New packages for PHP have been released to address security issues in Slackware 15.0 and -current. The updates fix vulnerabilities in PDO quoting, array_merge(), and getimagesize(). Users can find the updated packages at various mirror sites, including ftp.slackware.com and osuosl.org. To install the new package, users should upgrade as root and then restart Apache httpd.

php (SSA:2025-353-01)

php (SSA:2025-353-01)

php (SSA:2025-353-01)

New php packages are available for Slackware 15.0 and -current to
fix security issues.

Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
extra/php81/php81-8.1.34-i586-1_slack15.0.txz: Upgraded.
This update fixes security issues:
PDO quoting result null deref.
Heap buffer overflow in array_merge().
Information Leak of Memory in getimagesize.
For more information, see:
https://www.php.net/ChangeLog-8.php#8.2.30
https://www.cve.org/CVERecord?id=CVE-2025-14180
https://www.cve.org/CVERecord?id=CVE-2025-14178
https://www.cve.org/CVERecord?id=CVE-2025-14177
(* Security fix *)
extra/php82/php82-8.2.30-i586-1_slack15.0.txz: Upgraded.
This update fixes security issues:
PDO quoting result null deref.
Heap buffer overflow in array_merge().
Information Leak of Memory in getimagesize.
For more information, see:
https://www.php.net/ChangeLog-8.php#8.2.30
https://www.cve.org/CVERecord?id=CVE-2025-14180
https://www.cve.org/CVERecord?id=CVE-2025-14178
https://www.cve.org/CVERecord?id=CVE-2025-14177
(* Security fix *)
+--------------------------+

Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
( http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated packages for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/extra/php81/php81-8.1.34-i586-1_slack15.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/extra/php82/php82-8.2.30-i586-1_slack15.0.txz

Updated packages for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/extra/php81/php81-8.1.34-x86_64-1_slack15.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/extra/php82/php82-8.2.30-x86_64-1_slack15.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-8.4.16-i686-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-8.4.16-x86_64-1.txz

MD5 signatures:
+-------------+

Slackware 15.0 packages:
5cf61dbb552c508f94fd0ad3e7bae81f php81-8.1.34-i586-1_slack15.0.txz
14edadc0be5c38496ea033f328cf6995 php82-8.2.30-i586-1_slack15.0.txz

Slackware x86_64 15.0 packages:
f0acb8cb47df8c81084563d3c0576aed php81-8.1.34-x86_64-1_slack15.0.txz
d62eca4ac1dce25d72403dae9bd1a9f7 php82-8.2.30-x86_64-1_slack15.0.txz

Slackware -current package:
615871dc271f97ea56f6592f4a637ffa n/php-8.4.16-i686-1.txz

Slackware x86_64 -current package:
921ebcad3177d18b4f16b35e8f8d4425 n/php-8.4.16-x86_64-1.txz

Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg php81-8.1.34-i586-1_slack15.0.txz

Then, restart Apache httpd:
# /etc/rc.d/rc.httpd stop
# /etc/rc.d/rc.httpd start

+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key