Slackwarearm-current ChangeLog (2022-01-01)
Sat Jan 1 20:10:44 GMT 2022
Happy new year! Feliz anio!
The Slackware Installer has been migrated to use labels by default (see below
for more information). I've tested it extensively, but please provide any bug
reports as usual on the LQ forum.
N.B. this only affects new installations - no changes are required for existing
OS installations.
Stuart <mozes@slackware>
The mini root filesystem has been updated:
ftp://ftp.arm.slackware.com/slackwarearm/slackwarearm-devtools/minirootfs/
Packages
Rebuilt
- a/f2fs-tools-1.14.0-arm-3.txz
Added /usr/sbin/f2fs_label to label f2fs file systems.
Thanks to Thomas Rohloff. - a/sysvinit-scripts-15.0-noarch-7.txz
Set ttyS1 as the serial console for all Raspberry Pi Hardware Models. - ap/cups-filters-1.28.10-arm-2.txz
Recompiled against poppler-21.12.0. - kde/ark-21.12.0-arm-2.txz
Applied upstream patches:
[PATCH] Fix extraction “Dolphin Actions” not abiding “Open destination
folder after extracting” setting.
[PATCH] Do not highlight file after compression.
Thanks to ctrlaltca. - kde/breeze-icons-5.89.0-noarch-2.txz
Applied upstream patches:
[PATCH] improve installation of light fallback icons
[PATCH] Include “*@*” in the icon_files list for installation
Thanks to Heinz Wiesinger. - kde/calligra-3.2.1-arm-17.txz
Recompiled against poppler-21.12.0. - kde/cantor-21.12.0-arm-2.txz
Recompiled against poppler-21.12.0. - kde/digikam-7.4.0-arm-2.txz
Recompiled against opencv-4.5.5. - kde/kfilemetadata-5.89.0-arm-2.txz
Recompiled against poppler-21.12.0. - kde/kile-2.9.93-arm-16.txz
Recompiled against poppler-21.12.0. - kde/kitinerary-21.12.0-arm-2.txz
Recompiled against poppler-21.12.0. - kde/krita-5.0.0-arm-2.txz
Recompiled against poppler-21.12.0. - kde/okular-21.12.0-arm-2.txz
Recompiled against poppler-21.12.0. - l/gegl-0.4.34-arm-2.txz
Recompiled against poppler-21.12.0. - l/gst-plugins-bad-free-1.18.5-arm-3.txz
Recompiled against opencv-4.5.5. - n/wpa_supplicant-2.9-arm-7.txz
This update fixes the following security issues:
AP mode PMF disconnection protection bypass.
UPnP SUBSCRIBE misbehavior in hostapd WPS AP.
P2P group information processing vulnerability.
P2P provision discovery processing vulnerability.
ASN.1: Validate DigestAlgorithmIdentifier parameters.
Flush pending control interface message for an interface to be removed.
These issues could result in a denial-of-service, privilege escalation,
arbitrary code execution, or other unexpected behavior.
Thanks to nobodino for pointing out the patches.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0326
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0535
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12695
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16275
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27803
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30004
(* Security fix *) - x/xorg-server-1.20.14-arm-2.txz
Recompiled using these options:
–enable-suid-wrapper –enable-install-setuid –disable-systemd-logind. - x/xorg-server-xephyr-1.20.14-arm-2.txz
- x/xorg-server-xnest-1.20.14-arm-2.txz
- x/xorg-server-xvfb-1.20.14-arm-2.txz
- xap/geeqie-1.6-arm-3.txz
Recompiled against poppler-21.12.0. - xap/gimp-2.10.30-arm-2.txz
Recompiled against poppler-21.12.0. - xfce/tumbler-4.16.0-arm-3.txz
Recompiled against poppler-21.12.0. - isolinux/*
Added support for configuring the root file system and swap using labels
rather than direct references to the block devices.
The rationale behind this is that on x86 the root file system is
typically on a storage bus (SCSI, SATA, ATA), where the physical
configuration (which port the storage is connected to) of the storage rarely
changes. This can be the case on ARM, but it's generally to a lesser extent
and the root file system may be connected to a hot-plug bus such as USB.
This lends itself to the risk of device re-ordering across boot cycles, causing
boot failure.
Note: presently only Swap and the root file system are automatically labeled.
I may add support for labeling other mounted file systems in the future.
Disk labeling for the root file system can be disabled prior to installation
through a feature flag:
$ touch /.no-labeling
The labeling of Swap partitions doesn't presently honour the feature flag.
OS configuration:
/etc/fstab: Configure to use labels rather than directly referencing
the block device name.
/boot/extlinux/extlinux.conf: Configure to use labels.
(Slackware AArch64 only)
Upgraded
- a/kernel-modules-armv7-5.15.12_armv7-arm-1.txz
- a/kernel_armv7-5.15.12-arm-1.txz
Added support for post installation helper scripts within
/boot/platform/arm/helper/
The helpers are named 'pkg-kernel-<hardware model name>'. By way of an
example, the helper for the Raspberry Pi Hardware Models is named
(on Slackware AArch64):
/boot/platform/aarch64/helper/pkg-kernel-rpi
This helper installs the new Kernel, initrd and DTBs onto the Hardware Model
Bootware file system to support seamless Kernel upgrades when using the
RPi native Boot Loader.
/boot/initrd-armv7/[await_device]:
Support awaiting a labeled root file system.
/boot/initrd/[load_kernel_modules.scr/platform/aarch64/bcm2711]:
AArch64: Raspberry Pi 4 - Initialise DS1307 RTC if present on the GPIO. - ap/qpdf-10.5.0-arm-1.txz
- ap/vim-8.2.3868-arm-1.txz
- d/kernel-headers-5.15.12-arm-1.txz
- d/parallel-20211222-noarch-1.txz
- k/kernel-source-5.15.12-arm-1.txz
- l/gtk+3-3.24.31-arm-1.txz
- l/imagemagick-7.1.0_19-arm-1.txz
- l/libgsf-1.14.48-arm-1.txz
- l/mlt-7.4.0-arm-1.txz
- l/netpbm-10.97.00-arm-1.txz
- l/opencv-4.5.5-arm-1.txz
Shared library .so-version bump. - l/poppler-21.12.0-arm-1.txz
Shared library .so-version bump. - l/zstd-1.5.1-arm-1.txz
- n/fetchmail-6.4.26-arm-1.txz
- n/net-snmp-5.9.1-arm-1.txz
Moved options for snmpd from rc.snmpd to /etc/default/snmpd.
Thanks to Jakub 'shasta' Jankowski. - n/stunnel-5.61-arm-1.txz
- n/tin-2.6.1-arm-1.txz
- x/ibus-anthy-1.5.14-arm-1.txz
- xap/pan-0.149-arm-1.txz
- xap/vim-gvim-8.2.3868-arm-1.txz
- kernels/*
Added
- extra/php80/php80-8.0.14-arm-1.txz
Giuseppe Di Terlizzi