Lector de Feeds
Mageia 9 Errata
Various software: neochat
← Older revision Revision as of 23:46, 12 March 2025 Line 358: Line 358: {{Bug|33330}} - '''aegisub crashes at start in wayland session. - WORKAROUND:''' Start it from command line this way: {{cmd|<nowiki>env GDK_BACKEND=x11 aegisub</nowiki>}}. {{Bug|33330}} - '''aegisub crashes at start in wayland session. - WORKAROUND:''' Start it from command line this way: {{cmd|<nowiki>env GDK_BACKEND=x11 aegisub</nowiki>}}. + +'''FIXED''' {{Bug|33366}} - After 1st run '''neochat''' in light desktops can't start session once you quit from application icon in taskbar, its fixed but if you already bite by this you note still can't star session, I hope you have your account data because you need to remove + ~/.local/share/KDE/neochat + ~/.config/neochatrc + ~/.config/KDE/neochat.conf + ~/.cache/KDE/neochat + +Also if you have some preference in password manager application ({{prog|gnome-keyring}} , {{prog|kwalletmanager}}, {{prog|keepassxc}}) please install before the update and for [https://bugs.mageia.org/show_bug.cgi?id=32712#c18 kwallet] and keepassxc you have to make some configurations. {{Bug|33697}} - '''Nextcloud client''' - We fail to keep it updated. Instead, upstream AppImage can be used, see [[Nextcloud-client]]. {{Bug|33697}} - '''Nextcloud client''' - We fail to keep it updated. Instead, upstream AppImage can be used, see [[Nextcloud-client]]. Katnatek
Categorías: Wiki de Mageia
MGASA-2025-0095 - Updated python-django packages fix security vulnerability
Publication date: 12 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-26699 Description An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2.20. The django.utils.text.wrap() method and wordwrap template filter are subject to a potential denial-of-service attack when used with very long strings. (CVE-2025-26699) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-26699 Description An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2.20. The django.utils.text.wrap() method and wordwrap template filter are subject to a potential denial-of-service attack when used with very long strings. (CVE-2025-26699) References
- https://bugs.mageia.org/show_bug.cgi?id=34073
- https://ubuntu.com/security/notices/USN-7335-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
- python-django-4.1.13-1.3.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0094 - Updated python-jinja2 packages fix security vulnerability
Publication date: 12 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-27516 Description Jinja sandbox breakout through attr filter selecting format method. (CVE-2025-27516) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-27516 Description Jinja sandbox breakout through attr filter selecting format method. (CVE-2025-27516) References
- https://bugs.mageia.org/show_bug.cgi?id=34081
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MUH4YM6G3UIVK2776BABUYJKVIBPTUT5/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27516
- python-jinja2-3.1.6-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0093 - Updated thunderbird thunderbird-l10n packages fix security vulnerabilities
Publication date: 12 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-43097 , CVE-2025-1931 , CVE-2025-1932 , CVE-2025-1933 , CVE-2025-1934 , CVE-2025-1935 , CVE-2025-1936 , CVE-2025-1937 , CVE-2025-1938 Description CVE-2024-43097: Overflow when growing an SkRegion's RunArray CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the Browser process CVE-2025-1931: Use-after-free in WebTransportChild CVE-2025-1932: Inconsistent comparator in XSLT sorting led to out-of-bounds access CVE-2025-1933: JIT corruption of WASM i32 return values on 64-bit CPUs CVE-2025-1934: Unexpected GC during RegExp bailout processing CVE-2025-1935: Clickjacking the registerProtocolHandler info-bar CVE-2025-1936: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents CVE-2025-1937: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21, Firefox ESR 128.8, and Thunderbird 128.8 CVE-2025-1938: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8 References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-43097 , CVE-2025-1931 , CVE-2025-1932 , CVE-2025-1933 , CVE-2025-1934 , CVE-2025-1935 , CVE-2025-1936 , CVE-2025-1937 , CVE-2025-1938 Description CVE-2024-43097: Overflow when growing an SkRegion's RunArray CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the Browser process CVE-2025-1931: Use-after-free in WebTransportChild CVE-2025-1932: Inconsistent comparator in XSLT sorting led to out-of-bounds access CVE-2025-1933: JIT corruption of WASM i32 return values on 64-bit CPUs CVE-2025-1934: Unexpected GC during RegExp bailout processing CVE-2025-1935: Clickjacking the registerProtocolHandler info-bar CVE-2025-1936: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents CVE-2025-1937: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21, Firefox ESR 128.8, and Thunderbird 128.8 CVE-2025-1938: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8 References
- https://bugs.mageia.org/show_bug.cgi?id=34065
- https://www.thunderbird.net/en-US/thunderbird/128.8.0esr/releasenotes/
- https://www.mozilla.org/en-US/security/advisories/mfsa2025-18/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43097
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1931
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1932
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1933
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1934
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1935
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1936
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1937
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1938
- thunderbird-128.8.0-1.mga9
- thunderbird-l10n-128.8.0-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0092 - Updated firefox & nss packages fix security vulnerabilities
Publication date: 12 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-43097 , CVE-2025-1931 , CVE-2025-1932 , CVE-2025-1933 , CVE-2025-1934 , CVE-2025-1935 , CVE-2025-1936 , CVE-2025-1937 , CVE-2025-1938 Description CVE-2024-43097: Overflow when growing an SkRegion's RunArray CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the Browser process CVE-2025-1931: Use-after-free in WebTransportChild CVE-2025-1932: Inconsistent comparator in XSLT sorting led to out-of-bounds access CVE-2025-1933: JIT corruption of WASM i32 return values on 64-bit CPUs CVE-2025-1934: Unexpected GC during RegExp bailout processing CVE-2025-1935: Clickjacking the registerProtocolHandler info-bar CVE-2025-1936: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents CVE-2025-1937: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21, Firefox ESR 128.8, and Thunderbird 128.8 CVE-2025-1938: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8 References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-43097 , CVE-2025-1931 , CVE-2025-1932 , CVE-2025-1933 , CVE-2025-1934 , CVE-2025-1935 , CVE-2025-1936 , CVE-2025-1937 , CVE-2025-1938 Description CVE-2024-43097: Overflow when growing an SkRegion's RunArray CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the Browser process CVE-2025-1931: Use-after-free in WebTransportChild CVE-2025-1932: Inconsistent comparator in XSLT sorting led to out-of-bounds access CVE-2025-1933: JIT corruption of WASM i32 return values on 64-bit CPUs CVE-2025-1934: Unexpected GC during RegExp bailout processing CVE-2025-1935: Clickjacking the registerProtocolHandler info-bar CVE-2025-1936: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents CVE-2025-1937: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21, Firefox ESR 128.8, and Thunderbird 128.8 CVE-2025-1938: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8 References
- https://bugs.mageia.org/show_bug.cgi?id=34064
- https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_109.html
- https://www.mozilla.org/en-US/firefox/128.8.0/releasenotes/
- https://www.mozilla.org/en-US/security/advisories/mfsa2025-16/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43097
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1931
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1932
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1933
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1934
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1935
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1936
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1937
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1938
- firefox-128.8.0-1.mga9
- firefox-l10n-128.8.0-1.mga9
- nss-3.109.0-1.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2025-0026 - Updated neochat packages fix bug
Publication date: 12 Mar 2025
Type: bugfix
Affected Mageia releases : 9
Description To fully work on some light desktops, neochat needs to require a password management application. This update fixes the issue. References SRPMS 9/core
Type: bugfix
Affected Mageia releases : 9
Description To fully work on some light desktops, neochat needs to require a password management application. This update fixes the issue. References SRPMS 9/core
- neochat-23.04.3-1.2.mga9
Categorías: Actualizaciones de Seguridad
