Slackware Linux e risoluzione di problemi, di Andrea Peluso

Sat Sep 3 13:07:00 CEST 2022

blender-3.0.1-x86_64-1_ap.txz:  Upgraded.

Sun May 3 03:36:26 CEST 2026

a/dracut-111-x86_64-1.txz:  Upgraded.
a/elogind-255.23-x86_64-1.txz:  Upgraded.
a/haveged-1.9.20-x86_64-1.txz:  Upgraded.
a/kernel-firmware-20260429_56a13f9-noarch-1.txz:  Upgraded.
a/kernel-generic-6.18.26-x86_64-1.txz:  Upgraded.
  This update fixes a critical security issue:
  An out-of-bounds write in the userspace interface for AEAD cipher algorithms
  may be leveraged to get a root shell through a setuid binary. While the
  proof of concepts for this have so far targeted different program versions
  than Slackware uses, there's nothing preventing anyone from targeting one
  a setuid binary that we use.
  Mitigation: If for some reason it's not possible to upgrade the kernel right
  away, since we use CONFIG_CRYPTO_USER_API_AEAD=m you may blacklist or remove
  the algif_aead.ko kernel module to prevent the exploit.
  For more information, see:
    https://copy.fail/
    https://www.cve.org/CVERecord?id=CVE-2026-31431
  (* Security fix *)
ap/joe-4.8-x86_64-1.txz:  Upgraded.
ap/lxc-7.0.0-x86_64-1.txz:  Upgraded.
ap/vim-9.2.0433-x86_64-1.txz:  Upgraded.
d/doxygen-1.17.0-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.18.26-x86-1.txz:  Upgraded.
k/kernel-source-6.18.26-noarch-1.txz:  Upgraded.
kde/xsimd-14.2.0-noarch-1.txz:  Upgraded.
l/SDL2_image-2.8.12-x86_64-1.txz:  Upgraded.
l/SDL3-3.4.8-x86_64-1.txz:  Upgraded.
l/at-spi2-core-2.60.3-x86_64-1.txz:  Upgraded.
l/cfitsio-4.6.4-x86_64-1.txz:  Upgraded.
l/enchant-2.8.16-x86_64-1.txz:  Upgraded.
l/glib2-2.88.1-x86_64-1.txz:  Upgraded.
l/gtk4-4.22.4-x86_64-1.txz:  Upgraded.
l/libgsf-1.14.58-x86_64-1.txz:  Upgraded.
l/openexr-3.4.11-x86_64-1.txz:  Upgraded.
  Patch release that addresses the following security vulnerabilities:
  Shift exponent overflow in readVariableLengthInteger().
  Out-of-bounds read in IDManifest::init() during prefix expansion.
  Integer overflow in ImageChannel::resize leads to heap OOB write via
  OpenEXRUtil public API.
  Heap-buffer-overflow in DwaCompressor_uncompress.
  Null-dereference READ in Imf_3_3::prefixFromLayerName.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2026-42217
    https://www.cve.org/CVERecord?id=CVE-2026-42216
    https://www.cve.org/CVERecord?id=CVE-2026-41142
  (* Security fix *)
l/python-build-1.5.0-x86_64-1.txz:  Upgraded.
l/qtkeychain-0.16.0-x86_64-1.txz:  Upgraded.
l/spirv-llvm-translator-22.1.2-x86_64-1.txz:  Upgraded.
n/curl-8.20.0-x86_64-1.txz:  Upgraded.
n/dhcpcd-10.3.2-x86_64-1.txz:  Upgraded.
n/gnutls-3.8.13-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  Add more checks to DTLS reassembly. Previously, gnutls didn't check that
  DTLS fragments claimed a consistent message_length value. Additionally,
  a crucial array size check was missing, enabling an attacker to cause a
  heap overwrite. Reject fragments with mismatching length and add a missing
  boundary check. Independently reported by Haruto Kimura (Stella), Oscar
  Reparaz and Zou Dikai.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2026-33846
  (* Security fix *)
n/openvpn-2.7.4-x86_64-1.txz:  Upgraded.
n/postfix-3.11.2-x86_64-1.txz:  Upgraded.
x/ibus-1.5.34-x86_64-1.txz:  Upgraded.
x/mesa-26.0.6-x86_64-1.txz:  Upgraded.
x/noto-fonts-ttf-2026.05.01-noarch-1.txz:  Upgraded.
x/xterm-410-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-140.10.1esr-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/140.10.1esr/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2026-39/
    https://www.cve.org/CVERecord?id=CVE-2026-7320
    https://www.cve.org/CVERecord?id=CVE-2026-7321
    https://www.cve.org/CVERecord?id=CVE-2026-7322
    https://www.cve.org/CVERecord?id=CVE-2026-7323
  (* Security fix *)
xap/vim-gvim-9.2.0433-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/linux-7.0.x/kernel-generic-7.0.3-x86_64-1.txz:  Upgraded.
  This update fixes a critical security issue:
  An out-of-bounds write in the userspace interface for AEAD cipher algorithms
  may be leveraged to get a root shell through a setuid binary. While the
  proof of concepts for this have so far targeted different program versions
  than Slackware uses, there's nothing preventing anyone from targeting one
  a setuid binary that we use.
  Mitigation: If for some reason it's not possible to upgrade the kernel right
  away, since we use CONFIG_CRYPTO_USER_API_AEAD=m you may blacklist or remove
  the algif_aead.ko kernel module to prevent the exploit.
  For more information, see:
    https://copy.fail/
    https://www.cve.org/CVERecord?id=CVE-2026-31431
  (* Security fix *)
testing/packages/linux-7.0.x/kernel-headers-7.0.3-x86-1.txz:  Upgraded.
testing/packages/linux-7.0.x/kernel-source-7.0.3-noarch-1.txz:  Upgraded.
testing/packages/mesa-26.1.0_rc3-x86_64-1.txz:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.

Fri May 1 21:44:58 CEST 2026

a/lvm2-2.03.40-x86_64-1.txz:  Upgraded.
ap/htop-3.5.1-x86_64-1.txz:  Upgraded.
l/mozjs140-140.10.1esr-x86_64-1.txz:  Upgraded.
l/python-trove-classifiers-2026.4.28.13-x86_64-1.txz:  Upgraded.
n/ethtool-7.0-x86_64-1.txz:  Upgraded.
n/rsync-3.4.2-x86_64-1.txz:  Upgraded.
x/ibus-table-1.17.18-x86_64-1.txz:  Upgraded.
x/libdrm-2.4.133-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-140.10.1esr-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/140.10.1/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2026-36
    https://www.cve.org/CVERecord?id=CVE-2026-7320
    https://www.cve.org/CVERecord?id=CVE-2026-7321
    https://www.cve.org/CVERecord?id=CVE-2026-7322
    https://www.cve.org/CVERecord?id=CVE-2026-7323
  (* Security fix *)

Tue Apr 28 07:57:29 CEST 2026

ap/cups-2.4.19-x86_64-1.txz:  Upgraded.
  Fixed a regression in shared printing from non-local accounts (Issue #1557).
n/openvpn-2.7.3-x86_64-1.txz:  Upgraded.
n/proftpd-1.3.9a-x86_64-1.txz:  Upgraded.
  Fix for an SQL injection that may lead to authentication bypass, privilege
  escalation, and arbitrary code execution. Slackware does not build mol_sql,
  but this may be an important upgrade for those rebuilding proftpd in order
  to add this module.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2026-42167
  (* Security fix *)
x/xorg-server-xwayland-24.1.11-x86_64-1.txz:  Upgraded.

Fri May 1 10:08:08 CEST 2026

a/hwm-bw-raspberrypi-2026.04.30-aarch64-1.txz:  Upgraded.
  Upgraded to RPi EEPROM firmware version: 2026.04.30
  Upgraded to RPi boot firmware version..: 2026.04.21

  To update the firmware on your RPi's EEPROM, as root:

  $ rpi-eeprom-update -d

  This will report if there's newer firmware available.

  To update the firmware:
  $ rpi-eeprom-update -da

  If the firmware was successfully updated, reboot:
  $ reboot

  Note: On the Raspberry Pi 4, you may need to power cycle the machine in order
  for the update to apply.

Tue Apr 28 10:08:08 CEST 2026

a/aaa_libraries-15.1-aarch64-48.txz:  Rebuilt.
  Upgraded: libcap.so.2.78, libelf-0.195.so, libgpg-error.so.0.42.0,
  liblzma.so.5.8.3, libexpat.so.1.12.0, libglib-2.0.so.0.8800.0,
  libgmodule-2.0.so.0.8800.0, libgobject-2.0.so.0.8800.0,
  libgthread-2.0.so.0.8800.0, libpng16.so.16.58.0.
  Added (temporarily): libboost_*.so.1.90.0.
a/kernel_armv8-6.18.25-aarch64-1.txz:  Upgraded.
a/libblockdev-3.5.0-aarch64-1.txz:  Upgraded.
ap/cups-2.4.19-aarch64-1.txz:  Upgraded.
  Fixed a regression in shared printing from non-local accounts (Issue #1557).
ap/mpg123-1.33.5-aarch64-1.txz:  Upgraded.
  mpg123: Fix generic control mode for largefile-sensitive builds, where 32 bit
  off_t was used with mpg123 API calls expecting 64 bit off_t.
  I am appalled that it took a user on 32 bit ARM and a specific https stream
  to notice this (bug 385, regression since 1.32.0).
  The security impact of this could be serious, with memory corruption
  including segfault being observed.
  mpg123-id3dump, out123: Enable 64 bit offset usage on largefile-sensitive
  platforms (regression since 1.32.0).
  (* Security fix *)
d/ccache-4.13.5-aarch64-1.txz:  Upgraded.
d/kernel-headers-6.18.25-aarch64-1.txz:  Upgraded.
d/python-pip-26.1-aarch64-1.txz:  Upgraded.
d/strace-7.0-aarch64-1.txz:  Upgraded.
d/universal-ctags-6.2.1-aarch64-1.txz:  Upgraded.
k/kernel-source-6.18.25-aarch64-1.txz:  Upgraded.
kde/kig-23.08.5-aarch64-12.txz:  Rebuilt.
  Recompiled against boost-1.91.0.
kde/kopeninghours-23.08.5-aarch64-12.txz:  Rebuilt.
  Recompiled against boost-1.91.0.
kde/libindi-2.2.1.1-aarch64-1.txz:  Upgraded.
l/Imath-3.2.2-aarch64-3.txz:  Rebuilt.
  Recompiled against boost-1.91.0.
l/at-spi2-core-2.60.2-aarch64-1.txz:  Upgraded.
l/boost-1.91.0-aarch64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/cryfs-0.10.3-aarch64-18.txz:  Rebuilt.
  Recompiled against boost-1.91.0.
l/expat-2.8.0-aarch64-1.txz:  Upgraded.
l/lcms2-2.19-aarch64-1.txz:  Upgraded.
l/mozilla-nss-3.123.1-aarch64-1.txz:  Upgraded.
l/python-build-1.4.4-aarch64-1.txz:  Upgraded.
l/python-packaging-26.2-aarch64-1.txz:  Upgraded.
l/python-pathspec-1.1.1-aarch64-1.txz:  Upgraded.
n/gnupg2-2.5.19-aarch64-1.txz:  Upgraded.
n/libgpg-error-1.60-aarch64-1.txz:  Upgraded.
n/mutt-2.3.2-aarch64-1.txz:  Upgraded.
n/openvpn-2.7.3-aarch64-1.txz:  Upgraded.
n/proftpd-1.3.9a-aarch64-1.txz:  Upgraded.
  Fix for an SQL injection that may lead to authentication bypass, privilege
  escalation, and arbitrary code execution. Slackware does not build mol_sql,
  but this may be an important upgrade for those rebuilding proftpd in order
  to add this module.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2026-42167
  (* Security fix *)
n/wireless-regdb-2026.03.18-aarch64-1.txz:  Upgraded.
x/editres-1.1.1-aarch64-1.txz:  Upgraded.
x/font-util-1.4.2-aarch64-1.txz:  Upgraded.
x/xbitmaps-1.1.4-aarch64-1.txz:  Upgraded.
x/xorg-server-xwayland-24.1.11-aarch64-1.txz:  Upgraded.
x/xrandr-1.5.4-aarch64-1.txz:  Upgraded.
installer/*:  Rebuilt.
kernels/*:  Upgraded.

Mon Apr 27 10:08:08 CEST 2026

a/kernel_armv8-6.18.24-aarch64-1.txz:  Upgraded.
  Kernel configuration changes:
  +CONFIG_ZSWAP=y
  +CONFIG_ZSWAP_SHRINKER_DEFAULT_ON=y
  +CONFIG_ZSWAP_COMPRESSOR_DEFAULT_LZO=y
  Thanks to SCerovec for the suggestion.
d/kernel-headers-6.18.24-aarch64-1.txz:  Upgraded.
k/kernel-source-6.18.24-aarch64-1.txz:  Upgraded.
installer/*:  Rebuilt.
  /usr/share/hwm-configure/platform/aarch64/installer/assets/bootloader/rpi/
    Moved these template files from the RPi Slackware Installer image's fat
    bootware partition into the Installer.  This is the first step towards being
    able to decouple the SD card from the Slackware OS on the RPi:
      config.txt
      slk_config.txt
      slkos.cmdline.txt
/hwm-configure/platform/aarch64/installer/helper.scr/002-rpi_bl-configure:
   Install boot loader template files contained within the Installer file
   system.
kernels/*:  Upgraded.

Sun May 3 03:36:26 CEST 2026

patches/packages/gnutls-3.8.13-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes a security issue:
  Add more checks to DTLS reassembly. Previously, gnutls didn't check that
  DTLS fragments claimed a consistent message_length value. Additionally,
  a crucial array size check was missing, enabling an attacker to cause a
  heap overwrite. Reject fragments with mismatching length and add a missing
  boundary check. Independently reported by Haruto Kimura (Stella), Oscar
  Reparaz and Zou Dikai.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2026-33846
  (* Security fix *)
patches/packages/linux-5.15.204/kernel-generic-5.15.204-x86_64-1.txz:  Upgraded.
  This update fixes a critical security issue:
  An out-of-bounds write in the userspace interface for AEAD cipher algorithms
  may be leveraged to get a root shell through a setuid binary. While the
  proof of concepts for this have so far targeted different program versions
  than Slackware uses, there's nothing preventing anyone from targeting one
  a setuid binary that we use.
  Mitigation: If for some reason it's not possible to upgrade the kernel right
  away, since we use CONFIG_CRYPTO_USER_API_AEAD=m you may blacklist or remove
  the algif_aead.ko kernel module to prevent the exploit.
  For more information, see:
    https://copy.fail/
    https://www.cve.org/CVERecord?id=CVE-2026-31431
  (* Security fix *)
patches/packages/linux-5.15.204/kernel-headers-5.15.204-x86-1.txz:  Upgraded.
patches/packages/linux-5.15.204/kernel-huge-5.15.204-x86_64-1.txz:  Upgraded.
  This update fixes a critical security issue:
  An out-of-bounds write in the userspace interface for AEAD cipher algorithms
  may be leveraged to get a root shell through a setuid binary. While the
  proof of concepts for this have so far targeted different program versions
  than Slackware uses, there's nothing preventing anyone from targeting one
  a setuid binary that we use.
  Mitigation: If for some reason it's not possible to upgrade the kernel right
  away, since we use CONFIG_CRYPTO_USER_API_AEAD=m you may blacklist or remove
  the algif_aead.ko kernel module to prevent the exploit.
  For more information, see:
    https://copy.fail/
    https://www.cve.org/CVERecord?id=CVE-2026-31431
  (* Security fix *)
patches/packages/linux-5.15.204/kernel-modules-5.15.204-x86_64-1.txz:  Upgraded.
  This update fixes a critical security issue:
  An out-of-bounds write in the userspace interface for AEAD cipher algorithms
  may be leveraged to get a root shell through a setuid binary. While the
  proof of concepts for this have so far targeted different program versions
  than Slackware uses, there's nothing preventing anyone from targeting one
  a setuid binary that we use.
  Mitigation: If for some reason it's not possible to upgrade the kernel right
  away, since we use CONFIG_CRYPTO_USER_API_AEAD=m you may blacklist or remove
  the algif_aead.ko kernel module to prevent the exploit.
  For more information, see:
    https://copy.fail/
    https://www.cve.org/CVERecord?id=CVE-2026-31431
  (* Security fix *)
patches/packages/linux-5.15.204/kernel-source-5.15.204-noarch-1.txz:  Upgraded.
  Be sure to upgrade your initrd after upgrading the kernel packages.
  If you use lilo to boot your machine, be sure lilo.conf points to the correct
  kernel and initrd and run lilo as root to update the bootloader.
  If you use elilo to boot your machine, you should run eliloconfig to copy the
  kernel and initrd to the EFI System Partition.
patches/packages/mozilla-thunderbird-140.10.1esr-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/140.10.1esr/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2026-39/
    https://www.cve.org/CVERecord?id=CVE-2026-7320
    https://www.cve.org/CVERecord?id=CVE-2026-7321
    https://www.cve.org/CVERecord?id=CVE-2026-7322
    https://www.cve.org/CVERecord?id=CVE-2026-7323
  (* Security fix *)

Fri May 1 21:44:58 CEST 2026

patches/packages/mozilla-firefox-140.10.1esr-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/140.10.1/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2026-36
    https://www.cve.org/CVERecord?id=CVE-2026-7320
    https://www.cve.org/CVERecord?id=CVE-2026-7321
    https://www.cve.org/CVERecord?id=CVE-2026-7322
    https://www.cve.org/CVERecord?id=CVE-2026-7323
  (* Security fix *)

Tue Apr 28 07:57:29 CEST 2026

patches/packages/cups-2.4.19-x86_64-1_slack15.0.txz:  Upgraded.
  Fixed a regression in shared printing from non-local accounts (Issue #1557).
patches/packages/proftpd-1.3.9a-x86_64-1_slack15.0.txz:  Upgraded.
  Fix for an SQL injection that may lead to authentication bypass, privilege
  escalation, and arbitrary code execution. Slackware does not build mol_sql,
  but this may be an important upgrade for those rebuilding proftpd in order
  to add this module.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2026-42167
  (* Security fix *)

Sun May 3 10:08:08 CEST 2026

patches/packages/gnutls-3.8.13-arm-1_slack15.0.txz:  Upgraded.
  This update fixes a security issue:
  Add more checks to DTLS reassembly. Previously, gnutls didn't check that
  DTLS fragments claimed a consistent message_length value. Additionally,
  a crucial array size check was missing, enabling an attacker to cause a
  heap overwrite. Reject fragments with mismatching length and add a missing
  boundary check. Independently reported by Haruto Kimura (Stella), Oscar
  Reparaz and Zou Dikai.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2026-33846
  (* Security fix *)
patches/packages/linux-5.15.204/*:  Upgraded.
  This update fixes a critical security issue:
  An out-of-bounds write in the userspace interface for AEAD cipher algorithms
  may be leveraged to get a root shell through a setuid binary. While the
  proof of concepts for this have so far targeted different program versions
  than Slackware uses, there's nothing preventing anyone from targeting one
  a setuid binary that we use.
  Mitigation: If for some reason it's not possible to upgrade the kernel right
  away, since we use CONFIG_CRYPTO_USER_API_AEAD=m you may blacklist or remove
  the algif_aead.ko kernel module to prevent the exploit.
  For more information, see:
    https://copy.fail/
    https://www.cve.org/CVERecord?id=CVE-2026-31431
  (* Security fix *)

Tue Apr 28 10:08:08 CEST 2026

patches/packages/cups-2.4.19-arm-1_slack15.0.txz:  Upgraded.
  Fixed a regression in shared printing from non-local accounts (Issue #1557).
patches/packages/mpg123-1.33.5-arm-1_slack15.0.txz:  Upgraded.
  mpg123: Fix generic control mode for largefile-sensitive builds, where 32 bit
  off_t was used with mpg123 API calls expecting 64 bit off_t.
  I am appalled that it took a user on 32 bit ARM and a specific https stream
  to notice this (bug 385, regression since 1.32.0).
  The security impact of this could be serious, with memory corruption
  including segfault being observed.
  mpg123-id3dump, out123: Enable 64 bit offset usage on largefile-sensitive
  platforms (regression since 1.32.0).
  (* Security fix *)
patches/packages/proftpd-1.3.9a-arm-1_slack15.0.txz:  Upgraded.
  Fix for an SQL injection that may lead to authentication bypass, privilege
  escalation, and arbitrary code execution. Slackware does not build mol_sql,
  but this may be an important upgrade for those rebuilding proftpd in order
  to add this module.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2026-42167
  (* Security fix *)

Sun Apr 26 10:08:08 CEST 2026

patches/packages/ca-certificates-20260413-noarch-1_slack15.0.txz:  Upgraded.
  This update provides the latest CA certificates to check for the
  authenticity of SSL connections.
patches/packages/cups-2.4.18-arm-1_slack15.0.txz:  Upgraded.
  Fixed cupsd crash if user does not exist (Issue #1555).
patches/packages/linux-5.15.203/*:  Upgraded.
  Dropped all of the AArch64 patches.

Aggiornamenti di script e guide

24/02/2022: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware
15/12/2015: Aggiornato HowTo automatizzare la compilazione del kernel
15/12/2015: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware current
24/11/2015: Aggiornato HowTo automatizzare la compilazione del kernel
22/11/2015: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware current
07/11/2015: Aggiornato HowTo automatizzare la compilazione del kernel
05/11/2015: Nuovo HowTo Automatizzare l'aggiornamento di Slackware current
30/10/2015: Aggiornato HowTo Automatizzare la prima configurazione di Slackware
26/05/2015: Aggiornato HowTo mini Slackware su pendrive
07/05/2015: Aggiornato HowTo automatizzare la compilazione del kernel
13/04/2015: Aggiornato HowTo automatizzare la compilazione del kernel
02/04/2015: Aggiornato HowTo automatizzare la compilazione del kernel