My thoughts on Slackware, life and everything

Month: June 2014 (Page 1 of 2)

Skype drops support for ALSA

In a Skype blog post yesterday, the announcement was made that the latest version of Skype has dropped support for the ALSA sound system and that Linux users are expected to use PulseAudio exclusively from now on.

Boo Hoo Microsoft, for killing this itsy bit of Linux compatibility in your closed-source product.

I guess for Slackware users it is game over for Skype calls. Time to find out if we can come up with a solution that bundles private libraries for PulseAudio so that we do not have to pollute the system directories with it.

Eric

Last week: new Chromium, Flash, OpenJDK

Real life is taking precedence these days, and I have not been able to work on Slackware so much lately. I did release some updated packages last week.

Chromium:

chromium_icon The update to my Chromium package came pretty shortly after the previous one. Major driver was the update (in Chrome) of the Pepper Flash plugin. Chromium 35.0.1916.153 comes with this list of critical bug fixes:

  • [$1000][369525] High CVE-2014-3154: Use-after-free in filesystem api. Credit to Collin Payne.
  • [$1000][369539] High CVE-2014-3155: Out-of-bounds read in SPDY. Credit to James March, Daniel Sommermann and Alan Frindell of Facebook.
  • [$500][369621] Medium CVE-2014-3156: Buffer overflow in clipboard. Credit to Atte Kettunen of OUSPG.

 

Flash:

adobe_flash_8s600x600_2 The Flash update which triggered the new Chrome/Chromium release was announced along with a security bulletin by Adobe. My pepperflash-plugin package which I extracted from the official Chrome binaries (for use with Chromium) is now at version 14.0.0.125 while the accompanying Linux flashplayer-plugin (for Mozilla-compatible browsers) went up to 11.2.202.378.

 

 

OpenJDK:

icedtea Oracle released their Update 60 to Java7 a week or so ago, and it took a while to get the icedtea framework synced up to Oracle’s new OpenJDK drop. The icedtea bug tracker saw many bugfixes being applied in recent days. The icedtea version went up in minor release number: from 2.4 to 2.5.
The icedtea-2.5.0 release will compile OpenJDK 7 “Update 60 Build 30” (resulting in a package openjdk-7u60_b30).

Remember that I release packages for the JRE (runtime) and the JDK (development kit) simultaneously, but you only need to nstall one of the two. The JRE is sufficient if you only want to run Java programs (including Java web plugins). Only in case where you’d want to develop Java programs and need a Java compiler, you are in need of the JDK package.

The package has one dependency: rhino provides JavaScript support for OpenJDK.

If you want to compile this OpenJDK package yourself, you need to install apache-ant additionally. Note that the previous requirements of xalan & xerces packages have been dropped; ant will provide all required build functionality on its own now.

Have fun! Eric

KDE 4.13.2 monthly maintenance release

The monthly maintenance release for KDE was announced earlier today. If you are running Slackware-current, I have fresh packages for KDE 4.13.2. These packages were not tested (and not built) on Slackware 14.1 so beware if you want to try them on 14.1.

I added the promised update of the libssh package in the “deps” subdirectory. This enables the “sfp” kioslave again (the libssh in Slackware is too old).

What’s new in KDE 4.13.2 ?

Well, compared to Slackware’s own KDE, a whole lot 🙂

Compared to the previous KDE 4.13.1 packages which I released last month, not much has changed as this is just a maintenance update. I did however refresh two packages outside of the KDE core: the kdeconnect-kde package and the Calligra office suite (upgraded to 2.8.3 for which the sources were available for three weeks already). Search my older posts on KDE 4.13 if you want to know more about what the highlights of this release cycle are.

How to upgrade to KDE 4.13.2 ?

You will find all the installation/upgrade instructions that you need in the accompanying README file. That README also contains basic information for KDE recompilation using the provided SlackBuild script.

You are strongly advised to read and follow these installation/upgrade instructions!

Where to find packages for KDE 4.13.2 ?

Download locations are listed below (you will find the sources in ./source/4.13.2/ and packages in /current/4.13.2/ subdirectories). Using a mirror is preferred because you get more bandwidth from a mirror and it’s friendlier to the owners of the master server!

Have fun! Eric

New pipelight release, accompanied by wine-pipelight. And what about chromium?

You are of course subscribed to my repository’s RSS feed and/or you are using slackpkg+ . Then you certainly noticed the update of Chromium to the new major version 35 two weeks ago. I really should have written about this update earlier, because Chromium 35 brings some unfortunate side effects to the table.

Chromium

chromium_iconChrome and Chromium were updated to version 35.0.1916.114, with “fixes for 23 security issues“. The most important fixes (for high-risk vulnerabilities) are:

  • [$3000][356653] High CVE-2014-1743: Use-after-free in styles. Credit to cloudfuzzer.
  • [$3000][359454] High CVE-2014-1744: Integer overflow in audio. Credit to Aaron Staple.
  • [$1000][346192] High CVE-2014-1745: Use-after-free in SVG. Credit to Atte Kettunen of OUSPG.
  • [$1000][364065] Medium CVE-2014-1746: Out-of-bounds read in media filters. Credit to Holger Fuhrmannek.
  • [$1000][330663] Medium CVE-2014-1747: UXSS with local MHTML file. Credit to packagesu.
  • [$500][331168] Medium CVE-2014-1748: UI spoofing with scrollbar. Credit to Jordan Milne.

I also updated the accompanying package for chromium-pepperflash-plugin (extracted from the official Chrome binaries) to 13.0.0.214. This is a security update.

The version 35 of Chromium has a major side effect that many people are not going to like. The support for browser plugins that use Mozilla’s NPAPI protocol to communicate with the browser has been removed and only Google’s own PPAPI protocol is supported as of now (MS Windows users still have a bit of time before the same happens to their Chrome browser – removal of NPAPI support in Windows is scheduled for the end of 2014). This step was of course announced long time ago and many reminders were posted, but if you need Java support in your browser, or want to watch Netflix using pipelight, then you are out of luck. PPAPI versions for these browser plugins do not exist and in the case of pipelight, are very hard to create.

You’re forced to switch (back) to Firefox in these cases.

Pipelight

pipelight-logo Speaking of Pipelight… there was a new pipelight release a couple of days back, and this is accompanied by a new web site: pipelight.net. These guys really like writing their own CMS-es! The source code to the new CMS is available on github by the way. With the new release of pipelight you’ll get more supported browser plugins, security updates for all relevant plugins such as Flash, and many bug fixes. Also, for people with an AMD graphics card the good news is that hardware acceleration is now supported and enabled by default.Also note that I have enabled support for WoW64 (meaning that apart from the regular 32-bit applications, 64-bit Windows plugins are also supported on Slackware 64-bit)

Luckily this all still works on Slackware-current’s kernel – there were fears that 32-bit Wine applications would stop working on the 3.14.4 and newer kernels.

Remember that you can always get the latest Windows plugin releases (an important feature in case of security fixes) without having to wait for me creating a new package. Just run the command “pipelight-plugin –update” as root. After doing that, the next time your browser loads the pipelight plugin, it will automatically download the newest version of your installed Windows plugin(s).

Together with this pipelight release, the pipelight developers released their latest “wine-compholio patches“, a set of patches for the official Wine sources which are needed for proper Windows plugin support in your Linux browser. Naturally I created new wine-pipelight packages for you, based on Wine 1.7.19.

In my original post about pipelight, you will find full installation and configuration instructions, as well as a troubleshooting section. That blog article is also referred to on the pipelight.net support page.

Package location:

 

Have fun! Eric

Reset The Net – 05 june 2014

ResetTheNet_05jun2014

Did I make you jump by showing the intrusive banner?

Today marks the start of a campaign, called Reset the Net, sponsored by digital rights groups and well-known Internet companies. It is meant to encourage both users of the Internet and companies with an active presence there, to take measures to prevent getting their data snooped by surveillance agencies. The campaign focuses on the promotion of privacy-enhancing tools.

Today’s launch of the campaign is not coïncidentally linked to the first anniversary of the publication of the leaked NSA documents through news articles online and on paper.

Last month saw the HeartBleed bug, today we are confronted with yet another bloody serious leak in OpenSSL., only a few days after the disclosiure of another serious leak in GnuTLS, the OpenSSL alternative. The Internet is never a safe place. Slackware is a fairly sane OS security-wise but the highest risk always comes from the user of that OS.

When you are on-line, act consciously, and think before you do. Guard your privacy and respect that of others. No, Edward Snowden is not a traitor. He sacrificed a lot in order to get the truth out there, and we should have respect for that, too.

Eric

« Older posts

© 2024 Alien Pastures

Theme by Anders NorenUp ↑