Actualizaciones de Seguridad

MGASA-2025-0249 - Updated icu packages fix security vulnerability

Mageia Security - 27 Octubre, 2025 - 17:53

Publication date: 27 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-5222 Description A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution. References

SRPMS 9/core

icu-73.2-1.2.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2025-0248 - Updated libtpms package fixes security vulnerability

Mageia Security - 27 Octubre, 2025 - 17:53

Publication date: 27 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-49133 Description It was discovered that libtpms had a potential out-of-bound access & abort due to HMAC signing issue (CVE-2025-49133). References

SRPMS 9/core

libtpms-0.9.6-1.1.mga9

Categorías: Actualizaciones de Seguridad

MGAA-2025-0087 - Updated simgear, flightgear and flightgear-data packages fix bugs

Mageia Security - 24 Octubre, 2025 - 17:01

Publication date: 24 Oct 2025
Type: bugfix
Affected Mageia releases : 9
Description Fixed multiple shader bugs that were causing graphical artifacts and vegetation to not be visible Fixed a bug where messages from ATC were appearing on the splash screen before the user had fully spawned Fixed a bug in the launcher where dropdown boxes on the Flight Planner page were empty Fixed a memory bug in YASim that resulted in a crash under certain conditions Fixed missing maps in the FG1000 Fixed regional textures for random buildings Fixed minimum dewpoint calculation in JSBSim Fixed SID/STAR selection and modification in the route manager References

SRPMS 9/core

simgear-2024.1.2-1.mga9
flightgear-2024.1.2-1.mga9
flightgear-data-2024.1.2-1.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2025-0247 - Updated thunderbird packgaes fix security vulnerabilities

Mageia Security - 23 Octubre, 2025 - 20:37

Publication date: 23 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-10527 , CVE-2025-10528 , CVE-2025-10529 , CVE-2025-10532 , CVE-2025-10533 , CVE-2025-10536 , CVE-2025-10537 , CVE-2025-11708 , CVE-2025-11709 , CVE-2025-11710 , CVE-2025-11711 , CVE-2025-11712 , CVE-2025-11713 , CVE-2025-11714 , CVE-2025-11715 Description CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance() CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures CVE-2025-11710: Cross-process information leaked due to malicious IPC messages CVE-2025-11711: Some non-writable Object properties could be modified CVE-2025-11712: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type CVE-2025-11713: Potential user-assisted code execution in “Copy as cURL” command CVE-2025-11714: Memory safety bugs fixed in Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 CVE-2025-11715: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144, and other security fixes; please see the links. References

SRPMS 9/core

thunderbird-140.4.0-1.2.mga9
thunderbird-l10n-140.4.0-1.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2025-0246 - Updated firefox, nss & rootcerts fix security vulnerabilities

Mageia Security - 23 Octubre, 2025 - 20:37

Publication date: 23 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-10527 , CVE-2025-10528 , CVE-2025-10529 , CVE-2025-10532 , CVE-2025-10533 , CVE-2025-10536 , CVE-2025-10537 , CVE-2025-11708 , CVE-2025-11709 , CVE-2025-11710 , CVE-2025-11711 , CVE-2025-11712 , CVE-2025-11713 , CVE-2025-11714 , CVE-2025-11715 Description CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance() CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures CVE-2025-11710: Cross-process information leaked due to malicious IPC messages CVE-2025-11711: Some non-writable Object properties could be modified CVE-2025-11712: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type CVE-2025-11713: Potential user-assisted code execution in “Copy as cURL” command CVE-2025-11714: Memory safety bugs fixed in Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 CVE-2025-11715: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144, and other security fixes; please see the links. References

SRPMS 9/core

nss-3.117.0-1.mga9
rootcerts-20251003.00-1.mga9
firefox-140.4.0-1.2.mga9
firefox-l10n-140.4.0-1.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2025-0245 - Updated nginx package fixes security vulnerability

Mageia Security - 22 Octubre, 2025 - 21:07

Publication date: 22 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-53859 Description It was discovered that nginx contains a security issue in the ngx_mail_smtp_module which might allow an attacker to cause buffer over-read potentially resulting in sensitive information leak in a HTTP request to the authentication server (CVE-2025-53859). References

SRPMS 9/core

nginx-1.26.3-1.1.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2025-0244 - Updated openssl packages fix a security vulnerability

Mageia Security - 22 Octubre, 2025 - 21:07

Publication date: 22 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-9230 Description Out-of-bounds read & write in RFC 3211 KEK Unwrap. (CVE-2025-9230) References

SRPMS 9/core

openssl-3.0.18-1.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2025-0243 - Updated python-django packages fix a security vulnerability

Mageia Security - 22 Octubre, 2025 - 21:07

Publication date: 22 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-59681 , CVE-2025-59682 Description An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate(), QuerySet.alias(), QuerySet.aggregate(), and QuerySet.extra() are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to these methods (on MySQL and MariaDB). (CVE-2025-59681) An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract() function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common prefix with the target directory. (CVE-2025-59682) References

SRPMS 9/core

python-django-4.1.13-1.7.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2025-0242 - Updated haproxy packages fix security vulnerability & bugs

Mageia Security - 22 Octubre, 2025 - 21:07

Publication date: 22 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-11230 Description Haproxy has a critical, a major, few medium and few minor bugs fixed in the last upstream version 2.8.16 of branch 2.8. Fixed critical bug list: - mjson: fix possible DoS when parsing numbers Fixed major bug list: - listeners: transfer connection accounting when switching listeners Fixed medium bugs list: - check: Requeue healthchecks on I/O events to handle check timeout - check: Set SOCKERR by default when a connection error is reported - checks: fix ALPN inheritance from server - dns: Reset reconnect tempo when connection is finally established - fd: Use the provided tgid in fd_insert() to get tgroup_info - h1: Allow reception if we have early data - h1/h2/h3: reject forbidden chars in the Host header field - h2/h3: reject some forbidden chars in :authority before reassembly - hlua: Add function to change the body length of an HTTP Message - hlua: Forbid any L6/L7 sample fetche functions from lua services - hlua: Report to SC when data were consumed on a lua socket - hlua: Report to SC when output data are blocked on a lua socket - http-client: Ask for more room when request data cannot be xferred - http-client: Don't wake http-client applet if nothing was xferred - http-client: Drain the request if an early response is received - http-client: Notify applet has more data to deliver until the EOM - http-client: Properly inc input data when HTX blocks are xferred - http-client: Test HTX_FL_EOM flag before commiting the HTX buffer - httpclient: Throw an error if an lua httpclient instance is reused - mux-h2: Properly handle connection error during preface sending - server: Duplicate healthcheck's alpn inherited from default server - ssl: ca-file directory mode must read every certificates of a file - ssl/clienthello: ECDSA with ssl-max-ver TLSv1.2 and no ECDSA ciphers - ssl: create the mux immediately on early data - ssl: Fix 0rtt to the server - ssl: fix build with AWS-LC - threads: Disable the workaround to load libgcc_s on macOS References

SRPMS 9/core

haproxy-2.8.16-1.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2025-0241 - Updated quictls packages with two security issues and bug fixes

Mageia Security - 20 Octubre, 2025 - 20:51

Publication date: 20 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-9230 , CVE-2025-9232 Description Two security issues and miscellaneous minor bug fixes. Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap. (CVE-2025-9230) Fix Out-of-bounds read in HTTP client no_proxy handling. (CVE-2025-9232) References

SRPMS 9/core

quictls-3.0.18-1.mga9

Categorías: Actualizaciones de Seguridad

MGAA-2025-0086 - Updated rust packages fix bug

Mageia Security - 20 Octubre, 2025 - 20:51

Publication date: 20 Oct 2025
Type: bugfix
Affected Mageia releases : 9
Description The current version of rust in mga9 is not new enough to keep building Mozilla's applications. This update fixes the reported issue. References

https://bugs.mageia.org/show_bug.cgi?id=34500

SRPMS 9/core

rust-1.82.0-1.mga9

Categorías: Actualizaciones de Seguridad

MGAA-2025-0085 - Updated phpmyadmin packages fix bug

Mageia Security - 20 Octubre, 2025 - 20:51

Publication date: 20 Oct 2025
Type: bugfix
Affected Mageia releases : 9
Description Fixed "Delete" button not asking for confirmation when deleting a row. Fix error 500 when simulating a SET statement. Fixed PHP 8.4 deprecations in thecodingmachine/safe. References

SRPMS 9/core

phpmyadmin-5.2.3-1.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2025-0240 - Updated expat packages fix security vulnerabilities

Mageia Security - 18 Octubre, 2025 - 17:49

Publication date: 18 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-8176 , CVE-2025-59375 Description Improper restriction of xml entity expansion depth in libexpat. (CVE-2024-8176) This is an extension of the fix published in MGASA-2025-0109 that was determined by upstream to be incomplete. Libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing. (CVE-2025-59375) References

SRPMS 9/core

expat-2.7.3-1.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2025-0239 - Updated varnish & lighttpd packages fix security vulnerability

Mageia Security - 17 Octubre, 2025 - 02:40

Publication date: 17 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-8671 Description It was discovered that a denial of service attack can be performed on cache servers that have the HTTP/2 protocol turned on. An attacker can create a large number of streams and immediately reset them without ever reaching the maximum number of concurrent streams allowed for the session, causing the server to consume unnecessary resources processing requests for which the response will not be delivered (CVE-2025-8671). References

SRPMS 9/core

varnish-7.7.3-1.mga9
lighttpd-1.4.80-1.3.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2025-0238 - Updated fetchmail package fixes security vulnerability

Mageia Security - 14 Octubre, 2025 - 18:45

Publication date: 14 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-61962 Description It was discovered that fetchmail's SMTP client, when configured to authenticate, is susceptible to a protocol violation where, when a trusted but malicious or malfunctioning SMTP server responds to an authentication request with a "334" code but without a following blank on the line, it will attempt to start reading from memory address 0x1 to parse the server's SASL challenge. This event will usually cause a crash of fetchmail (CVE-2025-61962). References

SRPMS 9/core

fetchmail-6.5.6-1.mga9

Categorías: Actualizaciones de Seguridad

MGAA-2025-0084 - Updated viking package fix bug

Mageia Security - 14 Octubre, 2025 - 18:45

Publication date: 14 Oct 2025
Type: bugfix
Affected Mageia releases : 9
Description Viking no longer downloads Open Street Maps map tiles. This update fixes the reported issue. References

SRPMS 9/core

viking-1.10-2.1.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2025-0237 - Updated open-vm-tools package fixes security vulnerability

Mageia Security - 11 Octubre, 2025 - 07:18

Publication date: 11 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-41244 Description It was discovered that open-vm-tools contains a local privilege escalation vulnerability. A malicious actor with non-administrative privileges on a guest VM may exploit this vulnerability to escalate privileges to root on the same VM (CVE-2025-41244). References

SRPMS 9/core

open-vm-tools-12.3.5-2.2.mga9

Categorías: Actualizaciones de Seguridad

MGAA-2025-0083 - Updated qarte package fixes bug

Mageia Security - 11 Octubre, 2025 - 07:18

Publication date: 11 Oct 2025
Type: bugfix
Affected Mageia releases : 9
Description When Qarte is started, the Arte TV window is blank. This update fixes the reported issue. References

SRPMS 9/core

qarte-5.13.0-1.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2025-0236 - Updated microcode packages fix security vulnerabilities

Mageia Security - 10 Octubre, 2025 - 04:12

Publication date: 10 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-20109 , CVE-2025-22840 , CVE-2025-22839 , CVE-2025-20053 , CVE-2025-24305 , CVE-2025-21090 , CVE-2025-26403 , CVE-2025-32086 Description The updated package updates AMD cpu microcode for processor family 19h, adds AMD cpu microcode for processor family 1ah and fixes security vulnerabilities for Intel processors: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel® Processors may allow an authenticated user to potentially enable escalation of privilege via local access. (CVE-2025-20109) Sequence of processor instructions leads to unexpected behavior for some Intel® Xeon® 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access. (CVE-2025-22840) Insufficient granularity of access control in the OOB-MSM for some Intel® Xeon® 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access. (CVE-2025-22839) Improper handling of overlap between protected memory ranges for some Intel® Xeon® 6 processor with Intel® TDX may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2025-22889) Improper buffer restrictions for some Intel® Xeon® Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2025-20053) Insufficient control flow management in the Alias Checking Trusted Module (ACTM) firmware for some Intel® Xeon® processors may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2025-24305) Missing reference to active allocated resource for some Intel® Xeon® processors may allow an authenticated user to potentially enable denial of service via local access. (CVE-2025-21090) Out-of-bounds write in the memory subsystem for some Intel® Xeon® 6 processors when using Intel® SGX or Intel® TDX may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2025-26403) Improperly implemented security check for standard in the DDRIO configuration for some Intel® Xeon® 6 Processors when using Intel® SGX or Intel® TDX may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2025-32086) References

SRPMS 9/nonfree

microcode-0.20250812-1.mga9.nonfree

Categorías: Actualizaciones de Seguridad

MGASA-2025-0235 - Updated kernel, kmod-virtualbox & kmod-xtables-addons packages fix security vulnerabilities

Mageia Security - 10 Octubre, 2025 - 04:12

Publication date: 10 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-38501 , CVE-2025-38553 , CVE-2025-38555 , CVE-2025-38560 , CVE-2025-38561 , CVE-2025-38562 , CVE-2025-38563 , CVE-2025-38565 , CVE-2025-38566 , CVE-2025-38568 , CVE-2025-38569 , CVE-2025-38571 , CVE-2025-38572 , CVE-2025-38574 , CVE-2025-38576 , CVE-2025-38577 , CVE-2025-38578 , CVE-2025-38579 , CVE-2025-38581 , CVE-2025-38583 , CVE-2025-38587 , CVE-2025-38588 , CVE-2025-38590 , CVE-2025-38601 , CVE-2025-38602 , CVE-2025-38604 , CVE-2025-38608 , CVE-2025-38609 , CVE-2025-38610 , CVE-2025-38611 , CVE-2025-38612 , CVE-2025-38615 , CVE-2025-38617 , CVE-2025-38618 , CVE-2025-38622 , CVE-2025-38623 , CVE-2025-38624 , CVE-2025-38625 , CVE-2025-38626 , CVE-2025-38630 , CVE-2025-38632 , CVE-2025-38634 , CVE-2025-38635 , CVE-2025-38639 , CVE-2025-38640 , CVE-2025-38644 , CVE-2025-38645 , CVE-2025-38646 , CVE-2025-38648 , CVE-2025-38650 , CVE-2025-38652 , CVE-2025-38653 , CVE-2025-38656 , CVE-2025-38659 , CVE-2025-38677 , CVE-2025-38679 , CVE-2025-38680 , CVE-2025-38681 , CVE-2025-38683 , CVE-2025-38684 , CVE-2025-38685 , CVE-2025-38687 , CVE-2025-38688 , CVE-2025-38691 , CVE-2025-38692 , CVE-2025-38693 , CVE-2025-38694 , CVE-2025-38695 , CVE-2025-38696 , CVE-2025-38697 , CVE-2025-38698 , CVE-2025-38699 , CVE-2025-38700 , CVE-2025-38701 , CVE-2025-38702 , CVE-2025-38706 , CVE-2025-38707 , CVE-2025-38708 , CVE-2025-38709 , CVE-2025-38711 , CVE-2025-38712 , CVE-2025-38713 , CVE-2025-38714 , CVE-2025-38715 , CVE-2025-38716 , CVE-2025-38718 , CVE-2025-38721 , CVE-2025-38723 , CVE-2025-38724 , CVE-2025-38725 , CVE-2025-38727 , CVE-2025-38728 , CVE-2025-38729 , CVE-2025-38730 , CVE-2025-38732 , CVE-2025-38734 , CVE-2025-38735 , CVE-2025-39673 , CVE-2025-39675 , CVE-2025-39676 , CVE-2025-39679 , CVE-2025-39681 , CVE-2025-39682 , CVE-2025-39683 , CVE-2025-39684 , CVE-2025-39685 , CVE-2025-39686 , CVE-2025-39687 , CVE-2025-39689 , CVE-2025-39691 , CVE-2025-39692 , CVE-2025-39693 , CVE-2025-39694 , CVE-2025-39701 , CVE-2025-39702 , CVE-2025-39703 , CVE-2025-39706 , CVE-2025-39709 , CVE-2025-39710 , CVE-2025-39711 , CVE-2025-39713 , CVE-2025-39714 , CVE-2025-39715 , CVE-2025-39716 , CVE-2025-39718 , CVE-2025-39719 , CVE-2025-39720 , CVE-2025-39721 , CVE-2025-39724 , CVE-2025-39730 , CVE-2025-39731 , CVE-2025-39734 Description Upstream kernel version 6.6.105 fixes bugs and vulnerabilities. The kmod-virtualbox & kmod-xtables-addons packages have been updated to work with this new kernel. The newer meta-task and mageia-repos packages are required to simplify the correct installation of the kernel-stable-userspace-headers (for backport kernel-stable) and back to kernel-userspace-headers (for 6.6 kernels) packages see https://bugs.mageia.org/show_bug.cgi?id=34545. For information about the vulnerabilities see the links. References

SRPMS 9/core

kernel-6.6.105-1.mga9
kmod-virtualbox-7.1.10-10.mga9
kmod-xtables-addons-3.24-86.mga9
mageia-repos-9-4.mga9
meta-task-9-4.mga9

Categorías: Actualizaciones de Seguridad