The development of Slackware 13.0 nearly ends and Pat decided to freeze further updates (unless there's a security problem or regression occurred) and marks today's update as Release Candidate 1. Usually, Slackware never had too many RCs in the past, so i would say, Slackware 13.0 will be released on July or probably in August.

Based on the Changelog, it would use 2.6.29.x rather than going with 2.6.30, even though it would bring more updates to the core of the operating system itself.

Here's the latest -Current changelog:

Wed Jul 1 16:04:35 CDT 2009
Hi folks -- the TODO isn't entirely empty here, but it's pretty much down to minor nits, and so we're going to call this release candidate #1 and (mostly) freeze further updates unless they happen to fix problems.
Regarding the kernel, 2.6.29.x has been well tested with this userspace and seems like the best choice to ship for production use. Perhaps we can put something else (at least source and configs) in /testing, though.
a/slocate-3.1-i486-2.txz: Rebuilt. Don't index cifs or tmpfs.
Add a few more directories to the list of paths to prune.
Thanks to Cor Molenaar and Erik Jan Tromp.

l/urwid-0.9.8.4-i486-1.txz: Added. Needed for wicd.

n/dnsmasq-2.49-i486-1.txz: Upgraded.

n/httpd-2.2.11-i486-2.txz: Rebuilt. This needed a recompile against the new apr package to fix building new modules.
Thanks to Michael Johnson and Ian Carolan for reporting this issue.

n/iwlwifi-3945-ucode-15.32.2.9-fw-1.txz: Upgraded.

n/iwlwifi-5000-ucode-8.24.2.12-fw-1.txz: Upgraded.

n/php-5.2.10-i486-1.txz: Upgraded.

x/xorg-server-1.6.1-i486-2.txz: Rebuilt.
Fixed default-font-path. Thanks to Bruce Hill.
Patched a key repeat problem in XineramaCheckMotion.
Thanks to Adam Kennedy for pointing out the fix.

x/xorg-server-xephyr-1.6.1-i486-2.txz: Rebuilt.

x/xorg-server-xnest-1.6.1-i486-2.txz: Rebuilt.

x/xorg-server-xvfb-1.6.1-i486-2.txz: Rebuilt.

xap/electricsheep-20090306-i486-2.txz: Rebuilt. Patched to fix an issue where mplayer needs a buffer when reading from a pipe.
Thanks to Eric Hameleers.

extra/wicd/wicd-1.6.1-i486-1.txz: Upgraded. Thanks to Robby Workman.

Update (09:01 AM): Don't forget to add yourself to netdev group (in /etc/group) and restart wicd daemon and messagebus or you will not find wicd working.

The ghostscript package has been patched to fix several security problems on -Current. It is released on the same day here in Indonesia (Tuesday evening), but it's 39 minutes past midnight at Pat's place. Have a good sleep after releasing this package

Anyway, here's the security advisory today:

Tue Jun 30 00:39:54 CDT 2009
ap/ghostscript-8.64-i486-2.txz: Rebuilt.
Patched various problems with ghostscript that could lead to a denial of service or the execution of arbitrary code when processing a malicious or malformed file.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0584
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0792
(* Security fix *)

Two packages are upgraded to fix the Yahoo protocols problems after they decided to upgraded their protocols. Lots of IM client running under Linux are affected, so hopefully this two updates on kdenetwork and pidgin can solve the problem.

Here are the updates:

Mon Jun 29 14:44:25 CDT 2009
kde/kdenetwork-4.2.4-i486-2.txz: Rebuilt.
Patched to fix Yahoo! protocol. Thanks to Matt Rogers.

xap/pidgin-2.5.8-i486-1.txz: Upgraded.

Another Pidgin release to fix Yahoo problem and this time, it includes other fixes for other protocols as well. As in Yahoo protocol, the default pager server will now be converted to scsa.msg.yahoo.com by default if the user emptied the field or it's still using the old scs.msg.yahoo.com. This, by default will ease user in migration process.

Refer to the changelog here.

We should wait until the package arrived in -Current which i think won't be long

It seems that Pat really does care about development tools and KDE apps. Today's updates are all about development tools and also KDE apps, which are located under d/ and kde/ directory. Have fun with it

Here's the latest -Current directory:

Mon Jun 29 02:14:32 CDT 2009
d/git-1.6.3.3-i486-1.txz: Upgraded.

d/subversion-1.6.3-i486-1.txz: Upgraded.

kde/amarok-2.1.1-i486-1.txz: Upgraded.

kde/koffice-2.0.1-i486-1.txz: Upgraded.

kdei/koffice-l10n-*-2.0.1-noarch-1.txz: Upgraded to KOffice 2.0.1 l10n packages.

Another security-related package coming up on -Current. As Mozilla Firefox has been released few days ago, it's usually followed by Thunderbird as they share the same engine, so here's the Thunderbird coming. Another package is most, which fixed the doc directory.

Here's the latest -Current changelog:

Sat Jun 27 19:02:36 CDT 2009
ap/most-5.0.0a-i486-2.txz: Fixed doc directory.
Thanks to Ellington Santos.

xap/mozilla-thunderbird-2.0.0.22-i686-1.txz:
Upgraded to thunderbird-2.0.0.22.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html
(* Security fix *)

One security update and three updated packages plus one package on testing has been released today. The security update is Samba and the three updated packages are sendmail (and sendmail-cf), and MPlayer, and the last package under /testing directory is Mesa, which is now upgraded to 7.4.4. Hopefully this updated package will fix many problem users encountering while using older version.

Here's the latest -Current changelog:

Fri Jun 26 22:06:58 CDT 2009
n/samba-3.2.13-i486-1.txz: Upgraded.
This upgrade fixes the following security issues:
o CVE-2009-1888:
In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data value can potentially affect access control when "dos filemode" is set to "yes".
o CVE-2009-1886:
In Samba 3.2.0 to 3.2.12 (inclusive), the smbclient commands dealing with file names treat user input as a format string to asprintf.
With a maliciously crafted file name smbclient can be made to execute code triggered by the server.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1886
(* Security fix *)

n/sendmail-8.14.3-i486-2.txz: Rebuilt.
Fixed missing praliases. Thanks to Mark Post.

n/sendmail-cf-8.14.3-noarch-2.txz: Rebuilt.

xap/MPlayer-r29390-i486-1.txz: Upgraded.

testing/packages/mesa-7.4.4-i486-1.txz: Upgraded.

I am almost there! The new SLAMPP will come soon with the following highlights: Using kernel linux 2.6.28.7, patched with everything needed to work with the latest Linux Live script Based on Zenwalk 6.0 and inherits almost of all its characteristics and tools Getting packages from Zenwalk, native Slackware 12.2, SlackBuilds and Slacky.eu repositories Packages which are not found [...]

One security package has been released today, which was Seamonkey. Remember that Seamonkey package are now divided into two separate packages: Seamonkey and Seamonkey-solibs which contains only the runtime file. It gives you an option to compile application that uses Seamonkey library but you don't want to install the whole Seamonkey package.

Here's the -Current changelog:

Wed Jun 24 19:48:10 CDT 2009
l/seamonkey-solibs-1.1.17-i486-1.txz: Upgraded to seamonkey-1.1.17 shared libraries.

xap/seamonkey-1.1.17-i486-1.txz:
Upgraded to seamonkey-1.1.17.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
(* Security fix *)

More updates are coming in for the next release of Slackware 13.0. Not too much, but it's still an important update for Slackware-Current. Here's the latest -Current changelog:

Mon Jun 22 22:24:01 CDT 2009
a/quota-3.17-i486-1.txz: Upgraded.

a/sharutils-4.7-i486-1.txz: Upgraded.

ap/lm_sensors-3.1.1-i486-1.txz: Upgraded.

ap/mc-20090621_git-i486-1.txz: Upgraded.

ap/most-5.0.0a-i486-1.txz: Upgraded.

l/exiv2-0.18.1-i486-1.txz: Upgraded.

l/slang-2.1.4-i486-1.txz: Upgraded.

extra/aspell-word-lists/aspell-pt_BR-20080707_0-noarch-4.txz: Added.

Just now, i have committed the last file which should be translated on SlackBasics project. This commit marks the end of translation project of SlackBasics in Indonesian language and the next step will be a review on the translations before i publish the zip file containing the HTML (single), HTML (split) and PDF format of the translations.

I hope i can finish this review before July and the final results can be published on July. Please have a look on the translations on SlackBasics project (you must use SVN to checkout the translations).

The last revision has been uploaded to Indonesian Slackware Community Site too.

Enjoy the Indonesian version of SlackBasics

Actually it's not Slackware's bug, but since i used Slackware, it would be great idea to post it here, just in case other people might experienced this too.

I'm using Firefox and FireGPG extension to sign all my mails. The problem was that i always had a wrong signature every time i sign my message. This happened since few months ago when i changed the GnuPG version from gpg 1.x into gpg 2.x. I set the gpg path in FireGPG preference dialog into /usr/bin/gpg2 which is the executable file for GnuPG 2.x. In fact, this is wrong. Today i discovered, that it should be /usr/bin/gpg and we should make a symlink on /usr/bin/gpg to point to /usr/bin/gpg2 and now it is working normally again.

The latest version of FireGPG inspired me to solve this bug because i thought it was FireGPG's bug

Oh yeah, i have changed my digest algorithm to SHA512 instead of staying with SHA1 which is no longer recommended by some people. SHA512 is quite strong for now and for years from now, so i'm using it on my email.

You can get my public key here or here or by looking at public keyserver at PGP Global Directory.

Up to yesterday, only Slackware 32 bits are supported on mirrors listed on Indonesian Slackware Community Site, but today, Ozzie has finally finished syncronizing the Slackware64 repository on the mirrors listed there, so we now have more Slackware64 mirrors besides Kambing and many other local mirrors.

There are three additional mirrors for Slackware64:
HTTP:

• http://mirror.slackware-id.org/pub/slackware64-current/
• http://slackware.linux.or.id/pub/slackware/slackware64-current/
• http://slackware.vip.net.id/pub/slackware64-current/
  

FTP:

• ftp://mirror.slackware-id.org/pub/slackware64-current/
• ftp://slackware.linux.or.id/pub/slackware/slackware64-current/
• ftp://slackware.vip.net.id/pub/slackware64-current/
  

RSYNC:

• rsync://slackware.linux.or.id/slackware64-current
• rsync://mirror.slackware-id.org/slackware64-current
• rsync://slackware.vip.net.id/slackware64-current

Enjoy

As expected, Pidgin 2.5.7 has arrived on -Current changelog. It should fixed the Yahoo login problem for now.

Here's the -Current changelog:

Sun Jun 21 13:23:07 CDT 2009
xap/pidgin-2.5.7-i486-1.txz: Upgraded.
This fixes the Yahoo protocol plugin. Thanks to Willy Sudiarto Raharjo for letting us know about the problem and the new Pidgin release.

New version of Pidgin which brings fixes for Yahoo login problem has been released. I think it will be out in the -Current shortly since i think many users are still using Pidgin for their IM client application (including me).

For those who can't be patient, grab the SlackBuild script and compile by yourself

Two new packages have arrived on /testing directory. It's bash and mesa. Like i said. Newer version of Mesa has just been released yesterday, but it will require more intensive testing, so for now, the current version of mesa being used is still 7.4.1 while 7.4.3 is placed on /testing for a while to make sure that it has been tested by public and then it will be moved to the proper place if it qualifies.

As for BASH, it's still the same. Slackware still actively following the progress of BASH, but the default version hasn't change from the last release. Me myself has been using 3.2.048 and found no problem on my daily usage, but i'm not sure of upgrading to 4.0.024 for now.

Here's the latest -Current changelog:

Sat Jun 20 12:49:02 CDT 2009
testing/packages/bash-4.0.024-i486-1.txz: Upgraded.

testing/packages/mesa-7.4.3-x86_64-1.txz: Upgraded.

update repository slackware current untuk architecture x86_64:

HTTP:

• http://mirror.slackware-id.org/pub/slackware/slackware64-current/
• http://slackware.linux.or.id/pub/slackware/slackware64-current/

FTP:

• ftp://mirror.slackware-id.org/pub/slackware/slackware64-current/
• ftp://slackware.linux.or.id/pub/slackware/slackware64-current/

Rsync:

• rsync://mirror.slackware-id.org/slackware64-current
• rsync://slackware.linux.or.id/slackware64-current

Missing a components make Mesa gets rebuilt. It's the only changes today, so very short on the Changelog. Mesa 7.4.3 has been released today, so we should wait until Pat and the team tested it internally before releasing it to public. The newer version should help fixing the regression found on 7.4.2 which caused Slackware crew decided to downgrade to 7.4.1.

Here's the -Current changelog:

Sat Jun 20 00:10:23 CDT 2009
x/mesa-7.4.1-i486-2.txz: Rebuilt. The software rasterizer was missing again. Thanks to Mark Post for catching the omission.

I have updated the SlackBasics project on Indonesian Slackware Community Site so it is now synced with the ongoing development happened on Google Code.

Why on earth do we have two repositories? The first reason is speed. The Indonesian Slackware Community Site is located in Indonesia, which provides faster speed for local access. The second reason is that the Google Code server is more suitable for development, not for public access (even though it's still possible).

Anyways, i have uploaded the single html, split html, and the PDF version on the site. It's not yet finished, but we are close to that.

Check it out and give your remarks

Two security updates are released today: Ruby and Libpng. There has been a reverted package as well. Mesa is downgraded to 7.4.1 due to regression found on 7.4.2 which was upgraded few days ago. While i don't find this regression on my system, many people have reported this and Pat and the team has decided to switch back to 7.4.1 which has no problem so far. The 7.4.2 version are moved to /testing.

Also, Pat has decided to include the old K3B program in extra in case the newer K3B is not yet stable for daily usage. It's a good choice as K3B isn't quite mature yet with KDE 4.

Here's the latest -Current changelog

Fri Jun 19 18:22:20 CDT 2009
d/ruby-1.8.7_p174-i486-1.txz: Upgraded.
This fixes a denial of service issue caused by the BigDecimal method handling large input values improperly that may allow attackers to crash the interpreter. The issue affects most Rails applications.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1904
(* Security fix *)

l/libpng-1.2.37-i486-1.txz: Upgraded.
This update fixes a possible security issue. Jeff Phillips discovered an uninitialized-memory-read bug affecting interlaced images that may have security implications.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042
(* Security fix *)

x/mesa-7.4.1-i486-1.txz: Upgraded.
Well, actually more like "switched", or "reverted". After many hours trying to track down the reason for reported instability with X and compositing (such as crashes when adjusting advanced desktop settings in KDE), we've found that it seems to happen only with MesaLib 7.4.2. Rather than trying to cherry-pick changes between 7.4.1 and 7.4.2, we've switched to shipping 7.4.1 in the main tree, and have not run into any such problems since making the switch. If people want to continue testing 7.4.2, we've moved it into /testing. Let us know if you run into any problems with 7.4.1 that are fixed with 7.4.2, and we'll take a look at individual diffs.

extra/kde3-compat/k3b3-1.0.5-i486-opt1.txz: Added.
In case the KDE4 version of k3b is not stable, this KDE3 version may be used along with the KDE3 compatibility packages in extra/kde3-compat/.

testing/packages/mesa-7.4.2-i486-2.txz: Moved to /testing due to apparent regressions.