1. Forum
  2. USENET
  3. alt.os.linux.slackware

  • Alien Bob multilib stuff ... glibc-2.33_multilib-x86_64-alien

    From Jim Diamond@zsd@jdvb.ca to alt.os.linux.slackware on Fri May 23 10:29:15 2025
    From Newsgroup: alt.os.linux.slackware

    A while back Alien Bob announced that Pat V has adopted the multilib
    version of glib in slackware64-current.

    Recently Pat V updated glibc-2.33 for Slackware64 15.0 for security reasons.

    Some of us still running 15.0 might be interested in this update.

    Does anyone know whether
    (a) Alien Bob has an update for 15.0 somewhere other than the "usual"
    place he put his multilib stuff; or
    (b) whether the 15.0 version of glibc-2.33-x86_64-8_slack15.0 contains
    the multilib extensions.

    Thanks.
    Jim

    --- Synchronet 3.21d-Linux NewsLink 1.2
  • From Thomas Zajic@zlatko@gmx.at to alt.os.linux.slackware on Fri May 23 16:56:29 2025
    From Newsgroup: alt.os.linux.slackware

    * Jim Diamond <zsd@jdvb.ca>

    A while back Alien Bob announced that Pat V has adopted the multilib
    version of glib in slackware64-current.

    Oh, cool! 8-) I somehow seem to have missed that announcement.

    [...]
    Does anyone know whether
    (a) Alien Bob has an update for 15.0 somewhere other than the "usual"
    place he put his multilib stuff; or

    I don't think so - why should he, what would be the point?

    (b) whether the 15.0 version of glibc-2.33-x86_64-8_slack15.0 contains
    the multilib extensions.

    No, it does not.

    Just be patient, the update for 15.0 will come eventually (I'm also
    running 15.0 multilib).

    HTH
    Thomas
    --
    =-------------------------------------------------------------------------=
    - Thomas "ZlatkO" Zajic <zlatko@gmx.at> Linux-6.12 & slrn-1.0.3a -
    - "In layman's terms: speedy thing goes in, speedy thing comes out." - =-------------------------------------------------------------------------=
    --- Synchronet 3.21d-Linux NewsLink 1.2
  • From Henrik Carlqvist@Henrik.Carlqvist@deadspam.com to alt.os.linux.slackware on Fri May 23 17:33:44 2025
    From Newsgroup: alt.os.linux.slackware

    On Fri, 23 May 2025 16:56:29 +0200, Thomas Zajic wrote:
    Just be patient, the update for 15.0 will come eventually (I'm also
    running 15.0 multilib).

    And until then, be careful about CVE-2025-4802 which basically means
    don't set the setuid bit on any statically linked 32-bit binary which
    calls dlopen for some kind of plug-in functionality.

    This is kind of a teoretical vulnerability. Not many binaries are
    installed with the setuid flag. Not many binaries are statically linked.
    Some binaries call, but most don't call dlopen. And even on a multilib
    system, most installed binaries are 64 bit. However, if you do happen to
    have any such installed 32 bit binaries you will need to be careful with
    local and remote users who can tamper with their LD_LIBRARY_PATH variable before running that binary.

    regards Henrik
    --- Synchronet 3.21d-Linux NewsLink 1.2
  • From Jim Diamond@zsd@jdvb.ca to alt.os.linux.slackware on Sat May 24 14:04:18 2025
    From Newsgroup: alt.os.linux.slackware

    On 2025-05-23 at 11:56 ADT, Thomas Zajic <zlatko@gmx.at> wrote:
    * Jim Diamond <zsd@jdvb.ca>

    A while back Alien Bob announced that Pat V has adopted the multilib
    version of glib in slackware64-current.

    Oh, cool! 8-) I somehow seem to have missed that announcement.

    [...]
    Does anyone know whether
    (a) Alien Bob has an update for 15.0 somewhere other than the "usual"
    place he put his multilib stuff; or

    I don't think so - why should he, what would be the point?

    It is conceivable that Alien Bob is now using some other site to share his work.

    Just be patient, the update for 15.0 will come eventually (I'm also
    running 15.0 multilib).

    I hope it does come eventually.

    Jim
    --- Synchronet 3.21d-Linux NewsLink 1.2
  • From Chris Elvidge@chris@internal.net to alt.os.linux.slackware on Sat May 24 19:32:35 2025
    From Newsgroup: alt.os.linux.slackware

    On 24/05/2025 at 18:04, Jim Diamond wrote:
    On 2025-05-23 at 11:56 ADT, Thomas Zajic <zlatko@gmx.at> wrote:
    * Jim Diamond <zsd@jdvb.ca>

    A while back Alien Bob announced that Pat V has adopted the multilib
    version of glib in slackware64-current.

    Oh, cool! 8-) I somehow seem to have missed that announcement.

    [...]
    Does anyone know whether
    (a) Alien Bob has an update for 15.0 somewhere other than the "usual"
    place he put his multilib stuff; or

    I don't think so - why should he, what would be the point?

    It is conceivable that Alien Bob is now using some other site to share his work.

    See gwene.com.slackware.alien.blog on gmane.io


    Just be patient, the update for 15.0 will come eventually (I'm also
    running 15.0 multilib).

    I hope it does come eventually.

    Jim

    --
    Chris Elvidge, England
    I WILL NOT DO THE DIRTY BIRD

    --- Synchronet 3.21d-Linux NewsLink 1.2
  • From Thomas Zajic@zlatko@gmx.at to alt.os.linux.slackware on Tue May 27 12:37:10 2025
    From Newsgroup: alt.os.linux.slackware

    * Jim Diamond <zsd@jdvb.ca>

    On 2025-05-23 at 11:56 ADT, Thomas Zajic <zlatko@gmx.at> wrote:

    * Jim Diamond <zsd@jdvb.ca>
    Does anyone know whether
    (a) Alien Bob has an update for 15.0 somewhere other than the "usual"
    place he put his multilib stuff; or

    I don't think so - why should he, what would be the point?

    It is conceivable that Alien Bob is now using some other site to share his work.

    Yes, sure, but in that case I'd expect to find at least a pointer to
    this hypothetical new site on the old site. :-)

    Thomas
    --
    =-------------------------------------------------------------------------=
    - Thomas "ZlatkO" Zajic <zlatko@gmx.at> Linux-6.12 & slrn-1.0.3a -
    - "In layman's terms: speedy thing goes in, speedy thing comes out." - =-------------------------------------------------------------------------=
    --- Synchronet 3.21d-Linux NewsLink 1.2
  • From Henrik Carlqvist@Henrik.Carlqvist@deadspam.com to alt.os.linux.slackware on Tue May 27 17:40:01 2025
    From Newsgroup: alt.os.linux.slackware

    On Fri, 23 May 2025 17:33:44 +0000, Henrik Carlqvist wrote:
    And until then, be careful about CVE-2025-4802 which basically means
    don't set the setuid bit on any statically linked 32-bit binary which
    calls dlopen for some kind of plug-in functionality.

    It wasn't until today that I realized that the glibc update breaks
    multilib functinality. So no need to worry about any CVE in 32 bit
    binaries as they can't be run with the latest glibc packages installed...

    Unless anyone is willing to roll their own multiblib glibc packages there
    are two choices until updated official multilib glibc are published:

    1) Have a patched system unable to run 32 bit binaries

    2) Revert to the multilib glibc package known to have the CVE-2025-4802 vulnerability.

    regards Henrik
    --- Synchronet 3.21d-Linux NewsLink 1.2
  • From news20k.noreply@news20k.noreply@threeformcow.myzen.co.uk (#Paul) to alt.os.linux.slackware on Fri Jun 13 08:11:44 2025
    From Newsgroup: alt.os.linux.slackware

    Jim Diamond <zsd@jdvb.ca> wrote:
    Recently Pat V updated glibc-2.33 for Slackware64 15.0 for security reasons.

    FWIW, and since noone else has pointed it out here, there seem to be
    updated packages in http://www.slackware.com/~alien/multilib/15.0/
    now. I guess alien was just a bit busy recently.

    #Paul
    --- Synchronet 3.21d-Linux NewsLink 1.2
  • From Henrik Carlqvist@Henrik.Carlqvist@deadspam.com to alt.os.linux.slackware on Fri Jun 13 16:46:36 2025
    From Newsgroup: alt.os.linux.slackware

    On Fri, 13 Jun 2025 08:11:44 +0100, #Paul wrote:
    FWIW, and since noone else has pointed it out here, there seem to be
    updated packages in http://www.slackware.com/~alien/multilib/15.0/ now.
    I guess alien was just a bit busy recently.

    Great news!

    regards Henrik
    --- Synchronet 3.21d-Linux NewsLink 1.2