Lector de Feeds
MGASA-2025-0160 - Updated microcode packages fix security vulnerabilities
Publication date: 23 May 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-28956 , CVE-2025-20103 , CVE-2025-20054 , CVE-2024-43420 , CVE-2025-20623 , CVE-2024-45332 , CVE-2025-24495 , CVE-2025-20012 Description Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2024-28956) Insufficient resource pool in the core management mechanism for some Intel® Processors may allow an authenticated user to potentially enable denial of service via local access. (CVE-2025-20103) Uncaught exception in the core management mechanism for some Intel® Processors may allow an authenticated user to potentially enable denial of service via local access. (CVE-2025-20054) Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Atom® processors may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2024-43420) Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel® Core™ processors (10th Generation) may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2025-20623) Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2024-45332) Incorrect initialization of resource in the branch prediction unit for some Intel® Core™ Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2025-24495) Incorrect behavior order for some Intel® Core™ Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access. (CVE-2025-20012) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-28956 , CVE-2025-20103 , CVE-2025-20054 , CVE-2024-43420 , CVE-2025-20623 , CVE-2024-45332 , CVE-2025-24495 , CVE-2025-20012 Description Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2024-28956) Insufficient resource pool in the core management mechanism for some Intel® Processors may allow an authenticated user to potentially enable denial of service via local access. (CVE-2025-20103) Uncaught exception in the core management mechanism for some Intel® Processors may allow an authenticated user to potentially enable denial of service via local access. (CVE-2025-20054) Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Atom® processors may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2024-43420) Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel® Core™ processors (10th Generation) may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2025-20623) Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2024-45332) Incorrect initialization of resource in the branch prediction unit for some Intel® Core™ Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2025-24495) Incorrect behavior order for some Intel® Core™ Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access. (CVE-2025-20012) References
- https://bugs.mageia.org/show_bug.cgi?id=34279
- https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250512
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28956
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20103
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20054
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43420
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20623
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45332
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24495
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20012
- microcode-0.20250512-1.mga9.nonfree
Categorías: Actualizaciones de Seguridad
MGASA-2025-0159 - Updated chromium-browser-stable packages fix security vulnerabilities
Publication date: 23 May 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-4096 , CVE-2025-4050 , CVE-2025-4051 , CVE-2025-4052 , CVE-2025-4372 , CVE-2025-4664 , CVE-2025-4609 Description Heap buffer overflow in HTML. (CVE-2025-4096) Out of bounds memory access in DevTools. (CVE-2025-4050) Insufficient data validation in DevTools. (CVE-2025-4051) Inappropriate implementation in DevTools. (CVE-2025-4052) Use after free in WebAudio. (CVE-2025-4372) Insufficient policy enforcement in Loader. (CVE-2025-4664) Incorrect handle provided in unspecified circumstances in Mojo. (CVE-2025-4609) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-4096 , CVE-2025-4050 , CVE-2025-4051 , CVE-2025-4052 , CVE-2025-4372 , CVE-2025-4664 , CVE-2025-4609 Description Heap buffer overflow in HTML. (CVE-2025-4096) Out of bounds memory access in DevTools. (CVE-2025-4050) Insufficient data validation in DevTools. (CVE-2025-4051) Inappropriate implementation in DevTools. (CVE-2025-4052) Use after free in WebAudio. (CVE-2025-4372) Insufficient policy enforcement in Loader. (CVE-2025-4664) Incorrect handle provided in unspecified circumstances in Mojo. (CVE-2025-4609) References
- https://bugs.mageia.org/show_bug.cgi?id=34235
- https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_29.html
- https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop.html
- https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_14.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4096
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4050
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4051
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4052
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4372
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4664
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4609
- chromium-browser-stable-136.0.7103.113-1.mga9.tainted
Categorías: Actualizaciones de Seguridad
MGAA-2025-0054 - Updated elisa packages fix bug
Publication date: 23 May 2025
Type: bugfix
Affected Mageia releases : 9
Description A missing runtime requirement meant that elisa couldn't play web radio stations. This update fixes the issue. References SRPMS 9/core
Type: bugfix
Affected Mageia releases : 9
Description A missing runtime requirement meant that elisa couldn't play web radio stations. This update fixes the issue. References SRPMS 9/core
- elisa-23.04.3-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2025-0053 - Updated mesa packages fix bugs
Publication date: 23 May 2025
Type: bugfix
Affected Mageia releases : 9
Description In SkinDeep, GL_LINES causes GL_INVALID_OPERATION with radeonsi and llvmpipe radv: UB and artifacts when copying a `COMBINED_IMAGE_SAMPLER` with an immutable sampler RADV: Dynamic state multiple viewport corruption [drm:amdgpu_uvd_cs_pass2 [amdgpu]] *ERROR* )Handle 0x48780001 already in use! glGetInternalformativ returns incorrect information for GL_STENCIL_INDEX8 RadeonSI: Psychonauts rendering regression since !29895 [r600g] Rejected CS when using dolphin’s GPU texture decoder radeonsi: Assertion `src_bit_size == bit_size’ failed. when running without MESA_GLSL_DISABLE_IO_OPT=1 radeonsi vdpau + Packed YUY2 = assert Indiana Jones and The Great Circle, Graphical corruption on 9070 XT. glPushAttrib/glPopAttrib broken with glColorMaterial and ligthing radv: Flickering in Kingdom Come: Deliverance II RADV regression causes severe glitches in Hunt Showdown 1896 on Polaris Z-Fighting in Tomb Raider IV - VI Remastered Linux RADV:RX 9070:Mesa-25.0.5 GTA 5 Enhanced GPU HANG [anv] VK_ERROR_DEVICE_LOST on Linux 6.13.8 while playing Dota 2 on Intel Graphics References SRPMS 9/core
Type: bugfix
Affected Mageia releases : 9
Description In SkinDeep, GL_LINES causes GL_INVALID_OPERATION with radeonsi and llvmpipe radv: UB and artifacts when copying a `COMBINED_IMAGE_SAMPLER` with an immutable sampler RADV: Dynamic state multiple viewport corruption [drm:amdgpu_uvd_cs_pass2 [amdgpu]] *ERROR* )Handle 0x48780001 already in use! glGetInternalformativ returns incorrect information for GL_STENCIL_INDEX8 RadeonSI: Psychonauts rendering regression since !29895 [r600g] Rejected CS when using dolphin’s GPU texture decoder radeonsi: Assertion `src_bit_size == bit_size’ failed. when running without MESA_GLSL_DISABLE_IO_OPT=1 radeonsi vdpau + Packed YUY2 = assert Indiana Jones and The Great Circle, Graphical corruption on 9070 XT. glPushAttrib/glPopAttrib broken with glColorMaterial and ligthing radv: Flickering in Kingdom Come: Deliverance II RADV regression causes severe glitches in Hunt Showdown 1896 on Polaris Z-Fighting in Tomb Raider IV - VI Remastered Linux RADV:RX 9070:Mesa-25.0.5 GTA 5 Enhanced GPU HANG [anv] VK_ERROR_DEVICE_LOST on Linux 6.13.8 while playing Dota 2 on Intel Graphics References SRPMS 9/core
- mesa-25.0.6-2.mga9
- mesa-25.0.6-2.mga9.tainted
Categorías: Actualizaciones de Seguridad
MGAA-2025-0052 - Updated purple-discord packages fix bug
Publication date: 23 May 2025
Type: bugfix
Affected Mageia releases : 9
Description The developer has fixed many bugs since our current release. This update provides the latest commit. References SRPMS 9/core
Type: bugfix
Affected Mageia releases : 9
Description The developer has fixed many bugs since our current release. This update provides the latest commit. References SRPMS 9/core
- purple-discord-0-1.20250517git99a5f5f.mga9
Categorías: Actualizaciones de Seguridad
Becoming a Mageia Packager
Aurelian R
← Older revision Revision as of 12:03, 23 May 2025 (One intermediate revision by the same user not shown)Line 194: Line 194: | Template || Example || [https://ml.mageia.org 2021-02-14] || {{yes|Done}} || [https://bugs.mageia.org {{yes|Done}} || [https://bugs.mageia.org {{yes|Done}} || {{yes|Done}} || 5/5<br>app1<br>app2<br>app3<br>app4<br>app5 || {{yes|Done}} || {{yes|Done}} || 10/10<br>app1 app2<br>app3 app4<br>app5 app6<br>app7 app8<br>app9 app10 || 2021-10-17<br>or<br>[https://ml.mageia.org {{yes|Done}} 2021-02-14] | Template || Example || [https://ml.mageia.org 2021-02-14] || {{yes|Done}} || [https://bugs.mageia.org {{yes|Done}} || [https://bugs.mageia.org {{yes|Done}} || {{yes|Done}} || 5/5<br>app1<br>app2<br>app3<br>app4<br>app5 || {{yes|Done}} || {{yes|Done}} || 10/10<br>app1 app2<br>app3 app4<br>app5 app6<br>app7 app8<br>app9 app10 || 2021-10-17<br>or<br>[https://ml.mageia.org {{yes|Done}} 2021-02-14] |- |- −| katnatek || papoteur || [https://ml.mageia.org/l/arc/dev/2023-10/msg00041.html 2023-10-11] || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} || lyx<br>mythtv<br>task-plasma5 (spectacle)<br>obconf<br>pidgin-googlechat || {{yes|Done}} || {{yes|Done}} ||python-setuptools-git-versioning+|AurelianR || DavidG ||[https://ml.mageia.org/l/arc/dev/2025-02/msg00006.html 2025-02-04] || || || || || || || || −python-sphinxcontrib-jquery whatsie+|- −evdi+| katnatek || papoteur || [https://ml.mageia.org/l/arc/dev/2023-10/msg00041.html 2023-10-11] || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} || lyx<br>mythtv<br>task-plasma5 (spectacle)<br>obconf<br>pidgin-googlechat || {{yes|Done}} || {{yes|Done}} || python-setuptools-git-versioning python-sphinxcontrib-jquery whatsie evdi awf-extended −awf-extended+|| [https://ml.mageia.org/l/arc/dev/2025-03/msg00058.html Done 2025-03-13] −|| |- |- |marja || doktor5000 || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} || 5/5<br>? || {{yes|Done}} || || || |marja || doktor5000 || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} || 5/5<br>? || {{yes|Done}} || || || Papoteur
Categorías: Wiki de Mageia
