Lector de Feeds

firejail

← Older revision Revision as of 08:16, 10 December 2025 Line 72: Line 72:     One big advantage with Live is that if the updates or settings foul up (been there), (i.e by glitchy connector) you can boot without the persistence. One big advantage with Live is that if the updates or settings foul up (been there), (i.e by glitchy connector) you can boot without the persistence.  +  +----  +  +We could add the following in the "Tips" section:  +  +- If you have more than 2GBs of RAM available in your old computer, you could install firejail to run certain programs on the RAM. It is significantly faster than the USB stick (especially USB 2.0). But it also means that you will not be able to save almost anything.  +  Example commands:  + "firejail --private falkon"  + "firejail --private firefox"  + "firejail --private --appimage ~/apps/librewolf/LibreWolf.x86_64.AppImage"  +  +[[User:Nikos5446]] Nikos5446

Publication date: 09 Dec 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-13947 , CVE-2025-43421 , CVE-2025-43458 , CVE-2025-66287 Description A website may be able to exfiltrate sensitive system information. Description: The issue was addressed through improved state checks - CVE-2025-13947. Processing maliciously crafted web content may lead to an unexpected process crash. Description: Multiple issues were addressed by disabling array allocation sinking - CVE-2025-43421. Processing maliciously crafted web content may lead to an unexpected process crash. Description: This issue was addressed through improved state management - CVE-2025-43458. Processing maliciously crafted web content may lead to an unexpected process crash. Description: The issue was addressed with improved memory handling - CVE-2025-66287. References

• https://bugs.mageia.org/show_bug.cgi?id=34802
• https://webkitgtk.org/security/WSA-2025-0009.html
• https://webkitgtk.org/2025/12/04/webkitgtk2.50.3-released.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13947
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43421
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43458
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66287

SRPMS 9/core

• webkit2-2.50.3-1.mga9

Publication date: 09 Dec 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-13836 , CVE-2025-13837 , CVE-2025-12084 Description Excessive read buffering DoS in http.client. (CVE-2025-13836) Out-of-memory when loading Plist. (CVE-2025-13837) Quadratic complexity in node ID cache clearing. (CVE-2025-12084) References

• https://bugs.mageia.org/show_bug.cgi?id=34808
• https://www.openwall.com/lists/oss-security/2025/12/05/5
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13836
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13837
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12084

SRPMS 9/core

• python3-3.10.18-1.5.mga9

‎For Qa team:

← Older revision Revision as of 13:20, 9 December 2025 Line 95: Line 95:  * Aussie_matt - Xboxboy - xboxboy dot mageia at gmail dot com * Aussie_matt - Xboxboy - xboxboy dot mageia at gmail dot com    −* papoteur - Yves Brungard - yves.brungard_mageia at gadz dotorg+* papoteur - Yves Brungard - yves.brungard+mageia at gadz dotorg     * tonyb - Tony Blackwell - tablackwell at bigpond dot com * tonyb - Tony Blackwell - tablackwell at bigpond dot com Papoteur

Adding nikos5446

← Older revision Revision as of 12:15, 9 December 2025 Line 121: Line 121:     User:mvt7 User:mvt7  +  +User:nikos5446     User:nmalykh   User:nmalykh   Marja

Publication date: 08 Dec 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-66293 Description LIBPNG has an out-of-bounds read in png_image_read_composite. (CVE-2025-66293) References

• https://bugs.mageia.org/show_bug.cgi?id=34799
• https://www.openwall.com/lists/oss-security/2025/12/03/5
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66293

SRPMS 9/core

• libpng-1.6.38-1.2.mga9