blender-3.0.1-x86_64-1_ap.txz: Upgraded.
a/bash-5.3.015-x86_64-1.txz: Upgraded.
a/bcachefs-tools-1.38.5-x86_64-1.txz: Upgraded.
l/ccid-1.8.1-x86_64-1.txz: Upgraded.
l/pcsc-lite-2.5.1-x86_64-1.txz: Upgraded.
n/httpd-2.4.68-x86_64-1.txz: Upgraded.
This is a bugfix release (CVE-2026-49975 was already patched here.)
For more information, see:
https://downloads.apache.org/httpd/CHANGES_2.4.68
a/kernel-firmware-20260609_c2a4fe8-noarch-1.txz: Upgraded.
a/kernel-generic-6.18.35-x86_64-1.txz: Upgraded.
a/openssl-solibs-3.5.7-x86_64-1.txz: Upgraded.
d/binutils-2.46.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/kernel-headers-6.18.35-x86-1.txz: Upgraded.
d/oprofile-1.4.0-x86_64-20.txz: Rebuilt.
Recompiled against binutils-2.46.1.
k/kernel-source-6.18.35-noarch-1.txz: Upgraded.
l/fast_float-8.2.8-x86_64-1.txz: Upgraded.
l/frei0r-plugins-3.2.1-x86_64-1.txz: Upgraded.
l/gtkmm3-3.24.11-x86_64-1.txz: Upgraded.
n/openssl-3.5.7-x86_64-1.txz: Upgraded.
This update fixes security issues:
Fixed heap use-after-free in `PKCS7_verify()`.
Fixed CMS `AuthEnvelopedData` processing may accept forged messages.
Fixed unbounded memory growth in the QUIC `PATH_CHALLENGE` handler.
Fixed NULL pointer dereference in QUIC server initial packet handling.
For more information, see:
https://openssl-library.org/news/vulnerabilities/#CVE-2026-45447
https://openssl-library.org/news/vulnerabilities/#CVE-2026-34182
https://openssl-library.org/news/vulnerabilities/#CVE-2026-34183
https://openssl-library.org/news/vulnerabilities/#CVE-2026-42764
https://www.cve.org/CVERecord?id=CVE-2026-45447
https://www.cve.org/CVERecord?id=CVE-2026-34182
https://www.cve.org/CVERecord?id=CVE-2026-34183
https://www.cve.org/CVERecord?id=CVE-2026-42764
(* Security fix *)
x/intel-media-driver-26.2.2-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/linux-7.0.x/kernel-generic-7.0.12-x86_64-1.txz: Upgraded.
testing/packages/linux-7.0.x/kernel-headers-7.0.12-x86-1.txz: Upgraded.
testing/packages/linux-7.0.x/kernel-source-7.0.12-noarch-1.txz: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/file-5.48-x86_64-1.txz: Upgraded.
l/frei0r-plugins-3.2.0-x86_64-1.txz: Upgraded.
n/rsync-3.4.4-x86_64-1.txz: Upgraded.
Rsync version 3.4.4 has been released. This is a regression fix release for
the issues that have been reported with the 3.4.3 security release. Many
thanks to everyone who reported the issues (see NEWS.md for credits).
The 3.4.3 release had so many issues for two main reasons:
* the 3.4 testsuite did not have broad enough coverage to catch the
regressions noticed by users
* the nature of a security release prevents wide beta testing, resulting in
not enough manual testing in disparate environments
To fix this for future releases we have greatly expanded the test suite for
3.5 (currently in master) and grown the development team, especially with
more people with security expertise. Thanks for your patience!
x/xdg-desktop-portal-1.22.0-x86_64-1.txz: Upgraded.
xap/audacious-4.6.1-x86_64-1.txz: Upgraded.
xap/audacious-plugins-4.6.1-x86_64-1.txz: Upgraded.
a/kernel-firmware-20260609_c2a4fe8-noarch-1.txz: Upgraded.
a/openssl-solibs-3.5.7-aarch64-1.txz: Upgraded.
d/binutils-2.46.1-aarch64-1.txz: Upgraded.
Shared library .so-version bump.
d/oprofile-1.4.0-aarch64-19.txz: Rebuilt.
Recompiled against binutils-2.46.1.
l/fast_float-8.2.8-aarch64-1.txz: Upgraded.
l/frei0r-plugins-3.2.1-aarch64-1.txz: Upgraded.
l/gtkmm3-3.24.11-aarch64-1.txz: Upgraded.
n/openssl-3.5.7-aarch64-1.txz: Upgraded.
This update fixes security issues:
Fixed heap use-after-free in `PKCS7_verify()`.
Fixed CMS `AuthEnvelopedData` processing may accept forged messages.
Fixed unbounded memory growth in the QUIC `PATH_CHALLENGE` handler.
Fixed NULL pointer dereference in QUIC server initial packet handling.
For more information, see:
https://openssl-library.org/news/vulnerabilities/#CVE-2026-45447
https://openssl-library.org/news/vulnerabilities/#CVE-2026-34182
https://openssl-library.org/news/vulnerabilities/#CVE-2026-34183
https://openssl-library.org/news/vulnerabilities/#CVE-2026-42764
https://www.cve.org/CVERecord?id=CVE-2026-45447
https://www.cve.org/CVERecord?id=CVE-2026-34182
https://www.cve.org/CVERecord?id=CVE-2026-34183
https://www.cve.org/CVERecord?id=CVE-2026-42764
(* Security fix *)
a/kernel_armv8-6.18.35-aarch64-1.txz: Upgraded.
Kernel config changes:
+CONFIG_SND_SEQ_DEVICE=m
+CONFIG_SND_SEQUENCER=m
+CONFIG_SND_SEQ_DUMMY=m
+CONFIG_SND_SEQ_MIDI_EVENT=m
+CONFIG_SND_SEQ_MIDI=m
+CONFIG_SND_SEQ_VIRMIDI=m
+CONFIG_SND_PCMTEST=m
+CONFIG_SND_VIRMIDI=m
+CONFIG_SND_SERIAL_GENERIC=m
Thanks to warmbit.
d/kernel-headers-6.18.35-aarch64-1.txz: Upgraded.
k/kernel-source-6.18.35-aarch64-1.txz: Upgraded.
installer/*: Rebuilt.
kernels/*: Upgraded.
a/file-5.48-aarch64-1.txz: Upgraded.
a/less-704-aarch64-1.txz: Upgraded.
ap/mpg123-1.33.6-aarch64-1.txz: Upgraded.
l/fast_float-8.2.7-aarch64-1.txz: Upgraded.
l/frei0r-plugins-3.2.0-aarch64-1.txz: Upgraded.
n/rsync-3.4.4-aarch64-1.txz: Upgraded.
Rsync version 3.4.4 has been released. This is a regression fix release for
the issues that have been reported with the 3.4.3 security release. Many
thanks to everyone who reported the issues (see NEWS.md for credits).
The 3.4.3 release had so many issues for two main reasons:
* the 3.4 testsuite did not have broad enough coverage to catch the
regressions noticed by users
* the nature of a security release prevents wide beta testing, resulting in
not enough manual testing in disparate environments
To fix this for future releases we have greatly expanded the test suite for
3.5 (currently in master) and grown the development team, especially with
more people with security expertise. Thanks for your patience!
x/wayland-protocols-1.49-aarch64-1.txz: Upgraded.
x/xdg-desktop-portal-1.22.0-aarch64-1.txz: Upgraded.
xap/audacious-4.6.1-aarch64-1.txz: Upgraded.
xap/audacious-plugins-4.6.1-aarch64-1.txz: Upgraded.
patches/packages/httpd-2.4.68-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release (CVE-2026-49975 was already patched here.)
For more information, see:
https://downloads.apache.org/httpd/CHANGES_2.4.68
testing/packages/autoconf-2.73-noarch-1_slack15.0.txz: Added.
patches/packages/rsync-3.4.4-x86_64-1_slack15.0.txz: Upgraded.
Rsync version 3.4.4 has been released. This is a regression fix release for
the issues that have been reported with the 3.4.3 security release. Many
thanks to everyone who reported the issues (see NEWS.md for credits).
The 3.4.3 release had so many issues for two main reasons:
* the 3.4 testsuite did not have broad enough coverage to catch the
regressions noticed by users
* the nature of a security release prevents wide beta testing, resulting in
not enough manual testing in disparate environments
To fix this for future releases we have greatly expanded the test suite for
3.5 (currently in master) and grown the development team, especially with
more people with security expertise. Thanks for your patience!
extra/samba/samba-4.22.10-arm-1.txz: Upgraded.
This is a security release in order to address the following defects:
Missing access checks on reparse point operations.
WORM vfs module does not block overwrites.
auto-enrolment GPO installing CA certificate over http without verification.
Denial of service against AD DC WINS server.
Unauthenticated Remote Code Execution in Samba DCE/RPC SAMR server.
Unauthenticated Remote Code Execution in Samba printing subsystem.
For more information, see:
https://www.samba.org/samba/security/CVE-2026-1933.html
https://www.samba.org/samba/security/CVE-2026-2340.html
https://www.samba.org/samba/security/CVE-2026-3012.html
https://www.samba.org/samba/security/CVE-2026-3238.html
https://www.samba.org/samba/security/CVE-2026-4408.html
https://www.samba.org/samba/security/CVE-2026-4480.html
https://www.cve.org/CVERecord?id=CVE-2026-1933
https://www.cve.org/CVERecord?id=CVE-2026-2340
https://www.cve.org/CVERecord?id=CVE-2026-3012
https://www.cve.org/CVERecord?id=CVE-2026-3238
https://www.cve.org/CVERecord?id=CVE-2026-4408
https://www.cve.org/CVERecord?id=CVE-2026-4480
(* Security fix *)
patches/packages/rsync-3.4.4-arm-1_slack15.0.txz: Upgraded.
Rsync version 3.4.4 has been released. This is a regression fix release for
the issues that have been reported with the 3.4.3 security release. Many
thanks to everyone who reported the issues (see NEWS.md for credits).
The 3.4.3 release had so many issues for two main reasons:
* the 3.4 testsuite did not have broad enough coverage to catch the
regressions noticed by users
* the nature of a security release prevents wide beta testing, resulting in
not enough manual testing in disparate environments
To fix this for future releases we have greatly expanded the test suite for
3.5 (currently in master) and grown the development team, especially with
more people with security expertise. Thanks for your patience!
patches/packages/dnsmasq-2.93-arm-1_slack15.0.txz: Upgraded.
Rework storage allocation for domain names. This fixes a security bug that
can cause heap-overwrite with long domain names.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-2291
(* Security fix *)
patches/packages/libinput-1.31.3-arm-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
libinput-device-group unescaped phys output can inject udev properties
leading to arbitrary root code execution.
Note that since /dev/uinput and /dev/uhid are only accessible by root on
Slackware (and unlike some other distributions we make no exceptions), we
were not vulnerable to this flaw.
(* Security fix *)
patches/packages/meson-1.11.1-arm-1_slack15.0.txz: Upgraded.
This is needed to compile libinput-1.31.3.
extra/tigervnc/tigervnc-1.16.2-arm-3_slack15.0.txz: Rebuilt.
Patched with fixes for the following xorg-server security issues:
Font Alias Stack-based Buffer Overflow.
XSYNC Use-After-Free in miSyncDestroyFence().
XKB Key Types Stack-based Buffer Overflow.
XKB SetMap Request Stack-based Buffer Overflow.
XSYNC Use-After-Free in FreeCounter().
XSYNC Use-After-Free in SyncChangeCounter().
GLX ChangeDrawableAttributes Out-Of-Bounds Read/Write.
CreateSaverWindow Use-After-Free Information Disclosure.
DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write.
For more information, see:
https://lists.x.org/archives/xorg/2026-June/062239.html
Zero Day Initiative identifiers:
ZDI-CAN-30136
ZDI-CAN-30159
ZDI-CAN-30160
ZDI-CAN-30161
ZDI-CAN-30163
ZDI-CAN-30164
ZDI-CAN-30165
ZDI-CAN-30168
(* Security fix *)
patches/packages/httpd-2.4.67-arm-2_slack15.0.txz: Rebuilt.
This update fixes "HTTP/2 Bomb", a resource exhaustion denial-of-service
attack against HTTP/2.
For more information, see:
https://seclists.org/oss-sec/2026/q2/790
https://www.cve.org/CVERecord?id=CVE-2026-49975
(* Security fix *)
patches/packages/net-tools-20181103_0eebece-arm-3_slack15.0.txz: Rebuilt.
This update fixes a security issue:
interface.c: Stack-based Buffer Overflow in get_name().
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2025-46836
(* Security fix *)
patches/packages/proftpd-1.3.9b-arm-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
Additional fixes for SQL injection, notably for handling `%{env:...}`
and `%{note:...}` variables.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-42167
(* Security fix *)
patches/packages/xorg-server-1.20.14-arm-20_slack15.0.txz: Rebuilt.
This update fixes security issues:
Font Alias Stack-based Buffer Overflow.
XSYNC Use-After-Free in miSyncDestroyFence().
XKB Key Types Stack-based Buffer Overflow.
XKB SetMap Request Stack-based Buffer Overflow.
XSYNC Use-After-Free in FreeCounter().
XSYNC Use-After-Free in SyncChangeCounter().
GLX ChangeDrawableAttributes Out-Of-Bounds Read/Write.
CreateSaverWindow Use-After-Free Information Disclosure.
DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write.
For more information, see:
https://lists.x.org/archives/xorg/2026-June/062239.html
Zero Day Initiative identifiers:
ZDI-CAN-30136
ZDI-CAN-30159
ZDI-CAN-30160
ZDI-CAN-30161
ZDI-CAN-30163
ZDI-CAN-30164
ZDI-CAN-30165
ZDI-CAN-30168
(* Security fix *)
patches/packages/xorg-server-xephyr-1.20.14-arm-20_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-arm-20_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-arm-20_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xwayland-21.1.4-arm-12_slack15.0.txz: Rebuilt.
This update fixes security issues:
Font Alias Stack-based Buffer Overflow.
XSYNC Use-After-Free in miSyncDestroyFence().
XKB Key Types Stack-based Buffer Overflow.
XKB SetMap Request Stack-based Buffer Overflow.
XSYNC Use-After-Free in FreeCounter().
XSYNC Use-After-Free in SyncChangeCounter().
GLX ChangeDrawableAttributes Out-Of-Bounds Read/Write.
CreateSaverWindow Use-After-Free Information Disclosure.
For more information, see:
https://lists.x.org/archives/xorg/2026-June/062239.html
Zero Day Initiative identifiers:
ZDI-CAN-30136
ZDI-CAN-30159
ZDI-CAN-30160
ZDI-CAN-30161
ZDI-CAN-30163
ZDI-CAN-30164
ZDI-CAN-30165
ZDI-CAN-30168
(* Security fix *)
24/02/2022: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware
15/12/2015: Aggiornato HowTo automatizzare la compilazione del kernel
15/12/2015: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware current
24/11/2015: Aggiornato HowTo automatizzare la compilazione del kernel
22/11/2015: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware current
07/11/2015: Aggiornato HowTo automatizzare la compilazione del kernel
05/11/2015: Nuovo HowTo Automatizzare l'aggiornamento di Slackware current
30/10/2015: Aggiornato HowTo Automatizzare la prima configurazione di Slackware
26/05/2015: Aggiornato HowTo mini Slackware su pendrive
07/05/2015: Aggiornato HowTo automatizzare la compilazione del kernel
13/04/2015: Aggiornato HowTo automatizzare la compilazione del kernel
02/04/2015: Aggiornato HowTo automatizzare la compilazione del kernel
Vi presento uno script bash che crea una mini Slackware su pendrive in automatico.
Questo esempio fa riferimento a Slackware 14.0 a 32bit ma può essere facilmente adattato a qualsiasi altra versione.
Cerca i pacchetti elencati nell'array se sono già presenti nella directory impostata, se non li trova e se c'è il dvd di Slackware montato li copia da esso, altrimenti li scarica da internet.
⇦ Ho aggiunto una nuova pagina a questo sito che raccoglie le mie app.
Possono essere tutte scaricate dal Play Store di Google.
Un piccolo script in bash che sfrutta kdialog come semplice interfaccia.
Nella sezione download è possibile scaricare anche il pacchetto di installazione per slackware.
Ho 100MiB in più e aggiungo qualcosa al repository ;-)
Ho trovato questo pensiero di Dusty Wilson in inglese su Google+ e lo riporto in parte qui tradotto perché secondo me il motivo di fondo che lo ha spinto a scrivere ciò, è quello che si vede nell'immagine ed è la stessa cosa che ho pensato io quando è morto Dennis Ritchie:
Dennis Ritchie ha co-inventato C che è la base di praticamente tutto ciò che riguarda i computer. Ha co-inventato UNIX che è alla base di tutto nei computer tranne che di Windows (anche se Windows è stato molto, molto molto influenzato da esso). Apple OS X è una piattaforma basata su UNIX. Ma molta gente pensa che Steve Jobs ha fatto tutto da solo e che dovrebbe essere lodato come un salvatore. Non solo ha preso "in prestito" idee, progetti e funzionalità da tutti gli altri, ha piagnucolato se qualcuno abbia mai fatto lo stesso. Nel 1996 ha detto: "Noi siamo sempre stati senza vergogna di rubare grandi idee." Nel 2005 ha detto: "Sono senza vergogna quelli che ci copiano". Quest'anno ha detto "Vado a distruggere Android, perché è un prodotto rubato. Sono disposto ad andare in questa guerra termonucleare" e poi, quasi subito dopo ha rilasciato iOS 5 con una tonnellata di caratteristiche già introdotte in Android. Il ragazzo è/era uno stronzo. Non ho pazienza per un ipocrita come lui.
Condividi sui tuoi social preferiti!
Telegram Facebook Linkedin Twitter Pinterest