Lector de Feeds
MGASA-2025-0179 - Updated php-adodb packages fix security vulnerability
Publication date: 08 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-46337 Description ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Prior to version 5.22.9, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and calls pg_insert_id() with user-supplied data. This issue has been patched in version 5.22.9 - CVE-2025-46337. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-46337 Description ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Prior to version 5.22.9, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and calls pg_insert_id() with user-supplied data. This issue has been patched in version 5.22.9 - CVE-2025-46337. References
- https://bugs.mageia.org/show_bug.cgi?id=34339
- https://ubuntu.com/security/notices/USN-7530-1
- https://github.com/ADOdb/ADOdb/releases/tag/v5.22.9
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46337
- php-adodb-5.22.9-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0178 - Updated systemd packages fix security vulnerability
Publication date: 08 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-4598 Description Systemd-coredump: race condition that allows a local attacker to crash a suid program and gain read access to the resulting core dump. (CVE-2025-4598) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-4598 Description Systemd-coredump: race condition that allows a local attacker to crash a suid program and gain read access to the resulting core dump. (CVE-2025-4598) References
- https://bugs.mageia.org/show_bug.cgi?id=34331
- https://openwall.com/lists/oss-security/2025/05/29/3
- https://lists.debian.org/debian-security-announce/2025/msg00095.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4598
- systemd-253.33-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0177 - Updated tomcat packages fix security vulnerability
Publication date: 08 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-46701 Description Security constraint bypass for CGI scripts. (CVE-2025-46701) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-46701 Description Security constraint bypass for CGI scripts. (CVE-2025-46701) References
- https://bugs.mageia.org/show_bug.cgi?id=34332
- https://openwall.com/lists/oss-security/2025/05/29/4
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46701
- tomcat-9.0.105-1.mga9
Categorías: Actualizaciones de Seguridad
