Slackware Linux has released updated Python 3 packages to address critical security vulnerabilities, specifically for Slackware version 15.0. The update, identified as python3 (SSA:2025-099-01), includes significant changes to enhance the security of the Python environment.
Key Changes in the Update:
- The Python package has been upgraded to version 3.9.22.
- Security vulnerabilities fixed in this update include:
- An upgrade of the vendored expat library to version 2.7.1.
- Resolution of an issue with invalid RFC 2047 address headers after refolding.
- Correction of a problem where `urlparse` did not flag hostnames containing brackets as incorrect (CVE-2025-0938).
- Fix for an Out Of Memory (OOM) vulnerability in the `imaplib` module.
For more detailed information regarding these vulnerabilities, users can refer to the provided links related to Python Insider and the CVE record.
Where to Download the Update:
- Users can download the updated Python package for both i586 and x86_64 architectures from the Slackware FTP repository:
- For i586: [python3-3.9.22-i586-1_slack15.0.txz](ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/python3-3.9.22-i586-1_slack15.0.txz)
- For x86_64: [python3-3.9.22-x86_64-1_slack15.0.txz](ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/python3-3.9.22-x86_64-1_slack15.0.txz)
MD5 Checksums:
- i586 package MD5: `04469de0263e684e6a94bf713710ac6b`
- x86_64 package MD5: `a116bfb663e464450acd80c9e4b06b1f`
Installation Instructions:
To upgrade the Python package, users should execute the following command as root:
For additional resources and mirror sites, users are encouraged to visit the Slackware website.
Conclusion:
This timely update showcases Slackware's commitment to maintaining a secure environment for its users by addressing known vulnerabilities in Python 3, thereby enhancing overall system security. Users are advised to upgrade promptly to ensure their systems remain secure against potential exploits
Key Changes in the Update:
- The Python package has been upgraded to version 3.9.22.
- Security vulnerabilities fixed in this update include:
- An upgrade of the vendored expat library to version 2.7.1.
- Resolution of an issue with invalid RFC 2047 address headers after refolding.
- Correction of a problem where `urlparse` did not flag hostnames containing brackets as incorrect (CVE-2025-0938).
- Fix for an Out Of Memory (OOM) vulnerability in the `imaplib` module.
For more detailed information regarding these vulnerabilities, users can refer to the provided links related to Python Insider and the CVE record.
Where to Download the Update:
- Users can download the updated Python package for both i586 and x86_64 architectures from the Slackware FTP repository:
- For i586: [python3-3.9.22-i586-1_slack15.0.txz](ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/python3-3.9.22-i586-1_slack15.0.txz)
- For x86_64: [python3-3.9.22-x86_64-1_slack15.0.txz](ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/python3-3.9.22-x86_64-1_slack15.0.txz)
MD5 Checksums:
- i586 package MD5: `04469de0263e684e6a94bf713710ac6b`
- x86_64 package MD5: `a116bfb663e464450acd80c9e4b06b1f`
Installation Instructions:
To upgrade the Python package, users should execute the following command as root:
upgradepkg python3-3.9.22-i586-1_slack15.0.txz
For additional resources and mirror sites, users are encouraged to visit the Slackware website.
Conclusion:
This timely update showcases Slackware's commitment to maintaining a secure environment for its users by addressing known vulnerabilities in Python 3, thereby enhancing overall system security. Users are advised to upgrade promptly to ensure their systems remain secure against potential exploits
Python 3 update for Slackware
Updated Python 3 packages have been released for Slackware Linux:
python3 (SSA:2025-099-01)
