Lector de Feeds

Publication date: 24 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-6019 Description A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation. However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system. References

• https://bugs.mageia.org/show_bug.cgi?id=34380
• https://www.openwall.com/lists/oss-security/2025/06/17/4
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6019

SRPMS 9/core

• udisks2-2.10.1-1.1.mga9
• libblockdev-3.3.1-1.mga9

Publication date: 24 Jun 2025
Type: bugfix
Affected Mageia releases : 9
Description Current release produces corrupted graphics for gtk4 apps in vulkan renderer, for some Intel hardware. This update fixes the reported issue. References

• https://bugs.mageia.org/show_bug.cgi?id=34328
• https://gitlab.freedesktop.org/mesa/mesa/-/issues/13319

SRPMS 9/core

• mesa-25.0.7-4.mga9

9/tainted

• mesa-25.0.7-4.mga9.tainted

Add skeleton info

New page

== Mass Package Rebuild ==

Before a Mageia release, all packages are branched into a stable branch in SVN and rebuilt from source.

=== Rebuild Process ===

The rebuild is centred on the script https://gitweb.mageia.org/software/infrastructure/release/tree/rebuild-packages

Documentation for the full rebuild process is TBD.

[[Category:Sysadmin]] Danf

‎Package Building: SOP Mass rebuild

← Older revision Revision as of 19:35, 24 June 2025 Line 37: Line 37:  * [[SOP Increase build timeout]] for large packages * [[SOP Increase build timeout]] for large packages  * [[Rebuilding_packages_for_new_perl#Pass_0_for_urpmi:_Filesys-Df.2C_Locale-gettext.2C_URPM_.26_XML-LibXML|Running rebuild_perl_iurt]] (after a perl upgrade) * [[Rebuilding_packages_for_new_perl#Pass_0_for_urpmi:_Filesys-Df.2C_Locale-gettext.2C_URPM_.26_XML-LibXML|Running rebuild_perl_iurt]] (after a perl upgrade)  +* [[SOP Mass rebuild]]  * Cleaning out testing/* packages after a new Mageia release * Cleaning out testing/* packages after a new Mageia release  * [[SysadminExpiredKeys|Updating GPG package signing keys]] (before expiry) * [[SysadminExpiredKeys|Updating GPG package signing keys]] (before expiry) Danf

‎Apprenticeship in progress

← Older revision Revision as of 15:41, 24 June 2025 (One intermediate revision by the same user not shown)Line 193: Line 193:  | Template || Example || [https://ml.mageia.org 2021-02-14] || {{yes|Done}} || [https://bugs.mageia.org {{yes|Done}} || [https://bugs.mageia.org {{yes|Done}} || {{yes|Done}} || 5/5<br>app1<br>app2<br>app3<br>app4<br>app5 || {{yes|Done}} || {{yes|Done}} || 10/10<br>app1 app2<br>app3 app4<br>app5 app6<br>app7 app8<br>app9 app10 || 2021-10-17<br>or<br>[https://ml.mageia.org {{yes|Done}} 2021-02-14] | Template || Example || [https://ml.mageia.org 2021-02-14] || {{yes|Done}} || [https://bugs.mageia.org {{yes|Done}} || [https://bugs.mageia.org {{yes|Done}} || {{yes|Done}} || 5/5<br>app1<br>app2<br>app3<br>app4<br>app5 || {{yes|Done}} || {{yes|Done}} || 10/10<br>app1 app2<br>app3 app4<br>app5 app6<br>app7 app8<br>app9 app10 || 2021-10-17<br>or<br>[https://ml.mageia.org {{yes|Done}} 2021-02-14]  |- |- −|AurelianR    || DavidG ||[https://ml.mageia.org/l/arc/dev/2025-02/msg00006.html 2025-02-04] || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} ||  mingw-libgcrypt<br>ppsspp<br>vowpal-wabbit<br>zh-autoconvert<br>yodl<br>yencode<br>apr-utils<br>(and about a hundred more)|| {{yes|Done}} || {{yes|Done}} || tnef<br>vulkan-memory-allocator<br>dolphin-emu<br>virtuoso-opensource<br>mpich<br>xen<br>vde2+|AurelianR    || DavidG ||[https://ml.mageia.org/l/arc/dev/2025-02/msg00006.html 2025-02-04] || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} ||  mingw-libgcrypt<br>ppsspp<br>vowpal-wabbit<br>zh-autoconvert<br>yodl<br>yencode<br>apr-utils<br>(and about a hundred more)|| {{yes|Done}} || {{yes|Done}} || tnef<br>vulkan-memory-allocator<br>dolphin-emu<br>virtuoso-opensource<br>mpich<br>xen<br>vde2<br>ntk<br>tkgate<br>sugar-artwork<br>fluxbox<br>kde-pdf-servicemenu  |- |-  | katnatek || papoteur || [https://ml.mageia.org/l/arc/dev/2023-10/msg00041.html 2023-10-11] || {{yes|Done}} || {{yes|Done}}  || {{yes|Done}} || {{yes|Done}} || lyx<br>mythtv<br>task-plasma5 (spectacle)<br>obconf<br>pidgin-googlechat || {{yes|Done}}  || {{yes|Done}} || python-setuptools-git-versioning python-sphinxcontrib-jquery whatsie evdi awf-extended   | katnatek || papoteur || [https://ml.mageia.org/l/arc/dev/2023-10/msg00041.html 2023-10-11] || {{yes|Done}} || {{yes|Done}}  || {{yes|Done}} || {{yes|Done}} || lyx<br>mythtv<br>task-plasma5 (spectacle)<br>obconf<br>pidgin-googlechat || {{yes|Done}}  || {{yes|Done}} || python-setuptools-git-versioning python-sphinxcontrib-jquery whatsie evdi awf-extended   Daviddavid

‎Apprenticeship in progress

← Older revision Revision as of 19:09, 23 June 2025 Line 193: Line 193:  | Template || Example || [https://ml.mageia.org 2021-02-14] || {{yes|Done}} || [https://bugs.mageia.org {{yes|Done}} || [https://bugs.mageia.org {{yes|Done}} || {{yes|Done}} || 5/5<br>app1<br>app2<br>app3<br>app4<br>app5 || {{yes|Done}} || {{yes|Done}} || 10/10<br>app1 app2<br>app3 app4<br>app5 app6<br>app7 app8<br>app9 app10 || 2021-10-17<br>or<br>[https://ml.mageia.org {{yes|Done}} 2021-02-14] | Template || Example || [https://ml.mageia.org 2021-02-14] || {{yes|Done}} || [https://bugs.mageia.org {{yes|Done}} || [https://bugs.mageia.org {{yes|Done}} || {{yes|Done}} || 5/5<br>app1<br>app2<br>app3<br>app4<br>app5 || {{yes|Done}} || {{yes|Done}} || 10/10<br>app1 app2<br>app3 app4<br>app5 app6<br>app7 app8<br>app9 app10 || 2021-10-17<br>or<br>[https://ml.mageia.org {{yes|Done}} 2021-02-14]  |- |- −|AurelianR    || DavidG ||[https://ml.mageia.org/l/arc/dev/2025-02/msg00006.html 2025-02-04] || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} ||  mingw-libgcrypt<br>ppsspp<br>vowpal-wabbit<br>zh-autoconvert<br>yodl<br>yencode<br>apr-utils<br>(and about a hundred more)|| {{yes|Done}} || {{yes|Done}} || tnef<br>vulkan-memory-allocator<br>dolphin-emu<br>virtuoso-opensource<br>mpich<br>xen<br>vde2+|AurelianR    || DavidG ||[https://ml.mageia.org/l/arc/dev/2025-02/msg00006.html 2025-02-04] || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} ||  mingw-libgcrypt<br>ppsspp<br>vowpal-wabbit<br>zh-autoconvert<br>yodl<br>yencode<br>apr-utils<br>(and about a hundred more)|| {{yes|Done}} || {{yes|Done}} || tnef<br>vulkan-memory-allocator<br>dolphin-emu<br>virtuoso-opensource<br>mpich<br>xen<br>vde2<br>ntk<br>tkgate<br>sugar-artwork<br>fluxbox  |- |-  | katnatek || papoteur || [https://ml.mageia.org/l/arc/dev/2023-10/msg00041.html 2023-10-11] || {{yes|Done}} || {{yes|Done}}  || {{yes|Done}} || {{yes|Done}} || lyx<br>mythtv<br>task-plasma5 (spectacle)<br>obconf<br>pidgin-googlechat || {{yes|Done}}  || {{yes|Done}} || python-setuptools-git-versioning python-sphinxcontrib-jquery whatsie evdi awf-extended   | katnatek || papoteur || [https://ml.mageia.org/l/arc/dev/2023-10/msg00041.html 2023-10-11] || {{yes|Done}} || {{yes|Done}}  || {{yes|Done}} || {{yes|Done}} || lyx<br>mythtv<br>task-plasma5 (spectacle)<br>obconf<br>pidgin-googlechat || {{yes|Done}}  || {{yes|Done}} || python-setuptools-git-versioning python-sphinxcontrib-jquery whatsie evdi awf-extended   Daviddavid