Actualizaciones de Seguridad

Publication date: 15 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-27830 , CVE-2025-27831 , CVE-2025-27832 , CVE-2025-27833 , CVE-2025-27834 , CVE-2025-27835 , CVE-2025-27836 , CVE-2025-27837 Description This release addresses CVEs: CVE-2025-27835, CVE-2025-27832, CVE-2025-27831, CVE-2025-27836, CVE-2025-27830, CVE-2025-27833, CVE-2025-27837, CVE-2025-27834 The 10.05.0 release deprecates the non-standard operator "selectdevice", all code should now be using the standard "setpagedevice" operator. "selectdevice" will be removed in the 10.06.0 release. We now support production of PDF/X-1a and PDF/X-4a in addition to the existing support for PDF/X-3 References

• https://bugs.mageia.org/show_bug.cgi?id=34088
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27830
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27831
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27832
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27833
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27834
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27835
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27836
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27837

SRPMS 9/core

• ghostscript-10.05.0-1.mga9

Publication date: 15 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2021-40647 Description In man2html 1.6g, a specific string being read in from a file will overwrite the size parameter in the top chunk of the heap. This at least causes the program to segmentation abort if the heap size parameter isn't aligned correctly. In versions before GLIBC version 2.29 and if aligned correctly, it allows arbitrary writes anywhere in the program's memory. References

• https://bugs.mageia.org/show_bug.cgi?id=34072
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAS4Z6KUDJQV22DP5BTQX56WVFT3FF32/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40647

SRPMS 9/core

• man2html-1.6-6.1.mga9

Publication date: 13 Mar 2025
Type: bugfix
Affected Mageia releases : 9
Description This a bump in major release number, but this is a leaf package and this version supersedes the LTS 2020.3.X releases we had on mga9 and which are no longer maintained from now on. References

• https://bugs.mageia.org/show_bug.cgi?id=34075

SRPMS 9/core

• simgear-2024.1.1-1.mga9
• flightgear-2024.1.1-1.mga9
• flightgear-data-2024.1.1-1.mga9

Publication date: 13 Mar 2025
Type: bugfix
Affected Mageia releases : 9
Description A recent update of lib(64)event7 broke the tor service and it will no longer start. This update fixes the issue References

• https://bugs.mageia.org/show_bug.cgi?id=34082
• https://bugs.gentoo.org/894536

SRPMS 9/core

• tor-0.4.7.13-1.1.mga9

Publication date: 13 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-8443 , CVE-2024-45615 , CVE-2024-45616 , CVE-2024-45617 , CVE-2024-45618 , CVE-2024-45619 , CVE-2024-45620 Description Heap buffer overflow in openpgp driver when generating key. (CVE-2024-8443) Usage of uninitialized values in libopensc and pkcs15init. (CVE-2024-45615) Uninitialized values after incorrect check or usage of apdu response values in libopensc. (CVE-2024-45616) Uninitialized values after incorrect or missing checking return values of functions in libopensc. (CVE-2024-45617) Uninitialized values after incorrect or missing checking return values of functions in pkcs15init. (CVE-2024-45618) Incorrect handling length of buffers or files in libopensc. (CVE-2024-45619) Incorrect handling of the length of buffers or files in pkcs15init. (CVE-2024-45620) References

• https://bugs.mageia.org/show_bug.cgi?id=34087
• https://ubuntu.com/security/notices/USN-7346-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8443
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45615
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45616
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45617
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45618
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45619
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45620

SRPMS 9/core

• opensc-0.25.0-1.1.mga9

Publication date: 12 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-26699 Description An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2.20. The django.utils.text.wrap() method and wordwrap template filter are subject to a potential denial-of-service attack when used with very long strings. (CVE-2025-26699) References

• https://bugs.mageia.org/show_bug.cgi?id=34073
• https://ubuntu.com/security/notices/USN-7335-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699

SRPMS 9/core

• python-django-4.1.13-1.3.mga9

Publication date: 12 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-27516 Description Jinja sandbox breakout through attr filter selecting format method. (CVE-2025-27516) References

• https://bugs.mageia.org/show_bug.cgi?id=34081
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MUH4YM6G3UIVK2776BABUYJKVIBPTUT5/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27516

SRPMS 9/core

• python-jinja2-3.1.6-1.mga9

Publication date: 12 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-43097 , CVE-2025-1931 , CVE-2025-1932 , CVE-2025-1933 , CVE-2025-1934 , CVE-2025-1935 , CVE-2025-1936 , CVE-2025-1937 , CVE-2025-1938 Description CVE-2024-43097: Overflow when growing an SkRegion's RunArray CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the Browser process CVE-2025-1931: Use-after-free in WebTransportChild CVE-2025-1932: Inconsistent comparator in XSLT sorting led to out-of-bounds access CVE-2025-1933: JIT corruption of WASM i32 return values on 64-bit CPUs CVE-2025-1934: Unexpected GC during RegExp bailout processing CVE-2025-1935: Clickjacking the registerProtocolHandler info-bar CVE-2025-1936: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents CVE-2025-1937: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21, Firefox ESR 128.8, and Thunderbird 128.8 CVE-2025-1938: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8 References

• https://bugs.mageia.org/show_bug.cgi?id=34065
• https://www.thunderbird.net/en-US/thunderbird/128.8.0esr/releasenotes/
• https://www.mozilla.org/en-US/security/advisories/mfsa2025-18/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43097
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1931
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1932
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1933
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1934
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1935
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1936
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1937
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1938

SRPMS 9/core

• thunderbird-128.8.0-1.mga9
• thunderbird-l10n-128.8.0-1.mga9

Publication date: 12 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-43097 , CVE-2025-1931 , CVE-2025-1932 , CVE-2025-1933 , CVE-2025-1934 , CVE-2025-1935 , CVE-2025-1936 , CVE-2025-1937 , CVE-2025-1938 Description CVE-2024-43097: Overflow when growing an SkRegion's RunArray CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the Browser process CVE-2025-1931: Use-after-free in WebTransportChild CVE-2025-1932: Inconsistent comparator in XSLT sorting led to out-of-bounds access CVE-2025-1933: JIT corruption of WASM i32 return values on 64-bit CPUs CVE-2025-1934: Unexpected GC during RegExp bailout processing CVE-2025-1935: Clickjacking the registerProtocolHandler info-bar CVE-2025-1936: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents CVE-2025-1937: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21, Firefox ESR 128.8, and Thunderbird 128.8 CVE-2025-1938: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8 References

• https://bugs.mageia.org/show_bug.cgi?id=34064
• https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_109.html
• https://www.mozilla.org/en-US/firefox/128.8.0/releasenotes/
• https://www.mozilla.org/en-US/security/advisories/mfsa2025-16/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43097
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1931
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1932
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1933
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1934
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1935
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1936
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1937
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1938

SRPMS 9/core

• firefox-128.8.0-1.mga9
• firefox-l10n-128.8.0-1.mga9
• nss-3.109.0-1.mga9

Publication date: 12 Mar 2025
Type: bugfix
Affected Mageia releases : 9
Description To fully work on some light desktops, neochat needs to require a password management application. This update fixes the issue. References

• https://bugs.mageia.org/show_bug.cgi?id=33366

SRPMS 9/core

• neochat-23.04.3-1.2.mga9

Publication date: 10 Mar 2025
Type: bugfix
Affected Mageia releases : 9
Description The updated packages fix the message stating that the previous version is too old by providing that latest version. References

• https://bugs.mageia.org/show_bug.cgi?id=34062

SRPMS 9/core

• xscreensaver-6.09-1.mga9

9/tainted

• xscreensaver-6.09-1.mga9.tainted

Publication date: 08 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-0444 , CVE-2025-0445 , CVE-2025-0451 , CVE-2025-0995 , CVE-2025-0996 , CVE-2025-0997 , CVE-2025-0998 , CVE-2025-0999 , CVE-2025-1426 , CVE-2025-1006 , CVE-2025-1914 , CVE-2025-1915 , CVE-2025-1916 , CVE-2025-1917 , CVE-2025-1918 , CVE-2025-1919 , CVE-2025-1921 , CVE-2025-1922 Description High CVE-2025-1914: Out of bounds read in V8. Medium CVE-2025-1915: Improper Limitation of a Pathname to a Restricted Directory in DevTools. Medium CVE-2025-1916: Use after free in Profiles. Medium CVE-2025-1917: Inappropriate Implementation in Browser UI. Medium CVE-2025-1918: Out of bounds read in PDFium. Medium CVE-2025-1919: Out of bounds read in Media. Medium CVE-2025-1921: Inappropriate Implementation in Media Low CVE-2025-1922: Inappropriate Implementation in Selection. Low CVE-2025-1923: Inappropriate Implementation in Permission Prompts. And more, please see the references. References

• https://bugs.mageia.org/show_bug.cgi?id=34012
• https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html
• https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_25.html
• https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html
• https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_12.html
• https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0444
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0445
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0451
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0995
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0996
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0997
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0998
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0999
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1426
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1006
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1914
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1915
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1916
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1917
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1918
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1919
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1921
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1922

SRPMS 9/tainted

• chromium-browser-stable-134.0.6998.35-1.mga9.tainted

Publication date: 08 Mar 2025
Type: bugfix
Affected Mageia releases : 9
Description Some external applications search for libevent-2.1.so.7 and fail to start. This update adds the file, fixing the issue. References

• https://bugs.mageia.org/show_bug.cgi?id=34063

SRPMS 9/core

• libevent-2.1.12-4.1.mga9

Publication date: 08 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-5520 , CVE-2024-0321 , CVE-2024-0322 Description Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2. (CVE-2023-5520) Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. (CVE-2024-0321) Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. (CVE-2024-0322) References

• https://bugs.mageia.org/show_bug.cgi?id=34071
• https://ubuntu.com/security/notices/USN-7320-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5520
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0321
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0322

SRPMS 9/tainted

• gpac-2.2.1-1.2.mga9.tainted

Publication date: 06 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-27423 Description Potential code execution with tar.vim and special crafted tar files. References

• https://bugs.mageia.org/show_bug.cgi?id=34057
• https://www.openwall.com/lists/oss-security/2025/03/02/1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27423

SRPMS 9/core

• vim-9.1.1166-1.mga9

Publication date: 06 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-26618 Description SSH SFTP packet size not verified properly in Erlang OTP. (CVE-2025-26618) References

• https://bugs.mageia.org/show_bug.cgi?id=34067
• https://ubuntu.com/security/notices/USN-7313-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26618

SRPMS 9/core

• erlang-24.3.4.15-1.1.mga9

Publication date: 06 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-35368 Description FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c. (CVE-2024-35368) References

• https://bugs.mageia.org/show_bug.cgi?id=34066
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/ZB33CK26BY2QPYGREWH7HHWHPSLGY4DI/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35368

SRPMS 9/core

• ffmpeg-5.1.6-1.4.mga9

9/tainted

• ffmpeg-5.1.6-1.4.mga9.tainted

Publication date: 03 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-26594 , CVE-2025-26595 , CVE-2025-26596 , CVE-2025-26597 , CVE-2025-26598 , CVE-2025-26599 , CVE-2025-26600 , CVE-2025-26601 Description Use-after-free of the root cursor. (CVE-2025-26594) Buffer overflow in XkbVModMaskText(). (CVE-2025-26595) Heap overflow in XkbWriteKeySyms(). (CVE-2025-26596) Buffer overflow in XkbChangeTypesOfKey(). (CVE-2025-26597) Out-of-bounds write in CreatePointerBarrierClient(). (CVE-2025-26598) Use of uninitialized pointer in compRedirectWindow(). (CVE-2025-26599) Use-after-free in PlayReleasedEvents(). (CVE-2025-26600) Use-after-free in SyncInitTrigger(). (CVE-2025-26601) References

• https://bugs.mageia.org/show_bug.cgi?id=34052
• https://www.openwall.com/lists/oss-security/2025/02/25/1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26594
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26595
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26596
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26597
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26598
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26599
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26600
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26601

SRPMS 9/core

• x11-server-21.1.8-7.7.mga9
• x11-server-xwayland-22.1.9-1.7.mga9
• tigervnc-1.13.1-2.7.mga9

Publication date: 02 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-0518 , CVE-2025-22919 , CVE-2025-22920 , CVE-2025-22921 , CVE-2025-25473 Description A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows attackers to cause a Denial of Service (DoS) via opening a crafted AAC file. (CVE-2025-22919) A heap buffer overflow vulnerability in FFmpeg before commit 4bf784c allows attackers to trigger a memory corruption via supplying a crafted media file in avformat when processing tile grid group streams. This can lead to a Denial of Service (DoS). (CVE-2025-22920) FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation violation via the component /libavcodec/jpeg2000dec.c. (CVE-2025-22921) FFmpeg git master before commit c08d30 was discovered to contain a NULL pointer dereference via the component libavformat/mov.c. (CVE-2025-25473) References

• https://bugs.mageia.org/show_bug.cgi?id=34054
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/G5BFJ3U3RQS5BEVWWNUO24FHCSLCALHX/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0518
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22919
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22920
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22921
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-25473

SRPMS 9/core

• ffmpeg-5.1.6-1.3.mga9

9/tainted

• ffmpeg-5.1.6-1.3.mga9.tainted

Publication date: 02 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-57360 , CVE-2025-0840 Description nm >=2.43 is affected by: Incorrect Access Control. The type of exploitation is: local. The component is: `nm --without-symbol-version` function. (CVE-2024-57360) GNU Binutils objdump.c disassemble_bytes stack-based overflow. (CVE-2025-0840) References

• https://bugs.mageia.org/show_bug.cgi?id=34053
• https://ubuntu.com/security/notices/USN-7306-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57360
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0840

SRPMS 9/core

• binutils-2.40-11.1.mga9