blender-3.0.1-x86_64-1_ap.txz: Upgraded.
d/ruby-3.3.1-x86_64-1.txz: Upgraded.
This update fixes security issues:
Arbitrary memory address read vulnerability with Regex search.
RCE vulnerability with .rdoc_options in RDoc.
Buffer overread vulnerability in StringIO.
For more information, see:
https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/
https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/
https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/
https://www.cve.org/CVERecord?id=CVE-2024-27282
https://www.cve.org/CVERecord?id=CVE-2024-27281
https://www.cve.org/CVERecord?id=CVE-2024-27280
(* Security fix *)
l/python-docutils-0.21.2-x86_64-1.txz: Upgraded.
x/rendercheck-1.6-x86_64-1.txz: Upgraded.
x/xcb-imdkit-1.0.8-x86_64-1.txz: Upgraded.
a/ed-1.20.2-x86_64-1.txz: Upgraded.
d/parallel-20240422-noarch-1.txz: Upgraded.
kde/krusader-2.8.1-x86_64-1.txz: Upgraded.
kde/ktextaddons-1.5.4-x86_64-1.txz: Upgraded.
l/libgusb-0.4.9-x86_64-1.txz: Upgraded.
n/nmap-7.95-x86_64-1.txz: Upgraded.
x/fcitx5-5.1.9-x86_64-1.txz: Upgraded.
x/fcitx5-anthy-5.1.4-x86_64-1.txz: Upgraded.
x/fcitx5-chinese-addons-5.1.5-x86_64-1.txz: Upgraded.
x/fcitx5-gtk-5.1.3-x86_64-1.txz: Upgraded.
x/fcitx5-hangul-5.1.3-x86_64-1.txz: Upgraded.
x/fcitx5-kkc-5.1.3-x86_64-1.txz: Upgraded.
x/fcitx5-m17n-5.1.1-x86_64-1.txz: Upgraded.
x/fcitx5-qt-5.1.6-x86_64-1.txz: Upgraded.
x/fcitx5-sayura-5.1.2-x86_64-1.txz: Upgraded.
x/fcitx5-table-extra-5.1.5-x86_64-1.txz: Upgraded.
x/fcitx5-table-other-5.1.2-x86_64-1.txz: Upgraded.
x/fcitx5-unikey-5.1.4-x86_64-1.txz: Upgraded.
x/libime-1.1.7-x86_64-1.txz: Upgraded.
extra/emacs-regular-build/emacs-29.3-x86_64-2_regular.txz: Rebuilt.
This is a bugfix release.
Only build the X11/GTK+3 version. Use "emacs -nw" if you want to start it
in a terminal emulator in text mode, or rebuild if you really need to get
rid of the X11 dependency for some reason.
Build using --with-pdumper=auto. It seems that --with-dumping=unexec produces
a buggy Emacs here in the modern era, with symptoms such as "child signal FD:
Invalid argument". It's possible this had something to do with the reported
memory leaks as well.
Thanks to 3Tom for the bug report.
a/elogind-255.4_r2-x86_64-2.txz: Rebuilt.
OK, this is looking good enough to return to the main tree now.
Thanks to hamkg, ctrlaltca, and rizitis for helping to debug the sleep issues
with upstream, and to Sven Eden for the upstream fixes. I've changed the
default sleep mode from s2idle to deep as s2idle still locks up most of the
systems I've tried it on. Eventually we'll probably have to swallow this pill
though (more notes on that in the SlackBuild).
It didn't seem like recompiling polkit again was necessary, but correct me if
I'm wrong about that.
l/imagemagick-7.1.1_31-x86_64-1.txz: Upgraded.
l/python-hatchling-1.24.2-x86_64-1.txz: Upgraded.
l/vte-0.76.1-x86_64-1.txz: Upgraded.
l/wireplumber-0.5.2-x86_64-1.txz: Upgraded.
xap/freerdp-2.11.7-x86_64-1.txz: Upgraded.
This release eliminates a bunch of issues detected during oss-fuzz runs.
(* Security fix *)
This project is made possible entirely through your support!
If you appreciate our efforts and have the means to contribute to our
operational expenses, your support would be greatly appreciated.
You'll find the ways you can help here:
https://arm.slackware.com/sponsor/
A heartfelt thank you to everyone who has supported and continues to
support the project. Your contributions mean a lot to us.
Stuart Winter <mozes@slackware>
Brent Earl <el0226@slackware>
xap/mozilla-thunderbird-115.10.1-aarch64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.10.1/releasenotes/
a/aaa_glibc-solibs-2.39-aarch64-2.txz: Rebuilt.
ap/vim-9.1.0346-aarch64-1.txz: Upgraded.
d/llvm-18.1.4-aarch64-1.txz: Upgraded.
d/nasm-2.16.03-aarch64-1.txz: Upgraded.
l/glibc-2.39-aarch64-2.txz: Rebuilt.
This update fixes a security issue:
The iconv() function in the GNU C Library versions 2.39 and older may
overflow the output buffer passed to it by up to 4 bytes when converting
strings to the ISO-2022-CN-EXT character set, which may be used to crash
an application or overwrite a neighbouring variable.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-2961
(* Security fix *)
l/glibc-i18n-2.39-aarch64-2.txz: Rebuilt.
l/glibc-profile-2.39-aarch64-2.txz: Rebuilt.
l/pycups-2.0.4-aarch64-1.txz: Upgraded.
l/python-hatchling-1.24.1-aarch64-1.txz: Upgraded.
l/python-sphinx-7.3.6-aarch64-1.txz: Upgraded.
n/bind-9.18.26-aarch64-1.txz: Upgraded.
This is a bugfix release.
xap/vim-gvim-9.1.0346-aarch64-1.txz: Upgraded.
a/kernel-firmware-20240417_e678699-noarch-1.txz: Upgraded.
a/kernel-modules-armv8-6.6.28_armv8-aarch64-1.txz: Upgraded.
a/kernel_armv8-6.6.28-aarch64-1.txz: Upgraded.
/boot/initrd/[/usr/share/hwm-configure/platform/aarch64/modprobe.d/]
bcm2711_rpi4.conf
bcm2711_rpi400.conf
Blacklist the 'brcmfmac' WiFi Kernel module from the OS InitRD, as it requires
initialisation within the main OS environment. This issue arises solely if
using the os-initrd-mgr -S option to synchronise the active Kernel modules,
as this module isn't included within the generic OS InitRDs.
Thanks to pchristy for the report.
/boot/initrd/[load_kernel_modules.scr/platform/aarch64/bcm2711]:
Load 'genet' Kernel module for wired Ethernet on the Rasberry Pi 4.
a/xfsprogs-6.7.0-aarch64-1.txz: Upgraded.
d/kernel-headers-6.6.28-aarch64-1.txz: Upgraded.
k/kernel-source-6.6.28-aarch64-1.txz: Upgraded.
l/pycups-2.0.3-aarch64-1.txz: Upgraded.
l/python-sphinx-7.3.5-aarch64-1.txz: Upgraded.
n/bluez-5.75-aarch64-2.txz: Rebuilt.
Prune duplicate config files. Thanks to audriusk.
x/libXmu-1.2.1-aarch64-1.txz: Upgraded.
x/util-macros-1.20.1-aarch64-1.txz: Upgraded.
x/wayland-protocols-1.35-aarch64-1.txz: Upgraded.
xfce/xfce4-notifyd-0.9.4-aarch64-2.txz: Rebuilt.
Do not install DBus service files, as these cause xfce4-notifyd to start in
plasma sessions. Thanks to ctrlaltca.
installer/*: Rebuilt.
kernels/*: Upgraded.
patches/packages/ruby-3.0.7-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Arbitrary memory address read vulnerability with Regex search.
RCE vulnerability with .rdoc_options in RDoc.
Buffer overread vulnerability in StringIO.
For more information, see:
https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/
https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/
https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/
https://www.cve.org/CVERecord?id=CVE-2024-27282
https://www.cve.org/CVERecord?id=CVE-2024-27281
https://www.cve.org/CVERecord?id=CVE-2024-27280
(* Security fix *)
patches/packages/emacs-29.3-x86_64-2_slack15.0.txz: Rebuilt.
This is a bugfix release.
Only build the X11/GTK+3 version. Use "emacs -nw" if you want to start it
in a terminal emulator in text mode, or rebuild if you really need to get
rid of the X11 dependency for some reason.
Build using --with-pdumper=auto. It seems that --with-dumping=unexec produces
a buggy Emacs here in the modern era, with symptoms such as "child signal FD:
Invalid argument". It's possible this had something to do with the reported
memory leaks as well.
Thanks to 3Tom for the bug report.
patches/packages/krusader-2.8.1-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
patches/packages/freerdp-2.11.7-x86_64-1_slack15.0.txz: Upgraded.
This release eliminates a bunch of issues detected during oss-fuzz runs.
(* Security fix *)
patches/packages/freerdp-2.11.6-arm-1_slack15.0.txz: Upgraded.
This release is a security release and addresses multiple issues:
[Low] OutOfBound Read in zgfx_decompress_segment.
[Moderate] Integer overflow & OutOfBound Write in
clear_decompress_residual_data.
[Low] integer underflow in nsc_rle_decode.
[Low] OutOfBound Read in planar_skip_plane_rle.
[Low] OutOfBound Read in ncrush_decompress.
[Low] OutOfBound Read in interleaved_decompress.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-32041
https://www.cve.org/CVERecord?id=CVE-2024-32039
https://www.cve.org/CVERecord?id=CVE-2024-32040
https://www.cve.org/CVERecord?id=CVE-2024-32458
https://www.cve.org/CVERecord?id=CVE-2024-32459
https://www.cve.org/CVERecord?id=CVE-2024-32460
(* Security fix *)
patches/packages/aaa_glibc-solibs-2.33-arm-6_slack15.0.txz: Rebuilt.
patches/packages/bind-9.16.50-arm-1_slack15.0.txz: Upgraded.
This is a bugfix release.
patches/packages/glibc-2.33-arm-6_slack15.0.txz: Rebuilt.
This update fixes a security issue:
The iconv() function in the GNU C Library versions 2.39 and older may
overflow the output buffer passed to it by up to 4 bytes when converting
strings to the ISO-2022-CN-EXT character set, which may be used to crash
an application or overwrite a neighbouring variable.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-2961
(* Security fix *)
patches/packages/glibc-i18n-2.33-arm-6_slack15.0.txz: Rebuilt.
patches/packages/glibc-profile-2.33-arm-6_slack15.0.txz: Rebuilt.
patches/packages/less-653-arm-1_slack15.0.txz: Upgraded.
This update patches a security issue:
less through 653 allows OS command execution via a newline character in the
name of a file, because quoting is mishandled in filename.c. Exploitation
typically requires use with attacker-controlled file names, such as the files
extracted from an untrusted archive. Exploitation also requires the LESSOPEN
environment variable, but this is set by default in many common cases.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-32487
(* Security fix *)
24/02/2022: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware
15/12/2015: Aggiornato HowTo automatizzare la compilazione del kernel
15/12/2015: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware current
24/11/2015: Aggiornato HowTo automatizzare la compilazione del kernel
22/11/2015: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware current
07/11/2015: Aggiornato HowTo automatizzare la compilazione del kernel
05/11/2015: Nuovo HowTo Automatizzare l'aggiornamento di Slackware current
30/10/2015: Aggiornato HowTo Automatizzare la prima configurazione di Slackware
26/05/2015: Aggiornato HowTo mini Slackware su pendrive
07/05/2015: Aggiornato HowTo automatizzare la compilazione del kernel
13/04/2015: Aggiornato HowTo automatizzare la compilazione del kernel
02/04/2015: Aggiornato HowTo automatizzare la compilazione del kernel
Questo script provvede ad aggiornare Slackware o Slackware64 all'ultima current in maniera del tutto autonoma, dalla ricerca di aggiornamenti all'aggiornamento del bootloader.
Scarica la lista dei pacchetti e la confronta con quelli installati, dopodiché controlla se i nuovi pacchetti sono presenti in un eventuale DVD già montato altrimenti li scarica da internet.
Lo script può gestire anche un sistema multilib, infatti se...
Uno script da eseguire al primo avvio di Slackware.
Mi capita spesso di fare nuove installazioni di Slackware e di ripetere sempre le stesse operazioni atte ad una prima configurazione di base, come ad esempio l'italianizzazione o l'impostazione della corretta risoluzione framebuffer.
Per cui ho deciso di raggruppare tutte queste operazioni di base, che possono...
Ecco che la bash ci viene in aiuto anche per realizzare un semplice sistema di video sorveglianza molto economico.
Questo script scatta una foto dalla webcam impostata nella variabile DEV con mplayer, ne fa una copia con la data corrente come nome del file per conservare una copia di tutte le foto scattate e per sapere a prima vista a quando risalgono. Dopodiché carica entrambe le copie della foto sul server ftp...
Spesso i produttori di hardware ottengono costi di produzione più bassi utilizzando componenti con capacità superiori in dispositivi non progettati per sfruttarle piuttosto che utilizzando componenti su misura, questo è anche il caso del mio mouse Logitech RX1000.
Aprendo il mouse e guardando le piste stampate sul retro della scheda si nota che il controller ha un pin inutilizzato, quindi leggendo il codice (CY7C63813) sul chip e trovandone il...
Compilare il kernel Linux non è certamente cosa difficile, ma chi è alle prime armi spesso è spaventato da questa procedura e anche per chi è pratico a volte diventa scocciante aggiornare ad ogni release.
Dunque ho scritto questo script bash che automatizza la procedura: rileva quanti core ha il proprio processore per decidere in quanti processi paralleli eseguire la compilazione in modo da ottimizzarne i tempi, poi controlla se la versione scelta...
Condividi sui tuoi social preferiti!
Telegram Facebook Linkedin Twitter Pinterest