Lector de Feeds

MGASA-2025-0183 - Updated kernel-linus packages fix security vulnerabilities

Mageia Security - 9 Junio, 2025 - 19:14
Publication date: 09 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-37797 , CVE-2025-37799 , CVE-2025-37800 , CVE-2025-37801 , CVE-2025-37803 , CVE-2025-37804 , CVE-2025-37805 , CVE-2025-37808 , CVE-2025-37810 , CVE-2025-37811 , CVE-2025-37812 , CVE-2025-37813 , CVE-2025-37815 , CVE-2025-37817 , CVE-2025-37818 , CVE-2025-37819 , CVE-2025-37820 , CVE-2025-37823 , CVE-2025-37824 , CVE-2025-37828 , CVE-2025-37829 , CVE-2025-37830 , CVE-2025-37831 , CVE-2025-37836 , CVE-2025-37878 , CVE-2025-37879 , CVE-2025-37881 , CVE-2025-37883 , CVE-2025-37884 , CVE-2025-37885 , CVE-2025-37886 , CVE-2025-37887 , CVE-2025-37890 , CVE-2025-37891 , CVE-2025-37897 , CVE-2025-37901 , CVE-2025-37903 , CVE-2025-37905 , CVE-2025-37909 , CVE-2025-37911 , CVE-2025-37912 , CVE-2025-37913 , CVE-2025-37914 , CVE-2025-37915 , CVE-2025-37916 , CVE-2025-37917 , CVE-2025-37918 , CVE-2025-37921 , CVE-2025-37922 , CVE-2025-37923 , CVE-2025-37924 , CVE-2025-37927 , CVE-2025-37928 , CVE-2025-37929 , CVE-2025-37930 , CVE-2025-37932 , CVE-2025-37933 , CVE-2025-37935 , CVE-2025-37936 , CVE-2025-37938 , CVE-2025-37947 , CVE-2025-37948 , CVE-2025-37949 , CVE-2025-37951 , CVE-2025-37952 , CVE-2025-37953 , CVE-2025-37954 , CVE-2025-37956 , CVE-2025-37959 , CVE-2025-37961 , CVE-2025-37962 , CVE-2025-37963 , CVE-2025-37964 , CVE-2025-37969 , CVE-2025-37970 , CVE-2025-37972 , CVE-2025-37973 , CVE-2025-37983 , CVE-2025-37985 , CVE-2025-37988 , CVE-2025-37989 , CVE-2025-37990 , CVE-2025-37991 , CVE-2025-37992 Description Vanilla upstream kernel version 6.6.93 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links. References SRPMS 9/core
  • kernel-linus-6.6.93-1.mga9

MGASA-2025-0182 - Updated kernel, kmod-virtualbox, kmod-xtables-addons, dwarves, libtraceevent, libtracefs, kernel-firmware, kernel-firmware-nonfree, radeon-firmware & wireless-regdb packages fix security vulnerabilities

Mageia Security - 9 Junio, 2025 - 19:14
Publication date: 09 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-37797 , CVE-2025-37799 , CVE-2025-37800 , CVE-2025-37801 , CVE-2025-37803 , CVE-2025-37804 , CVE-2025-37805 , CVE-2025-37808 , CVE-2025-37810 , CVE-2025-37811 , CVE-2025-37812 , CVE-2025-37813 , CVE-2025-37815 , CVE-2025-37817 , CVE-2025-37818 , CVE-2025-37819 , CVE-2025-37820 , CVE-2025-37823 , CVE-2025-37824 , CVE-2025-37828 , CVE-2025-37829 , CVE-2025-37830 , CVE-2025-37831 , CVE-2025-37836 , CVE-2025-37878 , CVE-2025-37879 , CVE-2025-37881 , CVE-2025-37883 , CVE-2025-37884 , CVE-2025-37885 , CVE-2025-37886 , CVE-2025-37887 , CVE-2025-37890 , CVE-2025-37891 , CVE-2025-37897 , CVE-2025-37901 , CVE-2025-37903 , CVE-2025-37905 , CVE-2025-37909 , CVE-2025-37911 , CVE-2025-37912 , CVE-2025-37913 , CVE-2025-37914 , CVE-2025-37915 , CVE-2025-37916 , CVE-2025-37917 , CVE-2025-37918 , CVE-2025-37921 , CVE-2025-37922 , CVE-2025-37923 , CVE-2025-37924 , CVE-2025-37927 , CVE-2025-37928 , CVE-2025-37929 , CVE-2025-37930 , CVE-2025-37932 , CVE-2025-37933 , CVE-2025-37935 , CVE-2025-37936 , CVE-2025-37938 , CVE-2025-37947 , CVE-2025-37948 , CVE-2025-37949 , CVE-2025-37951 , CVE-2025-37952 , CVE-2025-37953 , CVE-2025-37954 , CVE-2025-37956 , CVE-2025-37959 , CVE-2025-37961 , CVE-2025-37962 , CVE-2025-37963 , CVE-2025-37964 , CVE-2025-37969 , CVE-2025-37970 , CVE-2025-37972 , CVE-2025-37973 , CVE-2025-37983 , CVE-2025-37985 , CVE-2025-37988 , CVE-2025-37989 , CVE-2025-37990 , CVE-2025-37991 , CVE-2025-37992 Description Upstream kernel version 6.6.93 fixes bugs and vulnerabilities. The kmod-virtualbox, kmod-xtables-addons, wireless-regdb & firmware packages have been updated to work with this new kernel; some updated build time requirement are here to allow building this kernel version. For information about the vulnerabilities see the links. References SRPMS 9/core
  • kernel-6.6.93-1.mga9
  • kmod-virtualbox-7.1.8-3.mga9
  • kmod-xtables-addons-3.24-80.mga9
  • dwarves-1.30-1.mga9
  • libtraceevent-1.8.4-1.mga9
  • libtracefs-1.8.2-1.mga9
  • kernel-firmware-20250509-1.mga9
  • wireless-regdb-20250220-1.mga9
9/nonfree
  • kernel-firmware-nonfree-20250509-1.mga9.nonfree
  • radeon-firmware-20250509-1.mga9.nonfree

MGASA-2025-0181 - Updated cockpit packages fix security vulnerability & bug

Mageia Security - 9 Junio, 2025 - 19:14
Publication date: 09 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-6126 Description Mageia's internal bug: In the current version you can't login in the web interface with firefox or chromium-browser packaged by Mageia. This update fixes the issue, but it is reported that could need to reboot and clear cookies from your browser. A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pam_env's user_readenv option, which leads to a denial of service (DoS) attack - CVE-2024-6126. Please note that you need to edit /etc/nsswitch.conf as recommended in https://bugs.mageia.org/show_bug.cgi?id=33368#c18. References SRPMS 9/core
  • cockpit-338-1.6.mga9

MGAA-2025-0057 - Updated bluez packages fix bug

Mageia Security - 9 Junio, 2025 - 19:14
Publication date: 09 Jun 2025
Type: bugfix
Affected Mageia releases : 9
Description Since the update of bluez to 5.80 devices like mouse/keyboard do not reconnect after suspend or reboot. Only repairing helps to make them work. References SRPMS 9/core
  • bluez-5.82-1.mga9

MGASA-2025-0179 - Updated php-adodb packages fix security vulnerability

Mageia Security - 8 Junio, 2025 - 07:22
Publication date: 08 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-46337 Description ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Prior to version 5.22.9, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and calls pg_insert_id() with user-supplied data. This issue has been patched in version 5.22.9 - CVE-2025-46337. References SRPMS 9/core
  • php-adodb-5.22.9-1.mga9

MGASA-2025-0178 - Updated systemd packages fix security vulnerability

Mageia Security - 8 Junio, 2025 - 07:22
Publication date: 08 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-4598 Description Systemd-coredump: race condition that allows a local attacker to crash a suid program and gain read access to the resulting core dump. (CVE-2025-4598) References SRPMS 9/core
  • systemd-253.33-1.mga9
Feed