My thoughts on Slackware, life and everything

Tag: google (Page 2 of 16)

Google fixes the 8th zero-day in Chromium in 2023

Chromium 120.0.6099.129 for which the source code was released two days ago repairs a zero-day vulnerability.

Zero-day means that the vulnerability is already actively exploited in the wild. Hopefully the last time this year, but it is already the 8th zero-day which was reported and fixed in Chromium. The new zero-day is labeled CVE-2023-7024.
It’s therefore highly recommended to upgrade your chromium and also ungoogled-chromium packages.

Find the updated Slackware 15.0 and -current packages both for chromium and chromium-ungoogled in my repository and its mirrors (like my own US server and in a short while, the UK mirror).

Cheers, Eric

Chromium 118 (also ungoogled) is a security update

I uploaded new 64bit packages for Chromium 118.0.5993.70 (also the un-googled variant) for which the sources were released a few days ago. This first release in the 118 series addresses a critical vulnerability (CVE-2023-5218) so it’s wise to upgrade.
As mentioned in a previous blog post, future 32bit package updates will have a lower frequency: one update per month. Google has increased the frequency of its Chromium releases dramatically (one per week) and I just cannot keep up. If you need that 32bit package badly now, you can of course grab the sources and my SlackBuild and build it yourself.

Looking at this 118 major release, one thing you need to be aware of is the changed behavior of “Enhanced Safe Browsing” which you can enable in the browser’s security settings (chrome://settings/security). Probably most of you already have this enabled. This is what changed:

Google will be able to disable an installed browser extension remotely if it determines the extension is labeled as ‘malicious’ and the extension was not installed via the Chrome Web Store.
The browser’s security checks of downloaded online content have been enhanced with so-called ‘deep scanning’ meaning the browser may now ask you for a password to open a protected archive you just downloaded. Note that the scanning occurs in Google’s datacenter – when you enable ‘enhanced safe browsing’ you consent to uploading some of your data to Google for the specific purpose of scanning and analyzing it for malicious content.
Also with ‘enhanced safe browsing’ enabled, the browser will send telemetry data about installed browser extensions using the chrome.tabs API to Google’s servers for analysis. This is meant to improve the “detection of malicious and policy violating extensions”.

It is up to you to decide which way the tradeoff between enhanced security and sharing data with Google works for you. If you don’t feel comfortable with this and you value your privacy, then you need to disable (or not enable) ‘Enhanced Safe Browsing’ in the settings.

Find the updated Slackware 15.0 and -current packages both for chromium and chromium-ungoogled in my repository and its mirrors (like my own US server and in a short while, the UK mirror).

Cheers, Eric

Chromium package and release update

You have surely noticed an increase in the frequency with which I am releasing new chromium and chromium-ungoogled packages. This is caused by a new release policy from Google, with an update every week and a bump in the major version (currently 117) every month.
I have tried keeping up with that schedule, but I am giving up.
My reasons? One chromium or chromium-ungoogled package takes 11+ hours to compile (part of the Chromium compilation involves compiling Google’s customized clang compiler). Every update, I need to compile 4 packages. It takes away the fun in updating them to be honest. I don’t know for whom I actually create the 32bit packages still.

So, from this moment onwards, my own package release policy changes as follows. I will keep up with the Google source release cycle, but only for the 64bit packages. My 32bit packages for chromium and chromium-ungoogled will be updated no more than once per month, unless there’s a big security hole to be patched.

By the way, I uploaded new chromium packages for 117.0.5938.149 yesterday and today I added its chromium-ungoogled sibling (64bit only).

Find the updated Slackware 15.0 and -current packages both for chromium and chromium-ungoogled in my repository and its mirrors (like my own US server and in a short while, the UK mirror).

Cheers, Eric

Chromium 117.0.5938.132 fixes zero-day exploit

Just yesterday I uploaded my  packages for chromium and chromium-ungoogled to 117.0.5938.92. Only to discover right before heading to bed that there’s a new security update available… Chromium 117.0.5938.132 fixes a zero-day vulnerability in libvpx (CVE-2023-5217) which is already actively exploited to install spyware on computers.

The chromium packages for 117.0.5938.132 are already available in my repository. The chromium-ungoogled packages are currently compiling and will become available in the evening (CET timezone) i.e. later today.
It’s highly recommended to upgrade to my latest chromium and chromium-ungoogled packages.

Find the updated Slackware 15.0 and -current packages both for chromium and chromium-ungoogled in my repository and its mirrors (like my own US server and in a short while, the UK mirror).

Cheers, Eric

Some recent package updates: chromium (-ungoogled), ffmpeg, handbrake, pipewire-jack

Chromium, regular and un-googled.

Google is speeding up its Chromium release cycle. Let’s see if I can keep up since I also build the -ungoogled variant. The latest update is 116.0.5845.140 and addresses a vulnerability.
You can now upgrade to my latest chromium and chromium-ungoogled packages. The updated Slackware 15.0 and -current packages both for chromium and chromium-ungoogled are available in my repository and its mirrors (like my own US server and the UK mirror).

FFmpeg.

A recent upgrade of Vulkan in slackware-current prompted a rebuild of the ffmpeg 5.1.3 distro package, and for the same reason I had to recompile my enhanced ffmpeg package for -current. I used the opportunity to add an embedded version of SVT-AV1, an open source AV1 video encoder originally developed by Intel in collaboration with Netflix and later adopted by the Alliance for Open Media. My ffmpeg package already contains an AV1 decoder: the dav1d library, but now you can have a go at creating your own video in AV1 format.
Get ffmpeg-5.1.3 for -current here (unrestricted distribution) or here (this version can encode AAC audio and hence restricted to distribution outside the US).

Handbrake.

The version of this package targeting slackware-current also needed a recompile due to the Vulkan update in -current and here I used the opportunity to apply a minor version upgrade.
Get handbrake-1.6.1 here (unrestricted distribution) or here (this version can encode AAC audio and hence restricted to distribution outside the US).

Pipewire-jack.

In slackware-current, pipewire is a moving target. I know that a lot of people have switched from using pulseaudio and jack to just pipewire with varying levels of success. I keep offering the Jack Audio Connection Kit support libraries for pipewire which are not present in the Slackware pipewire package, simply because Pat compiles pipewire without jack installed.
Note: my pipewire-jack package is not replacing Slackware’s pipewire! It’s an add-on which depends on my jack2 package being installed as well. It’s quite similar in purpose to my pulseaudio-jack package which aims to add support for Jack in pulseaudio.
Get pipewire-jack-0.3.79 here.

Enjoy the weekend! Eric

« Older posts Newer posts »

© 2024 Alien Pastures

Theme by Anders NorenUp ↑