Lector de Feeds

MGAA-2025-0082 - Updated nvidia-current packages fix bugs

Mageia Security - 9 Septiembre, 2025 - 22:10
Publication date: 09 Sep 2025
Type: bugfix
Affected Mageia releases : 9
Description Fixed a bugregression introduced in 580.65.06 that could cause Vulkan applications to hang on Wayland. Added support for NVIDIA Smooth Motion on GeForce RTX 40 Series GPUs. Fixed a bug that caused /sys/class/drm/.../enabled to always report "disabled" for NVIDIA GPU connectors. References SRPMS 9/nonfree
  • nvidia-current-580.82.07-1.mga9.nonfree

MGASA-2025-0231 - Updated udisks2 packages fix a security vulnerability

Mageia Security - 8 Septiembre, 2025 - 20:35
Publication date: 08 Sep 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-8067 Description Out-of-bounds read in udisks daemon. (CVE-2025-8067) References SRPMS 9/core
  • udisks2-2.10.1-1.2.mga9

MGASA-2025-0230 - Updated postgresql15 & postgresql13 packages fix security vulnerabilities

Mageia Security - 8 Septiembre, 2025 - 20:35
Publication date: 08 Sep 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-8713 , CVE-2025-8714 , CVE-2025-8715 Description PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table. (CVE-2025-8713) PostgreSQL pg_dump lets superuser of origin server execute arbitrary code in psql client. (CVE-2025-8714) PostgreSQL pg_dump newline in object name executes arbitrary code in psql client and in restore target server. (CVE-2025-8715) References SRPMS 9/core
  • postgresql15-15.14-1.mga9
  • postgresql13-13.22-1.mga9

MGASA-2025-0229 - Updated python-django packages fix security vulnerability

Mageia Security - 8 Septiembre, 2025 - 20:35
Publication date: 08 Sep 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-57833 Description Potential SQL injection in FilteredRelation column aliases. (CVE-2025-57833) References SRPMS 9/core
  • python-django-4.1.13-1.6.mga9

MGAA-2025-0081 - Updated haproxy packages fix some bugs

Mageia Security - 8 Septiembre, 2025 - 20:35
Publication date: 08 Sep 2025
Type: bugfix
Affected Mageia releases : 9
Description Haproxy has a few medium and a few minor bugs fixed in the last upstream version 2.8.15 of branch 2.8. Fixed medium bug list: - backend: do not overwrite srv dst address on reuse (2) - backend: fix reuse with set-dst/set-dst-port - clock: make sure now_ms cannot be TICK_ETERNITY - debug: close a possible race between thread dump and panic() - fd: mark FD transferred to another process as FD_CLONED - filters: Handle filters registered on data with no payload callback - h3: trim whitespaces in header value prior to QPACK encoding - h3: trim whitespaces when parsing headers value - hlua/cli: fix cli applet UAF in hlua_applet_wakeup() - hlua: fix hlua_applet_{http,tcp}_fct() yield regression (lost data) - http-ana: Report 502 from req analyzer only during rsp forwarding - htx: wrong count computation in htx_xfer_blks() - mux-quic: do not attach on already closed stream - mux-quic: fix crash on RS/SS emission if already close local - peers: prevent learning expiration too far in futur from unsync node - sample: fix risk of overflow when replacing multiple regex back-refs - spoe: Don't wakeup idle applets in loop during stopping - ssl: chosing correct certificate using RSA-PSS with TLSv1.3 - startup: return to initial cwd only after check_config_validity() - thread: use pthread_self() not ha_pthread[tid] in set_affinity References SRPMS 9/core
  • haproxy-2.8.15-1.mga9
Feed