OpenSSL update for Slackware

Slackware 1245 Published by Philipp Esselbach 0

New OpenSSL packages for Slackware 15.0 and -current fix critical security issues. Security flaws include potential use-after-free errors in DANE client code plus NULL pointer dereferences during CMS processing. Ken Zalewski prepared the patch by backporting from the OpenSSL-3.0 repo because the fixes were originally part of a premium release only available to subscribers.

openssl (SSA:2026-101-01)

LibPNG update for Slackware

Slackware 1245 Published by Philipp Esselbach 0

Slackware users running version 15.0 or the current branch should upgrade libpng to fix a medium severity security vulnerability. This update addresses use-after-free errors within specific functions that could potentially lead to corrupted chunk data and heap information disclosure. Additional hardening was applied to append-style setters to protect against theoretical variants of this same aliasing pattern during the patch process. You can download the corrected packages from the official FTP site or find additional mirrors near you on the main website before installing them as root.

libpng (SSA:2026-099-01)

Thunderbird and Firefox updates for Slackware

Slackware 1245 Published by Philipp Esselbach 0

The Slackware Linux Security Team released new packages to patch security issues in Mozilla Thunderbird and Firefox. Users on Slackware 15.0 or the current development branch should upgrade to version 140.9.1esr to resolve these problems. Specific CVEs are listed in the advisory text for anyone needing more granular details about the flaws. Installation requires root access so you must run upgradepkg with the correct package file names from the FTP server.

mozilla-thunderbird (SSA:2026-098-02)
mozilla-firefox (SSA:2026-098-01)

Krita and Infozip updates for Slackware

Slackware 1245 Published by Philipp Esselbach 0

The Slackware Linux Security Team recently issued advisories regarding critical security updates for Krita and Infozip applications. Users running version 15.0 should install the new Krita package which resolves a heap-based buffer overflow vulnerability when parsing TGA files. A separate update for Infozip fixes Unicode string handling flaws that could lead to null pointer dereferences or out-of-bounds writes on current and stable branches.

krita (SSA:2026-093-02)
infozip (SSA:2026-093-01)

XZ update for Slackware

Slackware 1245 Published by Philipp Esselbach 0

Slackware Linux has released urgent security updates for the xz package to address critical flaws in versions 15.0 and -current. The developers fixed a buffer overflow inside lzma_index_append() alongside some memory access issues found when handling files. You can get the new packages from the FTP site or find mirrors on their web page if you prefer a closer server location. Just upgrade as root using upgradepkg when ready.

xz (SSA:2026-090-01)

Bind and TigerVNC updates for Slackware

Slackware 1245 Published by Philipp Esselbach 0

Slackware Linux has issued security advisories for bind and tigervnc packages targeting version 15.0 and -current systems. The bind package resolves an issue regarding unbounded NSEC3 iterations, whereas the TigerVNC upgrade specifically targets a flaw allowing other users to manipulate screen contents via x0vncserver. Administrators must download the new packages from the listed FTP sites and verify their signatures before executing the upgradepkg utility as root.

bind (SSA:2026-084-01)
tigervnc (SSA:2026-084-02)

Expat security update for Slackware

Slackware 1245 Published by Philipp Esselbach 0

Slackware Linux has issued updated expat packages for version 15.0 and current branches specifically to address multiple significant security issues. These patches address critical vulnerabilities involving NULL pointers and potential infinite loops within the processing functions.

expat (SSA:2026-077-01)

LibXML2 and LibArchive updates for Slackware

Slackware 1245 Published by Philipp Esselbach 0

New packages are available for libxml2 and libarchive to fix security issues on Slackware 15.0 and -current. The updates for libxml2 address several vulnerabilities, including memory leaks and infinite recursion, while the update for libarchive fixes bugs and security issues such as NULL pointer dereferences and potential memory leaks.

libxml2 (SSA:2026-070-02)
libarchive (SSA:2026-070-01)

NVI update for Slackware

Slackware 1245 Published by Philipp Esselbach 0

New packages for nvi have been released to fix a security issue affecting Slackware 15.0 and -current. The update includes fixes for wide-character support, heap-based buffer overflows in regex handling, and other improvements. The patches were contributed by r1w1s1 and merged from Debian, and can be downloaded from various mirror sites or the OSU Open Source Lab's FTP server. To install the updates, users should run "upgradepkg" as root with the relevant package name.

nvi (SSA:2026-063-01)

Python3 update for Slackware

Slackware 1245 Published by Philipp Esselbach 0

New packages for python3 are available to fix security issues on Slackware 15.0 and -current. The updates include a new version of python3, with the 3.9.25-i586-1_slack15.0 package being upgraded to address bugs and security issues.

python3 (SSA:2026-062-01)

Telnet and Gvfs updates for Slackware

Slackware 1245 Published by Philipp Esselbach 0

Two security updates have been released for Slackware Linux. The first update fixes a vulnerability in the telnet package (SSA:2026-059-02), which can be exploited by an unauthenticated remote attacker to execute arbitrary code on the server running telnetd. This should only be used on isolated networks where security is not a concern. The second update addresses two security issues in the gvfs package (SSA:2026-059-01). These vulnerabilities have been patched, and users are advised to upgrade their packages as soon as possible.

telnet (SSA:2026-059-02)
gvfs (SSA:2026-059-01)

Firefox, Thunderbird, Lrzip, LibSSH updates for Slackware

Slackware 1245 Published by Philipp Esselbach 0

Mozilla Firefox and Thunderbird packages have been updated for Slackware 15.0 and -current to fix security issues, including a heap buffer overflow in libvpx. The new packages can be found on the official Slackware FTP servers or mirror sites near you, and the MD5 signatures are provided for verification. Additionally, a new lrzip package is available to address multiple potential security issues with crafted or corrupt archives. Users should upgrade the packages as root by running the "upgradepkg" command with the corresponding package name.

mozilla-firefox (SSA:2026-047-03)
mozilla-thunderbird (SSA:2026-047-04)
lrzip (SSA:2026-047-02)
libssh (SSA:2026-047-01)

OpenSSL and P11-Kit updates for Slackware

Slackware 1245 Published by Philipp Esselbach 0

New security updates are available for OpenSSL and p11-kit on Slackware 15.0. The OpenSSL update fixes several vulnerabilities, including heap out-of-bounds write, unauthenticated/unencrypted trailing bytes, and null pointer dereference issues. The p11-kit update addresses a single security issue: a NULL dereference via C_DeriveKey with specific NULL parameters. This vulnerability has been fixed in the latest version of p11-kit, which is now available for Slackware 15.0 and -current.

openssl (SSA:2026-037-02)
p11-kit (SSA:2026-037-01)

Expat update for Slackware

Slackware 1245 Published by Philipp Esselbach 0

Expats packages have been updated for Slackware 15.0 and -current to fix security issues, including vulnerabilities that can cause denial of service or integer overflow. The update addresses two specific CVEs: CVE-2026-24515 and CVE-2026-25210. Users can find the new packages on various mirror sites, including the official Slackware website and the OSU Open Source Lab's FTP servers.

expat (SSA:2026-031-01)

Thunderbird update for Slackware

Slackware 1245 Published by Philipp Esselbach 0

New packages for Mozilla Thunderbird have been released to address security issues in Slackware 15.0 and -current. The updated packages, including version 140.7.1esr, can be found on the official Slackware FTP site or through additional mirror sites listed on the "Get Slack" section of the Slackware website.

mozilla-thunderbird (SSA:2026-027-01)

BIND updates for Slackware

Slackware 1245 Published by Philipp Esselbach 0

New bind packages are available for Slackware 15.0 and -current to fix security issues. The update fixes a security issue where malformed BRID and HHIT records could trigger an assertion failure, with more information available on the ISC Knowledge Base.

bind (SSA:2026-021-01)

Next Page

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...