Expat Update for Slackware
A security vulnerability has been discovered in the Expat package utilized by Slackware Linux 15.0. To address this concern, new packages have been released, upgrading Expat to version 2.7.3.
Security Advisory:
- Advisory ID: SSA:2025-268-01
- Affected Package: expat
- New Version: 2.7.3
ChangeLog Details for Slackware 15.0:
The updated Expat package (expat-2.7.3-i586-1_slack15.0.txz) includes fixes for internal allocation alignment issues affecting some non-amd64 architectures (e.g., sparc32). This update also addresses a previously identified vulnerability, CVE-2025-59375, and improves upon the fixes provided in Expat version 2.7.2.
For detailed information on the security fix, visit: [CVE-2025-59375](https://www.cve.org/CVERecord?id=CVE-2025-59375)
Package Availability:
The latest packages can be found thanks to the support from the OSU Open Source Lab, which provides FTP and rsync hosting for the Slackware project. For additional mirror sites, refer to the "Get Slack" section on [Slackware's official website](http://slackware.com).
Here are the links to download the updated packages:
- Slackware 15.0 (i586): [Download Link](ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/expat-2.7.3-i586-1_slack15.0.txz)
- Slackware 15.0 (x86_64): [Download Link](ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/expat-2.7.3-x86_64-1_slack15.0.txz)
- Slackware -current (i686): [Download Link](ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/expat-2.7.3-i686-1.txz)
- Slackware -current (x86_64): [Download Link](ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/expat-2.7.3-x86_64-1.txz)
MD5 Signatures for Package Verification:
- Slackware 15.0 (i586): `231a024ea0489f015476112db053bcb9`
- Slackware 15.0 (x86_64): `04b53f66c72fac203e0f5a1424a75278`
- Slackware -current (i686): `c5debabd97036957013c9d140b74bb15`
- Slackware -current (x86_64): `f7edb867be1e35de5460cf15ec1b7385`
Installation Instructions:
To upgrade the Expat package, perform the following command as root:
Additional Notes:
Users are encouraged to promptly update their Expat packages to mitigate any security risks associated with the identified vulnerability. The Slackware Linux Security Team remains committed to providing timely updates and support to maintain the integrity and security of the Slackware environment.
For further inquiries or assistance, visit the [Slackware Security Team page](http://slackware.com/gpg-key)
A security vulnerability has been discovered in the Expat package utilized by Slackware Linux 15.0. To address this concern, new packages have been released, upgrading Expat to version 2.7.3.
Security Advisory:
- Advisory ID: SSA:2025-268-01
- Affected Package: expat
- New Version: 2.7.3
ChangeLog Details for Slackware 15.0:
The updated Expat package (expat-2.7.3-i586-1_slack15.0.txz) includes fixes for internal allocation alignment issues affecting some non-amd64 architectures (e.g., sparc32). This update also addresses a previously identified vulnerability, CVE-2025-59375, and improves upon the fixes provided in Expat version 2.7.2.
For detailed information on the security fix, visit: [CVE-2025-59375](https://www.cve.org/CVERecord?id=CVE-2025-59375)
Package Availability:
The latest packages can be found thanks to the support from the OSU Open Source Lab, which provides FTP and rsync hosting for the Slackware project. For additional mirror sites, refer to the "Get Slack" section on [Slackware's official website](http://slackware.com).
Here are the links to download the updated packages:
- Slackware 15.0 (i586): [Download Link](ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/expat-2.7.3-i586-1_slack15.0.txz)
- Slackware 15.0 (x86_64): [Download Link](ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/expat-2.7.3-x86_64-1_slack15.0.txz)
- Slackware -current (i686): [Download Link](ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/expat-2.7.3-i686-1.txz)
- Slackware -current (x86_64): [Download Link](ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/expat-2.7.3-x86_64-1.txz)
MD5 Signatures for Package Verification:
- Slackware 15.0 (i586): `231a024ea0489f015476112db053bcb9`
- Slackware 15.0 (x86_64): `04b53f66c72fac203e0f5a1424a75278`
- Slackware -current (i686): `c5debabd97036957013c9d140b74bb15`
- Slackware -current (x86_64): `f7edb867be1e35de5460cf15ec1b7385`
Installation Instructions:
To upgrade the Expat package, perform the following command as root:
bashupgradepkg expat-2.7.3-i586-1_slack15.0.txz
Additional Notes:
Users are encouraged to promptly update their Expat packages to mitigate any security risks associated with the identified vulnerability. The Slackware Linux Security Team remains committed to providing timely updates and support to maintain the integrity and security of the Slackware environment.
For further inquiries or assistance, visit the [Slackware Security Team page](http://slackware.com/gpg-key)
Expat update for Slackware
A security issue has been identified in the Expat package, which is used by Slackware Linux 15.0. To resolve this issue, new packages are available for download that upgrade Expat to version 2.7.3.
expat (SSA:2025-268-01)
