Slackware 1278 Published by Philipp Esselbach 0

The Slackware Linux Security Team just released critical updates for Firefox, PHP, libgpg error, Thunderbird, and the main kernel across both stable and development branches. These patches address a wide array of serious flaws ranging from dangerous memory corruption bugs to browser based scripting vulnerabilities that could compromise system integrity. Administrators should apply these upgrades right away because several of the reported exploits enable unauthorized privilege escalation on affected machines. You can grab the corrected files from official FTP mirrors and install them using standard root commands before restarting any impacted services or rebooting your system.

mozilla-firefox (SSA:2026-127-02)
php (SSA:2026-127-03)
libgpg-error (SSA:2026-127-01)
kernel (SSA:2026-128-01)
mozilla-thunderbird (SSA:2026-128-02)

Slackware 1278 Published by Philipp Esselbach 0

Slackware users need to upgrade hunspell to version 1.7.3 across both the stable release and current development branches to patch critical security vulnerabilities. The updated binaries are available on official FTP servers hosted by the OSU Open Source Lab, so you can grab them directly from your preferred mirror. Make sure to download the correct build for your system architecture and verify the provided MD5 signatures before installing anything. A quick root command using upgradepkg will handle the rest and keep your spelling tools running securely.

hunspell (SSA:2026-125-01)

Slackware 1278 Published by Philipp Esselbach 0

The Slackware Linux Security Team has released updated httpd packages for both the stable 15.0 release and the current development branch to address multiple security flaws in Apache version 2.4.67. These patches fix critical vulnerabilities that could allow attackers to trigger memory disclosures, escalate privileges, or execute arbitrary code through various server modules. Administrators can download the corrected files from official mirrors, verify their integrity using the provided MD5 checksums, and install them with a simple upgradepkg command.

httpd (SSA:2026-124-01)

Slackware 1278 Published by Philipp Esselbach 0

Slackware has released urgent security patches for gnutls, the Linux kernel, and Mozilla Thunderbird across both version 15.0 and the current development branch. The gnutls update addresses a heap overflow vulnerability in DTLS fragment handling that could allow remote code execution. Kernel administrators will also want to patch a critical out-of-bounds write flaw in AEAD cipher algorithms since attackers might exploit it to gain root access through setuid programs. You can install these fixes right away with standard upgrade commands, though delaying the update temporarily requires blacklisting the vulnerable kernel module instead.

gnutls (SSA:2026-122-02)
kernel (SSA:2026-122-01)
mozilla-thunderbird (SSA:2026-122-03)

Slackware 1278 Published by Philipp Esselbach 0

The Slackware Linux Security Team just pushed out fresh Firefox builds for version 15.0 and the current branch because multiple security holes were discovered. These patches tackle four specific vulnerabilities while also smoothing out some general browser performance issues. You can grab the updated i386 or x86_64 files straight from the main FTP servers or any local mirror that carries Slackware distributions. After downloading, just switch to root and run upgradepkg on the package file to finish everything up without much hassle.

mozilla-firefox (SSA:2026-121-01)

Slackware 1278 Published by Philipp Esselbach 0

Slackware recently pushed out new proftpd packages for both the 15.0 release and the current development stream. The update targets a dangerous SQL injection flaw that could let malicious users bypass login checks, gain elevated access, or run arbitrary code on vulnerable servers

proftpd (SSA:2026-118-01)

Slackware 1278 Published by Philipp Esselbach 0

Slackware has released updated mpg123 packages to address a critical security flaw in versions 15.0 and current. The vulnerability stems from a regression introduced in release 1.32.0 that mishandles file offsets on 32-bit architectures, leading to memory corruption and unexpected crashes. This patch corrects the issue across the main player as well as companion utilities like out123 and mpg123-id3dump. Administrators can retrieve the fixed files from official FTP servers and apply them quickly using standard upgrade commands.

mpg123 (SSA:2026-117-01)

Slackware 1278 Published by Philipp Esselbach 0

The Slackware Linux Security Team recently pushed updated packages for libXpm, Mozilla Firefox, and Thunderbird to address several security vulnerabilities. These patches cover both the stable 15.0 release and the rolling development branch, fixing an out-of-bounds read in the graphics library while also resolving multiple browser flaws. System administrators can grab the corrected files from official mirrors or partner hosting sites before running standard upgrade commands on their machines. Every download comes with verified checksums and clear installation steps to keep deployments secure and straightforward.

libXpm (SSA:2026-111-01)
mozilla-thunderbird (SSA:2026-111-03)
mozilla-firefox (SSA:2026-111-02)

Slackware 1278 Published by Philipp Esselbach 0

Slackware recently pushed updated tigervnc packages for version 15.0 and the rolling release branch to patch serious security holes. Administrators will notice these builds link against a corrected xorg-server that neutralizes multiple dangerous flaws, including buffer overflows and use-after-free bugs in XKB and XSYNC modules. The official advisory references several CVE numbers so teams can verify exactly which vulnerabilities are being mitigated. You can grab the new files from any standard mirror and apply them instantly by running upgradepkg with root privileges.

tigervnc (SSA:2026-108-01)

Slackware 1278 Published by Philipp Esselbach 0

Slackware has released updated CUPS packages for versions 15.0 and current to patch several critical security flaws. The update addresses problems ranging from case sensitivity errors in user authentication to buffer overflows in the RSS notifier and weak certificate validation on local interfaces. Administrators can grab the new files directly from official FTP mirrors tailored for both i586 and x86_64 systems. Once you run the upgrade command, simply restart the printing service to ensure all protections take effect immediately.

cups (SSA:2026-107-01)

Slackware 1278 Published by Philipp Esselbach 0

Slackware users on version 15.0 or the current branch should install new libxml2 packages to address several critical security vulnerabilities immediately. These updates specifically fix type confusion in c14n processing along with dangerous memory errors found within the Python bindings. Administrators can retrieve the updated packages from the OSU Open Source Lab or check other mirrors near you. Just run the upgrade command as root to apply the changes correctly.

libxml2 (SSA:2026-106-01)

Slackware 1278 Published by Philipp Esselbach 0

Slackware Linux has released urgent security updates for both xorg-server and libexif packages across their 15.0 and current branches. The xorg-server rebuild targets several critical flaws including integer underflows, buffer overflows, and use-after-free vulnerabilities within various subsystems. Meanwhile users of the libexif library need to install a new version that resolves unsigned integer issues specifically found in camera makernote handling code. Administrators must run standard upgrade commands with root privileges to install the corrected files from the official FTP mirrors immediately.

xorg-server (SSA:2026-104-02)
libexif (SSA:2026-104-01)

Slackware 1278 Published by Philipp Esselbach 0

Slackware users need to update libarchive to version 3.8.7 because new security packages have just arrived for the 15.0 release and current branch. The release addresses critical vulnerabilities like heap buffer overflows on 32-bit systems found within the CAB and iso9660 modules. You can grab the updated files from the OSU Open Source Lab or find additional mirrors near you via the main website. Simply run upgradepkg as root after downloading to ensure your system remains secure against potential exploits.

libarchive (SSA:2026-103-01)

Slackware 1278 Published by Philipp Esselbach 0

New OpenSSL packages for Slackware 15.0 and -current fix critical security issues. Security flaws include potential use-after-free errors in DANE client code plus NULL pointer dereferences during CMS processing. Ken Zalewski prepared the patch by backporting from the OpenSSL-3.0 repo because the fixes were originally part of a premium release only available to subscribers.

openssl (SSA:2026-101-01)

Slackware 1278 Published by Philipp Esselbach 0

Slackware users running version 15.0 or the current branch should upgrade libpng to fix a medium severity security vulnerability. This update addresses use-after-free errors within specific functions that could potentially lead to corrupted chunk data and heap information disclosure. Additional hardening was applied to append-style setters to protect against theoretical variants of this same aliasing pattern during the patch process. You can download the corrected packages from the official FTP site or find additional mirrors near you on the main website before installing them as root.

libpng (SSA:2026-099-01)

Slackware 1278 Published by Philipp Esselbach 0

The Slackware Linux Security Team released new packages to patch security issues in Mozilla Thunderbird and Firefox. Users on Slackware 15.0 or the current development branch should upgrade to version 140.9.1esr to resolve these problems. Specific CVEs are listed in the advisory text for anyone needing more granular details about the flaws. Installation requires root access so you must run upgradepkg with the correct package file names from the FTP server.

mozilla-thunderbird (SSA:2026-098-02)
mozilla-firefox (SSA:2026-098-01)

Slackware 1278 Published by Philipp Esselbach 0

The Slackware Linux Security Team recently issued advisories regarding critical security updates for Krita and Infozip applications. Users running version 15.0 should install the new Krita package which resolves a heap-based buffer overflow vulnerability when parsing TGA files. A separate update for Infozip fixes Unicode string handling flaws that could lead to null pointer dereferences or out-of-bounds writes on current and stable branches.

krita (SSA:2026-093-02)
infozip (SSA:2026-093-01)

Slackware 1278 Published by Philipp Esselbach 0

Slackware Linux has released urgent security updates for the xz package to address critical flaws in versions 15.0 and -current. The developers fixed a buffer overflow inside lzma_index_append() alongside some memory access issues found when handling files. You can get the new packages from the FTP site or find mirrors on their web page if you prefer a closer server location. Just upgrade as root using upgradepkg when ready.

xz (SSA:2026-090-01)

Slackware 1278 Published by Philipp Esselbach 0

Slackware Linux has issued security advisories for bind and tigervnc packages targeting version 15.0 and -current systems. The bind package resolves an issue regarding unbounded NSEC3 iterations, whereas the TigerVNC upgrade specifically targets a flaw allowing other users to manipulate screen contents via x0vncserver. Administrators must download the new packages from the listed FTP sites and verify their signatures before executing the upgradepkg utility as root.

bind (SSA:2026-084-01)
tigervnc (SSA:2026-084-02)