My thoughts on Slackware, life and everything

Day: March 12, 2013

A glibc-2.17 multilib update for slackware-current

Today’s update to the Slackware-current ChangeLog.txt comes with a large piece of communication by Pat Volkerding. A new kernel, a start of UEFI boot support in the Slackware installer, and new glibc packages are the most important changes mentioned in the post. If Pat had a blog this would definitely be a proper “blog post” considering its size. A recommended read for followers of the Slackware development effort.

Of course that glibc update warrants a companion update of the multilib packages which I maintain on the side. Check out these download locations:

Remember, multilib configuration is (only) needed if you want to use binary-only 32-bit software on 64-bit Slackware – think of Valve’s Steam Client, the WINE emulator, Citrix client etc.

If you are looking for instructions on how to add or update multilib on your 64-bit Slackware, check out our Slackware Documentation Project which has this information and much more.

Cheers, Eric

 

New IcedTea for OpenJDK 7u17

In order to match the recent Oracle security update for its Java platform, Java 7u17, the IcedTea developers have released version 2.3.8 of the IcedTea “build harness”, with which a fresh OpenJDK 7u17 can be built. This 17th update to Java7 addresses several vulnerabilities, the same as Oracle’s update.

It may be worth noting that security experts advise you to disable the Java plugin of your web browser unless you absolutely need it, and in such a case, set the Java Applet security to “high” so that you will be prompted when a Java applet attempts to load in your browser. See for instance the US-CERT statement about these vulnerabilities.

Nevertheless, I think that Java is an important piece of software which a lot of people use and need. After all, the whole world has been complaining for decennia about the vulnerabilities in Sendmail… And that is still widely used, because its vulnerability depends entirely upon the careless administrator (and I still prefer Sendmail over Postfix). Therefore it is only logical that you will get new packages from my repository for the latest OpenJDK.

Anyway.

Here is the list (taken from the mailing list this time because Andrew has not yet updated his blog) of the vulnerabilities which are being addressed by this update, and their CVE numbers:

If you wait a little, you will be able to read all about it on Andrew John Hughes‘s blog. GNU/Andrew is the release manager for IcedTea.

Apart from these critical vulnerabilities (of which one was already actively exploited) there are some other bug fixes which are explicitly mentioned:

  • PR1303: Correct #ifdef to #if
  • PR1340: Simplify the rhino class rewriter to avoid use of concurrency
  • Revert 7017193 and add the missing free call, until a better fix is ready.

Packages for OpenJDK 7u17, compiled on Slackware 13.37 (and useable on 13.37 as well as 14.0 and -current!), can be found at the usual locations. Here are a few:

Further packages that are recommended/required:

  • Optional: If you want a Java browser-plugin you must install icedtea-web (OpenJDK itself does not contain such a plugin).
  • Required: The rhino package is a dependency of the openjdk/openjre package. It contains the JavaScript engine for OpenJDK.

Eric

© 2024 Alien Pastures

Theme by Anders NorenUp ↑