mozilla-firefox (SSA:2025-175-02)
libssh (SSA:2025-175-01)
mozilla-firefox (SSA:2025-175-02)
mozilla-firefox (SSA:2025-175-02)
New mozilla-firefox packages are available for Slackware 15.0 and -current to
fix security issues.
Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-140.0esr-i686-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements, and moves to the new
Firefox 140 ESR branch. See the release notes for details about some of the
new features.
For more information, see:
https://www.mozilla.org/en-US/firefox/140.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2025-51
https://www.cve.org/CVERecord?id=CVE-2025-6424
https://www.cve.org/CVERecord?id=CVE-2025-6425
https://www.cve.org/CVERecord?id=CVE-2025-6426
https://www.cve.org/CVERecord?id=CVE-2025-6427
https://www.cve.org/CVERecord?id=CVE-2025-6428
https://www.cve.org/CVERecord?id=CVE-2025-6429
https://www.cve.org/CVERecord?id=CVE-2025-6430
https://www.cve.org/CVERecord?id=CVE-2025-6431
https://www.cve.org/CVERecord?id=CVE-2025-6432
https://www.cve.org/CVERecord?id=CVE-2025-6433
https://www.cve.org/CVERecord?id=CVE-2025-6434
https://www.cve.org/CVERecord?id=CVE-2025-6435
https://www.cve.org/CVERecord?id=CVE-2025-6436
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
( http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/mozilla-firefox-140.0esr-i686-1_slack15.0.txz
Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/mozilla-firefox-140.0esr-x86_64-1_slack15.0.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-firefox-140.0esr-i686-1.txz
Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-firefox-140.0esr-x86_64-1.txz
MD5 signatures:
+-------------+
Slackware 15.0 package:
f467c535b42b080a8c2327e9bc5b41d8 mozilla-firefox-140.0esr-i686-1_slack15.0.txz
Slackware x86_64 15.0 package:
ed1f33f85c83da772af089a760698016 mozilla-firefox-140.0esr-x86_64-1_slack15.0.txz
Slackware -current package:
66ab31bf894d7cc6eceb6a8ac41452ae xap/mozilla-firefox-140.0esr-i686-1.txz
Slackware x86_64 -current package:
701a8a70619e08b97fc52f3aa673e6f3 xap/mozilla-firefox-140.0esr-x86_64-1.txz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg mozilla-firefox-140.0esr-i686-1_slack15.0.txz
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
libssh (SSA:2025-175-01)
libssh (SSA:2025-175-01)
New libssh packages are available for Slackware 15.0 and -current to
fix security issues.
Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/libssh-0.11.2-i586-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Write beyond bounds in binary to base64 conversion.
Use of uninitialized variable in privatekey_from_file().
Likely read beyond bounds in sftp server handle management.
Double free in functions exporting keys.
ssh_kdf() returns a success code on certain failures.
Likely read beyond bounds in sftp server message decoding.
Invalid return code for chacha20 poly1305 with OpenSSL.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2025-4877
https://www.cve.org/CVERecord?id=CVE-2025-4878
https://www.cve.org/CVERecord?id=CVE-2025-5318
https://www.cve.org/CVERecord?id=CVE-2025-5351
https://www.cve.org/CVERecord?id=CVE-2025-5372
https://www.cve.org/CVERecord?id=CVE-2025-5449
https://www.cve.org/CVERecord?id=CVE-2025-5987
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
( http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/libssh-0.11.2-i586-1_slack15.0.txz
Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/libssh-0.11.2-x86_64-1_slack15.0.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libssh-0.11.2-i686-1.txz
Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libssh-0.11.2-x86_64-1.txz
MD5 signatures:
+-------------+
Slackware 15.0 package:
14b77cf890efc0510973e11c8915e5dc libssh-0.11.2-i586-1_slack15.0.txz
Slackware x86_64 15.0 package:
ea821028e9558cf5e5d03150e3301712 libssh-0.11.2-x86_64-1_slack15.0.txz
Slackware -current package:
73a5d112c67b504ceaebd3aeb516d514 l/libssh-0.11.2-i686-1.txz
Slackware x86_64 -current package:
ee7348abd23222070612485eb8549553 l/libssh-0.11.2-x86_64-1.txz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg libssh-0.11.2-i586-1_slack15.0.txz
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
