Hi all,
The linux kernel has been upgraded today (2018/01/10) from 3.2.71 to 3.2.98
Don't forget to modify your menu.lst or grub.cfg.
;-)
Linux kernel has been upgraded
(18 posts) (5 voices)- Started 6 years ago by Ceel
- Latest reply from Aleksej
- This topic is not a support question
-
Ceel
offlineAdministratorPosted 6 years ago # -
kultex
offlineKey Master!!! EDIT of this post !!!
see further down for more instructions
/------------------------------------------------------------\
| WARNING! WARNING! WARNING! WARNING! |
|------------------------------------------------------------|
| .!! 32-bit SliTaz distributions are subject to !!. |
| ..!! Meltdown and Spectre vulnerabilities. !!.. |
| ....!!... No patches for 32 bit Kernel yet. ...!!.... |
| ...!!... ONLY SliTaz Rolling 64 bit is save ...!!... |
\-------------------------------------------------------------/SliTaz 3.2.98 64bit kernel include the KPTI Patch, which is hardening your PC against meltdown
https://en.wikipedia.org/wiki/Kernel_page-table_isolation
so you should really make the upgrade on your machines as soon as possible
Posted 6 years ago # -
Ceel
offlineAdministratorhmm, something goes wrong when I update SliTaz Next:
Package Repository Version Status ================================================================================================================================================ dbus Main 1.10.14 ��� 1.10.22 (Blocked) dbus-helper Main 1.10.14 ��� 1.10.22 (Blocked) js Main 38.2.1 New build linux Main 4.9.30 ��� 4.9.76 linux-acpi Main 4.9.30 ��� 4.9.76 linux-agp Main 4.9.30 ��� 4.9.76 linux-cpufreq Main 4.9.30 ��� 4.9.76 linux-crypto Main 4.9.30 ��� 4.9.76 linux-drm Main 4.9.30 ��� 4.9.76 linux-ethernet Main 4.9.30 ��� 4.9.76 linux-firmware Main 4.9.30 ��� 4.9.76 linux-hid Main 4.9.30 ��� 4.9.76 linux-sound Main 4.9.30 ��� 4.9.76 locale-en Main 6.0 New build locale-fr Main 6.0 New build ntfs-3g Main 2017.3.23 New build slim Main 1.3.5 New build slitaz-base-files Main 332 ��� 333 (Blocked) slitaz-configs Main 312 New build (Blocked) slitaz-configs-base Main 312 New build (Blocked) udisks2 Main 2.1.8 ��� 2.7.2 (Blocked) ================================================================================================================================================ You have 15 available upgrades (6 blocked) 291 installed packages scanned in 14s Do you wish to install them now? (y/N) y js-38.2.1.tazpkg 100% |*******************************| 2636k 0:00:00 ETA Installation of package "js" ================================================================================ Mozilla's JavaScript engine written in C/C++ -------------------------------------------------------------------------------- Copying package... [ Done ] Extracting package... [ Done ] Remember modified packages... [ Done ] Installing package... [ Done ] Removing old files... [ Done ] Removing all tmp files... [ Done ] ================================================================================ Package "js" (38.2.1) is installed. md5sum: can't open 'linux-4.9.76.tazpkg': No such file or directory Checksum error for "linux-4.9.76.tazpkg" rm: can't remove 'linux-4.9.76.tazpkg': No such file or directory Recharging repository "Main" ================================================================================ Checking... [ Done ] Database timestamp: 01/10/18 15:39 Creating backup of the last packages list... [ Done ] Getting "bundle.tar.lzma"... [ Done ] ================================================================================ Last database is ready to use. Mirrored packages diff ================================================================================ audacious-dev-3.4.3 audacious-3.4.3 audacious-plugins-3.4.3 linux-4.9.30 lguest-4.9.30 ================================================================================ 5 new packages on the mirror. md5sum: can't open 'linux-4.9.30.tazpkg': No such file or directory Checksum error for "linux-4.9.30.tazpkg" rm: can't remove 'linux-4.9.30.tazpkg': No such file or directory Please wait until the mirror synchronization is complete and try again. linux-libre-acpi-2.6 100% |*******************************| 93040 0:00:00 ETA Tracking dependencies for package "linux-libre-acpi" ================================================================================ Missing package "linux-libre" ================================================================================ 1 missing package to install. ...
See entire log here http://paste.slitaz.org/?e18cbcdd1fe56b4b#5zPTnAz4TVJO2tWYCNPNmfyeWCyxT+ltsaDVDyA7dPQ=
Posted 6 years ago # -
Aleksej
offlineCoder-hobbyistHi Ceel,
Isn't it an old “unsynchronized mirrors“ issue?
Please show your mirror settings: execute “
tazpkg -sm” and then press Enter on prompt (to read “Nothing has been changed.”)My output is:
root@slitaz:/# tazpkg -sm Current mirror(s) ================================================================================ http://mirror1.slitaz.org/packages/next/ Please enter URL of the new mirror (http, ftp or local path). You must specify the complete address to the directory of the packages and packages.list file. New mirror(s) URL: Nothing has been changed.I just can't recall do you use “mirror1” or not. If not — please enter mirror URL as in my setup, then execute “
tazpkg recharge” and — to be sure — read the info about the “linux” package. My case:root@slitaz:/# tazpkg info linux TazPkg information ================================================================================ Package : linux State : installed package Version : 4.9.30 (new version "4.9.76" available) Category : base-system Short desc : The Linux Kernel Maintainer : devel@slitaz.org License : GPL2 Depends : kmod Web site : https://www.kernel.org/ Size : 5.4M/6.5M ================================================================================If tazpkg show you the same, you can proceed to upgrade using “
tazpkg up” command.PS. It was the fast solution. Continue your reading if you interested in the details.
Default SliTaz mirror “mirror.slitaz.org” isn't the single server. This default mirror just redirects you to one of three (or two) other mirrors in the random manner.
Problem is these servers can be unsynchronized and to return different files on the same request. For example, command “
tazpkg recharge” makes three requests for three files respectively: “IDs” (database identifier and timestamp), “bundle.tar.lzma” (packages database), and “files-list.lzma” (list of all files of all packages).During this simple process you may download these three files from three different mirrors, and some files may be up-to-date (i.e. synchronized with the main mirror “
mirror1”) while some other files may be out-of-date (i.e. previous files, yet not synchronized with “mirror1”). Then, when you update your packages, tazpkg may request the file (for example, “linux-4.9.76.tazpkg”) that exists on the main mirror, but may be missing on the randomly picked mirror.Using main mirror as your selected mirror should fix the problem.
PPS. I know, mirror using in the tazpkg should be reworked :-\
Posted 6 years ago # -
kultex
offlineKey Masterif somebody is interested in the background of spectre and meltdown
https://cyber.wtf/2018/01/05/behind-the-scene-of-a-bug-collision/
Posted 6 years ago # -
kultex
offlineKey Master@fredyfred
normally yes - but this can take normally some days - the quickest way is to search, if the packages are available
http://pkgs.slitaz.org/?package=linux
download and install them with "tazpkg install package"
and dont forget to update grub and menu.lst as ceel wrote in the first post
Posted 6 years ago # -
kultex
offlineKey MasterI was just reading, that KPTI does not work on 32 bit....
https://www.decadent.org.uk/ben/blog/meltdown-and-spectre-in-debian.html
here the same info -sorry only in german - for all windows 32 bit versions....
https://www.heise.de/security/meldung/Meltdown-Patches-32-Bit-Systeme-stehen-hinten-an-3940207.html
so I suggest all to switch to 64bit kernel - I will talk with Aleksej because of 64bit next kernel - I think its ready, but not yet available
Posted 6 years ago # -
Aleksej
offlineCoder-hobbyistHi there,
Sorry, there's no “ace in the sleeve”.
When I started to work with the Kernel updates, I deliberately removed 64-bit Kernel from the 32-bit system. There was problems with 64-bit cross-compiling (and likely they still), and I wanted to finish regular 32-bit Kernel for 32-bit system.So, summary.
We haven't 64-bit Kernel for 32-bit system.
We haven't 64-bit system and even don't started to work under it.I only believe, KPTI patch will be released later or sooner for 32-bit system: there's still many in use over the world...
And, how d'you think — should we make the warning on the top of our download list here:
/------------------------------------------------\ | WARNING! WARNING! WARNING! WARNING! WARNING! | |------------------------------------------------| | 32-bit SliTaz distributions are subject to | | Meltdown and Spectre vulnerabilities. | | No patch from the Linux Kernel developers yet. | | Please don't use our 32-bit distributions | | without realizing all the risks associated | | with these vulnerabilities. | \------------------------------------------------/PS. All I wrote here I wrote about SliTaz Next. Since I started to make it I switched to update only it and thinking about only it.
Sorry. There IS 64-bit Linux Kernel in the SliTaz Rolling. Use it. And I will use old unpatched 3.2.71 both with old vulnerable versions of other soft before I will be able to switch to use SliTaz Next daily. This "game" gives me no joy anymore...
Posted 6 years ago # -
kultex
offlineKey Masterthere is no reason to become desperate - the genious thing in this situation is, that you just can update your slitaz 32bit to 64bit - just install all your linux64 packages and update grub.lst
ISO: http://download.tuxfamily.org/slitaz/iso/rolling/slitaz-rolling-core64.iso
most newer Intel processors are 64bit capable:
https://en.wikipedia.org/wiki/List_of_Intel_microprocessors
Attachments
-
update.jpg (144.9 KB, 1,809 downloads) 6 years old
Posted 6 years ago # -
-
Aleksej
offlineCoder-hobbyistWell, I found my words reckless while I'm too key figure in the SliTaz... Cracking me they can crack the SliTaz itself... So well, I'll switch to 64 bit Kernel ASAP.
But I'm very unhappy founding all this flood of known vulnerabilities (and imagining the value of unknown ones). By the way, who heard of the fresh CVE-2018-1000001 in the Glibc? Do we need any patches?
And after that, can we recommend to use old SliTaz distributions for very old hardware? I think the answer will be no, using SliTaz from 1 to 3 is very unsafe to you and your close loved people :-|
Posted 6 years ago # -
kultex
offlineKey MasterNormally I am not so in panic with updates - but the problem of spectre and meltdown is effecting all OS and a lot of machines - and I think there will be attacs on this very soon.
so +- the only machines, which are not affected are ARM A7 + A53 boards - so all raspis, some bananas, Odroid C2, cubitrack and all machines with Armlogic S905 + S912 - all of this boards - exept Pi1 - dont run SliTaz.
So at the moment, there is only a very limited range of machines to run SLiTaz save - the main problem are the newer Intel + AMDs - they dont run with Kernel 3.2 - we need 4.9 for them.......
Posted 6 years ago # -
Aleksej
offlineCoder-hobbyistWell, I'll proceed to adoption existing linux-4.9 package receipt to be linux64 night January, 15-16. Hope it will be done that time.
Posted 6 years ago # -
fredyfred
offlineMemberjust a query re. Meltdown and Spectre.
The news (in NZ) stated (the Meltdown and Spectre) vulnerabilities was due to a fault in the development of faster processor chips. They suggested those with older PCs may not have this vulnerability. Is there a possibility Slitaz users with older 32 bit PCs may not need to be running 64 bit software anyway?
Posted 6 years ago #
Reply »
You must log in to post.
