Alien Pastures

My thoughts on Slackware, life and everything

Tag: security (Page 1 of 3)

LibreWolf is now in my Slackware repository

April 28, 2025 / / 8 Comments

Resulting from a request in one of my other blog pages, I have added a Slackware (15.0 and -current, 32bit as well as 64bit) package for LibreWolf.

The LibreWolf version number “137.0.21” is a combination of the version of Firefox on which the release is based, and the release iteration of the LibreWolf developer community.

LibreWolf is a custom and independent fork of the Mozilla Firefox browser, with the primary goals of privacy, security and user freedom.

The LibreWolf browser implements sane defaults for increased protection against tracking and fingerprinting techniques, and adds security improvements compared to its Firefox upstream codebase. All telemetry, data collection and other annoyances that come with the Firefox browser have been disabled or removed altogether.
By default, DRM is disabled as well because Digital Rights Management is considered restrictive towards consumers of digital media. You can however enable DRM in the browser settings if you want to watch DRM-protected video content for instance.

One thing to be aware of if you start using LibreWolf is that by default, your cookies and browsing history are deleted every time you close the browser. This behavior can be disabled in the browser settings.

Firefox Sync is disabled by default in Librewolf – again for the sake of protecting your privacy, but this too can be enabled in the browser’s settings.

LibreWolf is on par with other browsers like Brave and Tor Browser when it comes to the level of privacy protection they offer to you, the user. Another comparison: Brave browser is based on Chromium whereas Tor Browser, like LibreWolf, is a fork of Firefox.

I hope that this additional choice of browser in Slackware offers some benefit to you. Note that my package contains natively compiled Slackware binaries. There’s also a LibreWolf entry on SlackBuilds.org but that one merely re-packages a binary AppImage, not specifically built on (or for) Slackware.

Let me know if I missed some feature or functionality when configuring and building the source code. You can find the packages in my repository or any of its mirrors:

Enjoy! Eric

Chromium 99 critical security fix, upgrade asap

March 17, 2022 / / 11 Comments

I have uploaded new chromium 99 packages for Slackware. The chromium-ungoogled 99 packages are currently being built and will follow shortly.
These new packages were triggered by a recent Google Chromium update which mentions a fix for a security hole which allows remote attackers to take control of your computer. Opening a malicious advertisement or web page is already sufficient, the vulnerability does not need any interaction to do its work. See CVE-2022-0971.

Get my Chromium packages for version 99.0.4844.74 from my repository or any mirror, and upgrade to these as soon as you can: https://slackware.nl/people/alien/slackbuilds/chromium/ or https://us.slackware.nl/people/alien/slackbuilds/chromium/

Links to the un-googled chromium: https://slackware.nl/people/alien/slackbuilds/chromium-ungoogled/ or https://us.slackware.nl/people/alien/slackbuilds/chromium-ungoogled/ .

These packages work on Slackware 14.2 and newer, 32bit as well as 64bit variants still of course.

On 32bit Slackware 15.0 and newer, Patrick has updated the profile script as part of a qt5 package upgrade so that Chromium crashes are prevented by automatically disabling the seccomp filter sandbox:

# Unfortunately Chromium and derived projects (including QtWebEngine) seem
# to be suffering some bitrot when it comes to 32-bit support, so we are
# forced to disable the seccomp filter sandbox on 32-bit or else all of these
# applications crash. If anyone has a patch that gets these things running on
# 32-bit without this workaround, please let volkerdi or alienBOB know, or
# post your solution on LQ. Thanks. :-)
if file /bin/cat | grep -wq 32-bit ; then
  export QTWEBENGINE_CHROMIUM_FLAGS="--disable-seccomp-filter-sandbox"
fi

Eric

Alien Pastures switched to HTTPS

July 28, 2017 / / 10 Comments

The “Alien Pastures” blog has been moved into a Virtual Machine (hence the short downtime yesterday) after its previous host hardware was replaced with a much beefier machine. This was a nice opportunity to configure the VM with a SSL certificate issued by LetsEncrypt (again, thanks Robby Workman).

So, from now on, the blog is served with a HTTPS URL by default. I hope you understand, this is a process seen on many other web sites too.

Cheers, Eric

Security updates: multilib and flash

November 2, 2016 / / 11 Comments

blueSW-64pxMultilib

A mountain of security fixes landed in Slackware this week. Many of these updated packages have a multilib equivalent, so today I have updated my multilib repository for Slackware releases 13.37 and newer.

New to multilib or don’t know what it is all about? Read the multilib article found in the Slackware Documentation Project. Download the new multilib packages here:

Flash

At the same time, I have uploaded the latest package versions for the Flash Player plugin for Mozilla and Chromium browsers.
They are accompanied by Flash player  security bulletin APSB16-36.

The updated plugin for the Chromium browser (chromium-pepperflash-plugin) has the version number 23.0.0.205 while the plugin for Mozilla browsers (flashplayer-plugin) is now at version 11.2.202.643 (both 64bit and 32bit versions).

Slackware packages for these Flash plugins are available for download & install in the following locations:

If you are using the slackpkg+ extension for slackpkg, then you just run “slackpkg update && slackpkg upgrade flash”. Alternatively, you can subscribe to my repository RSS feed to stay informed of any updates.

Have fun! Eric

July ’15 Security fixes for Adobe’s Flash web plugins (extra critical)

July 8, 2015 / / 11 Comments

adobe_flash_8s600x600_2The recent hack of the “Hacking Team” -a company that makes money from creating spyware for repressive governments –  has uncovered evidence that they have been exploiting a yet unknown security hole which is present in all Adobe Flash players since version 7.  Obviously based on the  information obtained from the public dump of Hacking Team’s 400 GB Intranet data, there’s a Zero-Day exploit out there in the wild that is actively targeting computers (thanks mancha for the link). Adobe have released patched Flash player plugins today that fix this security hole and you are all urgently advised to update your flash player packages.

For your information: The updated Slackware package for chromium-pepperflash-plugin has version 18.0.0.204. The updated flashplayer-plugin has version 11.2.202.481. The Chromium plugin was taken from the Google Chrome 43.0.2357.132 RPM which was released yesterday. New packages for my own chromium package based on the sources of that same version are underway, expect those tomorrow.

Download locations for the Flash plugins:

If you are using the slackpkg+ extension for slackpkg, then you just run “slackpkg update && slackpkg update flash”. Alternatively, you can subscribe to my repository RSS feed to stay informed of any updates.

Eric

« Older posts