Posts

Showing posts from April, 2008

Slackware 12.1 RC 3

Another RC release towards 12.1 and it's been officially freezed for non-critical updates and save further big changes after -Current gets started again (we don't know yet, but most of the time two or three months after the -Stable has been released, even though it could be longer than that).
Mon Apr 28 23:43:55 CDT 2008
We'll call this Slackware 12.1 RC3, and freeze the tree for anything that isn't critical. Things seem very stable, so it's probably a good idea to save any further upgrades and additions until -current restarts.

a/cups-1.3.7-i486-2.tgz: Applied patch str2790 to fix crash bugs in the PNG image filter. The issues are not believed to be capable of either a DoS (at worst, it simply crashes the filter processing the current job and does not crash the scheduler daemon, which just moves on to the next job in the print queue), nor arbitrary code execution (data from the image is never stored in the affected tile array). Still, it seems to be worth fixing here…

Restored MMX Optimization

One small update has been released. This update restored MMX optimization which should fix slow performance during playing Flash format.
Sat Apr 26 16:38:32 CDT 2008
x/pixman-0.10.0-i486-4.tgz: Restored MMX optimizations, which should fix the issues some machines were having with slow Flash playback.
Thanks very much to Zielony for getting me to take a closer look at this. :-)

Security Fix: kdelibs

One security fix has been released to fix KDE problem that affects KDE 3.5.5 up to KDE 3.5.9. KTorrent is also upgraded to the latest version.
Fri Apr 25 23:09:23 CDT 2008
kde/kdelibs-3.5.9-i486-4.tgz: Patched to fix a security problem.
From the KDE advisory: "If start_kdeinit is installed as setuid root, a local user might be able to send unix signals to other processes, cause a denial of service or even possibly execute arbitrary code."
This issue affects KDE 3.5.5 through KDE 3.5.9.
We recommend upgrading to the new kdelibs package as soon as possible.
For more information, see:
http://www.kde.org/info/security/advisory-20080426-2.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1671
(* Security fix *)

extra/ktorrent/ktorrent-2.2.6-i486-1.tgz: Upgraded to ktorrent-2.2.6.

isolinux/initrd.img: Patched /sbin/probe to look for formatted swap on RAID.

usb-and-pxe-installers/: Patched /sbin/probe in usbboot.img to look for formatted swap on RAID.

Not Yet...

Few packages still have issues and references to the old 12.0 version, so here comes another updates for -Current.
Wed Apr 23 19:42:28 CDT 2008
Not quite yet, but it's getting closer.
a/aaa_base-12.1.0-noarch-2.tgz: Updated the initial emails.
l/jre-6u6-i586-3.tgz: Adjusted the installation script to fix an issue causing broken symlinks in /. Thanks to Corrado "Conraid" Franco for the report.

n/wireless-tools-29-i486-3.tgz: Increased the sleep time after bringing up an interface to 3 seconds, since some of the new drivers need the additional time to fully initialize. Thanks to bstrik on LQ.

extra/jdk-6/jdk-6u6-i586-3.tgz: Adjusted the installation script to fix an issue causing broken symlinks in /.
Thanks to Corrado "Conraid" Franco for the report.

isolinux/initrd.img: Fixed (hopefully) the last remaining "12.0" version number (this one found in /etc/issue).
Thanks to Franck Barbenoire for spotting it.

usb-and-pxe-installers/: Fixed the "12.0" versi…

Slackware 12.1 Real Soon

Image
While it's not yet officially released right now, but if you look at the -Current tree, it already contained an Announcement and also Release Notes for the next 12.1 release. Meaning that in the next few days, the final Slackware 12.1 will be released, as Pat and the rest of the Slackware team may have to update the website, preparing the mirrors to hold the new ISO, prepare the store for new subscriptions, and many things to be dealt to make sure everything worked as planned.

Slackware 12.1 is a result of nine month of development cycle by Slackware contributors around the world coordinated with Patrick Volkerding as the man in charge of all decisions that goes in and out of Slackware tree.

Continuing from previous Slackware 12.0 release, this release is the best Slackware release ever as it still hold the tradition to be a KISS-based Linux distribution, while keeping the application up-to-date without sacrificing the security of the whole system.

Please welcome to new baby, Slackwa…

Slackware 12.1 RC 2

After few days without updates, PV has announced the next milestone towards Slackware 12.1. It's now on RC 2 states and he hoped that this will be the final RC before the final 12.1 if there's no major problems found during testing cycle.

I personally would like to see newer PHP and libpng updates on the -Current, but they are not ready yet. Let's hope Pat is willing to wait for those updates, as it will be a critical updates.

Anyway, here's the latest -Current changelog which states the RC 2 announcements:
Mon Apr 21 16:47:32 CDT 2008
We have now reached the Slackware 12.1 RC2 milestone. :-) We're beyond updating packages or fixing minor cosmetic bugs at this point (actually, we had hoped to be past that with RC1, but there were still items in need of attention). What we have here now has proven to be stable for our testers,
so unless some real showstoppers are found we'll be releasing this as Slackware 12.1-final soon.
a/glibc-solibs-2.7-i486-10.tgz: Recompiled aga…

Security Fix: Mozilla Firefox

As expected, a new Firefox build has been included in the -Current, since it contains fixes for possible security bug. rc.mysqld is also patched for missing "=" noticed by Mark. Here's the latest -Current (nothing big really)
Thu Apr 17 16:25:55 CDT 2008
ap/mysql-5.0.51a-i486-3.tgz: Edited rc.mysql to fix a missing '=' in the example for mysql_install_db. Thanks to Mark.

xap/mozilla-firefox-2.0.0.14-i686-1.tgz:
Upgraded to firefox-2.0.0.14.
This upgrade fixes a potential security bug.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
(* Security fix *)

Java Updates

Image
Java packages are now updated to Update 6. One fix on wireless-tools is also included. So far, no more new packages are coming through and it's only testing and bug fixing to make the next Slackware release as stable as possible. Probably the next batch of updates will include Firefox updates, since it has been released today.

Can't wait to see 12.1 gets released

Here's the latest -Current changelog:
Wed Apr 16 16:18:22 CDT 2008
l/jre-6u6-i586-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 6.

n/wireless-tools-29-i486-2.tgz: Make sure that HWADDR in rc.wireless is all uppercase. Thanks to Ken L. and Masanori Kobayasi for reporting the issue.

extra/jdk-6/jdk-6u6-i586-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 6.

Speakup Kernel Updated

Only one changes today on -Current, which is a rebuilt of kernel speakup which has been updated from the latest pull from the GIT source.
Wed Apr 16 02:12:25 CDT 2008
kernels/speakup.s/: Rebuilt with the latest 2008-04-16 GIT pull. Hopefully this has a better chance of working now. I saw output (though not text) testing the dummy driver using a null modem.

Emacs Update

After for some time left without any updates, finally Emacs gets updated today. The last version in 12.0 was 21.4a. The version included in -Current is 22.4. Along with Emacs updates, a new RadeonHD package is also included. Here's the latest -Current changelog:
Mon Apr 14 22:23:29 CDT 2008
e/emacs-22.2-i486-1.tgz: Upgraded to GNU emacs-22.2.

x/xf86-video-radeonhd-1.2.1-i486-1.tgz: Upgraded to xf86-video-radeonhd-1.2.1.

extra/emacspeak/emacspeak-27.0-i486-1.tgz: Upgraded to emacspeak-27.0.

First Update This Week

Another pile of updates are coming through -Current changelog and it's getting up-to-date with most of the newest application available on mainstream. Meanwhile, the quality on each packages is being maintained by contributors who tested application on -Current.

Here's the latest -Current changelog:
Mon Apr 14 00:39:23 CDT 2008
a/smartmontools-5.38-i486-1.tgz: Upgraded to smartmontools-5.38.

d/git-1.5.5-i486-1.tgz: Upgraded to git-1.5.5.

kde/amarok-1.4.9.1-i486-1.tgz: Upgraded to amarok-1.4.9.1.

n/bind-9.4.2-i486-2.tgz: Patched rc.bind to add a short wait after starting named, so that the startup script doesn't match "named " with a failing startup and too quick a check. Thanks to Luis.
Upgraded to the latest named.root file. Thanks to giovanni.

t/xfig-3.2.4-i486-3.tgz: Patched to fix a wrong XFIGLIBDIR that was causing some minor errors. Thanks to Dario Nicodemi for the patch.

tcl/tclx-8.4-i486-2.tgz: Recompiled. Since some of the Tcl/Tk headers are now considered "…

Delayed Update

Actually, Pat already pushed an update yesterday, but somehow, the updates didn't showed up in the primary mirror (OSUOSL), so i postponed to post an update on this blog in order to wait until the primary mirror is ready to server all slackers that are eager to test the next batch of updates.

So this morning, the mirror is already synchronized and here's the latest -Current changelog:
Sat Apr 12 02:20:06 CDT 2008
ap/ghostscript-8.62-i486-5.tgz: Edited /usr/share/ghostscript/8.62/lib/cidfmap to attempt support for Simplified Chinese (though Traditional Chinese and Korean will still require cidfmap changes and additional fonts).
Thanks to ABE Shin-ichi for providing the cidfmap that the new one is based upon. Any errors in the new cidfmap are most likely my own...

ap/man-1.6f-i486-1.tgz: Upgraded to man-1.6f. Thanks to Robby Workman.

d/cscope-15.6-i486-1.tgz: Upgraded to cscope-15.6.

f/linux-howtos-20080411-noarch-1.tgz: Updated to Linux-HOWTOs-20080411.

l/svgalib_helper-1.9.25_2.6.24.4…

Recompile to Static Library

Small changes on the latest batch of updates includes some recompilation of the packages to include static libraries and also small changes to fix some problem appeared in the -Current packages.

Here's the -Current changelog:
Fri Apr 11 00:32:00 CDT 2008
a/cryptsetup-1.0.5-i486-4.tgz: Recompiled against static libgpg-error and got rid of --disable-libcrypt in cryptsetup.static's ./configure to prevent the error "Command failed: Key processing error: No hash backend found" when creating a new cryptographic volume. Thanks to TaQ for the heads-up.

a/ed-0.9-i486-2.tgz: Fixed missing man page. Thanks to Selkfoster.

d/guile-1.8.4-i486-1.tgz: Upgraded to guile-1.8.4.
Thanks to Jean-Francois L. Blavier for the upgrade suggestion.

n/ipw2200-fw-3.0-fw-2.tgz: Add an extra copy of the LICENSE file to the /usr/doc/ipw2200-fw-3.0/ directory in addition to the one with the firmware.
Thanks to Stuart Winter for reporting the package build problem.

n/libgcrypt-1.4.0-i486-2.tgz: Recompiled to…

Security Fix : Rsync

One security fix has been released by PV along with bunch of updates today on -Current, which is Rsync. The security fix is only valid for -Current since the package affected is not yet released to -Stable. It's not the only updates today, since the kernel itself is now compiled to add the experimental CONFIG_PATA_MARVELL option, since some newer Intel motherboards are already using this chipset. One new package also find it's way to the official Slackware packages today: libaio (Asyncronous I/O Library).

Here's the latest -Current changelog:
Wed Apr 9 23:57:07 CDT 2008
The kernels were recompiled to add the experimental CONFIG_PATA_MARVELL option, since some newer Intel motherboards are already using this chipset. Like everything else, use it at your own risk. It was decided that having some driver that was tested and found to work was better than no support at all.
Thanks to David Somero for reporting the issue.

a/kernel-generic-2.6.24.4-i486-2.tgz: Recompiled Linux 2.6.24.4 …

Small Changes Today

Sorry that i kinda busy today, so i forgot to update the notification list about Slackware-Current development. Today, Pat pushed a small updates which fixes three problems occured in fribidi, pixman, and xine-lib. CMake also gets upgraded. Here's the latest -Current changelog:
Tue Apr 8 00:20:39 CDT 2008
d/cmake-2.4.8-i486-1.tgz: Upgraded to cmake-2.4.8.

l/fribidi-0.10.9-i486-2.tgz: Recompiled. "left-to-right" was far too egregious a mistake to leave in the slack-desc. Sorry about that.
Thanks to Russell Whitaker for spotting this error.

x/pixman-0.10.0-i486-2.tgz: Symlink the headers into /usr/include to temporarily accommodate software that isn't yet using pixman.pc to get the -I/usr/include/pixman-1/ include path.

xap/xine-lib-1.1.11.1-i686-2.tgz: Patched to fix playback failure affecting several media formats accidentally broken in the xine-lib-1.1.11.1 release.
Thanks to Diogo Sousa for pointing me to the new release notes on xinehq.de.

Security Fix : m4 and bzip2

Two security updates has been released along with another batch of updates in Slackware-Current tree. Nothing major happened on this batch, except for iptables which gets a significant upgrade and also improvement to the installer to support installation from HTTP source with port number, such as: http://somehost:8080.

Here's the latest -Current changelog:

Mon Apr 7 12:25:10 CDT 2008
a/aaa_elflibs-12.1.0-i486-1.tgz: Added libfuse. Updated libbz2 (which still has the shared library name "libbz2.so.1.0.4").

a/bzip2-1.0.5-i486-1.tgz: Upgraded to bzip2-1.0.5.
Previous versions of bzip2 contained a buffer overread error that could cause applications linked to libbz2 to crash, resulting in a denial of service.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1372
(* Security fix *)

a/cryptsetup-1.0.5-i486-3.tgz: Make cryptsetup in /sbin and /usr/sbin both symlinks to /sbin/cryptsetup.static. This prevents "cryptsetup" failure if someone insta…

Glibc Updates

All of glibc packages has been recompiled to fix the bad symlink that was broken in the previous release. This batch of update also upgrade rsync and also a testing package for bash-3.2 with patch level 029. I have been using Bash 3.2 for some time and i never had problem so far, so i guess it's quite safe.

Here's the latest -Current changelog:
Fri Apr 4 22:08:08 CDT 2008
a/glibc-solibs-2.7-i486-9.tgz: Recompiled.

a/glibc-zoneinfo-2.7-noarch-9.tgz: Rebuilt.

l/glibc-2.7-i486-9.tgz: Recompiled to fix a bad sln symlink (noticed by many, thanks).

l/glibc-i18n-2.7-noarch-9.tgz: Rebuilt.

l/glibc-profile-2.7-i486-9.tgz: Recompiled.

n/rsync-3.0.1-i486-1.tgz: Upgraded to rsync-3.0.1.

testing/packages/bash-3.2.029-i486-1.tgz: Brought up to patchlevel 029.
Last time we tried this as our main shell, it was still causing problems with a lot of the scripts out there, but perhaps it will be tried again in the next development cycle.

SlackBook Translation

Indonesian translations of SlackBook has been listed in the translation site of SlackBook. Please have a look on the site to check the latest Translations of the SlackBook. The translated version is the chunk version (split). The full one page is not yet translated.

Thanks to Ozzie for the notifications on Indonesian Linux Forum

Security Fix : OpenSSH

A new advisories has been released for OpenSSH package which is now upgraded to 5.0. Along with this are update to mercurial and mkinitrd and also inclusion of dbus-python. Here's the latest -Current changelog:
Fri Apr 4 13:47:24 CDT 2008
a/mkinitrd-1.3.2-i486-1.tgz: Patched to fix problems with previous settings getting overwritten with a plain "mkinitrd", and added support for non-US keyboards. Thanks to Eric Hameleers.

d/mercurial-1.0-i486-1.tgz: Upgraded to mercurial-1.0.

l/dbus-python-0.82.4-i486-1.tgz: Added dbus-python-0.82.4, which is needed for the correct operation of hplip. Thanks to Robby Workman.

n/openssh-5.0p1-i486-1.tgz: Upgraded to openssh-5.0p1.
This version fixes a security issue where local users could hijack forwarded X connections. Upgrading to the new package is highly recommended.
For more information on this security issue, please see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483
(* Security fix *)

usb-and-pxe-installers/initrd.img. Removed…

Slackware 12.1 RC1

Finally, Slackware 12.1 RC 1 has been officially announced by Patrick Volkerding. He noted that some minor works still to be done, but we are getting closer to final version that leads to Slackware 12.1. Here's the latest batch update that makes the 12.1 RC 1:
Thu Apr 3 01:16:15 CDT 2008
OK, we're going to call this Slackware 12.1-rc1, though there is still some more minor work to do. Please help test! And if we're missing anything major, please let me know at volkerdi@slackware.com. Thanks. :-)

a/aaa_elflibs-12.1.0-i486-1.tgz: Updated the initial "starter" library package to the latest versions in -current.

a/cups-1.3.7-i486-1.tgz: Upgraded to cups-1.3.7.
This version of CUPS fixes some buffer overflows in the GIF image filter and in cgiCompileSearch. Those running CUPS servers should upgrade.
For more information on these security issues, please see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373
(…

Linux Kernel Development Paper

Greg Kroah-Hartman, Jonathan Corbet, and Amanda McPherson have published a paper about Linux Kernel Development. This paper discussed about the kernel development process, starting from the background, development model, release frequency, statistics, and many more. It's an interesting paper for those who would like to see Linux Kernel development process.

Security Fix: xine-lib

Another batch of updates has been released today along with one security fix for xine-lib. This time, a replacement for util-linux is now available along with some modification for mysql (administrator should look on the /etc/rc.d/rc.mysqld for changes that Pat noted).

Here's the latest -Current changelog:
Tue Apr 1 02:41:32 CDT 2008
a/acl-2.2.47_1-i486-1.tgz: Upgraded to acl-2.2.47_1.

a/attr-2.4.41_1-i486-1.tgz: Upgraded to attr-2.4.41_1.

a/etc-12.1-noarch-4.tgz: Give the mysql user a /bin/false "shell".
Thanks to Noel for the suggestion.

a/lilo-22.8-i486-12.tgz: Fixed a bug where liloconfig might not properly determine the root directory where /boot is found.

a/sysvinit-scripts-1.2-noarch-20.tgz: Fixed a bug in rescan-scsi-bus that was exposed by the CONFIG_SCSI_MULTI_LUN kernel option (which _should_ also make rescan-scsi-bus unneccessary). Thanks to Kem Prims for the bug report.
Keep /usr/share/mime's mime.cache file updated.

a/util-linux-2.12r-i486-6.tgz: Removed. See bel…

New Poll Has Been Rolled Out

Image
Ok, April is here and here's the new questions for the poll for this month : "Which New Features in Next Slackware 12.1 That You Like?" I have listed several options that i compiled from the -Current changelog (it may change in the future as -Current development is still going on, but it's the latest snapshot up to the time i write this post):
Updated Toolchain (Glibc 2.7 and GCC 4.2.3)Kernel 2.6.24.x basedUpdated XOrg 7.3Updated Window Manager (KDE 3.5.9 and XFCE 4.2.2)Splash Screen in LILOInclusion of New Fonts Inclusion of SCIM PackagesInclusion of Tango IconsInclusion of Py* PackagesInclusion of Many Wireless FirmwareNTFS Read/Write Support (via NTFS-3G, NTFSPROGS, and FUSE)You may choose more than one option.

Have fun and enjoy the poll

Poll Results : KDE Wins

Image
OK, March has ended and so does the Poll. Last month's question was "What Is Your Favorite Desktop Manager?" and here's the results:
KDE 126 (52%)GNOME 44 (18%)XFCE 25 (10%)IceWM 2 (0%)Blackbox 2 (0%)Fluxbox 27 (11%)Fvm 2 (0%)Windowmaker 7 (2%)Others 7 (2%)And the winner for last month's Poll is KDE. It was voted by more than 50% of the voters (126 out of 242). I was quite surprised, since in some forums, i noticed that most Slackware users do not use KDE very often. I had some thoughts that not all visitors of this blog uses Slackware, and probably are using other Linux Distribution as well, so it's a global poll rather than specific to Slackware.

Well, it's over now and i'll be posting this month's poll in short time. Just be patient