Lector de Feeds

Publication date: 23 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-10527 , CVE-2025-10528 , CVE-2025-10529 , CVE-2025-10532 , CVE-2025-10533 , CVE-2025-10536 , CVE-2025-10537 , CVE-2025-11708 , CVE-2025-11709 , CVE-2025-11710 , CVE-2025-11711 , CVE-2025-11712 , CVE-2025-11713 , CVE-2025-11714 , CVE-2025-11715 Description CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance() CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures CVE-2025-11710: Cross-process information leaked due to malicious IPC messages CVE-2025-11711: Some non-writable Object properties could be modified CVE-2025-11712: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type CVE-2025-11713: Potential user-assisted code execution in “Copy as cURL” command CVE-2025-11714: Memory safety bugs fixed in Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 CVE-2025-11715: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144, and other security fixes; please see the links. References

• https://bugs.mageia.org/show_bug.cgi?id=34638
• https://www.thunderbird.net/en-US/thunderbird/140.4.0esr/releasenotes/
• https://www.mozilla.org/en-US/security/advisories/mfsa2025-85/
• https://www.thunderbird.net/en-US/thunderbird/140.4.0esr/releasenotes/
• https://www.mozilla.org/en-US/security/advisories/mfsa2025-85/
• https://www.thunderbird.net/en-US/thunderbird/140.3.1esr/releasenotes/
• https://www.thunderbird.net/en-US/thunderbird/140.3.0esr/releasenotes/
• https://www.mozilla.org/en-US/security/advisories/mfsa2025-78/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10527
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10528
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10529
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10532
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10533
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10536
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10537
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11708
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11709
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11710
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11711
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11712
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11713
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11714
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11715

SRPMS 9/core

• thunderbird-140.4.0-1.2.mga9
• thunderbird-l10n-140.4.0-1.mga9

Publication date: 23 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-10527 , CVE-2025-10528 , CVE-2025-10529 , CVE-2025-10532 , CVE-2025-10533 , CVE-2025-10536 , CVE-2025-10537 , CVE-2025-11708 , CVE-2025-11709 , CVE-2025-11710 , CVE-2025-11711 , CVE-2025-11712 , CVE-2025-11713 , CVE-2025-11714 , CVE-2025-11715 Description CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance() CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures CVE-2025-11710: Cross-process information leaked due to malicious IPC messages CVE-2025-11711: Some non-writable Object properties could be modified CVE-2025-11712: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type CVE-2025-11713: Potential user-assisted code execution in “Copy as cURL” command CVE-2025-11714: Memory safety bugs fixed in Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 CVE-2025-11715: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144, and other security fixes; please see the links. References

• https://bugs.mageia.org/show_bug.cgi?id=34637
• https://www.firefox.com/en-US/firefox/140.4.0/releasenotes/
• https://www.mozilla.org/en-US/security/advisories/mfsa2025-83/
• https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_117.html
• https://www.firefox.com/en-US/firefox/140.3.1/releasenotes/
• https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_116.html
• https://www.firefox.com/en-US/firefox/140.3.0/releasenotes/
• https://www.mozilla.org/en-US/security/advisories/mfsa2025-75/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10527
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10528
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10529
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10532
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10533
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10536
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10537
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11708
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11709
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11710
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11711
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11712
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11713
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11714
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11715

SRPMS 9/core

• nss-3.117.0-1.mga9
• rootcerts-20251003.00-1.mga9
• firefox-140.4.0-1.2.mga9
• firefox-l10n-140.4.0-1.mga9

Publication date: 22 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-53859 Description It was discovered that nginx contains a security issue in the ngx_mail_smtp_module which might allow an attacker to cause buffer over-read potentially resulting in sensitive information leak in a HTTP request to the authentication server (CVE-2025-53859). References

• https://bugs.mageia.org/show_bug.cgi?id=34585
• https://www.openwall.com/lists/oss-security/2025/08/13/5
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53859

SRPMS 9/core

• nginx-1.26.3-1.1.mga9

Publication date: 22 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-9230 Description Out-of-bounds read & write in RFC 3211 KEK Unwrap. (CVE-2025-9230) References

• https://bugs.mageia.org/show_bug.cgi?id=34643
• https://www.openwall.com/lists/oss-security/2025/09/30/5
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9230

SRPMS 9/core

• openssl-3.0.18-1.mga9

Publication date: 22 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-59681 , CVE-2025-59682 Description An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate(), QuerySet.alias(), QuerySet.aggregate(), and QuerySet.extra() are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to these methods (on MySQL and MariaDB). (CVE-2025-59681) An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract() function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common prefix with the target directory. (CVE-2025-59682) References

• https://bugs.mageia.org/show_bug.cgi?id=34645
• https://www.openwall.com/lists/oss-security/2025/10/01/3
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682

SRPMS 9/core

• python-django-4.1.13-1.7.mga9

Publication date: 22 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-11230 Description Haproxy has a critical, a major, few medium and few minor bugs fixed in the last upstream version 2.8.16 of branch 2.8. Fixed critical bug list: - mjson: fix possible DoS when parsing numbers Fixed major bug list: - listeners: transfer connection accounting when switching listeners Fixed medium bugs list: - check: Requeue healthchecks on I/O events to handle check timeout - check: Set SOCKERR by default when a connection error is reported - checks: fix ALPN inheritance from server - dns: Reset reconnect tempo when connection is finally established - fd: Use the provided tgid in fd_insert() to get tgroup_info - h1: Allow reception if we have early data - h1/h2/h3: reject forbidden chars in the Host header field - h2/h3: reject some forbidden chars in :authority before reassembly - hlua: Add function to change the body length of an HTTP Message - hlua: Forbid any L6/L7 sample fetche functions from lua services - hlua: Report to SC when data were consumed on a lua socket - hlua: Report to SC when output data are blocked on a lua socket - http-client: Ask for more room when request data cannot be xferred - http-client: Don't wake http-client applet if nothing was xferred - http-client: Drain the request if an early response is received - http-client: Notify applet has more data to deliver until the EOM - http-client: Properly inc input data when HTX blocks are xferred - http-client: Test HTX_FL_EOM flag before commiting the HTX buffer - httpclient: Throw an error if an lua httpclient instance is reused - mux-h2: Properly handle connection error during preface sending - server: Duplicate healthcheck's alpn inherited from default server - ssl: ca-file directory mode must read every certificates of a file - ssl/clienthello: ECDSA with ssl-max-ver TLSv1.2 and no ECDSA ciphers - ssl: create the mux immediately on early data - ssl: Fix 0rtt to the server - ssl: fix build with AWS-LC - threads: Disable the workaround to load libgcc_s on macOS References

• https://bugs.mageia.org/show_bug.cgi?id=34673
• https://www.haproxy.org/download/2.8/src/CHANGELOG
• https://www.haproxy.com/blog/october-2025-cve-2025-11230-haproxy-mjson-library-denial-of-service-vulnerability
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11230

SRPMS 9/core

• haproxy-2.8.16-1.mga9

In Mageia/9/x86_64: Mesa is an OpenGL 4.6 compatible 3D graphics library.

In Mageia/9/aarch64: Mesa is an OpenGL 4.6 compatible 3D graphics library.

In Mageia/9/armv7hl: Mesa is an OpenGL 4.6 compatible 3D graphics library.

In Mageia/9/i586: Mesa is an OpenGL 4.6 compatible 3D graphics library.

In Mageia/cauldron/x86_64: Rachota is a portable application for timetracking different projects. It runs everywhere. It displays time data in diagram form, creates customized reports and invoices or analyses measured data and suggests hints to improve user's time usage. The totally portable yet personal timetracker.

In Mageia/cauldron/i586: Rachota is a portable application for timetracking different projects. It runs everywhere. It displays time data in diagram form, creates customized reports and invoices or analyses measured data and suggests hints to improve user's time usage. The totally portable yet personal timetracker.

In Mageia/cauldron/i586: A program to convert images from PPM format into the control language for the Alps Micro-Dry printers, at various times sold by Citizen, Alps and Okidata. This program drives the Alps Micro-Dry series of printers, including the Citizen Printiva series, Alps MD series, and Oki DP series (but not yet the DP-7000). In the current release, the program drives the standard mode fairly well; the dye sublimation mode very well; and the VPhoto mode reasonably well. It supports all the colours available up to the DP-5000, including the foil colours.

In Mageia/cauldron/x86_64: A program to convert images from PPM format into the control language for the Alps Micro-Dry printers, at various times sold by Citizen, Alps and Okidata. This program drives the Alps Micro-Dry series of printers, including the Citizen Printiva series, Alps MD series, and Oki DP series (but not yet the DP-7000). In the current release, the program drives the standard mode fairly well; the dye sublimation mode very well; and the VPhoto mode reasonably well. It supports all the colours available up to the DP-5000, including the foil colours.

In Mageia/cauldron/x86_64: This tool tries to recover JFIF (JPEG) pictures and MOV movies (using recovermov) from a peripheral. This may be useful if you mistakenly overwrite a partition or if a device such as a digital camera memory card is bogus.