Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 540
Alerts This Week
Warning Icon 1 540

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 1,739 articles for you...
99

Slackware p11-kit Addresses Critical Stack Overflow Issue 2026-191-01

New p11-kit packages are available for Slackware 15.0 and -current to fix a security issue.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] p11-kit (SSA:2026-191-01) New p11-kit packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/p11-kit-0.26.4-i586-1_slack15.0.txz: Upgraded. This update fixes a security issue: server: fixed stack exhaustion via unbounded recursion in RPC attribute parsing by enforcing a recursion depth limit. For more information, see: https://www.cve.org/CVERecord?id=CVE-2026-13757 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/p11-kit-0.26.4-i586-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/p11-kit-0.26.4-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/p11-kit-0.26.4-i686-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/p11-kit-0.26.4-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: 0ea4b7fff6ae3b2ba9333b0d61189ea3 p11-kit-0.26.4-i586-1_slack15.0.txz Slackware x86_64 15.0 package: ac5289607feefa65ab55ef94a9b7b646 p11-kit-0.26.4-x86_64-1_slack15.0.txz Slackware -current package: 02718b552cbe3ce1a0eeabdabeb926e3 n/p11-kit-0.26.4-i686-1.txz Slackware x86_64 -current package: 04faf2f2c84fc10f785affdb42e85914 n/p11-kit-0.26.4-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg p11-kit-0.26.4-i586-1_slack15.0.txz +-----+ . New p11-kit packages for Slackware address a stack exhaustion issue, enhancing system security and performance.. Slackware p11-kit stack exhaustion security fix. . LinuxSecurity.com Team

Calendar%202 Jul 10, 2026 Slackware
99

Slackware Tigervnc Important Fix Buffer Overflow 2026-190-01

New tigervnc packages are available for Slackware 15.0 and -current to fix security issues.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] tigervnc (SSA:2026-190-01) New tigervnc packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ extra/tigervnc/tigervnc-1.16.2-i586-4_slack15.0.txz: Rebuilt. Recompiled against xorg-server-1.20.14, including patches for security issues: glamor Font Atlas Heap Buffer Overflow. GLX contextTags Use-After-Free in CommonMakeCurrent(). For more information, see: https://lists.x.org/archives/xorg/2026-July/062255.html https://www.cve.org/CVERecord?id=CVE-2026-55999 https://www.cve.org/CVERecord?id=CVE-2026-56000 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/extra/tigervnc/tigervnc-1.16.2-i586-4_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/extra/tigervnc/tigervnc-1.16.2-x86_64-4_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/extra/tigervnc/tigervnc-1.16.2-i686-5.txz Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/extra/tigervnc/tigervnc-1.16.2-x86_64-5.txz MD5 signatures: +-------------+ Slackware 15.0 package: e91b4d85ebcff2b70ba7e40c0a229a6c tigervnc-1.16.2-i586-4_slack15.0.txz Slackware x86_64 15.0 package: 2c7277f1e3e7cd9236880f7ecc6f8f3c tigervnc-1.16.2-x86_64-4_slack15.0.txz Slackware -current package: 3c62c5ea413d4c3117d8a46d1a538591 tigervnc-1.16.2-i686-5.txz Slackware x86_64 -current package: 5800715ba19bff2691bed15edeb3fbbb tigervnc-1.16.2-x86_64-5.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg tigervnc-1.16.2-i586-4_slack15.0.txz +-----+ . Tigervnc packages for Slackware 15.0 and -current updated to address critical security issues and vulnerabilities.. tigervnc packages, slackware security, buffer overflow fix. . LinuxSecurity.com Team

Calendar%202 Jul 09, 2026 Slackware
99

Slackware xorg-server Critical Use-After-Free and Overflow Vuln 2026-189-03

New xorg-server packages are available for Slackware 15.0 and -current to fix security issues.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] xorg-server (SSA:2026-189-03) New xorg-server packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/xorg-server-1.20.14-i586-21_slack15.0.txz: Rebuilt. This update fixes security issues: glamor Font Atlas Heap Buffer Overflow. GLX contextTags Use-After-Free in CommonMakeCurrent(). For more information, see: https://lists.x.org/archives/xorg/2026-July/062255.html https://www.cve.org/CVERecord?id=CVE-2026-55999 https://www.cve.org/CVERecord?id=CVE-2026-56000 (* Security fix *) patches/packages/xorg-server-xephyr-1.20.14-i586-21_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xnest-1.20.14-i586-21_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xvfb-1.20.14-i586-21_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xwayland-21.1.4-i586-19_slack15.0.txz: Rebuilt. This update fixes security issues: glamor Font Atlas Heap Buffer Overflow. GLX contextTags Use-After-Free in CommonMakeCurrent(). For more information, see: https://lists.x.org/archives/xorg/2026-July/062255.html https://www.cve.org/CVERecord?id=CVE-2026-55999 https://www.cve.org/CVERecord?id=CVE-2026-56000 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/xorg-server-1.20.14-i586-21_slack15.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/xorg-server-xephyr-1.20.14-i586-21_slack15.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/xorg-server-xnest-1.20.14-i586-21_slack15.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/xorg-server-xvfb-1.20.14-i586-21_slack15.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/xorg-server-xwayland-21.1.4-i586-19_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/xorg-server-1.20.14-x86_64-21_slack15.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/xorg-server-xephyr-1.20.14-x86_64-21_slack15.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/xorg-server-xnest-1.20.14-x86_64-21_slack15.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/xorg-server-xvfb-1.20.14-x86_64-21_slack15.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/xorg-server-xwayland-21.1.4-x86_64-19_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/x/xorg-server-21.1.24-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/x/xorg-server-xephyr-21.1.24-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/x/xorg-server-xnest-21.1.24-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/x/xorg-server-xvfb-21.1.24-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/x/xorg-server-xwayland-24.1.13-i686-1.txz Updated package for Slackware x86_64-current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/x/xorg-server-21.1.24-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/x/xorg-server-xephyr-21.1.24-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/x/xorg-server-xnest-21.1.24-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/x/xorg-server-xvfb-21.1.24-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/x/xorg-server-xwayland-24.1.13-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: 8ee8e09c8bf7ad2f7736e0b3a34526fa xorg-server-1.20.14-i586-21_slack15.0.txz 9445a8151fcef066aab50f6889d9020e xorg-server-xephyr-1.20.14-i586-21_slack15.0.txz 3410bdb7f3dad90a39739ff1f6eeac31 xorg-server-xnest-1.20.14-i586-21_slack15.0.txz 478ab900a8bf22df2ef173cfdefbabbb xorg-server-xvfb-1.20.14-i586-21_slack15.0.txz a132025f9509f12a96a8b374ed257496 xorg-server-xwayland-21.1.4-i586-19_slack15.0.txz Slackware x86_64 15.0 package: 1c85ac7c5d1033fc41354b33fe18bdcd xorg-server-1.20.14-x86_64-21_slack15.0.txz 5f03471488a9b6bf826b9ab1bdc2d4c2 xorg-server-xephyr-1.20.14-x86_64-21_slack15.0.txz 4d5bc9fcf635f9bc0dccdf11da884afc xorg-server-xnest-1.20.14-x86_64-21_slack15.0.txz 17a79b491be51e4730ae417116cc51d2 xorg-server-xvfb-1.20.14-x86_64-21_slack15.0.txz a150bb8ba91cf5c9013602ef583cc120 xorg-server-xwayland-21.1.4-x86_64-19_slack15.0.txz Slackware -current package: 3a6b1e86333ef9653b4982d653d5d8b7 x/xorg-server-21.1.24-i686-1.txz 17b3c4516dff4c42231a1b2eeca9fbdc x/xorg-server-xephyr-21.1.24-i686-1.txz c998ffd8de120deec1dcfd12117d3bbb x/xorg-server-xnest-21.1.24-i686-1.txz 590199de49ccdb9e55bfe323996e4178 x/xorg-server-xvfb-21.1.24-i686-1.txz d0b18dca7a226e9a606c8e199c5b0b15 x/xorg-server-xwayland-24.1.13-i686-1.txz Slackware x86_64 -current package: 9eb2c4a86ccaff313b51b2be39d443b1 x/xorg-server-21.1.24-x86_64-1.txz 744a967005e978277b9638bf6b6b5acf x/xorg-server-xephyr-21.1.24-x86_64-1.txz eb49ee6f09618a0649d6e75e81499fa9 x/xorg-server-xnest-21.1.24-x86_64-1.txz b216eac69f4f7dac6e521e4be4904171 x/xorg-server-xvfb-21.1.24-x86_64-1.txz 193b4f96655202b5002bbfbcde68975b x/xorg-server-xwayland-24.1.13-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg xorg-server-*.txz +-----+ . New xorg-server packages for Slackware address critical security issues including buffer overflow and use-after-free defects.. Slackware security fix,xorg-server update,buffer overflow,security patch,Slackware advisory. . LinuxSecurity.com Team

Calendar%202 Jul 08, 2026 Slackware
99

Slackware proftpd Critical Stack Overflow Advisory 2026-189-02

New proftpd packages are available for Slackware 15.0 and -current to fix security issues.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] proftpd (SSA:2026-189-02) New proftpd packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/proftpd-1.3.9c-i586-1_slack15.0.txz: Upgraded. This update fixes bugs and security issues: ExecEnviron values not passed due to regression since 1.3.8.d. Stack buffer overflow in MLSD/MLST handling for long path names. MaxTransfersPerUser no longer enforces configured limits. AdminControlsACLs for config, get actions not honored as they should be. Memcached/Redis-cached JSON TLS session/OCSP entries decoded into fixed buffers without bounds checking. RewriteMap unescape builtin use causes one-byte out-of-bounds write, fails to reject illegal characters. SQL group name lookup concatenates client-provided group names without escaping. Authenticated SFTP sessions can overflow the SFTP packet buffer. Default Controls socket ACLs unintentionally allow all users access for sending Controls requests. (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/proftpd-1.3.9c-i586-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/proftpd-1.3.9c-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/proftpd-1.3.9c-i686-1.txz Updated package for Slackware x86_64-current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/proftpd-1.3.9c-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: 5e957bcf4abf13fc957520d6987eb954 proftpd-1.3.9c-i586-1_slack15.0.txz Slackware x86_64 15.0 package: 7506a63751fc4996465a2c83e9174eae proftpd-1.3.9c-x86_64-1_slack15.0.txz Slackware -current package: eb1aa81c4db3a984dc39f9e75438e067 n/proftpd-1.3.9c-i686-1.txz Slackware x86_64 -current package: d28ec7ff480ab4121deb30c59c73e9ca n/proftpd-1.3.9c-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg proftpd-1.3.9c-i586-1_slack15.0.txz +-----+ . Upgrade to the latest proftpd package for Slackware to address significant security issues and bugs in the software.. proftpd security issues, Slackware package updates, buffer overflow fix. . LinuxSecurity.com Team

Calendar%202 Jul 08, 2026 Slackware
99

Slackware 15.0 libXfont2 Critical Heap Overflow Fix 2026-189-01

New libXfont2 packages are available for Slackware 15.0 and -current to fix security issues.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] libXfont2 (SSA:2026-189-01) New libXfont2 packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/libXfont2-2.0.8-i586-1_slack15.0.txz: Upgraded. This update fixes security issues: BitmapScaleBitmaps Integer Overflow Heap Buffer Overflow. PCF Font Parsing Heap Buffer Overflow. computeProps Property Buffer Heap Buffer Overflow. For more information, see: https://lists.x.org/archives/xorg/2026-July/062253.html https://www.cve.org/CVERecord?id=CVE-2026-56001 https://www.cve.org/CVERecord?id=CVE-2026-56002 https://www.cve.org/CVERecord?id=CVE-2026-56003 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/libXfont2-2.0.8-i586-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/libXfont2-2.0.8-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/x/libXfont2-2.0.8-i686-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/x/libXfont2-2.0.8-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: 15a36c81b360d94bc803b65560d94934 libXfont2-2.0.8-i586-1_slack15.0.txz Slackware x86_64 15.0 package: 11450cfb5cfb79181d49bcd02cc81554 libXfont2-2.0.8-x86_64-1_slack15.0.txz Slackware -current package: a4aa589efa9b9571fcbe729d0c97c524 x/libXfont2-2.0.8-i686-1.txz Slackware x86_64 -current package: 719ba3cd0d28b303f6b78d16195ad879 x/libXfont2-2.0.8-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg libXfont2-2.0.8-i586-1_slack15.0.txz +-----+ . New libXfont2 packages for Slackware address critical heap buffer overflows related to font parsing and more.. Slackware libXfont2 heap overflow upgrade buffer. . LinuxSecurity.com Team

Calendar%202 Jul 08, 2026 Slackware
99

Slackware tftp-hpa Moderate Path Bypass Buffer Overflow Fix 2026-188-01

New tftp-hpa packages are available for Slackware 15.0 and -current to fix security issues.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] tftp-hpa (SSA:2026-188-01) New tftp-hpa packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/tftp-hpa-5.4-i586-1_slack15.0.txz: Upgraded. This update fixes bugs and security issues: Fix several security-relevant bugs in path validation (tftpd/path.c): an uninitialized buffer read and a broken path tokenizer could let a crafted or unlucky request bypass path restrictions or crash the daemon. Fix buffer overflows in the tftp client: an unbounded strcpy() when building requests, an out-of-bounds write when putting multiple files to a remote directory, and an unbounded write into the interactive command-line argument array. Fix an out-of-bounds read while scanning request fields in tftpd, and an incorrect address family used when creating the per-transfer socket on platforms without recvmsg(). (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/tftp-hpa-5.4-i586-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/tftp-hpa-5.4-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/tftp-hpa-5.4-i586-1.txz Updated package for Slackware x86_64-current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/tftp-hpa-5.4-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: 65b0e569f3be1f1e78d030db87a7c6e8 tftp-hpa-5.4-i586-1_slack15.0.txz Slackware x86_64 15.0 package: 602459145ea0e3e64a724670ca22b925 tftp-hpa-5.4-x86_64-1_slack15.0.txz Slackware -current package: c968992906498bdfae34486265b2941d n/tftp-hpa-5.4-i586-1.txz Slackware x86_64 -current package: 5ec81681a4e176e63c524beae5d62946 n/tftp-hpa-5.4-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg tftp-hpa-5.4-i586-1_slack15.0.txz +-----+ . New tftp-hpa packages for Slackware 15.0 address bugs and enhance security with fixes for path validation issues.. tftp-hpa security patch Slackware 15.0 buffer overflow path validation. . LinuxSecurity.com Team

Calendar%202 Jul 07, 2026 Slackware
99

Slackware 15.0 openssh Important Security Issues Fix Advisory 2026-187-02

New openssh packages are available for Slackware 15.0 and -current to fix security issues.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] openssh (SSA:2026-187-02) New openssh packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/openssh-10.4p1-i586-1_slack15.0.txz: Upgraded. This release contains a number of security fixes: sftp(1): when downloading files on the command-line using "sftp host:/path .", a malicious server could cause the file to be downloaded to an unexpected location. This issue was identified by the Swival Security Scanner. scp(1): when copying files between two remote destinations, do not allow a malicious server to write files to the parent directory of the intended target directory. This issue was identified by the Swival Security Scanner. sshd(8): when using the "internal-sftp" SFTP server implementation (this is not the default), long command lines were previously truncated silently after the 9th argument. If a security-relevant option was in the 10th or later position, it would be discarded. Reported by Steve Caffrey. sshd(8): add a documentation note to mention that the GSSAPIStrictAcceptorCheck option is ineffective when the server is joined to a Windows Active Directory. Reported by Yarin Aharoni of Safebreach. sshd(8): DisableForwarding=yes didn't override PermitTunnel=yes as it was documented to do. Note that PermitTunnel is not enabled by default. Reported independently by Huzaifa Sidhpurwala of Redhat and Marko Jevtic. sshd(8): avoid a potential pre-authentication denial of service when GSSAPIAuthentication was enabled (this feature is off by default). This was not mitigated by MaxAuthTries, but would be penalised by PerSourcePenalties. This was reported by Manfred Kaiser of the milCERT AT (Austrian Ministry of Defence). sshd(8): fix a number of cases where the minimumauthentication delay was not being enforced. Reported by the Orange Cyberdefense Vulnerability Team. ssh(1): fix a possible client-side use-after-free if the server changes its host key during a key reexchange. This was reported by Zhenpeng (Leo) Lin of Depthfirst. For more information, see: https://www.openssh.org/releasenotes.html#10.4 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/openssh-10.4p1-i586-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/openssh-10.4p1-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssh-10.4p1-i686-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssh-10.4p1-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: eb8d3bbfb4cf2885d0ec7870a35e8a3f openssh-10.4p1-i586-1_slack15.0.txz Slackware x86_64 15.0 package: 82ca7dcca95f4b0d7c6e2a56008d2ab3 openssh-10.4p1-x86_64-1_slack15.0.txz Slackware -current package: bdb19fd0e66d17df0b5ce744eff0c9c6 n/openssh-10.4p1-i686-1.txz Slackware x86_64 -current package: 74bc62b8dbefd17861c72de5568f6dc7 n/openssh-10.4p1-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg openssh-10.4p1-i586-1_slack15.0.txz Next, restart the sshd daemon: # sh /etc/rc.d/rc.sshd restart +-----+ . New openssh packages for Slackware 15.0 address critical security issues including potential denial of service.. opensshsecurity update, slackware openssh patch, ssh security fixes, openssh vulnerabilities, slackware 15.0 security. . LinuxSecurity.com Team

Calendar%202 Jul 06, 2026 Slackware
99

Slackware c-ares Critical DoS Memory Exhaustion Fix 2026-187-01

New c-ares packages are available for Slackware 15.0 and -current to fix security issues.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] c-ares (SSA:2026-187-01) New c-ares packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/c-ares-1.34.7-i586-1_slack15.0.txz: Upgraded. This release fixes the following security issues: Use-after-free / double-free in c-ares' query-completion handling, remotely triggerable via ares_getaddrinfo() over TCP. CPU-exhaustion denial of service via unbounded DNS name compression pointer chains. Memory-amplification denial of service via unvalidated DNS header record counts. For more information, see: https://www.cve.org/CVERecord?id=CVE-2026-33630 https://github.com/c-ares/c-ares/security/advisories/GHSA-6wfj-rwm7-3542 https://github.com/c-ares/c-ares/security/advisories/GHSA-pjmc-gx33-gc76 https://github.com/c-ares/c-ares/security/advisories/GHSA-jv8r-gqr9-68wj (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/c-ares-1.34.7-i586-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/c-ares-1.34.7-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/c-ares-1.34.7-i686-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/c-ares-1.34.7-x86_64-1.txz MD5signatures: +-------------+ Slackware 15.0 package: e2e1d5fa19673361d0a09124739b7c36 c-ares-1.34.7-i586-1_slack15.0.txz Slackware x86_64 15.0 package: f5288e7966693f035164baddcfadb33e c-ares-1.34.7-x86_64-1_slack15.0.txz Slackware -current package: ece3bd50d8242ed6d3508cf1f2d773dd n/c-ares-1.34.7-i686-1.txz Slackware x86_64 -current package: dc2284c8f9da14be6ca705b9dc74116c n/c-ares-1.34.7-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg c-ares-1.34.7-i586-1_slack15.0.txz +-----+ . New c-ares packages for Slackware 15.0 address critical security issues related to DoS attacks.. c-ares security,c-ares patch,Slackware security alert. . LinuxSecurity.com Team

Calendar%202 Jul 06, 2026 Slackware
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200