blender-3.0.1-x86_64-1_ap.txz: Upgraded.
a/iniparser-4.2.1-x86_64-1.txz: Upgraded.
a/kernel-generic-6.9.1-x86_64-1.txz: Upgraded.
a/kernel-huge-6.9.1-x86_64-1.txz: Upgraded.
a/kernel-modules-6.9.1-x86_64-1.txz: Upgraded.
a/lvm2-2.03.24-x86_64-1.txz: Upgraded.
a/mcelog-199-x86_64-1.txz: Upgraded.
a/xfsprogs-6.8.0-x86_64-1.txz: Upgraded.
d/kernel-headers-6.9.1-x86-1.txz: Upgraded.
e/emacspeak-60.0-x86_64-1.txz: Upgraded.
k/kernel-source-6.9.1-noarch-1.txz: Upgraded.
l/python-trove-classifiers-2024.5.17-x86_64-1.txz: Upgraded.
l/python-zipp-3.18.2-x86_64-1.txz: Upgraded.
n/bluez-5.76-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/bcachefs-tools-1.7.0-x86_64-1.txz: Added.
a/kernel-generic-6.9.0-x86_64-2.txz: Upgraded.
a/kernel-huge-6.9.0-x86_64-2.txz: Upgraded.
a/kernel-modules-6.9.0-x86_64-2.txz: Upgraded.
d/git-2.45.1-x86_64-1.txz: Upgraded.
This update fixes security issues:
Recursive clones on case-insensitive filesystems that support symbolic
links are susceptible to case confusion that can be exploited to
execute just-cloned code during the clone operation.
Repositories can be configured to execute arbitrary code during local
clones. To address this, the ownership checks introduced in v2.30.3
are now extended to cover cloning local repositories.
Local clones may end up hardlinking files into the target repository's
object database when source and target repository reside on the same
disk. If the source repository is owned by a different user, then
those hardlinked files may be rewritten at any point in time by the
untrusted user.
When cloning a local source repository that contains symlinks via the
filesystem, Git may create hardlinks to arbitrary user-readable files
on the same filesystem as the target repository in the objects/
directory.
It is supposed to be safe to clone untrusted repositories, even those
unpacked from zip archives or tarballs originating from untrusted
sources, but Git can be tricked to run arbitrary code as part of the
clone.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-32002
https://www.cve.org/CVERecord?id=CVE-2024-32004
https://www.cve.org/CVERecord?id=CVE-2024-32020
https://www.cve.org/CVERecord?id=CVE-2024-32021
https://www.cve.org/CVERecord?id=CVE-2024-32465
(* Security fix *)
d/kernel-headers-6.9.0-x86-2.txz: Upgraded.
d/strace-6.9-x86_64-1.txz: Upgraded.
k/kernel-source-6.9.0-noarch-2.txz: Upgraded.
BCACHEFS_FS m -> y
CRYPTO_CHACHA20 m -> y
CRYPTO_LIB_CHACHA_GENERIC m -> y
CRYPTO_LIB_POLY1305_GENERIC m -> y
CRYPTO_POLY1305 m -> y
MITIGATION_GDS_FORCE y -> n
kde/wcslib-8.3-x86_64-1.txz: Upgraded.
l/gdk-pixbuf2-2.42.12-x86_64-1.txz: Upgraded.
ani: Reject files with multiple INA or IART chunks.
ani: Reject files with multiple anih chunks.
ani: validate chunk size.
Thanks to 0xvhp, pedrib, and Benjamin Gilbert.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-48622
(* Security fix *)
l/gtk+3-3.24.42-x86_64-1.txz: Upgraded.
n/bind-9.18.27-x86_64-1.txz: Upgraded.
This is a bugfix release.
n/popa3d-1.0.3-x86_64-8.txz: Rebuilt.
This is a bugfix release:
Build with AUTH_PAM, not AUTH_SHADOW.
Thanks to jayjwa.
x/xorg-server-xwayland-23.2.7-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/kernel-firmware-20240510_b9d2bf2-noarch-1.txz: Upgraded.
a/kernel-generic-6.9.0-x86_64-1.txz: Upgraded.
a/kernel-huge-6.9.0-x86_64-1.txz: Upgraded.
a/kernel-modules-6.9.0-x86_64-1.txz: Upgraded.
d/gcc-14.1.0-x86_64-1.txz: Upgraded.
d/gcc-g++-14.1.0-x86_64-1.txz: Upgraded.
d/gcc-gdc-14.1.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/gcc-gfortran-14.1.0-x86_64-1.txz: Upgraded.
d/gcc-gm2-14.1.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/gcc-gnat-14.1.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/gcc-go-14.1.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/gcc-objc-14.1.0-x86_64-1.txz: Upgraded.
d/kernel-headers-6.9.0-x86-1.txz: Upgraded.
d/libgccjit-14.1.0-x86_64-1.txz: Upgraded.
d/libtool-2.4.7-x86_64-7.txz: Rebuilt.
Recompiled to update embedded GCC version number.
k/kernel-source-6.9.0-noarch-1.txz: Upgraded.
l/harfbuzz-8.5.0-x86_64-1.txz: Upgraded.
l/mozjs115-115.11.0esr-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-126.0-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/126.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2024-21/
https://www.cve.org/CVERecord?id=CVE-2024-4764
https://www.cve.org/CVERecord?id=CVE-2024-4367
https://www.cve.org/CVERecord?id=CVE-2024-4765
https://www.cve.org/CVERecord?id=CVE-2024-4766
https://www.cve.org/CVERecord?id=CVE-2024-4767
https://www.cve.org/CVERecord?id=CVE-2024-4768
https://www.cve.org/CVERecord?id=CVE-2024-4769
https://www.cve.org/CVERecord?id=CVE-2024-4770
https://www.cve.org/CVERecord?id=CVE-2024-4771
https://www.cve.org/CVERecord?id=CVE-2024-4772
https://www.cve.org/CVERecord?id=CVE-2024-4773
https://www.cve.org/CVERecord?id=CVE-2024-4774
https://www.cve.org/CVERecord?id=CVE-2024-4775
https://www.cve.org/CVERecord?id=CVE-2024-4776
https://www.cve.org/CVERecord?id=CVE-2024-4777
https://www.cve.org/CVERecord?id=CVE-2024-4778
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/less-654-aarch64-1.txz: Upgraded.
d/ninja-1.12.1-aarch64-1.txz: Upgraded.
d/qrtr-git10997ba-aarch64-1.txz: Added.
Required for the new 'n/pd-mapper' package.
Thanks to Brent Earl.
extra/bittornado/bittornado-0.3.18-aarch64-3.txz: Removed.
Obsolete and based on python2.
n/pd-mapper-git10997ba-aarch64-1.txz: Added.
Required to support the Lenovo ThinkPad X13s Hardware Model.
Thanks to Brent Earl.
n/whois-5.5.23-aarch64-1.txz: Upgraded.
Updated the .sc, .********* (.xn--yfro4i67o, Singapore)
and .********************************* (.xn--clchc0ea0b2g2a9gcd, Singapore)
TLD servers.
l/libjpeg-turbo-3.0.3-aarch64-1.txz: Upgraded.
l/nodejs-20.13.1-aarch64-1.txz: Upgraded.
l/pipewire-1.0.6-aarch64-1.txz: Upgraded.
n/php-8.3.7-aarch64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.php.net/ChangeLog-8.php#8.3.7
n/wireless-regdb-2024.05.08-aarch64-1.txz: Upgraded.
extra/bash-completion/bash-completion-2.14.0-aarch64-1.txz: Upgraded.
d/cmake-3.29.3-aarch64-1.txz: Upgraded.
l/adwaita-icon-theme-46.0-aarch64-2.txz: Rebuilt.
Restore icons that went missing after adwaita-icon-theme-41.0.
l/glib2-2.80.2-aarch64-1.txz: Upgraded.
l/libgnt-2.14.4_dev-aarch64-1.txz: Upgraded.
l/mozilla-nss-3.100-aarch64-1.txz: Upgraded.
n/samba-4.20.1-aarch64-1.txz: Upgraded.
x/mesa-24.0.7-aarch64-1.txz: Upgraded.
patches/packages/gdk-pixbuf2-2.42.12-x86_64-1_slack15.0.txz: Upgraded.
ani: Reject files with multiple INA or IART chunks.
ani: Reject files with multiple anih chunks.
ani: validate chunk size.
Thanks to 0xvhp, pedrib, and Benjamin Gilbert.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-48622
(* Security fix *)
patches/packages/git-2.39.4-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Recursive clones on case-insensitive filesystems that support symbolic
links are susceptible to case confusion that can be exploited to
execute just-cloned code during the clone operation.
Repositories can be configured to execute arbitrary code during local
clones. To address this, the ownership checks introduced in v2.30.3
are now extended to cover cloning local repositories.
Local clones may end up hardlinking files into the target repository's
object database when source and target repository reside on the same
disk. If the source repository is owned by a different user, then
those hardlinked files may be rewritten at any point in time by the
untrusted user.
When cloning a local source repository that contains symlinks via the
filesystem, Git may create hardlinks to arbitrary user-readable files
on the same filesystem as the target repository in the objects/
directory.
It is supposed to be safe to clone untrusted repositories, even those
unpacked from zip archives or tarballs originating from untrusted
sources, but Git can be tricked to run arbitrary code as part of the
clone.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-32002
https://www.cve.org/CVERecord?id=CVE-2024-32004
https://www.cve.org/CVERecord?id=CVE-2024-32020
https://www.cve.org/CVERecord?id=CVE-2024-32021
https://www.cve.org/CVERecord?id=CVE-2024-32465
(* Security fix *)
patches/packages/popa3d-1.0.3-x86_64-7_slack15.0.txz: Rebuilt.
This is a bugfix release:
Build with AUTH_PAM, not AUTH_SHADOW.
Thanks to jayjwa.
testing/packages/bind-9.18.27-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
patches/packages/mozilla-firefox-115.11.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.11.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2024-22/
https://www.cve.org/CVERecord?id=CVE-2024-4367
https://www.cve.org/CVERecord?id=CVE-2024-4767
https://www.cve.org/CVERecord?id=CVE-2024-4768
https://www.cve.org/CVERecord?id=CVE-2024-4769
https://www.cve.org/CVERecord?id=CVE-2024-4770
https://www.cve.org/CVERecord?id=CVE-2024-4777
(* Security fix *)
patches/packages/libxml2-2.11.8-x86_64-1_slack15.0.txz: Upgraded.
Fix buffer overread with "xmllint --htmlout".
xmllint: Fix --pedantic option.
save: Handle invalid parent pointers in xhtmlNodeDumpOutput.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-34459
(* Security fix *)
patches/packages/gdk-pixbuf2-2.42.12-arm-1_slack15.0.txz: Upgraded.
ani: Reject files with multiple INA or IART chunks.
ani: Reject files with multiple anih chunks.
ani: validate chunk size.
Thanks to 0xvhp, pedrib, and Benjamin Gilbert.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-48622
(* Security fix *)
patches/packages/git-2.39.4-arm-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Recursive clones on case-insensitive filesystems that support symbolic
links are susceptible to case confusion that can be exploited to
execute just-cloned code during the clone operation.
Repositories can be configured to execute arbitrary code during local
clones. To address this, the ownership checks introduced in v2.30.3
are now extended to cover cloning local repositories.
Local clones may end up hardlinking files into the target repository's
object database when source and target repository reside on the same
disk. If the source repository is owned by a different user, then
those hardlinked files may be rewritten at any point in time by the
untrusted user.
When cloning a local source repository that contains symlinks via the
filesystem, Git may create hardlinks to arbitrary user-readable files
on the same filesystem as the target repository in the objects/
directory.
It is supposed to be safe to clone untrusted repositories, even those
unpacked from zip archives or tarballs originating from untrusted
sources, but Git can be tricked to run arbitrary code as part of the
clone.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-32002
https://www.cve.org/CVERecord?id=CVE-2024-32004
https://www.cve.org/CVERecord?id=CVE-2024-32020
https://www.cve.org/CVERecord?id=CVE-2024-32021
https://www.cve.org/CVERecord?id=CVE-2024-32465
(* Security fix *)
patches/packages/popa3d-1.0.3-arm-7_slack15.0.txz: Rebuilt.
This is a bugfix release:
Build with AUTH_PAM, not AUTH_SHADOW.
Thanks to jayjwa.
patches/packages/libxml2-2.11.8-arm-1_slack15.0.txz: Upgraded.
Fix buffer overread with "xmllint --htmlout".
xmllint: Fix --pedantic option.
save: Handle invalid parent pointers in xhtmlNodeDumpOutput.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-34459
(* Security fix *)
patches/packages/sg3_utils-1.47-arm-2_slack15.0.txz: Rebuilt.
This is a bugfix release to fix a regression in rescan-scsi-bus.sh that
causes all SCSI devices to be removed from the system when the '-r'
option is used. Thanks to jwoithe for the link to the upstream patch.
patches/packages/whois-5.5.23-arm-1_slack15.0.txz: Upgraded.
Updated the .sc, .********* (.xn--yfro4i67o, Singapore)
and .********************************* (.xn--clchc0ea0b2g2a9gcd, Singapore)
TLD servers.
24/02/2022: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware
15/12/2015: Aggiornato HowTo automatizzare la compilazione del kernel
15/12/2015: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware current
24/11/2015: Aggiornato HowTo automatizzare la compilazione del kernel
22/11/2015: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware current
07/11/2015: Aggiornato HowTo automatizzare la compilazione del kernel
05/11/2015: Nuovo HowTo Automatizzare l'aggiornamento di Slackware current
30/10/2015: Aggiornato HowTo Automatizzare la prima configurazione di Slackware
26/05/2015: Aggiornato HowTo mini Slackware su pendrive
07/05/2015: Aggiornato HowTo automatizzare la compilazione del kernel
13/04/2015: Aggiornato HowTo automatizzare la compilazione del kernel
02/04/2015: Aggiornato HowTo automatizzare la compilazione del kernel
Questo script provvede ad aggiornare Slackware o Slackware64 all'ultima current in maniera del tutto autonoma, dalla ricerca di aggiornamenti all'aggiornamento del bootloader.
Scarica la lista dei pacchetti e la confronta con quelli installati, dopodiché controlla se i nuovi pacchetti sono presenti in un eventuale DVD già montato altrimenti li scarica da internet.
Lo script può gestire anche un sistema multilib, infatti se...
Uno script da eseguire al primo avvio di Slackware.
Mi capita spesso di fare nuove installazioni di Slackware e di ripetere sempre le stesse operazioni atte ad una prima configurazione di base, come ad esempio l'italianizzazione o l'impostazione della corretta risoluzione framebuffer.
Per cui ho deciso di raggruppare tutte queste operazioni di base, che possono...
Ecco che la bash ci viene in aiuto anche per realizzare un semplice sistema di video sorveglianza molto economico.
Questo script scatta una foto dalla webcam impostata nella variabile DEV con mplayer, ne fa una copia con la data corrente come nome del file per conservare una copia di tutte le foto scattate e per sapere a prima vista a quando risalgono. Dopodiché carica entrambe le copie della foto sul server ftp...
Spesso i produttori di hardware ottengono costi di produzione più bassi utilizzando componenti con capacità superiori in dispositivi non progettati per sfruttarle piuttosto che utilizzando componenti su misura, questo è anche il caso del mio mouse Logitech RX1000.
Aprendo il mouse e guardando le piste stampate sul retro della scheda si nota che il controller ha un pin inutilizzato, quindi leggendo il codice (CY7C63813) sul chip e trovandone il...
Compilare il kernel Linux non è certamente cosa difficile, ma chi è alle prime armi spesso è spaventato da questa procedura e anche per chi è pratico a volte diventa scocciante aggiornare ad ogni release.
Dunque ho scritto questo script bash che automatizza la procedura: rileva quanti core ha il proprio processore per decidere in quanti processi paralleli eseguire la compilazione in modo da ottimizzarne i tempi, poi controlla se la versione scelta...
Condividi sui tuoi social preferiti!
Telegram Facebook Linkedin Twitter Pinterest