Month: April 2014 (Page 2 of 2)

Security update: OpenJDK 7u55 (created with icedtea 2.4.7)

April 17, 2014 / alienbob / 3 Comments

On “patch tuesday”, two days ago, Oracle released their April update of the Java SE platform.

The new version of Java is “7 update 55” and addresses several vulnerabilities. The IcedTea team have now prepared version 2.4.7 of their OpenJDK build framework which will compile an OpenJDK version in sync with Oracle’s release. Please read the announcement on Andrew’s blog for all the release details.

Update 55 Build 14 of OpenJDK 7 addresses these critical issues:

* Security fixes:
S8023046: Enhance splashscreen support

S8025005: Enhance CORBA initializations

S8025010, CVE-2014-2412: Enhance AWT contexts

S8025030, CVE-2014-2414: Enhance stream handling

S8025152, CVE-2014-0458: Enhance activation set up

S8026067: Enhance signed jar verification

S8026163, CVE-2014-2427: Enhance media provisioning

S8026188, CVE-2014-2423: Enhance envelope factory

S8026200: Enhance RowSet Factory

S8026716, CVE-2014-2402: (aio) Enhance asynchronous channel handling

S8026736, CVE-2014-2398: Enhance Javadoc pages

S8026797, CVE-2014-0451: Enhance data transfers

S8026801, CVE-2014-0452: Enhance endpoint addressing

S8027766, CVE-2014-0453: Enhance RSA processing

S8027775: Enhance ICU code.

S8027841, CVE-2014-0429: Enhance pixel manipulations

S8028385: Enhance RowSet Factory

S8029282, CVE-2014-2403: Enhance CharInfo set up

S8029286: Enhance subject delegation

S8029699: Update Poller demo

S8029730: Improve audio device additions

S8029735: Enhance service mgmt natives

S8029740, CVE-2014-0446: Enhance handling of loggers

S8029745, CVE-2014-0454: Enhance algorithm checking

S8029750: Enhance LCMS color processing (in-tree LCMS)

S8029760, CVE-2013-6629: Enhance AWT image libraries (in-tree libjpeg)

S8029844, CVE-2014-0455: Enhance argument validation

S8029854, CVE-2014-2421: Enhance JPEG decodings

S8029858, CVE-2014-0456: Enhance array copies

S8030731, CVE-2014-0460: Improve name service robustness

S8031330: Refactor ObjectFactory

S8031335, CVE-2014-0459: Better color profiling (in-tree LCMS)

S8031352, CVE-2013-6954: Enhance PNG handling (in-tree libpng)

S8031394, CVE-2014-0457: (sl) Fix exception handling in ServiceLoader

S8031395: Enhance LDAP processing

S8032686, CVE-2014-2413: Issues with method invoke

S8033618, CVE-2014-1876: Correct logging output

S8034926, CVE-2014-2397: Attribute classes properly

S8036794, CVE-2014-0461: Manage JavaScript instances

Please update your installed openjdk or openjre packages with this new version! You’ll notice that browsers like Firefox and Chrome/Chromium no longer load Java applets by default and ask you for explicit approval to load and run them.

You can visit the following URL after you upgraded your OpenJDK package (assuming you also upgraded to my latest icedtea-web package): http://java.com/en/download/testjava.jsp to verify that your Java plus the web plugin are working properly.

Get my packages – they have been compiled on Slackware 13.37 and are usable on 13.37 as well as 14.0, 14.1 and -current! Get them preferably from a mirror site (faster downloads):

http://slackware.com/~alien/slackbuilds/openjdk/ , the primary location
http://alien.slackbook.org/slackbuilds/openjdk/ , the community mirror (bandwidth-capped)
http://taper.alienbase.nl/mirrors/people/alien/slackbuilds/openjdk/ , my own fast US mirror
http://slackware.org.uk/people/alien/slackbuilds/openjdk/ , fast UK mirror, needs a day to get in sync

Further packages that are recommended/required:

Optional: If you want a Java browser-plugin you must install icedtea-web (OpenJDK itself does not contain such a plugin).
Required: The rhino package is a dependency of the openjdk/openjre package. It contains the JavaScript engine for OpenJDK.

Note that you should only install one of the two packages, either openjdk or openjre, do not install both at the same time or things will break! The openjdk package contains the jre (java runtime) as well as the java development kit.

Eric

Ready for download: KDE 4.13

April 16, 2014 / alienbob / 59 Comments

I am starting a new cycle of KDE packaging. The KDE community announced the general availability of KDE SC 4.13.0!

After creating three new “dependency” packages (xapian-core, qt-gstreamer and eigen3), I built my new KDE packages on Slackware-current. I have not tested them on Slackware 14.1 and will not guarantee that they are even useable on Slackware 14.1. If you want a taste of KDE 4.13 then please upgrade to slackware-current.

What’s new in KDE 4.13?

In KDE 4.13, major improvements are made to KDE’s Semantic Search technology, benefiting many applications. To be specific: Nepomuk has been replaced by Baloo, which performs better and avoids the data duplication currently seen in KDE (copies of the same data, think of emails, get replicated between nepomuk, akonadi and virtuoso leading to large homedirectory storage needs). A nepomuk-to-baloo migration should happen automatically when upgrading to the new KDE (according to the build log, that feature has been enabled), but I have not checked yet if that worked. Note that nepomuk is still part of the software compilation, to facilitate the migration and to allow non-KDE applications additional grace time to port their semantic search support from Nepomuk to Baloo.

KDE 4.13 can be seen as another transitional release: with Plasma Workspaces and the KDE Development Platform frozen and receiving only long term support, those teams are focusing on the transition to Frameworks 5. Still, there are interface and feature improvements to be found in several of the major applications, such as Okular (the document viewer) and Kate (the document editor) among which support for Baloo. And there is another new package: the foreign speech trainer Artikulate.

How to upgrade to KDE 4.13 ?

You will find all the installation/upgrade instructions that you need in the accompanying README file. That README also contains basic information for KDE recompilation using the provided SlackBuild script.

You are strongly advised to read and follow these installation/upgrade instructions!

Where to find packages for KDE 4.13 ?

Download locations are listed below (you will find the sources in ./source/4.13.0/ and packages in /current/4.13.0/ subdirectories). Using a mirror is preferred because you get more bandwidth from a mirror and it’s friendlier to the owners of the master server!

http://alien.slackbook.org/ktown/ (the master repository), rsync URI: rsync://alien.slackbook.org/alien/ktown/
http://taper.alienbase.nl/mirrors/alien-kde/ (my fast US mirror), rsync URI: rsync://taper.alienbase.nl/mirrors/alien-kde/
http://repo.ukdw.ac.id/alien-kde/ (willysr’s Indonesian mirror), rsync URI: rsync://repo.ukdw.ac.id/alien-kde/
http://slackware.org.uk/people/alien-kde/ (fast UK based mirror, run by Darren Austin), rsync URI: rsync://slackware.org.uk/people/alien-kde/

Postscript:

In two weeks, there will be another KDE 4.12 release; the final 4.12.5. Just like the previous 4.12 iterations, I will be compiling this on Slackware 14.1 and this final time, I will also publish them in the Slackware 14.1 directory of the ‘ktown’ repository, so that people running Slackware 14.1 and using slackpkg+ will automatically pick it up and get a nice upgrade to the latest super-stable KDE platform.

Have fun! Eric

LibreOffice 4.2.3 – addresses Heartbleed vulnerability

April 12, 2014 / alienbob / 11 Comments

Last week was a black page in Open Source security with the publication of the Heartbleed vulnerability. For those of you who think the hype is overrated and no one will be able to get at your private keys and passwords, better check out the results of the Cloudflare Challenge (the SSL certificate for that site has been revoked in order to stop it from being abused so that page won’t load). Cloudflare’s security engineers were unable to exploit the vulnerability and retrieve their server’s private key so they confidently made it a public challenge… and at least three people independently obtained the server’s private key through the exploit! Proof was given by posting messages signed with that same private key. Read all about it on the Cloudflare blog. Don’t take this vulnerability too lightly! Slackware 14.0, 14.1 and -current users should apply the openssl patch packages as soon as possible. And if your machine was exposed to the Internet, running a secure web server (https://) then it is wise to revoke your SSL certificate and create a new one. It may also be a good idea to change the passwords of the accounts on that server.

Not just OpenSSL-protected web sites are affected; regular “client” software can be abused by attacks when these applications contain the vulnerable code because they statically link to the openssl library. I’ll post some more later, but here is the first fix:

The Document Foundation added a fix for Heartbleed to their latest LibreOffice 4.2.3 (codenamed ‘Fresh’) release. It took an additional day for me to get rid of the bugs in my revised SlackBuild script, because I had decided to split the “big” libreoffice package in three sub-packages. The SDK documentation (several hundreds of MB) has now moved into a separate package “libreoffice-sdkdoc” which you will not need unless you are a developer. And the KDE integration libraries have been moved into their own package as well: “libreoffice-kde-integration”. It’s these libraries which give the LibreOffice user interface the “KDE look” when you are running KDE, and make it use the KDE file dialogs. Some people experienced issues in KDE which were solved by removing these KDE libraries, and the new sub-package was born to help you get a better experience out of LibreOffice on Slackware. Note that if you are on KDE and simply “upgradepkg” the libreoffice package, your application will suddenly look very out of style, having switched to a GTK look & feel. All you need to do is “installpkg” the new libreoffice-kde-integration package.

If you are in need of stability, note that the official statement from the Document Foundation is that LibreOffice 4.2.3 is “the most feature rich version of the software, and is suited for early adopters willing to leverage a larger number of innovations. For enterprise deployments and for more conservative users, The Document Foundation suggests the more mature LibreOffice 4.1.5“. You can find Slackware packages for LibreOffice 4.1.5 in my repository onder the “14.0”directory. They were built on Slackware 14.0 and work well on Slackware 14.1 and -current.

Packages for Slackware 14.1 and -current are ready for download from the usual mirror locations:

http://www.slackware.com/~alien/slackbuilds/libreoffice/ (master site)
http://taper.alienbase.nl/mirrors/people/alien/slackbuilds/libreoffice/ (my own US mirror)
http://repo.ukdw.ac.id/alien-libreoffice/ (Indonesia)
http://alien.slackbook.org/slackbuilds/libreoffice/ (US)
http://slackware.org.uk/people/alien/slackbuilds/libreoffice/ (UK)

Eric

KDE SC 4.12.4 for Slackware 14.1 and -current

April 2, 2014 / alienbob / 23 Comments

Yesterday, I uploaded the packages for the new KDE Software Compilation 4.12.4 which brings us updates to the Applications and Development Platform. The Plasma Workspaces are following a separate version numbering scheme – the new workspaces package version is 4.11.8.

The Slackware-current tree has not seen exciting updates other than security fixes and because of that, again I have built my packages for KDE 4.12.4, on Slackware 14.1 for maximum compatibility.

The packages work fine on slackware-current too – of course. When that changes, I will stop using Slackware 14.1 as the build platform.

What’s new in my KDE 4.12.4 packages?

One of the packages has been renamed. The old “kdnssd” package is now called “zeroconf-ioslave”. The README which accompanies my packages has been updated with a “removepkg kdnssd” command.

The kmahjongg package now has the main program script included and you’ll find it in the KDE menu. Kmahjongg will not work out of the box, but you only have to add the “python-twisted” and “zope.interface” packages from my regular repository to make it work. I do not include these add-ons in the ‘ktown’ repository because I do not want to force Patrick’s hand if he does not want them to be part of Slackware in future.

I also updated the kdeconnect-kde package with a git development snapshot. In my previous blog article I wrote how this interesting little program interacts with the kdeconnect-android app. Don’t forget to add the new “KDE Connect” widget to your system tray if you want to try it out.

How to upgrade to KDE 4.12.4 ?

You are strongly encouraged to read and follow these installation/upgrade instructions!

Where to find packages for KDE 4.12.4 ?

Download locations are listed below (you will find the sources in ./source/4.12.4/ and packages in /current/4.12.4/ subdirectories). Using a mirror is preferred because you get more bandwidth from a mirror and it’s friendlier to the owners of the master server!

http://alien.slackbook.org/ktown/ (the master repository), rsync URI: rsync://alien.slackbook.org/alien/ktown/
http://taper.alienbase.nl/mirrors/alien-kde/ (my fast US mirror), rsync URI: rsync://taper.alienbase.nl/mirrors/alien-kde/
http://repo.ukdw.ac.id/alien-kde/ (willysr’s Indonesian mirror), rsync URI: rsync://repo.ukdw.ac.id/alien-kde/
http://slackware.org.uk/people/alien-kde/ (fast UK based mirror, run by Darren Austin), rsync URI: rsync://slackware.org.uk/people/alien-kde/

Have fun! Eric

April 2014
M	T	W	T	F	S	S
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30

Wed, 17 Apr 2024 20:35:48 GMT April 17, 2024
a/kernel-firmware-20240417_e678699-noarch-1.txz: Upgraded. a/kernel-generic-6.6.28-x86_64-1.txz: Upgraded. a/kernel-huge-6.6.28-x86_64-1.txz: Upgraded. a/kernel-modules-6.6.28-x86_64-1.txz: Upgraded. a/xfsprogs-6.7.0-x86_64-1.txz: Upgraded. d/kernel-headers-6.6.28-x86-1.txz: Upgraded. k/kernel-source-6.6.28-noarch-1.txz: Upgraded. l/pycups-2.0.3-x86_64-1.txz: Upgraded. l/python-sphinx-7.3.5-x86_64-1.txz: Upgraded. n/bluez-5.75-x86_64-2.txz: Rebuilt. Prune duplicate config files. Thanks to audriusk. x/libXmu-1.2.1-x86_64-1.txz: Upgraded. x/util-macros-1.20.1-noarch-1.txz: Upgraded. x/wayland-protocols-1.35-noarch-1.txz: Upgraded. xap/mozilla-thunderbird-115.10.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/115.10.0/releasenotes/ https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird115.10 (* Security fix *) xfce/xfce4-notifyd-0.9.4-x86_64-2.txz: Rebuilt. Do […]

SlackBuilds.org changes for Sat, 13 Apr 2024 15:04:57 GMT
academic/WolframEngine: Updated for version 14.0.0. academic/fet: Updated for version 6.19.3. academic/plus42: Updated for version 1.1.9. academic/scidavis: Fix building on -current. audio/cardinal: Fix 32bit tarball handling. audio/cardinal: Updated for version 24.04. desktop/i3: Updated for version 4.23. desktop/nwg-hello: Updated for version 0.1.9. development/Catch2: Fix multilib check. development/Catch2: Updated for version 3.5.3. development/THE: Fix DOWNLOAD. development/THE: Updated for […]

Month: April 2014 (Page 2 of 2)

Security update: OpenJDK 7u55 (created with icedtea 2.4.7)

Ready for download: KDE 4.13

What’s new in KDE 4.13?

How to upgrade to KDE 4.13 ?

Where to find packages for KDE 4.13 ?

Postscript:

LibreOffice 4.2.3 – addresses Heartbleed vulnerability

KDE SC 4.12.4 for Slackware 14.1 and -current

What’s new in my KDE 4.12.4 packages?

How to upgrade to KDE 4.12.4 ?

Where to find packages for KDE 4.12.4 ?

About this blog

Sponsoring

Categories

Subscribe to Blog via Email

My Favourites

Online me

Slackware

Calendar

slackbuilds

multilib

Slackware64-current

SBo

Meta

Top Posts & Pages

Recent posts

Recent comments