LibXML2 Update for Slackware: Security Fixes Released
Updated packages for LibXML2 have been released for Slackware Linux to address critical security vulnerabilities. The new versions are identified as:
- libxml2 (SSA:2025-196-02)
- libxml2 (SSA:2025-196-01)
libxml2 (SSA:2025-196-02):
This version includes a rebuild of the libxml2 package for Slackware 15.0, which has been recompiled to incorporate important security patches. The update resolves multiple vulnerabilities, ensuring improved security for users. Specific issues addressed include:
- CVE-2025-49794
- CVE-2025-49796
- CVE-2025-49795
- CVE-2025-6170
libxml2 (SSA:2025-196-01):
This earlier update also fixes security issues and bugs, particularly:
- Memory safety issues in xmlSchematronReportOutput.
- A null pointer dereference that could lead to denial of service.
- Potential buffer overflows in the interactive shell.
The updated packages can be found at the following locations:
- For Slackware 15.0:
- 32-bit: [libxml2-2.11.9-i586-6](ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/libxml2-2.11.9-i586-6_slack15.0.txz)
- 64-bit: [libxml2-2.11.9-x86_64-6](ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/libxml2-2.11.9-x86_64-6_slack15.0.txz)
- For Slackware -current:
- 32-bit: [libxml2-2.14.5-i686-1](ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libxml2-2.14.5-i686-1.txz)
- 64-bit: [libxml2-2.14.5-x86_64-1](ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libxml2-2.14.5-x86_64-1.txz)
To ensure the integrity of the downloaded packages, the following MD5 signatures are provided:
- Slackware 15.0 (32-bit): `5664672ac2b6d4b65db6a6640799374d`
- Slackware 15.0 (64-bit): `10f227929842ab2ac6a99d3dcfd2b556`
- Slackware -current (32-bit): `65baa004390c61233d7785375ab14e71`
- Slackware -current (64-bit): `45201dd02e07d95677de056ef9eeaead`
To upgrade to the latest version, users should execute the following command as root:
Ensure that you replace the package name with the appropriate version for your architecture.
The updates are made possible due to the support from the OSU Open Source Lab, which provides hosting services for the Slackware project. For additional information on Slackware, including mirror sites for downloads, please visit [Slackware's official website](http://slackware.com).
This update not only emphasizes the importance of regular package maintenance for security but also highlights the active community involvement in ensuring the stability and safety of the Slackware distribution. Users are encouraged to stay informed about updates and apply them promptly to protect their systems
Updated packages for LibXML2 have been released for Slackware Linux to address critical security vulnerabilities. The new versions are identified as:
- libxml2 (SSA:2025-196-02)
- libxml2 (SSA:2025-196-01)
Details of the Updates
libxml2 (SSA:2025-196-02):
This version includes a rebuild of the libxml2 package for Slackware 15.0, which has been recompiled to incorporate important security patches. The update resolves multiple vulnerabilities, ensuring improved security for users. Specific issues addressed include:
- CVE-2025-49794
- CVE-2025-49796
- CVE-2025-49795
- CVE-2025-6170
libxml2 (SSA:2025-196-01):
This earlier update also fixes security issues and bugs, particularly:
- Memory safety issues in xmlSchematronReportOutput.
- A null pointer dereference that could lead to denial of service.
- Potential buffer overflows in the interactive shell.
Package Availability
The updated packages can be found at the following locations:
- For Slackware 15.0:
- 32-bit: [libxml2-2.11.9-i586-6](ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/libxml2-2.11.9-i586-6_slack15.0.txz)
- 64-bit: [libxml2-2.11.9-x86_64-6](ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/libxml2-2.11.9-x86_64-6_slack15.0.txz)
- For Slackware -current:
- 32-bit: [libxml2-2.14.5-i686-1](ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libxml2-2.14.5-i686-1.txz)
- 64-bit: [libxml2-2.14.5-x86_64-1](ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libxml2-2.14.5-x86_64-1.txz)
MD5 Signatures for Verification
To ensure the integrity of the downloaded packages, the following MD5 signatures are provided:
- Slackware 15.0 (32-bit): `5664672ac2b6d4b65db6a6640799374d`
- Slackware 15.0 (64-bit): `10f227929842ab2ac6a99d3dcfd2b556`
- Slackware -current (32-bit): `65baa004390c61233d7785375ab14e71`
- Slackware -current (64-bit): `45201dd02e07d95677de056ef9eeaead`
How to Install the Updates
To upgrade to the latest version, users should execute the following command as root:
bashupgradepkg libxml2-2.11.9-i586-6_slack15.0.txz
Ensure that you replace the package name with the appropriate version for your architecture.
Acknowledgments
The updates are made possible due to the support from the OSU Open Source Lab, which provides hosting services for the Slackware project. For additional information on Slackware, including mirror sites for downloads, please visit [Slackware's official website](http://slackware.com).
This update not only emphasizes the importance of regular package maintenance for security but also highlights the active community involvement in ensuring the stability and safety of the Slackware distribution. Users are encouraged to stay informed about updates and apply them promptly to protect their systems
LibXML2 update for Slackware
Updated LibXML2 packages are available for Slackware Linux:
libxml2 (SSA:2025-196-02)
libxml2 (SSA:2025-196-01)
