Lector de Feeds
MGASA-2026-0086 - Updated freerdp packages fix security vulnerabilities
Publication date: 06 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-22852 , CVE-2026-22854 , CVE-2026-22855 , CVE-2026-22856 , CVE-2026-22857 , CVE-2026-22859 , CVE-2026-23732 , CVE-2026-23883 , CVE-2026-23884 , CVE-2026-24491 , CVE-2026-26271 , CVE-2026-26955 , CVE-2026-26965 , CVE-2026-31806 , CVE-2026-31883 , CVE-2026-31885 Description FreeRDP has a heap-buffer-overflow in audin_process_formats. (CVE-2026-22852) FreeRDP has a heap-buffer-overflow in drive_process_irp_read. (CVE-2026-22854) FreeRDP has a heap-buffer-overflow in smartcard_unpack_set_attrib_call. (CVE-2026-22855) FreeRDP has a heap-use-after-free in create_irp_thread. (CVE-2026-22856) FreeRDP has a heap-use-after-free in irp_thread_func. (CVE-2026-22857) FreeRDP has a heap-buffer-overflow in urb_select_configuration. (CVE-2026-22859) FreeRDP has heap-buffer-overflow in Glyph_Alloc. (CVE-2026-23732) Heap-use-after-free in update_pointer_new. (CVE-2026-23883) Heap-use-after-free in gdi_set_bounds. (CVE-2026-23884) FreeRDP has a heap-use-after-free in video_timer. (CVE-2026-24491) Buffer Overread in FreeRDP Icon Processing. (CVE-2026-26271) FreeRDP has Out-of-bounds Write. (CVE-2026-26955, CVE-2026-26965) FreeRDP has a Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions. (CVE-2026-31806) FreeRDP has a `size_t` underflow in ADPCM decoder leads to heap-buffer-overflow write. (CVE-2026-31883) FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks. (CVE-2026-31885) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-22852 , CVE-2026-22854 , CVE-2026-22855 , CVE-2026-22856 , CVE-2026-22857 , CVE-2026-22859 , CVE-2026-23732 , CVE-2026-23883 , CVE-2026-23884 , CVE-2026-24491 , CVE-2026-26271 , CVE-2026-26955 , CVE-2026-26965 , CVE-2026-31806 , CVE-2026-31883 , CVE-2026-31885 Description FreeRDP has a heap-buffer-overflow in audin_process_formats. (CVE-2026-22852) FreeRDP has a heap-buffer-overflow in drive_process_irp_read. (CVE-2026-22854) FreeRDP has a heap-buffer-overflow in smartcard_unpack_set_attrib_call. (CVE-2026-22855) FreeRDP has a heap-use-after-free in create_irp_thread. (CVE-2026-22856) FreeRDP has a heap-use-after-free in irp_thread_func. (CVE-2026-22857) FreeRDP has a heap-buffer-overflow in urb_select_configuration. (CVE-2026-22859) FreeRDP has heap-buffer-overflow in Glyph_Alloc. (CVE-2026-23732) Heap-use-after-free in update_pointer_new. (CVE-2026-23883) Heap-use-after-free in gdi_set_bounds. (CVE-2026-23884) FreeRDP has a heap-use-after-free in video_timer. (CVE-2026-24491) Buffer Overread in FreeRDP Icon Processing. (CVE-2026-26271) FreeRDP has Out-of-bounds Write. (CVE-2026-26955, CVE-2026-26965) FreeRDP has a Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions. (CVE-2026-31806) FreeRDP has a `size_t` underflow in ADPCM decoder leads to heap-buffer-overflow write. (CVE-2026-31883) FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks. (CVE-2026-31885) References
- https://bugs.mageia.org/show_bug.cgi?id=35141
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/F2VLQU7USVAQ733RYB7II6KGZB3FG2KW/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HAYMD62GFPCFHGN6JPLMCVJHP3SKINMW/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J3QGQZQS6664TXPPYGBP7673W2JAXG4K/
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/34ABPSLQFVRGFKDSR5ZEDKG5UH6KIBCA/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22852
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22854
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22855
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22856
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22857
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22859
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23732
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23883
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23884
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24491
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26271
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26955
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26965
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31806
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31883
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31885
- freerdp-2.11.7-1.3.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0085 - Updated polkit-122 packages fix security vulnerability
Publication date: 06 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-4897 Description Denial of service via unbounded input processing through standard input. (CVE-2026-4897) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-4897 Description Denial of service via unbounded input processing through standard input. (CVE-2026-4897) References
- https://bugs.mageia.org/show_bug.cgi?id=35303
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOQZ5PSNKYLZPW6FHB2MTGHOYDTRJHLV/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4897
- polkit-122-2.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0084 - Updated xz packages fix security vulnerability
Publication date: 06 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-34743 Description Buffer overflow in lzma_index_append(). (CVE-2026-34743) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-34743 Description Buffer overflow in lzma_index_append(). (CVE-2026-34743) References
- https://bugs.mageia.org/show_bug.cgi?id=35307
- https://www.openwall.com/lists/oss-security/2026/03/31/13
- https://tukaani.org/xz/index-append-overflow.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34743
- xz-5.4.3-1.2.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0083 - Updated vim packages fix security vulnerabilities
Publication date: 06 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-34982 , CVE-2026-35177 Description Vim modeline bypass via various options affects Vim < 9.2.0276. (CVE-2026-34982) Path traversal issue with zip.vim in Vim < v9.2.0280. (CVE-2026-35177) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-34982 , CVE-2026-35177 Description Vim modeline bypass via various options affects Vim < 9.2.0276. (CVE-2026-34982) Path traversal issue with zip.vim in Vim < v9.2.0280. (CVE-2026-35177) References
- https://bugs.mageia.org/show_bug.cgi?id=35308
- https://www.openwall.com/lists/oss-security/2026/03/31/14
- https://www.openwall.com/lists/oss-security/2026/04/01/1
- https://github.com/vim/vim/security/advisories/GHSA-8h6p-m6gr-mpw9
- https://www.openwall.com/lists/oss-security/2026/04/01/4
- https://github.com/vim/vim/security/advisories/GHSA-jc86-w7vm-8p24
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34982
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35177
- vim-9.2.280-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0082 - Updated python-nltk packages fix security vulnerability
Publication date: 06 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-33230 Description nltk Vulnerable to Cross-site Scripting. (CVE-2026-33230) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-33230 Description nltk Vulnerable to Cross-site Scripting. (CVE-2026-33230) References
- https://bugs.mageia.org/show_bug.cgi?id=35314
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/Z36Q44HZY76RE7YZX5B55777UQB6MPEI/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33230
- python-nltk-3.9.4-1.mga9
Categorías: Actualizaciones de Seguridad
