My thoughts on Slackware, life and everything

Tag: flash (Page 2 of 13)

What all happened in March so far

I realize I have been a wee bit silent on the blog (not counting my replies in the comments section). This was due to private issues that drained the desire for social interactions. Nevertheless there was quite a bit of activity on the Slackware packaging front.

So, what new stuff?

First of all: yesterday, Adobe released a security update for their Flash plugins for Mozilla-compatible (NPAPI) and Chromium-compatible (PPAPI) browsers. Check the version 29.0.0.113 installation status on http://get.adobe.com/flashplayer/about/. You are encouraged to upgrade.

Chromium browser was updated twice… last week I made the final release in the 64 series available and today (repositories have not been updated yet) I am updating again, to the 65 release. Version 65.0.3325.146 comes with a large list of 45 security fixes, read the release notes to get the gist. Unfortunately, this new release has cost me a full week of recompiles, day & night, all the time running into new compilation errors. It was not trivial to come up with a set of patches that eradicated all the compilation errors. I wrote a couple myself, reverted a chromium commit and borrowed from Gentoo – thanks as always for these guys’ code troubleshooting skills. The discussion on the Chromium Packagers list has given me some ideas for the next iteration of the SlackBuild script that may not require this much patching. But I am pushing this version to my repository anyway, even though I just spotted a newer version on the Google blog… released yesterday. Damn.

Pale Moon browser got an update to  27.8.1. Many improvements and fixes over the 27.7.x versions, check their release notes for the details. Despite the fact that the new Mozilla Firefox is much improved as well, and a lot speedier since Mozilla switched to the Quantum codebase, people may still prefer the older codebase of Firefox from which Pale Moon was forked.

LibreOffice 6.0.2 was released last week and I built packages for Slackware 14.2 as well as -current. Still the best office suite available. I should try to build the LibreOffice online version sometime…

When Slackware 14.2 was graced with an updated set of gcc packages in the “patches” section (gcc-5.5.0 with a series of patches related to retpoline countermeasures for the recent Meltdown/Spectre vulnerabilities) I took the opportunity not only to give the multilib repository for Slackware 14.2 a refresher to gcc-5.5.0_multilib, but I also updated the gcc5 package for slackware-current in my regular repository to that 5.5.0 release – including the retpoline patches. Remember, my gcc5 package for slackware-current contains just the C, C++ and Java compilers and has two purposes: first it re-introduces  the GCC Java compiler which was removed in gcc-7; and second, compiling Pale Moon on slackware-current can not be done with its gcc-7 compiler… you need this gcc5 package.

E-book lovers with a fondness for organizing their collection using open source software will find a new Calibre package in my repository. Calibre 3.x for Slackware 14.2 and -current depends on libxkbcommon, podofo, qt5, qt5-webkit and unrar, and for Slackware 14.2 two additional dependencies are libinput and libwacom. All of those can be obtained from my repository as well. If you are not in need of an e-book catalogue and library program, then Calibre still has its usefulness as it includes a versatile E-book reader and a powerful EPUB editor.

Last but not least: I released a new set of Plasma5 packages. The KDE-5_18.03 release of ‘ktown‘ for Slackware-current offers the latest KDE Frameworks (5.44.0), Plasma (5.12.3) and Applications (17.12.3). Read the README file for more details and for installation/upgrade instructions. If you are adventurous, check out the ‘testing‘ variant of the ktown repository as opposed to the ‘latest‘ variant. In ‘testing’ you will find Wayland support. Note that this is experimental (hence the ‘testing’ tag of course) and not fit for day-to-day production work. The ‘latest’ repository contains a stable and productive, complete, and fun to use, Plasma 5 desktop environment.
One thing I want to mention is that I have added the new Falkon browser to the applications-extra section. Falkon is the renamed Qupzilla browser, based on Qt5, and it is destined to be added to the core Applications (not sure when precisely, probably later this year) and it will take the place of the venerable Konqueror. If you are using slackpkg with the slackpkg+ extension, don’t forget to run “slackpkg install ktown” to get the new falkon package installed, because “slackpkg install-new” will not catch new packages in 3rd-party repositories like ‘ktown’.

I promise to get a new PLASMA5 variant of the Slackware Live ISO image out soon, containing all this new stuff! Stay tuned for more.

Security week

This week and the last, I have pushed quite a few packages into my repository that are meant to enhance the safety of your Slackware computer. If you have not been hiding under a stone for the past couple of weeks, you will have read about the Spectre/Meltdown vulnerabilities that plague many CPUs. Mostly Intel CPU’s, but the less harmful variants are also affecting AMD and ARM CPU’s. The broader Linux community is working hard to mitigate the effects of these vulnerabilities, and new kernels have landed in Slackware that have been recompiled with patched compilers so that the vulnerabilities will be harder (or impossible) to exploit.

These patched GCC compilers in Slackware 14.2 and -current needed a multilib variant of course, so you will find those in my multilib repository. For Slackware 14.2 that’s a set of all-new gcc-5.5.0 packages, i.e. the latest gcc 5 release available. In Slackware-current it’s of course the latest gcc 7: version 7.3.0. These compilers support “-mindirect-branch=thunk-extern“, allowing full mitigation of Spectre v2 in the kernel (when CONFIG_RETPOLINE is used).

Then there were the monthly Flash security vulnerabilities, patched by Adobe in version 28.0.0.161 of the flashplayer-plugin (NPAPI plugin for Mozilla based browsers) and the chromium-pepperflash-plugin (PPAPI plugin for Chromium based browsers).  This one was particularly nasty because a 0-day exploit was used actively to gain full control of vulnerable computers (including Linux computers).

The update of Chromium to version 64.0.3282.140 fixed one security related bug, but the previous stable release (the first 64 version I packaged two weeks ago) actually plugged a series of serious vulnerabilities with CVE‘s assigned to them. So, time to upgrade!
And this latest Chromium package of mine has one additional feature: I enabled HEVC/H.265 video playback in the embedded ffmpeg engine. Try it out here: http://www.h265files.com/embed-h265-video.php and notice that most other browsers (except Microsoft Edge and Apple Safari) do not support this video codec. Unfortunately, the online HTML5 tester does not detect this HEVC playback capability.

Another browser’s security update: Pale Moon plugs two vulnerabilities with their 27.7.2 release. Updated package available in my repository of course.

 

And to end this series, I will soon upload a patched plasma-workspace-5.11.3 package for Slackware64 14.2, for those of you who are running my ‘ktown’ Plasma5 desktop.
A vulnerability was discovered, allowing arbitrary command execution in the removable device notifier.
This bug is already fixed in Plasma 5.12, so those who run the Plasma5 Desktop on Slackware-current only need to wait until tomorrow to get an all-new monthly set of packages among which Plasma 5.12. Watch this blog for the news!

Updates for Chromium, LibreOffice, Calibre (and Flash too)

I took my new build server for a run and have not found its limits yet (plus, no Ryzen related crashes yet). Compared to my old computer, this new box compiles with roughly 10 times the speed. That makes a big difference for big updates like Chromium and LibreOffice, which would take me one day per package (i.e. per release and per architecture) in the past.

I can now effortlessly run 3 VM’s in parallel, all with 8 virtual cores and 8 GB of RAM. That will of course slow down compiling a bit (4 to 5 times the old speed instead of 10 times) but with 3 virtual machines I still get a lot more output than ever before.

Therefore, I have been able to create and upload new packages (Slackware 14.2 and -current):

And added to the stew: today’s Adobe Flash security updates, which give us version 27.0.0.130 of the Flashplayer for Chromium and Mozilla browsers.

Have fun! Eric

OpenJDK7 and Flash Player security updates (Aug ’17)

icedteaOn the blog of IcedTea release manager Andrew Hughes (aka GNU/Andrew) you can find the announcement for IcedTea 2.6.11 which builds OpenJDK 7u151_b01. This release includes the official July 2017 security fixes for Java 7. Note that the security updates for Java 8 were already pushed to my repository some time ago.

Here is where you can download the Slackware packages for openjdk7 and openjre7:

The “rhino” package (implementation of the JavaScript engine used by OpenJDK) is an external dependency for OpenJDK 7, you can find a package in my repository. If you want to compile OpenJDK7 yourself you will need apache-ant as well.

Note about usage:

My Java 7 and Java 8 packages (e.g. openjdk7 and openjdk… or openjre7 and openjre) can not co-exist on your computer because they use the same installation directory. You must install either Java 7 or Java 8.

Remember that I release packages for the JRE (runtime environment) and the JDK (development kit) simultaneously, but you only need to install one of the two. The JRE is sufficient if you only want to run Java programs (including Java web plugins). Only in case where you’d want to develop Java programs and need a Java compiler, you are in need of the JDK package.

adobe_flash_8s600x600_2There was a recent security update for the Flash Player plugin as well. The new version is 26.0.0.151 for both the PPAPI (Google Chrome and friends) and the NPAPI (Mozilla Firefox and friends) based plugins.

You can find Slackware packages for the Flash plugins in the following repositories (and probably many more mirrors):

Have fun! Eric

Adobe Flash security update July ’17

adobe_flash_8s600x600_2This month’s security update for the Flash Player plugin has arrived. The new version is 26.0.0.137 for both the PPAPI (Google Chrome and friends) and the NPAPI (Mozilla Firefox and friends) based plugins.
I know… Flash is a monster and should be killed. But as long as people need it on Slackware, and as long as Adobe keeps releasing Linux plugin updates, I will package them and add them to my repository.

You can find Slackware packages for the Flash plugins in the following locations:

Also security related but nothing to do with either Adobe or CVE’s:

The Veracrypt developers have released version 1.21 of their fork of the abandoned TrueCrypt code. The Slackware ‘veracrypt‘ packages for this new version can be found in the same repositories as mentioned above.

Have fun.

« Older posts Newer posts »

© 2024 Alien Pastures

Theme by Anders NorenUp ↑