Contributed 3rd Party Builds • Re: Pale Moon for Slackware Linux

I'm just a regular user, so I might say something silly. Can these files be replaced with symbolic links?

/usr/include/palemoon-XX.X.X/expat_config.h ---- > /usr/include/expat_config.h /usr/include/palemoon-XX.X.X/expat_external.h ---- > /usr/include/expat_external.h /usr/include/palemoon-XX.X.X/expat.h ---- > /usr/include/xpat.h /usr/include/palemoon-XX.X.X/pnglibconf.h ---- > /usr/include/nglibconf.h /usr/include/palemoon-XX.X.X/pngconf.h ---- > /usr/include/pngconf.h

Fri Mar 27 04:09:20 UTC 2026 patches/packages/libpng-1.6.56-x86_64-1_slack15.0.txz: Upgraded. This update fixes security issues: Use-after-free via pointer aliasing in png_set_tRNS and png_set_PLTE. Out-of-bounds read/write in the palette expansion on ARM Neon. For more information, see: https://www.cve.org/CVERecord?id=CVE-2026-33416 https://www.cve.org/CVERecord?id=CVE-2026-33636

Wed Mar 18 23:23:04 UTC 2026 patches/packages/expat-2.7.5-x86_64-1_slack15.0.txz: Upgraded. This update fixes security issues: Fix NULL function pointer dereference for empty external parameter entities; it takes use of both functions XML_ExternalEntityParserCreate and XML_SetParamEntityParsing for an application to be vulnerable. Protect from XML_TOK_INSTANCE_START infinite loop in function entityValueProcessor; it takes use of both functions XML_ExternalEntityParserCreate and XML_SetParamEntityParsing for an application to be vulnerable. Fix NULL dereference in function setContext on retry after an earlier ouf-of-memory condition; it takes use of function XML_ParserCreateNS or XML_ParserCreate_MM for an application to be vulnerable. For more information, see: https://www.cve.org/CVERecord?id=CVE-2026-32776 https://www.cve.org/CVERecord?id=CVE-2026-32777 https://www.cve.org/CVERecord?id=CVE-2026-32778

Thu Feb 12 01:40:58 UTC 2026 patches/packages/libpng-1.6.55-x86_64-1_slack15.0.txz: Upgraded. Fixed a high severity security issue: Heap buffer overflow in png_set_quantize. Reported and fixed by Joshua Inscoe. For more information, see: https://www.cve.org/CVERecord?id=CVE-2026-2564

Sat Jan 31 23:57:36 UTC 2026 patches/packages/expat-2.7.4-x86_64-1_slack15.0.txz: Upgraded. This update fixes security issues: Function XML_ExternalEntityParserCreate failed to copy the encoding handler data passed to XML_SetUnknownEncodingHandler from the parent to the new subparser. This can cause a NULL dereference and denial of service. Integer overflow related to buffer size determination in function doContent. For more information, see: https://www.cve.org/CVERecord?id=CVE-2026-24515 https://www.cve.org/CVERecord?id=CVE-2026-25210