Lector de Feeds

Publication date: 14 Feb 2025
Type: bugfix
Affected Mageia releases : 9
Description Issues with the conversions and the progress bar have been reported. This update fixes the issues and removes python3-sip as a requirement as is no longer needed References

• https://bugs.mageia.org/show_bug.cgi?id=32465

SRPMS 9/core

• ffmulticonverter-1.8.0-10.1.mga9

‎Apprenticeship in progress

← Older revision Revision as of 09:56, 14 February 2025 Line 224: Line 224:  | pol4n || neoclust || [https://ml.mageia.org/l/arc/dev/2022-03/msg00117.html 2022-03-11] || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} || rpcbind/sitecopy/spamassassin/ssdeep/sslsplit || {{yes|Done}} || {{yes|Done}} || tap<br>woff2<br>shairplay<br>ntpsec<br>clusterscripts<br>nagios-plugins<br>xymons<br>zathuras<br>rizins<br>vnstat || 2022-08-18 | pol4n || neoclust || [https://ml.mageia.org/l/arc/dev/2022-03/msg00117.html 2022-03-11] || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} || {{yes|Done}} || rpcbind/sitecopy/spamassassin/ssdeep/sslsplit || {{yes|Done}} || {{yes|Done}} || tap<br>woff2<br>shairplay<br>ntpsec<br>clusterscripts<br>nagios-plugins<br>xymons<br>zathuras<br>rizins<br>vnstat || 2022-08-18  |- |- −| joselp || papoteur,mokraemer || {{yes|Done}} ||  || {{yes|Done}} ||  ||  ||  ||  || ||  ||  +| joselp || papoteur,mokraemer || {{yes|Done}} ||  || {{yes|Done}} ||  ||  ||  ||  || photomontage ||  ||    |- |-  | zekemx || kekepower || {{yes|Done}} ||  || ||  ||  || 1. conky ||  ||  ||  || | zekemx || kekepower || {{yes|Done}} ||  || ||  ||  || 1. conky ||  ||  ||  || Papoteur

Publication date: 13 Feb 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-2794 , CVE-2023-4232 , CVE-2023-4233 , CVE-2023-4234 , CVE-2023-4235 Description Sms decoder stack-based buffer overflow remote code execution vulnerability within the decode_deliver() function. (CVE-2023-2794) Sms decoder stack-based buffer overflow remote code execution vulnerability within the decode_status_report() function. (CVE-2023-4232) Sms decoder stack-based buffer overflow remote code execution vulnerability within the sms_decode_address_field(). (CVE-2023-4233) Sms decoder stack-based buffer overflow remote code execution vulnerability within the decode_submit_report() function. (CVE-2023-4234) Sms decoder stack-based buffer overflow remote code execution vulnerability within the decode_deliver_report() function. (CVE-2023-4235) References

• https://bugs.mageia.org/show_bug.cgi?id=33841
• https://ubuntu.com/security/notices/USN-7141-1
• https://ubuntu.com/security/notices/USN-7151-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2794
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4232
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4233
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4234
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4235

SRPMS 9/core

• ofono-2.1-1.1.mga9

Publication date: 13 Feb 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-22376 Description In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32-bit integer generated from the built-in rand() function, which is not cryptographically strong. (CVE-2025-22376) References

• https://bugs.mageia.org/show_bug.cgi?id=33923
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GLAEBHWU2NBVEDHXVVKYY4Y2XLNJX2VX/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22376

SRPMS 9/core

• perl-Net-OAuth-0.300.0-1.mga9
• perl-Crypt-URandom-0.370.0-1.mga9
• perl-Module-Build-0.423.400-1.mga9

Publication date: 13 Feb 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-57966 Description A security issue exists in Ark where a maliciously crafted archive containing file paths beginning with "/" allows files to be extracted to locations outside the intended directory. References

• https://bugs.mageia.org/show_bug.cgi?id=34013
• https://kde.org/info/security/advisory-20250207-1.txt
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57966

SRPMS 9/core

• ark-23.04.3-1.1.mga9

‎Releasing the update: Mention advisories.mageia.org

← Older revision Revision as of 08:21, 13 February 2025 Line 399: Line 399:  Once the update candidate has been validated (i.e., approved) by the QA Team, a member of the Once the update candidate has been validated (i.e., approved) by the QA Team, a member of the  Sysadmin Team [[#42|[42]]] will see that the updated packages get pushed to the mirrors and that the advisory is Sysadmin Team [[#42|[42]]] will see that the updated packages get pushed to the mirrors and that the advisory is −posted to the website and e-mailed to the updates-announce mailing list [[#43|[43]]] . Every Linux distribution has+posted to https://advisories.mageia.org/ and e-mailed to the updates-announce mailing list [[#43|[43]]] . Every Linux distribution has −a similar mailing list for update announcements. Varying amounts of automation and manual work are+a similar mailing list for update announcements. The advisories will also be picked eventually up by aggregators like https://osv.dev/. −involved in this last stage of the process for different Linux distributions.+Varying amounts of automation and manual work are involved in this last stage of the process for each separate Linux distributions.     == Other considerations == == Other considerations == Danf

Publication date: 12 Feb 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-52804 Description Tornado has an HTTP cookie parsing DoS vulnerability. (CVE-2024-52804) References

• https://bugs.mageia.org/show_bug.cgi?id=33816
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/KECEA6QVDQMKX34TWO73YYIDDQZZ476N/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52804

SRPMS 9/core

• python-tornado-6.3.2-1.1.mga9

Publication date: 12 Feb 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-56519 , CVE-2024-56521 , CVE-2024-56522 , CVE-2024-56527 Description An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute. (CVE-2024-56519) An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER are set unsafely. (CVE-2024-56521) An issue was discovered in TCPDF before 6.8.0. unserializeTCPDFtag uses != (aka loose comparison) and does not use a constant-time function to compare TCPDF tag hashes. (CVE-2024-56522) An issue was discovered in TCPDF before 6.8.0. The Error function lacks an htmlspecialchars call for the error message. (CVE-2024-56527) References

• https://bugs.mageia.org/show_bug.cgi?id=33898
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZX3ABLKKEVGN4M4BBUJFPBNWW5SHP7J3/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56519
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56521
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56522
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56527

SRPMS 9/core

• php-tcpdf-6.5.0-1.3.mga9

‎See also: Link to LDAP_Groups

← Older revision Revision as of 19:55, 12 February 2025 (One intermediate revision by the same user not shown)Line 37: Line 37:        [root@duvel ~]# ldapmodify -H ldaps://ldap.mageia.org -D uid=$USER,ou=People,dc=mageia,dc=org -W -f removeowner.ldif    [root@duvel ~]# ldapmodify -H ldaps://ldap.mageia.org -D uid=$USER,ou=People,dc=mageia,dc=org -W -f removeowner.ldif  +  += See also =  +* [https://people.mageia.org/g/ Active groups]  +* [[LDAP Groups]] needed for different roles     [[Category:Sysadmin]] [[Category:Sysadmin]] Danf

‎Access/Identity: Bugzilla admins

← Older revision Revision as of 19:43, 12 February 2025 Line 23: Line 23:  * [[SOP Sysadmin access revocation]] * [[SOP Sysadmin access revocation]]  * [[SOP Adding groups]] * [[SOP Adding groups]] −* Blocking users in Bugzilla due to spammy behaviour+* Blocking users in Bugzilla due to spammy behaviour ''(this is currently done by Bugzilla admins, not Sysadmins)''  * Unlock user account * Unlock user account  * [[SOP robot credentials renewal]] * [[SOP robot credentials renewal]] Danf

Publication date: 12 Feb 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-46901 Description Insufficient validation of filenames against control characters in Apache Subversion repositories served via mod_dav_svn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. (CVE-2024-46901) References

• https://bugs.mageia.org/show_bug.cgi?id=33838
• https://www.openwall.com/lists/oss-security/2024/12/09/1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46901

SRPMS 9/core

• subversion-1.14.2-2.1.mga9

Publication date: 12 Feb 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-49528 Description A buffer overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via af_dialoguenhance.c:261:5 in the de_stereo component. (CVE-2023-49528) References

• https://bugs.mageia.org/show_bug.cgi?id=33430
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3BMDGSJN6WOKM5DG6WR4ITFVPI77UHH/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49528

SRPMS 9/core

• ffmpeg-5.1.6-1.1.mga9

9/tainted

• ffmpeg-5.1.6-1.1.mga9.tainted

To do a good job, we need good tools. Some of our servers are old, no longer powerful enough and have limited disk resources to meet the needs of developers. RPM manufacturing takes a long time and this is detrimental to the efficiency of maintaining and evolving the distribution. In short, the machines are well depreciated.

This is why our infrastructure is first getting a makeover. Better adapted to new technologies, it will allow our developers to work faster and more efficiently.

So where is this new infrastructure?

 We received 5 new servers:

– 2 new nodes for building packages: HPE ProLiant DL 360 Gen10 – 2xXeon 6126 (12C/2.6GHz) –

256GB RAM – 2xSSD 3.8TB HW Raid 1 – 2x10Gb/s NICs

– 2 servers to replace sucuk and duvel: HPE ProLiant DL 380 Gen10 – 2 Xeon 6126 (12C/2.6GHz) –

256GB RAM – 2xSSD 3.8TB HW Raid 1 – 10xHDD 12TB HW Raid 5 – 2x10Gb/s NICs

– 1 server for deployment and backup: HPE ProLiant DL80 Gen9 – 2xXeon  E5-2603v4

(6C/1.7GHz) – 256GB RAM – 6xHDD 6TB (donated, with some renewed parts)

– 1 Arista 7120T switch 20xRJ-45 10Gb/s 4xSFP+ 10Gb/s for interconnecting the machines

One of the ideas is to use the latest server to deploy quickly and as automatically as possible the construction nodes and other machines. The method is ready for x86_64 nodes and is being finalized for ARM nodes. The preparation of the servers takes time because the teams anticipate the future and future developments.

Once the preparation part of our servers is finished, the integration part into the Data Center will remain.

We are therefore taking our time to do things well in order to perpetuate the future and future versions of Mageia.

In the meantime, the future version 10 of Mageia continues to bubble in its cauldron! But we are not ready yet to plan a release date for the moment.

Feel free to come and strengthen our teams.

Para hacer un buen trabajo, necesitamos buenas herramientas. Algunos de nuestros servidores son viejos, ya no son lo bastante potentes y tienen recursos de disco limitados para satisfacer las necesidades de los desarrolladores. Se tarda mucho en producir los RPM, lo que va en detrimento de la eficacia del mantenimiento y la actualización de la distribución. En resumen, las máquinas están bien amortizadas.

Es por eso que nuestra infraestructura está recibiendo un lavado de cara. Más adaptada a las nuevas tecnologías, permitirá a nuestros desarrolladores trabajar de forma más rápida y eficaz. ¿Cuál es el estado de esta nueva infraestructura? Hemos recibido 5 nuevos servidores:

· 2 nuevos nodos de construcción de paquetes: HPE ProLiant DL 360 Gen10 – 2xXeon 6126 (12C/2.6GHz) – 256GB RAM – 2xSSD 3.8TB HW Raid 1 – 2x10Gb/s NICs.

· 2 servidores para reemplazar sucuk y duvel: HPE ProLiant DL 380 Gen10 – 2 Xeon 6126 (12C/2.6GHz) – 256GB RAM – 2xSSD 3.8TB HW Raid 1 – 10xHDD 12TB HW Raid 5 – 2x10Gb/s NICs.

· 1 servidor de despliegue y copia de seguridad: HPE ProLiant DL80 Gen9 – 2xXeon E5-2603v4 (6C/1.7GHz) – 256GB RAM – 6xHDD 6TB (una donación, con algunas partes renovadas)

· 1 switch Arista 7120T 20xRJ-45 10Gb/s 4xSFP+ 10Gb/s para interconectar las máquinas.

El plan es utilizar el último servidor para desplegar los nodos de construcción y el resto de máquinas de forma rápida y lo más automática posible. El método está listo para los nodos x86_64 y se está ultimando para los nodos ARM (servidores remotos). La preparación de los servidores lleva su tiempo, ya que nuestros equipos se anticipan al futuro y a los futuros desarrollos.

Una vez finalizada la preparación de nuestros servidores, el siguiente paso será integrarlos en el Centro de Datos. Por lo tanto, nos estamos tomando nuestro tiempo para hacer las cosas bien y poder asegurar el futuro y las futuras versiones de Mageia. Por el momento, no publicamos una fecha de lanzamiento provisional para Mageia 10.

Mientras tanto, ¡la futura versión 10 de Mageia sigue burbujeando en su caldero!

No dudes en unirte a nuestros equipos.

In Mageia/9/x86_64: Mesa is an OpenGL 4.6 compatible 3D graphics library.