Benvenuti su Slacky.eu - Italian Slackware Community

Community dedicata alla distribuzione Slackware Linux.

Slacky.eu è un progetto che offre un Forum in italiano per Slackware Linux, leggi la nostra storia.

Aggiornamenti dal mondo Slackware

News

16 Agosto 2021 - Slackware 15 RC1

È uscita stanotte la prima Release Candidate di Slackware 15. Come ha scritto Pat si tratta di un "congelamento", a meno di bugfix. Questo significa che la 15.0 sarà rilasciata con i software nella versione presente in questa RC1, a meno appunto di bug trovati, o aggiornamenti di sicurezza.

15 Aprile 2021 - Slackware 15 beta

Qualche giorno fa Pat ha rilasciato un corposo aggiornamento definendolo beta. La data dell'uscita di Slackware 15 si fa sempre più vicina.

16 Febbraio 2021 - Slackware 15 alpha1

Come potete leggere nel ChangeLog sotto, ieri sera è stata rilasciata la versione alpha1 del prossimo ramo stabile di Slackware, che sarà il 15.0.

Provatela, segnalate bug, e commentate sul forum.

Se decidete di provarla facendo l'upgrade dalla 14.2 state attenti al cambiamento di nome di alcuni pacchetti, maggiori info nel forum. Happy Slack!

10 Dicembre 2020 - Habemus Plasma

Dopo un'attesa lunga mesi, il 7 Dicembre 2020 Pat ha finalmente introdotto Plasma5 (KDE5) nel ramo current della Slackware. I tempi sono maturi per la prossima release, la 15.0.

Vi invitiamo a commentare nel nostro forum. Happy Slack a tutti.


ChangeLog

Slackware Current

			
  • Sat, 23 Oct 2021 18:57:30 GMT
    a/aaa_terminfo-6.3-x86_64-1.txz:  Upgraded.
    a/glibc-zoneinfo-2021e-noarch-1.txz:  Upgraded.
    ap/itstool-2.0.7-x86_64-2.txz:  Rebuilt.
      Rebuilt with PYTHON=/usr/bin/python3. Thanks to USUARIONUEVO.
    ap/mpg123-1.29.2-x86_64-1.txz:  Upgraded.
    d/meson-0.59.3-x86_64-1.txz:  Upgraded.
    d/parallel-20211022-noarch-1.txz:  Upgraded.
    d/python-pip-21.3.1-x86_64-1.txz:  Upgraded.
    d/python-setuptools-58.3.0-x86_64-1.txz:  Upgraded.
    l/exiv2-0.27.5-x86_64-1.txz:  Upgraded.
    l/ncurses-6.3-x86_64-1.txz:  Upgraded.
    n/php-7.4.25-x86_64-1.txz:  Upgraded.
      This update fixes bugs and a security issue:
      FPM: PHP-FPM oob R/W in root process leading to privilege escalation.
      For more information, see:
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
      (* Security fix *)
    xap/mozilla-thunderbird-91.2.1-x86_64-1.txz:  Upgraded.
      This is a bugfix release.
      For more information, see:
        https://www.mozilla.org/en-US/thunderbird/91.2.1/releasenotes/
    testing/packages/linux-5.14.x/kernel-generic-5.14.14-x86_64-2.txz:  Rebuilt.
    testing/packages/linux-5.14.x/kernel-headers-5.14.14-x86-2.txz:  Rebuilt.
    testing/packages/linux-5.14.x/kernel-huge-5.14.14-x86_64-2.txz:  Rebuilt.
    testing/packages/linux-5.14.x/kernel-modules-5.14.14-x86_64-2.txz:  Rebuilt.
    testing/packages/linux-5.14.x/kernel-source-5.14.14-noarch-2.txz:  Rebuilt.
      These kernels enable CONFIG_PREEMPT=y and CONFIG_PREEMPT_DYNAMIC=y allowing
      the kernel preemption model to be specified on the kernel command line
      with one of these options: preempt=none, preempt=voluntary, and preempt=full.
      Since there is no .config option to set a default, and the default in the
      kernel sources is "full" (which is probably not a good default), the
      kernel-source.SlackBuild has been modified to add support for an environment
      variable CONFIG_PREEMPT_DEFAULT_MODE which can be set to none, voluntary, or
      full to set the default kernel preemption model when a command line option
      is not provided. These kernels have been built with a preemption model of
      "none" (presumably the safest choice which will behave like the kernels we
      have shipped before.) The runtime overhead on 64-bit should be negligible.
      On 32-bit we lack support for HAVE_STATIC_CALL_INLINE, so spinlocks and
      mutexes will have to be approached through a trampoline, adding a very small
      amount of overhead. I feel this is probably worth it in order to have the
      option to run a kernel with voluntary or full preemption, especially for
      gaming or desktop purposes. The reduction in input lag with these modes is
      actually quite noticable.
      To check the current preemption model, you may use debugfs:
      mount -t debugfs none /sys/kernel/debug
      cat /sys/kernel/debug/sched/preempt
      (none) voluntary full
      You may change to a different preemption model on the fly once debugfs is
      mounted:
      echo voluntary > /sys/kernel/debug/sched/preempt
      cat /sys/kernel/debug/sched/preempt
      none (voluntary) full
      Thanks to Daedra.
      -DRM_I810 n
      -INLINE_READ_UNLOCK y
      -INLINE_READ_UNLOCK_IRQ y
      -INLINE_SPIN_UNLOCK_IRQ y
      -INLINE_WRITE_UNLOCK y
      -INLINE_WRITE_UNLOCK_IRQ y
       PREEMPT n -> y
       PREEMPT_VOLUNTARY y -> n
      +CEC_GPIO n
      +DEBUG_PREEMPT y
      +PREEMPTION y
      +PREEMPT_COUNT y
      +PREEMPT_DYNAMIC y
      +PREEMPT_RCU y
      +PREEMPT_TRACER n
      +RCU_BOOST n
      +TASKS_RCU y
      +UNINLINE_SPIN_UNLOCK y
    
  • Thu, 21 Oct 2021 19:36:32 GMT
    a/lvm2-2.03.13-x86_64-1.txz:  Upgraded.
      Reverted to working version.
    d/rust-1.56.0-x86_64-1.txz:  Upgraded.
    l/pipewire-0.3.39-x86_64-1.txz:  Upgraded.
    n/krb5-1.19.2-x86_64-2.txz:  Rebuilt.
      [PATCH] Fix KDC null deref on TGS inner body null server.
      This fixes an issue where an authenticated attacker can cause a denial of
      service in the KDC by sending a FAST TGS request with no server field.
      Thanks to nobodino.
      For more information, see:
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37750
      (* Security fix *)
    x/ibus-m17n-1.4.8-x86_64-1.txz:  Upgraded.
    x/libinput-1.19.2-x86_64-1.txz:  Upgraded.
    xap/freerdp-2.4.1-x86_64-1.txz:  Upgraded.
      This update fixes two security issues:
      Improper client input validation for gateway connections allows to overwrite
      memory.
      Improper region checks in all clients allow out of bound write to memory.
      For more information, see:
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41159
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41160
      (* Security fix *)
    xap/gftp-2.7.1b-x86_64-1.txz:  Upgraded.
    extra/php8/php8-8.0.12-x86_64-1.txz:  Upgraded.
      This update fixes bugs and a security issue:
      FPM: PHP-FPM oob R/W in root process leading to privilege escalation.
      For more information, see:
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
      (* Security fix *)
    
  • Wed, 20 Oct 2021 19:29:55 GMT
    a/kernel-generic-5.14.14-x86_64-1.txz:  Upgraded.
    a/kernel-huge-5.14.14-x86_64-1.txz:  Upgraded.
    a/kernel-modules-5.14.14-x86_64-1.txz:  Upgraded.
    a/lvm2-2.03.14-x86_64-1.txz:  Upgraded.
    d/kernel-headers-5.14.14-x86-1.txz:  Upgraded.
    k/kernel-source-5.14.14-noarch-1.txz:  Upgraded.
    n/autofs-5.1.8-x86_64-1.txz:  Upgraded.
    isolinux/initrd.img:  Rebuilt.
    kernels/*:  Upgraded.
    usb-and-pxe-installers/usbboot.img:  Rebuilt.
    

Slackware 14.2 (Stable)

			
  • Sat, 23 Oct 2021 18:57:30 GMT
    patches/packages/glibc-zoneinfo-2021e-noarch-1_slack14.2.txz:  Upgraded.
      This package provides the latest timezone updates.
    
  • Sun, 17 Oct 2021 18:52:33 GMT
    patches/packages/glibc-zoneinfo-2021d-noarch-1_slack14.2.txz:  Upgraded.
      This package provides the latest timezone updates.
    
  • Fri, 08 Oct 2021 03:23:28 GMT
    patches/packages/httpd-2.4.51-x86_64-1_slack14.2.txz:  Upgraded.
      SECURITY: CVE-2021-42013: Path Traversal and Remote Code
      Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete
      fix of CVE-2021-41773) (cve.mitre.org)
      It was found that the fix for CVE-2021-41773 in Apache HTTP
      Server 2.4.50 was insufficient.  An attacker could use a path
      traversal attack to map URLs to files outside the directories
      configured by Alias-like directives.
      If files outside of these directories are not protected by the
      usual default configuration "require all denied", these requests
      can succeed. If CGI scripts are also enabled for these aliased
      pathes, this could allow for remote code execution.
      This issue only affects Apache 2.4.49 and Apache 2.4.50 and not
      earlier versions.
      Credits: Reported by Juan Escobar from Dreamlab Technologies,
      Fernando MuA+-oz from NULL Life CTF Team, and Shungo Kumasaka
      For more information, see:
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42013
      (* Security fix *)