Showing posts from February, 2007

Section 7 Finished

So i continue my work today by finishing Section 7 of Slackbook and it's already finished (i just committed it to the CVS server also). I guess that's enough for today. I will continue Section 8 in other time and i'm enjoying a nice weekend now.

Section 6 Finished

Finally i have some spare time to update Slackbook project. I have just committed a change to finish all translations for Chapter 6 of the Slackbook and i'm going through Chapter 7. I do really need help to finish this project as it still 13 section left to be translated. If you really wanted to help this project, please visit the Project Page

Updated PHP and Amarok

Patrick Volkerding has released several packages today and it contains an updates to PHP and Amarok (including some dependencies packages needed by Amarok). Some of the packages has been around for few days if we look OSUOSL's mirror site. Here's the changelog of all of them:
Thu Feb 22 21:13:04 CST 2007
Upgraded to php-4.4.5 which improves stability and security.
For complete details, see
For imformation about some of the security fixes, see:
(* Security fix *)

Upgraded to php-5.2.1 which improves stability and security.
For im…

Kernel Released

Containing only 1 update, this fix ( is relatively small, but i guess it's very important as the -stable team don't want to wait until other fixes are ready and they just released this version right away. Here's the short changelog to
commit 8d1117a9f5d302d8d460fbe7ef322b382e45c9ce
Author: Greg Kroah-Hartman
Date: Mon Feb 19 22:34:32 2007 -0800


commit e162a033a5882bde0c3bf5a07ee2119f9535cd8c
Author: Greg Banks
Date: Tue Feb 20 10:12:34 2007 +1100

[PATCH] Fix a free-wrong-pointer bug in nfs/acl server (CVE-2007-0772)

Due to type confusion, when an nfsacl verison 2 'ACCESS' request
finishes and tries to clean up, it calls fh_put on entiredly the
wrong thing and this can cause an oops.

Signed-off-by: Neil Brown
Signed-off-by: Linus Torvalds
Signed-off-by: Greg Kroah-Hartman

Updated glibc-zoneinfo Package

Patrick Volkerding has released an updated glibc-zoneinfo package to update the timezone information to account for the extention of Daylight Savings Time (DST) in the US. Without this update, many computers who uses Slackware in the United States will have a system clock off by one hour for a month starting on March 11.

Here's the changelog:
Updated with tzdata2007b for impending Daylight Savings Time
changes in the US.

No Sound at Gaim 2.0.0-beta6

In my previous post about Upgrading to Gaim 2.0.0-beta6, i have mentioned about Gstreamer as one of the requirements in beta6, but unfortunately, after i upgraded Gstreamer, my Gaim still don't produce any sound (i have just tested it) and it won't even blink now. I have tried to recompile gaim several times to make sure it has the correct parameter but still no luck.

I even tried to downgrade to beta-5, but nothing changed. I guess for now, i will have to use Gaim without any sound or message notifications when i'm online using Slackware.

PHP 5.2.1 Released

Thanks to Eris, i finally found an update to PHP 5. Actually, i browsed PHP site few days ago (and also yesterday) and i couldn't found any update on PHP, but today, they have changed their front page and also released an update to their latest 5.2.x version (4.4.x version with relevant changes will be available soon).

There's a bunch of updates included in this version and they urged every developer and web hosting should upgrade to this version as this version also added new meta data to prevent search engines indexing the page with phpinfo() information which can be used to infiltrate the system or looking for vulnerable configuration of PHP itself.

Here's the security enhancement on PHP 5.2.1:
* Fixed possible safe_mode & open_basedir bypasses inside the session extension.
* Prevent search engines from indexing the phpinfo() page.
* Fixed a number of input processing bugs inside the filter extension.
* Fixed unserialize() abuse on 64 bit systems with cert…

Updated Samba

Patrick Volkerding has upgraded SAMBA packages to the latest version which fixed some security vulnerabilities. Here's the entry from the Stable Changelog:
Wed Feb 7 12:29:05 CST 2007
Upgraded to samba-3.0.24. From the WHATSNEW.txt file:
"Important issues addressed in 3.0.24 include:
o Fixes for the following security advisories:
- CVE-2007-0452 (Potential Denial of Service bug in smbd)
- CVE-2007-0453 (Buffer overrun in NSS host lookup Winbind NSS library on Solaris)
- CVE-2007-0454 (Format string bug in VFS plugin)"
Samba is Slackware is vulnerable to the first issue, which can cause smbd to enter into an infinite loop, disrupting Samba services. Linux is not vulnerable to the second issue, and Slackware does not ship the VFS plugin (but it's something to be aware of if you build Samba with custom options).
For more information, see:

New Kernel Released

Linus Torvalds and Willy Tarreau has released a new kernel release, 2.6.20 and also Please see the Changelog (2.6.x and 2.4.x) for more detail about the changes. Time for some kernel upgrades :)