Summary of Slackware Updates: Kernel and HTTPD Security Fixes
Slackware Linux has rolled out critical security updates for both the kernel and the HTTPD (Apache) server as part of its ongoing commitment to system security. Users are encouraged to upgrade to the latest versions to mitigate newly discovered vulnerabilities.
Kernel Update (SSA:2025-192-01)
- The kernel packages for Slackware 15.0 have been upgraded to version 5.15.187, addressing a variety of bugs and security issues, including mitigations for AMD Transient Scheduler Attacks.
- Users should ensure they upgrade their initrd after the kernel packages, and if using LILO or ELILO, update the bootloader configuration accordingly.
- The updated kernel packages are available for both i586 and x86_64 architectures, with various components such as kernel-modules, kernel-firmware, and kernel-source.
HTTPD Update (SSA:2025-192-02)
- The HTTPD packages have been upgraded to version 2.4.64, which addresses several security vulnerabilities, including HTTP response splitting, server-side request forgery (SSRF), and denial of service issues.
- Users should upgrade their HTTPD package and restart the Apache service to apply the changes.
Installation Instructions
For kernel updates:
- Use the command `# upgradepkg kernel-*.txz` as root.
- Rebuild the initrd if necessary, using provided commands depending on whether the system is a 32-bit SMP or a 64-bit machine.
- Ensure bootloader configurations are updated as needed.
For HTTPD updates:
- Upgrade using `# upgradepkg httpd-2.4.64-i586-1_slack15.0.txz` and restart the Apache service with the provided commands to ensure the new version is running.
Where to Access Updates
The new packages can be found at the Slackware FTP sites, with specific links provided for both 32-bit and 64-bit versions, as well as for the current version of Slackware.
Extended Discussion
The importance of timely updates in operating systems cannot be overstated. Security vulnerabilities can lead to significant risks, including data breaches and system compromises. It is crucial for system administrators and users to remain vigilant and proactive in applying updates, particularly in environments exposed to the internet.
Moreover, with the increasing complexity of software and the discovery of new vulnerabilities, regular maintenance is vital. Users should also consider implementing additional security measures, such as firewalls, intrusion detection systems, and regular audits of system configurations, to further enhance their security posture.
In conclusion, maintaining an updated system is an essential practice that not only protects against known vulnerabilities but also reinforces the overall integrity of the computing environment
Slackware Linux has rolled out critical security updates for both the kernel and the HTTPD (Apache) server as part of its ongoing commitment to system security. Users are encouraged to upgrade to the latest versions to mitigate newly discovered vulnerabilities.
Kernel Update (SSA:2025-192-01)
- The kernel packages for Slackware 15.0 have been upgraded to version 5.15.187, addressing a variety of bugs and security issues, including mitigations for AMD Transient Scheduler Attacks.
- Users should ensure they upgrade their initrd after the kernel packages, and if using LILO or ELILO, update the bootloader configuration accordingly.
- The updated kernel packages are available for both i586 and x86_64 architectures, with various components such as kernel-modules, kernel-firmware, and kernel-source.
HTTPD Update (SSA:2025-192-02)
- The HTTPD packages have been upgraded to version 2.4.64, which addresses several security vulnerabilities, including HTTP response splitting, server-side request forgery (SSRF), and denial of service issues.
- Users should upgrade their HTTPD package and restart the Apache service to apply the changes.
Installation Instructions
For kernel updates:
- Use the command `# upgradepkg kernel-*.txz` as root.
- Rebuild the initrd if necessary, using provided commands depending on whether the system is a 32-bit SMP or a 64-bit machine.
- Ensure bootloader configurations are updated as needed.
For HTTPD updates:
- Upgrade using `# upgradepkg httpd-2.4.64-i586-1_slack15.0.txz` and restart the Apache service with the provided commands to ensure the new version is running.
Where to Access Updates
The new packages can be found at the Slackware FTP sites, with specific links provided for both 32-bit and 64-bit versions, as well as for the current version of Slackware.
Extended Discussion
The importance of timely updates in operating systems cannot be overstated. Security vulnerabilities can lead to significant risks, including data breaches and system compromises. It is crucial for system administrators and users to remain vigilant and proactive in applying updates, particularly in environments exposed to the internet.
Moreover, with the increasing complexity of software and the discovery of new vulnerabilities, regular maintenance is vital. Users should also consider implementing additional security measures, such as firewalls, intrusion detection systems, and regular audits of system configurations, to further enhance their security posture.
In conclusion, maintaining an updated system is an essential practice that not only protects against known vulnerabilities but also reinforces the overall integrity of the computing environment
Kernel and HTTPD updates for Slackware
Slackware Linux has been updated with two security updates for the kernel (SSA:2025-192-01) and httpd (SSA:2025-192-02):
Slackware 15.0 kernel (SSA:2025-192-01)
httpd (SSA:2025-192-02)
