Just yesterday I uploaded my packages for chromium and chromium-ungoogled to 117.0.5938.92. Only to discover right before heading to bed that there’s a new security update available… Chromium 117.0.5938.132 fixes a zero-day vulnerability in libvpx (CVE-2023-5217) which is already actively exploited to install spyware on computers.
The chromium packages for 117.0.5938.132 are already available in my repository. The chromium-ungoogled packages are currently compiling and will become available in the evening (CET timezone) i.e. later today.
It’s highly recommended to upgrade to my latest chromium and chromium-ungoogled packages.
Liveslak updates! Quite soon after my August ISO refresh, I used some free moments to implement a request of sorts and fix some longstanding bugs.
Version 1.8.0 of the liveslak scripts is now available, containing these enhancements and fixes.
Links to the liveslak git repository and download locations are at the bottom of this post. Of course, the new functionality and fixes are also present in a fresh batch of Slackware Live ISO images.
New features of liveslak 1.8.0
LUKS encrypted containers for your homedirectory and for persistence are now supporting many more filesystems, not just ext2/4 but also btrfs, f2fs, jfs or xfs. The lack of f2fs support was mentioned by a visitor of this blog and I thought that was useful feedback.
The accompanying scripts iso2usb.sh and isocomp.sh now support this filesystem choice via a new ‘-F‘ switch.
Note that the Linux partition of a USB Live thumbdrive remains ext4 formatted, because liveslak uses extlinux to boot on a BIOS computer.
The upslak.sh script can now extend the size of the LUKS encrypted container files on your USB thumbdrive, in case you run out of storage there.
I fixed the pxeserver script and expanded its functionality:
PXE boot of a UEFI computer finally works.
Note that this may not work for you out of the box, because there are two implementations in dnsmasq to support UEFI PXE boot… and sometimes, one will work and the other won’t. So, you may have to open the /usr/local/sbin/pxeserver script in an editor and look for the section where a number of ‘dhcp-match‘ and ‘dhcp-boot‘ lines is commented out. If you remove the comment characters from these 8 lines and instead, add a comment character ‘#’ in front of the ‘dhcp-match‘ and ‘pxe-service‘ lines a bit higher up, your UEFI computer might actually succeed in booting over the network.
NAT firewalling can be optionally enabled in case PXE clients wouldn’t have Internet access otherwise.
I fixed the hang during shutdown/reboot when liveslak is a PXE client.
I fixed UEFI boot using GRUB when the live ISO had been ‘dd’-ed or ‘cp’-ed directly to a USB thumbdrive. You would end at the GRUB prompt instead of booting into the OS.
It took me quite a while because this bug was introduced in Feb 2019 (!), and I never found the time to investigate. Eventually looking into it during a weekend of solitude caused an epiphany.
I added support for a dark theme in KDE Plasma based ISOs, with the LEAN ISO as an example (that one also gets a new login/desktop background image taken from my photo collection with every ISO refresh).
Lots of other small fixes and enhancements, read the Git log for more information.
Booting from an on-disk ISO file
Liveslak supports Ventoy, a multi-boot manager for removable media like USB thumbdrives which lets you boot any ISO image you store on the disk, selecting from a GRUB menu it creates on the fly.
Because liveslak implements the “Ventoy-compatible” guideline, any Slackware Live ISO works out of the box on Ventoy. Support for encrypted persistence and homedirectory containers on a Ventoy disk is offered by the ISO companion script ‘isocomp.sh‘.
You can find the details in the git commit message.
Install Slackware using a liveslak ISO
A quick reminder that you can use a liveslak ISO to install Slackware to your hard drive from its official package repository (using a network installation from a HTTP, FTP, NFS or Samba server).
You can also install the actual content of the Live ISO to your harddisk if you like. In this case all “live aspects” will be skipped during the copy, so that you will in fact end up with a completely regular Slackware on your harddisk.
The program to run these installations is available on all liveslak ISOs and is called ‘setup2hd‘. It is derived from the ‘setup‘ program of a Slackware install media, but has some nice enhancements: it launches cfdisk/cgdisk for you to partition your disks, lets you create a regular user, and allows you to configure a basic firewall.
Best of all, you can run setup2hd in an X-terminal and let the installer chomp through the packages while you browse the internet, watch a video or perform any other kind of leisurely activities on your Live OS.
And by the way: booting Slackware Live is the only way (using setup2hd) to install the official Slackware distro from a network server across a wireless connection. The official Slackware installer only supports wired network connections.
Get liveslak ISOs
The various variants of Slackware Live Edition can be found in the “latest” subdirectory at https://download.liveslak.org/ or its US mirror https://us.liveslak.org/ . A fast UK mirror is provided by Darren Austin at https://slackware.uk/liveslak/ .
You’ll be able to download ISO Live images of 32bit and 64bit Slackware proper, also of the small XFCE variant for (both architectures), and then CINNAMON, DAW, LEAN and MATE ISOs that only come in 64bits.
Big thanks to Willy Sudiarto Raharjo (willysr) for maintaining the Mate and Cinnamon Slackware package repositories.
Also have a look in the “bonus” subdirectory! There you’ll find Nvidia graphics and Broadcom wireless binary drivers, Wine 8 and multilib modules to add if you use the persistent version of liveslak.
All ISOs containing a 64bit Live Slackware have support for SecureBoot.
Google is speeding up its Chromium release cycle. Let’s see if I can keep up since I also build the -ungoogled variant. The latest update is 116.0.5845.140 and addresses a vulnerability.
You can now upgrade to my latest chromium and chromium-ungoogled packages. The updated Slackware 15.0 and -current packages both for chromium and chromium-ungoogled are available in my repository and its mirrors (like my own US server and the UK mirror).
FFmpeg.
A recent upgrade of Vulkan in slackware-current prompted a rebuild of the ffmpeg 5.1.3 distro package, and for the same reason I had to recompile my enhanced ffmpeg package for -current. I used the opportunity to add an embedded version of SVT-AV1, an open source AV1 video encoder originally developed by Intel in collaboration with Netflix and later adopted by the Alliance for Open Media. My ffmpeg package already contains an AV1 decoder: the dav1d library, but now you can have a go at creating your own video in AV1 format.
Get ffmpeg-5.1.3 for -current here (unrestricted distribution) or here (this version can encode AAC audio and hence restricted to distribution outside the US).
Handbrake.
The version of this package targeting slackware-current also needed a recompile due to the Vulkan update in -current and here I used the opportunity to apply a minor version upgrade.
Get handbrake-1.6.1 here (unrestricted distribution) or here (this version can encode AAC audio and hence restricted to distribution outside the US).
Pipewire-jack.
In slackware-current, pipewire is a moving target. I know that a lot of people have switched from using pulseaudio and jack to just pipewire with varying levels of success. I keep offering the Jack Audio Connection Kit support libraries for pipewire which are not present in the Slackware pipewire package, simply because Pat compiles pipewire without jack installed.
Note: my pipewire-jack package is not replacing Slackware’s pipewire! It’s an add-on which depends on my jack2 package being installed as well. It’s quite similar in purpose to my pulseaudio-jack package which aims to add support for Jack in pulseaudio.
Get pipewire-jack-0.3.79 here.
Last weekend I pushed version 1.7.0.1 of liveslak code to my git repository and used it to generate a fresh batch of Slackware Live ISO images.
Main change between 1.7.0 and 1.7.0.1 is fixing the broken Ventoy support on UEFI computers. Slackware Live ISO works out of the box on Ventoy again. The documentation will help you setup persistence for the live ISO on a Ventoy disk.
Get liveslak ISOs
The various variants of Slackware Live Edition can be found in the “latest” subdirectory at https://download.liveslak.org/ or its US mirror https://us.liveslak.org/ . A fast UK mirror is provided by Darren Austin at https://slackware.uk/liveslak/ .
You’ll be able to download ISO Live images of 32bit and 64bit Slackware proper, also of the small XFCE variant for (both architectures), and then CINNAMON, DAW, LEAN and MATE ISOs that only come in 64bits.
The DAW ISO is based on Slackware 15.0 (including all patches to date) to offer a sense of stability, whereas all the other ISOs are based on Slackware-current update “Fri Aug 18 18:37:33 UTC 2023“.
All ISOs containing a 64bit Slackware have support for SecureBoot.
Also have a look in the “bonus” subdirectory! There’s Nvidia binary graphics driver, Broadcom STA wirelesss driver, Wine 8 and multilib modules to add if you use the persistent version of liveslak.
Earlier this week, Google released its 114.0.5735.133 update for Chromium 114.
This is a bugfix release and on the list of addressed security issues, there’s one which is labeled as ‘critical‘, labeled CVE-2023-3214. Three other fixes are labeled with a vulnerability rating of ‘high‘.
As always, it is wise to upgrade to my latest chromium and chromium-ungoogled packages.
Dear visitor, you seem to be using an Ad Blocker. Please consider whitelisting 'Alien Pastures'. I use the revenue from displaying ads (small as it is) to keep this site running. Thanks!
Just yesterday I uploaded my packages for chromium and chromium-ungoogled to 117.0.5938.92. Only to discover right before heading to bed that there’s a new security update available… Chromium 117.0.5938.132 fixes a zero-day vulnerability in libvpx (CVE-2023-5217) which is already actively exploited to install spyware on computers.
FFmpeg.
Handbrake.
Pipewire-jack.