Principal

Lector de Feeds

MGASA-2025-0181 - Updated cockpit packages fix security vulnerability & bug

Mageia Security - 9 Junio, 2025 - 19:14
Publication date: 09 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-6126 Description Mageia's internal bug: In the current version you can't login in the web interface with firefox or chromium-browser packaged by Mageia. This update fixes the issue, but it is reported that could need to reboot and clear cookies from your browser. A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pam_env's user_readenv option, which leads to a denial of service (DoS) attack - CVE-2024-6126. Please note that you need to edit /etc/nsswitch.conf as recommended in https://bugs.mageia.org/show_bug.cgi?id=33368#c18. References SRPMS 9/core
  • cockpit-338-1.6.mga9
Categorías: Actualizaciones de Seguridad

MGAA-2025-0057 - Updated bluez packages fix bug

Mageia Security - 9 Junio, 2025 - 19:14
Publication date: 09 Jun 2025
Type: bugfix
Affected Mageia releases : 9
Description Since the update of bluez to 5.80 devices like mouse/keyboard do not reconnect after suspend or reboot. Only repairing helps to make them work. References SRPMS 9/core
  • bluez-5.82-1.mga9
Categorías: Actualizaciones de Seguridad

Re: [dev] VirtualBox borked in current cauldron - ftg@roadrunner.com

Mageia Cauldron - 9 Junio, 2025 - 14:38

[dev] VirtualBox borked in current cauldron - ftg@roadrunner.com

Mageia Cauldron - 9 Junio, 2025 - 14:11

Re: [dev] [sysadmin-discuss] Robot mitigation on web servers - liam@holoweb.net

Mageia Cauldron - 8 Junio, 2025 - 23:24

Re: [dev] [sysadmin-discuss] Robot mitigation on web servers - j.alberto.vc@gmail.com

Mageia Cauldron - 8 Junio, 2025 - 22:39

Re: [dev] initial kea package - mhrambo3501@posteo.net

Mageia Cauldron - 8 Junio, 2025 - 21:07

Re: [dev] Fwd: Rebuild failed on i586 for @2189933:noip-3.3.0-1.mga9.src.rpm - j.alberto.vc@gmail.com

Mageia Cauldron - 8 Junio, 2025 - 19:19

Re: [dev] Fwd: Rebuild failed on i586 for @2189933:noip-3.3.0-1.mga9.src.rpm - j.alberto.vc@gmail.com

Mageia Cauldron - 8 Junio, 2025 - 19:18

Re: [dev] Fwd: Rebuild failed on i586 for @2189933:noip-3.3.0-1.mga9.src.rpm - wally@mageia.org

Mageia Cauldron - 8 Junio, 2025 - 19:09

Re: [dev] Fwd: Rebuild failed on i586 for @2189933:noip-3.3.0-1.mga9.src.rpm - pterjan@gmail.com

Mageia Cauldron - 8 Junio, 2025 - 16:51

Re: [dev] Fwd: Rebuild failed on i586 for @2189933:noip-3.3.0-1.mga9.src.rpm - wally@mageia.org

Mageia Cauldron - 8 Junio, 2025 - 16:35

Re: [dev] Fwd: Rebuild failed on i586 for @2189933:noip-3.3.0-1.mga9.src.rpm - wally@mageia.org

Mageia Cauldron - 8 Junio, 2025 - 16:10

Re: [dev] Fwd: Rebuild failed on i586 for @2189933:noip-3.3.0-1.mga9.src.rpm - pterjan@gmail.com

Mageia Cauldron - 8 Junio, 2025 - 15:51

Re: [dev] Fwd: Rebuild failed on i586 for @2189933:noip-3.3.0-1.mga9.src.rpm - pterjan@gmail.com

Mageia Cauldron - 8 Junio, 2025 - 15:39

Re: [dev] [sysadmin-discuss] Robot mitigation on web servers - andrewsfarm@gmail.com

Mageia Cauldron - 8 Junio, 2025 - 14:21

MGASA-2025-0179 - Updated php-adodb packages fix security vulnerability

Mageia Security - 8 Junio, 2025 - 07:22
Publication date: 08 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-46337 Description ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Prior to version 5.22.9, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and calls pg_insert_id() with user-supplied data. This issue has been patched in version 5.22.9 - CVE-2025-46337. References SRPMS 9/core
  • php-adodb-5.22.9-1.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2025-0178 - Updated systemd packages fix security vulnerability

Mageia Security - 8 Junio, 2025 - 07:22
Publication date: 08 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-4598 Description Systemd-coredump: race condition that allows a local attacker to crash a suid program and gain read access to the resulting core dump. (CVE-2025-4598) References SRPMS 9/core
  • systemd-253.33-1.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2025-0177 - Updated tomcat packages fix security vulnerability

Mageia Security - 8 Junio, 2025 - 07:22
Publication date: 08 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-46701 Description Security constraint bypass for CGI scripts. (CVE-2025-46701) References SRPMS 9/core
  • tomcat-9.0.105-1.mga9
Categorías: Actualizaciones de Seguridad

Re: [dev] [sysadmin-discuss] Robot mitigation on web servers - dan@coneharvesters.com

Mageia Cauldron - 8 Junio, 2025 - 07:11
Feed