Benvenuti su Slacky.eu - Italian Slackware Community

Community dedicata alla distribuzione Slackware Linux.

Slacky.eu è un progetto che offre un Forum in italiano per Slackware Linux, leggi la nostra storia.

Aggiornamenti dal mondo Slackware

News

13 Gennaio 2022 - Slackware 15 RC3

Siamo arrivati alla terza, e a meno di sorprese, l'ultima Release Candidate di Slackware 15. Da ora in poi ci saranno modifiche solo in caso di problemi seri, ma tutto lascia supporre che il 17 gennaio, come anticipato da Pat su LinuxQuestions, esca la tanto sospirata versione 15. Ti aspettiamo nel forum per parlarne.

16 Agosto 2021 - Slackware 15 RC1

È uscita stanotte la prima Release Candidate di Slackware 15. Come ha scritto Pat si tratta di un "congelamento", a meno di bugfix. Questo significa che la 15.0 sarà rilasciata con i software nella versione presente in questa RC1, a meno appunto di bug trovati, o aggiornamenti di sicurezza.

15 Aprile 2021 - Slackware 15 beta

Qualche giorno fa Pat ha rilasciato un corposo aggiornamento definendolo beta. La data dell'uscita di Slackware 15 si fa sempre più vicina.

16 Febbraio 2021 - Slackware 15 alpha1

Come potete leggere nel ChangeLog sotto, ieri sera è stata rilasciata la versione alpha1 del prossimo ramo stabile di Slackware, che sarà il 15.0.

Provatela, segnalate bug, e commentate sul forum.

Se decidete di provarla facendo l'upgrade dalla 14.2 state attenti al cambiamento di nome di alcuni pacchetti, maggiori info nel forum. Happy Slack!


ChangeLog

Slackware Current

			
  • Fri, 21 Jan 2022 19:58:34 GMT
    kde/kconfigwidgets-5.90.1-x86_64-1.txz:  Upgraded.
    l/libwebp-1.2.2-x86_64-1.txz:  Upgraded.
    
  • Fri, 21 Jan 2022 05:47:49 GMT
    a/aaa_libraries-15.0-x86_64-15.txz:  Rebuilt.
      Upgraded: libzstd.so.1.5.2.
    a/kernel-firmware-20220119_0c6a7b3-noarch-1.txz:  Upgraded.
    a/kernel-generic-5.15.16-x86_64-1.txz:  Upgraded.
    a/kernel-huge-5.15.16-x86_64-1.txz:  Upgraded.
    a/kernel-modules-5.15.16-x86_64-1.txz:  Upgraded.
    ap/vim-8.2.4166-x86_64-1.txz:  Upgraded.
    d/kernel-headers-5.15.16-x86-1.txz:  Upgraded.
    d/rust-1.58.1-x86_64-1.txz:  Upgraded.
    k/kernel-source-5.15.16-noarch-1.txz:  Upgraded.
    l/qt5-5.15.3_20211130_014c375b-x86_64-2.txz:  Rebuilt.
      Applied upstream patch:
      [PATCH] Move the wayland socket polling to a separate event thread.
      Thanks to LuckyCyborg.
    l/svgalib-1.9.25-x86_64-7.txz:  Rebuilt.
      Don't try to use the (broken) assembly. Thanks to nobodino.
    l/zstd-1.5.2-x86_64-1.txz:  Upgraded.
    x/ibus-m17n-1.4.9-x86_64-1.txz:  Upgraded.
    xap/vim-gvim-8.2.4166-x86_64-1.txz:  Upgraded.
    extra/php80/php80-8.0.15-x86_64-1.txz:  Upgraded.
    extra/php81/php81-8.1.2-x86_64-1.txz:  Upgraded.
    isolinux/initrd.img:  Rebuilt.
    kernels/*:  Upgraded.
    usb-and-pxe-installers/usbboot.img:  Rebuilt.
    
  • Wed, 19 Jan 2022 18:18:02 GMT
    ap/inxi-3.3.12_1-noarch-1.txz:  Upgraded.
    ap/man-db-2.9.4-x86_64-3.txz:  Rebuilt.
      Don't use --no-purge in the daily cron job to update the databases.
    l/gst-plugins-bad-free-1.18.5-x86_64-4.txz:  Rebuilt.
      Link against neon-0.32.2.  Thanks to marav.
    n/bind-9.16.25-x86_64-1.txz:  Upgraded.
    n/ethtool-5.16-x86_64-1.txz:  Upgraded.
    n/samba-4.15.4-x86_64-1.txz:  Upgraded.
    n/wpa_supplicant-2.10-x86_64-1.txz:  Upgraded.
      The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant
      before 2.10 are vulnerable to side-channel attacks as a result of cache
      access patterns.
      NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.
      For more information, see:
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23303
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23304
      (* Security fix *)
    x/xterm-370-x86_64-6.txz:  Rebuilt.
      XTerm-console: improve the font settings. Thanks to GazL.
    

Slackware 14.2 (Stable)

			
  • Wed, 19 Jan 2022 18:18:02 GMT
    patches/packages/wpa_supplicant-2.9-x86_64-2_slack14.2.txz:  Rebuilt.
      This update contains patches for these security issues:
      The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant
      before 2.10 are vulnerable to side-channel attacks as a result of cache
      access patterns.
      NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.
      For more information, see:
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23303
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23304
      (* Security fix *)
    
  • Sun, 16 Jan 2022 21:33:27 GMT
    patches/packages/expat-2.4.3-x86_64-1_slack14.2.txz:  Upgraded.
      Fix issues with left shifts by >=29 places resulting in:
        a) realloc acting as free
        b) realloc allocating too few bytes
        c) undefined behavior
      Fix integer overflow on variable m_groupSize in function doProlog leading
      to realloc acting as free. Impact is denial of service or other undefined
      behavior.
      Prevent integer overflows near memory allocation at multiple places.
      For more information, see:
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
      (* Security fix *)
    
  • Wed, 29 Dec 2021 02:42:32 GMT
    patches/packages/wpa_supplicant-2.9-x86_64-1_slack14.2.txz:  Upgraded.
      This update fixes the following security issues:
      AP mode PMF disconnection protection bypass.
      UPnP SUBSCRIBE misbehavior in hostapd WPS AP.
      P2P group information processing vulnerability.
      P2P provision discovery processing vulnerability.
      ASN.1: Validate DigestAlgorithmIdentifier parameters.
      Flush pending control interface message for an interface to be removed.
      These issues could result in a denial-of-service, privilege escalation,
      arbitrary code execution, or other unexpected behavior.
      Thanks to nobodino for pointing out the patches.
      For more information, see:
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0326
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0535
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12695
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16275
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27803
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30004
      (* Security fix *)