Lector de Feeds
MGASA-2025-0252 - Updated libtiff packages fix security vulnerabilities
Publication date: 31 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-13978 , CVE-2025-8176 , CVE-2025-8177 , CVE-2025-8534 , CVE-2025-8961 , CVE-2025-9165 , CVE-2025-9900 Description LibTIFF fax2ps tiff2pdf.c t2p_read_tiff_init null pointer dereference. (CVE-2024-13978) LibTIFF tiffmedian.c get_histogram use after free. (CVE-2025-8176) LibTIFF thumbnail.c setrow buffer overflow. (CVE-2025-8177) libtiff tiff2ps tiff2ps.c PS_Lvl2page null pointer dereference. (CVE-2025-8534) LibTIFF tiffcrop tiffcrop.c main memory corruption. (CVE-2025-8961) LibTIFF tiffcmp tiffcmp.c InitCCITTFax3 memory leak. (CVE-2025-9165) Libtiff: libtiff write-what-where. (CVE-2025-9900) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-13978 , CVE-2025-8176 , CVE-2025-8177 , CVE-2025-8534 , CVE-2025-8961 , CVE-2025-9165 , CVE-2025-9900 Description LibTIFF fax2ps tiff2pdf.c t2p_read_tiff_init null pointer dereference. (CVE-2024-13978) LibTIFF tiffmedian.c get_histogram use after free. (CVE-2025-8176) LibTIFF thumbnail.c setrow buffer overflow. (CVE-2025-8177) libtiff tiff2ps tiff2ps.c PS_Lvl2page null pointer dereference. (CVE-2025-8534) LibTIFF tiffcrop tiffcrop.c main memory corruption. (CVE-2025-8961) LibTIFF tiffcmp tiffcmp.c InitCCITTFax3 memory leak. (CVE-2025-9165) Libtiff: libtiff write-what-where. (CVE-2025-9900) References
- https://bugs.mageia.org/show_bug.cgi?id=34704
- https://lists.debian.org/debian-security-announce/2025/msg00189.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13978
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8176
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8177
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8534
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8961
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9165
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9900
- libtiff-4.5.1-1.6.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0251 - Updated poppler packages fix security vulnerability
Publication date: 29 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-52885 Description Use After Free (UAF) in Poppler. (CVE-2025-52885) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-52885 Description Use After Free (UAF) in Poppler. (CVE-2025-52885) References
- https://bugs.mageia.org/show_bug.cgi?id=34668
- https://www.openwall.com/lists/oss-security/2025/10/13/2
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52885
- poppler-23.02.0-1.8.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0250 - Updated tomcat packages fix security vulnerabilities
Publication date: 29 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-55752 , CVE-2025-55754 , CVE-2025-61795 Description Directory traversal via rewrite with possible RCE if PUT is enabled. (CVE-2025-55752) Console manipulation via escape sequences in log messages. (CVE-2025-55754) Delayed cleaning of multi-part upload temporary files may lead to DoS. (CVE-2025-61795) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-55752 , CVE-2025-55754 , CVE-2025-61795 Description Directory traversal via rewrite with possible RCE if PUT is enabled. (CVE-2025-55752) Console manipulation via escape sequences in log messages. (CVE-2025-55754) Delayed cleaning of multi-part upload temporary files may lead to DoS. (CVE-2025-61795) References
- https://bugs.mageia.org/show_bug.cgi?id=34699
- https://www.openwall.com/lists/oss-security/2025/10/27/4
- https://www.openwall.com/lists/oss-security/2025/10/27/5
- https://www.openwall.com/lists/oss-security/2025/10/27/6
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55752
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55754
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61795
- tomcat-9.0.111-1.mga9
Categorías: Actualizaciones de Seguridad
