Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Wed 12 Dec 2018, 01:52
All times are UTC - 4
 Forum index » Advanced Topics » Puppy Derivatives
AtomicPup-XIX
Moderators: Flash, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 7 of 8 [107 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6, 7, 8 Next
Author Message
8Geee


Joined: 12 May 2008
Posts: 1751
Location: N.E. USA

PostPosted: Sun 20 May 2018, 09:23    Post subject: curl 7.60  

Slackware updates now has a security update to curl. This fixes a condition using FTP in PASV mode. Its rather important. The updater or slackware com has the patch. The doc files can be removed, and the dot package file moved to builtin.

Regards
8Geee

_________________
Linux user #498913

Some people need to reimagine their thinking.
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 1751
Location: N.E. USA

PostPosted: Thu 31 May 2018, 20:25    Post subject: Firefox27 patch  

AtomicPup-18 uses a configured Firefox27. There are some changes need in about: config that alters the sizes of all non-zero caches. This is due to concerns about the side-channel attacks by Meltdown/spectre upon the CPU's caches. Keeping the browser = CPU helps, but does not solve the problem. In Atom CPU's the computer is not vunerable, but the browser is. In its supplied configuration, this browser does not "look ahead" or auto-complete, and does not use workers or an indexed database. This is the actual mitigation, but this new 'version' of M/S goes after the browser's cache. Thus, the browser cache must be made equal to the CPU size, else a racing condition exists. The next update of AtomicPup will include this in the browser. I have tested this patching with no harm/no foul so far (about a week).

For now if you wish, you can try these settings on your Atom CPU based AtomicPup-18.

1.) Disconnect from the internet
2.) Open Firefox and type about:config in the address bar
3.) Be Careful, and type cache in the search-bar
4.) A list of items will appear
5.) These items that are numeric AND not zero are changed to 512 for single-core Atoms, or 1024 for dual-core.

a.) browser.cache.memory.max_entry_size
b.) browser.cache.memory_limit
c.) image.cache.size
d.) image.mem.surfacecache.max_size_kb
e.) media.cache_size

6.) Close the browser
7.) Select MENU --> Shutdown --> Restart Graphical Server.
8.) When the desktop reappears, you can reconnect to the internet.

Regards
8Geee

_________________
Linux user #498913

Some people need to reimagine their thinking.
Back to top
View user's profile Send private message 
laika


Joined: 15 Jan 2007
Posts: 117

PostPosted: Fri 06 Jul 2018, 01:31    Post subject:  

Oh, this is nice! Feels pretty quick on my eee900a. Can't wait to get near some Wi-Fi with it.

Thanks, 8Geee et al.
Back to top
View user's profile Send private message 
metastasis69

Joined: 28 Aug 2013
Posts: 19
Location: Philippines

PostPosted: Sat 07 Jul 2018, 02:45    Post subject:  

This must be a good choice for me. I use artful pup but it's too much for the small machine. I think this will be quicker for the atom n455. I'm excited to download this operating system.
_________________
www.reverbnation.com/severemetastasis, http://www.bitlanders.com/metal-joe
Back to top
View user's profile Send private message Visit poster's website 
8Geee


Joined: 12 May 2008
Posts: 1751
Location: N.E. USA

PostPosted: Thu 12 Jul 2018, 22:14    Post subject: curl update  

There is new security update to curl --> 7.61. All that is needed is to remove the DOC files and move the new root dot package file to built-in.

Regards
8Geee

_________________
Linux user #498913

Some people need to reimagine their thinking.
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 1751
Location: N.E. USA

PostPosted: Wed 15 Aug 2018, 01:36    Post subject: openssl 1.0.2p  

Slackware has just released an openssl update --> 1.0.2p.
This has to be done at slackware using the default link in the browser provided. Download the solibs first (answer "Yes" in yellow box). and wait for the GUI boxes to clear, then download the main 1.0.2p update. When those GUI boxes clear, installation is done.

/usr/docs can be removed, and /root/.packages foor these two files can be moved to builtin, with removal of old file-lists.

The computer needs a shutdown with later restart (usually 5 minutes or more).

Regards
8Geee

_________________
Linux user #498913

Some people need to reimagine their thinking.
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 1751
Location: N.E. USA

PostPosted: Fri 17 Aug 2018, 15:02    Post subject: AtomicPup-XIX  

AtomicPup-XIX is ready for download.

Changes include
wget --> 1.19.5 (functions and stable)
openssl --> 1.0.2p ( as of 8/16/18 )

Firefox27...
Javascript has all caches zeroed
Necessary caches reduced to 512Kb (dual-core Atoms should alter this to 1024Kb)

The recent website problems have been fixed. This might be "their" side of the connection.

See the first posting for download and sha1sum.

Regards
8Geee

_________________
Linux user #498913

Some people need to reimagine their thinking.

Last edited by 8Geee on Wed 22 Aug 2018, 20:23; edited 2 times in total
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 1751
Location: N.E. USA

PostPosted: Wed 22 Aug 2018, 20:22    Post subject: libX11  

Slackware has released a security update to libX11 (only). AtomicPup-XIX uses the slackware-14.0-i486 version. After download (click YES in yellow box) the dot package file can be moved to builtin, and the DOC files in /usr/docs can be deleted. I waaited a day to see if there were/are any problems... so far so good.

Regards
8Geee

_________________
Linux user #498913

Some people need to reimagine their thinking.
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 1751
Location: N.E. USA

PostPosted: Sun 09 Sep 2018, 14:39    Post subject: curl 7.61.1  

A security update to curl 7.61 is available as 7.61.1

Those not needing the DOC files can remove them, and the dot packages file in root can move the new file into builtin.

Regards
8Geee

_________________
Linux user #498913

Some people need to reimagine their thinking.
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 1751
Location: N.E. USA

PostPosted: Mon 17 Sep 2018, 20:47    Post subject: ixquick --> startpage  

I have noticed that the default login page for my FF27 browser no longer connects to ixquick dot com.

Click on Edit --> Preferences --> General
In the address box in that tab, change the word ixquick to startpage. Its the same page without forwarding.

This will also be posted in the Additional Software --> Browsers thread.

Regards
8Geee

_________________
Linux user #498913

Some people need to reimagine their thinking.
Back to top
View user's profile Send private message 
grimoire


Joined: 04 Jul 2010
Posts: 71

PostPosted: Fri 21 Sep 2018, 02:19    Post subject: Re: ixquick --> startpage  

I've tested it in my old laptop Very Happy
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 1751
Location: N.E. USA

PostPosted: Mon 24 Sep 2018, 08:13    Post subject:  

Thanks for trying out AtomicPup-XIX.

IMHO its a good fit for these old netbooks, there's still plenty of the 10" versions floating around at ebay <US$100.

In Other News: YouTube is once again playing naughty, and the 'old method' of downloading the replay no longer works. Since the Download as mp4 addon is installed, use that on the error page (formerly known as the video page), saving as 360p to save space. Warning that some movies exceed 500Mb (3x the size of the distro) !

Regards
8Geee

_________________
Linux user #498913

Some people need to reimagine their thinking.
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 1751
Location: N.E. USA

PostPosted: Wed 31 Oct 2018, 20:32    Post subject: Curl update to 7.62  

Just noticed a curl update from 7.61.1 -->7.62 dated 10/31.

One of the patches is for buffer overrun in the SASL authentication code. Rather important.

After D/L the docs can be removed, and the dot packages file can be moved to builtin with removal of old file.

Regards
8Geee

_________________
Linux user #498913

Some people need to reimagine their thinking.
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 1751
Location: N.E. USA

PostPosted: Thu 22 Nov 2018, 06:30    Post subject: OpenSSL 1.0.2q update
Subject description: DO NOT UPDATE
 

Slackware has released an update to OpenSSL that is very important.

"This update fixes a timing side-channel flaw on processors which implement SMT/Hyper-Threading architectures, and a side channel attack on DSA signature generation that could allow an attacker to recover the private key."

I have had to bust this update as it borqs both epdf and FreeOffice 6.97. DO NOT UPGRADE !!!

Regards
8Geee

_________________
Linux user #498913

Some people need to reimagine their thinking.
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 1751
Location: N.E. USA

PostPosted: Fri 23 Nov 2018, 20:57    Post subject: ECDSA compromise  

Recently, Slackware published an update to OpenSSL. Within that update was a very troubling patch for ANY TLS security using the ECDSA method. Although the full patch borqued AtomicPup-XIX, this one patch is the most important update.

SORRY: this particular update is not necessary when running an ATOM CPU BEFORE 2012. This is the intended target of AtomicPup-XIX. The tracing of this security request is not the SSL vunerability, but in reality a CPU security compromise. The CPU security compromise is based upon Speculative Execution and Out-of-Order execution on/in more advanced CPU's (read: 64-bit). Since the Intel Atom processors built before 2012 are essentially 32-bit and do not have any form of Speculation/OoE, the cracking of the SSL information (read: key-exchange) is mitigated at the CPU level. That means the browser, for the most part, is also OK on the client side. But the server-side, as always, runs a risk of not being up to date.

I do note that there are versions of 64-bit ATOMS that are also immune. Generally, these were built in 2010 or 11.

To fix the erroneous patch

Disconnect from the internet and open FF-27.
Be careful and enter ECDSA into address bar.
Allow True (Double-Click) these three...

security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256
security.ssl3.ecdhe_ecdsa_aes_256_sha
security.ssl3.ecdhe_ecdsa_aes_256_sha1

Close browser then MENU--> Shutdown --> Restart Graphical engine

Reconnect to internet.

Sorry about this, hope this helps.

Regards
8Geee

_________________
Linux user #498913

Some people need to reimagine their thinking.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 7 of 8 [107 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6, 7, 8 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Puppy Derivatives
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0849s ][ Queries: 15 (0.0338s) ][ GZIP on ]