Lector de Feeds

MGASA-2026-0089 - Updated roundcubemail packages fix security vulnerability

Mageia Security - 7 Abril, 2026 - 22:50
Publication date: 07 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-35545 Description SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke And some regressions from the last fix are fixed. References SRPMS 9/core
  • roundcubemail-1.6.15-1.mga9

MGASA-2026-0088 - Updated tigervnc packages fix security vulnerability

Mageia Security - 7 Abril, 2026 - 22:50
Publication date: 07 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-34352 Description In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions. (CVE-2026-34352) References SRPMS 9/core
  • tigervnc-1.13.1-2.10.mga9

MGASA-2026-0086 - Updated freerdp packages fix security vulnerabilities

Mageia Security - 6 Abril, 2026 - 18:35
Publication date: 06 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-22852 , CVE-2026-22854 , CVE-2026-22855 , CVE-2026-22856 , CVE-2026-22857 , CVE-2026-22859 , CVE-2026-23732 , CVE-2026-23883 , CVE-2026-23884 , CVE-2026-24491 , CVE-2026-26271 , CVE-2026-26955 , CVE-2026-26965 , CVE-2026-31806 , CVE-2026-31883 , CVE-2026-31885 Description FreeRDP has a heap-buffer-overflow in audin_process_formats. (CVE-2026-22852) FreeRDP has a heap-buffer-overflow in drive_process_irp_read. (CVE-2026-22854) FreeRDP has a heap-buffer-overflow in smartcard_unpack_set_attrib_call. (CVE-2026-22855) FreeRDP has a heap-use-after-free in create_irp_thread. (CVE-2026-22856) FreeRDP has a heap-use-after-free in irp_thread_func. (CVE-2026-22857) FreeRDP has a heap-buffer-overflow in urb_select_configuration. (CVE-2026-22859) FreeRDP has heap-buffer-overflow in Glyph_Alloc. (CVE-2026-23732) Heap-use-after-free in update_pointer_new. (CVE-2026-23883) Heap-use-after-free in gdi_set_bounds. (CVE-2026-23884) FreeRDP has a heap-use-after-free in video_timer. (CVE-2026-24491) Buffer Overread in FreeRDP Icon Processing. (CVE-2026-26271) FreeRDP has Out-of-bounds Write. (CVE-2026-26955, CVE-2026-26965) FreeRDP has a Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions. (CVE-2026-31806) FreeRDP has a `size_t` underflow in ADPCM decoder leads to heap-buffer-overflow write. (CVE-2026-31883) FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks. (CVE-2026-31885) References SRPMS 9/core
  • freerdp-2.11.7-1.3.mga9

MGASA-2026-0085 - Updated polkit-122 packages fix security vulnerability

Mageia Security - 6 Abril, 2026 - 18:35
Publication date: 06 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-4897 Description Denial of service via unbounded input processing through standard input. (CVE-2026-4897) References SRPMS 9/core
  • polkit-122-2.1.mga9

MGASA-2026-0084 - Updated xz packages fix security vulnerability

Mageia Security - 6 Abril, 2026 - 18:35
Publication date: 06 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-34743 Description Buffer overflow in lzma_index_append(). (CVE-2026-34743) References SRPMS 9/core
  • xz-5.4.3-1.2.mga9

MGASA-2026-0082 - Updated python-nltk packages fix security vulnerability

Mageia Security - 6 Abril, 2026 - 18:35
Publication date: 06 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-33230 Description nltk Vulnerable to Cross-site Scripting. (CVE-2026-33230) References SRPMS 9/core
  • python-nltk-3.9.4-1.mga9
Feed