Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Slackware 15.0 mpg123 Critical Memory Malfunction Noted SSA-2026-117-03

slackware
Calendar Grey April 27, 2026
Dist Slackware Esm H88
Urgent slackware mpg123 security advisory addresses critical memory corruption issues requiring immediate updates.
New mpg123 packages are available for Slackware 15.0 and -current to fix security issues.

Summary

Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mpg123-1.33.5-i586-1.txz: Upgraded. mpg123: Fix generic control mode for largefile-sensitive builds, where 32 bit off_t was used with mpg123 API calls expecting 64 bit off_t. I am appalled that it took a user on 32 bit ARM and a specific https stream to notice this (bug 385, regression since 1.32.0). The security impact of this could be serious, with memory corruption including segfault being observed. mpg123-id3dump, out123: Enable 64 bit offset usage on largefile-sensitive platforms (regression since 1.32.0). (* Security fix *)

Topics%20covered

Topics Covered

security advisory buffer overflow critical memory corruption slackware mpg123

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/mpg123-1.33.5-i586-1.txz
Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/mpg123-1.33.5-x86_64-1.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/mpg123-1.33.5-i686-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/mpg123-1.33.5-x86_64-1.txz

MD5 Signatures

Slackware 15.0 package: bd4f65444573e2cc9d3999a0766de186 mpg123-1.33.5-i586-1.txz
Slackware x86_64 15.0 package: 3c17340d48fab50bdc6fdde88f326210 mpg123-1.33.5-x86_64-1.txz
Slackware -current package: f602fd32c4a0ea9825be656ce9685c69 ap/mpg123-1.33.5-i686-1.txz
Slackware x86_64 -current package: 05b4c479a15ddbc5b6d44ff4b617d1a4 ap/mpg123-1.33.5-x86_64-1.txz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory buffer overflow critical memory corruption slackware mpg123

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg mpg123-1.33.5-i586-1.txz

Your message here