Lector de Feeds

Publication date: 17 Nov 2025
Type: bugfix
Affected Mageia releases : 9
Description We are rebuilding packages requiring icu version 72 with icu version 73 to use an icu version with security fixes. These packages are the last set; after these updates there should not be packages that depend on icu version 72 in your system. If you find you can't run (change lib64 to lib in 32bit system): LC_ALL=C urpme lib64icu72 without uninstalling packages in your system, please report. References

• https://bugs.mageia.org/show_bug.cgi?id=34740

SRPMS 9/core

• gnome-builder-44.2-1.1.mga9
• gnucash-5.3-1.1.mga9
• kdeplasma-addons-5.27.10-1.1.mga9
• evolution-data-server-3.48.3-1.1.mga9
• kbibtex-0.10.0-3.1.mga9
• geary-43.0-3.1.mga9

Publication date: 17 Nov 2025
Type: bugfix
Affected Mageia releases : 9
Description We are rebuilding packages requiring icu version 72 with icu version 73 to use an icu version with security fixes. These packages are the third set. References

• https://bugs.mageia.org/show_bug.cgi?id=34730

SRPMS 9/core

• gspell-1.12.1-1.1.mga9
• libcdr-0.1.7-5.1.mga9
• 0ad-0.0.26-3.1.mga9
• c-icap-modules-classify-20180416-15.1.mga9
• enchant2-2.3.3-2.1.mga9
• gnustep-base-1.28.0-2.1.mga9
• gnustep-gui-0.28.0-10.1.mga9
• konsole-23.04.3-1.1.mga9
• qtwebengine5-5.15.10-8.1.mga9
• qtwebengine6-6.4.1-5.1.mga9
• performous-1.2.0-6.1.mga9
• plasma-workspace-5.27.10-1.3.mga9
• R-base-4.3.3-1.1.mga9
• scribus-1.5.8-11.1.mga9
• strawberry-1.0.17-1.1.mga9
• subtitlecomposer-0.7.1-3.1.mga9
• mpd-0.23.11-4.1.mga9

9/tainted

• mpd-0.23.11-4.1.mga9.tainted

Publication date: 17 Nov 2025
Type: bugfix
Affected Mageia releases : 9
Description It appears there has been a rollout for the WEB client where YouTube has removed the playback links for adaptiveFormats in the player response. This leaves only the SABR streaming URL for playback (which is what YouTube has been using for a while now) References

• https://bugs.mageia.org/show_bug.cgi?id=34750
• https://github.com/yt-dlp/yt-dlp/issues/12482

SRPMS 9/core

• python-packaging-24.2-1.mga9
• python-hatchling-1.27.0-1.mga9
• yt-dlp-2025.11.12-1.mga9

Publication date: 17 Nov 2025
Type: bugfix
Affected Mageia releases : 9
Description The kvm modules are now preloaded at boot, and thus it conflicts with vbox modules. This version has a fix that rmmod the kvm module before starting virtualbox VMs References

• https://bugs.mageia.org/show_bug.cgi?id=34408
• https://www.virtualbox.org/wiki/Changelog-7.1
• https://www.virtualbox.org/ticket/22248
• https://github.com/VirtualBox/virtualbox/issues/372

SRPMS 9/core

• virtualbox-7.1.14-2.mga9
• kmod-virtualbox-7.1.14-12.mga9

Publication date: 15 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-48734 Description Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default. (CVE-2025-48734) References

• https://bugs.mageia.org/show_bug.cgi?id=34330
• https://lists.opensuse.org/opensuse-updates/2019-09/msg00017.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48734

SRPMS 9/core

• apache-commons-beanutils-1.9.4-7.1.mga9