Lector de Feeds
MGAA-2025-0082 - Updated nvidia-current packages fix bugs
Publication date: 09 Sep 2025
Type: bugfix
Affected Mageia releases : 9
Description Fixed a bugregression introduced in 580.65.06 that could cause Vulkan applications to hang on Wayland. Added support for NVIDIA Smooth Motion on GeForce RTX 40 Series GPUs. Fixed a bug that caused /sys/class/drm/.../enabled to always report "disabled" for NVIDIA GPU connectors. References SRPMS 9/nonfree
Type: bugfix
Affected Mageia releases : 9
Description Fixed a bugregression introduced in 580.65.06 that could cause Vulkan applications to hang on Wayland. Added support for NVIDIA Smooth Motion on GeForce RTX 40 Series GPUs. Fixed a bug that caused /sys/class/drm/.../enabled to always report "disabled" for NVIDIA GPU connectors. References SRPMS 9/nonfree
- nvidia-current-580.82.07-1.mga9.nonfree
Categorías: Actualizaciones de Seguridad
MGASA-2025-0231 - Updated udisks2 packages fix a security vulnerability
Publication date: 08 Sep 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-8067 Description Out-of-bounds read in udisks daemon. (CVE-2025-8067) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-8067 Description Out-of-bounds read in udisks daemon. (CVE-2025-8067) References
- https://bugs.mageia.org/show_bug.cgi?id=34602
- https://www.openwall.com/lists/oss-security/2025/08/28/1
- https://www.openwall.com/lists/oss-security/2025/08/28/4
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8067
- udisks2-2.10.1-1.2.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0230 - Updated postgresql15 & postgresql13 packages fix security vulnerabilities
Publication date: 08 Sep 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-8713 , CVE-2025-8714 , CVE-2025-8715 Description PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table. (CVE-2025-8713) PostgreSQL pg_dump lets superuser of origin server execute arbitrary code in psql client. (CVE-2025-8714) PostgreSQL pg_dump newline in object name executes arbitrary code in psql client and in restore target server. (CVE-2025-8715) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-8713 , CVE-2025-8714 , CVE-2025-8715 Description PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table. (CVE-2025-8713) PostgreSQL pg_dump lets superuser of origin server execute arbitrary code in psql client. (CVE-2025-8714) PostgreSQL pg_dump newline in object name executes arbitrary code in psql client and in restore target server. (CVE-2025-8715) References
- https://bugs.mageia.org/show_bug.cgi?id=34608
- https://www.postgresql.org/about/news/postgresql-176-1610-1514-1419-1322-and-18-beta-3-released-3118/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8713
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8714
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8715
- postgresql15-15.14-1.mga9
- postgresql13-13.22-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0229 - Updated python-django packages fix security vulnerability
Publication date: 08 Sep 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-57833 Description Potential SQL injection in FilteredRelation column aliases. (CVE-2025-57833) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-57833 Description Potential SQL injection in FilteredRelation column aliases. (CVE-2025-57833) References
- https://bugs.mageia.org/show_bug.cgi?id=34612
- https://www.openwall.com/lists/oss-security/2025/09/03/3
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
- python-django-4.1.13-1.6.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2025-0081 - Updated haproxy packages fix some bugs
Publication date: 08 Sep 2025
Type: bugfix
Affected Mageia releases : 9
Description Haproxy has a few medium and a few minor bugs fixed in the last upstream version 2.8.15 of branch 2.8. Fixed medium bug list: - backend: do not overwrite srv dst address on reuse (2) - backend: fix reuse with set-dst/set-dst-port - clock: make sure now_ms cannot be TICK_ETERNITY - debug: close a possible race between thread dump and panic() - fd: mark FD transferred to another process as FD_CLONED - filters: Handle filters registered on data with no payload callback - h3: trim whitespaces in header value prior to QPACK encoding - h3: trim whitespaces when parsing headers value - hlua/cli: fix cli applet UAF in hlua_applet_wakeup() - hlua: fix hlua_applet_{http,tcp}_fct() yield regression (lost data) - http-ana: Report 502 from req analyzer only during rsp forwarding - htx: wrong count computation in htx_xfer_blks() - mux-quic: do not attach on already closed stream - mux-quic: fix crash on RS/SS emission if already close local - peers: prevent learning expiration too far in futur from unsync node - sample: fix risk of overflow when replacing multiple regex back-refs - spoe: Don't wakeup idle applets in loop during stopping - ssl: chosing correct certificate using RSA-PSS with TLSv1.3 - startup: return to initial cwd only after check_config_validity() - thread: use pthread_self() not ha_pthread[tid] in set_affinity References SRPMS 9/core
Type: bugfix
Affected Mageia releases : 9
Description Haproxy has a few medium and a few minor bugs fixed in the last upstream version 2.8.15 of branch 2.8. Fixed medium bug list: - backend: do not overwrite srv dst address on reuse (2) - backend: fix reuse with set-dst/set-dst-port - clock: make sure now_ms cannot be TICK_ETERNITY - debug: close a possible race between thread dump and panic() - fd: mark FD transferred to another process as FD_CLONED - filters: Handle filters registered on data with no payload callback - h3: trim whitespaces in header value prior to QPACK encoding - h3: trim whitespaces when parsing headers value - hlua/cli: fix cli applet UAF in hlua_applet_wakeup() - hlua: fix hlua_applet_{http,tcp}_fct() yield regression (lost data) - http-ana: Report 502 from req analyzer only during rsp forwarding - htx: wrong count computation in htx_xfer_blks() - mux-quic: do not attach on already closed stream - mux-quic: fix crash on RS/SS emission if already close local - peers: prevent learning expiration too far in futur from unsync node - sample: fix risk of overflow when replacing multiple regex back-refs - spoe: Don't wakeup idle applets in loop during stopping - ssl: chosing correct certificate using RSA-PSS with TLSv1.3 - startup: return to initial cwd only after check_config_validity() - thread: use pthread_self() not ha_pthread[tid] in set_affinity References SRPMS 9/core
- haproxy-2.8.15-1.mga9
Categorías: Actualizaciones de Seguridad
