Slackware 1271 Published by

he Slackware Linux Security Team issued three new package updates to address active vulnerabilities in libevent, Mozilla Thunderbird, and libseccomp. Administrators running Slackware 15.0 or the -current branch can download the patched files for both i586 and x86_64 architectures from the official FTP mirror. The libseccomp update specifically repairs memory corruption and filter weakening bugs, while the other two releases contain broader security patches for affected system modules.

libevent (SSA:2026-182-01)
mozilla-thunderbird (SSA:2026-182-02)
libseccomp (SSA:2026-183-01)




libevent (SSA:2026-182-01)


libevent (SSA:2026-182-01)

New libevent packages are available for Slackware 15.0 and -current to
fix security issues.

Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/libevent-2.1.13-i586-1_slack15.0.txz: Upgraded.
This release contains several security fixes, affecting users of the
following modules: evbuffer, bufferevent, evtag, evrpc, evdns, evhttp.
If you have a program that uses one of those modules you should upgrade.
(* Security fix *)
+--------------------------+

Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
( http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/libevent-2.1.13-i586-1_slack15.0.txz

Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/libevent-2.1.13-x86_64-1_slack15.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libevent-2.1.13-i686-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libevent-2.1.13-x86_64-1.txz

MD5 signatures:
+-------------+

Slackware 15.0 package:
099b2d31e8d39168b87e33492790085f libevent-2.1.13-i586-1_slack15.0.txz

Slackware x86_64 15.0 package:
0c23cf8a2ed85a42e1e59d02123fdadc libevent-2.1.13-x86_64-1_slack15.0.txz

Slackware -current package:
0e76018a6b117b9fb7fc45a07451b1a6 l/libevent-2.1.13-i686-1.txz

Slackware x86_64 -current package:
74f1c376e6b23b78858dfd9c84898cac l/libevent-2.1.13-x86_64-1.txz

Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg libevent-2.1.13-i586-1_slack15.0.txz

+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key



mozilla-thunderbird (SSA:2026-182-02)


mozilla-thunderbird (SSA:2026-182-02)

New mozilla-thunderbird packages are available for Slackware 15.0 and -current
to fix security issues.

Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/mozilla-thunderbird-140.12.1esr-i686-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/140.12.1esr/releasenotes/
(* Security fix *)
+--------------------------+

Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
( http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/mozilla-thunderbird-140.12.1esr-i686-1_slack15.0.txz

Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/mozilla-thunderbird-140.12.1esr-x86_64-1_slack15.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-thunderbird-140.12.1esr-i686-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-thunderbird-140.12.1esr-x86_64-1.txz

MD5 signatures:
+-------------+

Slackware 15.0 package:
e3a35c9ba2c46c6f99c7eab795639248 mozilla-thunderbird-140.12.1esr-i686-1_slack15.0.txz

Slackware x86_64 15.0 package:
8baf1b9efdd0bd3695e26673c80b3d80 mozilla-thunderbird-140.12.1esr-x86_64-1_slack15.0.txz

Slackware -current package:
a1c37a5a73bc96f31f1d7757ae5eadac xap/mozilla-thunderbird-140.12.1esr-i686-1.txz

Slackware x86_64 -current package:
846dfc4c200fa5253b4cd5ee15e90bc8 xap/mozilla-thunderbird-140.12.1esr-x86_64-1.txz

Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg mozilla-thunderbird-140.12.1esr-i686-1_slack15.0.txz

+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key



libseccomp (SSA:2026-183-01)


libseccomp (SSA:2026-183-01)

New libseccomp packages are available for Slackware 15.0 and -current to
fix security issues.

Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/libseccomp-2.6.1-i586-1_slack15.0.txz: Upgraded.
This update fixes bugs and security issues:
Fix incorrect 64-bit comparison merge that can weaken libseccomp filters.
Fix issue where oversized libseccomp filters can trigger a double free.
Fix issue where oversized libseccomp filters can trigger a heap corruption.
For more information, see:
https://github.com/seccomp/libseccomp/security/advisories/GHSA-4q85-33p6-j5g6
https://github.com/seccomp/libseccomp/security/advisories/GHSA-46fr-jh49-xvhx
https://github.com/seccomp/libseccomp/security/advisories/GHSA-2hqh-5c36-grrm`
(* Security fix *)
+--------------------------+

Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
( http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/libseccomp-2.6.1-i586-1_slack15.0.txz

Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/libseccomp-2.6.1-x86_64-1_slack15.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libseccomp-2.6.1-i686-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libseccomp-2.6.1-x86_64-1.txz

MD5 signatures:
+-------------+

Slackware 15.0 package:
37a30736d5a65b7eb6ccd2d3a07698a2 libseccomp-2.6.1-i586-1_slack15.0.txz

Slackware x86_64 15.0 package:
4471b94490dacb286ed8e9981dc0d5a3 libseccomp-2.6.1-x86_64-1_slack15.0.txz

Slackware -current package:
a8205069188a1b2337c1f87547ee42bd l/libseccomp-2.6.1-i686-1.txz

Slackware x86_64 -current package:
0df95887fdc12f17c64e33d2c3b56fdc l/libseccomp-2.6.1-x86_64-1.txz

Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg libseccomp-2.6.1-i586-1_slack15.0.txz

+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key