Actualizaciones de Seguridad

Publication date: 06 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-62229 , CVE-2025-62230 , CVE-2025-62231 Description Use-after-free in XPresentNotify structures creation. (CVE-2025-62229) Use-after-free in Xkb client resource removal. (CVE-2025-62230) Value overflow in Xkb extension XkbSetCompatMap(). (CVE-2025-62231) References

• https://bugs.mageia.org/show_bug.cgi?id=34701
• https://www.openwall.com/lists/oss-security/2025/10/28/7
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62229
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62230
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62231

SRPMS 9/core

• x11-server-21.1.8-7.9.mga9
• x11-server-xwayland-22.1.9-1.9.mga9
• tigervnc-1.13.1-2.9.mga9

Publication date: 06 Nov 2025
Type: bugfix
Affected Mageia releases : 9
Description We are rebuilding packages requiring icu version 72 with icu version 73 to use an icu version with security fixes. These packages are the second set. References

• https://bugs.mageia.org/show_bug.cgi?id=34665

SRPMS 9/core

• brltty-6.5-2.1.mga9
• darktable-4.6.1-1.1.mga9
• dino-0.4.2-1.1.mga9
• gnome-text-editor-44.0-1.1.mga9
• godot-4.5-1.1.mga9
• hfst-ospell-0.5.3-2.1.mga9
• kdb-3.2.90-11.git20220620.mga9
• libe-book-0.1.3-13.1.mga9
• libphonenumber-8.12.57-4.1.mga9
• libical-3.0.16-2.1.mga9
• liblcf-0.7.0-3.1.mga9
• mapnik-3.1.0-9.1.mga9
• libmspub-0.1.4-13.1.mga9
• nuspell-5.1.2-1.1.mga9
• libqalculate-4.5.1-2.1.mga9
• qt5compat6-6.4.1-3.1.mga9
• qt4-4.8.7-45.1.mga9
• libqxp-0.0.2-10.1.mga9
• libvisio-0.1.7-10.1.mga9
• vte-0.72.1-1.2.mga9
• xalan-c-1.12-5.1.mga9
• libzmf-0.0.2-13.1.mga9
• ncmpcpp-0.9.2-11.1.mga9
• openttd-13.3-1.1.mga9
• qtlocation5-5.15.7-2.1.mga9
• rspamd-3.2-3.1.mga9
• slop-7.6-2.1.mga9
• tesseract-5.3.0-3.1.mga9
• texlive-20220321-7.2.mga9
• unar-1.10.7-11.1.mga9
• widelands-1.1-2.1.mga9
• znc-1.8.2-21.2.mga9
• samba-4.17.12-1.1.mga9

Publication date: 06 Nov 2025
Type: bugfix
Affected Mageia releases : 9
Description We are rebuilding packages requiring icu 72 version with icu 73 version to use an icu version with security fixes. These packages are the first set. References

• https://bugs.mageia.org/show_bug.cgi?id=34619

SRPMS 9/core

• 389-adminutil-1.1.22-19.1.mga9
• 389-ds-base-1.4.0.26-17.1.mga9
• 389-dsgw-1.1.11-27.1.mga9
• boost-1.81.0-3.1.mga9
• couchdb-3.2.2-2.2.mga9
• dee-1.2.7-31.1.mga9
• fbembed-2.5.9.27115-13.1.mga9
• freeciv-3.0.7-1.1.mga9
• harfbuzz-7.0.1-1.1.mga9
• ibus-qt4-1.3.3-19.1.mga9
• ircclient-qt-0.3.2-32.1.mga9
• mongo-c-driver-1.23.2-2.1.mga9
• mozjs102-102.6.0-2.1.mga9
• parrot-8.1.0-15.1.mga9
• postfix-3.8.4-1.1.mga9
• prelude-lml-5.2.0-7.1.mga9
• python-icu-2.10.2-1.1.mga9
• sword-1.9.0-9.1.mga9
• tepl-6.4.0-1.1.mga9
• tracker-3.5.3-1.1.mga9
• tracker-miners-3.5.2-1.1.mga9
• xerces-c-3.2.4-1.1.mga9
• xfsprogs-6.6.0-1.1.mga9
• yaz-5.34.0-1.1.mga9

Publication date: 06 Nov 2025
Type: bugfix
Affected Mageia releases : 9
Description The updated packages provide the latest version of xscreensaver to get rid of "This version is very old" and fix a heap buffer overflow. References

• https://bugs.mageia.org/show_bug.cgi?id=34707

SRPMS 9/core

• xscreensaver-6.12-1.1.mga9

9/tainted

• xscreensaver-6.12-1.1.mga9.tainted

Publication date: 05 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-1153 , CVE-2025-1176 , CVE-2025-1178 , CVE-2025-1181 , CVE-2025-1182 Description GNU Binutils format.c bfd_set_format memory corruption. (CVE-2025-1153) GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec heap-based overflow. (CVE-2025-1176) GNU Binutils ld libbfd.c bfd_putl64 memory corruption. (CVE-2025-1178) GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec memory corruption. (CVE-2025-1181) GNU Binutils ld elflink.c bfd_elf_reloc_symbol_deleted_p memory corruption. (CVE-2025-1182) References

• https://bugs.mageia.org/show_bug.cgi?id=34180
• https://ubuntu.com/security/notices/USN-7423-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1153
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1176
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1178
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1181
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1182

SRPMS 9/core

• binutils-2.40-11.2.mga9

Publication date: 05 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-2784 , CVE-2025-32049 , CVE-2025-32050 , CVE-2025-32051 , CVE-2025-32052 , CVE-2025-32053 , CVE-2025-32906 , CVE-2025-32907 , CVE-2025-32908 , CVE-2025-32909 , CVE-2025-32910 , CVE-2025-32911 , CVE-2025-32912 , CVE-2025-32913 , CVE-2025-32914 Description Libsoup: heap buffer over-read in `skip_insignificant_space` when sniffing content. (CVE-2025-2784) Libsoup: denial of service attack to websocket server. (CVE-2025-32049) Libsoup: integer overflow in append_param_quoted. (CVE-2025-32050) Libsoup: segmentation fault when parsing malformed data uri. (CVE-2025-32051) Libsoup: heap buffer overflow in sniff_unknown(). (CVE-2025-32052) Libsoup: heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space(). (CVE-2025-32053) Libsoup: out of bounds reads in soup_headers_parse_request(). (CVE-2025-32906) Libsoup: denial of service in server when client requests a large amount of overlapping ranges with range header. (CVE-2025-32907) Libsoup: denial of service on libsoup through http/2 server. (CVE-2025-32908) Libsoup: null pointer dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c. (CVE-2025-32909) Libsoup: null pointer deference on libsoup via /auth/soup-auth-digest.c through "soup_auth_digest_authenticate" on client when server omits the "realm" parameter in an unauthorized response with digest authentication. (CVE-2025-32910) Libsoup: double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" ghashtable value. (CVE-2025-32911) Libsoup: null pointer dereference in client when server omits the "nonce" parameter in an unauthorized response with digest authentication. (CVE-2025-32912) Libsoup: null pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in content-disposition header. (CVE-2025-32913) Libsoup: oob read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process. (CVE-2025-32914) Libsoup: memory leak on soup_header_parse_quality_list() via soup-headers.c. (CVE-2025-46420) Libsoup: information disclosure may leads libsoup client sends authorization header to a different host when being redirected by a server. (CVE-2025-46421) Libsoup: null pointer dereference in libsoup may lead to denial of service. (CVE-2025-4476) Libsoup: integer overflow in cookie expiration date handling in libsoup. (CVE-2025-4945) References

• https://bugs.mageia.org/show_bug.cgi?id=34187
• https://ubuntu.com/security/notices/USN-7432-1
• https://openwall.com/lists/oss-security/2025/04/18/4
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/53THXHSDPP4TLMFRSP5DPLY4DK72M7XY/
• https://ubuntu.com/security/notices/USN-7543-1
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/NK7USYFSJPRTIVISSEDBLS53JCM5ETOI/
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/EPLHUVQI4JICGWTVGG7KI7D4BMHB34YD/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2784
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32049
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32050
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32051
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32052
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32053
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32906
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32907
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32908
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32909
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32910
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32911
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32912
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32913
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32914

SRPMS 9/core

• libsoup3-3.4.2-1.2.mga9
• libsoup-2.74.3-1.2.mga9

Publication date: 05 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-3469 , CVE-2025-32696 , CVE-2025-32697 , CVE-2025-32698 , CVE-2025-32699 , CVE-2025-32700 , CVE-2025-32072 , CVE-2025-11173 , CVE-2025-11261 , CVE-2025-61635 , CVE-2025-61638 , CVE-2025-61639 , CVE-2025-61640 , CVE-2025-61641 , CVE-2025-61643 , CVE-2025-61646 , CVE-2025-61653 Description i18n XSS vulnerability in HTMLMultiSelectField when sections are used. (CVE-2025-3469) "reupload-own" restriction can be bypassed by reverting file. (CVE-2025-32696) Cascading protection is not preventing file reversions. (CVE-2025-32697) LogPager.php: Restriction enforcer functions do not correctly enforce suppression restrictions. (CVE-2025-32698) Potential javascript injection attack enabled by Unicode normalization in Action API. (CVE-2025-32699) AbuseFilter log interfaces expose global private and hidden filters when central DB is not available. (CVE-2025-32700) HTML injection in feed output from i18n message. (CVE-2025-32072) OATHAuth extension: Reauthentication for enabling 2FA can be bypassed by submitting a form in Special:OATHManage. (CVE-2025-11173) Stored i18n Cross-site scripting (XSS) vulnerability in mw.language.listToText. (CVE-2025-11261) ConfirmEdit extension: Missing rate limiting in ApiFancyCaptchaReload. (CVE-2025-61635) Parsoid: Validation bypass for `data-` attributes. (CVE-2025-61638) Log entries which are hidden from the creation of the entry may be disclosed to the public recent change entry. (CVE-2025-61639) Stored i18n Cross-site scripting (XSS) vulnerability in Special:RecentChangesLinked. (CVE-2025-61640) DDoS vulnerability in QueryAllPages API in miser mode. The `maxsize` value is now ignored in that mode. (CVE-2025-61641) Suppressed recent changes may be disclosed to the public RCFeeds. (CVE-2025-61643) Public Watchlist/RecentChanges pages may disclose hidden usernames when an individual editor makes consecutive revisions on a single page, and only some are marked as hidden username. (CVE-2025-61646) TextExtracts extension: Information disclosure vulnerability in the extracts API action endpoint due to missing read permission check. (CVE-2025-61653) VisualEditor extension: Stored i18n Cross-site scripting (XSS) vulnerability in `lastModifiedAt` system messages. (CVE-2025-61655) VisualEditor extension: Missing attribute validation for attributes unwrapped from `data-ve-attributes`. (CVE-2025-61656) References

• https://bugs.mageia.org/show_bug.cgi?id=34211
• https://lists.debian.org/debian-security-announce/2025/msg00063.html
• https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/CIXFJVC57OFRBCCEIDRLZCLFGMYGEYTT/
• https://lists.debian.org/debian-security-announce/2025/msg00121.html
• https://lists.debian.org/debian-lts-announce/2025/10/msg00034.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3469
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32696
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32697
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32698
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32699
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32700
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32072
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11173
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11261
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61635
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61638
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61639
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61640
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61641
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61643
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61646
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61653

SRPMS 9/core

• mediawiki-1.35.14-1.1.mga9

Publication date: 05 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-46836 Description net-tools Stack-based Buffer Overflow vulnerability. (CVE-2025-46836) References

• https://bugs.mageia.org/show_bug.cgi?id=34295
• https://lists.debian.org/debian-security-announce/2025/msg00086.html
• https://ubuntu.com/security/notices/USN-7537-1
• https://ubuntu.com/security/notices/USN-7537-2
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46836

SRPMS 9/core

• net-tools-2.10-1.1.mga9

Publication date: 05 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-36347 Description AMD CPU Microcode Signature Verification Vulnerability. (CVE-2024-36347) References

• https://bugs.mageia.org/show_bug.cgi?id=34706
• https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7033.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36347

SRPMS 9/nonfree

• microcode-0.20250812-3.mga9.nonfree

Publication date: 04 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-48174 , CVE-2025-48175 Description In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream->offset+size. (CVE-2025-48174) In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes. (CVE-2025-48175) References

• https://bugs.mageia.org/show_bug.cgi?id=34336
• https://lists.debian.org/debian-security-announce/2025/msg00094.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48174
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48175

SRPMS 9/core

• libavif-0.11.1-1.1.mga9

Publication date: 04 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-47912 , CVE-2025-58183 , CVE-2025-58185 , CVE-2025-58186 , CVE-2025-58187 , CVE-2025-58188 , CVE-2025-58189 , CVE-2025-61723 , CVE-2025-61724 , CVE-2025-61725 Description Insufficient validation of bracketed IPv6 hostnames in net/url. (CVE-2025-47912) Unbounded allocation when parsing GNU sparse map in archive/tar. (CVE-2025-58183) Parsing DER payload can cause memory exhaustion in encoding/asn1. (CVE-2025-58185) Lack of limit when parsing cookies can cause memory exhaustion in net/http. (CVE-2025-58186) Quadratic complexity when checking name constraints in crypto/x509. (CVE-2025-58187) Panic when validating certificates with DSA public keys in crypto/x509. (CVE-2025-58188) ALPN negotiation error contains attacker controlled information in crypto/tls. (CVE-2025-58189) Quadratic complexity when parsing some invalid inputs in encoding/pem. (CVE-2025-61723) Excessive CPU consumption in Reader.ReadResponse in net/textproto. (CVE-2025-61724) Excessive CPU consumption in ParseAddress in net/mail. (CVE-2025-61725) These packages fix the issues for the compiler only; applications using the functions still need to be rebuilt. References

• https://bugs.mageia.org/show_bug.cgi?id=34651
• https://www.openwall.com/lists/oss-security/2025/10/08/1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47912
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58183
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58185
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58186
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58187
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58188
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58189
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61723
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61724
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61725

SRPMS 9/core

• golang-1.24.9-1.mga9

Publication date: 31 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-53603 Description It was discovered that sope, the set of Objective-C frameworks powering SOGo, contains a DoS bug which could cause a crash (CVE-2025-53603). References

• https://bugs.mageia.org/show_bug.cgi?id=34416
• https://www.openwall.com/lists/oss-security/2025/07/02/3
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53603

SRPMS 9/core

• sope-5.6.0-2.1.mga9

Publication date: 31 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-8677 , CVE-2025-40778 , CVE-2025-40780 Description Resource exhaustion via malformed DNSKEY handling (CVE-2025-8677). Cache poisoning attacks with unsolicited RRs (CVE-2025-40778). Cache poisoning due to weak PRNG (CVE-2025-40780). References

• https://bugs.mageia.org/show_bug.cgi?id=34696
• https://www.openwall.com/lists/oss-security/2025/10/22/1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8677
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40778
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40780

SRPMS 9/core

• bind-9.18.39-1.1.mga9

Publication date: 31 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-46397 , CVE-2025-46398 , CVE-2025-46399 , CVE-2025-46400 Description fig2dev stack-overflow. (CVE-2025-46397) fig2dev stack-overflow via read_objects. (CVE-2025-46398) fig2dev segmentation fault vulnerability. (CVE-2025-46399) fig2dev segmentation fault in read_arcobject. (CVE-2025-46400) References

• https://bugs.mageia.org/show_bug.cgi?id=34309
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/ZDNSWLCQENGSN2O2GVDL64VL52AR7HAU/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46397
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46398
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46399
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46400

SRPMS 9/core

• transfig-3.2.9a-1.1.mga9

Publication date: 31 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-13978 , CVE-2025-8176 , CVE-2025-8177 , CVE-2025-8534 , CVE-2025-8961 , CVE-2025-9165 , CVE-2025-9900 Description LibTIFF fax2ps tiff2pdf.c t2p_read_tiff_init null pointer dereference. (CVE-2024-13978) LibTIFF tiffmedian.c get_histogram use after free. (CVE-2025-8176) LibTIFF thumbnail.c setrow buffer overflow. (CVE-2025-8177) libtiff tiff2ps tiff2ps.c PS_Lvl2page null pointer dereference. (CVE-2025-8534) LibTIFF tiffcrop tiffcrop.c main memory corruption. (CVE-2025-8961) LibTIFF tiffcmp tiffcmp.c InitCCITTFax3 memory leak. (CVE-2025-9165) Libtiff: libtiff write-what-where. (CVE-2025-9900) References

• https://bugs.mageia.org/show_bug.cgi?id=34704
• https://lists.debian.org/debian-security-announce/2025/msg00189.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13978
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8176
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8177
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8534
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8961
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9165
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9900

SRPMS 9/core

• libtiff-4.5.1-1.6.mga9

Publication date: 29 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-52885 Description Use After Free (UAF) in Poppler. (CVE-2025-52885) References

• https://bugs.mageia.org/show_bug.cgi?id=34668
• https://www.openwall.com/lists/oss-security/2025/10/13/2
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52885

SRPMS 9/core

• poppler-23.02.0-1.8.mga9

Publication date: 29 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-55752 , CVE-2025-55754 , CVE-2025-61795 Description Directory traversal via rewrite with possible RCE if PUT is enabled. (CVE-2025-55752) Console manipulation via escape sequences in log messages. (CVE-2025-55754) Delayed cleaning of multi-part upload temporary files may lead to DoS. (CVE-2025-61795) References

• https://bugs.mageia.org/show_bug.cgi?id=34699
• https://www.openwall.com/lists/oss-security/2025/10/27/4
• https://www.openwall.com/lists/oss-security/2025/10/27/5
• https://www.openwall.com/lists/oss-security/2025/10/27/6
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55752
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55754
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61795

SRPMS 9/core

• tomcat-9.0.111-1.mga9

Publication date: 27 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-5222 Description A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution. References

• https://bugs.mageia.org/show_bug.cgi?id=34442
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/KB5WTHV4QSRRUVG6KMSV4Z2FIQKSWR54/
• https://lists.debian.org/debian-security-announce/2025/msg00115.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5222

SRPMS 9/core

• icu-73.2-1.2.mga9

Publication date: 27 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-49133 Description It was discovered that libtpms had a potential out-of-bound access & abort due to HMAC signing issue (CVE-2025-49133). References

• https://bugs.mageia.org/show_bug.cgi?id=34396
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XITIPFJQFQIYBAV5Y3UA5AL6T5ATFDFX/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49133

SRPMS 9/core

• libtpms-0.9.6-1.1.mga9

Publication date: 24 Oct 2025
Type: bugfix
Affected Mageia releases : 9
Description Fixed multiple shader bugs that were causing graphical artifacts and vegetation to not be visible Fixed a bug where messages from ATC were appearing on the splash screen before the user had fully spawned Fixed a bug in the launcher where dropdown boxes on the Flight Planner page were empty Fixed a memory bug in YASim that resulted in a crash under certain conditions Fixed missing maps in the FG1000 Fixed regional textures for random buildings Fixed minimum dewpoint calculation in JSBSim Fixed SID/STAR selection and modification in the route manager References

• https://bugs.mageia.org/show_bug.cgi?id=34659
• https://www.flightgear.org/download/releases/2024-1-2/

SRPMS 9/core

• simgear-2024.1.2-1.mga9
• flightgear-2024.1.2-1.mga9
• flightgear-data-2024.1.2-1.mga9