SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Looks like Greg K-H will be throwing out some new stable kernels tonight/tomorrow, just checked the stable patches and the two 'futex' related patches are in the list for 3.10.42. Guess I know what I'll be doing tomorrow.
I personally doubt that OpenBSD will crowdfund LibreSSL - they seem to prefer foundations.
Incidentally, the OpenBSD Foundation official supports LibreSSL, and there is a fundraising campaign every year. (Campaign 2014 has met its goal, but that doesn't stop anybody from donating!)
That's good, maybe they'll have enough. I was just thinking that libressl would appeal to much more than just OpenBSD users, especially with recent news.
This thread is getting a little long and confusing now,
The problem is a forum is not the suitable tool/place/audience for this. It has existed for decades a poven better, easier, convenient way and till I know it's neither broken nor obsolete. It doesn't need a fix. But perhaps it isn't *modern* enough (Luddite) for some people here: plain text on mailing list.
For example, slackware-security mailing list is abandoned and has a lot of html formated messages.
why are you saying this? I received this just a few hours ago (I cutted only the top headers)
Code:
Date: Fri, 6 Jun 2014 21:03:06 -0700 (PDT)
From: Slackware Security Team <security@slackware.com>
To: slackware-security@slackware.com
Subject: [slackware-security] mozilla-firefox (SSA:2014-157-01)
Message-ID: <alpine.LNX.2.02.1406062102480.21729@connie.slackware.com>
User-Agent: Alpine 2.02 (LNX 1266 2009-07-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-slackware-security@slackware.com
Reply-To: Slackware Security Team <security@slackware.com>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[slackware-security] mozilla-firefox (SSA:2014-157-01)
New mozilla-firefox packages are available for Slackware 14.1 to fix
security issues.
Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-24.6.0esr-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mozilla-firefox-24.6.0esr-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mozilla-firefox-24.6.0esr-x86_64-1_slack14.1.txz
MD5 signatures:
+-------------+
Slackware 14.1 package:
9ba04aa0691c3b6f26580dcfdd6d3763 mozilla-firefox-24.6.0esr-i486-1_slack14.1.txz
Slackware x86_64 14.1 package:
f223ca0a93a62b843552a41e30d2c1d4 mozilla-firefox-24.6.0esr-x86_64-1_slack14.1.txz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg mozilla-firefox-24.6.0esr-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlOSjyEACgkQakRjwEAQIjNxKACdElTd0R2MCu6RDcGAuazIitwy
HpUAoIWe3w2Z7Y6FdJd/84TwyOtPKjVm
=dcdB
-----END PGP SIGNATURE-----
My mistake about the particular case of slackware-security was bacause I use to check the lists I'm not associated with via news.gmane.org. It's not the first time this happens, surely a gmane issue. Thanks again for your info.
The aim of my post is to point that in general terms, Slackware mailing lists are a bit abandoned in favor to use this forum for bug reports.
This thread is not a replacement for the slackware security mailing list, it's an additional source of information for those of us who want to go above and beyond what Pat/Slackware provide. The forum is perfect for listing and discussing new vulnerabilities as and when they occur. What is lacking is an overview summary of the current state of play, i.e. things Pat is either: still to patch, has chosen not to patch, or has just plain missed.
This thread is not a replacement for the slackware security mailing list, it's an additional source of information for those of us who want to go above and beyond what Pat/Slackware provide. The forum is perfect for listing and discussing new vulnerabilities as and when they occur. What is lacking is an overview summary of the current state of play, i.e. things Pat is either: still to patch, has chosen not to patch, or has just plain missed.
Last attempt sub-quoting myself.
slackware-security is not for discussion, is for report security messages to users.
I avoid to mention a "develop" mailing list knowing the Slackware "particular" way. But traditionally FOSS projects have had a mailing list for security reports, another for bug reports, another for discussion... Why you think a forum could be a "perfect" replacement for that traditional way I don't even guess. But let's this die here to not extend the OT.
A more sophisticated bug tracking system would need relevant infrastructure and maintenance. Till someone provides that, let's continue to read the mailing lists, post our questions, requests, thoughts and information in this forum.
Last edited by Didier Spaier; 06-07-2014 at 06:51 AM.
A more sophisticated bug tracking system would need relevant infrastructure and maintenance. Till someone provides that, let's continue to read the mailing lists, post our questions, requests, thoughts and information in this forum.
And sub-quoting myself again.
Taking in care Slackware development modus operandi a bug tracking system (already invented) is of no use. Mailing lists servers are already provided and ready to use for the rest of functionality. Who think a forum is better for that is because ignores how to use mailing lists. Forums were adopted by users for the same reason all *reinventing the wheel new stuff* is adopted (i.e. systemd), ignorance and laziness.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.