Alien Pastures

My thoughts on Slackware, life and everything

Tag: cve (Page 3 of 21)

Updates for Chromium (-ungoogled also), LibreOffice, Java

November 29, 2022 / / 16 Comments

Around the last weekend I worked on several package updates. In the meantime I had to battle home infrastructure breakdown, as well as the realization that I had inadvertantly opened up my SMTP server as an open relay and had to do some fast infrastructure redesign 🙁

Anyway:

Chromium, regular and ungoogled.

There was a new release at the end of last week. The Chromium 107.0.5304.121 release fixes a security issue for which an exploit already exists in the wild (CVE-2022-4135).
I provide packages for this release both for chromium and chromium-ungoogled. Target OS releases are Slackware 14.2 and higher (32bit and 64bit).

LibreOffice.

The latest release of LibreOffice ‘fresh’ is 7.4.3. This is an incremental bugfix release.
I provide packages for this release, targeting Slackware 15.0 and newer.
Note that my libreoffice package depends on openjdk11 (see below). If you are running slackware-current instead of 15.0, you will additionally need boost-compat and icu4c-compat packages to provide the libraries that are no longer present in -current.

Java.

Oracle released its quarterly update to the Java source code release affecting both JDK 8 and JDK 11.
Andrew Hughes provides an updated icedtea release to be able to compile OpenJDK 8 update 352 build 08. My openjdk package targets Slackware 14.2 and newer.
And for the OpenJDK 11.0.17_8 (aka the 11.0.17 General Availability release) update I provide an openjdk11 package which targets Slackware 15.0 and newer.

Have fun!

Eric

Chromium 105.0.5195.125 packages available (also ungoogled)

September 22, 2022 / / 6 Comments

I was on vacation for a while, then after my return I mainly focused on getting the new Audacity packages successfully built. In the meantime, Google was not idling and released version 105.0.5195.125 of the Chromium sourcecode.
There’s 11 vulnerability fixes in this release, some of them rated high enough that it is again recommended to upgrade your browser as soon as possible.

I did not forget the un-googled variant of course for which the same recommendation is valid.

The 64bit packages for chromium and chromium-ungoogled (Slackware 14.2 and newer) can already be downloaded from my repository and its main mirrors. You’ll have to wait a bit for the 32bit packages, they are compiling at the moment. Thanks to Google developers who I assume mostly run 64bit Ubuntu, the 32bit compilation of Chromium sources quite frequently meets with issues that need time to resolve.

Eric

Chromium 105 update addresses zero-day exploit

September 5, 2022 / / 11 Comments

Only a few days after Google released Chrome 105 (by means of the 105.0.5195.52 sourcecode) they have pushed an update to 105.0.5195.102.
This update fixes a single bug, but it is a critical one (CVE-2022-3075) for which a zero-day exploit is actively abused by malicious third parties. It’s highly recommended to upgrade your Chromium (regular as well as un-googled) browser to the latest version.

I have already uploaded packages for chromium (64bit and 32bit) and chromium-ungoogled (64bit) version 105.0.5195.102. They’ll work on Slackware 14.2 and newer. The 32bit chromium-ungoogled package will follow in a few hours, no thanks to compiler segfault during the nightly build of this package.

Eric

LibreOffice 7.4.0 and security updates for Chromium 104

August 20, 2022 / / 7 Comments

Updates for you!
I added fresh packages for LibreOffice Community Edition 7.4.0 which was released a few days ago. According to the Document Foundation blog post, the focus is on improving MS Office document format interoperability and helping people migrate from MS Office to LibreOffice.

Note that I compiled these new packages on Slackware 15.0. If you install them on Slackware -current you will also need to download ‘icu4c-compat‘ and boost-compat from my repository and install them. They are two compatibility packages containing older versions of the icu4c and boost libraries, in particular the versions that are part of Slackware 15.0 but no longer part of -current.

Get libreoffice packages from my own Europe-based server: https://slackware.nl/people/alien/slackbuilds/libreoffice/ or my US-based server: https://us.slackware.nl/people/alien/slackbuilds/libreoffice/ ;or any mirror if you wait a day, for instance https://slackware.uk/people/alien/slackbuilds/libreoffice/ .
These servers all offer rsync access if you prefer that to http.

 

Then there is the security update for Chromium 104.

Google shared an announcement a couple of days ago, mentioning that the 104.0.5112.101 release addresses several vulnerabilities ranked as “high” but also a critical vulnerability (CVE-2022-2852). For one of the “high” vulnerabilities CVE-2022-2856 actually a 0-day exploit is reported to exist in the wild.
I strongly recommended to upgrade.

For chromium-ungoogled, I have done the same upgrade of course, so those packages are now also at version 104.0.5112.101, just like the chromium packages.

The updated packages for chromium and chromium-ungoogled are available for Slackware 14.2 and newer from the usual places like http://www.slackware.com/~alien/slackbuilds/ , http://slackware.nl/people/alien/slackbuilds/ , http://us.slackware.nl/people/alien/slackbuilds/ or http://slackware.uk/people/alien/slackbuilds/ .

Enjoy – Eric

Libre Office 7.3.5 and updates for Chromium 103 (also -ungoogled)

July 24, 2022 / / 27 Comments

LibreOffice Community Edition 7.3.5 was released last week. The Document Foundation blog has the news on it.
The 7.3.x releases are the bleeding edge of this popular office suite but nevertheless really stable software. Libre Office 7.4.0 is right along the corner (expected release is mid-august) but I might hold out on that first release.

The new package set for libreoffice-7.3.5 (for Slackware 15.0 and -current) can be downloaded from my repository.
Note that I compiled them on Slackware 15.0 so if you install them on Slackware -current you will also need to install ‘icu4c-compat‘ and boost-compat. These are other packages in my repository; they contain older versions of the icu4c and boost libraries, in particular the versions that are part of Slackware 15.0 but no longer part of -current.

Get libreoffice packages from my own Europe-based server: https://slackware.nl/people/alien/slackbuilds/libreoffice/ or my US-based server: https://us.slackware.nl/people/alien/slackbuilds/libreoffice/ ;or any mirror if you wait a day, for instance https://slackware.uk/people/alien/slackbuilds/libreoffice/ .
These servers all offer rsync access if you prefer that to http.

 

I wrestled with the Chromium 103 updates. Most frustrating program to build, ever, considering the time it takes to compile a package and the fast release cycle.
Here’s the heads-up: I have an incremental update both for regular and un-googled Chromium 103, but only after I finally gave up on compiling the 32bit chromium-ungoogled package. The compiler just keeps on segfaulting.

Google’s announcement last week of the 103.0.5060.134 release mentions a couple of vulnerabilities with a security level of ‘high’, so again it’s recommended to upgrade. This release kept my build box busy for several days but with VLC and LibreOffice packages waiting to be built and seeing the chromium-ungoogled compilation fail 4 times in a row at different stages, I had to decide skipping the 32bit chromium-ungoogled package this time. Let’s hope I have better luck next time.
The updated packages for chromium and chromium-ungoogled are available for Slackware 14.2 and newer. I will try to keep supporting Slackware 14.2 for as long as I can.

The packages can be downloaded from the usual places like http://www.slackware.com/~alien/slackbuilds/ , http://slackware.nl/people/alien/slackbuilds/ , http://us.slackware.nl/people/alien/slackbuilds/ or http://slackware.uk/people/alien/slackbuilds/ .

Enjoy – Eric

« Older posts Newer posts »

© 2024 Alien Pastures

Theme by Anders NorenUp ↑