The Slackware Linux distribution has released updates for PHP packages to address security vulnerabilities in versions 15.0 and -current. The updates, documented in the ChangeLog, include significant security fixes for the PHP extensions PGSQL and SOAP, as well as a standard fix concerning null byte termination in hostnames. The updates are assigned the security advisories SSA:2025-184-01.
The specific updates include:
- PHP 8.1.33 and PHP 8.2.29 for Slackware 15.0
- PHP 8.4.10 for Slackware -current, with corresponding x86_64 versions.
Key security fixes include:
- Error handling improvements in the PGSQL extension.
- Resolution of a NULL Pointer Dereference issue in the SOAP extension when processing large XML namespace prefixes.
- Addressing null byte termination issues in hostnames.
For further details, users can refer to the Common Vulnerabilities and Exposures (CVE) records linked within the announcement.
Packages can be accessed via the Slackware FTP server, with MD5 checksums provided for verification. Users are instructed to upgrade their PHP packages as the root user and to restart the Apache HTTP server afterward to apply the changes.
For those looking for additional resources, mirror sites can be found on the official Slackware website, and the community is encouraged to visit the OSU Open Source Lab for further support.
In conclusion, it is essential for Slackware users to regularly update their systems, particularly for critical software such as PHP, to safeguard against potential vulnerabilities and enhance system security
The specific updates include:
- PHP 8.1.33 and PHP 8.2.29 for Slackware 15.0
- PHP 8.4.10 for Slackware -current, with corresponding x86_64 versions.
Key security fixes include:
- Error handling improvements in the PGSQL extension.
- Resolution of a NULL Pointer Dereference issue in the SOAP extension when processing large XML namespace prefixes.
- Addressing null byte termination issues in hostnames.
For further details, users can refer to the Common Vulnerabilities and Exposures (CVE) records linked within the announcement.
Packages can be accessed via the Slackware FTP server, with MD5 checksums provided for verification. Users are instructed to upgrade their PHP packages as the root user and to restart the Apache HTTP server afterward to apply the changes.
For those looking for additional resources, mirror sites can be found on the official Slackware website, and the community is encouraged to visit the OSU Open Source Lab for further support.
In conclusion, it is essential for Slackware users to regularly update their systems, particularly for critical software such as PHP, to safeguard against potential vulnerabilities and enhance system security
PHP update for Slackware
New PHP packages have been released for Slackware 15.0 to mitigate security vulnerabilities:
php (SSA:2025-184-01)
