Saturday, December 31, 2016

End of Year Review

2016 has been a great year for my journey with Slackware. Slackware 14.2 finally got released on July 1 after 2 years of development. It's very stable and i'm sure everyone is pleased with this release as the best release ever. Eric Hameleers also released his Slackware Live project to public and enables new users to test Slackware in a live environment without having to install it on their hard drive (but they do have an option to install it if they like it). It's at 1.1.5 currently and documented very well in Slackware Documentation project. SlackBuilds repository for Slackware 14.2 also released in the same day as Slackware 14.2 gets announced.

MATE 1.14 and Cinnamon 3.0 got released in the same day as Slackware 14.2 and it's the first MATE  and Cinnamon release for Slackware 14.2. Few months later, MATE 1.16 and Cinnamon 3.2 landed as well in Slackware 14.2. It's will continue to be supported until next release of Slackware unless new version gets released.

SlackBuilds Project (SBo) also improved a lot with new maintainers coming in and new scripts are being added. We have just pushed our last public update in 2016. We have now reached 6200+ scripts in our repository, improving from around 5500 since last announcement.

Looking forward, we hope to see more contributions to Slackware Linux and SBo project in general. By buying stuffs in Slackware Store or subscribe to Slackware CD/DVD release, you can help Slackware Linux survive in the future. You can help SBo project by submitting new scripts and report to us whenever you found a bug in the scripts. You can report it on LQ, send it to maintainer directly, or send it to our mailing list if the maintainer does not respond in a timely manner.

See you all in 2017!!!

Security Update: Thunderbird, Seamonkey, libpng, python, samba

5 Security updates were released near the end of year 2016:

  • Samba: Upgraded to 4.4.8 for Slackware 14.2 and 4.5.3 for current
  • Python: Upgraded to 2.7.13 for Slackware 14.0 and newer
  • Thunderbird: Upgraded to 45.6.0 for Slackware 14.1 and newer
  • Seamonkey: Upgraded to 2.46 for Slackware 14.1 and newer
  • libpng: Upgraded to 1.2.57 for Slackware 13.0, 1.4.20 for Slackware 13.1 up to 14.1, 1.6.27 for Slackware 14.2 and current
More updates on current includes:
  • Nano: Upgraded to 2.7.3
  • btrfs-progs: Upgraded to 4.9
  • hplip: Upgraded to 3.16.11
  • tmux: Upgraded to 2.3
  • elfutils: Upgraded to 0.168
  • openvpn: Upgraded to 2.4.0
  • libXpm: Upgraded to 3.5.12
  • libdrm: Upgraded to 2.4.74
  • mesa: Upgraded to 13.0.2
  • xf86-video-dummy: Upgraded to 0.3.8
  • xf86-video-geode: Upgraded to 2.11.19
  • xf86-video-git: Upgraded to latest git (20161117)
  • xfce4-panel, xfce4-settings, xfconf: Upgraded to 4.12.1

Sunday, December 25, 2016

Security Update: expat, httpd, openssh

Three security updates has been published since my last blog post and they were:

  • expat: Upgraded to 2.2.0 for Slackware 13.0 and newer
  • httpd: Upgraded to 2.4.25 for Slackware 14.0 and newer
  • openssh: Upgraded to 7.4p1 for Slackware 13.0 and newer
Meanwhile in current some changes is in progress:
  • ncurses: Upgraded to 6.0
  • readline: Upgraded to 7.0
  • Removal of libtermcap (included in ncurses)
  • curl: Upgraded to 7.52.1
  • gpa: Upgraded to 0.9.10
  • gpgme: Upgraded to 1.7.1
  • lftp: Upgraded to 4.7.4
  • libassuan: Upgraded to 2.4.3
  • libgcrypt: Upgraded to 1.7.5
  • libksba: Upgraded to 1.3.5
  • nettle: Upgraded to 3.3
  • nmap: Upgraded to 7.40
  • pinentry: Upgraded to 1.0.0
  • xfce4-weather-plugin: Upgraded to 0.8.8
  • gcc: Upgraded to 6.3.0 in testing/

Wednesday, December 14, 2016

NVidia Legacy Unix Driver Update

NVidia has released an updated legacy drivers to support X.Org 1.19 with ABI 23. It has been mentioned in the UNIX drivers, but you can directly find the drivers from the links below:
I have tested the 304.134 driver and it's working great here. I can finally remove x from my /etc/slackpkg/blacklist file since it's a showstopper for me.

Aside from legacy driver, NVidia has also released their latest driver 375.26 (x86, x86_64), which brings support for newer cards and also many new features (including X.Org 1.19 with ABI 23 support). 

Tuesday, December 13, 2016

Security Update: kernel, php, mcabber

Just hours after i published MATE and Cinnamon packages for current and said that current is a moving target, Patrick released security updates for stable and current plus some library updates in current. The changes includes:

  • kernels: Upgraded to 4.4.38 for Slackware 14.2 and current
  • mcabber: Upgraded to 1.0.4 in Slackware 14.0 and newer. This requires updated loudmouth 1.5.3.
  • php: Upgraded to 5.6.29 in Slackware 14.0 and newer
Interesting fact: this is the third time Slackware 14.2 receive a kernel bump. In the previous stable releases, we rarely see a kernel being upgraded more than once. In Slackware 14.1 there's one kernel bump to 3.10.103, and we have two bumps (3.2.45 and 3.2.83) for Slackware 14.0.

More packages coming in current:
  • coreutils: Upgraded to 8.26
  • grep: Upgraded to2.27
  • kernel-firmware: Upgraded to 20161211
  • nano: Upgraded to 2.7.2
  • gsl: Upgraded to 2.3

Monday, December 12, 2016

MSB and CSB Packages for Current

So far, i have been building MATE and Cinnamon under 14.2 stable releases and i will continue to support 14.2 as long as possible. It's a rock solid release and all MATE and Cinnamon updates are coming in smoothly.

Current is now progressing as well, even though no major changes in the toolchain and libraries, making it possible for packages built against stable be used under current machines. That, however, is not a long term solution as current is a moving target, meaning it will diverge from stable when Pat pushed the big updates someday with all the changes from toolchain, libraries, and applications. Mixing current and stable are not recommended.

Today i created two new VMs for building MATE 1.17 and latest Cinnamon 3.2 packages against current for testing area. Both have been uploaded to slackware.uk repository (MATE, Cinnamon) and it's available in x86_64 architecture only. These packages can be used to generate new Slackware Live ISOs using liveslack script from Eric Hameleers (AlienBOB).

Please note that these packages *may* break when some packages in Slackware is upgraded someday. Sometimes a simple rebuilt will fix it, but there's a chance  that it may need more patches to fix the issue. That's the fun part :)

Enjoy MATE and Cinnamon packages for Slackware-Current users.

New Slackware Live ISOs

Eric Hameleers (AlienBOB) is now actively pushing updates on his set of packages on his repository. His latest work involved set of KDE 5 updates, new baking recipe, and the Slackware Live ISOs based on latest work of liveslack 1.1.5.

One interesting point about this latest ISOs is that Cinnamon is now included in the set of ISO generated. Previously, Cinnamon was added during early testing phase, but it never got included in the next few releases and somehow it's included in the latest 1.1.5 release. It's already based on the Cinnamon update i uploaded per December 10. Since Cinnamon is in active development due to preparation of Mint 18.1, you will notice that they release many minor releases in a short time. There's already a new cinnamon commit pushed to my github/gitlab repository, but not yet packaged. I usually wait for some time before i start packaging for stable update.

Please note that Cinnamon packages were built under 14.2 stable, not current. I will try to spend some time to build Cinnamon packages under current to make sure it stays with the baseline used (slackware-current). Same thing with MATE, but i will try to build MATE 1.17 instead of MATE 1.16 which will be based on full GTK+3 stack. I have a local branch here which already track MATE 1.17 packages, but i'm still waiting for the upstream to complete creating tarballs for MATE 1.17 before i can launch the branch to github.

Friday, December 2, 2016

Security Update: firefox, thunderbird

Few days ago, a new security vulnerability was posted in Tor's mailing list and it contains a PoC which affects Firefox and Thunderbird and it's currently being used to exploit TorBrowser users. Mozilla quickly being notified and they released an update to their products followed by others. After analyzing it, turns out it's a SVG Animation remote code execution. It targets for Windows users, but the underlying bug is also available on other platforms as well.

Slackware include the latest Firefox and Thunderbird products in their latest update. Stable release still receive an ESR version, which is still at 45.x branch. TorBrowser is also using ESR as their baseline. They also release a new version: 6.0.7.

Another update was a request by me to include a patch to fix a problem i found while testing MATE 1.17. During creating the tarball by using make distcheck, it failed to build properly. One of MATE's developer (monsta) pointed to a bug report in LP and there was a patch to fix this issue, but somehow upstream no longer update the repository and the development seems to be stalled. Last commit was in January 2016. I send a request to Patrick and he agreed to include it on stable and current.