Lector de Feeds
MGASA-2026-0191 - Updated libxmp packages fix security vulnerabilities
Publication date: 10 Jun 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-45676 , CVE-2023-45677 , CVE-2023-45679 , CVE-2023-45680 , CVE-2023-45681 , CVE-2023-45682 , CVE-2025-47256 Description CVE-2023-45679: Attempt to free an uninitialized memory pointer in vorbis_deinit() CVE-2023-45680: Null pointer dereference in vorbis_deinit() CVE-2023-45681: Out of bounds heap buffer write CVE-2023-45676: Multi-byte write heap buffer overflow in start_decoder() CVE-2023-45677: Heap buffer out of bounds write in start_decoder() CVE-2023-45682: Wild address read in vorbis_decode_packet_rest() CVE-2025-47256 stack-based buffer overflow in depack_pha in loaders/prowizard/pha.c via a malformed Pha format tracker module in a .mod file. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-45676 , CVE-2023-45677 , CVE-2023-45679 , CVE-2023-45680 , CVE-2023-45681 , CVE-2023-45682 , CVE-2025-47256 Description CVE-2023-45679: Attempt to free an uninitialized memory pointer in vorbis_deinit() CVE-2023-45680: Null pointer dereference in vorbis_deinit() CVE-2023-45681: Out of bounds heap buffer write CVE-2023-45676: Multi-byte write heap buffer overflow in start_decoder() CVE-2023-45677: Heap buffer out of bounds write in start_decoder() CVE-2023-45682: Wild address read in vorbis_decode_packet_rest() CVE-2025-47256 stack-based buffer overflow in depack_pha in loaders/prowizard/pha.c via a malformed Pha format tracker module in a .mod file. References
- https://bugs.mageia.org/show_bug.cgi?id=33915
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CVZWMTH36ES7RCJEMRANBDTL76QBE75Z/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKMOFYKVMD2LPU7O33SEH2RGSY2ZE73K/
- https://www.cve.org/CVERecord?id=CVE-2023-45676
- https://www.cve.org/CVERecord?id=CVE-2023-45677
- https://www.cve.org/CVERecord?id=CVE-2023-45679
- https://www.cve.org/CVERecord?id=CVE-2023-45680
- https://www.cve.org/CVERecord?id=CVE-2023-45681
- https://www.cve.org/CVERecord?id=CVE-2023-45682
- https://www.cve.org/CVERecord?id=CVE-2025-47256
- libxmp-4.5.0-2.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0190 - Updated golang-x-net packages fix security vulnerability
Publication date: 10 Jun 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-45338 Description CVE-2024-45338 An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-45338 Description CVE-2024-45338 An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service. References
- https://bugs.mageia.org/show_bug.cgi?id=34019
- https://github.com/advisories/GHSA-w32m-9786-jp63
- https://www.cve.org/CVERecord?id=CVE-2024-45338
- golang-x-net-0.7.0-2.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0189 - Updated libssh packages fix security vulnerabilities
Publication date: 10 Jun 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-4877 , CVE-2025-4878 , CVE-2025-5318 , CVE-2025-5351 , CVE-2025-5372 , CVE-2025-5449 , CVE-2025-5987 Description CVE-2025-4877 Write beyond bounds in binary to base64 conversion functions CVE-2025-4878 Use of uninitialized variable in privatekey_from_file() CVE-2025-5318 Likely read beyond bounds in sftp server handle management CVE-2025-5351 Double free in functions exporting keys CVE-2025-5372 ssh_kdf() returns a success code on certain failures CVE-2025-5449 Likely read beyond bounds in sftp server message decoding CVE-2025-5987 Invalid return code for chacha20 poly1305 with OpenSSL backend References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-4877 , CVE-2025-4878 , CVE-2025-5318 , CVE-2025-5351 , CVE-2025-5372 , CVE-2025-5449 , CVE-2025-5987 Description CVE-2025-4877 Write beyond bounds in binary to base64 conversion functions CVE-2025-4878 Use of uninitialized variable in privatekey_from_file() CVE-2025-5318 Likely read beyond bounds in sftp server handle management CVE-2025-5351 Double free in functions exporting keys CVE-2025-5372 ssh_kdf() returns a success code on certain failures CVE-2025-5449 Likely read beyond bounds in sftp server message decoding CVE-2025-5987 Invalid return code for chacha20 poly1305 with OpenSSL backend References
- https://bugs.mageia.org/show_bug.cgi?id=34405
- https://www.openwall.com/lists/oss-security/2025/06/27/2
- https://www.cve.org/CVERecord?id=CVE-2025-4877
- https://www.cve.org/CVERecord?id=CVE-2025-4878
- https://www.cve.org/CVERecord?id=CVE-2025-5318
- https://www.cve.org/CVERecord?id=CVE-2025-5351
- https://www.cve.org/CVERecord?id=CVE-2025-5372
- https://www.cve.org/CVERecord?id=CVE-2025-5449
- https://www.cve.org/CVERecord?id=CVE-2025-5987
- libssh-0.10.6-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0188 - Updated jq packages fix security vulnerabilities
Publication date: 10 Jun 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-23337 , CVE-2025-48060 , CVE-2026-32316 , CVE-2026-39979 , CVE-2026-33948 , CVE-2026-33947 , CVE-2026-39956 , CVE-2026-40164 Description An integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. (CVE-2024-23337) It was discovered that jq did not correctly handle certain string concatenations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2026-32316) It was discovered that jq did not correctly handle recursion in certain circumstances. An attacker could possibly use this issue to cause a denial of service. (CVE-2026-33947) It was discovered that jq did not correctly handle improperly terminated strings. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2026-33948) It was discovered that jq did not correctly handle checking certain variable types. An attacker could possibly use this issue to cause a denial of service or leak sensitive information. (CVE-2026-39956) It was discovered that jq did not correctly handle certain string formatting. An attacker could possibly use this issue to leak sensitive information or cause a denial of service. (CVE-2026-39979) It was discovered that jq used a fixed seed for hash table operations. An attacker could possibly use this issue to cause a denial of service. (CVE-2026-40164) A heap-buffer-overflow is present in function `jv_string_vfmt` in the jq_fuzz_execute harness from oss-fuzz. This crash happens on file jv.c, line 1456 `void* p = malloc(sz); (CVE-2025-48060) Top-level jq programs loaded from a file with -f are truncated at the first embedded NUL byte on current upstream HEAD. A crafted filter file such as . followed by x00 and arbitrary suffix compiles and executes as only the prefix before the NUL. This leaves jq with a post-CVE-2026-33948 prefix/full-buffer mismatch on the compilation path even though the JSON parser path has already been fixed. (CVE-2026-41256) The ordinary module loader recurses without cycle detection when two otherwise valid modules include each other (CVE-2026-44777) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-23337 , CVE-2025-48060 , CVE-2026-32316 , CVE-2026-39979 , CVE-2026-33948 , CVE-2026-33947 , CVE-2026-39956 , CVE-2026-40164 Description An integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. (CVE-2024-23337) It was discovered that jq did not correctly handle certain string concatenations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2026-32316) It was discovered that jq did not correctly handle recursion in certain circumstances. An attacker could possibly use this issue to cause a denial of service. (CVE-2026-33947) It was discovered that jq did not correctly handle improperly terminated strings. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2026-33948) It was discovered that jq did not correctly handle checking certain variable types. An attacker could possibly use this issue to cause a denial of service or leak sensitive information. (CVE-2026-39956) It was discovered that jq did not correctly handle certain string formatting. An attacker could possibly use this issue to leak sensitive information or cause a denial of service. (CVE-2026-39979) It was discovered that jq used a fixed seed for hash table operations. An attacker could possibly use this issue to cause a denial of service. (CVE-2026-40164) A heap-buffer-overflow is present in function `jv_string_vfmt` in the jq_fuzz_execute harness from oss-fuzz. This crash happens on file jv.c, line 1456 `void* p = malloc(sz); (CVE-2025-48060) Top-level jq programs loaded from a file with -f are truncated at the first embedded NUL byte on current upstream HEAD. A crafted filter file such as . followed by x00 and arbitrary suffix compiles and executes as only the prefix before the NUL. This leaves jq with a post-CVE-2026-33948 prefix/full-buffer mismatch on the compilation path even though the JSON parser path has already been fixed. (CVE-2026-41256) The ordinary module loader recurses without cycle detection when two otherwise valid modules include each other (CVE-2026-44777) References
- https://bugs.mageia.org/show_bug.cgi?id=34443
- https://www.openwall.com/lists/oss-security/2026/04/15/8
- https://github.com/jqlang/jq/security/advisories/GHSA-q3h9-m34w-h76f
- https://github.com/jqlang/jq/security/advisories/GHSA-2hhh-px8h-355p
- https://github.com/jqlang/jq/security/advisories/GHSA-32cx-cvvh-2wj9
- https://github.com/jqlang/jq/security/advisories/GHSA-xwrw-4f8h-rjvg
- https://github.com/jqlang/jq/security/advisories/GHSA-6gc3-3g9p-xx28
- https://github.com/jqlang/jq/security/advisories/GHSA-wwj8-gxm6-jc29
- https://github.com/jqlang/jq/security/advisories/GHSA-gf4g-95wj-4q4r
- https://www.cve.org/CVERecord?id=CVE-2024-23337
- https://www.cve.org/CVERecord?id=CVE-2025-48060
- https://www.cve.org/CVERecord?id=CVE-2026-32316
- https://www.cve.org/CVERecord?id=CVE-2026-39979
- https://www.cve.org/CVERecord?id=CVE-2026-33948
- https://www.cve.org/CVERecord?id=CVE-2026-33947
- https://www.cve.org/CVERecord?id=CVE-2026-39956
- https://www.cve.org/CVERecord?id=CVE-2026-40164
- jq-1.6-3.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0187 - Updated tor packages fix security issues
Publication date: 10 Jun 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-4444 , CVE-2026-44597 , CVE-2026-44599 , CVE-2026-44600 , CVE-2026-44601 , CVE-2026-44602 , CVE-2026-44603 Description This update provides lots of security issues fixed by upstream since our current version. Please see the links for details. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-4444 , CVE-2026-44597 , CVE-2026-44599 , CVE-2026-44600 , CVE-2026-44601 , CVE-2026-44602 , CVE-2026-44603 Description This update provides lots of security issues fixed by upstream since our current version. Please see the links for details. References
- https://bugs.mageia.org/show_bug.cgi?id=35486
- https://gitlab.torproject.org/tpo/core/tor/-/blob/tor-0.4.8.25/ReleaseNotes?ref_type=tags#L5
- https://gitlab.torproject.org/tpo/core/tor/-/blob/tor-0.4.9.8/ReleaseNotes?ref_type=tags#L5
- https://www.cve.org/CVERecord?id=CVE-2025-4444
- https://www.cve.org/CVERecord?id=CVE-2026-44597
- https://www.cve.org/CVERecord?id=CVE-2026-44599
- https://www.cve.org/CVERecord?id=CVE-2026-44600
- https://www.cve.org/CVERecord?id=CVE-2026-44601
- https://www.cve.org/CVERecord?id=CVE-2026-44602
- https://www.cve.org/CVERecord?id=CVE-2026-44603
- tor-0.4.9.8-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0186 - Updated libxpm packages fix security vulnerability
Publication date: 10 Jun 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-4367 Description libXpm Out-of-bounds read in xpmNextWord(). (CVE-2026-4367) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-4367 Description libXpm Out-of-bounds read in xpmNextWord(). (CVE-2026-4367) References
- https://bugs.mageia.org/show_bug.cgi?id=35415
- https://www.openwall.com/lists/oss-security/2026/04/21/3
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/RVKVREGNUTRNFASWOP3IK7BSE3RXDHLZ/
- https://www.cve.org/CVERecord?id=CVE-2026-4367
- libxpm-3.5.15-1.2.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0185 - Updated minetest packages fix security vulnerabilities
Publication date: 10 Jun 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-40959 , CVE-2026-40960 Description Mod security sandbox escape. (CVE-2026-40959) HTTP API and insecure environment access control bypass. (CVE-2026-40960) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-40959 , CVE-2026-40960 Description Mod security sandbox escape. (CVE-2026-40959) HTTP API and insecure environment access control bypass. (CVE-2026-40960) References
- https://bugs.mageia.org/show_bug.cgi?id=35422
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2K6QTVDXSL7E72EYONNHDCY7I7LTD27B/
- https://lists.debian.org/debian-security-announce/2026/msg00127.html
- https://github.com/luanti-org/luanti/security/advisories/GHSA-g596-mf82-w8c3
- https://github.com/luanti-org/luanti/security/advisories/GHSA-22c4-238c-m5j4
- https://www.cve.org/CVERecord?id=CVE-2026-40959
- https://www.cve.org/CVERecord?id=CVE-2026-40960
- minetest-5.7.0-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0184 - Updated wireshark packages fix security vulnerabilities
Publication date: 10 Jun 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-11596 , CVE-2024-9781 , CVE-2025-11626 , CVE-2025-13499 , CVE-2025-13945 , CVE-2025-13946 , CVE-2025-1492 , CVE-2025-5601 , CVE-2025-9817 , CVE-2026-0960 , CVE-2026-5405 , CVE-2026-5653 , CVE-2026-6529 , CVE-2026-6530 , CVE-2026-6867 , CVE-2026-6868 , CVE-2026-6869 , CVE-2026-6870 , CVE-2026-7376 , CVE-2026-7378 , CVE-2026-7379 Description Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or the execution of arbitrary code. This update fixes the reported issue. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-11596 , CVE-2024-9781 , CVE-2025-11626 , CVE-2025-13499 , CVE-2025-13945 , CVE-2025-13946 , CVE-2025-1492 , CVE-2025-5601 , CVE-2025-9817 , CVE-2026-0960 , CVE-2026-5405 , CVE-2026-5653 , CVE-2026-6529 , CVE-2026-6530 , CVE-2026-6867 , CVE-2026-6868 , CVE-2026-6869 , CVE-2026-6870 , CVE-2026-7376 , CVE-2026-7378 , CVE-2026-7379 Description Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or the execution of arbitrary code. This update fixes the reported issue. References
- https://bugs.mageia.org/show_bug.cgi?id=33641
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/TDSVQBWNGPIXNB6DJ7GN3MKZXQIAMQNM/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7XDTIEL5AXYD7FSCLZTDTSH5DDELHHLL/
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/QKS4A6WNLC3Y3QRK3OCQ4MEHDXODKUI6/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D55JJLGZUIFAWMHEC7HM4552HI7FDQJE/
- https://lists.debian.org/debian-security-announce/2026/msg00160.html
- https://www.cve.org/CVERecord?id=CVE-2024-11596
- https://www.cve.org/CVERecord?id=CVE-2024-9781
- https://www.cve.org/CVERecord?id=CVE-2025-11626
- https://www.cve.org/CVERecord?id=CVE-2025-13499
- https://www.cve.org/CVERecord?id=CVE-2025-13945
- https://www.cve.org/CVERecord?id=CVE-2025-13946
- https://www.cve.org/CVERecord?id=CVE-2025-1492
- https://www.cve.org/CVERecord?id=CVE-2025-5601
- https://www.cve.org/CVERecord?id=CVE-2025-9817
- https://www.cve.org/CVERecord?id=CVE-2026-0960
- https://www.cve.org/CVERecord?id=CVE-2026-5405
- https://www.cve.org/CVERecord?id=CVE-2026-5653
- https://www.cve.org/CVERecord?id=CVE-2026-6529
- https://www.cve.org/CVERecord?id=CVE-2026-6530
- https://www.cve.org/CVERecord?id=CVE-2026-6867
- https://www.cve.org/CVERecord?id=CVE-2026-6868
- https://www.cve.org/CVERecord?id=CVE-2026-6869
- https://www.cve.org/CVERecord?id=CVE-2026-6870
- https://www.cve.org/CVERecord?id=CVE-2026-7376
- https://www.cve.org/CVERecord?id=CVE-2026-7378
- https://www.cve.org/CVERecord?id=CVE-2026-7379
- wireshark-4.0.17-1.2.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0183 - Updated freeciv packages fix security vulnerabilities
Publication date: 10 Jun 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-33250 Description CVE-2026-33250, freeciv crash with a stack overflow when receiving specially-crafted packets. A remote attacker can use this to take down any public server. A malicious server can use this to crash the game on the player's machine References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-33250 Description CVE-2026-33250, freeciv crash with a stack overflow when receiving specially-crafted packets. A remote attacker can use this to take down any public server. A malicious server can use this to crash the game on the player's machine References
- https://bugs.mageia.org/show_bug.cgi?id=35257
- https://lists.debian.org/debian-security-announce/2026/msg00082.html
- https://www.cve.org/CVERecord?id=CVE-2026-33250
- freeciv-3.0.7-1.2.mga9
Categorías: Actualizaciones de Seguridad
Mageia 10 Release Notes
Artwork: mageia-theme-extra information
← Older revision Revision as of 20:19, 9 June 2026 Line 65: Line 65: For the main screensavers, we have chosen an image size of 3840×2160 and the JXL format, allowing them to look great on modern 2K and even 4K monitors, while maintaining a disk space footprint similar to those included in Mageia 9, which used lower resolutions and the JPG format. For the main screensavers, we have chosen an image size of 3840×2160 and the JXL format, allowing them to look great on modern 2K and even 4K monitors, while maintaining a disk space footprint similar to those included in Mageia 9, which used lower resolutions and the JPG format. + +Remember that we have the {{prog|mageia-theme-extra}} package with some additional backgrounds including some of the previous signature backgrounds for mageia. == Major developments == == Major developments == Katnatek
Categorías: Wiki de Mageia
MGASA-2026-0182 - Updated ruby-net-ssh packages fix security vulnerabilities
Publication date: 09 Jun 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-48795 Description This update fixes CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack) , for ruby-net-ssh. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-48795 Description This update fixes CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack) , for ruby-net-ssh. References
- https://bugs.mageia.org/show_bug.cgi?id=32682
- https://github.com/net-ssh/net-ssh/blob/v7.3.0/CHANGES.txt
- https://github.com/net-ssh/net-ssh/compare/v7.0.1...v7.3.0
- https://www.openwall.com/lists/oss-security/2023/12/18/3
- https://www.openwall.com/lists/oss-security/2023/12/19/5
- https://www.openwall.com/lists/oss-security/2023/12/20/3
- https://www.cve.org/CVERecord?id=CVE-2023-48795
- ruby-net-ssh-7.3.0-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0181 - Updated suricata packages fix security vulnerabilities
Publication date: 09 Jun 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-45797 , CVE-2024-47187 , CVE-2024-47188 , CVE-2024-47522 , CVE-2024-45795 , CVE-2024-45796 , CVE-2024-55605 , CVE-2024-55626 , CVE-2024-55627 , CVE-2024-55628 , CVE-2024-55629 , CVE-2025-29916 , CVE-2025-29917 , CVE-2025-29918 Description Various security, performance, accuracy, and stability issues have been fixed, plus we have moved to a supported version. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-45797 , CVE-2024-47187 , CVE-2024-47188 , CVE-2024-47522 , CVE-2024-45795 , CVE-2024-45796 , CVE-2024-55605 , CVE-2024-55626 , CVE-2024-55627 , CVE-2024-55628 , CVE-2024-55629 , CVE-2025-29916 , CVE-2025-29917 , CVE-2025-29918 Description Various security, performance, accuracy, and stability issues have been fixed, plus we have moved to a supported version. References
- https://bugs.mageia.org/show_bug.cgi?id=33666
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WUPZOFSY4QOLJUU5AJZ7K6EES56A4KEN/
- https://forum.suricata.io/t/suricata-6-is-now-end-of-life-eol/4790
- https://forum.suricata.io/t/suricata-7-0-10-released/5522
- https://forum.suricata.io/t/suricata-7-0-9-released/5495
- https://forum.suricata.io/t/suricata-7-0-8-released/5137
- https://forum.suricata.io/t/suricata-7-0-7-released/4877
- https://www.cve.org/CVERecord?id=CVE-2024-45797
- https://www.cve.org/CVERecord?id=CVE-2024-47187
- https://www.cve.org/CVERecord?id=CVE-2024-47188
- https://www.cve.org/CVERecord?id=CVE-2024-47522
- https://www.cve.org/CVERecord?id=CVE-2024-45795
- https://www.cve.org/CVERecord?id=CVE-2024-45796
- https://www.cve.org/CVERecord?id=CVE-2024-55605
- https://www.cve.org/CVERecord?id=CVE-2024-55626
- https://www.cve.org/CVERecord?id=CVE-2024-55627
- https://www.cve.org/CVERecord?id=CVE-2024-55628
- https://www.cve.org/CVERecord?id=CVE-2024-55629
- https://www.cve.org/CVERecord?id=CVE-2025-29916
- https://www.cve.org/CVERecord?id=CVE-2025-29917
- https://www.cve.org/CVERecord?id=CVE-2025-29918
- suricata-7.0.10-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0180 - Updated packagekit packages fix security vulnerability
Publication date: 09 Jun 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-41651 Description PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root. (CVE-2026-41651) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-41651 Description PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root. (CVE-2026-41651) References
- https://bugs.mageia.org/show_bug.cgi?id=35428
- https://lists.debian.org/debian-security-announce/2026/msg00136.html
- https://www.openwall.com/lists/oss-security/2026/04/22/6
- https://lists.freedesktop.org/archives/packagekit/2026-April/026513.html
- https://github.com/PackageKit/PackageKit/security/advisories/GHSA-f55j-vvr9-69xv
- https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html
- https://www.cve.org/CVERecord?id=CVE-2026-41651
- packagekit-1.2.6-2.1.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2026-0034 - Updated unbound packages fix security vulnerabilities
Publication date: 09 Jun 2026
Type: bugfix
Affected Mageia releases : 9
CVE: CVE-2026-32792 , CVE-2026-33278 , CVE-2026-40622 , CVE-2026-41292 , CVE-2026-42534 , CVE-2026-42923 , CVE-2026-42944 , CVE-2026-42959 , CVE-2026-42960 , CVE-2026-44390 , CVE-2026-44608 Description Updated unbound packages fix various security vulnerabilities, one big critical (CVE-2026-33278) and concerning a possible remote code execution during DNSSEC validation. References
Type: bugfix
Affected Mageia releases : 9
CVE: CVE-2026-32792 , CVE-2026-33278 , CVE-2026-40622 , CVE-2026-41292 , CVE-2026-42534 , CVE-2026-42923 , CVE-2026-42944 , CVE-2026-42959 , CVE-2026-42960 , CVE-2026-44390 , CVE-2026-44608 Description Updated unbound packages fix various security vulnerabilities, one big critical (CVE-2026-33278) and concerning a possible remote code execution during DNSSEC validation. References
- https://bugs.mageia.org/show_bug.cgi?id=35561
- https://nlnetlabs.nl/projects/unbound/security-advisories/
- https://www.openwall.com/lists/oss-security/2026/05/20/5
- https://www.cve.org/CVERecord?id=CVE-2026-32792
- https://www.cve.org/CVERecord?id=CVE-2026-33278
- https://www.cve.org/CVERecord?id=CVE-2026-40622
- https://www.cve.org/CVERecord?id=CVE-2026-41292
- https://www.cve.org/CVERecord?id=CVE-2026-42534
- https://www.cve.org/CVERecord?id=CVE-2026-42923
- https://www.cve.org/CVERecord?id=CVE-2026-42944
- https://www.cve.org/CVERecord?id=CVE-2026-42959
- https://www.cve.org/CVERecord?id=CVE-2026-42960
- https://www.cve.org/CVERecord?id=CVE-2026-44390
- https://www.cve.org/CVERecord?id=CVE-2026-44608
- unbound-1.25.1-1.mga9
Categorías: Actualizaciones de Seguridad
QA ISO testers
For Qa team:: added doktor5000
← Older revision Revision as of 20:25, 7 June 2026 Line 129: Line 129: * Flavianoep - Flaviano Matos - pehteimoso-bugzilla at yahoo dot com * Flavianoep - Flaviano Matos - pehteimoso-bugzilla at yahoo dot com + +* doktor5000 - Florian Hubold - doktor5000 at arcor dot de Doktor5000
Categorías: Wiki de Mageia




