Slackware Linux has released important security updates for glibc (SSA:2025-140-01) and Mozilla Thunderbird (SSA:2025-140-02) aimed at enhancing system security for both Slackware 15.0 and the -current version.
glibc Update (SSA:2025-140-01):
The glibc update addresses a security vulnerability related to static setuid binaries that use dlopen to load libraries. The issue arises when these binaries incorrectly search the LD_LIBRARY_PATH, potentially allowing an attacker to execute malicious code if a vulnerable static setuid program exists. Although no such programs have been identified, the presence of custom setuid binaries poses a risk. The update includes rebuilt packages for various components of glibc, ensuring that users maintain a secure environment. For further information, users can refer to CVE-2025-4802.
Mozilla Thunderbird Update (SSA:2025-140-02):
The Mozilla Thunderbird update includes security fixes and improvements. The latest version, 128.10.2esr, addresses known vulnerabilities and enhances overall application security. Users are encouraged to check the release notes for detailed information on the changes.
Package Availability:
Both updates can be downloaded from the Slackware project's official FTP site. Users can find packages for both i586 and x86_64 architectures, along with their respective MD5 signatures to verify integrity. Installation instructions are provided for seamless upgrades.
Installation Command:
Users can upgrade glibc and Mozilla Thunderbird packages by executing the command:
Conclusion:
These updates emphasize the Slackware Linux team's commitment to security. Users are advised to keep their systems updated to protect against potential vulnerabilities and ensure smooth system operation. Regular checks for updates and staying informed about security advisories are essential practices for maintaining a secure Linux environment.
For more detailed information, users can visit the official Slackware website or the OSU Open Source Lab, which provides hosting services for the project
glibc Update (SSA:2025-140-01):
The glibc update addresses a security vulnerability related to static setuid binaries that use dlopen to load libraries. The issue arises when these binaries incorrectly search the LD_LIBRARY_PATH, potentially allowing an attacker to execute malicious code if a vulnerable static setuid program exists. Although no such programs have been identified, the presence of custom setuid binaries poses a risk. The update includes rebuilt packages for various components of glibc, ensuring that users maintain a secure environment. For further information, users can refer to CVE-2025-4802.
Mozilla Thunderbird Update (SSA:2025-140-02):
The Mozilla Thunderbird update includes security fixes and improvements. The latest version, 128.10.2esr, addresses known vulnerabilities and enhances overall application security. Users are encouraged to check the release notes for detailed information on the changes.
Package Availability:
Both updates can be downloaded from the Slackware project's official FTP site. Users can find packages for both i586 and x86_64 architectures, along with their respective MD5 signatures to verify integrity. Installation instructions are provided for seamless upgrades.
Installation Command:
Users can upgrade glibc and Mozilla Thunderbird packages by executing the command:
upgradepkg *glibc-*.txz
upgradepkg mozilla-thunderbird-128.10.2esr-i686-1_slack15.0.txz
Conclusion:
These updates emphasize the Slackware Linux team's commitment to security. Users are advised to keep their systems updated to protect against potential vulnerabilities and ensure smooth system operation. Regular checks for updates and staying informed about security advisories are essential practices for maintaining a secure Linux environment.
For more detailed information, users can visit the official Slackware website or the OSU Open Source Lab, which provides hosting services for the project
Glibc and Thunderbird updates for Slackware
Slackware Linux has received security updates for glibc (SSA:2025-140-01) and mozilla-thunderbird (SSA:2025-140-02):
glibc (SSA:2025-140-01)
mozilla-thunderbird (SSA:2025-140-02)Glibc and Thunderbird updates for Slackware @ Linux Compatible
