Lector de Feeds

← Older revision Revision as of 23:03, 26 March 2025 Line 5: Line 5:  As you can imagine, we are from all over the world so it is impossible to actually meet face to face, so we meet using IRC at [ircs://irc.libera.chat:6697/#mageia-qa #mageia-qa] on Liberachat. As you can imagine, we are from all over the world so it is impossible to actually meet face to face, so we meet using IRC at [ircs://irc.libera.chat:6697/#mageia-qa #mageia-qa] on Liberachat.    −We hold meetings there each week on Thursdays. Meetings once were logged using a meetbot which can create action and info points similar to normal minuted meetings. Logs of the previous meetings can be found [http://meetbot.mageia.org/mageia-qa/ here].  +We hold meetings there on the first and third Thursdays of each month. Meetings once were logged using a meetbot which can create action and info points similar to normal minuted meetings. Logs of the previous meetings can be found [http://meetbot.mageia.org/mageia-qa/ here].       As of june 2021 our meetings have been moved to [ircs://irc.libera.chat:6697/#mageia-meeting #mageia-meeting] and the logs of those meetings can be found [http://meetbot.mageia.org/mageia-meeting/ here]. As of june 2021 our meetings have been moved to [ircs://irc.libera.chat:6697/#mageia-meeting #mageia-meeting] and the logs of those meetings can be found [http://meetbot.mageia.org/mageia-meeting/ here]. Tandrews16

← Older revision Revision as of 23:01, 26 March 2025 Line 35: Line 35:  * [[Your first steps in the QA team|Get involved!]] * [[Your first steps in the QA team|Get involved!]]    −That's it. Really. Somebody will then welcome you to the team. Most of what you need to know to get started is already [[Your first steps in the QA team|here on the wiki]]. It is useful if you can also join us [irc://irc.libera.chat/#mageia-qa #mageia-qa on Libera Chat] where questions can be quickly answered, and [[Sophie|a bot]] can provide useful information on the various Mageia packages. Also, meetings are held there every Thursday.+That's it. Really. Somebody will then welcome you to the team. Most of what you need to know to get started is already [[Your first steps in the QA team|here on the wiki]]. It is useful if you can also join us [irc://irc.libera.chat/#mageia-qa #mageia-qa on Libera Chat] where questions can be quickly answered, and [[Sophie|a bot]] can provide useful information on the various Mageia packages. Also, meetings are held there on the first and third Thursdays of the month. Tandrews16

← Older revision Revision as of 22:57, 26 March 2025 Line 26: Line 26:       −Please try to attend the weekly team meetings which take place [irc://irc.libera.chat/#mageia-qa on IRC] in #mageia-qa on irc.libera.chat every Thursday+Please try to attend the team meetings which take place [irc://irc.libera.chat/#mageia-qa on IRC] in #mageia-qa on irc.libera.chat on the first and third Thursdays of the month.       Tandrews16

Publication date: 26 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-2357 Description DCMTK dcmjpls JPEG-LS Decoder memory corruption. (CVE-2025-2357) References

• https://bugs.mageia.org/show_bug.cgi?id=34120
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/4KKPT4TUWSBKUZJOLDBLHRTKHRBW4RIQ/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2357

SRPMS 9/core

• dcmtk-3.6.7-4.5.mga9

Publication date: 26 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-56737 , CVE-2025-1744 , CVE-2025-1864 Description Buffer overflow in the HFS parser from grub2. (CVE-2024-56737) Out-of-bounds Write in radare2. (CVE-2025-1744) Buffer Overflow and Potential Code Execution in Radare2. (CVE-2025-1864) References

• https://bugs.mageia.org/show_bug.cgi?id=34122
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JESFQCNT2ONAGTVQXEDREBQFC7NUDPEC/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56737
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1744
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1864

SRPMS 9/core

• radare2-5.8.8-1.6.mga9

Publication date: 26 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-44431 , CVE-2023-51580 , CVE-2023-51589 , CVE-2023-51592 , CVE-2023-51594 , CVE-2023-51596 Description BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. (CVE-2023-44431) BlueZ Audio Profile AVRCP avrcp_parse_attribute_list Out-Of-Bounds Read Information Disclosure Vulnerability. (CVE-2023-51580) BlueZ Audio Profile AVRCP parse_media_element Out-Of-Bounds Read Information Disclosure Vulnerability. (CVE-2023-51589) BlueZ Audio Profile AVRCP parse_media_folder Out-Of-Bounds Read Information Disclosure Vulnerability. (CVE-2023-51592) BlueZ OBEX Library Out-Of-Bounds Read Information Disclosure Vulnerability. (CVE-2023-51594) BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. (CVE-2023-51596) References

• https://bugs.mageia.org/show_bug.cgi?id=34123
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6KKJVC5RPR5AMR4ZTMHWP7TATS4SY47/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44431
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51580
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51589
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51592
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51594
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51596

SRPMS 9/core

• bluez-5.80-1.mga9

Publication date: 26 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-12361 Description FFmpeg NULL Pointer Dereference. (CVE-2024-12361) References

• https://bugs.mageia.org/show_bug.cgi?id=34130
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RJNUZFKKYTUNYVVV4IRSNIJAOCMVCKVS/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12361

SRPMS 9/core

• ffmpeg-5.1.6-1.5.mga9

9/tainted

• ffmpeg-5.1.6-1.5.mga9.tainted

Publication date: 24 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-24912 Description hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail. (CVE-2025-24912) References

• https://bugs.mageia.org/show_bug.cgi?id=34117
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24912

SRPMS 9/core

• hostapd-2.11-1.1.mga9
• wpa_supplicant-2.11-1.1.mga9

Publication date: 24 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-58088 , CVE-2025-21838 , CVE-2025-21844 , CVE-2025-21846 , CVE-2025-21847 , CVE-2025-21848 , CVE-2025-21853 , CVE-2025-21854 , CVE-2025-21855 , CVE-2025-21856 , CVE-2025-21857 , CVE-2025-21858 , CVE-2025-21859 , CVE-2025-21862 , CVE-2025-21863 , CVE-2025-21864 , CVE-2025-21865 , CVE-2025-21866 Description Vanilla upstream kernel version 6.6.83 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links. References

• https://bugs.mageia.org/show_bug.cgi?id=34115
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-58088
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21838
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21844
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21846
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21847
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21848
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21853
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21854
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21855
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21856
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21857
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21858
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21859
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21862
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21863
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21864
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21865
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21866

SRPMS 9/core

• kernel-linus-6.6.83-1.mga9

Publication date: 24 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-58088 , CVE-2025-21838 , CVE-2025-21844 , CVE-2025-21846 , CVE-2025-21847 , CVE-2025-21848 , CVE-2025-21853 , CVE-2025-21854 , CVE-2025-21855 , CVE-2025-21856 , CVE-2025-21857 , CVE-2025-21858 , CVE-2025-21859 , CVE-2025-21862 , CVE-2025-21863 , CVE-2025-21864 , CVE-2025-21865 , CVE-2025-21866 Description Upstream kernel version 6.6.83 fixes bugs and vulnerabilities. The kmod-virtualbox and kmod-xtables-addons packages have been updated to work with this new kernel. For information about the vulnerabilities see the links. References

• https://bugs.mageia.org/show_bug.cgi?id=34114
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-58088
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21838
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21844
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21846
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21847
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21848
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21853
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21854
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21855
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21856
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21857
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21858
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21859
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21862
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21863
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21864
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21865
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21866

SRPMS 9/core

• kernel-6.6.83-1.mga9
• kmod-virtualbox-7.0.24-68.mga9
• kmod-xtables-addons-3.24-74.mga9

In Mageia/9/x86_64: Mesa is an OpenGL 4.6 compatible 3D graphics library.

In Mageia/9/aarch64: Mesa is an OpenGL 4.6 compatible 3D graphics library.

In Mageia/9/armv7hl: Mesa is an OpenGL 4.6 compatible 3D graphics library.

In Mageia/9/i586: Mesa is an OpenGL 4.6 compatible 3D graphics library.

In Mageia/cauldron/x86_64: Rachota is a portable application for timetracking different projects. It runs everywhere. It displays time data in diagram form, creates customized reports and invoices or analyses measured data and suggests hints to improve user's time usage. The totally portable yet personal timetracker.

In Mageia/cauldron/i586: Rachota is a portable application for timetracking different projects. It runs everywhere. It displays time data in diagram form, creates customized reports and invoices or analyses measured data and suggests hints to improve user's time usage. The totally portable yet personal timetracker.

In Mageia/cauldron/i586: A program to convert images from PPM format into the control language for the Alps Micro-Dry printers, at various times sold by Citizen, Alps and Okidata. This program drives the Alps Micro-Dry series of printers, including the Citizen Printiva series, Alps MD series, and Oki DP series (but not yet the DP-7000). In the current release, the program drives the standard mode fairly well; the dye sublimation mode very well; and the VPhoto mode reasonably well. It supports all the colours available up to the DP-5000, including the foil colours.

In Mageia/cauldron/x86_64: A program to convert images from PPM format into the control language for the Alps Micro-Dry printers, at various times sold by Citizen, Alps and Okidata. This program drives the Alps Micro-Dry series of printers, including the Citizen Printiva series, Alps MD series, and Oki DP series (but not yet the DP-7000). In the current release, the program drives the standard mode fairly well; the dye sublimation mode very well; and the VPhoto mode reasonably well. It supports all the colours available up to the DP-5000, including the foil colours.