Slackware This Forum is for the discussion of Slackware Linux.
|
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
|
11-25-2013, 07:43 AM
|
#16
|
LQ Veteran
Registered: May 2008
Posts: 7,100
|
Code:
sed -i -e "/^docdir/ s_\$_/${PRGNAM}-${VERSION}_" \
-e "/^exampledir/ s_\$_/${PRGNAM}-${VERSION}_" Makefile
In combination with --datadir=/usr sorted it out for me. (thanks to the BLFS book for the hint on that)
Note: I'm not using mancha's slackbuild so the variable names may need adjusting.
Also, be aware that aaa_elflibs contains both a libjpeg.so.8 and a libjpeg.so.62 (which doesn't appear to be included in any other packages on the system).
edit: ahh, sorry, nevermind, I see mancha has already fixed it.
libjpeg-turbo up and running here. Seems snappy, though I can't say I ever noticed the old one feeling slow.
Last edited by GazL; 11-25-2013 at 07:47 AM.
|
|
|
11-25-2013, 12:09 PM
|
#17
|
Member
Registered: Sep 2006
Location: Earth
Distribution: Slackware 14.1 Slackware64-current multilib
Posts: 278
Rep:
|
speed: I was using original libjpeg.Slackbuild script to build libjpeg-turbo, it has same problem. fixed with your suggestion.
|
|
|
12-08-2013, 11:50 AM
|
#18
|
Member
Registered: Aug 2012
Posts: 484
Original Poster
Rep:
|
I finally got around to benchmarking libjpeg-turbo on an x86 system by measuring compression and decompression megapixels/second rates for grayscale and chroma subsampling 4:2:0, 4:2:2, and 4:4:4.
- Compression
libjpeg-turbo outperforms libjpeg-8a by 300%; ranging from 280% (grayscale) to 330% (chroma subsampling 4:2:0).
- Decompression
results are slightly less striking but impressive all the same. On average libjpeg-turbo outperforms libjpeg-8a by 225%; ranging from 160% (grayscale) to 280% (chroma subsampling 4:2:0).
Aside from performance, another reason to consider libjpeg-turbo for the next development cycle is its adoption by Google, Mozilla, and numerous Linux distributions. With more eyeballs scrutinizing code it is reasonable to expect bugs and vulnerabilities will get more quickly identified/resolved.
Can I take the lack of negative reports on this thread as a good sign?
--mancha
PS This thread morphed from my initial vulnerability/patch announcement into a discussion about libjpeg-turbo which I agree is far more interesting. However, if I can turn to post #1 for a second, I've not seen any security releases for libjpeg on Slackware 12.1 through 14.1. Is Pat not really tracking LQ these days?
Last edited by mancha; 12-08-2013 at 12:59 PM.
|
|
|
12-08-2013, 02:04 PM
|
#19
|
LQ Veteran
Registered: Feb 2007
Distribution: Slackware64-current with KDE4Town.
Posts: 9,548
|
Quote:
Originally Posted by mancha
..PS This thread morphed from my initial vulnerability/patch announcement into a discussion about libjpeg-turbo which I agree is far more interesting. However, if I can turn to post #1 for a second, I've not seen any security releases for libjpeg on Slackware 12.1 through 14.1. Is Pat not really tracking LQ these days?
|
Thanks for bringing this up.
Mr. Volkerding may be on a well deserved vacation (I don't really know), but I was surprised when libjpeg wasn't included in the last batch of security upgrades.
Last edited by cwizardone; 12-08-2013 at 02:08 PM.
|
|
|
12-08-2013, 02:31 PM
|
#20
|
LQ Veteran
Registered: May 2008
Posts: 7,100
|
6629 is described as a "information exposure/read from uninitialised memory" issue. I've seen much worse than this left unpatched in the past as Pat tends to only patch things that are at real risk of exploitation and which could result in a compromise.
It's really no different than all the bugs that remain unpatched in the kernel due to Slackware's policy of not providing all the stable kernel updates in /patches. If one were being kind, one might describe Slackware's attitude to security weaknesses like this as "pragmatic". This is of course a little unsettling for those of us of the paranoid persuasion who like to dot all their i's, but given Slackware's limited resource pool I think it's understandable.
I expect this will remain unpatched unless someone can demonstrate a way to use this for arbitrary code execution or worse.
As for libjpeg-turbo. It's been behaving just fine here.
|
|
|
12-11-2013, 03:02 PM
|
#21
|
LQ Veteran
Registered: May 2008
Posts: 7,100
|
Looks like RHEL and clones just got around to patching 6629.
|
|
|
12-11-2013, 03:45 PM
|
#22
|
Member
Registered: Aug 2012
Posts: 484
Original Poster
Rep:
|
Quote:
Originally Posted by GazL
Looks like RHEL and clones just got around to patching 6629.
|
Both Red Hat and Debian ended up taking the same approach I did (using Google/libjpeg-turbo's solution over Ghostscript/IJG's) for their IJG libjpeg-6b and libjpeg-8 fixes (CVE-2013-6629).
Also, the recent set of Mozilla releases (Firefox 26, Firefox ESR 24.2, Thunderbird 24.2, Seamonkey 2.23) includes a fix for the embedded libjpeg-turbo (CVE-2013-6629 & CVE-2013-6630).
--mancha
|
|
|
12-11-2013, 06:13 PM
|
#23
|
Member
Registered: Jan 2012
Location: Directly above the center of the earth
Distribution: Slackware. There's something else?
Posts: 383
Rep:
|
So, how do we get our system to use libjpeg-turbo? Is it as simple as just uninstalling the regular libjpeg?
|
|
|
12-12-2013, 03:54 AM
|
#24
|
Member
Registered: Nov 2012
Distribution: slackware
Posts: 544
|
Quote:
Can I take the lack of negative reports on this thread as a good sign?
|
I'm using libjepg-turbo for some years now on x86 and x86_64 without problems. Nothing had to be recompiled, what i compiled against libjepg-turbo did work.
Franzen
|
|
|
All times are GMT -5. The time now is 02:53 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|