More Chromium, LibreOffice and Flash updates
That sounds a heck of a lot like another post I wrote recently on this blog… a little more than two weeks ago. The big guys made a move again, and this is what you get from me as a result.
Chromium (and of course Chrome) were updated to version 33.0.1750.149, with 7 security fixes. The Chrome binaries are equipped with an updated Flash Player plugin (18.104.22.168 which is also a security upgrade, see below). These are the highlighted fixes (aka the biggest bounties paid):
- [$4000] High CVE-2014-1700: Use-after-free in speech. Credit to Chamal de Silva.
- [$3000] High CVE-2014-1701: UXSS in events. Credit to aidanhs.
- [$1000] High CVE-2014-1702: Use-after-free in web database. Credit to Collin Payne.
You will find the chromium packages (Slackware 14.1 and -current) here:
- http://slackware.com/~alien/slackbuilds/chromium/ (primary server)
- http://taper.alienbase.nl/mirrors/people/alien/slackbuilds/chromium/ (my own US mirror)
- http://alien.slackbook.org/slackbuilds/chromium/ (US)
- http://slackware.org.uk/people/alien/slackbuilds/chromium/ (UK)
I also provide updated packages for chromium-pepperflash-plugin with the Fpash plugin binary taken from the official Chrome distribution.
LibreOffice 4.2.2 (codenamed ‘Fresh’) packages for Slackware 14.1 and -current are ready too. The official announcement considers LibreOffice 4.2.2 to be “the most feature rich version of the software, and is suited for early adopters willing to leverage a larger number of innovations“. However, the announcement continues with “For enterprise deployments, The Document Foundation suggests the more reliable LibreOffice 4.1.5 “Stable”.” Of course I have LibreOffice 4.1.5 packages, they are built on Slackware 14.0 and work well on Slackware 14.1 and -current. It’s your choice!
- http://www.slackware.com/~alien/slackbuilds/libreoffice/ (master site)
- http://taper.alienbase.nl/mirrors/people/alien/slackbuilds/libreoffice/ (my own US mirror)
- http://repo.ukdw.ac.id/alien-libreoffice/ (Indonesia)
- http://alien.slackbook.org/slackbuilds/libreoffice/ (US)
- http://slackware.org.uk/people/alien/slackbuilds/libreoffice/ (UK)
Linux Flash Player
As mentioned above in the Chromium section, Adobe released security updates of their Flash Player for all platforms. The Adobe security bulletin shows 22.214.171.1246 as the new version for native Linux. Package location:
Note: a new version of pipelight has not yet been released, but if you want your Wine-installed Windows Flash player to be secure and safe as well, you can run the following command (as root – not as your normal user account like I wrongly advised before):
# pipelight-plugin --update
which will update the “/usr/share/pipelight/install-dependency” script. Next time you open a web page which loads pipelight, it will automatically upgrade your Windows Flash player in the wine-pipelight directory to the latest version.
Have fun! Eric