Lector de Feeds

Publication date: 19 Jul 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-53367 Description An out-of-bounds write in the MMRDecoder::scanruns method was fixed. The vulnerability could be exploited to gain code execution on a Linux Desktop system when the user tries to open a crafted document. References

• https://bugs.mageia.org/show_bug.cgi?id=34423
• https://www.openwall.com/lists/oss-security/2025/07/03/1
• https://ubuntu.com/security/notices/USN-7631-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53367

SRPMS 9/core

• djvulibre-3.5.29-1.mga9

Publication date: 17 Jul 2025
Type: bugfix
Affected Mageia releases : 9
Description VBoxManage: Fixed a crash when running 'guestcontrol run' on Windows hosts (bug #22175) Audio: Fixed device switching on Windows hosts (bug #22267) Windows host installer: Fixed multiple installation entries in the 'Add or remove programs' dialog and upgrade issues Linux host: Fixed issue which caused VM Selector process crash due to missing libdl.so and libpthread.so libraries (bug #22193) Linux host: Removed libIDL as a build time dependency when building VirtualBox from source code (bug #21169) Linux guest and host: Added initial support for kernel 6.15 (bug #22420) Linux guest: Added initial support for kernel 6.16-RC0 Linux guest and host: Fixed issue with building modules for UEK8 kernel on Oracle Linux 9 distribution RDP: Fixed issue when it was not possible to paste clipboard buffer into a guest over RDP remote session References

• https://bugs.mageia.org/show_bug.cgi?id=34474
• https://www.virtualbox.org/wiki/Changelog-7.1#v10

SRPMS 9/core

• virtualbox-7.1.10-1.mga9
• kmod-virtualbox-7.1.10-4.mga9