Lector de Feeds

MGAA-2025-0058 - Updated noip packages fix bug

Mageia Security - Hace 13 horas 46 minutos
Publication date: 10 Jun 2025
Type: bugfix
Affected Mageia releases : 9
Description The current version is no longer supported, and does not update the IP direction for your domain in no-ip.com. This update fixes the issue. References SRPMS 9/core
  • noip-3.3.0-1.2.mga9

Using Java applications in Firefox and Chromium browsers

Wiki Mageia - 9 Junio, 2025 - 20:56

Alternative to install

← Older revision Revision as of 19:56, 9 June 2025 Line 27: Line 27:  dpkg -i OpenWebStart_linux_1_11_1.deb   dpkg -i OpenWebStart_linux_1_11_1.deb       +As alternative, for mageia 9, you can install {{prog|openwebstart}} from the [[Ways_to_install_programs#Mageia_enthusiasts|Blogdrake's repository]] (just for 64bit systems)     Installation goes smoothly. Files are installed in /opt Installation goes smoothly. Files are installed in /opt Katnatek
Categorías: Wiki de Mageia

MGASA-2025-0184 - Updated golang packages fix security vulnerabilities

Mageia Security - 9 Junio, 2025 - 19:14
Publication date: 09 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-4673 , CVE-2025-0913 , CVE-2025-22874 Description Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVE-2025-4673. os: inconsistent handling of O_CREATE|O_EXCL on Unix and Windows os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location - CVE-2025-0913. crypto/x509: usage of ExtKeyUsageAny disables policy validation. Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon - CVE-2025-22874. OpenFile now always returns an error when the O_CREATE and O_EXCL flags are both set and the target path is a symlink. References SRPMS 9/core
  • golang-1.24.4-1.mga9

MGASA-2025-0183 - Updated kernel-linus packages fix security vulnerabilities

Mageia Security - 9 Junio, 2025 - 19:14
Publication date: 09 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-37797 , CVE-2025-37799 , CVE-2025-37800 , CVE-2025-37801 , CVE-2025-37803 , CVE-2025-37804 , CVE-2025-37805 , CVE-2025-37808 , CVE-2025-37810 , CVE-2025-37811 , CVE-2025-37812 , CVE-2025-37813 , CVE-2025-37815 , CVE-2025-37817 , CVE-2025-37818 , CVE-2025-37819 , CVE-2025-37820 , CVE-2025-37823 , CVE-2025-37824 , CVE-2025-37828 , CVE-2025-37829 , CVE-2025-37830 , CVE-2025-37831 , CVE-2025-37836 , CVE-2025-37878 , CVE-2025-37879 , CVE-2025-37881 , CVE-2025-37883 , CVE-2025-37884 , CVE-2025-37885 , CVE-2025-37886 , CVE-2025-37887 , CVE-2025-37890 , CVE-2025-37891 , CVE-2025-37897 , CVE-2025-37901 , CVE-2025-37903 , CVE-2025-37905 , CVE-2025-37909 , CVE-2025-37911 , CVE-2025-37912 , CVE-2025-37913 , CVE-2025-37914 , CVE-2025-37915 , CVE-2025-37916 , CVE-2025-37917 , CVE-2025-37918 , CVE-2025-37921 , CVE-2025-37922 , CVE-2025-37923 , CVE-2025-37924 , CVE-2025-37927 , CVE-2025-37928 , CVE-2025-37929 , CVE-2025-37930 , CVE-2025-37932 , CVE-2025-37933 , CVE-2025-37935 , CVE-2025-37936 , CVE-2025-37938 , CVE-2025-37947 , CVE-2025-37948 , CVE-2025-37949 , CVE-2025-37951 , CVE-2025-37952 , CVE-2025-37953 , CVE-2025-37954 , CVE-2025-37956 , CVE-2025-37959 , CVE-2025-37961 , CVE-2025-37962 , CVE-2025-37963 , CVE-2025-37964 , CVE-2025-37969 , CVE-2025-37970 , CVE-2025-37972 , CVE-2025-37973 , CVE-2025-37983 , CVE-2025-37985 , CVE-2025-37988 , CVE-2025-37989 , CVE-2025-37990 , CVE-2025-37991 , CVE-2025-37992 Description Vanilla upstream kernel version 6.6.93 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links. References SRPMS 9/core
  • kernel-linus-6.6.93-1.mga9

MGASA-2025-0182 - Updated kernel, kmod-virtualbox, kmod-xtables-addons, dwarves, libtraceevent, libtracefs, kernel-firmware, kernel-firmware-nonfree, radeon-firmware & wireless-regdb packages fix security vulnerabilities

Mageia Security - 9 Junio, 2025 - 19:14
Publication date: 09 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-37797 , CVE-2025-37799 , CVE-2025-37800 , CVE-2025-37801 , CVE-2025-37803 , CVE-2025-37804 , CVE-2025-37805 , CVE-2025-37808 , CVE-2025-37810 , CVE-2025-37811 , CVE-2025-37812 , CVE-2025-37813 , CVE-2025-37815 , CVE-2025-37817 , CVE-2025-37818 , CVE-2025-37819 , CVE-2025-37820 , CVE-2025-37823 , CVE-2025-37824 , CVE-2025-37828 , CVE-2025-37829 , CVE-2025-37830 , CVE-2025-37831 , CVE-2025-37836 , CVE-2025-37878 , CVE-2025-37879 , CVE-2025-37881 , CVE-2025-37883 , CVE-2025-37884 , CVE-2025-37885 , CVE-2025-37886 , CVE-2025-37887 , CVE-2025-37890 , CVE-2025-37891 , CVE-2025-37897 , CVE-2025-37901 , CVE-2025-37903 , CVE-2025-37905 , CVE-2025-37909 , CVE-2025-37911 , CVE-2025-37912 , CVE-2025-37913 , CVE-2025-37914 , CVE-2025-37915 , CVE-2025-37916 , CVE-2025-37917 , CVE-2025-37918 , CVE-2025-37921 , CVE-2025-37922 , CVE-2025-37923 , CVE-2025-37924 , CVE-2025-37927 , CVE-2025-37928 , CVE-2025-37929 , CVE-2025-37930 , CVE-2025-37932 , CVE-2025-37933 , CVE-2025-37935 , CVE-2025-37936 , CVE-2025-37938 , CVE-2025-37947 , CVE-2025-37948 , CVE-2025-37949 , CVE-2025-37951 , CVE-2025-37952 , CVE-2025-37953 , CVE-2025-37954 , CVE-2025-37956 , CVE-2025-37959 , CVE-2025-37961 , CVE-2025-37962 , CVE-2025-37963 , CVE-2025-37964 , CVE-2025-37969 , CVE-2025-37970 , CVE-2025-37972 , CVE-2025-37973 , CVE-2025-37983 , CVE-2025-37985 , CVE-2025-37988 , CVE-2025-37989 , CVE-2025-37990 , CVE-2025-37991 , CVE-2025-37992 Description Upstream kernel version 6.6.93 fixes bugs and vulnerabilities. The kmod-virtualbox, kmod-xtables-addons, wireless-regdb & firmware packages have been updated to work with this new kernel; some updated build time requirement are here to allow building this kernel version. For information about the vulnerabilities see the links. References SRPMS 9/core
  • kernel-6.6.93-1.mga9
  • kmod-virtualbox-7.1.8-3.mga9
  • kmod-xtables-addons-3.24-80.mga9
  • dwarves-1.30-1.mga9
  • libtraceevent-1.8.4-1.mga9
  • libtracefs-1.8.2-1.mga9
  • kernel-firmware-20250509-1.mga9
  • wireless-regdb-20250220-1.mga9
9/nonfree
  • kernel-firmware-nonfree-20250509-1.mga9.nonfree
  • radeon-firmware-20250509-1.mga9.nonfree

MGASA-2025-0181 - Updated cockpit packages fix security vulnerability & bug

Mageia Security - 9 Junio, 2025 - 19:14
Publication date: 09 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-6126 Description Mageia's internal bug: In the current version you can't login in the web interface with firefox or chromium-browser packaged by Mageia. This update fixes the issue, but it is reported that could need to reboot and clear cookies from your browser. A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pam_env's user_readenv option, which leads to a denial of service (DoS) attack - CVE-2024-6126. Please note that you need to edit /etc/nsswitch.conf as recommended in https://bugs.mageia.org/show_bug.cgi?id=33368#c18. References SRPMS 9/core
  • cockpit-338-1.6.mga9

MGAA-2025-0057 - Updated bluez packages fix bug

Mageia Security - 9 Junio, 2025 - 19:14
Publication date: 09 Jun 2025
Type: bugfix
Affected Mageia releases : 9
Description Since the update of bluez to 5.80 devices like mouse/keyboard do not reconnect after suspend or reboot. Only repairing helps to make them work. References SRPMS 9/core
  • bluez-5.82-1.mga9
Feed