AtomicPup2020 Released

For talk and support relating specifically to Puppy derivatives
Message
Author
User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

curl 7.60

#91 Post by 8Geee »

Slackware updates now has a security update to curl. This fixes a condition using FTP in PASV mode. Its rather important. The updater or slackware com has the patch. The doc files can be removed, and the dot package file moved to builtin.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

Firefox27 patch

#92 Post by 8Geee »

AtomicPup-18 uses a configured Firefox27. There are some changes need in about: config that alters the sizes of all non-zero caches. This is due to concerns about the side-channel attacks by Meltdown/spectre upon the CPU's caches. Keeping the browser = CPU helps, but does not solve the problem. In Atom CPU's the computer is not vunerable, but the browser is. In its supplied configuration, this browser does not "look ahead" or auto-complete, and does not use workers or an indexed database. This is the actual mitigation, but this new 'version' of M/S goes after the browser's cache. Thus, the browser cache must be made equal to the CPU size, else a racing condition exists. The next update of AtomicPup will include this in the browser. I have tested this patching with no harm/no foul so far (about a week).

For now if you wish, you can try these settings on your Atom CPU based AtomicPup-18.

1.) Disconnect from the internet
2.) Open Firefox and type about:config in the address bar
3.) Be Careful, and type cache in the search-bar
4.) A list of items will appear
5.) These items that are numeric AND not zero are changed to 512 for single-core Atoms, or 1024 for dual-core.

a.) browser.cache.memory.max_entry_size
b.) browser.cache.memory_limit
c.) image.cache.size
d.) image.mem.surfacecache.max_size_kb
e.) media.cache_size

6.) Close the browser
7.) Select MENU --> Shutdown --> Restart Graphical Server.
8.) When the desktop reappears, you can reconnect to the internet.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
laika
Posts: 113
Joined: Tue 16 Jan 2007, 00:58

#93 Post by laika »

Oh, this is nice! Feels pretty quick on my eee900a. Can't wait to get near some Wi-Fi with it.

Thanks, 8Geee et al.

metastasis69
Posts: 21
Joined: Wed 28 Aug 2013, 08:00
Location: Philippines
Contact:

#94 Post by metastasis69 »

This must be a good choice for me. I use artful pup but it's too much for the small machine. I think this will be quicker for the atom n455. I'm excited to download this operating system.
www.reverbnation.com/severemetastasis, http://www.bitlanders.com/metal-joe

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

curl update

#95 Post by 8Geee »

There is new security update to curl --> 7.61. All that is needed is to remove the DOC files and move the new root dot package file to built-in.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

openssl 1.0.2p

#96 Post by 8Geee »

Slackware has just released an openssl update --> 1.0.2p.
This has to be done at slackware using the default link in the browser provided. Download the solibs first (answer "Yes" in yellow box). and wait for the GUI boxes to clear, then download the main 1.0.2p update. When those GUI boxes clear, installation is done.

/usr/docs can be removed, and /root/.packages foor these two files can be moved to builtin, with removal of old file-lists.

The computer needs a shutdown with later restart (usually 5 minutes or more).

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

AtomicPup-XIX

#97 Post by 8Geee »

AtomicPup-XIX is ready for download.

Changes include
wget --> 1.19.5 (functions and stable)
openssl --> 1.0.2p ( as of 8/16/18 )

Firefox27...
Javascript has all caches zeroed
Necessary caches reduced to 512Kb (dual-core Atoms should alter this to 1024Kb)

The recent website problems have been fixed. This might be "their" side of the connection.

See the first posting for download and sha1sum.

Regards
8Geee
Last edited by 8Geee on Thu 23 Aug 2018, 00:23, edited 2 times in total.
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

libX11

#98 Post by 8Geee »

Slackware has released a security update to libX11 (only). AtomicPup-XIX uses the slackware-14.0-i486 version. After download (click YES in yellow box) the dot package file can be moved to builtin, and the DOC files in /usr/docs can be deleted. I waaited a day to see if there were/are any problems... so far so good.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

curl 7.61.1

#99 Post by 8Geee »

A security update to curl 7.61 is available as 7.61.1

Those not needing the DOC files can remove them, and the dot packages file in root can move the new file into builtin.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

ixquick --> startpage

#100 Post by 8Geee »

I have noticed that the default login page for my FF27 browser no longer connects to ixquick dot com.

Click on Edit --> Preferences --> General
In the address box in that tab, change the word ixquick to startpage. Its the same page without forwarding.

This will also be posted in the Additional Software --> Browsers thread.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
grimoire
Posts: 72
Joined: Mon 05 Jul 2010, 01:55

Re: ixquick --> startpage

#101 Post by grimoire »

I've tested it in my old laptop :D

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

#102 Post by 8Geee »

Thanks for trying out AtomicPup-XIX.

IMHO its a good fit for these old netbooks, there's still plenty of the 10" versions floating around at ebay <US$100.

In Other News: YouTube is once again playing naughty, and the 'old method' of downloading the replay no longer works. Since the Download as mp4 addon is installed, use that on the error page (formerly known as the video page), saving as 360p to save space. Warning that some movies exceed 500Mb (3x the size of the distro) !

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

Curl update to 7.62

#103 Post by 8Geee »

Just noticed a curl update from 7.61.1 -->7.62 dated 10/31.

One of the patches is for buffer overrun in the SASL authentication code. Rather important.

After D/L the docs can be removed, and the dot packages file can be moved to builtin with removal of old file.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

OpenSSL 1.0.2q update

#104 Post by 8Geee »

Slackware has released an update to OpenSSL that is very important.

"This update fixes a timing side-channel flaw on processors which implement SMT/Hyper-Threading architectures, and a side channel attack on DSA signature generation that could allow an attacker to recover the private key."

I have had to bust this update as it borqs both epdf and FreeOffice 6.97. DO NOT UPGRADE !!!

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

ECDSA compromise

#105 Post by 8Geee »

Recently, Slackware published an update to OpenSSL. Within that update was a very troubling patch for ANY TLS security using the ECDSA method. Although the full patch borqued AtomicPup-XIX, this one patch is the most important update.

SORRY: this particular update is not necessary when running an ATOM CPU BEFORE 2012. This is the intended target of AtomicPup-XIX. The tracing of this security request is not the SSL vunerability, but in reality a CPU security compromise. The CPU security compromise is based upon Speculative Execution and Out-of-Order execution on/in more advanced CPU's (read: 64-bit). Since the Intel Atom processors built before 2012 are essentially 32-bit and do not have any form of Speculation/OoE, the cracking of the SSL information (read: key-exchange) is mitigated at the CPU level. That means the browser, for the most part, is also OK on the client side. But the server-side, as always, runs a risk of not being up to date.

I do note that there are versions of 64-bit ATOMS that are also immune. Generally, these were built in 2010 or 11.

To fix the erroneous patch

Disconnect from the internet and open FF-27.
Be careful and enter ECDSA into address bar.
Allow True (Double-Click) these three...

security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256
security.ssl3.ecdhe_ecdsa_aes_256_sha
security.ssl3.ecdhe_ecdsa_aes_256_sha1

Close browser then MENU--> Shutdown --> Restart Graphical engine

Reconnect to internet.

Sorry about this, hope this helps.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

Patch errors

#106 Post by 8Geee »

Please note the changes in the above two most recent posts.

DO NOT UPDATE to OPENSSL 1.0.2q if using an ATOM processor.
Check your ECDSA curves as above in FireFox27.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

gnutls and nettle update

#107 Post by 8Geee »

Both of these were updated by slackware yesterday Dec. 5, 2018.

For AtomicPup-XIX use the 'Slackware14.2 i586' version.

Highlight and paste the link in a new tab.
Click YES in Yellow box, and OK when loading and completed.
When finished with both, close browser and disconnect from internet.
Navigate ROX-filer to /usr/lib and open
The following symlinks must be made
Remove nettle4.7 and symlink from nettle6.5 (right-click --> Link) back to 4.7, typing 4.7 into the address box.
Remove libgnutls28.43.0 and symlink libgnutls30.23.0 as above.
Check libgnutls-openssl for version 27.0.2

At this point navigate to /usr/doc to remove the doc files.
Then /root/.packages (hidden file) to move the new file-lists into the builtin folder. You may remove the older versions if needed.

Close ROX-filer and all other items and perform a shutdown.
After 5 minutes restart, and reconnect to internet as needed.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

mp3 and mp4 downloads

#108 Post by 8Geee »

If you are having trouble downloading at YouTube or other sites, nic007 has passed along this site as a fine alternative. One can select mp3 or mp4. The mp3 can have the compression altered (128K, 192K, 320K at least). I am not sure about video size yet but usually 360p or 720p is offered at YouTube.

This link will be included with the default bookmarks next update. You can simply add it now by saving your current bookmarks, then go to ~/my-applications/MyFiles to reload the default bookmark2 file, add the new link, and Save As HTML to the default location above. Then Import your original bookmarks.

Regards and thanks again to nic007
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

Curl update --> 7.64

#109 Post by 8Geee »

Slackware has a security patch for curl.
The patch upgrades 7.62 --> 7.64

The usr/doc files may be deleted, and root/.packages file for the new update should be moved to builtin. The old packages file may be removed.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
Gedrean
Posts: 139
Joined: Fri 05 Jun 2009, 05:59

Current Torrent File fails

#110 Post by Gedrean »

Hey @8Geee the torrent file on archive.org fails when I load it into my rtorrent instance, the tracker returns that the torrent is not valid or authorized on that tracker. Can you double-check? Was successfully able to download it by hand but wanted to get the torrented archive.

Post Reply