Slackware Linux has released important security updates for two widely used packages: curl and Python3.
curl Update (SSA:2025-155-01):
The latest version of curl, 8.14.1, is now available for both Slackware 15.0 and -current. This update addresses a critical security vulnerability related to a WebSocket endless loop. Users can find detailed information about the vulnerability by visiting the provided links to CVE documentation. The updated packages can be downloaded from the official Slackware FTP site. A specific command for upgrading the package in the terminal is also provided.
Python3 Update (SSA:2025-155-02):
Similarly, Python3 has been upgraded to version 3.9.23 for Slackware 15.0 and 3.12.11 for -current. This update fixes multiple security issues, including vulnerabilities that allow the bypassing of tarfile extraction filters, a use-after-free error in the unicode-escape decoder, and excessive memory consumption vulnerabilities in the ipaddress module. Users are encouraged to check the detailed documentation for more information on the vulnerabilities addressed. As with curl, the updated packages are available via Slackware's official FTP site, and installation instructions are provided.
In addition to curl and Python3, users should monitor other packages that may also require updates, as vulnerabilities can be discovered frequently. Staying connected with the Slackware community and reviewing the ChangeLogs can help users remain informed about essential updates and changes.
For first-time users or those unfamiliar with package upgrades in Slackware, it’s beneficial to familiarize oneself with the package management system and commands for a smooth update process. Engaging with user forums and communities can also provide insights into best practices for maintaining a secure and efficient Slackware environment
curl Update (SSA:2025-155-01):
The latest version of curl, 8.14.1, is now available for both Slackware 15.0 and -current. This update addresses a critical security vulnerability related to a WebSocket endless loop. Users can find detailed information about the vulnerability by visiting the provided links to CVE documentation. The updated packages can be downloaded from the official Slackware FTP site. A specific command for upgrading the package in the terminal is also provided.
Python3 Update (SSA:2025-155-02):
Similarly, Python3 has been upgraded to version 3.9.23 for Slackware 15.0 and 3.12.11 for -current. This update fixes multiple security issues, including vulnerabilities that allow the bypassing of tarfile extraction filters, a use-after-free error in the unicode-escape decoder, and excessive memory consumption vulnerabilities in the ipaddress module. Users are encouraged to check the detailed documentation for more information on the vulnerabilities addressed. As with curl, the updated packages are available via Slackware's official FTP site, and installation instructions are provided.
Extensions:
These updates highlight the ongoing commitment of the Slackware team to maintain security and stability across its platform. Users should regularly check for updates and apply them promptly to safeguard their systems against potential threats.In addition to curl and Python3, users should monitor other packages that may also require updates, as vulnerabilities can be discovered frequently. Staying connected with the Slackware community and reviewing the ChangeLogs can help users remain informed about essential updates and changes.
For first-time users or those unfamiliar with package upgrades in Slackware, it’s beneficial to familiarize oneself with the package management system and commands for a smooth update process. Engaging with user forums and communities can also provide insights into best practices for maintaining a secure and efficient Slackware environment
CURL and Python3 updates for Slackware
Slackware Linux has received security updates for curl and Python3:
curl (SSA:2025-155-01)
python3 (SSA:2025-155-02)
