Lector de Feeds

Publication date: 22 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-11230 Description Haproxy has a critical, a major, few medium and few minor bugs fixed in the last upstream version 2.8.16 of branch 2.8. Fixed critical bug list: - mjson: fix possible DoS when parsing numbers Fixed major bug list: - listeners: transfer connection accounting when switching listeners Fixed medium bugs list: - check: Requeue healthchecks on I/O events to handle check timeout - check: Set SOCKERR by default when a connection error is reported - checks: fix ALPN inheritance from server - dns: Reset reconnect tempo when connection is finally established - fd: Use the provided tgid in fd_insert() to get tgroup_info - h1: Allow reception if we have early data - h1/h2/h3: reject forbidden chars in the Host header field - h2/h3: reject some forbidden chars in :authority before reassembly - hlua: Add function to change the body length of an HTTP Message - hlua: Forbid any L6/L7 sample fetche functions from lua services - hlua: Report to SC when data were consumed on a lua socket - hlua: Report to SC when output data are blocked on a lua socket - http-client: Ask for more room when request data cannot be xferred - http-client: Don't wake http-client applet if nothing was xferred - http-client: Drain the request if an early response is received - http-client: Notify applet has more data to deliver until the EOM - http-client: Properly inc input data when HTX blocks are xferred - http-client: Test HTX_FL_EOM flag before commiting the HTX buffer - httpclient: Throw an error if an lua httpclient instance is reused - mux-h2: Properly handle connection error during preface sending - server: Duplicate healthcheck's alpn inherited from default server - ssl: ca-file directory mode must read every certificates of a file - ssl/clienthello: ECDSA with ssl-max-ver TLSv1.2 and no ECDSA ciphers - ssl: create the mux immediately on early data - ssl: Fix 0rtt to the server - ssl: fix build with AWS-LC - threads: Disable the workaround to load libgcc_s on macOS References

• https://bugs.mageia.org/show_bug.cgi?id=34673
• https://www.haproxy.org/download/2.8/src/CHANGELOG
• https://www.haproxy.com/blog/october-2025-cve-2025-11230-haproxy-mjson-library-denial-of-service-vulnerability
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11230

SRPMS 9/core

• haproxy-2.8.16-1.mga9

Publication date: 20 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-9230 , CVE-2025-9232 Description Two security issues and miscellaneous minor bug fixes. Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap. (CVE-2025-9230) Fix Out-of-bounds read in HTTP client no_proxy handling. (CVE-2025-9232) References

• https://bugs.mageia.org/show_bug.cgi?id=34674
• https://openssl-library.org/news/vulnerabilities/#CVE-2025-9230
• https://openssl-library.org/news/vulnerabilities/#CVE-2025-9232
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9230
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9232

SRPMS 9/core

• quictls-3.0.18-1.mga9

Publication date: 20 Oct 2025
Type: bugfix
Affected Mageia releases : 9
Description The current version of rust in mga9 is not new enough to keep building Mozilla's applications. This update fixes the reported issue. References

• https://bugs.mageia.org/show_bug.cgi?id=34500

SRPMS 9/core

• rust-1.82.0-1.mga9

Publication date: 20 Oct 2025
Type: bugfix
Affected Mageia releases : 9
Description Fixed "Delete" button not asking for confirmation when deleting a row. Fix error 500 when simulating a SET statement. Fixed PHP 8.4 deprecations in thecodingmachine/safe. References

• https://bugs.mageia.org/show_bug.cgi?id=34680
• https://www.phpmyadmin.net/news/2025/10/8/phpmyadmin-523-is-released/

SRPMS 9/core

• phpmyadmin-5.2.3-1.mga9