Alerts This Week
Warning Icon 1 1,220
Alerts This Week
Warning Icon 1 1,220

Slackware: 2025-073-01: expat Security Advisory Update

slackware
Calendar Grey March 14, 2025
Dist Slackware Esm H88
Expat packages for Slackware 15.0 updated to fix critical DoS issue. Install upgrades to enhance security now.
New expat packages are available for Slackware 15.0 and -current to fix a security issue

Summary

Here are the details from the Slackware 15.0 ChangeLog: patches/packages/expat-2.7.0-i586-1_slack15.0.txz: Upgraded. This update addresses a security issue: Fix crash from chaining a large number of entities caused by stack overflow by resolving use of recursion, for all three uses of entities: general entities in character data general entities in attribute values parameter entities Known impact is (reliable and easy) denial of service. Please note that a layer of compression around XML can significantly reduce the minimum attack payload. For more information, see: https://www.cve.org/CVERecord?id=CVE-2024-8176 (* Security fix *)

Topics%20covered

Topics Covered

security advisory denial of service software update patch Slackware stack overflow expat

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/expat-2.7.0-i586-1_slack15.0.txz
Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/expat-2.7.0-x86_64-1_slack15.0.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/expat-2.7.0-i686-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/expat-2.7.0-x86_64-1.txz

MD5 Signatures

Slackware 15.0 package: f15f558aeca71b39a1af24e0f9c0e49c expat-2.7.0-i586-1_slack15.0.txz
Slackware x86_64 15.0 package: d227ae7389aba2c06d9586e32e320de1 expat-2.7.0-x86_64-1_slack15.0.txz
Slackware -current package: 9eae2f9ee45ab30f3702ce14085196b4 l/expat-2.7.0-i686-1.txz
Slackware x86_64 -current package: 45d027ad6708a4aebec4df703d69ae83 l/expat-2.7.0-x86_64-1.txz

Severity
important
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory denial of service software update patch Slackware stack overflow expat

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg expat-2.7.0-i586-1_slack15.0.txz

Your message here