blender-3.0.1-x86_64-1_ap.txz: Upgraded.
a/dracut-111-x86_64-1.txz: Upgraded.
a/elogind-255.23-x86_64-1.txz: Upgraded.
a/haveged-1.9.20-x86_64-1.txz: Upgraded.
a/kernel-firmware-20260429_56a13f9-noarch-1.txz: Upgraded.
a/kernel-generic-6.18.26-x86_64-1.txz: Upgraded.
This update fixes a critical security issue:
An out-of-bounds write in the userspace interface for AEAD cipher algorithms
may be leveraged to get a root shell through a setuid binary. While the
proof of concepts for this have so far targeted different program versions
than Slackware uses, there's nothing preventing anyone from targeting one
a setuid binary that we use.
Mitigation: If for some reason it's not possible to upgrade the kernel right
away, since we use CONFIG_CRYPTO_USER_API_AEAD=m you may blacklist or remove
the algif_aead.ko kernel module to prevent the exploit.
For more information, see:
https://copy.fail/
https://www.cve.org/CVERecord?id=CVE-2026-31431
(* Security fix *)
ap/joe-4.8-x86_64-1.txz: Upgraded.
ap/lxc-7.0.0-x86_64-1.txz: Upgraded.
ap/vim-9.2.0433-x86_64-1.txz: Upgraded.
d/doxygen-1.17.0-x86_64-1.txz: Upgraded.
d/kernel-headers-6.18.26-x86-1.txz: Upgraded.
k/kernel-source-6.18.26-noarch-1.txz: Upgraded.
kde/xsimd-14.2.0-noarch-1.txz: Upgraded.
l/SDL2_image-2.8.12-x86_64-1.txz: Upgraded.
l/SDL3-3.4.8-x86_64-1.txz: Upgraded.
l/at-spi2-core-2.60.3-x86_64-1.txz: Upgraded.
l/cfitsio-4.6.4-x86_64-1.txz: Upgraded.
l/enchant-2.8.16-x86_64-1.txz: Upgraded.
l/glib2-2.88.1-x86_64-1.txz: Upgraded.
l/gtk4-4.22.4-x86_64-1.txz: Upgraded.
l/libgsf-1.14.58-x86_64-1.txz: Upgraded.
l/openexr-3.4.11-x86_64-1.txz: Upgraded.
Patch release that addresses the following security vulnerabilities:
Shift exponent overflow in readVariableLengthInteger().
Out-of-bounds read in IDManifest::init() during prefix expansion.
Integer overflow in ImageChannel::resize leads to heap OOB write via
OpenEXRUtil public API.
Heap-buffer-overflow in DwaCompressor_uncompress.
Null-dereference READ in Imf_3_3::prefixFromLayerName.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-42217
https://www.cve.org/CVERecord?id=CVE-2026-42216
https://www.cve.org/CVERecord?id=CVE-2026-41142
(* Security fix *)
l/python-build-1.5.0-x86_64-1.txz: Upgraded.
l/qtkeychain-0.16.0-x86_64-1.txz: Upgraded.
l/spirv-llvm-translator-22.1.2-x86_64-1.txz: Upgraded.
n/curl-8.20.0-x86_64-1.txz: Upgraded.
n/dhcpcd-10.3.2-x86_64-1.txz: Upgraded.
n/gnutls-3.8.13-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Add more checks to DTLS reassembly. Previously, gnutls didn't check that
DTLS fragments claimed a consistent message_length value. Additionally,
a crucial array size check was missing, enabling an attacker to cause a
heap overwrite. Reject fragments with mismatching length and add a missing
boundary check. Independently reported by Haruto Kimura (Stella), Oscar
Reparaz and Zou Dikai.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-33846
(* Security fix *)
n/openvpn-2.7.4-x86_64-1.txz: Upgraded.
n/postfix-3.11.2-x86_64-1.txz: Upgraded.
x/ibus-1.5.34-x86_64-1.txz: Upgraded.
x/mesa-26.0.6-x86_64-1.txz: Upgraded.
x/noto-fonts-ttf-2026.05.01-noarch-1.txz: Upgraded.
x/xterm-410-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-140.10.1esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/140.10.1esr/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-39/
https://www.cve.org/CVERecord?id=CVE-2026-7320
https://www.cve.org/CVERecord?id=CVE-2026-7321
https://www.cve.org/CVERecord?id=CVE-2026-7322
https://www.cve.org/CVERecord?id=CVE-2026-7323
(* Security fix *)
xap/vim-gvim-9.2.0433-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/linux-7.0.x/kernel-generic-7.0.3-x86_64-1.txz: Upgraded.
This update fixes a critical security issue:
An out-of-bounds write in the userspace interface for AEAD cipher algorithms
may be leveraged to get a root shell through a setuid binary. While the
proof of concepts for this have so far targeted different program versions
than Slackware uses, there's nothing preventing anyone from targeting one
a setuid binary that we use.
Mitigation: If for some reason it's not possible to upgrade the kernel right
away, since we use CONFIG_CRYPTO_USER_API_AEAD=m you may blacklist or remove
the algif_aead.ko kernel module to prevent the exploit.
For more information, see:
https://copy.fail/
https://www.cve.org/CVERecord?id=CVE-2026-31431
(* Security fix *)
testing/packages/linux-7.0.x/kernel-headers-7.0.3-x86-1.txz: Upgraded.
testing/packages/linux-7.0.x/kernel-source-7.0.3-noarch-1.txz: Upgraded.
testing/packages/mesa-26.1.0_rc3-x86_64-1.txz: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/lvm2-2.03.40-x86_64-1.txz: Upgraded.
ap/htop-3.5.1-x86_64-1.txz: Upgraded.
l/mozjs140-140.10.1esr-x86_64-1.txz: Upgraded.
l/python-trove-classifiers-2026.4.28.13-x86_64-1.txz: Upgraded.
n/ethtool-7.0-x86_64-1.txz: Upgraded.
n/rsync-3.4.2-x86_64-1.txz: Upgraded.
x/ibus-table-1.17.18-x86_64-1.txz: Upgraded.
x/libdrm-2.4.133-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-140.10.1esr-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/140.10.1/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2026-36
https://www.cve.org/CVERecord?id=CVE-2026-7320
https://www.cve.org/CVERecord?id=CVE-2026-7321
https://www.cve.org/CVERecord?id=CVE-2026-7322
https://www.cve.org/CVERecord?id=CVE-2026-7323
(* Security fix *)
ap/cups-2.4.19-x86_64-1.txz: Upgraded.
Fixed a regression in shared printing from non-local accounts (Issue #1557).
n/openvpn-2.7.3-x86_64-1.txz: Upgraded.
n/proftpd-1.3.9a-x86_64-1.txz: Upgraded.
Fix for an SQL injection that may lead to authentication bypass, privilege
escalation, and arbitrary code execution. Slackware does not build mol_sql,
but this may be an important upgrade for those rebuilding proftpd in order
to add this module.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-42167
(* Security fix *)
x/xorg-server-xwayland-24.1.11-x86_64-1.txz: Upgraded.
a/hwm-bw-raspberrypi-2026.04.30-aarch64-1.txz: Upgraded.
Upgraded to RPi EEPROM firmware version: 2026.04.30
Upgraded to RPi boot firmware version..: 2026.04.21
To update the firmware on your RPi's EEPROM, as root:
$ rpi-eeprom-update -d
This will report if there's newer firmware available.
To update the firmware:
$ rpi-eeprom-update -da
If the firmware was successfully updated, reboot:
$ reboot
Note: On the Raspberry Pi 4, you may need to power cycle the machine in order
for the update to apply.
a/aaa_libraries-15.1-aarch64-48.txz: Rebuilt.
Upgraded: libcap.so.2.78, libelf-0.195.so, libgpg-error.so.0.42.0,
liblzma.so.5.8.3, libexpat.so.1.12.0, libglib-2.0.so.0.8800.0,
libgmodule-2.0.so.0.8800.0, libgobject-2.0.so.0.8800.0,
libgthread-2.0.so.0.8800.0, libpng16.so.16.58.0.
Added (temporarily): libboost_*.so.1.90.0.
a/kernel_armv8-6.18.25-aarch64-1.txz: Upgraded.
a/libblockdev-3.5.0-aarch64-1.txz: Upgraded.
ap/cups-2.4.19-aarch64-1.txz: Upgraded.
Fixed a regression in shared printing from non-local accounts (Issue #1557).
ap/mpg123-1.33.5-aarch64-1.txz: Upgraded.
mpg123: Fix generic control mode for largefile-sensitive builds, where 32 bit
off_t was used with mpg123 API calls expecting 64 bit off_t.
I am appalled that it took a user on 32 bit ARM and a specific https stream
to notice this (bug 385, regression since 1.32.0).
The security impact of this could be serious, with memory corruption
including segfault being observed.
mpg123-id3dump, out123: Enable 64 bit offset usage on largefile-sensitive
platforms (regression since 1.32.0).
(* Security fix *)
d/ccache-4.13.5-aarch64-1.txz: Upgraded.
d/kernel-headers-6.18.25-aarch64-1.txz: Upgraded.
d/python-pip-26.1-aarch64-1.txz: Upgraded.
d/strace-7.0-aarch64-1.txz: Upgraded.
d/universal-ctags-6.2.1-aarch64-1.txz: Upgraded.
k/kernel-source-6.18.25-aarch64-1.txz: Upgraded.
kde/kig-23.08.5-aarch64-12.txz: Rebuilt.
Recompiled against boost-1.91.0.
kde/kopeninghours-23.08.5-aarch64-12.txz: Rebuilt.
Recompiled against boost-1.91.0.
kde/libindi-2.2.1.1-aarch64-1.txz: Upgraded.
l/Imath-3.2.2-aarch64-3.txz: Rebuilt.
Recompiled against boost-1.91.0.
l/at-spi2-core-2.60.2-aarch64-1.txz: Upgraded.
l/boost-1.91.0-aarch64-1.txz: Upgraded.
Shared library .so-version bump.
l/cryfs-0.10.3-aarch64-18.txz: Rebuilt.
Recompiled against boost-1.91.0.
l/expat-2.8.0-aarch64-1.txz: Upgraded.
l/lcms2-2.19-aarch64-1.txz: Upgraded.
l/mozilla-nss-3.123.1-aarch64-1.txz: Upgraded.
l/python-build-1.4.4-aarch64-1.txz: Upgraded.
l/python-packaging-26.2-aarch64-1.txz: Upgraded.
l/python-pathspec-1.1.1-aarch64-1.txz: Upgraded.
n/gnupg2-2.5.19-aarch64-1.txz: Upgraded.
n/libgpg-error-1.60-aarch64-1.txz: Upgraded.
n/mutt-2.3.2-aarch64-1.txz: Upgraded.
n/openvpn-2.7.3-aarch64-1.txz: Upgraded.
n/proftpd-1.3.9a-aarch64-1.txz: Upgraded.
Fix for an SQL injection that may lead to authentication bypass, privilege
escalation, and arbitrary code execution. Slackware does not build mol_sql,
but this may be an important upgrade for those rebuilding proftpd in order
to add this module.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-42167
(* Security fix *)
n/wireless-regdb-2026.03.18-aarch64-1.txz: Upgraded.
x/editres-1.1.1-aarch64-1.txz: Upgraded.
x/font-util-1.4.2-aarch64-1.txz: Upgraded.
x/xbitmaps-1.1.4-aarch64-1.txz: Upgraded.
x/xorg-server-xwayland-24.1.11-aarch64-1.txz: Upgraded.
x/xrandr-1.5.4-aarch64-1.txz: Upgraded.
installer/*: Rebuilt.
kernels/*: Upgraded.
a/kernel_armv8-6.18.24-aarch64-1.txz: Upgraded.
Kernel configuration changes:
+CONFIG_ZSWAP=y
+CONFIG_ZSWAP_SHRINKER_DEFAULT_ON=y
+CONFIG_ZSWAP_COMPRESSOR_DEFAULT_LZO=y
Thanks to SCerovec for the suggestion.
d/kernel-headers-6.18.24-aarch64-1.txz: Upgraded.
k/kernel-source-6.18.24-aarch64-1.txz: Upgraded.
installer/*: Rebuilt.
/usr/share/hwm-configure/platform/aarch64/installer/assets/bootloader/rpi/
Moved these template files from the RPi Slackware Installer image's fat
bootware partition into the Installer. This is the first step towards being
able to decouple the SD card from the Slackware OS on the RPi:
config.txt
slk_config.txt
slkos.cmdline.txt
/hwm-configure/platform/aarch64/installer/helper.scr/002-rpi_bl-configure:
Install boot loader template files contained within the Installer file
system.
kernels/*: Upgraded.
patches/packages/gnutls-3.8.13-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
Add more checks to DTLS reassembly. Previously, gnutls didn't check that
DTLS fragments claimed a consistent message_length value. Additionally,
a crucial array size check was missing, enabling an attacker to cause a
heap overwrite. Reject fragments with mismatching length and add a missing
boundary check. Independently reported by Haruto Kimura (Stella), Oscar
Reparaz and Zou Dikai.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-33846
(* Security fix *)
patches/packages/linux-5.15.204/kernel-generic-5.15.204-x86_64-1.txz: Upgraded.
This update fixes a critical security issue:
An out-of-bounds write in the userspace interface for AEAD cipher algorithms
may be leveraged to get a root shell through a setuid binary. While the
proof of concepts for this have so far targeted different program versions
than Slackware uses, there's nothing preventing anyone from targeting one
a setuid binary that we use.
Mitigation: If for some reason it's not possible to upgrade the kernel right
away, since we use CONFIG_CRYPTO_USER_API_AEAD=m you may blacklist or remove
the algif_aead.ko kernel module to prevent the exploit.
For more information, see:
https://copy.fail/
https://www.cve.org/CVERecord?id=CVE-2026-31431
(* Security fix *)
patches/packages/linux-5.15.204/kernel-headers-5.15.204-x86-1.txz: Upgraded.
patches/packages/linux-5.15.204/kernel-huge-5.15.204-x86_64-1.txz: Upgraded.
This update fixes a critical security issue:
An out-of-bounds write in the userspace interface for AEAD cipher algorithms
may be leveraged to get a root shell through a setuid binary. While the
proof of concepts for this have so far targeted different program versions
than Slackware uses, there's nothing preventing anyone from targeting one
a setuid binary that we use.
Mitigation: If for some reason it's not possible to upgrade the kernel right
away, since we use CONFIG_CRYPTO_USER_API_AEAD=m you may blacklist or remove
the algif_aead.ko kernel module to prevent the exploit.
For more information, see:
https://copy.fail/
https://www.cve.org/CVERecord?id=CVE-2026-31431
(* Security fix *)
patches/packages/linux-5.15.204/kernel-modules-5.15.204-x86_64-1.txz: Upgraded.
This update fixes a critical security issue:
An out-of-bounds write in the userspace interface for AEAD cipher algorithms
may be leveraged to get a root shell through a setuid binary. While the
proof of concepts for this have so far targeted different program versions
than Slackware uses, there's nothing preventing anyone from targeting one
a setuid binary that we use.
Mitigation: If for some reason it's not possible to upgrade the kernel right
away, since we use CONFIG_CRYPTO_USER_API_AEAD=m you may blacklist or remove
the algif_aead.ko kernel module to prevent the exploit.
For more information, see:
https://copy.fail/
https://www.cve.org/CVERecord?id=CVE-2026-31431
(* Security fix *)
patches/packages/linux-5.15.204/kernel-source-5.15.204-noarch-1.txz: Upgraded.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
patches/packages/mozilla-thunderbird-140.10.1esr-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/140.10.1esr/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-39/
https://www.cve.org/CVERecord?id=CVE-2026-7320
https://www.cve.org/CVERecord?id=CVE-2026-7321
https://www.cve.org/CVERecord?id=CVE-2026-7322
https://www.cve.org/CVERecord?id=CVE-2026-7323
(* Security fix *)
patches/packages/mozilla-firefox-140.10.1esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/140.10.1/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2026-36
https://www.cve.org/CVERecord?id=CVE-2026-7320
https://www.cve.org/CVERecord?id=CVE-2026-7321
https://www.cve.org/CVERecord?id=CVE-2026-7322
https://www.cve.org/CVERecord?id=CVE-2026-7323
(* Security fix *)
patches/packages/cups-2.4.19-x86_64-1_slack15.0.txz: Upgraded.
Fixed a regression in shared printing from non-local accounts (Issue #1557).
patches/packages/proftpd-1.3.9a-x86_64-1_slack15.0.txz: Upgraded.
Fix for an SQL injection that may lead to authentication bypass, privilege
escalation, and arbitrary code execution. Slackware does not build mol_sql,
but this may be an important upgrade for those rebuilding proftpd in order
to add this module.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-42167
(* Security fix *)
patches/packages/cups-2.4.19-arm-1_slack15.0.txz: Upgraded.
Fixed a regression in shared printing from non-local accounts (Issue #1557).
patches/packages/mpg123-1.33.5-arm-1_slack15.0.txz: Upgraded.
mpg123: Fix generic control mode for largefile-sensitive builds, where 32 bit
off_t was used with mpg123 API calls expecting 64 bit off_t.
I am appalled that it took a user on 32 bit ARM and a specific https stream
to notice this (bug 385, regression since 1.32.0).
The security impact of this could be serious, with memory corruption
including segfault being observed.
mpg123-id3dump, out123: Enable 64 bit offset usage on largefile-sensitive
platforms (regression since 1.32.0).
(* Security fix *)
patches/packages/proftpd-1.3.9a-arm-1_slack15.0.txz: Upgraded.
Fix for an SQL injection that may lead to authentication bypass, privilege
escalation, and arbitrary code execution. Slackware does not build mol_sql,
but this may be an important upgrade for those rebuilding proftpd in order
to add this module.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-42167
(* Security fix *)
patches/packages/ca-certificates-20260413-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
patches/packages/cups-2.4.18-arm-1_slack15.0.txz: Upgraded.
Fixed cupsd crash if user does not exist (Issue #1555).
patches/packages/linux-5.15.203/*: Upgraded.
Dropped all of the AArch64 patches.
patches/packages/libXpm-3.5.19-arm-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
Out-of-bounds read in xpmNextWord().
For more information, see:
https://lists.x.org/archives/xorg-devel/2026-April/059452.html
https://www.cve.org/CVERecord?id=CVE-2026-4367
(* Security fix *)
24/02/2022: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware
15/12/2015: Aggiornato HowTo automatizzare la compilazione del kernel
15/12/2015: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware current
24/11/2015: Aggiornato HowTo automatizzare la compilazione del kernel
22/11/2015: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware current
07/11/2015: Aggiornato HowTo automatizzare la compilazione del kernel
05/11/2015: Nuovo HowTo Automatizzare l'aggiornamento di Slackware current
30/10/2015: Aggiornato HowTo Automatizzare la prima configurazione di Slackware
26/05/2015: Aggiornato HowTo mini Slackware su pendrive
07/05/2015: Aggiornato HowTo automatizzare la compilazione del kernel
13/04/2015: Aggiornato HowTo automatizzare la compilazione del kernel
02/04/2015: Aggiornato HowTo automatizzare la compilazione del kernel
Questo script provvede ad aggiornare Slackware o Slackware64 all'ultima current in maniera del tutto autonoma, dalla ricerca di aggiornamenti all'aggiornamento del bootloader.
Scarica la lista dei pacchetti e la confronta con quelli installati, dopodiché controlla se i nuovi pacchetti sono presenti in un eventuale DVD già montato altrimenti li scarica da internet.
Lo script può gestire anche un sistema multilib, infatti se...
Uno script da eseguire al primo avvio di Slackware.
Mi capita spesso di fare nuove installazioni di Slackware e di ripetere sempre le stesse operazioni atte ad una prima configurazione di base, come ad esempio l'italianizzazione o l'impostazione della corretta risoluzione framebuffer.
Per cui ho deciso di raggruppare tutte queste operazioni di base, che possono...
Ecco che la bash ci viene in aiuto anche per realizzare un semplice sistema di video sorveglianza molto economico.
Questo script scatta una foto dalla webcam impostata nella variabile DEV con mplayer, ne fa una copia con la data corrente come nome del file per conservare una copia di tutte le foto scattate e per sapere a prima vista a quando risalgono. Dopodiché carica entrambe le copie della foto sul server ftp...
Spesso i produttori di hardware ottengono costi di produzione più bassi utilizzando componenti con capacità superiori in dispositivi non progettati per sfruttarle piuttosto che utilizzando componenti su misura, questo è anche il caso del mio mouse Logitech RX1000.
Aprendo il mouse e guardando le piste stampate sul retro della scheda si nota che il controller ha un pin inutilizzato, quindi leggendo il codice (CY7C63813) sul chip e trovandone il...
Compilare il kernel Linux non è certamente cosa difficile, ma chi è alle prime armi spesso è spaventato da questa procedura e anche per chi è pratico a volte diventa scocciante aggiornare ad ogni release.
Dunque ho scritto questo script bash che automatizza la procedura: rileva quanti core ha il proprio processore per decidere in quanti processi paralleli eseguire la compilazione in modo da ottimizzarne i tempi, poi controlla se la versione scelta...
Condividi sui tuoi social preferiti!
Telegram Facebook Linkedin Twitter Pinterest