Actualizaciones de Seguridad
MGASA-2026-0081 - Updated thunderbird packages fix security vulnerabilities
Publication date: 02 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-59375 , CVE-2026-3889 , CVE-2026-4684 , CVE-2026-4685 , CVE-2026-4686 , CVE-2026-4687 , CVE-2026-4688 , CVE-2026-4689 , CVE-2026-4690 , CVE-2026-4691 , CVE-2026-4692 , CVE-2026-4693 , CVE-2026-4694 , CVE-2026-4695 , CVE-2026-4696 , CVE-2026-4697 , CVE-2026-4698 , CVE-2026-4699 , CVE-2026-4700 , CVE-2026-4701 , CVE-2026-4702 , CVE-2026-4704 , CVE-2026-4705 , CVE-2026-4706 , CVE-2026-4707 , CVE-2026-4708 , CVE-2026-4709 , CVE-2026-4710 , CVE-2026-4711 , CVE-2026-4712 , CVE-2026-4713 , CVE-2026-4714 , CVE-2026-4715 , CVE-2026-4716 , CVE-2026-4717 , CVE-2026-4718 , CVE-2026-4719 , CVE-2026-4720 , CVE-2026-4721 Description Denial-of-service in the XML component. (CVE-2025-59375) Spoofing issue in Thunderbird. (CVE-2026-3889) Race condition, use-after-free in the Graphics: WebRender component. (CVE-2026-4684) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4685) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4686) Sandbox escape due to incorrect boundary conditions in the Telemetry component. (CVE-2026-4687) Sandbox escape due to use-after-free in the Disability Access APIs component. (CVE-2026-4688) Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. (CVE-2026-4689) Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. (CVE-2026-4690) Use-after-free in the CSS Parsing and Computation component. (CVE-2026-4691) Sandbox escape in the Responsive Design Mode component. (CVE-2026-4692) Incorrect boundary conditions in the Audio/Video: Playback component. (CVE-2026-4693) Incorrect boundary conditions, integer overflow in the Graphics component. (CVE-2026-4694) Incorrect boundary conditions in the Audio/Video: Web Codecs component. (CVE-2026-4695) Use-after-free in the Layout: Text and Fonts component. (CVE-2026-4696) Incorrect boundary conditions in the Audio/Video: Web Codecs component. (CVE-2026-4697) JIT miscompilation in the JavaScript Engine: JIT component. (CVE-2026-4698) Incorrect boundary conditions in the Layout: Text and Fonts component. (CVE-2026-4699) Mitigation bypass in the Networking: HTTP component. (CVE-2026-4700) Use-after-free in the JavaScript Engine component. (CVE-2026-4701) JIT miscompilation in the JavaScript Engine component. (CVE-2026-4702) Denial-of-service in the WebRTC: Signaling component. (CVE-2026-4704) Undefined behavior in the WebRTC: Signaling component. (CVE-2026-4705) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4706) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4707) Incorrect boundary conditions in the Graphics component. (CVE-2026-4708) Incorrect boundary conditions in the Audio/Video: GMP component. (CVE-2026-4709) Incorrect boundary conditions in the Audio/Video component. (CVE-2026-4710) Use-after-free in the Widget: Cocoa component. (CVE-2026-4711) Information disclosure in the Widget: Cocoa component. (CVE-2026-4712) Incorrect boundary conditions in the Graphics component. (CVE-2026-4713) Incorrect boundary conditions in the Audio/Video component. (CVE-2026-4714) Uninitialized memory in the Graphics: Canvas2D component. (CVE-2026-4715) Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. (CVE-2026-4716) Privilege escalation in the Netmonitor component. (CVE-2026-4717) Undefined behavior in the WebRTC: Signaling component. (CVE-2026-4718) Incorrect boundary conditions in the Graphics: Text component. (CVE-2026-4719) Memory safety bugs fixed in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. (CVE-2026-4720) Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. (CVE-2026-4721) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-59375 , CVE-2026-3889 , CVE-2026-4684 , CVE-2026-4685 , CVE-2026-4686 , CVE-2026-4687 , CVE-2026-4688 , CVE-2026-4689 , CVE-2026-4690 , CVE-2026-4691 , CVE-2026-4692 , CVE-2026-4693 , CVE-2026-4694 , CVE-2026-4695 , CVE-2026-4696 , CVE-2026-4697 , CVE-2026-4698 , CVE-2026-4699 , CVE-2026-4700 , CVE-2026-4701 , CVE-2026-4702 , CVE-2026-4704 , CVE-2026-4705 , CVE-2026-4706 , CVE-2026-4707 , CVE-2026-4708 , CVE-2026-4709 , CVE-2026-4710 , CVE-2026-4711 , CVE-2026-4712 , CVE-2026-4713 , CVE-2026-4714 , CVE-2026-4715 , CVE-2026-4716 , CVE-2026-4717 , CVE-2026-4718 , CVE-2026-4719 , CVE-2026-4720 , CVE-2026-4721 Description Denial-of-service in the XML component. (CVE-2025-59375) Spoofing issue in Thunderbird. (CVE-2026-3889) Race condition, use-after-free in the Graphics: WebRender component. (CVE-2026-4684) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4685) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4686) Sandbox escape due to incorrect boundary conditions in the Telemetry component. (CVE-2026-4687) Sandbox escape due to use-after-free in the Disability Access APIs component. (CVE-2026-4688) Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. (CVE-2026-4689) Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. (CVE-2026-4690) Use-after-free in the CSS Parsing and Computation component. (CVE-2026-4691) Sandbox escape in the Responsive Design Mode component. (CVE-2026-4692) Incorrect boundary conditions in the Audio/Video: Playback component. (CVE-2026-4693) Incorrect boundary conditions, integer overflow in the Graphics component. (CVE-2026-4694) Incorrect boundary conditions in the Audio/Video: Web Codecs component. (CVE-2026-4695) Use-after-free in the Layout: Text and Fonts component. (CVE-2026-4696) Incorrect boundary conditions in the Audio/Video: Web Codecs component. (CVE-2026-4697) JIT miscompilation in the JavaScript Engine: JIT component. (CVE-2026-4698) Incorrect boundary conditions in the Layout: Text and Fonts component. (CVE-2026-4699) Mitigation bypass in the Networking: HTTP component. (CVE-2026-4700) Use-after-free in the JavaScript Engine component. (CVE-2026-4701) JIT miscompilation in the JavaScript Engine component. (CVE-2026-4702) Denial-of-service in the WebRTC: Signaling component. (CVE-2026-4704) Undefined behavior in the WebRTC: Signaling component. (CVE-2026-4705) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4706) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4707) Incorrect boundary conditions in the Graphics component. (CVE-2026-4708) Incorrect boundary conditions in the Audio/Video: GMP component. (CVE-2026-4709) Incorrect boundary conditions in the Audio/Video component. (CVE-2026-4710) Use-after-free in the Widget: Cocoa component. (CVE-2026-4711) Information disclosure in the Widget: Cocoa component. (CVE-2026-4712) Incorrect boundary conditions in the Graphics component. (CVE-2026-4713) Incorrect boundary conditions in the Audio/Video component. (CVE-2026-4714) Uninitialized memory in the Graphics: Canvas2D component. (CVE-2026-4715) Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. (CVE-2026-4716) Privilege escalation in the Netmonitor component. (CVE-2026-4717) Undefined behavior in the WebRTC: Signaling component. (CVE-2026-4718) Incorrect boundary conditions in the Graphics: Text component. (CVE-2026-4719) Memory safety bugs fixed in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. (CVE-2026-4720) Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. (CVE-2026-4721) References
- https://bugs.mageia.org/show_bug.cgi?id=35273
- https://www.thunderbird.net/en-US/thunderbird/140.9.0esr/releasenotes/
- https://www.mozilla.org/en-US/security/advisories/mfsa2026-24/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59375
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3889
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4684
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4685
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4686
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4687
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4688
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4689
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4690
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4691
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4692
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4693
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4694
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4695
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4696
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4697
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4698
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4699
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4700
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4701
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4702
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4704
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4705
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4706
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4707
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4708
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4709
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4710
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4711
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4712
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4713
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4714
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4715
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4716
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4717
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4718
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4719
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4720
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4721
- thunderbird-140.9.0-1.mga9
- thunderbird-l10n-140.9.0-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0080 - Updated nss & firefox packages fix security vulnerabilities
Publication date: 02 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-59375 , CVE-2026-4684 , CVE-2026-4685 , CVE-2026-4686 , CVE-2026-4687 , CVE-2026-4688 , CVE-2026-4689 , CVE-2026-4690 , CVE-2026-4691 , CVE-2026-4692 , CVE-2026-4693 , CVE-2026-4694 , CVE-2026-4695 , CVE-2026-4696 , CVE-2026-4697 , CVE-2026-4698 , CVE-2026-4699 , CVE-2026-4700 , CVE-2026-4701 , CVE-2026-4702 , CVE-2026-4704 , CVE-2026-4705 , CVE-2026-4706 , CVE-2026-4707 , CVE-2026-4708 , CVE-2026-4709 , CVE-2026-4710 , CVE-2026-4711 , CVE-2026-4712 , CVE-2026-4713 , CVE-2026-4714 , CVE-2026-4715 , CVE-2026-4716 , CVE-2026-4717 , CVE-2026-4718 , CVE-2026-4719 , CVE-2026-4720 , CVE-2026-4721 Description Denial-of-service in the XML component. (CVE-2025-59375) Race condition, use-after-free in the Graphics: WebRender component. (CVE-2026-4684) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4685) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4686) Sandbox escape due to incorrect boundary conditions in the Telemetry component. (CVE-2026-4687) Sandbox escape due to use-after-free in the Disability Access APIs component. (CVE-2026-4688) Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. (CVE-2026-4689) Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. (CVE-2026-4690) Use-after-free in the CSS Parsing and Computation component. (CVE-2026-4691) Sandbox escape in the Responsive Design Mode component. (CVE-2026-4692) Incorrect boundary conditions in the Audio/Video: Playback component. (CVE-2026-4693) Incorrect boundary conditions, integer overflow in the Graphics component. (CVE-2026-4694) Incorrect boundary conditions in the Audio/Video: Web Codecs component. (CVE-2026-4695) Use-after-free in the Layout: Text and Fonts component. (CVE-2026-4696) Incorrect boundary conditions in the Audio/Video: Web Codecs component. (CVE-2026-4697) JIT miscompilation in the JavaScript Engine: JIT component. (CVE-2026-4698) Incorrect boundary conditions in the Layout: Text and Fonts component. (CVE-2026-4699) Mitigation bypass in the Networking: HTTP component. (CVE-2026-4700) Use-after-free in the JavaScript Engine component. (CVE-2026-4701) JIT miscompilation in the JavaScript Engine component. (CVE-2026-4702) Denial-of-service in the WebRTC: Signaling component. (CVE-2026-4704) Undefined behavior in the WebRTC: Signaling component. (CVE-2026-4705) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4706) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4707) Incorrect boundary conditions in the Graphics component. (CVE-2026-4708) Incorrect boundary conditions in the Audio/Video: GMP component. (CVE-2026-4709) Incorrect boundary conditions in the Audio/Video component. (CVE-2026-4710) Use-after-free in the Widget: Cocoa component. (CVE-2026-4711) Information disclosure in the Widget: Cocoa component. (CVE-2026-4712) Incorrect boundary conditions in the Graphics component. (CVE-2026-4713) Incorrect boundary conditions in the Audio/Video component. (CVE-2026-4714) Uninitialized memory in the Graphics: Canvas2D component. (CVE-2026-4715) Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. (CVE-2026-4716) Privilege escalation in the Netmonitor component. (CVE-2026-4717) Undefined behavior in the WebRTC: Signaling component. (CVE-2026-4718) Incorrect boundary conditions in the Graphics: Text component. (CVE-2026-4719) Memory safety bugs fixed in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. (CVE-2026-4720) Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. (CVE-2026-4721) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-59375 , CVE-2026-4684 , CVE-2026-4685 , CVE-2026-4686 , CVE-2026-4687 , CVE-2026-4688 , CVE-2026-4689 , CVE-2026-4690 , CVE-2026-4691 , CVE-2026-4692 , CVE-2026-4693 , CVE-2026-4694 , CVE-2026-4695 , CVE-2026-4696 , CVE-2026-4697 , CVE-2026-4698 , CVE-2026-4699 , CVE-2026-4700 , CVE-2026-4701 , CVE-2026-4702 , CVE-2026-4704 , CVE-2026-4705 , CVE-2026-4706 , CVE-2026-4707 , CVE-2026-4708 , CVE-2026-4709 , CVE-2026-4710 , CVE-2026-4711 , CVE-2026-4712 , CVE-2026-4713 , CVE-2026-4714 , CVE-2026-4715 , CVE-2026-4716 , CVE-2026-4717 , CVE-2026-4718 , CVE-2026-4719 , CVE-2026-4720 , CVE-2026-4721 Description Denial-of-service in the XML component. (CVE-2025-59375) Race condition, use-after-free in the Graphics: WebRender component. (CVE-2026-4684) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4685) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4686) Sandbox escape due to incorrect boundary conditions in the Telemetry component. (CVE-2026-4687) Sandbox escape due to use-after-free in the Disability Access APIs component. (CVE-2026-4688) Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. (CVE-2026-4689) Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. (CVE-2026-4690) Use-after-free in the CSS Parsing and Computation component. (CVE-2026-4691) Sandbox escape in the Responsive Design Mode component. (CVE-2026-4692) Incorrect boundary conditions in the Audio/Video: Playback component. (CVE-2026-4693) Incorrect boundary conditions, integer overflow in the Graphics component. (CVE-2026-4694) Incorrect boundary conditions in the Audio/Video: Web Codecs component. (CVE-2026-4695) Use-after-free in the Layout: Text and Fonts component. (CVE-2026-4696) Incorrect boundary conditions in the Audio/Video: Web Codecs component. (CVE-2026-4697) JIT miscompilation in the JavaScript Engine: JIT component. (CVE-2026-4698) Incorrect boundary conditions in the Layout: Text and Fonts component. (CVE-2026-4699) Mitigation bypass in the Networking: HTTP component. (CVE-2026-4700) Use-after-free in the JavaScript Engine component. (CVE-2026-4701) JIT miscompilation in the JavaScript Engine component. (CVE-2026-4702) Denial-of-service in the WebRTC: Signaling component. (CVE-2026-4704) Undefined behavior in the WebRTC: Signaling component. (CVE-2026-4705) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4706) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4707) Incorrect boundary conditions in the Graphics component. (CVE-2026-4708) Incorrect boundary conditions in the Audio/Video: GMP component. (CVE-2026-4709) Incorrect boundary conditions in the Audio/Video component. (CVE-2026-4710) Use-after-free in the Widget: Cocoa component. (CVE-2026-4711) Information disclosure in the Widget: Cocoa component. (CVE-2026-4712) Incorrect boundary conditions in the Graphics component. (CVE-2026-4713) Incorrect boundary conditions in the Audio/Video component. (CVE-2026-4714) Uninitialized memory in the Graphics: Canvas2D component. (CVE-2026-4715) Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. (CVE-2026-4716) Privilege escalation in the Netmonitor component. (CVE-2026-4717) Undefined behavior in the WebRTC: Signaling component. (CVE-2026-4718) Incorrect boundary conditions in the Graphics: Text component. (CVE-2026-4719) Memory safety bugs fixed in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. (CVE-2026-4720) Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. (CVE-2026-4721) References
- https://bugs.mageia.org/show_bug.cgi?id=35272
- https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_122.html
- https://www.firefox.com/en-US/firefox/140.9.0/releasenotes/
- https://www.mozilla.org/en-US/security/advisories/mfsa2026-22/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59375
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4684
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4685
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4686
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4687
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4688
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4689
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4690
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4691
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4692
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4693
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4694
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4695
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4696
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4697
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4698
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4699
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4700
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4701
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4702
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4704
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4705
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4706
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4707
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4708
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4709
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4710
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4711
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4712
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4713
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4714
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4715
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4716
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4717
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4718
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4719
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4720
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4721
- nss-3.122.0-1.mga9
- firefox-140.9.0-1.mga9
- firefox-l10n-140.9.0-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0079 - Updated python-ply packages fix security vulnerability
Publication date: 31 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-56005 Description Unsafe pickle file handling in Ply. (CVE-2025-56005) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-56005 Description Unsafe pickle file handling in Ply. (CVE-2025-56005) References
- https://bugs.mageia.org/show_bug.cgi?id=35294
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHEPCPZY7AYJOCFYA65AKYXVQ5H5GOMT/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-56005
- python-ply-3.11-8.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0078 - Updated freeipmi packages fix security vulnerability
Publication date: 31 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-33554 Description ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response messages. (CVE-2026-33554) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-33554 Description ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response messages. (CVE-2026-33554) References
- https://bugs.mageia.org/show_bug.cgi?id=35293
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/CMUSXA2JYCKVIWVK4S4VIC7PKTX2BCXY/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33554
- freeipmi-1.6.10-2.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0077 - Updated vim packages fix security vulnerability
Publication date: 31 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-34714 Description Vim tabpanel modeline escape affects Vim < 9.2.0272. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-34714 Description Vim tabpanel modeline escape affects Vim < 9.2.0272. References
- https://bugs.mageia.org/show_bug.cgi?id=35292
- https://www.openwall.com/lists/oss-security/2026/03/30/3
- https://github.com/vim/vim/security/advisories/GHSA-2gmj-rpqf-pxvh
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34714
- vim-9.2.272-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0076 - Updated zlib packages fix security vulnerability
Publication date: 31 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-27171 Description zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition. (CVE-2026-27171) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-27171 Description zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition. (CVE-2026-27171) References
- https://bugs.mageia.org/show_bug.cgi?id=35291
- https://bugzilla.redhat.com/show_bug.cgi?id=2440530
- https://ubuntu.com/security/CVE-2026-27171
- https://security-tracker.debian.org/tracker/CVE-2026-27171
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27171
- zlib-1.2.13-1.4.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0075 - Updated ruby-rack packages fix security vulnerabilities
Publication date: 31 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-22860 , CVE-2026-25500 Description Rack has a Directory Traversal via Rack:Directory. (CVE-2026-22860) Rack's Stored XSS in Rack::Directory via javascript: filenames rendered into anchor href. (CVE-2026-25500) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-22860 , CVE-2026-25500 Description Rack has a Directory Traversal via Rack:Directory. (CVE-2026-22860) Rack's Stored XSS in Rack::Directory via javascript: filenames rendered into anchor href. (CVE-2026-25500) References
- https://bugs.mageia.org/show_bug.cgi?id=35285
- https://lists.debian.org/debian-security-announce/2026/msg00089.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22860
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25500
- ruby-rack-2.2.22-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0074 - Updated python-openssl packages fix security vulnerabilities
Publication date: 31 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-27448 , CVE-2026-27459 Description pyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback. (CVE-2026-27448) pyOpenSSL DTLS cookie callback buffer overflow. (CVE-2026-27459) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-27448 , CVE-2026-27459 Description pyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback. (CVE-2026-27448) pyOpenSSL DTLS cookie callback buffer overflow. (CVE-2026-27459) References
- https://bugs.mageia.org/show_bug.cgi?id=35254
- https://www.openwall.com/lists/oss-security/2026/03/20/5
- https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4
- https://github.com/pyca/pyopenssl/security/advisories/GHSA-vp96-hxj8-p424
- https://ubuntu.com/security/notices/USN-8115-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27448
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27459
- python-openssl-23.0.0-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2026-0024 - Updated zynaddsubfx packages fix bug
Publication date: 31 Mar 2026
Type: bugfix
Affected Mageia releases : 9
Description The application crashes whe you try to refresh bank list. This update fixes the reported issue. References SRPMS 9/core
Type: bugfix
Affected Mageia releases : 9
Description The application crashes whe you try to refresh bank list. This update fixes the reported issue. References SRPMS 9/core
- zynaddsubfx-3.0.6-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2026-0023 - Updated kodi packages fix bug
Publication date: 31 Mar 2026
Type: bugfix
Affected Mageia releases : 9
Description If kodi-pvr-iptvsimple is installed, kodi updates could break, this includes Mageia 9 to Cauldron upgrades. This update fixes the reported issue. References SRPMS 9/core
Type: bugfix
Affected Mageia releases : 9
Description If kodi-pvr-iptvsimple is installed, kodi updates could break, this includes Mageia 9 to Cauldron upgrades. This update fixes the reported issue. References SRPMS 9/core
- kodi-20.4-1.3.mga9
- kodi-20.4-1.3.mga9.tainted
Categorías: Actualizaciones de Seguridad
MGASA-2026-0073 - Updated python-ujson packages fix security vulnerabilities
Publication date: 29 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-32874 , CVE-2026-32875 Description CVE-2026-32874 ujson 5.4.0 to 5.11.0 inclusive contains an accumulating memory leak in JSON parsing large (outside of the range [-2^63, 2^64 - 1]) integers. ujson 5.4.0 to 5.11.0 has an integer overflow while handling a large indent which leads to a buffer overflow or infinite loop. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-32874 , CVE-2026-32875 Description CVE-2026-32874 ujson 5.4.0 to 5.11.0 inclusive contains an accumulating memory leak in JSON parsing large (outside of the range [-2^63, 2^64 - 1]) integers. ujson 5.4.0 to 5.11.0 has an integer overflow while handling a large indent which leads to a buffer overflow or infinite loop. References
- https://bugs.mageia.org/show_bug.cgi?id=35258
- https://github.com/ultrajson/ultrajson/security/advisories/GHSA-wgvc-ghv9-3pmm
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FAXR2DP4Q5GMDURV7CAFQ5YGYAOMVNL/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32874
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32875
- python-ujson-5.7.0-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0072 - Updated strongswan packages fix security vulnerability
Publication date: 29 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-25075 Description strongSwan 4.5.0 < 6.0.5 EAP-TTLS AVP Parsing Integer Underflow. (CVE-2026-25075) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-25075 Description strongSwan 4.5.0 < 6.0.5 EAP-TTLS AVP Parsing Integer Underflow. (CVE-2026-25075) References
- https://bugs.mageia.org/show_bug.cgi?id=35265
- https://lists.debian.org/debian-security-announce/2026/msg00085.html
- https://ubuntu.com/security/notices/USN-8117-1
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/WWO45DS2P5I7KBXXZSDAS4ECX6DR3NYJ/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25075
- strongswan-5.9.14-1.2.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0071 - Updated nodejs packages fix security vulnerabilities
Publication date: 28 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-21637 , CVE-2026-21710 , CVE-2026-21713 , CVE-2026-21714 , CVE-2026-21715 , CVE-2026-21716 , CVE-2026-21717 Description Incomplete fix for CVE-2026-21637: loadSNI() in _tls_wrap.js lacks try/catch leading to Remote DoS. (CVE-2026-21637) Denial of Service via __proto__ header name in req.headersDistinct (Uncaught TypeError crashes Node.js process). (CVE-2026-21710) Timing side-channel in HMAC verification via memcmp() in crypto_hmac.cc leads to potential MAC forgery. (CVE-2026-21713) Memory leak in Node.js HTTP/2 server via WINDOW_UPDATE on stream 0 leads to resource exhaustion. (CVE-2026-21714) Permission Model Bypass in realpathSync.native Allows File Existence Disclosure. (CVE-2026-21715) CVE-2024-36137 Patch Bypass - FileHandle.chmod/chown. (CVE-2026-21716) HashDoS in V8. (CVE-2026-21717) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-21637 , CVE-2026-21710 , CVE-2026-21713 , CVE-2026-21714 , CVE-2026-21715 , CVE-2026-21716 , CVE-2026-21717 Description Incomplete fix for CVE-2026-21637: loadSNI() in _tls_wrap.js lacks try/catch leading to Remote DoS. (CVE-2026-21637) Denial of Service via __proto__ header name in req.headersDistinct (Uncaught TypeError crashes Node.js process). (CVE-2026-21710) Timing side-channel in HMAC verification via memcmp() in crypto_hmac.cc leads to potential MAC forgery. (CVE-2026-21713) Memory leak in Node.js HTTP/2 server via WINDOW_UPDATE on stream 0 leads to resource exhaustion. (CVE-2026-21714) Permission Model Bypass in realpathSync.native Allows File Existence Disclosure. (CVE-2026-21715) CVE-2024-36137 Patch Bypass - FileHandle.chmod/chown. (CVE-2026-21716) HashDoS in V8. (CVE-2026-21717) References
- https://bugs.mageia.org/show_bug.cgi?id=35270
- https://nodejs.org/en/blog/vulnerability/march-2026-security-releases
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21637
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21710
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21713
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21714
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21715
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21716
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21717
- nodejs-22.22.2-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0070 - Updated libpng packages fix security vulnerabilities
Publication date: 28 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-33416 , CVE-2026-33636 Description Use-after-free via pointer aliasing in png_set_tRNS and png_set_PLTE. (CVE-2026-33416) Out-of-bounds read/write in the palette expansion on ARM Neon. (CVE-2026-33636) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-33416 , CVE-2026-33636 Description Use-after-free via pointer aliasing in png_set_tRNS and png_set_PLTE. (CVE-2026-33416) Out-of-bounds read/write in the palette expansion on ARM Neon. (CVE-2026-33636) References
- https://bugs.mageia.org/show_bug.cgi?id=35279
- https://www.openwall.com/lists/oss-security/2026/03/26/1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33416
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33636
- libpng-1.6.38-1.5.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0069 - Updated cmake packages fix security vulnerability
Publication date: 27 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-9301 Description cmake cmForEachCommand.cxx ReplayItems assertion. (CVE-2025-9301 References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-9301 Description cmake cmForEachCommand.cxx ReplayItems assertion. (CVE-2025-9301 References
- https://bugs.mageia.org/show_bug.cgi?id=35263
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LRYGBCSAOIXW3H7GXSATU2RXSYBKTGFL/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9301
- cmake-3.26.4-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0068 - Updated xen packages fix security vulnerability
Publication date: 25 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-23554 Description Use after free of paging structures in EPT. (CVE-2026-23554) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-23554 Description Use after free of paging structures in EPT. (CVE-2026-23554) References
- https://bugs.mageia.org/show_bug.cgi?id=35222
- https://www.openwall.com/lists/oss-security/2026/03/17/6
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23554
- xen-4.17.5-1.git20251028.3.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0067 - Updated graphicsmagick packages fix security vulnerabilities
Publication date: 25 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-28690 , CVE-2026-30883 Description GraphicsMagick has a stack write buffer overflow in MNG encoder. (CVE-2026-28690) GraphicsMagick has a Heap Overflow when writing extremely large image profile in the PNG encoder. (CVE-2026-30883) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-28690 , CVE-2026-30883 Description GraphicsMagick has a stack write buffer overflow in MNG encoder. (CVE-2026-28690) GraphicsMagick has a Heap Overflow when writing extremely large image profile in the PNG encoder. (CVE-2026-30883) References
- https://bugs.mageia.org/show_bug.cgi?id=35256
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/UHRHM3VZ5CG6TQ5X4EQBR77LTWVJJQVY/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28690
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-30883
- graphicsmagick-1.3.40-1.4.mga9
- graphicsmagick-1.3.40-1.4.mga9.tainted
Categorías: Actualizaciones de Seguridad
MGASA-2026-0066 - Updated trilead-ssh2 packages fix security vulnerabilities
Publication date: 24 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-48795 Description CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity aka Terrapin Attack References
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-48795 Description CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity aka Terrapin Attack References
- https://bugs.mageia.org/show_bug.cgi?id=32676
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795
- trilead-ssh2-217-8.jenkins293.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0065 - Updated roundcubemail packages fix security vulnerabilities
Publication date: 24 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-25916 , CVE-2026-26079 Description Fix pre-auth arbitrary file write via unsafe deserialization in redis/memcache session handler, reported by y0us. Fix bug where a password could get changed without providing the old password, reported by flydragon777. Fix IMAP Injection + CSRF bypass in mail search, reported by Martila Security Research Team. Fix remote image blocking bypass via various SVG animate attributes, reported by nullcathedral. Fix remote image blocking bypass via a crafted body background attribute, reported by nullcathedral. Fix fixed position mitigation bypass via use of !important, reported by nullcathedral. Fix XSS issue in a HTML attachment preview, reported by aikido_security. Fix SSRF + Information Disclosure via stylesheet links to a local network hosts, reported by Georgios Tsimpidas (aka Frey), Security Researcher at https://i0.rs/. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-25916 , CVE-2026-26079 Description Fix pre-auth arbitrary file write via unsafe deserialization in redis/memcache session handler, reported by y0us. Fix bug where a password could get changed without providing the old password, reported by flydragon777. Fix IMAP Injection + CSRF bypass in mail search, reported by Martila Security Research Team. Fix remote image blocking bypass via various SVG animate attributes, reported by nullcathedral. Fix remote image blocking bypass via a crafted body background attribute, reported by nullcathedral. Fix fixed position mitigation bypass via use of !important, reported by nullcathedral. Fix XSS issue in a HTML attachment preview, reported by aikido_security. Fix SSRF + Information Disclosure via stylesheet links to a local network hosts, reported by Georgios Tsimpidas (aka Frey), Security Researcher at https://i0.rs/. References
- https://bugs.mageia.org/show_bug.cgi?id=35237
- https://github.com/roundcube/roundcubemail/releases/tag/1.6.14
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25916
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26079
- roundcubemail-1.6.14-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0064 - Updated webkit2 packages fix security vulnerabilities
Publication date: 24 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-43457 , CVE-2026-20608 , CVE-2026-20635 , CVE-2026-20636 , CVE-2026-20644 , CVE-2026-20652 , CVE-2026-20676 Description CVE-2025-43457 Processing maliciously crafted web content may lead to an unexpected Safari crash. A use-after-free issue was addressed with improved memory management. CVE-2026-20608 Processing maliciously crafted web content may lead to an unexpected process crash. This issue was addressed through improved state management. CVE-2026-20635 Processing maliciously crafted web content may lead to an unexpected process crash. The issue was addressed with improved memory handling. CVE-2026-20636 Processing maliciously crafted web content may lead to an unexpected process crash. The issue was addressed with improved memory handling. CVE-2026-20644 Processing maliciously crafted web content may lead to an unexpected process crash. The issue was addressed with improved memory handling. CVE-2026-20652 A remote attacker may be able to cause a denial-of-service. The issue was addressed with improved memory handling. CVE-2026-20676 A website may be able to track users through Safari web extensions. This issue was addressed through improved state management. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-43457 , CVE-2026-20608 , CVE-2026-20635 , CVE-2026-20636 , CVE-2026-20644 , CVE-2026-20652 , CVE-2026-20676 Description CVE-2025-43457 Processing maliciously crafted web content may lead to an unexpected Safari crash. A use-after-free issue was addressed with improved memory management. CVE-2026-20608 Processing maliciously crafted web content may lead to an unexpected process crash. This issue was addressed through improved state management. CVE-2026-20635 Processing maliciously crafted web content may lead to an unexpected process crash. The issue was addressed with improved memory handling. CVE-2026-20636 Processing maliciously crafted web content may lead to an unexpected process crash. The issue was addressed with improved memory handling. CVE-2026-20644 Processing maliciously crafted web content may lead to an unexpected process crash. The issue was addressed with improved memory handling. CVE-2026-20652 A remote attacker may be able to cause a denial-of-service. The issue was addressed with improved memory handling. CVE-2026-20676 A website may be able to track users through Safari web extensions. This issue was addressed through improved state management. References
- https://bugs.mageia.org/show_bug.cgi?id=35228
- https://webkitgtk.org/2026/03/12/webkitgtk2.50.6-released.html
- https://webkitgtk.org/security/WSA-2026-0001.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43457
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20608
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20635
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20636
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20644
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20652
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20676
- webkit2-2.50.6-1.mga9
Categorías: Actualizaciones de Seguridad
