Main menu:

Sponsoring

Please consider a small donation:

 

 

Or you can donate bitcoin:

 

Thanks to TekLinks in Birmingham, AL, for providing colocation and bandwidth.

Page Rank

Fame

FOSS Force Best Blog--2013 Award

Recent posts

Recent comments

About this blog

I am Eric Hameleers, and this is where I think out loud.
More about me.

Search

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 219 other subscribers

My Favourites

Slackware

Calendar

July 2016
M T W T F S S
« Jun    
 123
45678910
11121314151617
18192021222324
25262728293031

RSS Alien's Slackware packages

RSS Alien's unofficial KDE Slackware packages

RSS Alien's multilib packages

RSS Slackware64-current

Meta

Chromium turns 50 (where’s the cake)

chromium_iconFive days ago, Chromium 50 was announced on the Google Chrome Releases blog. The 64bit package was built soon after, but then I needed my server’s processing power for the new KDE Plasma5 releases that have become available (Frameworks, Plasma) or will soon become available (Applications) and those required an update of the Qt5 package to 5.6.0… timeconsuming to build I can assure you! Especially if the build fails right at the end of 7 hours of compilation and a patch needs to be written…

So reserving time to compile the 32bit package for chromium took a while. And remember, even though I can still provide a 32bit Chromium browser, Google has ceased providing a 32bit version of their own Chrome browser – which means, no more updates to the 32bit PepperFlash and Widevine plugins.

This new release (50.0.2661.75) addresses a couple of security issues – some of these have a CVE number:

  • [$7500][590275] High CVE-2016-1652: Universal XSS in extension bindings. Credit to anonymous.
  • [$5000][589792] High CVE-2016-1653: Out-of-bounds write in V8. Credit to Choongwoo Han.
  • [591785] Medium CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding. Credit to kdot working with HP’s Zero Day Initiative.
  • [$1500][589512] Medium CVE-2016-1654: Uninitialized memory read in media. Credit to Atte Kettunen of OUSPG.
  • [$1500][582008] Medium CVE-2016-1655: Use-after-free related to extensions. Credit to Rob Wu.
  • [$500][570750] Medium CVE-2016-1656: Android downloaded file path restriction bypass. Credit to Dzmitry Lukyanenko.
  • [$1000][567445] Medium CVE-2016-1657: Address bar spoofing. Credit to Luan Herrera.
  • [$500][573317] Low CVE-2016-1658: Potential leak of sensitive information to malicious extensions. Credit to Antonio Sanso (@asanso) of Adobe.
  • [602697] CVE-2016-1659: Various fixes from internal audits, fuzzing and other initiatives.

 

As always, it is strongly advised to upgrade to this new version of Chromium. Get my chromium packages in one of the usual locations:

The widevine and pepperflash plugin packagess for chromium can be found in the same repository. The 64bit versions of these plugins were both updated with new libraries extracted from the official Google Chrome for Linux.

Have fun! Eric

Icedtea 3.0.0 brings Java 8 to Slackware

icedteaFinally! IcedTea 3.0.0 has been released and it compiles OpenJDK 8u77.

Java 8 has been available for considerable time, but I have been waiting for icedtea to support it before creating packages. According to release maintainer Andrew Hughes the main cause for this delay was having to start from scratch due to the new build system and basically lack of time.

I want to use IcedTea as a “build harness” for OpenJDK because it makes openjdk interoperate with the free icedtea-web browser plugin and adds support for Java Virtual Machines for other architectures than just x86 and x86_64 (CACAO and JamVM in addition to Hotspot). Note that in this initial release of the icedtea-built OpenJDK, the alternative Java VMs are crash-prone – only Hotspot works properly. This means that currently OpenJDK for the ARM platform will be pretty slow because Hotspot is a zero-assembler VM.

So, Slackers can now upgrade their machines to OpenJDK 8 “Update 77 Build 03“. The Slackware packages are openjdk-8u77_b03 and openjre-8u77_b03. Get them from a mirror location below.

No security fixes and CVE‘s to report this time, since this is a first release. An icedtea-3.0.1 release with security fixes is expected in two weeks.

Java 7

For those of you who are not ready to migrate to Java 8, I have renamed the previous openjdk/openjre 7 packages to “openjdk7” and “openjre7”. Please use openjdk7 instead of openjdk (likewise, use openjre7 instead of openjre) and be aware that the Java 7 and Java 8 packages (e.g. openjdk7 and openjdk) can not co-exist on your computer because they use the same installation directory. If you think that is an issue and you want – or need – to have both installed simultaneously, let me know in a comment to this article.

Note about usage:

Remember that I release packages for the JRE (runtime environment) and the JDK (development kit) simultaneously, but you only need to install one of the two. The JRE is sufficient if you only want to run Java programs (including Java web plugins). Only in case where you’d want to develop Java programs and need a Java compiler, you are in need of the JDK package.

The Java package (openjre as well as openjdk) has one dependency: rhino provides JavaScript support for OpenJDK. Rhino used to be an external dependency but since OpenJDK 8 it is internalized through the “nashorn” library.

Optionally: If you want to use Java in a web browser then you’ll have to install my icedtea-web package too. While Oracle’s JDK contains a browser plugin, that one is closed-source and therefore Icedtea offers an open source variant which does a decent job. Note that icedtea-web is a NPAPI plugin – this prevents use of Java in Chrome & Chromium because those browsers only support PPAPI plugins, but you’ll be OK with all Mozilla [-compatible] browsers of course.

Download locations:

Have fun! Eric

LibreOffice 5.1.2 for slackware-current

libreoffce_logoOn 7th of April, the Document Foundation released Libreoffice 5.1.2: “LibreOffice 5.1.2 is targeted at technology enthusiasts, early adopters and power users. For more conservative users, and for enterprise deployments, TDF suggests the “still” version: LibreOffice 5.0.5“. Ah yes… my promise to build LO 5.0.5 packages for Slackware 14.1 has still not been fulfilled. Sorry folks, will see what I can do about that. But there is still some stuff which is ranking higher on my TODO list.

LO_5.1.2

LibreOffice 5.1.2 is a minor update, focusing on bug fixes.

Packages can be obtained from these mirror sites and probably others too:

Cheers! Eric

April ’16 security fixes for Adobe Flash

adobe_flash_8s600x600_2Yesterday Adobe issued a new Flash player  security update .The update addresses a zero-day vulnerability which is actively exploited – installing crypto ransomware on Windows computers. No idea about the relevance of that for the Linux platform but I created packages anyway.

There’s a new Linux Flash Player plugin as well as a Chromium PepperFlash addon. The new plugin for the Chromium browser (chromium-pepperflash-plugin) has the version number 21.0.0.213. The plugin for Mozilla browsers (flashplayer-plugin) has version 11.2.202.616.

My download locations for the Flash plugin packages are as always:

If you are using the slackpkg+ extension for slackpkg, then you just run “slackpkg update && slackpkg upgrade flash”. Alternatively, you can subscribe to my repository RSS feed to stay informed of any updates.

Eric

Bear is live

alienIn the evenings of the past few days I have been working hard on getting a new server setup to replace the buckling taper.alienbase.nl server.

I proudly announce bear.alienbase.nl , no longer a virtual machine but a real physical server I am renting at online.net. Thanks to many people donating money to ensure that I can pay the server’s rent for a long time to come, and thanks to kikinovak and the support staff at online.net for helping me with getting Slackware installed (it is not an official installation option). So:

Linux bear 4.4.6 #2 SMP Wed Mar 16 14:17:03 CDT 2016 x86_64
Intel(R) Atom(TM) CPU C2350 @ 1.74GHz GenuineIntel GNU/Linux

Bear is running Slackware64 14.2 RC1 and has a 2.5 Gbps (shared) connection to the internet. I managed to get 94 MB/sec downloads from slackware.uk, which means I saturated the full bandwidth of this UK mirror. Downloading content should easily give you speeds in the order or 20 MB/sec if you have that bandwidth at home, meaning a Slackware Live ISO should be downloaded to your computer in about two minutes.

Speaking of Slackware Live Edition, there’s another bounty associated with running a 64bit Slackware-current OS on this server – bear can generate the Live ISOs by itself. So I wrote a script (inspired by mirror-slackware-current.sh) called “create_liveslak_iso.sh” which works the same way: every time there is an update to the Slackware64-current ChangeLog.txt this script will create a 64bit Slackware Live ISO from scratch. It’s already scheduled in cron, and its output can be found at http://bear.alienbase.nl/mirrors/slackware/slackware-live/slackware64-current-live/ . Note that the ISO creation process takes roughly two hours, so before starting a download please check the logfile to see if the process has finished (last line should be “— Cleaning up the staging area…“)

This weekend, if I have time (plans for Easter are still prone to change) I will migrate the SlackDocs Wiki (docs.slackware.com) from taper to bear and then taper will no longer run a critical part of my services. The cgit web interface to the git repositories is already up and running at http://bear.alienbase.nl/cgit/ and after Easter, the actual git repositories at taper will stop being accessible on taper when I move them over to bear.

Summarizing: all of you who were using taper.alienbase.nl for downloading Slackware related stuff, please switch to bear.alienbase.nl. The new server offers http, https and rsync access to all content and does not apply black- or whitelisting. Everyone is welcome to use it. The server has unlimited data transfers so I do not have to be afraid of hidden costs.