blender-3.0.1-x86_64-1_ap.txz: Upgraded.
a/intel-microcode-20260512-noarch-1.txz: Upgraded.
l/libedit-20260512_3.1-x86_64-1.txz: Upgraded.
l/pipewire-1.6.5-x86_64-1.txz: Upgraded.
l/python-idna-3.15-x86_64-1.txz: Upgraded.
n/gnupg2-2.5.20-x86_64-1.txz: Upgraded.
y/bsd-games-2.17-x86_64-8.txz: Rebuilt.
Patched to fix 'countmail'. Thanks to andygoth.
a/elogind-255.25-x86_64-1.txz: Upgraded.
ap/xfsdump-3.3.0-x86_64-1.txz: Upgraded.
d/ruby-4.0.4-x86_64-1.txz: Upgraded.
l/gst-plugins-bad-free-1.28.3-x86_64-1.txz: Upgraded.
l/gst-plugins-base-1.28.3-x86_64-1.txz: Upgraded.
l/gst-plugins-good-1.28.3-x86_64-1.txz: Upgraded.
l/gst-plugins-libav-1.28.3-x86_64-1.txz: Upgraded.
l/gstreamer-1.28.3-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.2_22-x86_64-1.txz: Upgraded.
l/openal-soft-1.25.2-x86_64-1.txz: Upgraded.
n/samba-4.24.2-x86_64-1.txz: Upgraded.
x/ibus-m17n-1.4.39-x86_64-1.txz: Upgraded.
x/ibus-table-1.17.19-x86_64-1.txz: Upgraded.
y/bsd-games-2.17-x86_64-7.txz: Rebuilt.
Apply a few patches from the Debian repo.
Thanks to GazL.
a/bcachefs-tools-1.38.3-x86_64-1.txz: Upgraded.
a/kernel-generic-6.18.29-x86_64-1.txz: Upgraded.
This update fixes a security issue:
rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present.
This fixes the second "Dirty Frag" vulnerability.
Mitigation: If for some reason it's not possible to upgrade the kernel right
away you may blacklist or remove the kernel module rxrpc.ko (CVE-2026-43500).
Also remove the module from the kernel if it has been loaded:
rmmod rxrpc
And, drop the file caches in case in-memory program copies have already
been compromised. Make sure possibly affected programs do not have any
open sessions first:
sh -c "echo 3 > /proc/sys/vm/drop_caches"
For more information, see:
https://github.com/V4bel/dirtyfrag
https://www.cve.org/CVERecord?id=CVE-2026-43500
(* Security fix *)
ap/vim-9.2.0475-x86_64-1.txz: Upgraded.
d/kernel-headers-6.18.29-x86-1.txz: Upgraded.
k/kernel-source-6.18.29-noarch-1.txz: Upgraded.
kde/wcslib-8.7-x86_64-1.txz: Upgraded.
l/SDL2_mixer-2.8.2-x86_64-1.txz: Upgraded.
l/expat-2.8.1-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Fix quadratic runtime from attribute name collision checks that allowed
denial of service attacks through moderately sized crafted XML input
(CWE-407). Please note that a layer of compression around XML can
significantly reduce the minimum attack payload size.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-45186
(* Security fix *)
l/python-idna-3.14-x86_64-1.txz: Upgraded.
l/python-installer-1.0.1-x86_64-1.txz: Upgraded.
l/python-requests-2.34.0-x86_64-1.txz: Upgraded.
xap/vim-gvim-9.2.0475-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/linux-7.0.x/kernel-generic-7.0.6-x86_64-1.txz: Upgraded.
This update fixes a security issue:
rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present.
This fixes the second "Dirty Frag" vulnerability.
Mitigation: If for some reason it's not possible to upgrade the kernel right
away you may blacklist or remove the kernel module rxrpc.ko (CVE-2026-43500).
Also remove the module from the kernel if it has been loaded:
rmmod rxrpc
And, drop the file caches in case in-memory program copies have already
been compromised. Make sure possibly affected programs do not have any
open sessions first:
sh -c "echo 3 > /proc/sys/vm/drop_caches"
For more information, see:
https://github.com/V4bel/dirtyfrag
https://www.cve.org/CVERecord?id=CVE-2026-43500
(* Security fix *)
testing/packages/linux-7.0.x/kernel-headers-7.0.6-x86-1.txz: Upgraded.
testing/packages/linux-7.0.x/kernel-source-7.0.6-noarch-1.txz: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/elogind-255.25-aarch64-1.txz: Upgraded.
ap/xfsdump-3.3.0-aarch64-1.txz: Upgraded.
d/ruby-4.0.4-aarch64-1.txz: Upgraded.
l/gst-plugins-bad-free-1.28.3-aarch64-1.txz: Upgraded.
l/gst-plugins-base-1.28.3-aarch64-1.txz: Upgraded.
l/gst-plugins-good-1.28.3-aarch64-1.txz: Upgraded.
l/gst-plugins-libav-1.28.3-aarch64-1.txz: Upgraded.
l/gstreamer-1.28.3-aarch64-1.txz: Upgraded.
l/imagemagick-7.1.2_22-aarch64-1.txz: Upgraded.
l/openal-soft-1.25.2-aarch64-1.txz: Upgraded.
n/samba-4.24.2-aarch64-1.txz: Upgraded.
x/ibus-m17n-1.4.39-aarch64-1.txz: Upgraded.
x/ibus-table-1.17.19-aarch64-1.txz: Upgraded.
y/bsd-games-2.17-aarch64-8.txz: Rebuilt.
Apply a few patches from the Debian repo.
Thanks to GazL.
a/bcachefs-tools-1.38.3-aarch64-1.txz: Upgraded.
a/btrfs-progs-7.0-aarch64-1.txz: Upgraded.
a/elogind-255.24-aarch64-1.txz: Upgraded.
a/kernel_armv8-6.18.29-aarch64-1.txz: Upgraded.
This update fixes a security issue:
rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present.
This fixes the second "Dirty Frag" vulnerability.
Mitigation: If for some reason it's not possible to upgrade the kernel right
away you may blacklist or remove the kernel module rxrpc.ko (CVE-2026-43500).
Also remove the module from the kernel if it has been loaded:
rmmod rxrpc
And, drop the file caches in case in-memory program copies have already
been compromised. Make sure possibly affected programs do not have any
open sessions first:
sh -c "echo 3 > /proc/sys/vm/drop_caches"
For more information, see:
https://github.com/V4bel/dirtyfrag
https://www.cve.org/CVERecord?id=CVE-2026-43500
(* Security fix *)
ap/vim-9.2.0475-aarch64-1.txz: Upgraded.
d/gdb-17.2-aarch64-1.txz: Upgraded.
d/kernel-headers-6.18.29-aarch64-1.txz: Upgraded.
k/kernel-source-6.18.29-aarch64-1.txz: Upgraded.
kde/wcslib-8.7-aarch64-1.txz: Upgraded.
l/SDL2_mixer-2.8.2-aarch64-1.txz: Upgraded.
l/expat-2.8.1-aarch64-1.txz: Upgraded.
This update fixes a security issue:
Fix quadratic runtime from attribute name collision checks that allowed
denial of service attacks through moderately sized crafted XML input
(CWE-407). Please note that a layer of compression around XML can
significantly reduce the minimum attack payload size.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-45186
(* Security fix *)
l/libedit-20260508_3.1-aarch64-1.txz: Upgraded.
l/openjph-0.27.2-aarch64-1.txz: Upgraded.
l/pygobject3-3.56.3-aarch64-1.txz: Upgraded.
l/python-idna-3.14-aarch64-1.txz: Upgraded.
l/python-installer-1.0.1-aarch64-1.txz: Upgraded.
l/python-requests-2.34.0-aarch64-1.txz: Upgraded.
x/OpenCC-1.3.1-aarch64-1.txz: Upgraded.
xap/vim-gvim-9.2.0475-aarch64-1.txz: Upgraded.
installer/*: Rebuilt.
Added console font 'ter-932b.psf.gz' for systems with a 4K framebuffer display.
/root/.profile: Moved font selection into /etc/rc.d/rc.font. I'm not sure why I
put it in here in the first place - probably to avoid patching.
/etc/rc.d/rc.font: Automatically select font based on the framebuffer's screen
resolution.
kernels/*: Upgraded.
a/dbus-1.16.2-aarch64-3.txz: Rebuilt.
d/google-go-lang-1.26.3-aarch64-1.txz: Upgraded.
l/pycurl-7.46.0-aarch64-1.txz: Upgraded.
l/python-trove-classifiers-2026.5.7.17-aarch64-1.txz: Upgraded.
n/fetchmail-6.6.4-aarch64-1.txz: Upgraded.
xap/mozilla-thunderbird-140.10.2esr-aarch64-1.txz: Upgraded.
y/nethack-5.0.0-aarch64-3.txz: Rebuilt.
Another fix for the HACK= sed substitution. Should be good now! :-)
Thanks to zapwai.
patches/packages/expat-2.7.5-x86_64-2_slack15.0.txz: Rebuilt.
This update fixes a security issue:
Fix quadratic runtime from attribute name collision checks that allowed
denial of service attacks through moderately sized crafted XML input
(CWE-407). Please note that a layer of compression around XML can
significantly reduce the minimum attack payload size.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-45186
(* Security fix *)
patches/packages/linux-5.15.206/kernel-generic-5.15.206-x86_64-1.txz: Upgraded.
patches/packages/linux-5.15.206/kernel-headers-5.15.206-x86-1.txz: Upgraded.
patches/packages/linux-5.15.206/kernel-huge-5.15.206-x86_64-1.txz: Upgraded.
patches/packages/linux-5.15.206/kernel-modules-5.15.206-x86_64-1.txz: Upgraded.
This update fixes a regression in Linux 5.15.205:
xfrm: esp: ipv4: fix up flags setting.
patches/packages/linux-5.15.206/kernel-source-5.15.206-noarch-1.txz: Upgraded.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
patches/packages/linux-5.15.205/kernel-generic-5.15.205-x86_64-1.txz: Upgraded.
patches/packages/linux-5.15.205/kernel-headers-5.15.205-x86-1.txz: Upgraded.
patches/packages/linux-5.15.205/kernel-huge-5.15.205-x86_64-1.txz: Upgraded.
patches/packages/linux-5.15.205/kernel-modules-5.15.205-x86_64-1.txz: Upgraded.
This update fixes a critical security issue:
xfrm: esp: avoid in-place decrypt on shared skb frags.
This update addresses a Linux kernel local privilege escalation attack known
as "Dirty Frag." Please note that there's a second CVE (CVE-2026-43500) that
is not yet patched upstream.
Mitigation: If for some reason it's not possible to upgrade the kernel right
away you may blacklist or remove the kernel modules esp4.ko and esp6.ko
(CVE-2026-43284) and rxrpc.ko (CVE-2026-43500).
Also remove the modules from the kernel if they have been loaded:
rmmod esp4 esp6 rxrpc
And, drop the file caches in case in-memory program copies have already
been compromised. Make sure possibly affected programs do not have any
open sessions first:
sh -c "echo 3 > /proc/sys/vm/drop_caches"
For more information, see:
https://github.com/V4bel/dirtyfrag
https://www.cve.org/CVERecord?id=CVE-2026-43284
(* Security fix *)
patches/packages/linux-5.15.205/kernel-source-5.15.205-noarch-1.txz: Upgraded.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
patches/packages/mozilla-thunderbird-140.10.2esr-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/140.10.2esr/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-44/
https://www.cve.org/CVERecord?id=CVE-2026-8090
https://www.cve.org/CVERecord?id=CVE-2026-8094
https://www.cve.org/CVERecord?id=CVE-2026-8092
(* Security fix *)
patches/packages/expat-2.7.5-arm-2_slack15.0.txz: Rebuilt.
This update fixes a security issue:
Fix quadratic runtime from attribute name collision checks that allowed
denial of service attacks through moderately sized crafted XML input
(CWE-407). Please note that a layer of compression around XML can
significantly reduce the minimum attack payload size.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-45186
(* Security fix *)
patches/packages/linux-5.15.206/*: Upgraded.
This update fixes critical security issues:
xfrm: esp: avoid in-place decrypt on shared skb frags.
This update addresses a Linux kernel local privilege escalation attack known
as "Dirty Frag."
Mitigation: If for some reason it's not possible to upgrade the kernel right
away you may blacklist or remove the kernel modules esp4.ko and esp6.ko
(CVE-2026-43284) and rxrpc.ko (CVE-2026-43500).
Also remove the modules from the kernel if they have been loaded:
rmmod esp4 esp6 rxrpc
And, drop the file caches in case in-memory program copies have already
been compromised. Make sure possibly affected programs do not have any
open sessions first:
sh -c "echo 3 > /proc/sys/vm/drop_caches"
For more information, see:
https://github.com/V4bel/dirtyfrag
https://www.cve.org/CVERecord?id=CVE-2026-43284
https://www.cve.org/CVERecord?id=CVE-2026-43500
(* Security fix *)
extra/php82/php82-8.2.31-arm-1.txz: Upgraded.
This update fixes security issues:
FPM: Fixed XSS within status endpoint.
MBString: Fixed Null pointer dereference in php_mb_check_encoding()
via mb_ereg_search_init().
PDO_Firebird: Fixed SQL injection via NUL bytes in quoted strings.
SOAP: Fixed Stale SOAP_GLOBAL(ref_map) pointer with Apache Map.
SOAP: Fixed Use-after-free after header parsing failure with
SOAP_PERSISTENCE_SESSION.
SOAP: Fixed Broken Apache map value NULL check.
Standard: Fixed Signed integer overflow of char array offset.
Standard: Fixed Consistently pass unsigned char to ctype.h functions.
For more information, see:
https://www.php.net/ChangeLog-8.php#8.2.31
https://www.cve.org/CVERecord?id=CVE-2026-6735
https://www.cve.org/CVERecord?id=CVE-2026-7259
https://www.cve.org/CVERecord?id=CVE-2025-14179
https://www.cve.org/CVERecord?id=CVE-2026-6722
https://www.cve.org/CVERecord?id=CVE-2026-7261
https://www.cve.org/CVERecord?id=CVE-2026-7262
https://www.cve.org/CVERecord?id=CVE-2026-7568
https://www.cve.org/CVERecord?id=CVE-2026-7258
(* Security fix *)
patches/packages/libgpg-error-1.61-arm-1_slack15.0.txz: Upgraded.
This update fixes bugs and security issues:
Fix possible stack overflow in es_printf for %.100f format.
Fix out-of-bounds read in vfnameconcat.
(* Security fix *)
24/02/2022: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware
15/12/2015: Aggiornato HowTo automatizzare la compilazione del kernel
15/12/2015: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware current
24/11/2015: Aggiornato HowTo automatizzare la compilazione del kernel
22/11/2015: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware current
07/11/2015: Aggiornato HowTo automatizzare la compilazione del kernel
05/11/2015: Nuovo HowTo Automatizzare l'aggiornamento di Slackware current
30/10/2015: Aggiornato HowTo Automatizzare la prima configurazione di Slackware
26/05/2015: Aggiornato HowTo mini Slackware su pendrive
07/05/2015: Aggiornato HowTo automatizzare la compilazione del kernel
13/04/2015: Aggiornato HowTo automatizzare la compilazione del kernel
02/04/2015: Aggiornato HowTo automatizzare la compilazione del kernel
Questo script provvede ad aggiornare Slackware o Slackware64 all'ultima current in maniera del tutto autonoma, dalla ricerca di aggiornamenti all'aggiornamento del bootloader.
Scarica la lista dei pacchetti e la confronta con quelli installati, dopodiché controlla se i nuovi pacchetti sono presenti in un eventuale DVD già montato altrimenti li scarica da internet.
Lo script può gestire anche un sistema multilib, infatti se...
Uno script da eseguire al primo avvio di Slackware.
Mi capita spesso di fare nuove installazioni di Slackware e di ripetere sempre le stesse operazioni atte ad una prima configurazione di base, come ad esempio l'italianizzazione o l'impostazione della corretta risoluzione framebuffer.
Per cui ho deciso di raggruppare tutte queste operazioni di base, che possono...
Ecco che la bash ci viene in aiuto anche per realizzare un semplice sistema di video sorveglianza molto economico.
Questo script scatta una foto dalla webcam impostata nella variabile DEV con mplayer, ne fa una copia con la data corrente come nome del file per conservare una copia di tutte le foto scattate e per sapere a prima vista a quando risalgono. Dopodiché carica entrambe le copie della foto sul server ftp...
Spesso i produttori di hardware ottengono costi di produzione più bassi utilizzando componenti con capacità superiori in dispositivi non progettati per sfruttarle piuttosto che utilizzando componenti su misura, questo è anche il caso del mio mouse Logitech RX1000.
Aprendo il mouse e guardando le piste stampate sul retro della scheda si nota che il controller ha un pin inutilizzato, quindi leggendo il codice (CY7C63813) sul chip e trovandone il...
Compilare il kernel Linux non è certamente cosa difficile, ma chi è alle prime armi spesso è spaventato da questa procedura e anche per chi è pratico a volte diventa scocciante aggiornare ad ogni release.
Dunque ho scritto questo script bash che automatizza la procedura: rileva quanti core ha il proprio processore per decidere in quanti processi paralleli eseguire la compilazione in modo da ottimizzarne i tempi, poi controlla se la versione scelta...
Condividi sui tuoi social preferiti!
Telegram Facebook Linkedin Twitter Pinterest