My thoughts on Slackware, life and everything

Tag: drm (Page 2 of 3)

Last week’s package harvest and more

Last week I made my build server at home churn through a lot of packages, let me summarize what became available recently in my slackbuilds repository:

  • I added ‘NetworkManager-openvpn‘ which is a plugin for NM adding support for OpenVPN connections. I needed this for myself since I recently started using the services of Private Internet Access (PIA). All I needed in addition was the ZIP file with OpenVPN configurations. If you need more instructions about how to setup the PIA VPN let me know and I will wrote some more about that. I also added this plugin to my PLASMA5 Live Edition.
  • I upgraded ‘Handbrake‘ to 1.0.3 which also fixed the libvpx library error on -current.
  • I updated the Flash Player plugins for Mozilla and Chromium browsers to 25.0.0.127 (this is a security update).
  • I updated Chromium and its Widevine plugin to 57.0.2987.98. There is a slightly newer release out already but that will have to wait a bit.
  • I updated LibreOffice to 5.3.1 (packages for -current only but I will build them for 14.2 too).

I did more than that; I also updated the front page of my ‘bear’ server with the information that you can access it over secure HTTP (https), and added a link to my post about the CACert issue with Mozilla and Google browsers. Furthermore I added more detail about the dynamically generated ISOs for Slackware-current (the installation DVD and the Live Edition).

I will spend my next post writing about the new KDE 5_17.03 edition which I uploaded to my ‘ktown’ repository, but let me mention here that I already uploaded a new PLASMA5 variant of the Slackware Live Edition which contains a “work in progress” version of this new Plasma 5 release (work in progress because I decided to add more packages later). I did not mention that in any previous post.
Along with that Plasma 5 Live ISO I also uploaded a variant containing the very fresh MATE 1.18 (thanks to Willy for providing me with the tried & tested packages). So there is enough to play with 🙂
I am actually considering a new spin of the PLASMA5 Live ISO because it allows me to offer the complete KDE-5_17.03 including the Kdenlive non-linear video editor in the Live OS, along with the latest LibreOffice.

Enough for now, check out my follow-up post for the news about my new Plasma 5 ‘ktown’ release.

Have fun! Eric

Chromium 56, LibreOffice 5.2.5

libreoffce_logoI had rebuilt the libreoffice-5.2.4 packages for Slackware -current last week, because library updates in Slackware had broken the spreadsheet application ‘localc‘. And voila… not long afterwards the Document Foundation blog announced 5.2.5: “all users are invited to update to LibreOffice 5.2.5 from LibreOffice 5.1.6 or previous versions“. Today on the first of february, we can even witness the 5.3 release.

A list of the most significant new features of LibreOffice 5.3 has been published in a separate document (http://tdf.io/lo53features) and you are invited to watch a series of short videos (http://tdf.io/53vids) if you want to get a taste of what’s on the plate. Collaborative editing is the major highlight I guess. A detailed description of these new features is also available as a web page:  http://www.libreoffice.org/discover/new-features/.

I am definitely not building packages right away for 5.3 but I did compile packages for 5.2.5 – albeit only for Slackware -current. I may or may not create these packages for Slackware 14.2 as well and then upgrade the -current package to 5.3. Depends on the other stuff I need to do.

These libreoffice packages are huge in size so please use a mirror for download, and take into account that only the master site and ‘bear’ will have the packages during the first 24 hours.

Note: the LibreOffice browser plugin (NPAPI based) has been removed in LibreOffice 4.4.0:  https://skyfromme.wordpress.com/2014/09/25/killing-the-npapi-plugin/

chromium_iconOn another note, Chromium (and Chrome) 56 ‘stable’ was released. It’s nice to test the HTML5 feature set on a site like HTML5test and see that it is at the top of all the browsers up there (517 points, only Chrome 56 for Windows scores better because it supports speech synthesis).

Packages for Slackware 14.2 and -current are now available from my repository. No ETA for Slackware 14.1 packages, and perhaps it is time for people still using Chromium on 14.1 to upgrade to 14.2?

As always, here are some common download sites:

Have fun! Eric

Update for Chromium 45

chromium_iconGoogle updated their Chrome/Chromium with mention of some security fixes. I had to finish compiling LibreOffice first, and also it takes a while for the official chromium source tarball to appear on Google’s servers. But the weekend started uneventful so it was easy to build you some new packages for the chromium browser inbetween baking some tasty sourdough bread. Accompanied by packages for the widevine plugin (a closed-source non-free plugin which allows you to watch Netflix in particular).

The security fixes in chromium 45.0.2454.101 have CVE numbers:

  • [$TBD][530301] High CVE-2015-1303: Cross-origin bypass in DOM. Credit to Mariusz Mlynski.
  • [$TBD][531891] High CVE-2015-1304: Cross-origin bypass in V8. Credit to Mariusz Mlynski.

Get my chromium (and widevine plugin) packages in one of the usual locations:

Have fun! Eric

Chromium 44 available (Netflix still works)

chromium_iconI have made new packages for the chromium browser and its widevine plugin. Chromium version 44 was released a bit earlier this week, and it took me a while to compile, because the new OpenJDK 7u85 and LibreOffice 5.0.0.rc3 packages were ahead of it in the build queue. Guess what… now that I am writing this blog article after uploading the packages for chromium-44.0.2403.89, I notice that there was a second release of Chromium 44 Stable… today. Which makes me wonder if there was a regression in the earlier source release.

That updated version 44.0.2403.107 may have to wait, because I will be unable to do a lot of Slackware related stuff until august; real life is catching up with me. If there are real useability issues with 44.0.2403.89, let me know and I will see if I can shift priorities or make the older 43.x packages available again. My initial (not exhaustive) testing showed no weirdness at least.

Regardless, it took a few iterations before I got the Widevine CDM adapter to compile properly. I had to look at my chromium-dev package’s history to remember what had changed in version 44. Once I applied that knowledge to the stable sources, it all began to come together. Netflix still works 🙂 … well, after you’ve installed/upgraded my chromium-widevine-plugin package of course. which contains the proprietary Content Decryption Module.

The new chromium source I compiled into a package, comes with several security fixes, and here are the CVE’s:

  • [$3000][446032] High CVE-2015-1271: Heap-buffer-overflow in pdfium. Credit to cloudfuzzer.
  • [$3000][459215] High CVE-2015-1273: Heap-buffer-overflow in pdfium. Credit to makosoft.
  • [$TBD][461858] High CVE-2015-1274: Settings allowed executable files to run immediately after download. Credit to  andrewm.bpi.
  • [$7500][462843] High CVE-2015-1275: UXSS in Chrome for Android. Credit to WangTao(neobyte) of Baidu X-Team.
  • [$TBD][472614] High CVE-2015-1276: Use-after-free in IndexedDB. Credit to Collin Payne.
  • [$5500][483981] High CVE-2015-1279: Heap-buffer-overflow in pdfium. Credit to mlafon.
  • [$5000][486947] High CVE-2015-1280: Memory corruption in skia. Credit to cloudfuzzer.
  • [$1000][487155] High CVE-2015-1281: CSP bypass. Credit to Masato Kinugawa.
  • [$TBD][487928] High CVE-2015-1282: Use-after-free in pdfium. Credit to Chamal de Silva.
  • [$TBD][492052] High CVE-2015-1283: Heap-buffer-overflow in expat. Credit to sidhpurwala.huzaifa.
  • [$2000][493243] High CVE-2015-1284: Use-after-free in blink. Credit to Atte Kettunen of OUSPG.
  • [$7500][504011] High CVE-2015-1286: UXSS in blink. Credit to anonymous.
  • [$1337][419383] Medium CVE-2015-1287: SOP bypass with CSS. Credit to filedescriptor.
  • [$1000][444573] Medium CVE-2015-1270: Uninitialized memory read in ICU. Credit to Atte Kettunen of OUSPG.
  • [$500][451456] Medium CVE-2015-1272: Use-after-free related to unexpected GPU process termination. Credit to Chamal de Silva.
  • [479743] Medium CVE-2015-1277: Use-after-free in accessibility. Credit to SkyLined.
  • [$500][482380] Medium CVE-2015-1278: URL spoofing using pdf files. Credit to Chamal de Silva.
  • [$1337][498982] Medium CVE-2015-1285: Information leak in XSS auditor. Credit to gazheyes.
  • [$500][479162] Low CVE-2015-1288: Spell checking dictionaries fetched over HTTP. Credit to mike@michaelruddy.com
  • [512110] CVE-2015-1289: Various fixes from internal audits, fuzzing and other initiatives.

Get my chromium packages in one of the usual locations:

Change the URL a bit to get the chromium-widevine-plugin  package.

Have fun! Eric

Chromium 41

Chromium and Widevine:

chromium_iconI prepared packages for you (Slackware 14.1 and -current) for the latest Chromium browser and its optional Widevine plugin. In the  Chrome Releases blog you can read the announcement for Chrome/Chromium 41 to the Stable Channel (full version is 41.0.2272.76).

Chromium 41 is a major version upgrade with attention to security and performance. I could not find new functionality that needs mentioning though.

The new packages for my chromium and chromium-widevine-plugin packages both have version 41.0.2272.76 – indicating that they should be used together. The Widevine plugin reports itself as version “1.4.7.771” in chrome://plugins .

You don’t have to install the Widevine plugin. Chromium without Widevine plugin is a pure and open source browser, even the Widevine “adapter module” inside the Chromium package is open source. The Widevine library itself is a closed-source Content Decryption Module (CDM) which therefore is not part of the Chromium package but separately packaged (after extracting it from Google’s binary download of the Chrome browser with the same version number).

Download locations:

Note for the curious: Widevine is a Content Decryption Module (CDM) used by Netflix to stream video to your computer in a Chromium browser window. With my chromium and chromium-widevine-plugin packages you no longer need Chrome, or Firefox with Pipelight, to watch Netflix.

Have fun with it! For me, it is bed time after a long working week, and time to bake some good sourdough breads during the weekend. After the weekend I hope to take a look at the new KDE Applications 14.12.3 tarballs and TigerVNC. Considering the promise of sun and high temperatures during the weekend, I would rather spend time walking outside with my wife than spend time alone behind this computer 🙂

Eric

« Older posts Newer posts »

© 2024 Alien Pastures

Theme by Anders NorenUp ↑