LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 11-08-2019, 12:52 AM   #1
hitest
Guru
 
Registered: Mar 2004
Location: Prince Rupert, B.C., Canada
Distribution: Slackware
Posts: 5,948

Rep: Reputation: 2172Reputation: 2172Reputation: 2172Reputation: 2172Reputation: 2172Reputation: 2172Reputation: 2172Reputation: 2172Reputation: 2172Reputation: 2172Reputation: 2172
Kernel upgrade for Slackware 14.2 (security and bug fixes)


Code:
Thu Nov  7 21:35:45 UTC 2019
patches/packages/linux-4.4.199/*:  Upgraded.
  These updates fix various bugs and security issues.
  Be sure to upgrade your initrd after upgrading the kernel packages.
  If you use lilo to boot your machine, be sure lilo.conf points to the correct
  kernel and initrd and run lilo as root to update the bootloader.
  If you use elilo to boot your machine, you should run eliloconfig to copy the
  kernel and initrd to the EFI System Partition.
  For more information, see:
    Fixed in 4.4.191:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3900
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15118
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10906
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10905
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10638
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15117
    Fixed in 4.4.193:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14835
    Fixed in 4.4.194:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14816
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14814
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15505
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14821
    Fixed in 4.4.195:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17053
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17052
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17056
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17055
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17054
    Fixed in 4.4.196:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2215
    Fixed in 4.4.197:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16746
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20976
    Fixed in 4.4.198:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17075
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17133
    Fixed in 4.4.199:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15098
  (* Security fix *)
http://slackware.osuosl.org/slackwar.../ChangeLog.txt
 
Old 11-08-2019, 05:53 PM   #2
ChuangTzu
Senior Member
 
Registered: May 2015
Location: Where ever needed
Distribution: Slackware/Salix while testing others
Posts: 1,481

Rep: Reputation: 1512Reputation: 1512Reputation: 1512Reputation: 1512Reputation: 1512Reputation: 1512Reputation: 1512Reputation: 1512Reputation: 1512Reputation: 1512Reputation: 1512
Thanks for the heads up hitest...And thank you PV...
 
1 members found this post helpful.
Old 11-08-2019, 06:31 PM   #3
twy
Member
 
Registered: Jun 2004
Distribution: Slackware64
Posts: 52

Rep: Reputation: Disabled
With these kernel 4.4.199 updates to slackware64-14.2, the kernel-firmware patch seems to be missing. When using slackpkg, this causes my system to prompt to revert back to kernel-firmware from 2016 in the original release.

edit: solved. packages are there now, thanks.

Last edited by twy; 11-09-2019 at 05:06 AM. Reason: solved
 
Old 11-08-2019, 07:00 PM   #4
Didier Spaier
LQ Addict
 
Registered: Nov 2008
Location: Paris, France
Distribution: Slint64-14.2.1.2 on Lenovo Thinkpad W520
Posts: 9,051

Rep: Reputation: Disabled
Quote:
Originally Posted by twy View Post
With these kernel 4.4.199 updates to slackware64-14.2, the kernel-firmware patch seems to be missing. When using slackpkg, this causes my system to prompt to revert back to kernel-firmware from 2016 in the original release.
The right way to update is to follow these instructions: http://www.slackware.com/lists/archi...ecurity.756390

The kernel-firmware package is not upgraded at the same pace at the other kernel packages, as it is not linked to a specific kernel version.
 
1 members found this post helpful.
Old 11-08-2019, 07:46 PM   #5
hitest
Guru
 
Registered: Mar 2004
Location: Prince Rupert, B.C., Canada
Distribution: Slackware
Posts: 5,948

Original Poster
Rep: Reputation: 2172Reputation: 2172Reputation: 2172Reputation: 2172Reputation: 2172Reputation: 2172Reputation: 2172Reputation: 2172Reputation: 2172Reputation: 2172Reputation: 2172
Code:
Fri Nov  8 23:23:40 UTC 2019
patches/packages/kdelibs-4.14.38-x86_64-2_slack14.2.txz:  Rebuilt.
  Remove hardcoded TLSv1 allowing TLSv1.1 and TLSv1.2. Thanks to PJ Beers.
patches/packages/kdepim-4.14.10-x86_64-2_slack14.2.txz:  Rebuilt.
  Remove hardcoded TLSv1 allowing TLSv1.1 and TLSv1.2. Thanks to PJ Beers.
patches/packages/kdepimlibs-4.14.10-x86_64-3_slack14.2.txz:  Rebuilt.
  Remove hardcoded TLSv1 allowing TLSv1.1 and TLSv1.2. Thanks to PJ Beers.
patches/packages/linux-4.4.199/kernel-firmware-20191108_f1100dd-noarch-1.txz:  Upgraded.
+--------------------------+
 
Old 11-08-2019, 11:22 PM   #6
slackware-current
Member
 
Registered: Jun 2019
Posts: 50

Rep: Reputation: Disabled
Quote:
Originally Posted by Didier Spaier View Post
The right way to update is to follow these instructions: http://www.slackware.com/lists/archi...ecurity.756390

The kernel-firmware package is not upgraded at the same pace at the other kernel packages, as it is not linked to a specific kernel version.
Do it the correct way Like Didier Spaier says 1 = 1 buckle my shoe
D your the best

Last edited by slackware-current; 11-08-2019 at 11:24 PM.
 
Old 11-10-2019, 09:55 AM   #7
drgibbon
Member
 
Registered: Nov 2014
Distribution: Slackware64 14.2
Posts: 513

Rep: Reputation: 332Reputation: 332Reputation: 332Reputation: 332
Quote:
Originally Posted by Didier Spaier View Post
The right way to update is to follow these instructions: http://www.slackware.com/lists/archi...ecurity.756390

The kernel-firmware package is not upgraded at the same pace at the other kernel packages, as it is not linked to a specific kernel version.
I had noticed when I upgraded that my kernel-firmware package had reverted from a 2019 to 2016 version (fixed now with the new firmware package that was pushed). But what exactly is the difference between:
Code:
upgradepkg kernel-*.txz
(as per the instructions in that link), and:
Code:
slackpkg upgrade-all
(which is how I usually do it).

Aren't they more or less equivalent in the case where only kernel packages updates are available? Why would `upgradepkg kernel-*.txz` not pick up kernel-firmware*.txz also? Isn't the reason for the downgrade that the patch disappeared, rather than not upgrading via `upgradepkg kernel-*.txz`?

Last edited by drgibbon; 11-10-2019 at 09:57 AM.
 
Old 11-10-2019, 01:23 PM   #8
ehartman
Member
 
Registered: Jul 2007
Location: Delft, The Netherlands
Distribution: Slackware
Posts: 975

Rep: Reputation: 512Reputation: 512Reputation: 512Reputation: 512Reputation: 512Reputation: 512
Quote:
Originally Posted by drgibbon View Post
Why would `upgradepkg kernel-*.txz` not pick up kernel-firmware*.txz also?
Because it wasn't there in THAT directory (linux-4.4.199) yet (they were only added a day later), so slackpkg picked up the one for the original distribution instead (from the configured slackware mirror).
upgradepkg will never go to the internet, so will only upgrade the kernel packages you just downloaded.
I noticed when downloading the new kernel packages too that this upgrade didn't include the firmware, so I kept the ones from 4.4.190 (just moved them to another directory).

Last edited by ehartman; 11-10-2019 at 01:25 PM.
 
Old 11-10-2019, 05:00 PM   #9
drgibbon
Member
 
Registered: Nov 2014
Distribution: Slackware64 14.2
Posts: 513

Rep: Reputation: 332Reputation: 332Reputation: 332Reputation: 332
Ahh ok thanks, so with upgradepkg you're manually downloading the updated kernel packages first? Makes sense then if so.

But why would the older 2019 firmware disappear before the new one goes up (causing slackpkg to revert to an older firmware)? Just a glitch?
 
Old 11-10-2019, 07:48 PM   #10
ehartman
Member
 
Registered: Jul 2007
Location: Delft, The Netherlands
Distribution: Slackware
Posts: 975

Rep: Reputation: 512Reputation: 512Reputation: 512Reputation: 512Reputation: 512Reputation: 512
Quote:
Originally Posted by drgibbon View Post
But why would the older 2019 firmware disappear before the new one goes up (causing slackpkg to revert to an older firmware)? Just a glitch?
The older firmware was in a different directory (linux-4.4.190).
That whole directory got replaced BY the linux-4.4.199 one.

It probably would have been more consistent to put the firmware package into the /patches/packages directory instead of this versioned subdirectory.
But anyway, slackpkg is the wrong tool to update kernel packages, because normal you would want to "install" some of the packages (like the running kernel) and "upgrade" others (like the kernel source).
And you normally would have to install only one of the newer kernels, either the "huge" one or the "generic" one (and for the latter you would need to install the corresponding -modules one too).

I always download all of the new packages (into my private mirror) and then use either installpg or upgradepkg on the ones I need on my system.
 
1 members found this post helpful.
Old Yesterday, 08:01 AM   #11
ehartman
Member
 
Registered: Jul 2007
Location: Delft, The Netherlands
Distribution: Slackware
Posts: 975

Rep: Reputation: 512Reputation: 512Reputation: 512Reputation: 512Reputation: 512Reputation: 512
Quote:
Originally Posted by ehartman View Post
The older firmware was in a different directory (linux-4.4.190).
That whole directory got replaced BY the linux-4.4.199 one.
Note: with the Slackware 14.2 update to a 4.4.201 kernel the -firmware package has disappeared again!
So do NOT use slackpkg for kernel update packages or your firmware will be downgraded again.
 
Old Yesterday, 08:16 AM   #12
drgibbon
Member
 
Registered: Nov 2014
Distribution: Slackware64 14.2
Posts: 513

Rep: Reputation: 332Reputation: 332Reputation: 332Reputation: 332
Quote:
Originally Posted by ehartman View Post
Note: with the Slackware 14.2 update to a 4.4.201 kernel the -firmware package has disappeared again!
So do NOT use slackpkg for kernel update packages or your firmware will be downgraded again.
kernel-firmware-20191108_f1100dd-noarch-1.txz is in /patches now though, so slackpkg is not offering a downgrade for me with `slackpkg upgrade-all`.
 
Old Yesterday, 09:42 PM   #13
ehartman
Member
 
Registered: Jul 2007
Location: Delft, The Netherlands
Distribution: Slackware
Posts: 975

Rep: Reputation: 512Reputation: 512Reputation: 512Reputation: 512Reputation: 512Reputation: 512
Quote:
Originally Posted by drgibbon View Post
kernel-firmware-20191108_f1100dd-noarch-1.txz is in /patches now though, so slackpkg is not offering a downgrade for me with `slackpkg upgrade-all`.
Yes, Pat moved it up 1 directory after the original upgrade:
Quote:
patches/packages/linux-4.4.199/kernel-firmware-20191108_f1100dd-noarch-1.txz: Upgraded.
(note the directory linux-4.4.199 in there, which has now disappeared) so the problem has been solved.
patches/packages is a better directory for it anyway, as it is not kernel version related - as mentioned before: kernel-firmware has its own release schedule.
 
2 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
New Kernel Slackware 14.2- bug and security fixes. hitest Slackware 1 01-31-2019 02:41 PM
LXer: Debian GNU/Linux 9.2 "Stretch" Update Introduces Over 150 Security and Bug Fixes LXer Syndicated Linux News 0 10-08-2017 01:42 AM
LXer: Debian 9.1 (Stretch) Brings Security Fixes For Anonymous Connections Over Tor And Drupal 7 CMS & Apache 2 Fixes LXer Syndicated Linux News 0 07-23-2017 05:57 PM
LXer: Apache CloudStack Open Source Cloud updated for Security and Bug Fixes LXer Syndicated Linux News 0 04-26-2013 01:11 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 08:07 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration