pkgtools: lots of improvements
  • kernel: Upgraded to 4.4.13
  • mkinitrd: Support LABEL and UUID for resume devices
  • python-setuptools: Upgraded to 22.0.5
  • SDL: Rebuilt to fix SDL_ttf bug
  • samba: Rebuilt to move files to /var and fix harmless error message
  • smartmontools: Upgraded to 6.5
  • gnutls: Upgraded to 3.4.13 (security update)
  • gkrellm: Upgraded to 2.3.7
  • firefox: Upgraded to 45.2.0esr
  • kernel-4.5.x: Removed from testing as it's been EOL'ed by Greg

Saturday, June 4, 2016

Security Update: ntp

After the last call, Pat only accept bug fixes and security fixes updates in the last batch of update :
  • ntp: Upgraded to 4.2.8p8 for all Slackware releases back to 13.0
  • imagemagick: Upgraded to 6.9.4_7
  • xfce4-panel: Rebuilt to fix blinking issue
  • lxc: Rebuilt to fix shutdown issue
  • libxml2: Rebuilt to fix attribute decoding issue
  • net-snmp: Rebuilt to include ucd-snmp/diskio module

Friday, June 3, 2016

Last Call Before 14.2 Gets Stable

Guys, last call for Slackware 14.2 development cycle before it's declared stable and we soon will have Slackware 14.2 ready. Here's the last changes in last batch of update:
  • kernel: Upgraded to 4.4.12
  • gdb: Upgraded to 7.11.1
  • harfbuzz: Upgraded to 1.2.7
  • libfntl: Upgraded to 1.0.6
  • imagemagick: Upgraded to 6.9.4_6

Wednesday, June 1, 2016

Security Update: thunderbird, imagemagick

Two security updates were released in the lasttwo days:
  • Thunderbird: Upgraded to 45.1.1 and applicable for 14.1 and current
  • imagemagick: Upgraded to 6.9.4_5 for current and rebuilt for others (14.0 and 14.1)
Suggestions are flowing for Current in LQ and Pat agreed to push more updates:
  • cdrtools: applied cdrtools-mkisofs patch requested by gmgf
  • hplip: rebuilt with correct paths thanks to kjhambrick
  • LibRaw: upgraded to 0.17.2
  • lcms2: rebuilt to remove PDF/RTF docs 
  • bluez: upgraded to 5.40
  • bash-completion: removed mpv symlink
  • tmux: added some terminfo files, requested by Dugan
  • python-setuptools: upgraded to 21.2.2
  • curl: upgraded to 7.49.1
  • blueman: upgraded to 2.0.4
  • xscreensaver: upgraded to 5.35