ID SSA-2016-148-01
Type slackware
Reporter Slackware Linux Project
Modified 2016-05-27T16:33:14


New libxml2 packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:

patches/packages/libxml2-2.9.4-i486-1_slack14.1.txz: Upgraded. This release fixes bugs and security issues: Heap-based buffer underreads due to xmlParseName (CVE-2016-4447). Format string vulnerability (CVE-2016-4448). Inappropriate fetch of entities content (CVE-2016-4449). For more information, see: ( Security fix )

Where to find the new packages:

Thanks to the friendly folks at the OSU Open Source Lab ( for donating FTP and rsync hosting to the Slackware project! :-)

Also see the "Get Slack" section on for additional mirror sites near you.

Updated package for Slackware 14.0:

Updated package for Slackware x86_64 14.0:

Updated package for Slackware 14.1:

Updated package for Slackware x86_64 14.1:

Updated package for Slackware -current:

Updated package for Slackware x86_64 -current:

MD5 signatures:

Slackware 14.0 package: c498433ae7d6077a9d5245877aa2c06e libxml2-2.9.4-i486-1_slack14.0.txz

Slackware x86_64 14.0 package: c92258a87bb30a6cdce2b5428d640bd5 libxml2-2.9.4-x86_64-1_slack14.0.txz

Slackware 14.1 package: 2b74b913a164a23ad2da10eebf923e46 libxml2-2.9.4-i486-1_slack14.1.txz

Slackware x86_64 14.1 package: e2dee612c7de77822824e43a61414c2c libxml2-2.9.4-x86_64-1_slack14.1.txz

Slackware -current package: 98d1ede4a347a49f2ad972ac5339b9e6 l/libxml2-2.9.4-i586-1.txz

Slackware x86_64 -current package: c2d5721aac77b74d7e47a2a8a372d47a l/libxml2-2.9.4-x86_64-1.txz

Installation instructions:

Upgrade the package as root: > upgradepkg libxml2-2.9.4-i486-1_slack14.1.txz