Main menu:


Please consider a small donation:


Also appreciated: support me by clicking the ads (costs nothing) :-)


Or you can donate bitcoin:


Thanks to TekLinks in Birmingham, AL, for providing colocation and bandwidth.

Page Rank


FOSS Force Best Blog--2013 Award

Recent posts

Recent comments

About this blog

I am Eric Hameleers, and this is where I think out loud.
More about me.


My Favourites



April 2014
« Mar    

RSS Alien's Slackware packages

RSS Alien's unofficial KDE Slackware packages

RSS Alien's multilib packages

Tag cloud


New Chromium: 32.0.1700.77

chromium_icon Chromium is the Open Source variant of the Chrome Browser. Both are part of the Chromium project which also has the Chrome OS as a product. Chromium and Chrome share the same codebase, and the closed-source Chrome browser is enhanced with some proprietary features like Adobe’s Pepper Flash plugin.

A new stable release (32.0.1700.77) for the Chrome/Chromium browser has been revealed a few days ago.

It took a little to get the official sources – there was an issue with the Google build bot which creates the source tarballs. I did a successful test build with a tarball I created myself (see below for the recipe if you’re interested) and reported the issue of the missing sources in the packagers Google group. Eventually official sources became available and I rebuilt both packages (i.e. 32-bit and 64-bit) using this tarball.

Get my Chromium packages in one of the usual locations:

You can subscribe to the repository’s RSS feed if you want to be the first to know when new packages are uploaded.

There are some nice new features in this new “32″ release. The browser tabs will show a small speaker icon if that page is playing audio, and a “play” triangle if video is playing on the page. Another enhancement (not yet experienced here… perhaps I never will :-) ) is that the browser will warn about potentially harmful pages and downloads in a more directly visible way. And if you have kids, now there’s this new feature called “supervised users” where you can define  sub-accounts to your main Chromium account and limit access to sites for those (as well as being able to monitor their browesing history through a new Google control panel).

Apart from all the fancy new stuff, this release is just as much about squashing (security) bugs. You can check out the release page for that, here are the most interesting fixes, quoted directly from the announcement:

  • [$1000][249502High CVE-2013-6646: Use-after-free in web workers. Credit to Collin Payne.
  • [$1000][326854High CVE-2013-6641: Use-after-free related to forms. Credit to Atte Kettunen of OUSPG.
  • [$1000][324969] High CVE-2013-6642: Address bar spoofing in Chrome for Android. Credit to lpilorz.
  • [$5000][321940High CVE-2013-6643: Unprompted sync with an attacker’s Google account. Credit to Joao Lucas Melo Brasio.
  • [318791] Medium CVE-2013-6645 Use-after-free related to speech input elements. Credit to Khalil Zhani.

If you are new to Chromium and in particular my Slackware-packaged version of it, you should definitely check out my previous post on Chromium where I explain the build requirements and use of API keys that allow you to use the official Google storage for data synchronization and such. That post also mentions more about some extensions to Chromium (PDF viewer and Flash player) which you can extract from the official binary Chrome package.

A few sites to play-test your Chromium browser:

  • – the Body Browser, using WebGL for fast realtime rendering
  • – HTML5 video tests (several encodings like H.264, WebM and Ogg/Theora)
  • – NaCLBox is an implementation of DOSBox in Chromium’s Native Client, guaranteeing near-native speed of the applications running in the sandbox. NaCLBox offers a lot of good old DOS games which you can play directly in your browser window. Note that my package contains the Native Client (NaCL) whereas the version you can compile using the script will not add NaCl.

Have fun! Eric

PS: this is a script which I wrote as documentation of the manual steps I took to create my own unofficial release source tarball when I got fed up waiting for the official one:

# Checking out the sources of an official chromium release,
# by Eric Hameleers
# In a working directory, you will create three directories:
# - depot_tools: this contains all the tools needed for creating the tarball
# - checkout: here almost 7 GB of sourcecode will be checked out
# - output: here the chromium-${RELEASE}.tar.xz source tarball will be created.
# Some variables:



# The actual work (takes a while);
# Checkout 1 GB of source and pack it up:
mkdir -p ${WORKING_DIR}

# Clone the depot_tools:
git clone ${DT_REPO}

# Check out the sources:
mkdir ckeckout
cd checkout
PATH=”../depot_tools/:$PATH” gclient config ${RELEASES_URL}/${CHROMIUM_REL}
# At this moment, your config will have been written to a file ‘.gclient’
PATH=”../depot_tools/:$PATH” gclient sync 2>&1 | tee ../sync.log
# The sync will download everything, based on what it found in this file:
PATH=”../depot_tools/:$PATH” gclient sync 2>&1 | tee ../sync.2.log

# Pack up the source tarball:
mkdir ../output
python src/tools/export_tarball/ –remove-nonessential-files ../output/chromium-${CHROMIUM_REL}

echo “”
echo “Resulting source tarball is: ${WORKING_DIR}/output/chromium-${CHROMIUM_REL}.tar.xz”
echo “”

It produced a 169MB tarball. I needed a couple of “gclient sync” commands before I finally had all the source code (hopefully all… I have no way of checking if anything is missing).

Flash security updates too (and chromium on the horizon)

adobe_flash_8s600x600_2 I mentioned “Patch Tuesday” in my previous post and also mentioned Adobe in passing. The reason is, they made new versions available of their Flash Player Plugin for web browsers. Several security issues have been addressed, you can read all about those in their bulletin “apsb14-02

I packaged both the flashplayer-plugin for Mozilla based browsers, and the pepperflash plugin for (Chrome and) chromium. The former is well-known (you can use it with your Firefox) and the second one has been extracted from the Chrome RPM and re-packaged as a plugin for my chromium package for Slackware.

Packages are here:


chromium_icon I am still working on a new chromium 32.0.1700.77 package (the same version as the latest stable version of Chrome) but since the Chromium team have not (yet) released any official source tarball I had to find out how to create such a tarball. The above pepperflash plugin works perfectly with my current chromium-31.0.1650.67 package!

But the finished 64-bit package works OK so far, still testing:

Old:  chromium_about_31.0.1650.67

New: chrome_about_32.0.1700.77  chromium_about_32.0.1700.77

I’ll start the 32-bit SlackBuild after I finish typing.

Oh yeah if you want to package the new google-chrome yourself, you will have to apply this diff to the google-chrome.SlackBuild in the Slackware tree, else your desktop menu icon is fubar:

--- extra/google-chrome/google-chrome.SlackBuild 2012-08-01 20:48:31.000000000 +0200
+++ google-chrome.SlackBuild 2014-01-15 21:34:38.425845534 +0100
@@ -105,9 +105,6 @@
# Install a .desktop launcher:
 sed -i -e "s#Icon=google-chrome#Icon=/opt/google/chrome/product_logo_256.png#" \
- $PKG/opt/google/chrome/google-chrome.desktop
-mkdir -p $PKG/usr/share/applications
-ln -s /opt/google/chrome/google-chrome.desktop \

 mkdir -p $PKG/install

Have fun! Eric


OpenJDK 7u51 (created with IcedTea 2.4.4).

Released today: new versions of IcedTea. It usually takes a while for an announcement to appear on Andrew’s blog, but the mailing list announcement was enough for me. Not quite unexpected, since Oracle was huffing and puffing yesterday when the company joined other security-challenged companies like Microsoft and Adobe in what’s lovingly called “patch tuesday“, so I was kind of expecting an OpenJDK follow-up. The flurry of patches that I saw today was a sure sign.

So I got to compile OpenJDK 7u51 using the IcedTea 2.4.4 framework. As with every Java release, this one fixes a slew of security holes. Let me say in full, ”Update 51 Build 00” of OpenJDK 7  addresses these issues:

* Security fixes
  - S6727821: Enhance JAAS Configuration
  - S7068126, CVE-2014-0373: Enhance SNMP statuses
  - S8010935: Better XML handling
  - S8011786, CVE-2014-0368: Better applet networking
  - S8021257, S8025022, CVE-2013-5896 :** should be on restricted package list 
  - S8021271, S8021266, CVE-2014-0408: Better buffering in ObjC code 
  - S8022904: Enhance JDBC Parsers
  - S8022927: Input validation for byte/endian conversions
  - S8022935: Enhance Apache resolver classes
  - S8022945: Enhance JNDI implementation classes
  - S8023057: Enhance start up image display
  - S8023069, CVE-2014-0411: Enhance TLS connections
  - S8023245, CVE-2014-0423: Enhance Beans decoding
  - S8023301: Enhance generic classes
  - S8023338: Update jarsigner to encourage timestamping
  - S8023672: Enhance jar file validation
  - S8024302: Clarify jar verifications
  - S8024306, CVE-2014-0416: Enhance Subject consistency
  - S8024530: Enhance font process resilience
  - S8024867: Enhance logging start up
  - S8025014: Enhance Security Policy
  - S8025018, CVE-2014-0376: Enhance JAX-P set up
  - S8025026, CVE-2013-5878: Enhance canonicalization
  - S8025034, CVE-2013-5907: Improve layout lookups
  - S8025448: Enhance listening events
  - S8025758, CVE-2014-0422: Enhance Naming management
  - S8025767, CVE-2014-0428: Enhance IIOP Streams
  - S8026172: Enhance UI Management
  - S8026176: Enhance document printing
  - S8026193, CVE-2013-5884: Enhance CORBA stub factories
  - S8026204: Enhance auth login contexts
  - S8026417, CVE-2013-5910: Enhance XML canonicalization
  - S8026502: java/lang/invoke/ fails on all platforms
  - S8027201, CVE-2014-0376: Enhance JAX-P set up
  - S8029507, CVE-2013-5893: Enhance JVM method processing
  - S8029533: REGRESSION: closed/java/lang/invoke/8008140/ fails agains

* Bug fixes
  - PR1618: Include defs.make in vm.make so VM_LITTLE_ENDIAN is defined on Zero builds
  - D729448: 32-bit alignment on mips and mipsel
  - PR1623: Collision between OpenJDK 6 & 7 classes when bootstrapping with OpenJDK 6

Please update your installed openjdk or openjre packages with this new version! You’ll notice that browsers like Firefox and Chrome/Chromium no longer load Java applets by default and ask you for explicit approval to load and run them.

I tested as usual whether jMol and Minecraft (both standalone Java applications) were still working – they do! And again testing the browser plugin was a challenge. Orcacle’s java checker did not work… after the icedtea-web plugin itself loaded properly:


This time the plugin triggered an error “net.sourceforge.jnlp.LaunchException: Fatal: Application Error: Unknown Main-Class. Could not determine the main class for this application.” The test at was fine though.

Get my packages – they have been compiled on Slackware 13.37 and are usable on 13.37 as well as 14.0, 14.1 and -current! Get them preferably from a mirror site (faster downloads):

Further packages that are recommended/required:

  • Optional: If you want a Java browser-plugin you must install icedtea-web (OpenJDK itself does not contain such a plugin).
  • Required: The rhino package is a dependency of the openjdk/openjre package. It contains the JavaScript engine for OpenJDK.

Note that you should only install one of the two packages, either openjdk or openjre, do not install both at the same time or things will break! The openjdk package contains the jre (java runtime) as well as the java development kit.


KDE 4.12.1 for Slackware-current

Last week I uploaded packages for KDE SC 4.11.5 and those were targeting Slackware 14.1. A solid and safe update of KDE for the stable release of Slackware, a wise choice. Today however, I present the first increment to the newer KDE SC 4.12 series. The two series are being developed in parallel with both delivering their final batch on 29 april 2014 (with releases of KDE 4.11.9 and 4.12.5) . KDE SC 4.12.1 was announced today.

KDE Software Compilation 4.12 focuses on improving and polishing KDE Applications. This package set also features the latest version 4.11.5 of the Plasma Workspaces (aka the kde-workspace package). The Workspaces have been feature-frozen at the end of the 4.11 cycle which is why you won’t find a 4.12.1 version of the package. Starting with KDE SC 4.12.2, the KDE Workspaces 4.11.x releases will be synchronized with those of KDE Applications and Development Platform 4.12.x.

I built these packages on Slackware-current. I have not tested them on Slackware 14.1 but people have reported that the previous KDE release 4.12.0 ran on it without issues.

What’s new in KDE 4.12?

KDE keeps an up-to-date feature plan page for the 4.12 release, as they do for every release past and future. The Kwebkit package has been updated as promised in my previous post. I also updated (lib)kscreen and oxygen-gtk{2,3} packages. A LibRaw package was added as a new dependency for KDE 4.12.0 and of course it’s still there for KDE 4.12.1. An updated version of partitionmanager was added to my repository shortly after the release of KDE 4.12.0 because the version which Slackware ships in its “/extra” package section stopped working. I realize now that I never announced that in the ktown ChangeLog.txt. Due to it being New Year’s Eve at the time I guess.

How to upgrade to KDE 4.12 ?

You will find all the installation/upgrade instructions that you need in the accompanying README file. That README also contains basic information for KDE recompilation using the provided SlackBuild script.

You are strongly advised to read and follow these installation/upgrade instructions!

Where to find packages for KDE 4.12 ?

Download locations are listed below (you will find the sources in ./source/4.12.1/ and packages in /current/4.12.1/ subdirectories). Using a mirror is preferred because you get more bandwidth from a mirror and it’s friendlier to the owners of the master server!

Have fun! Eric

KDE 4.11.5 for Slackware 14.1

Last month I made packages available for KDE 4.12, for those of you who are adventurous and are running Slackware-current. But the older 4.11 series is also getting updated still. Today we are at release 4.11.5. If you are really curious, you can examine the list of changes and fixes in this release. This will not be the last update, either. The maintenance cycle ends with 4.11.9, to appear somewhere in April 2014. However the Workspaces (package name: kde-workspace) will get long-term support, until August 2015. This package is also used in KDE 4.12.x which does not have a versioned kde-workspace package itself (yes, I will update KDE 4.12 soon with a kde-workspace-4.11.5 package).

This is how it goes during the next couple of months: I will keep building packages for newer versions of KDE 4.12, and they will target Slackware-current. I will probably be building all the KDE 4.11 releases as well, but targeting Slackware 14.1 with these. I want to be a bit more conservative with KDE packages for the stable Slackware release.

With KDE 4.11 and 4.12 releases alternating, it may be possible that I do not have the time to build all the 4.11 updates, but I definitely will do the final 4.11.9.

There is a third track in KDE’s evolution and that is Plasma Workspaces. Just before Christmas, the KDE community revealed the first Technology Preview of Plasma2. Since this will not be available in any kind of stable form for a long time, I do not have any intention of building packages for it and will stick with the stable releases (I don’t do Betas either usually). If you really feel up to it, try compiling Plasma2 and share your experiences. I promise you a bumpy ride.

How to upgrade to KDE 4.11.5 ?

Note: you have to be running Slackware 14.1 (or current)! These packages are not suited for Slackware 14.0.

You will find all the installation/upgrade instructions that you need in the accompanying README file. That README also contains basic information for KDE recompilation using the provided SlackBuild script You are strongly advised to read and follow these installation/upgrade instructions!

Note that you can also use slackpkg+ (the 3rd-party repository extension to slackpkg) for these upgrades if you want, it makes the process a bit easier for the less seasoned Slacker.

Where to find packages for KDE 4.11.5 ?

Download locations are listed below (you will find the sources in ./source/4.11.5/ and packages in /14.1/4.11.5/ subdirectories). Using a mirror is preferred because you get more bandwidth from a mirror and it’s friendlier to the owners of the master server!

Have fun! Eric