Actualizaciones de Seguridad
MGASA-2025-0122 - Updated upx packages fix security vulnerability
Publication date: 02 Apr 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-2849 Description UPX p_lx_elf.cpp un_DT_INIT heap-based overflow. (CVE-2025-2849) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-2849 Description UPX p_lx_elf.cpp un_DT_INIT heap-based overflow. (CVE-2025-2849) References
- https://bugs.mageia.org/show_bug.cgi?id=34157
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/4FBRFLGSEHNFULMPARVADU2TACHDQM4L/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2849
- upx-4.2.3-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0121 - Updated zvbi packages fix security vulnerabilities
Publication date: 31 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-2173 , CVE-2025-2174 , CVE-2025-2175 , CVE-2025-2176 , CVE-2025-2177 Description A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbi_strndup_iconv_ucs2 of the file src/conv.c. The manipulation of the argument src_length leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue (CVE-2025-2173). A vulnerability classified as critical has been found in libzvbi up to 0.2.43. This affects the function vbi_capture_sim_load_caption of the file src/io-sim.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue(A vulnerability classified as critical has been found in libzvbi up to 0.2.43. This affects the function vbi_capture_sim_load_caption of the file src/io-sim.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue (CVE-2025-2176). A vulnerability was found in libzvbi up to 0.2.43. It has been rated as problematic. Affected by this issue is the function _vbi_strndup_iconv. The manipulation leads to integer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue (CVE-2025-2175). A vulnerability classified as critical was found in libzvbi up to 0.2.43. This vulnerability affects the function vbi_search_new of the file src/search.c. The manipulation of the argument pat_len leads to integer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue (CVE-2025-2177) A vulnerability was found in libzvbi up to 0.2.43. It has been declared as problematic. Affected by this vulnerability is the function vbi_strndup_iconv_ucs2 of the file src/conv.c. The manipulation of the argument src_length leads to integer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue (CVE-2025-2174). References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-2173 , CVE-2025-2174 , CVE-2025-2175 , CVE-2025-2176 , CVE-2025-2177 Description A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbi_strndup_iconv_ucs2 of the file src/conv.c. The manipulation of the argument src_length leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue (CVE-2025-2173). A vulnerability classified as critical has been found in libzvbi up to 0.2.43. This affects the function vbi_capture_sim_load_caption of the file src/io-sim.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue(A vulnerability classified as critical has been found in libzvbi up to 0.2.43. This affects the function vbi_capture_sim_load_caption of the file src/io-sim.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue (CVE-2025-2176). A vulnerability was found in libzvbi up to 0.2.43. It has been rated as problematic. Affected by this issue is the function _vbi_strndup_iconv. The manipulation leads to integer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue (CVE-2025-2175). A vulnerability classified as critical was found in libzvbi up to 0.2.43. This vulnerability affects the function vbi_search_new of the file src/search.c. The manipulation of the argument pat_len leads to integer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue (CVE-2025-2177) A vulnerability was found in libzvbi up to 0.2.43. It has been declared as problematic. Affected by this vulnerability is the function vbi_strndup_iconv_ucs2 of the file src/conv.c. The manipulation of the argument src_length leads to integer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue (CVE-2025-2174). References
- https://bugs.mageia.org/show_bug.cgi?id=34136
- https://ubuntu.com/security/notices/USN-7367-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2173
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2174
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2175
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2176
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2177
- zvbi-0.2.44-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0120 - Updated mercurial packages fix security vulnerability
Publication date: 31 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-2361 Description Mercurial SCM Web Interface cross site scripting. (CVE-2025-2361) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-2361 Description Mercurial SCM Web Interface cross site scripting. (CVE-2025-2361) References
- https://bugs.mageia.org/show_bug.cgi?id=34129
- https://www.openwall.com/lists/oss-security/2025/03/21/2
- https://lists.mercurial-scm.org/pipermail/mercurial-packaging/2025-March/000754.html
- https://lists.debian.org/debian-security-announce/2025/msg00045.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2361
- mercurial-6.5.1-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0119 - Updated elfutils packages fix security vulnerabilities
Publication date: 31 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-25260 , CVE-2025-1372 , CVE-2025-1377 Description elfutils v0.189 was discovered to contain a NULL pointer dereference via the handle_verdef() function at readelf.c. (CVE-2024-25260) GNU elfutils eu-readelf readelf.c print_string_section buffer overflow. (CVE-2025-1372) GNU elfutils eu-strip strip.c gelf_getsymshndx denial of service. (CVE-2025-1377) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-25260 , CVE-2025-1372 , CVE-2025-1377 Description elfutils v0.189 was discovered to contain a NULL pointer dereference via the handle_verdef() function at readelf.c. (CVE-2024-25260) GNU elfutils eu-readelf readelf.c print_string_section buffer overflow. (CVE-2025-1372) GNU elfutils eu-strip strip.c gelf_getsymshndx denial of service. (CVE-2025-1377) References
- https://bugs.mageia.org/show_bug.cgi?id=34134
- https://ubuntu.com/security/notices/USN-7369-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25260
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1372
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1377
- elfutils-0.189-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0118 - Updated chromium-browser-stable packages fix security vulnerability
Publication date: 27 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-2476 Description Use after free in Lens. (CVE-2025-2476) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-2476 Description Use after free in Lens. (CVE-2025-2476) References
- https://bugs.mageia.org/show_bug.cgi?id=34125
- https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_19.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2476
- chromium-browser-stable-134.0.6998.117-1.mga9.tainted
Categorías: Actualizaciones de Seguridad
MGASA-2025-0117 - Updated dcmtk packages fix security vulnerability
Publication date: 26 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-2357 Description DCMTK dcmjpls JPEG-LS Decoder memory corruption. (CVE-2025-2357) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-2357 Description DCMTK dcmjpls JPEG-LS Decoder memory corruption. (CVE-2025-2357) References
- https://bugs.mageia.org/show_bug.cgi?id=34120
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/4KKPT4TUWSBKUZJOLDBLHRTKHRBW4RIQ/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2357
- dcmtk-3.6.7-4.5.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0116 - Updated radare2 packages fix security vulnerabilities
Publication date: 26 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-56737 , CVE-2025-1744 , CVE-2025-1864 Description Buffer overflow in the HFS parser from grub2. (CVE-2024-56737) Out-of-bounds Write in radare2. (CVE-2025-1744) Buffer Overflow and Potential Code Execution in Radare2. (CVE-2025-1864) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-56737 , CVE-2025-1744 , CVE-2025-1864 Description Buffer overflow in the HFS parser from grub2. (CVE-2024-56737) Out-of-bounds Write in radare2. (CVE-2025-1744) Buffer Overflow and Potential Code Execution in Radare2. (CVE-2025-1864) References
- https://bugs.mageia.org/show_bug.cgi?id=34122
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JESFQCNT2ONAGTVQXEDREBQFC7NUDPEC/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56737
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1744
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1864
- radare2-5.8.8-1.6.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0115 - Updated bluez packages fix security vulnerabilities
Publication date: 26 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-44431 , CVE-2023-51580 , CVE-2023-51589 , CVE-2023-51592 , CVE-2023-51594 , CVE-2023-51596 Description BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. (CVE-2023-44431) BlueZ Audio Profile AVRCP avrcp_parse_attribute_list Out-Of-Bounds Read Information Disclosure Vulnerability. (CVE-2023-51580) BlueZ Audio Profile AVRCP parse_media_element Out-Of-Bounds Read Information Disclosure Vulnerability. (CVE-2023-51589) BlueZ Audio Profile AVRCP parse_media_folder Out-Of-Bounds Read Information Disclosure Vulnerability. (CVE-2023-51592) BlueZ OBEX Library Out-Of-Bounds Read Information Disclosure Vulnerability. (CVE-2023-51594) BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. (CVE-2023-51596) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-44431 , CVE-2023-51580 , CVE-2023-51589 , CVE-2023-51592 , CVE-2023-51594 , CVE-2023-51596 Description BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. (CVE-2023-44431) BlueZ Audio Profile AVRCP avrcp_parse_attribute_list Out-Of-Bounds Read Information Disclosure Vulnerability. (CVE-2023-51580) BlueZ Audio Profile AVRCP parse_media_element Out-Of-Bounds Read Information Disclosure Vulnerability. (CVE-2023-51589) BlueZ Audio Profile AVRCP parse_media_folder Out-Of-Bounds Read Information Disclosure Vulnerability. (CVE-2023-51592) BlueZ OBEX Library Out-Of-Bounds Read Information Disclosure Vulnerability. (CVE-2023-51594) BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. (CVE-2023-51596) References
- https://bugs.mageia.org/show_bug.cgi?id=34123
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6KKJVC5RPR5AMR4ZTMHWP7TATS4SY47/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44431
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51580
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51589
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51592
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51594
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51596
- bluez-5.80-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0114 - Updated ffmpeg packages fix security vulnerability
Publication date: 26 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-12361 Description FFmpeg NULL Pointer Dereference. (CVE-2024-12361) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-12361 Description FFmpeg NULL Pointer Dereference. (CVE-2024-12361) References
- https://bugs.mageia.org/show_bug.cgi?id=34130
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RJNUZFKKYTUNYVVV4IRSNIJAOCMVCKVS/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12361
- ffmpeg-5.1.6-1.5.mga9
- ffmpeg-5.1.6-1.5.mga9.tainted
Categorías: Actualizaciones de Seguridad
MGASA-2025-0113 - Updated wpa_supplicant & hostapd packages fix security vulnerability
Publication date: 24 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-24912 Description hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail. (CVE-2025-24912) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-24912 Description hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail. (CVE-2025-24912) References
- https://bugs.mageia.org/show_bug.cgi?id=34117
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24912
- hostapd-2.11-1.1.mga9
- wpa_supplicant-2.11-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0112 - Updated kernel-linus packages fix security vulnerabilities
Publication date: 24 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-58088 , CVE-2025-21838 , CVE-2025-21844 , CVE-2025-21846 , CVE-2025-21847 , CVE-2025-21848 , CVE-2025-21853 , CVE-2025-21854 , CVE-2025-21855 , CVE-2025-21856 , CVE-2025-21857 , CVE-2025-21858 , CVE-2025-21859 , CVE-2025-21862 , CVE-2025-21863 , CVE-2025-21864 , CVE-2025-21865 , CVE-2025-21866 Description Vanilla upstream kernel version 6.6.83 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-58088 , CVE-2025-21838 , CVE-2025-21844 , CVE-2025-21846 , CVE-2025-21847 , CVE-2025-21848 , CVE-2025-21853 , CVE-2025-21854 , CVE-2025-21855 , CVE-2025-21856 , CVE-2025-21857 , CVE-2025-21858 , CVE-2025-21859 , CVE-2025-21862 , CVE-2025-21863 , CVE-2025-21864 , CVE-2025-21865 , CVE-2025-21866 Description Vanilla upstream kernel version 6.6.83 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links. References
- https://bugs.mageia.org/show_bug.cgi?id=34115
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-58088
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21838
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21844
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21846
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21847
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21848
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21853
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21854
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21855
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21856
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21857
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21858
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21859
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21862
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21863
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21864
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21865
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21866
- kernel-linus-6.6.83-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0111 - Updated kernel, kmod-virtualbox & kmod-xtables-addons packages fix security vulnerabilities
Publication date: 24 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-58088 , CVE-2025-21838 , CVE-2025-21844 , CVE-2025-21846 , CVE-2025-21847 , CVE-2025-21848 , CVE-2025-21853 , CVE-2025-21854 , CVE-2025-21855 , CVE-2025-21856 , CVE-2025-21857 , CVE-2025-21858 , CVE-2025-21859 , CVE-2025-21862 , CVE-2025-21863 , CVE-2025-21864 , CVE-2025-21865 , CVE-2025-21866 Description Upstream kernel version 6.6.83 fixes bugs and vulnerabilities. The kmod-virtualbox and kmod-xtables-addons packages have been updated to work with this new kernel. For information about the vulnerabilities see the links. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-58088 , CVE-2025-21838 , CVE-2025-21844 , CVE-2025-21846 , CVE-2025-21847 , CVE-2025-21848 , CVE-2025-21853 , CVE-2025-21854 , CVE-2025-21855 , CVE-2025-21856 , CVE-2025-21857 , CVE-2025-21858 , CVE-2025-21859 , CVE-2025-21862 , CVE-2025-21863 , CVE-2025-21864 , CVE-2025-21865 , CVE-2025-21866 Description Upstream kernel version 6.6.83 fixes bugs and vulnerabilities. The kmod-virtualbox and kmod-xtables-addons packages have been updated to work with this new kernel. For information about the vulnerabilities see the links. References
- https://bugs.mageia.org/show_bug.cgi?id=34114
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-58088
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21838
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21844
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21846
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21847
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21848
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21853
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21854
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21855
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21856
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21857
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21858
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21859
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21862
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21863
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21864
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21865
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21866
- kernel-6.6.83-1.mga9
- kmod-virtualbox-7.0.24-68.mga9
- kmod-xtables-addons-3.24-74.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0110 - Updated libxslt packages fix security vulnerabilities
Publication date: 22 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-55549 , CVE-2025-24855 Description xsltGetInheritedNsList in libxslt has a use-after-free issue related to exclusion of result prefixes (CVE-2024-55549). numbers.c in libxslt has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal (CVE-2025-24855). References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-55549 , CVE-2025-24855 Description xsltGetInheritedNsList in libxslt has a use-after-free issue related to exclusion of result prefixes (CVE-2024-55549). numbers.c in libxslt has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal (CVE-2025-24855). References
- https://bugs.mageia.org/show_bug.cgi?id=34113
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/ZKCQGOW24ZBKSYCIKDUG4KKITEGCJKY2/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55549
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24855
- libxslt-1.1.38-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0109 - Updated expat packages fix security vulnerability
Publication date: 22 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-8176 Description Improper restriction of xml entity expansion depth in libexpat. (CVE-2024-8176) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-8176 Description Improper restriction of xml entity expansion depth in libexpat. (CVE-2024-8176) References
- https://bugs.mageia.org/show_bug.cgi?id=34111
- https://www.openwall.com/lists/oss-security/2025/03/14/5
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8176
- expat-2.7.0-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0108 - Updated freerdp packages fix security vulnerabilities
Publication date: 21 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-32661 Description FreeRDP rdp_write_logon_info_v1 NULL access. (CVE-2024-32661) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-32661 Description FreeRDP rdp_write_logon_info_v1 NULL access. (CVE-2024-32661) References
- https://bugs.mageia.org/show_bug.cgi?id=34086
- https://ubuntu.com/security/notices/USN-7341-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32661
- freerdp-2.11.7-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2025-0032 - Updated gforth packages fix bug
Publication date: 21 Mar 2025
Type: bugfix
Affected Mageia releases : 9
Description An incorrect path caused gforthmi to fail to operate by default on x86_64 and aarch64. This update fixes the issue. References SRPMS 9/core
Type: bugfix
Affected Mageia releases : 9
Description An incorrect path caused gforthmi to fail to operate by default on x86_64 and aarch64. This update fixes the issue. References SRPMS 9/core
- gforth-0.7.3-10.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0107 - Updated vim packages fix security vulnerability
Publication date: 19 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-29768 Description Vim vulnerable to potential data loss with zip.vim and special crafted zip files. (CVE-2025-29768) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-29768 Description Vim vulnerable to potential data loss with zip.vim and special crafted zip files. (CVE-2025-29768) References
- https://bugs.mageia.org/show_bug.cgi?id=34097
- https://www.openwall.com/lists/oss-security/2025/03/12/4
- https://github.com/vim/vim/security/advisories/GHSA-693p-m996-3rmf
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29768
- vim-9.1.1202-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0106 - Updated mosquitto packages fix security vulnerability
Publication date: 19 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-28366 Description The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-28366 Description The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function. References
- https://bugs.mageia.org/show_bug.cgi?id=34116
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28366
- mosquitto-2.0.21-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0105 - Updated tomcat tomcat packages fix security vulnerabilities
Publication date: 19 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2004-56337 , CVE-2025-24813 Description Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The mitigation for CVE-2024-50379 was incomplete. Users running Tomcat on a case insensitive file system with the default servlet write enabled (readonly initialisation parameter set to the non-default value of false) may need additional configuration to fully mitigate CVE-2024-50379 depending on which version of Java they are using with Tomcat: - running on Java 8 or Java 11: the system property sun.io.useCanonCaches must be explicitly set to false (it defaults to true) - running on Java 17: the system property sun.io.useCanonCaches, if set, must be set to false (it defaults to false) - running on Java 21 onwards: no further configuration is required (the system property and the problematic cache have been removed) Tomcat 11.0.3, 10.1.35 and 9.0.99 onwards will include checks that sun.io.useCanonCaches is set appropriately before allowing the default servlet to be write enabled on a case insensitive file system. Tomcat will also set sun.io.useCanonCaches to false by default where it can. (CVE-2004-56337) Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98. If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files: - writes enabled for the default servlet (disabled by default) - support for partial PUT (enabled by default) - a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads - attacker knowledge of the names of security sensitive files being uploaded - the security sensitive files also being uploaded via partial PUT If all of the following were true, a malicious user was able to perform remote code execution: - writes enabled for the default servlet (disabled by default) - support for partial PUT (enabled by default) - application was using Tomcat's file based session persistence with the default storage location - application included a library that may be leveraged in a deserialization attack Users are recommended to upgrade to version 11.0.3, 10.1.35 or 9.0.99, which fixes the issue (CVE-2025-24813). References
Type: security
Affected Mageia releases : 9
CVE: CVE-2004-56337 , CVE-2025-24813 Description Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The mitigation for CVE-2024-50379 was incomplete. Users running Tomcat on a case insensitive file system with the default servlet write enabled (readonly initialisation parameter set to the non-default value of false) may need additional configuration to fully mitigate CVE-2024-50379 depending on which version of Java they are using with Tomcat: - running on Java 8 or Java 11: the system property sun.io.useCanonCaches must be explicitly set to false (it defaults to true) - running on Java 17: the system property sun.io.useCanonCaches, if set, must be set to false (it defaults to false) - running on Java 21 onwards: no further configuration is required (the system property and the problematic cache have been removed) Tomcat 11.0.3, 10.1.35 and 9.0.99 onwards will include checks that sun.io.useCanonCaches is set appropriately before allowing the default servlet to be write enabled on a case insensitive file system. Tomcat will also set sun.io.useCanonCaches to false by default where it can. (CVE-2004-56337) Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98. If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files: - writes enabled for the default servlet (disabled by default) - support for partial PUT (enabled by default) - a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads - attacker knowledge of the names of security sensitive files being uploaded - the security sensitive files also being uploaded via partial PUT If all of the following were true, a malicious user was able to perform remote code execution: - writes enabled for the default servlet (disabled by default) - support for partial PUT (enabled by default) - application was using Tomcat's file based session persistence with the default storage location - application included a library that may be leveraged in a deserialization attack Users are recommended to upgrade to version 11.0.3, 10.1.35 or 9.0.99, which fixes the issue (CVE-2025-24813). References
- https://bugs.mageia.org/show_bug.cgi?id=34112
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/WQRQ6JSFISH4LSDOH7IDJHNYPKMGUF5X/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-56337
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24813
- tomcat-9.0.102-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0104 - Updated chromium-browser-stable packages fix security vulnerabilities
Publication date: 19 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-1920 , CVE-2025-2135 , CVE-2025-2136 , CVE-2025-2137 Description High CVE-2025-1920: Type Confusion in V8. High CVE-2025-2135: Type Confusion in V8. High CVE-2025-24201: Out of bounds write in GPU on Mac. Medium CVE-2025-2136: Use after free in Inspector. Medium CVE-2025-2137: Out of bounds read in V8. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-1920 , CVE-2025-2135 , CVE-2025-2136 , CVE-2025-2137 Description High CVE-2025-1920: Type Confusion in V8. High CVE-2025-2135: Type Confusion in V8. High CVE-2025-24201: Out of bounds write in GPU on Mac. Medium CVE-2025-2136: Use after free in Inspector. Medium CVE-2025-2137: Out of bounds read in V8. References
- https://bugs.mageia.org/show_bug.cgi?id=34099
- https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1920
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2135
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2136
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2137
- chromium-browser-stable-134.0.6998.88-1.mga9.tainted
Categorías: Actualizaciones de Seguridad
