Main menu:

Sponsoring

Please consider a small donation:

 

 

Or you can donate bitcoin:

 

Thanks to TekLinks in Birmingham, AL, for providing colocation and bandwidth.

Page Rank

Fame

FOSS Force Best Blog--2013 Award

Recent posts

Recent comments

About this blog

I am Eric Hameleers, and this is where I think out loud.
More about me.

Search

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 373 other subscribers

My Favourites

Slackware

Calendar

May 2018
M T W T F S S
« Apr    
 123456
78910111213
14151617181920
21222324252627
28293031  

RSS Alien's Slackware packages

RSS Alien's unofficial KDE Slackware packages

RSS Alien's multilib packages

RSS Slackware64-current

RSS SBo

Meta

Security week

This week and the last, I have pushed quite a few packages into my repository that are meant to enhance the safety of your Slackware computer. If you have not been hiding under a stone for the past couple of weeks, you will have read about the Spectre/Meltdown vulnerabilities that plague many CPUs. Mostly Intel CPU’s, but the less harmful variants are also affecting AMD and ARM CPU’s. The broader Linux community is working hard to mitigate the effects of these vulnerabilities, and new kernels have landed in Slackware that have been recompiled with patched compilers so that the vulnerabilities will be harder (or impossible) to exploit.

These patched GCC compilers in Slackware 14.2 and -current needed a multilib variant of course, so you will find those in my multilib repository. For Slackware 14.2 that’s a set of all-new gcc-5.5.0 packages, i.e. the latest gcc 5 release available. In Slackware-current it’s of course the latest gcc 7: version 7.3.0. These compilers support “-mindirect-branch=thunk-extern“, allowing full mitigation of Spectre v2 in the kernel (when CONFIG_RETPOLINE is used).

Then there were the monthly Flash security vulnerabilities, patched by Adobe in version 28.0.0.161 of the flashplayer-plugin (NPAPI plugin for Mozilla based browsers) and the chromium-pepperflash-plugin (PPAPI plugin for Chromium based browsers).  This one was particularly nasty because a 0-day exploit was used actively to gain full control of vulnerable computers (including Linux computers).

The update of Chromium to version 64.0.3282.140 fixed one security related bug, but the previous stable release (the first 64 version I packaged two weeks ago) actually plugged a series of serious vulnerabilities with CVE‘s assigned to them. So, time to upgrade!
And this latest Chromium package of mine has one additional feature: I enabled HEVC/H.265 video playback in the embedded ffmpeg engine. Try it out here: http://www.h265files.com/embed-h265-video.php and notice that most other browsers (except Microsoft Edge and Apple Safari) do not support this video codec. Unfortunately, the online HTML5 tester does not detect this HEVC playback capability.

Another browser’s security update: Pale Moon plugs two vulnerabilities with their 27.7.2 release. Updated package available in my repository of course.

 

And to end this series, I will soon upload a patched plasma-workspace-5.11.3 package for Slackware64 14.2, for those of you who are running my ‘ktown’ Plasma5 desktop.
A vulnerability was discovered, allowing arbitrary command execution in the removable device notifier.
This bug is already fixed in Plasma 5.12, so those who run the Plasma5 Desktop on Slackware-current only need to wait until tomorrow to get an all-new monthly set of packages among which Plasma 5.12. Watch this blog for the news!

Chromium 64 – and 32bit pain

The new release of the Chromium sources gives us version 64 of Google’s browser. I have created Slackware packages for you, but that was not entirely trivial.
The Chromium compilation on my 32bit Slackware OS kept failing on the embedded ffmpeg. I am afraid the fact that some of the bigger distros are dropping 32bit variants starts showing and things are coming apart at the seams.
When you are a developer and there’s no 32bit release of your favorite OS, this makes it quite difficult to test the validity of code paths when you only compile and test your code on a 64bit platform. This is what’s happening with Google’s Chromium code and it will probably only get worse.

For now, I could get away by disabling assembly code in the 32bit avcodec library, but in order to get that going I had to study the Chromium code carefully – Google does not use the standard autotools or cmake configurations that the Average Joe would employ when compiling ffmpeg, instead they re-invent the wheel every so often to keep everyone on edge. First it was Gyp, but that did not work out too well and the current fad is called GN (as Google state themselves “GN is a meta-build system that generates Ninja build files so that you can build Chromium with Ninja“).

Some time soon, I need to dissect Chromium’s embedded ffmpeg code, to see if I can get assembly code compiling again on 32bit. Else it may be more prudent to start depending on an external (system-wide) ffmpeg installation, which I can compile without any pain on 32bit Slackware.

We’re fine for now, at least. Let’s hope it does not get worse.

Get your chromium 64 packages for Slackware 14.2 and -current:

Cheers, Eric

What’s new for January? Plasma5 18.01, and more

When I sat down to write a new post I noticed that I had not written a single post since the previous Plasma 5 announcement. Well, I guess the past month was a busy one. Also I bought a new e-reader (the Kobo Aura H2O 2nd edition) to replace my ageing Sony PRS-T1. That made me spend a lot of time just reading books and enjoying a proper back-lit E-ink screen. What I read? The War of the Flowers by Tad Williams, A Shadow all of Light by Fred Chappell, Persepolis Rising and several of the short stories (Drive, The Butcher of Anderson Station, The Churn and Strange Dogs) by James SA Corey and finally Red Sister by Mark Lawrence. All very much worth your time.

And then work began in all earnest, and I tried to do the packaging activities for Slackware in the wee hours of the night:

  • wine got an update to 2.21 (the final one before the 3.0 release which I intend to package when the staging patches are also available)
  • chromium was updated to 63.0.3239.132 accompanied by the usual security fixes (these Google guys are pretty good at exposing vulnerabilities… think Meltdown and Spectre most recently)
  • Flash plugins for Mozilla and Chromium based browsers were updated to 28.0.0.137 – also accompanied by a security advisory
  • Lumina Desktop was updated to 1.4.0.p1 and I added two supporting packages as well: poppler-qt5 and acpilight.
  • Pale Moon got an update to 27.7.1

And most recently, I finished the January ’18 set of Plasma 5 packages for Slackware -current. My KDE-5_18.01 contains: KDE Frameworks 5.42.0, Plasma 5.11.5 and Applications 17.12.1. All based on Qt 5.9.3 and exclusive for Slackwarecurrent because as explained in the previous post, I stopped providing Plasma 5 updates for Slackware 14.2.
There’s again a choice of ‘latest‘ and ‘testing‘ where the ‘testing’ repository contains 17 recompiled packages that provide a Wayland compositor stack. This means you can have a working Plasma5 Wayland session if you use ‘testing‘ as opposed to ‘latest‘.
The ‘testing‘ repository is for… testing. Do not use those packages on a production environment unless you are familiar with Slackware, debugging graphical sessions and know your way around slackpkg/slackpkg+.

I will be short about the updates in this latest Plasma 5 package set: all the major components got stability fixes and it’s all not so exciting. In the ‘applications-extra’ division I updated most of the big boys: digikam, krita, partitionmanager, kstars, and the Kdevelop Suite. The kdevplatform package has been removed as it has been obsoleted.

The accompanying README file contains full installation & upgrade instructions. I have some further reading material in case you are interested in the Wayland functionality of the ‘testing’ repository: README.testing.

Package download locations are:

If you are interested in the development of KDE 5 for Slackware, you can peek at my git repository too.

A new Plasma5 Live ISO image (based on liveslak-1.1.9.5) has been uploaded to http://slackware.nl/slackware-live/latest/ , in case you want to try the new Plasma5 desktop out first in a non-destructive way. And for the curious: I sneakily added a VLC 3.0 preview package to the Plasma5 Live ISO (vlc-3.0.0.rc6 to be precise). Much improved compared to the vlc-2.2.x releases!

Have fun! Eric

December packages for Slackware’s Plasma 5 – focus shift

Jingle Bells galore! I have some goodies for you, right before Christmas. If your winter holiday starts today, there’s some nice new stuff to play with – especially if you have not dared touch slackware-current until now. Perhaps it’s time to free up a partition on your hard drive now?

The KDE Applications 17.12 have been released by the KDE community. This set of KDE applications is completely free of the legacy KDE4 stuff (kdelibs4). The KDE developers have removed everything from their regular release cycles that is still based on kdelibs4 and/or unmaintained or broken anyway.

This made me consider my strategy for future upgrades in my ‘ktown’ repository. I expect that users of Slackware 14.2 are typically still using all kinds of 3rd party applications that are dependent on KDE4. If I just went ahead and removed all KDE4 support from the ‘14.2‘ section of the repository, that would likely not be received well. On the other hand, I want to go forward with Plasma 5 and make sure that the scripts and sources are in good condition to transition to Slackware-current when Pat feels the time is right. Plus, a complete removal of old KDE4 stuff needs testing too. Perhaps (small) parts of the old KDE4 should be re-added to support older applications… what do I know. For that reason I have left the ‘kdelibs‘ package in its ‘kde4’ subdirectory.

I have decided to freeze the ‘ktown’ package repository for Slackware 14.2 (for 64bit; I had already ceased 32bit updates a while ago). It will stay as-is and will not get updates anymore (unless something serious happens and a need for updates is present). From this December ’17 release onward, I will focus exclusively on Slackware-current (both 32bit and 64bit) with my Plasma 5 packages in ‘ktown‘.
The remainder of this article is perhaps only relevant if you are (or want to start) running -current.

So here we are. The December ’17 set of Plasma 5 packages for Slackware -current. My KDE-5_17.12 contains: KDE Frameworks 5.41.0, Plasma 5.11.4 and Applications 17.12.0. All based on Qt 5.9.3 and exclusive for Slackware-current.
There’s again a choice of ‘latest‘ and ‘testing‘ where the ‘testing’ repository contains 17 recompiled packages that provide a Wayland compositor stack. This means you can have a working Plasma5 Wayland session if you use ‘testing‘ as opposed to ‘latest‘.
The ‘testing‘ repository is for… testing. Do not use those packages on a production environment unless you are familiar with Slackware, debugging graphical sessions and know your way around slackpkg/slackpkg+.

What’s new in the December release

  •  Several recompiled/upgraded ‘deps’: OpenAL, PyQt5, cfitsio, ddcutil, gpgme, json-glib, libburn, libpwquality, libxkbcommon, lmdb and poppler.
  • The telepathy section of the ‘deps’ also saw several upgrades: libaccounts-glib, libaccounts-qt5, libnice, libsignon-glib, signon, signon-plugin-oauth2, signon-ui, telegram-qt, telepathy-gabble, telepathy-glib, telepathy-logger-qt5, telepathy-mission-control, telepathy-morse and telepathy-qt5.
  • The Frameworks update is a stability release, see: https://www.kde.org/announcements/kde-frameworks-5.41.0.php .
  • The Plasma updates are also a meant to be a stability update, see https://www.kde.org/announcements/plasma-5.11.4.php .
    I compiled plasma5-nm against openconnect so that it picks up support for it. However I did not add a ‘openconnect‘ package to the ‘deps’ section, you need to install it separately if you need it.
  • Applications 17.12.0 is where the hammer hits. KDE Applications 17.12 is the first release that sheds its KDE4 legacy. Any program which was not yet ported to KDE Frameworks 5 has been removed. This means that we say goodbye to the following packages:
    libkface (unmaintained), blogilo (unmaintained and broken), jovie (replaced by Qt Speech), kaccessible (superseded by Qt5 functionality), ksaneplugin (no one used it), kde-runtime (split up), kremotecontrol, kppp, kfilereplace, klinkstatus, kopete and kscd (I did not have a package for kscd anyway).
    New to the stage is ‘ksmtp’ which belongs to the KDEPIM suite (also part of Applications).
    And ‘kstars’ has moved out of Applications and into applications-extra because it no longer follows the regular release schedule. See https://www.kde.org/announcements/announce-applications-17.12.0.php .
  • In applications-extra I have added kstars (hm, I already said that). I rebuilt calligra and krita. Upgraded to a newer version are kile, kpmcore and partitionmanager. Removed is kuser because that was still KDE4 based and no longer works now.
  • I have emptied the kde/kde4 and kde/kde4-extragear subdirectories except for the ‘kdelibs’ package. The ‘oxygen-gtk2’ package has moved to ‘applications-extra’ because it may still be needed for Mozilla-based browsers (like Pale Moon).
    If you have a KDE4-based application that needs library support on this Plasma 5 desktop, let me know which of the removed packages needs to return in ‘kde/kde4’! Use the ‘ldd’ command to find what libraries you are missing.
  • The ‘kdei’ subdirectory which used to contain the localization packages, is gone. The Plasma 5 localizations are contained in the packages themselves now. This means that you can no longer selectively install just one language, or even none at all. This will increase the disk space requirements a bit.

Installing or upgrading Frameworks 5, Plasma 5 and Applications

As always, the accompanying README file contains full installation & upgrade instructions. I have some further reading material in case you are interested in the Wayland functionality of the ‘testing’ repository: README.testing.

Recommended reading material

There have been several posts now about KDE 5 for Slackware-current. All of them contain useful information, tips and gotchas. If you want to read them, here they are: http://alien.slackbook.org/blog/tag/kde5/

Where to get the new packages for Plasma 5

Package download locations are listed below (you will find the sources in ./source/latest/ and packages in /current/latest/ and /current/testing/ subdirectories). Only “bear” has the packages for now, the mirrors should follow within 24 hours. If you are interested in the development of KDE 5 for Slackware, you can peek at my git repository too.

Live ISO of PLASMA5

A new Plasma5 Live ISO image (based on liveslak-1.1.9.4) has been uploaded to http://slackware.nl/slackware-live/latest/ , in case you want to try the new Plasma5 desktop out first in a non-destructive way. Note that this ISO (contrary to last month’s ISO) does not contain Wayland support.

Have fun! Eric

Attn: bear’s Slackware 14.2 mirror (32bit) will be removed due to space constraints

I have been maintaining a mirror for the Slackware 14.2 (32bit) distribution on my ‘bear‘ server. Its URL is http://bear.alienbase.nl/mirrors/slackware/slackware-14.2/ .

Unfortunately this server runs off a SSD disk which is just 120 GB in size. It has its limits with regard to what I can store there. Lack of disk space is forcing me to remove this mirror copy of the 32bit Slackware 14.2 today. My own repositories are growing and are hungrily looking at that occupied space.
If you were mirroring from my server, you can switch to one of the other highly esteemed mirrors:

The 64bit mirror is not going to go away, I like to have a mirror of the latest stable release on ‘bear‘ (ok… only 64bit from now on). When a future Slackware 15.0 gets released, its mirror will then take the place of the 14.2 mirror on ‘bear‘.

Eric

Privacy Preference Center

Necessary

Advertising

Analytics

Other