blender-3.0.1-x86_64-1_ap.txz: Upgraded.
l/jemalloc-5.3.1-x86_64-1.txz: Upgraded.
l/libexif-0.6.26-x86_64-1.txz: Upgraded.
This update fixes security issues:
An unsigned integer underflow in Fuji and Olympus makernote handling.
An unsigned integer overflow on 32bit systems in Nikon makernote handling.
A buffer overwrite via integer underflow in makernote handling.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-40386
https://www.cve.org/CVERecord?id=CVE-2026-40385
https://www.cve.org/CVERecord?id=CVE-2026-32775
(* Security fix *)
l/libxmlb-0.3.26-x86_64-1.txz: Upgraded.
Add bounds check to prevent OOB read in token index lookup (Richard Hughes).
Prevent stack overflow from unbounded recursion in export (Richard Hughes).
(* Security fix *)
l/mozilla-nss-3.122.1-x86_64-1.txz: Upgraded.
l/openexr-3.4.9-x86_64-2.txz: Rebuilt.
Recompiled against openjph-0.27.0.
l/openjph-0.27.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/python-editables-0.6-x86_64-1.txz: Upgraded.
n/iproute2-7.0.0-x86_64-1.txz: Upgraded.
x/xorg-server-21.1.22-x86_64-1.txz: Upgraded.
This update fixes security issues:
XKB Integer Underflow in XkbSetCompatMap().
XKB Out-of-bounds Read in CheckSetGeom().
XSYNC Use-after-free in miSyncTriggerFence().
XKB Out-of-bounds read in CheckModifierMap().
XKB Buffer overflow in CheckKeyTypes().
For more information, see:
https://lists.x.org/archives/xorg-devel/2026-April/059446.html
https://www.cve.org/CVERecord?id=CVE-2026-33999
https://www.cve.org/CVERecord?id=CVE-2026-34000
https://www.cve.org/CVERecord?id=CVE-2026-34001
https://www.cve.org/CVERecord?id=CVE-2026-34002
https://www.cve.org/CVERecord?id=CVE-2026-34003
(* Security fix *)
x/xorg-server-xephyr-21.1.22-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-21.1.22-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-21.1.22-x86_64-1.txz: Upgraded.
x/xorg-server-xwayland-24.1.10-x86_64-1.txz: Upgraded.
This update fixes security issues:
XKB Integer Underflow in XkbSetCompatMap().
XKB Out-of-bounds Read in CheckSetGeom().
XSYNC Use-after-free in miSyncTriggerFence().
XKB Out-of-bounds read in CheckModifierMap().
XKB Buffer overflow in CheckKeyTypes().
For more information, see:
https://lists.x.org/archives/xorg-devel/2026-April/059446.html
https://www.cve.org/CVERecord?id=CVE-2026-33999
https://www.cve.org/CVERecord?id=CVE-2026-34000
https://www.cve.org/CVERecord?id=CVE-2026-34001
https://www.cve.org/CVERecord?id=CVE-2026-34002
https://www.cve.org/CVERecord?id=CVE-2026-34003
(* Security fix *)
x/xterm-409-x86_64-1.txz: Upgraded.
d/meson-1.11.0-x86_64-1.txz: Upgraded.
d/mold-2.41.0-x86_64-1.txz: Upgraded.
l/frei0r-plugins-3.1.2-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.2_19-x86_64-1.txz: Upgraded.
l/libarchive-3.8.7-x86_64-1.txz: Upgraded.
Libarchive 3.8.7 is a security and bugfix release.
Notable fixes:
CAB: fix NULL pointer dereference during skip (#2900)
CAB: Fix Heap OOB Write in CAB LZX decoder (#2919)
cpio: various fixes and improvements (#2899, #2908, #2910, #2939)
contrib/untar: fix out-of-bounds read (#2903)
iso9660: fix undefined behavior (#2897)
iso9660: fix posibble heap buffer overflow on 32-bit systems (#2934)
libarchive: fix handling of option failures (#2871)
libarchive: do not continue with truncated numbers (#2911)
libarchive: lzop and grzip filter support (#2947)
RAR: fix LZSS window size mismatch after PPMd block (#2898)
(* Security fix *)
n/ca-certificates-20260413-noarch-1.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
x/intel-media-driver-26.1.6-x86_64-1.txz: Upgraded.
x/xterm-408-x86_64-1.txz: Upgraded.
d/ccache-4.13.3-x86_64-1.txz: Upgraded.
l/at-spi2-core-2.60.1-x86_64-1.txz: Upgraded.
l/frei0r-plugins-3.1.0-x86_64-1.txz: Upgraded.
l/graphviz-14.1.5-x86_64-1.txz: Upgraded.
l/python-lxml-6.0.4-x86_64-1.txz: Upgraded.
Hello!
If you appreciate what we're doing with Slackware Linux on ARM, please consider
making a donation to support the project. Contributions go directly toward
maintaining essential build hardware, covering electricity costs, and keeping
this long-running labour of love alive and moving forward.
Every bit helps and is genuinely appreciated.
You can find out how to contribute here:
https://arm.slackware.com/sponsor/
Thank you for your continued support!
Stuart Winter <mozes@slackware>
Brent Earl <el0226@slackware>
d/ccache-4.13.3-aarch64-1.txz: Upgraded.
d/meson-1.11.0-aarch64-1.txz: Upgraded.
d/mold-2.41.0-aarch64-1.txz: Upgraded.
l/at-spi2-core-2.60.1-aarch64-1.txz: Upgraded.
l/frei0r-plugins-3.1.2-aarch64-1.txz: Upgraded.
l/graphviz-14.1.5-aarch64-1.txz: Upgraded.
l/imagemagick-7.1.2_19-aarch64-1.txz: Upgraded.
l/libarchive-3.8.7-aarch64-1.txz: Upgraded.
Libarchive 3.8.7 is a security and bugfix release.
Notable fixes:
CAB: fix NULL pointer dereference during skip (#2900)
CAB: Fix Heap OOB Write in CAB LZX decoder (#2919)
cpio: various fixes and improvements (#2899, #2908, #2910, #2939)
contrib/untar: fix out-of-bounds read (#2903)
iso9660: fix undefined behavior (#2897)
iso9660: fix posibble heap buffer overflow on 32-bit systems (#2934)
libarchive: fix handling of option failures (#2871)
libarchive: do not continue with truncated numbers (#2911)
libarchive: lzop and grzip filter support (#2947)
RAR: fix LZSS window size mismatch after PPMd block (#2898)
(* Security fix *)
l/python-lxml-6.0.4-aarch64-1.txz: Upgraded.
n/ca-certificates-20260413-noarch-1.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
x/xterm-408-aarch64-1.txz: Upgraded.
a/kernel-firmware-20260410_dc85cce-noarch-1.txz: Upgraded.
a/kernel_armv8-6.18.22-aarch64-1.txz: Upgraded.
/boot/initrd/[load_kernel_modules]: Suppress non-critical output when
loading modules. This enables the Installer to boot in 'generic' mode where
module load failures do not result in irrelevant warnings.
ap/sqlite-3.53.0-aarch64-1.txz: Upgraded.
ap/vim-9.2.0338-aarch64-1.txz: Upgraded.
d/kernel-headers-6.18.22-aarch64-1.txz: Upgraded.
k/kernel-source-6.18.22-aarch64-1.txz: Upgraded.
kde/krita-6.0.1.1-aarch64-2.txz: Rebuilt.
Recompiled against libunibreak-7.0.
l/babl-0.1.126-aarch64-1.txz: Upgraded.
l/frei0r-plugins-3.0.1-aarch64-1.txz: Upgraded.
l/libass-0.17.4-aarch64-2.txz: Rebuilt.
Recompiled against libunibreak-7.0.
l/libsodium-1.0.22-aarch64-1.txz: Upgraded.
l/libunibreak-7.0-aarch64-1.txz: Upgraded.
Shared library .so-version bump.
l/polkit-qt-1-0.201.1-aarch64-1.txz: Upgraded.
l/python-build-1.4.3-aarch64-1.txz: Upgraded.
xap/vim-gvim-9.2.0338-aarch64-1.txz: Upgraded.
installer/*: Rebuilt.
/usr/share/hwm-configure/platform/aarch64/installer/helper.scr/001-uboot-configure
Set the boot path prefix for kernel, initrd, and FDT entries in extlinux.conf.
When the SLKboot filesystem (the installer SD card's boot partition) is
mounted, these files sit at the partition root â U-Boot sees them as
e.g. /Image-armv8.
When booting from the OS root filesystem, /boot is a subdirectory, so U-Boot
needs the full path e.g. /boot/Image-armv8.
This is to support installations that do not use the SD card as /boot.
There's a little more work in other places within the Installer to complete
this feature. I'll be working on that in the next few weeks.
kernels/*: Upgraded.
a/openssl-solibs-3.5.6-aarch64-2.txz: Rebuilt.
ap/htop-3.5.0-aarch64-1.txz: Upgraded.
ap/joe-4.7-aarch64-1.txz: Upgraded.
ap/qemu-10.2.2-aarch64-2.txz: Rebuilt.
ap/qemu-guest-agent-10.2.2-aarch64-2.txz: Rebuilt.
ap/xorriso-1.5.8.pl01-aarch64-1.txz: Upgraded.
l/frei0r-plugins-3.0.0-aarch64-1.txz: Upgraded.
l/libcap-ng-0.9.3-aarch64-1.txz: Upgraded.
l/libpng-1.6.57-aarch64-1.txz: Upgraded.
Fixed a medium severity security issue:
Use-after-free in `png_set_PLTE`, `png_set_tRNS` and `png_set_hIST`
leading to corrupted chunk data and potential heap information disclosure.
Also hardened the append-style setters (`png_set_text`, `png_set_sPLT`,
`png_set_unknown_chunks`) against a theoretical variant of the same
aliasing pattern.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-34757
(* Security fix *)
l/parted-3.7-aarch64-1.txz: Upgraded.
l/pipewire-1.6.3-aarch64-1.txz: Upgraded.
l/python-lxml-6.0.3-aarch64-1.txz: Upgraded.
l/qt6-6.10.3_20260330_6417867c-aarch64-3.txz: Rebuilt.
[PATCH] QDBusMetaObject: ensure custom types are normalized.
Thanks to Willy Sudiarto Raharjo.
n/openssl-3.5.6-aarch64-2.txz: Rebuilt.
Rebuilt with option enable-ktls.
Thanks to qunying.
n/php-8.4.20-aarch64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.php.net/ChangeLog-8.php#8.4.20
n/stunnel-5.78-aarch64-1.txz: Upgraded.
x/xdg-desktop-portal-1.20.4-aarch64-1.txz: Upgraded.
x/xdg-user-dirs-0.20-aarch64-1.txz: Upgraded.
patches/packages/libexif-0.6.26-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
An unsigned integer underflow in Fuji and Olympus makernote handling.
An unsigned integer overflow on 32bit systems in Nikon makernote handling.
A buffer overwrite via integer underflow in makernote handling.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-40386
https://www.cve.org/CVERecord?id=CVE-2026-40385
https://www.cve.org/CVERecord?id=CVE-2026-32775
(* Security fix *)
patches/packages/xorg-server-1.20.14-x86_64-19_slack15.0.txz: Rebuilt.
This update fixes security issues:
XKB Integer Underflow in XkbSetCompatMap().
XKB Out-of-bounds Read in CheckSetGeom().
XSYNC Use-after-free in miSyncTriggerFence().
XKB Out-of-bounds read in CheckModifierMap().
XKB Buffer overflow in CheckKeyTypes().
For more information, see:
https://lists.x.org/archives/xorg-devel/2026-April/059446.html
https://www.cve.org/CVERecord?id=CVE-2026-33999
https://www.cve.org/CVERecord?id=CVE-2026-34000
https://www.cve.org/CVERecord?id=CVE-2026-34001
https://www.cve.org/CVERecord?id=CVE-2026-34002
https://www.cve.org/CVERecord?id=CVE-2026-34003
(* Security fix *)
patches/packages/xorg-server-xephyr-1.20.14-x86_64-19_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-x86_64-19_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-x86_64-19_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xwayland-21.1.4-x86_64-17_slack15.0.txz: Rebuilt.
This update fixes security issues:
XKB Integer Underflow in XkbSetCompatMap().
XKB Out-of-bounds Read in CheckSetGeom().
XSYNC Use-after-free in miSyncTriggerFence().
XKB Out-of-bounds read in CheckModifierMap().
XKB Buffer overflow in CheckKeyTypes().
For more information, see:
https://lists.x.org/archives/xorg-devel/2026-April/059446.html
https://www.cve.org/CVERecord?id=CVE-2026-33999
https://www.cve.org/CVERecord?id=CVE-2026-34000
https://www.cve.org/CVERecord?id=CVE-2026-34001
https://www.cve.org/CVERecord?id=CVE-2026-34002
https://www.cve.org/CVERecord?id=CVE-2026-34003
(* Security fix *)
patches/packages/ca-certificates-20260413-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
patches/packages/libarchive-3.8.7-x86_64-1_slack15.0.txz: Upgraded.
Libarchive 3.8.7 is a security and bugfix release.
Notable fixes:
CAB: fix NULL pointer dereference during skip (#2900)
CAB: Fix Heap OOB Write in CAB LZX decoder (#2919)
cpio: various fixes and improvements (#2899, #2908, #2910, #2939)
contrib/untar: fix out-of-bounds read (#2903)
iso9660: fix undefined behavior (#2897)
iso9660: fix posibble heap buffer overflow on 32-bit systems (#2934)
libarchive: fix handling of option failures (#2871)
libarchive: do not continue with truncated numbers (#2911)
libarchive: lzop and grzip filter support (#2947)
RAR: fix LZSS window size mismatch after PPMd block (#2898)
(* Security fix *)
patches/packages/openssl-1.1.1zg-x86_64-1_slack15.0.txz: Upgraded.
Apply patch to fix the following security issues:
Potential Use-after-free in DANE Client Code.
NULL Pointer Dereference When Processing a Delta CRL.
Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo.
Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo.
These CVEs were fixed by the 1.1.1zg release that is only available to
subscribers to OpenSSL's premium extended support. The patch was prepared
by backporting from the OpenSSL-3.0 repo.
Thanks to Ken Zalewski for the patch!
For more information, see:
https://openssl-library.org/news/vulnerabilities/#CVE-2026-28387
https://openssl-library.org/news/vulnerabilities/#CVE-2026-28388
https://openssl-library.org/news/vulnerabilities/#CVE-2026-28389
https://openssl-library.org/news/vulnerabilities/#CVE-2026-28390
https://www.cve.org/CVERecord?id=CVE-2026-28387
https://www.cve.org/CVERecord?id=CVE-2026-28388
https://www.cve.org/CVERecord?id=CVE-2026-28389
https://www.cve.org/CVERecord?id=CVE-2026-28390
(* Security fix *)
patches/packages/openssl-solibs-1.1.1zg-x86_64-1_slack15.0.txz: Upgraded.
Hello!
If you appreciate what we're doing with Slackware Linux on ARM, please consider
making a donation to support the project. Contributions go directly toward
maintaining essential build hardware, covering electricity costs, and keeping
this long-running labour of love alive and moving forward.
Every bit helps and is genuinely appreciated.
You can find out how to contribute here:
https://arm.slackware.com/sponsor/
Thank you for your continued support!
Stuart Winter <mozes@slackware>
patches/packages/ca-certificates-20260413-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
patches/packages/libarchive-3.8.7-arm-1_slack15.0.txz: Upgraded.
Libarchive 3.8.7 is a security and bugfix release.
Notable fixes:
CAB: fix NULL pointer dereference during skip (#2900)
CAB: Fix Heap OOB Write in CAB LZX decoder (#2919)
cpio: various fixes and improvements (#2899, #2908, #2910, #2939)
contrib/untar: fix out-of-bounds read (#2903)
iso9660: fix undefined behavior (#2897)
iso9660: fix posibble heap buffer overflow on 32-bit systems (#2934)
libarchive: fix handling of option failures (#2871)
libarchive: do not continue with truncated numbers (#2911)
libarchive: lzop and grzip filter support (#2947)
RAR: fix LZSS window size mismatch after PPMd block (#2898)
(* Security fix *)
patches/packages/openssl-1.1.1zg-arm-1_slack15.0.txz: Upgraded.
Apply patch to fix the following security issues:
Potential Use-after-free in DANE Client Code.
NULL Pointer Dereference When Processing a Delta CRL.
Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo.
Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo.
These CVEs were fixed by the 1.1.1zg release that is only available to
subscribers to OpenSSL's premium extended support. The patch was prepared
by backporting from the OpenSSL-3.0 repo.
Thanks to Ken Zalewski for the patch!
For more information, see:
https://openssl-library.org/news/vulnerabilities/#CVE-2026-28387
https://openssl-library.org/news/vulnerabilities/#CVE-2026-28388
https://openssl-library.org/news/vulnerabilities/#CVE-2026-28389
https://openssl-library.org/news/vulnerabilities/#CVE-2026-28390
https://www.cve.org/CVERecord?id=CVE-2026-28387
https://www.cve.org/CVERecord?id=CVE-2026-28388
https://www.cve.org/CVERecord?id=CVE-2026-28389
https://www.cve.org/CVERecord?id=CVE-2026-28390
(* Security fix *)
patches/packages/openssl-solibs-1.1.1zg-arm-1_slack15.0.txz: Upgraded.
patches/packages/libpng-1.6.57-arm-1_slack15.0.txz: Upgraded.
Fixed a medium severity security issue:
Use-after-free in `png_set_PLTE`, `png_set_tRNS` and `png_set_hIST`
leading to corrupted chunk data and potential heap information disclosure.
Also hardened the append-style setters (`png_set_text`, `png_set_sPLT`,
`png_set_unknown_chunks`) against a theoretical variant of the same
aliasing pattern.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-34757
(* Security fix *)
24/02/2022: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware
15/12/2015: Aggiornato HowTo automatizzare la compilazione del kernel
15/12/2015: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware current
24/11/2015: Aggiornato HowTo automatizzare la compilazione del kernel
22/11/2015: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware current
07/11/2015: Aggiornato HowTo automatizzare la compilazione del kernel
05/11/2015: Nuovo HowTo Automatizzare l'aggiornamento di Slackware current
30/10/2015: Aggiornato HowTo Automatizzare la prima configurazione di Slackware
26/05/2015: Aggiornato HowTo mini Slackware su pendrive
07/05/2015: Aggiornato HowTo automatizzare la compilazione del kernel
13/04/2015: Aggiornato HowTo automatizzare la compilazione del kernel
02/04/2015: Aggiornato HowTo automatizzare la compilazione del kernel
Vi presento uno script bash che crea una mini Slackware su pendrive in automatico.
Questo esempio fa riferimento a Slackware 14.0 a 32bit ma può essere facilmente adattato a qualsiasi altra versione.
Cerca i pacchetti elencati nell'array se sono già presenti nella directory impostata, se non li trova e se c'è il dvd di Slackware montato li copia da esso, altrimenti li scarica da internet.
⇦ Ho aggiunto una nuova pagina a questo sito che raccoglie le mie app.
Possono essere tutte scaricate dal Play Store di Google.
Un piccolo script in bash che sfrutta kdialog come semplice interfaccia.
Nella sezione download è possibile scaricare anche il pacchetto di installazione per slackware.
Ho 100MiB in più e aggiungo qualcosa al repository ;-)
Ho trovato questo pensiero di Dusty Wilson in inglese su Google+ e lo riporto in parte qui tradotto perché secondo me il motivo di fondo che lo ha spinto a scrivere ciò, è quello che si vede nell'immagine ed è la stessa cosa che ho pensato io quando è morto Dennis Ritchie:
Dennis Ritchie ha co-inventato C che è la base di praticamente tutto ciò che riguarda i computer. Ha co-inventato UNIX che è alla base di tutto nei computer tranne che di Windows (anche se Windows è stato molto, molto molto influenzato da esso). Apple OS X è una piattaforma basata su UNIX. Ma molta gente pensa che Steve Jobs ha fatto tutto da solo e che dovrebbe essere lodato come un salvatore. Non solo ha preso "in prestito" idee, progetti e funzionalità da tutti gli altri, ha piagnucolato se qualcuno abbia mai fatto lo stesso. Nel 1996 ha detto: "Noi siamo sempre stati senza vergogna di rubare grandi idee." Nel 2005 ha detto: "Sono senza vergogna quelli che ci copiano". Quest'anno ha detto "Vado a distruggere Android, perché è un prodotto rubato. Sono disposto ad andare in questa guerra termonucleare" e poi, quasi subito dopo ha rilasciato iOS 5 con una tonnellata di caratteristiche già introdotte in Android. Il ragazzo è/era uno stronzo. Non ho pazienza per un ipocrita come lui.
Condividi sui tuoi social preferiti!
Telegram Facebook Linkedin Twitter Pinterest