Lector de Feeds
MGASA-2026-0043 - Updated microcode packages fix security vulnerabilities
Publication date: 18 Feb 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-24853 , CVE-2025-31648 Description The updated package updates AMD CPUs microcodes and fixes security vulnerabilities in Intel CPUs microcodes: Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2024-24853) Improper handling of values in the microcode flow for some Intel(R) Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (low) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (low), integrity (low) and availability (none) impacts. (CVE-2025-31648) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-24853 , CVE-2025-31648 Description The updated package updates AMD CPUs microcodes and fixes security vulnerabilities in Intel CPUs microcodes: Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2024-24853) Improper handling of values in the microcode flow for some Intel(R) Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (low) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (low), integrity (low) and availability (none) impacts. (CVE-2025-31648) References
- https://bugs.mageia.org/show_bug.cgi?id=35130
- https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20260210-rev1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24853
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-31648
- microcode-0.20260210-1.mga9.nonfree
Categorías: Actualizaciones de Seguridad
MGASA-2026-0042 - Updated vim packages fix security vulnerability
Publication date: 18 Feb 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-26269 Description Vim has a Netbeans specialKeys Stack Buffer Overflow. (CVE-2026-26269) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-26269 Description Vim has a Netbeans specialKeys Stack Buffer Overflow. (CVE-2026-26269) References
- https://bugs.mageia.org/show_bug.cgi?id=35135
- https://www.openwall.com/lists/oss-security/2026/02/13/2
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26269
- vim-9.1.2148-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0041 - Updated postgresql15 packages fix security vulnerabilities
Publication date: 17 Feb 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-2003 , CVE-2026-2004 , CVE-2026-2005 , CVE-2026-2006 , CVE-2026-2007 Description PostgreSQL oidvector discloses a few bytes of memory. (CVE-2026-2003) PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code. (CVE-2026-2004) PostgreSQL pgcrypto heap buffer overflow executes arbitrary code. (CVE-2026-2005) PostgreSQL missing validation of multibyte character length executes arbitrary code. (CVE-2026-2006) PostgreSQL pg_trgm heap buffer overflow writes pattern onto server memory. (CVE-2026-2007 References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-2003 , CVE-2026-2004 , CVE-2026-2005 , CVE-2026-2006 , CVE-2026-2007 Description PostgreSQL oidvector discloses a few bytes of memory. (CVE-2026-2003) PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code. (CVE-2026-2004) PostgreSQL pgcrypto heap buffer overflow executes arbitrary code. (CVE-2026-2005) PostgreSQL missing validation of multibyte character length executes arbitrary code. (CVE-2026-2006) PostgreSQL pg_trgm heap buffer overflow writes pattern onto server memory. (CVE-2026-2007 References
- https://bugs.mageia.org/show_bug.cgi?id=35133
- https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2003
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2004
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2005
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2006
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2007
- postgresql15-15.16-1.mga9
Categorías: Actualizaciones de Seguridad
Pushing updates
Backports: Use sudo for mga-move-pkg
← Older revision Revision as of 16:49, 16 February 2026 Line 93: Line 93: # Run a command of this form on duvel: # Run a command of this form on duvel: <pre> <pre> −mga-move-pkg --sync --backport 9/core/foobar-0.1-1.mga10.src.rpm+sudo -u schedbot mga-move-pkg --sync --backport 9/core/foobar-0.1-1.mga10.src.rpm −find /distrib/{bootstrap,mirror}/ -user root \! -type l -exec chown schedbot:schedbot {} + </pre> </pre> +Several packages can be moved by repeating ''--backport 9/core/XXX'' as often as necessary. :3. Add a comment to the bug manually to confirm that the package has been moved. Assign the bug to qa-bugs@ml.mageia.org. The QA team will then draft an announcement that they will post to [https://ml.mageia.org/l/info/backports-announce backports-announce]. :3. Add a comment to the bug manually to confirm that the package has been moved. Assign the bug to qa-bugs@ml.mageia.org. The QA team will then draft an announcement that they will post to [https://ml.mageia.org/l/info/backports-announce backports-announce]. Danf
Categorías: Wiki de Mageia
MGASA-2026-0040 - Updated dcmtk packages fix security vulnerabilities
Publication date: 16 Feb 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-14607 , CVE-2025-14841 Description OFFIS DCMTK dcmdata dcbytstr.cc makeDicomByteString memory corruption. (CVE-2025-14607) OFFIS DCMTK dcmqrscp dcmqrdbi.cc startMoveRequest null pointer dereference. (CVE-2025-14841) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-14607 , CVE-2025-14841 Description OFFIS DCMTK dcmdata dcbytstr.cc makeDicomByteString memory corruption. (CVE-2025-14607) OFFIS DCMTK dcmqrscp dcmqrdbi.cc startMoveRequest null pointer dereference. (CVE-2025-14841) References
- https://bugs.mageia.org/show_bug.cgi?id=34946
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/WA2BG2LFPVCYESQA5KLHS3YDK74NTELX/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14607
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14841
- dcmtk-3.6.7-4.7.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0039 - Updated usbmuxd packages fix security vulnerability
Publication date: 16 Feb 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-66004 Description Local privilege escalation in usbmuxd from arbitrary local user to usbmux. (CVE-2025-66004) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-66004 Description Local privilege escalation in usbmuxd from arbitrary local user to usbmux. (CVE-2025-66004) References
- https://bugs.mageia.org/show_bug.cgi?id=35118
- https://lists.debian.org/debian-security-announce/2026/msg00034.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66004
- usbmuxd-1.1.1-3.1.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2026-0012 - Updated mariadb packages fix bug
Publication date: 16 Feb 2026
Type: bugfix
Affected Mageia releases : 9
Description Regular update of mariadb which brings some bugfixes. References
Type: bugfix
Affected Mageia releases : 9
Description Regular update of mariadb which brings some bugfixes. References
- https://bugs.mageia.org/show_bug.cgi?id=35112
- https://mariadb.com/docs/release-notes/community-server/11.4/11.4.10
- mariadb-11.4.10-1.mga9
Categorías: Actualizaciones de Seguridad
Notas sobre Mageia 10-es
← Older revision
Revision as of 11:13, 16 February 2026
(One intermediate revision by the same user not shown)Line 5:
Line 5:
<!-- disable this so it's not in release note of isos medias--> <!-- disable this so it's not in release note of isos medias-->
−{{multi language banner-es|[[Mageia 10 Veröffentlichungshinweise-de|Deutsch]] ; [[Mageia 10 Release Notes|English]] ;[[Notas sobre Mageia 10|Español]]}}+{{multi language banner-es|[[Mageia 10 Veröffentlichungshinweise-de|Deutsch]] ; [[Mageia 10 Release Notes|English]] ; [[Notas sobre Mageia 10-es|Español]]}}
{{draft-es}} {{draft-es}}
Sturmvogel
Categorías: Wiki de Mageia
Notas sobre Mageia 10
Sturmvogel moved page Notas sobre Mageia 10 to Notas sobre Mageia 10-es over redirect see how to edit a page properly: https://wiki.mageia.org/en/How_to_write_a_wiki_page#How_to_translate_a_page
Show changes Sturmvogel
Categorías: Wiki de Mageia
Notas sobre Mageia 10-es
Sturmvogel deleted redirect Notas sobre Mageia 10-es by overwriting Deleted to make way for move from "Notas sobre Mageia 10"
Sturmvogel
Categorías: Wiki de Mageia
