Tag: cve (Page 3 of 21)

Chromium 105 update addresses zero-day exploit

September 5, 2022 / alienbob / 11 Comments

Only a few days after Google released Chrome 105 (by means of the 105.0.5195.52 sourcecode) they have pushed an update to 105.0.5195.102.
This update fixes a single bug, but it is a critical one (CVE-2022-3075) for which a zero-day exploit is actively abused by malicious third parties. It’s highly recommended to upgrade your Chromium (regular as well as un-googled) browser to the latest version.

I have already uploaded packages for chromium (64bit and 32bit) and chromium-ungoogled (64bit) version 105.0.5195.102. They’ll work on Slackware 14.2 and newer. The 32bit chromium-ungoogled package will follow in a few hours, no thanks to compiler segfault during the nightly build of this package.

Eric

LibreOffice 7.4.0 and security updates for Chromium 104

August 20, 2022 / alienbob / 7 Comments

Updates for you!
I added fresh packages for LibreOffice Community Edition 7.4.0 which was released a few days ago. According to the Document Foundation blog post, the focus is on improving MS Office document format interoperability and helping people migrate from MS Office to LibreOffice.

Note that I compiled these new packages on Slackware 15.0. If you install them on Slackware -current you will also need to download ‘icu4c-compat‘ and boost-compat from my repository and install them. They are two compatibility packages containing older versions of the icu4c and boost libraries, in particular the versions that are part of Slackware 15.0 but no longer part of -current.

Get libreoffice packages from my own Europe-based server: https://slackware.nl/people/alien/slackbuilds/libreoffice/ or my US-based server: https://us.slackware.nl/people/alien/slackbuilds/libreoffice/ ;or any mirror if you wait a day, for instance https://slackware.uk/people/alien/slackbuilds/libreoffice/ .
These servers all offer rsync access if you prefer that to http.

Then there is the security update for Chromium 104.

Google shared an announcement a couple of days ago, mentioning that the 104.0.5112.101 release addresses several vulnerabilities ranked as “high” but also a critical vulnerability (CVE-2022-2852). For one of the “high” vulnerabilities CVE-2022-2856 actually a 0-day exploit is reported to exist in the wild.
I strongly recommended to upgrade.

For chromium-ungoogled, I have done the same upgrade of course, so those packages are now also at version 104.0.5112.101, just like the chromium packages.

The updated packages for chromium and chromium-ungoogled are available for Slackware 14.2 and newer from the usual places like http://www.slackware.com/~alien/slackbuilds/ , http://slackware.nl/people/alien/slackbuilds/ , http://us.slackware.nl/people/alien/slackbuilds/ or http://slackware.uk/people/alien/slackbuilds/ .

Enjoy – Eric

Libre Office 7.3.5 and updates for Chromium 103 (also -ungoogled)

July 24, 2022 / alienbob / 27 Comments

LibreOffice Community Edition 7.3.5 was released last week. The Document Foundation blog has the news on it.
The 7.3.x releases are the bleeding edge of this popular office suite but nevertheless really stable software. Libre Office 7.4.0 is right along the corner (expected release is mid-august) but I might hold out on that first release.

The new package set for libreoffice-7.3.5 (for Slackware 15.0 and -current) can be downloaded from my repository.
Note that I compiled them on Slackware 15.0 so if you install them on Slackware -current you will also need to install ‘icu4c-compat‘ and boost-compat. These are other packages in my repository; they contain older versions of the icu4c and boost libraries, in particular the versions that are part of Slackware 15.0 but no longer part of -current.

I wrestled with the Chromium 103 updates. Most frustrating program to build, ever, considering the time it takes to compile a package and the fast release cycle.
Here’s the heads-up: I have an incremental update both for regular and un-googled Chromium 103, but only after I finally gave up on compiling the 32bit chromium-ungoogled package. The compiler just keeps on segfaulting.

Google’s announcement last week of the 103.0.5060.134 release mentions a couple of vulnerabilities with a security level of ‘high’, so again it’s recommended to upgrade. This release kept my build box busy for several days but with VLC and LibreOffice packages waiting to be built and seeing the chromium-ungoogled compilation fail 4 times in a row at different stages, I had to decide skipping the 32bit chromium-ungoogled package this time. Let’s hope I have better luck next time.
The updated packages for chromium and chromium-ungoogled are available for Slackware 14.2 and newer. I will try to keep supporting Slackware 14.2 for as long as I can.

The packages can be downloaded from the usual places like http://www.slackware.com/~alien/slackbuilds/ , http://slackware.nl/people/alien/slackbuilds/ , http://us.slackware.nl/people/alien/slackbuilds/ or http://slackware.uk/people/alien/slackbuilds/ .

Enjoy – Eric

Chromium 103 (regular and ungoogled) available as Slackware package

June 25, 2022 / alienbob / 7 Comments

Apologies for the delay, I was out of town, but i have finally uploaded my new chromium 103 packages for Slackware 14.2 and newer. Their un-googled siblings are also available. Thanks as always to Eloston and his friends for updating the patch-set for ungoogled-chromium.
Last week saw a Google Chromium update which addresses a series of vulnerabilities, which is nothing new of course, but in particular one security hole that has now been patched would allow remote attackers to take control of your computer and execute arbitrary code. See CVE-2022-2156. An update of your installed browser package seems in order.

You can find the Chromium packages (version 103.0.5060.53) at the usual places: my own repositories of course (or any mirror):

Links to the un-googled chromium:

As stated at the beginning of the article: these packages work on Slackware 14.2 and newer. You can download 32bit as well as 64bit variants.

Enjoy! Eric

Chromium 102 (regular and ungoogled) for 64bit Slackware

May 27, 2022 / alienbob / 13 Comments

Google has released the sources for Chromium 102.0.5005.61. The release notes mention 32 security fixes. One of those (CVE-2022-1853) is listed as ‘critical’ and supposedly an attacker can craft a website in such a way that if you visit that URL, the attacker can compromise or take over your local computer. No clicking required.

And again it proves to be quite hard to compile 32bit packages for the new Chromium.
The Google developers create new hurdles almost every major release in their ‘assumption’ that there is no 32bit Linux out there that they should support. I am still working out what I need to fix/patch.

Therefore you can only get 64bit chromium packages here (NL mirror) or here (US mirror). Likewise the chromium-ungoogled packages (64bit only) are found here (NL mirror) or here (US mirror).

Cheers, Eric

April 2024
M	T	W	T	F	S	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30

Fri, 19 Apr 2024 19:34:45 GMT April 19, 2024
15.0/aaa_glibc-solibs-2.33_multilib-x86_64-6alien.txz: Rebuilt. 15.0/glibc-2.33_multilib-x86_64-6alien.txz: Rebuilt. Addresses CVE-2024-2961 (* Security fix *) 15.0/glibc-i18n-2.33_multilib-x86_64-6alien.txz: Rebuilt. 15.0/glibc-profile-2.33_multilib-x86_64-6alien.txz: Rebuilt. 15.0/slackware64-compat32: Refreshed the *compat32 packages. current/aaa_glibc-solibs-2.39_multilib-x86_64-2alien.txz: Rebuilt. current/glibc-2.39_multilib-x86_64-2alien.txz: Rebuilt. Addresses CVE-2024-2961 (* Security fix *) current/glibc-i18n-2.39_multilib-x86_64-2alien.txz: Rebuilt. current/glibc-profile-2.39_multilib-x86_64-2alien.txz: Rebuilt. current/slackware64-compat32: Refreshed the *compat32 packages.
Mon, 1 Apr 2024 15:52:53 GMT April 1, 2024
current/compat32-tools: added l/duktape and n/nss-mdns to massconvert32.sh. current/slackware64-compat32: Refreshed the *compat32 packages.

SlackBuilds.org changes for Sat, 20 Apr 2024 14:15:42 GMT
academic/cadabra2: Updated for version 2.4.5.6. academic/kissat: Added (SAT solver). academic/lammps: Remove doinst.sh. academic/lammps: Updated for version 2023.08.02_update3. academic/rpy2: Upgrade to version 3.5.16 academic/x48: Fixed MD5SUM. audio/amSynth: Updated for version 1.13.3. audio/bitwig-studio: Updated to 5.1.7 audio/kanola: Removed (Upstream is gone). audio/mpdscribble: Switch to meson. desktop/Tela-icon-theme: Updated for version 2024_04_19. desktop/ansiweather: Added (Weather in terminal). desktop/jwm: Updated […]

Tag: cve (Page 3 of 21)

Chromium 105 update addresses zero-day exploit

LibreOffice 7.4.0 and security updates for Chromium 104

Libre Office 7.3.5 and updates for Chromium 103 (also -ungoogled)

Chromium 103 (regular and ungoogled) available as Slackware package

Chromium 102 (regular and ungoogled) for 64bit Slackware

About this blog

Sponsoring

Categories

Subscribe to Blog via Email

My Favourites

Online me

Slackware

Calendar

slackbuilds

multilib

Slackware64-current

SBo

Meta

Top Posts & Pages

Recent posts

Recent comments