My thoughts on Slackware, life and everything

Tag: ungoogled (Page 1 of 5)

Respect all little bits

I finally figured out how to successfully compile the 32bit version of Chromium (and its un-Googled sibling) on Slackware, now that this requires the Rust compiler to build it. Pat added the final bits that I needed to the rust.SlackBuild script in Slackware recently.

Why did it take so long? Basically ‘real life’ intervened and I did not have time left to investigate.

I assume there may be one or two users left who use my 32bit Chromium package, the rest of you simply don’t care whether I can produce these 32bit packages or not. No one reached out and asked, can I help?
Prime example of slackers, right? It is what it is, and I respect that, and honestly I understand; there’s no fun in having to deal with all these Chromium developer assumptions that everyone uses Ubuntu. Kudos to the Ungoogled-chromium team however – they have been really helpful whenever I got stuck.

The bottom-line is, that I will resume my builds of a 32bit version of Ungoogled Chromium, once per month, for Slackware 15.0 and -current, until the process breaks again and then it’s goodbye to 32bit Ungoogled Chromium.
In any case, there will not be further 32bit packages for the regular Chromium browser going forward. I will remove the existing 32bit chromium packages from my repository because I want to prevent people downloading a vulnerable browser.

Eric

Update – I have uploaded 32bit packages:

+--------------------------+
Mon Aug 12 20:13:12 UTC 2024
chromium-ungoogled: updated 32bit to 127.0.6533.99 (Slackware 15.0 & onwards).
  If your browser keeps crashing with seccomp errors, add this as startup
  parameter: "--disable-seccomp-filter-sandbox".
  For reference: https://alien.slackbook.org/blog/chromium-90-packages-again-32bit-related-issues/

July update for Chromium 126

The latest release of the Chromium source code (version 126.0.6478.182 was made available on July 16th) addresses several vulnerabilities as usual, some of which are rated as ‘High’ but none ‘Critical’ and also no new 0-days are reported.

You can fetch my Slackware 15.0 and -current packages both for chromium and (hopefully soon, because its source has not been released yet) also chromium-ungoogled . You may prefer one of the mirror servers (like my own US server and in a short while, the UK mirror) in case my primary slackware.nl server is not responding or too slow.

I am slowly transitioning back from being a caregiver for my mother (which absorbed me completely for 10 months) to a life where I have time and energy in the evenings to hack on Slackware again. You will soon find the next installment in the Slackware Cloud Server series here on the blog – an article dedicated to building a Docker stack as cloud storage backend for the open source Ente Auth 2-factor authentication app.

Cheers, Eric

Chromium update fixes 5th zero-day exploit for 2024

In Google’s release notes for the latest Chromium 124.0.6367.201 source code it is  mentioned that this release fixes a zero-day vulnerability. Beware: this is already the 5th zero-day which was reported and fixed in Chromium in 2024.

This vulnerability is already actively exploited in the wild, and is labeled CVE-2024-4671, so please upgrade your chromium and also ungoogled-chromium packages as soon as you can.

You can fetch my Slackware 15.0 and -current packages both for chromium and chromium-ungoogled . You can also visit mirror servers (like my own US server and in a short while, the UK mirror) in case my own server is not responding or too slow.

Note that I still do not provide 32bit package updates for Chromium and Chromium-ungoogled. It is a lot of work to find out how to compile rust and llvm on 32bit Slackware ‘the Google way’ and so far the solution has eluded me.
I need these custom rust and clang compilers to compile Chromium sources on 32bit.
And please don’t tell me ‘to look at how Debian does it’ – it does not help.

Cheers, Eric

KTOWN: live ISO with Plasma6 Alpha. Also, chromium now supports HEVC/AC3 playback

I have uploaded a 5 GB ISO file containing a new KTOWN variant of Slackware Live. This is the KDE Plasma6 Alpha release. Play around with it and perhaps you will be able to contribute to an improved Beta by finding and reporting the bugs you encounter.

Get the ISO from my NL or my US server (US ISO still uploading at the moment). There’s also an MD5 checksum and a GPG signature file in those same locations if you want to validate the download.

A lot of packages did not compile yet for various reasons. I am not too concerned about that, next update hopefully will be more complete. A lot of work still needs to be done however (by the KDE developers) to port the remainder of KDE Gear (formerly called Applications or Software Collection) to Qt6.
Not ported to Qt6 as of yet are: artikulate cantor cervisia juk kamoso kde-dev-utils kdenlive kdesdk-thumbnailers kdev-php kdev-python kdevelop kget kgpg kig kio-gdrive kipi-plugins kiten kmix konversation kqtquickcharts krfb ktorrent ktouch kwave libkipi lokalize marble okular parley poxml rocs umbrello.

Still, I was impressed with the fully working and stable Plasma6 Wayland session when I tested an unreleased KTOWN Live ISO a week ago. Of course, as things go, I seem to have broken the Wayland session in this public release of the KTOWN Live.
The version of SDDM graphical session manager should also be Wayland-capable but I will test that in a future ISO.

Let me know in the comments section below what you think of this Alpha release.

News about my chromium package (also its ungoogled sibling).

I was finally able to get the HEVC video and AC3 audio codec support working. There’s a patch set on github, maintained by StaZhu but I did not like the complexity and I am not really interested in GPU hardware-only support. The browser’s internal ffmpeg libraries playback HEVC just fine, taxing your CPU a bit more than in the case of a supported GPU.
Now, the Thorium Browser is also Chromium based and its developer Alex313031 used StaZhu’s patches and wrote some of his own to add not just HEVC video but also AC3 playback support.
Again, I did not like the complexity of his solution (documented on github) but could not get around using some of the patches provided by both. I simplified some of the others into a bunch of ‘sed’ commands. And that made it work for me.

The browser will now playback HEVC and AC3 media formats, as long as the container file is a MP4. I have not found how I can convince Chromium to also support MKV containers.
The chromium-119.0.6045.123 package is already available in my repository, and chromium-ungoogled is still compiling (the ungoogled patch kit only became available earlier today).

You can test the new HEVC playback capability here: https://test-videos.co.uk/ if you select any MP4/HEVC sample (none of those have sound) or Thorium browser test page: https://thorium.rocks/misc/h265-tester.html (those have AC3 audio).

Have fun!

Chromium 118 (also ungoogled) is a security update

I uploaded new 64bit packages for Chromium 118.0.5993.70 (also the un-googled variant) for which the sources were released a few days ago. This first release in the 118 series addresses a critical vulnerability (CVE-2023-5218) so it’s wise to upgrade.
As mentioned in a previous blog post, future 32bit package updates will have a lower frequency: one update per month. Google has increased the frequency of its Chromium releases dramatically (one per week) and I just cannot keep up. If you need that 32bit package badly now, you can of course grab the sources and my SlackBuild and build it yourself.

Looking at this 118 major release, one thing you need to be aware of is the changed behavior of “Enhanced Safe Browsing” which you can enable in the browser’s security settings (chrome://settings/security). Probably most of you already have this enabled. This is what changed:

Google will be able to disable an installed browser extension remotely if it determines the extension is labeled as ‘malicious’ and the extension was not installed via the Chrome Web Store.
The browser’s security checks of downloaded online content have been enhanced with so-called ‘deep scanning’ meaning the browser may now ask you for a password to open a protected archive you just downloaded. Note that the scanning occurs in Google’s datacenter – when you enable ‘enhanced safe browsing’ you consent to uploading some of your data to Google for the specific purpose of scanning and analyzing it for malicious content.
Also with ‘enhanced safe browsing’ enabled, the browser will send telemetry data about installed browser extensions using the chrome.tabs API to Google’s servers for analysis. This is meant to improve the “detection of malicious and policy violating extensions”.

It is up to you to decide which way the tradeoff between enhanced security and sharing data with Google works for you. If you don’t feel comfortable with this and you value your privacy, then you need to disable (or not enable) ‘Enhanced Safe Browsing’ in the settings.

Find the updated Slackware 15.0 and -current packages both for chromium and chromium-ungoogled in my repository and its mirrors (like my own US server and in a short while, the UK mirror).

Cheers, Eric

« Older posts

© 2024 Alien Pastures

Theme by Anders NorenUp ↑