Principal » Lector de Feeds » Categorías

Actualizaciones de Seguridad

MGASA-2026-0108 - Updated kernel, kmod-virtualbox & kmod-xtables-addons packages fix security vulnerabilities

Mageia Security - 4 Mayo, 2026 - 17:05
Publication date: 04 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-23414 , CVE-2026-31408 , CVE-2026-31414 , CVE-2026-31415 , CVE-2026-31416 , CVE-2026-31417 , CVE-2026-31418 , CVE-2026-31421 , CVE-2026-31422 , CVE-2026-31423 , CVE-2026-31424 , CVE-2026-31425 , CVE-2026-31426 , CVE-2026-31427 , CVE-2026-31428 , CVE-2026-31430 , CVE-2026-31431 , CVE-2026-31433 , CVE-2026-31434 , CVE-2026-31439 , CVE-2026-31441 , CVE-2026-31444 , CVE-2026-31446 , CVE-2026-31447 , CVE-2026-31448 , CVE-2026-31450 , CVE-2026-31451 , CVE-2026-31452 , CVE-2026-31453 , CVE-2026-31454 , CVE-2026-31455 , CVE-2026-31458 , CVE-2026-31464 , CVE-2026-31466 , CVE-2026-31467 , CVE-2026-31469 , CVE-2026-31473 , CVE-2026-31474 , CVE-2026-31476 , CVE-2026-31477 , CVE-2026-31478 , CVE-2026-31480 , CVE-2026-31482 , CVE-2026-31483 , CVE-2026-31485 , CVE-2026-31492 , CVE-2026-31494 , CVE-2026-31495 , CVE-2026-31496 , CVE-2026-31497 , CVE-2026-31498 , CVE-2026-31500 , CVE-2026-31503 , CVE-2026-31504 , CVE-2026-31507 , CVE-2026-31508 , CVE-2026-31509 , CVE-2026-31510 , CVE-2026-31512 , CVE-2026-31515 , CVE-2026-31518 , CVE-2026-31519 , CVE-2026-31520 , CVE-2026-31521 , CVE-2026-31522 , CVE-2026-31523 , CVE-2026-31524 , CVE-2026-31525 , CVE-2026-31528 , CVE-2026-31533 , CVE-2026-31555 , CVE-2026-31563 , CVE-2026-31565 , CVE-2026-31566 , CVE-2026-31570 , CVE-2026-31628 , CVE-2026-31634 , CVE-2026-31637 , CVE-2026-31638 , CVE-2026-31639 , CVE-2026-31642 , CVE-2026-31646 , CVE-2026-31648 , CVE-2026-31649 , CVE-2026-31651 , CVE-2026-31655 , CVE-2026-31656 , CVE-2026-31657 , CVE-2026-31658 , CVE-2026-31659 , CVE-2026-31660 , CVE-2026-31661 , CVE-2026-31662 , CVE-2026-31664 , CVE-2026-31665 , CVE-2026-31667 , CVE-2026-31668 , CVE-2026-31669 , CVE-2026-31670 , CVE-2026-31671 , CVE-2026-31672 , CVE-2026-31674 , CVE-2026-31675 , CVE-2026-31678 , CVE-2026-31679 , CVE-2026-31680 , CVE-2026-31682 , CVE-2026-31686 , CVE-2026-31689 , CVE-2026-31694 , CVE-2026-31695 , CVE-2026-31696 , CVE-2026-31697 , CVE-2026-31698 , CVE-2026-31699 , CVE-2026-31700 , CVE-2026-31701 , CVE-2026-31702 , CVE-2026-31704 , CVE-2026-31705 , CVE-2026-31708 , CVE-2026-31711 , CVE-2026-31714 , CVE-2026-31716 , CVE-2026-31720 , CVE-2026-31721 , CVE-2026-31726 , CVE-2026-31728 , CVE-2026-31730 , CVE-2026-31737 , CVE-2026-31738 , CVE-2026-31740 , CVE-2026-31741 , CVE-2026-31747 , CVE-2026-31748 , CVE-2026-31749 , CVE-2026-31751 , CVE-2026-31752 , CVE-2026-31754 , CVE-2026-31755 , CVE-2026-31756 , CVE-2026-31758 , CVE-2026-31759 , CVE-2026-31761 , CVE-2026-31762 , CVE-2026-31763 , CVE-2026-31768 , CVE-2026-31770 , CVE-2026-31773 , CVE-2026-31776 , CVE-2026-31778 , CVE-2026-31779 , CVE-2026-31780 , CVE-2026-31781 , CVE-2026-31786 , CVE-2026-31787 , CVE-2026-43007 , CVE-2026-43011 , CVE-2026-43013 , CVE-2026-43014 , CVE-2026-43015 , CVE-2026-43016 , CVE-2026-43017 , CVE-2026-43018 , CVE-2026-43020 , CVE-2026-43023 , CVE-2026-43024 , CVE-2026-43025 , CVE-2026-43026 , CVE-2026-43027 , CVE-2026-43028 , CVE-2026-43030 , CVE-2026-43032 , CVE-2026-43033 , CVE-2026-43035 , CVE-2026-43037 , CVE-2026-43038 , CVE-2026-43040 , CVE-2026-43041 , CVE-2026-43043 , CVE-2026-43044 , CVE-2026-43046 , CVE-2026-43047 , CVE-2026-43050 , CVE-2026-43051 , CVE-2026-43054 , CVE-2026-43056 , CVE-2026-43057 , CVE-2026-43058 Description Upstream kernel version 6.6.137 fixes bugs and vulnerabilities. The kmod-virtualbox & kmod-xtables-addons packages have been updated to work with this new kernel. References SRPMS 9/core
  • kernel-6.6.137-1.mga9
  • kmod-virtualbox-7.1.18-18.mga9
  • kmod-xtables-addons-3.24-90.mga9
Categorías: Actualizaciones de Seguridad

MGAA-2026-0030 - Updated light-locker packages fix bug

Mageia Security - 23 Abril, 2026 - 00:41
Publication date: 22 Apr 2026
Type: bugfix
Affected Mageia releases : 9
Description This update fixes some systemd-related issues and also some coredumps at startup. References SRPMS 9/core
  • light-locker-1.9.0-6.1.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2026-0107 - Updated gvfs packages fix security vulnerabilities

Mageia Security - 22 Abril, 2026 - 23:08
Publication date: 22 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-28295 , CVE-2026-28296 Description Gvfs: gvfs ftp backend: information disclosure via untrusted pasv responses. (CVE-2026-28295) Gvfs: ftp gvfs backend: arbitrary ftp command injection via crlf sequences in file paths. (CVE-2026-28296) References SRPMS 9/core
  • gvfs-1.50.4-1.1.mga9
Categorías: Actualizaciones de Seguridad

MGAA-2026-0029 - Updated mga-dorsync packages fix bugs

Mageia Security - 21 Abril, 2026 - 05:04
Publication date: 21 Apr 2026
Type: bugfix
Affected Mageia releases : 9
Description mga-dorsync is QA tool to sync Mageia ISO images and transfer them to a USB stick. Now, after some updates in the code and bugs fixed, we are providing a official package for this tool. References SRPMS 9/core
  • mga-dorsync-3.3-1.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2026-0106 - Updated firefox & thunderbird packages fix security vulnerabilities

Mageia Security - 21 Abril, 2026 - 03:11
Publication date: 21 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-5731 , CVE-2026-5732 , CVE-2026-5734 Description Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2. (CVE-2026-5731) Incorrect boundary conditions, integer overflow in the Graphics: Text component. (CVE-2026-5732) Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2. (CVE-2026-5734) References SRPMS 9/core
  • firefox-140.9.1-1.mga9
  • firefox-l10n-140.9.1-1.mga9
  • thunderbird-140.9.1-1.mga9
  • thunderbird-l10n-140.9.1-1.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2026-0105 - Updated libtiff packages fix security vulnerabilities

Mageia Security - 21 Abril, 2026 - 03:11
Publication date: 21 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-61143 , CVE-2025-61144 Description libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c. (CVE-2025-61143) libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. (CVE-2025-61144) References SRPMS 9/core
  • libtiff-4.5.1-1.7.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2026-0104 - Updated python-cairosvg packages fix security vulnerability

Mageia Security - 18 Abril, 2026 - 17:43
Publication date: 18 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-31899 Description CairoSVG vulnerable to Exponential DoS via recursive element amplification. (CVE-2026-31899) References SRPMS 9/core
  • python-cairosvg-2.5.2-6.1.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2026-0103 - Updated giflib packages fix security vulnerability

Mageia Security - 18 Abril, 2026 - 17:43
Publication date: 18 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-23868 Description Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult but may be possible. (CVE-2026-23868) References SRPMS 9/core
  • giflib-5.2.1-7.3.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2026-0102 - Updated gdk-pixbuf2.0 packages fix security vulnerability

Mageia Security - 18 Abril, 2026 - 17:43
Publication date: 18 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-5201 Description Denial of service via heap-based buffer overflow when processing a specially crafted jpeg image. (CVE-2026-5201) References SRPMS 9/core
  • gdk-pixbuf2.0-2.42.10-2.3.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2026-0101 - Updated rsync packages fix security vulnerability

Mageia Security - 18 Abril, 2026 - 03:40
Publication date: 18 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-41035 Description In rsync 3.0.1 through 3.4.1, receive_xattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X (aka --xattrs). On Linux, many (but not all) common configurations are vulnerable. Non-Linux platforms are more widely vulnerable. (CVE-2026-41035) References SRPMS 9/core
  • rsync-3.2.7-1.4.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2026-0100 - Updated polkit-122 packages fix security vulnerability

Mageia Security - 17 Abril, 2026 - 20:56
Publication date: 17 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-7519 Description Polkit: xml policy file with a large number of nested elements may lead to out-of-bounds write. (CVE-2025-7519) References SRPMS 9/core
  • polkit-122-2.2.mga9
Categorías: Actualizaciones de Seguridad

MGAA-2026-0028 - Updated python-astropy packages fix bug

Mageia Security - 17 Abril, 2026 - 20:56
Publication date: 17 Apr 2026
Type: bugfix
Affected Mageia releases : 9
Description python3-astropy missed the python3-configobj requirement. This update fixes the reported issue. References SRPMS 9/core
  • python-astropy-5.1.1-1.2.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2026-0099 - Updated cockpit-338 packages fix security vulnerability

Mageia Security - 16 Abril, 2026 - 18:53
Publication date: 16 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-4631 Description Unauthenticated remote code execution due to ssh command-line argument injection. (CVE-2026-4631) References SRPMS 9/core
  • cockpit-338-1.7.mga9
Categorías: Actualizaciones de Seguridad

MGAA-2026-0026 - Updated simplescreenrecorder packages fix bug

Mageia Security - 16 Abril, 2026 - 18:53
Publication date: 16 Apr 2026
Type: bugfix
Affected Mageia releases : 9
Description Updated simplescreenrecorder package to fix OpenGL recording. References SRPMS 9/core
  • simplescreenrecorder-0.4.4-1.1.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2026-0098 - Updated kernel-linus packages fix security vulnerabilities

Mageia Security - 15 Abril, 2026 - 17:42
Publication date: 15 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-71160 , CVE-2025-71180 , CVE-2025-71182 , CVE-2025-71183 , CVE-2025-71185 , CVE-2025-71186 , CVE-2025-71188 , CVE-2025-71189 , CVE-2025-71190 , CVE-2025-71191 , CVE-2025-71192 , CVE-2025-71193 , CVE-2025-71194 , CVE-2025-71195 , CVE-2025-71196 , CVE-2025-71197 , CVE-2025-71198 , CVE-2025-71199 , CVE-2025-71200 , CVE-2025-71204 , CVE-2025-71220 , CVE-2025-71222 , CVE-2025-71223 , CVE-2025-71224 , CVE-2025-71228 , CVE-2025-71229 , CVE-2025-71232 , CVE-2025-71235 , CVE-2025-71236 , CVE-2025-71237 , CVE-2025-71238 , CVE-2025-71239 , CVE-2025-71265 , CVE-2025-71266 , CVE-2025-71267 , CVE-2025-71268 , CVE-2025-71270 , CVE-2026-22976 , CVE-2026-22977 , CVE-2026-22978 , CVE-2026-22979 , CVE-2026-22980 , CVE-2026-22982 , CVE-2026-22984 , CVE-2026-22988 , CVE-2026-22990 , CVE-2026-22991 , CVE-2026-22992 , CVE-2026-22994 , CVE-2026-23019 , CVE-2026-23020 , CVE-2026-23021 , CVE-2026-23025 , CVE-2026-23026 , CVE-2026-23030 , CVE-2026-23031 , CVE-2026-23032 , CVE-2026-23033 , CVE-2026-23037 , CVE-2026-23038 , CVE-2026-23047 , CVE-2026-23049 , CVE-2026-23054 , CVE-2026-23056 , CVE-2026-23058 , CVE-2026-23059 , CVE-2026-23060 , CVE-2026-23061 , CVE-2026-23062 , CVE-2026-23063 , CVE-2026-23064 , CVE-2026-23068 , CVE-2026-23069 , CVE-2026-23071 , CVE-2026-23073 , CVE-2026-23074 , CVE-2026-23075 , CVE-2026-23076 , CVE-2026-23078 , CVE-2026-23080 , CVE-2026-23083 , CVE-2026-23084 , CVE-2026-23085 , CVE-2026-23086 , CVE-2026-23087 , CVE-2026-23088 , CVE-2026-23089 , CVE-2026-23090 , CVE-2026-23091 , CVE-2026-23094 , CVE-2026-23095 , CVE-2026-23096 , CVE-2026-23097 , CVE-2026-23098 , CVE-2026-23099 , CVE-2026-23101 , CVE-2026-23103 , CVE-2026-23105 , CVE-2026-23107 , CVE-2026-23108 , CVE-2026-23110 , CVE-2026-23111 , CVE-2026-23112 , CVE-2026-23113 , CVE-2026-23116 , CVE-2026-23119 , CVE-2026-23120 , CVE-2026-23121 , CVE-2026-23123 , CVE-2026-23124 , CVE-2026-23125 , CVE-2026-23126 , CVE-2026-23128 , CVE-2026-23131 , CVE-2026-23133 , CVE-2026-23135 , CVE-2026-23136 , CVE-2026-23139 , CVE-2026-23140 , CVE-2026-23141 , CVE-2026-23142 , CVE-2026-23144 , CVE-2026-23145 , CVE-2026-23146 , CVE-2026-23150 , CVE-2026-23155 , CVE-2026-23156 , CVE-2026-23159 , CVE-2026-23160 , CVE-2026-23163 , CVE-2026-23164 , CVE-2026-23167 , CVE-2026-23168 , CVE-2026-23170 , CVE-2026-23172 , CVE-2026-23173 , CVE-2026-23176 , CVE-2026-23178 , CVE-2026-23179 , CVE-2026-23180 , CVE-2026-23182 , CVE-2026-23187 , CVE-2026-23190 , CVE-2026-23193 , CVE-2026-23198 , CVE-2026-23200 , CVE-2026-23202 , CVE-2026-23204 , CVE-2026-23205 , CVE-2026-23206 , CVE-2026-23209 , CVE-2026-23212 , CVE-2026-23216 , CVE-2026-23220 , CVE-2026-23222 , CVE-2026-23228 , CVE-2026-23229 , CVE-2026-23230 , CVE-2026-23233 , CVE-2026-23234 , CVE-2026-23235 , CVE-2026-23236 , CVE-2026-23237 , CVE-2026-23238 , CVE-2026-23241 , CVE-2026-23242 , CVE-2026-23243 , CVE-2026-23254 , CVE-2026-23256 , CVE-2026-23257 , CVE-2026-23258 , CVE-2026-23260 , CVE-2026-23261 , CVE-2026-23262 , CVE-2026-23264 , CVE-2026-23266 , CVE-2026-23267 , CVE-2026-23273 , CVE-2026-23279 , CVE-2026-23281 , CVE-2026-23284 , CVE-2026-23285 , CVE-2026-23286 , CVE-2026-23287 , CVE-2026-23289 , CVE-2026-23290 , CVE-2026-23291 , CVE-2026-23292 , CVE-2026-23293 , CVE-2026-23296 , CVE-2026-23298 , CVE-2026-23300 , CVE-2026-23303 , CVE-2026-23304 , CVE-2026-23306 , CVE-2026-23307 , CVE-2026-23308 , CVE-2026-23309 , CVE-2026-23310 , CVE-2026-23312 , CVE-2026-23315 , CVE-2026-23317 , CVE-2026-23318 , CVE-2026-23319 , CVE-2026-23321 , CVE-2026-23324 , CVE-2026-23325 , CVE-2026-23334 , CVE-2026-23335 , CVE-2026-23336 , CVE-2026-23339 , CVE-2026-23340 , CVE-2026-23343 , CVE-2026-23347 , CVE-2026-23351 , CVE-2026-23352 , CVE-2026-23356 , CVE-2026-23357 , CVE-2026-23359 , CVE-2026-23362 , CVE-2026-23364 , CVE-2026-23365 , CVE-2026-23367 , CVE-2026-23368 , CVE-2026-23370 , CVE-2026-23372 , CVE-2026-23378 , CVE-2026-23379 , CVE-2026-23381 , CVE-2026-23382 , CVE-2026-23386 , CVE-2026-23387 , CVE-2026-23388 , CVE-2026-23391 , CVE-2026-23392 , CVE-2026-23395 , CVE-2026-23396 , CVE-2026-23397 , CVE-2026-23398 , CVE-2026-31788 Description Vanilla upstream kernel version 6.6.130 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links. References SRPMS 9/core
  • kernel-linus-6.6.130-1.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2026-0097 - Updated kernel, kmod-virtualbox & kmod-xtables-addons packages fix security vulnerabilities

Mageia Security - 15 Abril, 2026 - 17:42
Publication date: 15 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-71160 , CVE-2025-71180 , CVE-2025-71182 , CVE-2025-71183 , CVE-2025-71185 , CVE-2025-71186 , CVE-2025-71188 , CVE-2025-71189 , CVE-2025-71190 , CVE-2025-71191 , CVE-2025-71192 , CVE-2025-71193 , CVE-2025-71194 , CVE-2025-71195 , CVE-2025-71196 , CVE-2025-71197 , CVE-2025-71198 , CVE-2025-71199 , CVE-2025-71200 , CVE-2025-71204 , CVE-2025-71220 , CVE-2025-71222 , CVE-2025-71223 , CVE-2025-71224 , CVE-2025-71228 , CVE-2025-71229 , CVE-2025-71232 , CVE-2025-71235 , CVE-2025-71236 , CVE-2025-71237 , CVE-2025-71238 , CVE-2025-71239 , CVE-2025-71265 , CVE-2025-71266 , CVE-2025-71267 , CVE-2025-71268 , CVE-2025-71270 , CVE-2026-22976 , CVE-2026-22977 , CVE-2026-22978 , CVE-2026-22979 , CVE-2026-22980 , CVE-2026-22982 , CVE-2026-22984 , CVE-2026-22988 , CVE-2026-22990 , CVE-2026-22991 , CVE-2026-22992 , CVE-2026-22994 , CVE-2026-23019 , CVE-2026-23020 , CVE-2026-23021 , CVE-2026-23025 , CVE-2026-23026 , CVE-2026-23030 , CVE-2026-23031 , CVE-2026-23032 , CVE-2026-23033 , CVE-2026-23037 , CVE-2026-23038 , CVE-2026-23047 , CVE-2026-23049 , CVE-2026-23054 , CVE-2026-23056 , CVE-2026-23058 , CVE-2026-23059 , CVE-2026-23060 , CVE-2026-23061 , CVE-2026-23062 , CVE-2026-23063 , CVE-2026-23064 , CVE-2026-23068 , CVE-2026-23069 , CVE-2026-23071 , CVE-2026-23073 , CVE-2026-23074 , CVE-2026-23075 , CVE-2026-23076 , CVE-2026-23078 , CVE-2026-23080 , CVE-2026-23083 , CVE-2026-23084 , CVE-2026-23085 , CVE-2026-23086 , CVE-2026-23087 , CVE-2026-23088 , CVE-2026-23089 , CVE-2026-23090 , CVE-2026-23091 , CVE-2026-23094 , CVE-2026-23095 , CVE-2026-23096 , CVE-2026-23097 , CVE-2026-23098 , CVE-2026-23099 , CVE-2026-23101 , CVE-2026-23103 , CVE-2026-23105 , CVE-2026-23107 , CVE-2026-23108 , CVE-2026-23110 , CVE-2026-23111 , CVE-2026-23112 , CVE-2026-23113 , CVE-2026-23116 , CVE-2026-23119 , CVE-2026-23120 , CVE-2026-23121 , CVE-2026-23123 , CVE-2026-23124 , CVE-2026-23125 , CVE-2026-23126 , CVE-2026-23128 , CVE-2026-23131 , CVE-2026-23133 , CVE-2026-23135 , CVE-2026-23136 , CVE-2026-23139 , CVE-2026-23140 , CVE-2026-23141 , CVE-2026-23142 , CVE-2026-23144 , CVE-2026-23145 , CVE-2026-23146 , CVE-2026-23150 , CVE-2026-23155 , CVE-2026-23156 , CVE-2026-23159 , CVE-2026-23160 , CVE-2026-23163 , CVE-2026-23164 , CVE-2026-23167 , CVE-2026-23168 , CVE-2026-23170 , CVE-2026-23172 , CVE-2026-23173 , CVE-2026-23176 , CVE-2026-23178 , CVE-2026-23179 , CVE-2026-23180 , CVE-2026-23182 , CVE-2026-23187 , CVE-2026-23190 , CVE-2026-23193 , CVE-2026-23198 , CVE-2026-23200 , CVE-2026-23202 , CVE-2026-23204 , CVE-2026-23205 , CVE-2026-23206 , CVE-2026-23209 , CVE-2026-23212 , CVE-2026-23216 , CVE-2026-23220 , CVE-2026-23222 , CVE-2026-23228 , CVE-2026-23229 , CVE-2026-23230 , CVE-2026-23233 , CVE-2026-23234 , CVE-2026-23235 , CVE-2026-23236 , CVE-2026-23237 , CVE-2026-23238 , CVE-2026-23241 , CVE-2026-23242 , CVE-2026-23243 , CVE-2026-23254 , CVE-2026-23256 , CVE-2026-23257 , CVE-2026-23258 , CVE-2026-23260 , CVE-2026-23261 , CVE-2026-23262 , CVE-2026-23264 , CVE-2026-23266 , CVE-2026-23267 , CVE-2026-23273 , CVE-2026-23279 , CVE-2026-23281 , CVE-2026-23284 , CVE-2026-23285 , CVE-2026-23286 , CVE-2026-23287 , CVE-2026-23289 , CVE-2026-23290 , CVE-2026-23291 , CVE-2026-23292 , CVE-2026-23293 , CVE-2026-23296 , CVE-2026-23298 , CVE-2026-23300 , CVE-2026-23303 , CVE-2026-23304 , CVE-2026-23306 , CVE-2026-23307 , CVE-2026-23308 , CVE-2026-23309 , CVE-2026-23310 , CVE-2026-23312 , CVE-2026-23315 , CVE-2026-23317 , CVE-2026-23318 , CVE-2026-23319 , CVE-2026-23321 , CVE-2026-23324 , CVE-2026-23325 , CVE-2026-23334 , CVE-2026-23335 , CVE-2026-23336 , CVE-2026-23339 , CVE-2026-23340 , CVE-2026-23343 , CVE-2026-23347 , CVE-2026-23351 , CVE-2026-23352 , CVE-2026-23356 , CVE-2026-23357 , CVE-2026-23359 , CVE-2026-23362 , CVE-2026-23364 , CVE-2026-23365 , CVE-2026-23367 , CVE-2026-23368 , CVE-2026-23370 , CVE-2026-23372 , CVE-2026-23378 , CVE-2026-23379 , CVE-2026-23381 , CVE-2026-23382 , CVE-2026-23386 , CVE-2026-23387 , CVE-2026-23388 , CVE-2026-23391 , CVE-2026-23392 , CVE-2026-23395 , CVE-2026-23396 , CVE-2026-23397 , CVE-2026-23398 , CVE-2026-31788 Description Upstream kernel version 6.6.130 fixes bugs and vulnerabilities. The kmod-virtualbox & kmod-xtables-addons packages have been updated to work with this new kernel. References SRPMS 9/core
  • kernel-6.6.130-1.mga9
  • kmod-virtualbox-7.1.14-15.mga9
  • kmod-xtables-addons-3.24-89.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2026-0096 - Updated libpng12 packages fix security vulnerability

Mageia Security - 12 Abril, 2026 - 06:23
Publication date: 12 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-25646 Description LIBPNG has a heap buffer overflow in png_set_quantize. (CVE-2026-25646) References SRPMS 9/core
  • libpng12-1.2.59-3.1.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2026-0095 - Updated tomcat packages fix security vulnerabilities

Mageia Security - 12 Abril, 2026 - 06:23
Publication date: 12 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-24880 , CVE-2026-25854 , CVE-2026-29129 , CVE-2026-29145 , CVE-2026-29146 , CVE-2026-32990 , CVE-2026-34483 , CVE-2026-34486 , CVE-2026-34487 , CVE-2026-34500 Description Request smuggling via invalid chunk extension. (CVE-2026-24880) Occasionally open redirect. (CVE-2026-25854) TLS cipher order is not preserved. (CVE-2026-29129) OCSP checks sometimes soft-fail even when soft-fail is disabled. (CVE-2026-29145) EncryptInterceptor vulnerable to padding oracle attack by default. (CVE-2026-29146) Fix for CVE-2025-66614 is incomplete. (CVE-2026-32990) Incomplete escaping of JSON access logs. (CVE-2026-34483) Fix for CVE-2026-29146 allowed bypass of EncryptInterceptor. (CVE-2026-34486) Cloud membership for clustering component exposed the Kubernetes bearer token. (CVE-2026-34487) OCSP checks sometimes soft-fail with FFM even when soft-fail is disabled. (CVE-2026-34500) References SRPMS 9/core
  • tomcat-9.0.117-1.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2026-0094 - Updated squid packages fix security vulnerabilities

Mageia Security - 12 Abril, 2026 - 06:23
Publication date: 12 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-59362 , CVE-2025-62168 , CVE-2026-33526 , CVE-2026-32748 , CVE-2026-33515 Description Squid mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asn_build_objid in lib/snmplib/asn1.c. (CVE-2025-59362) Squid vulnerable to information disclosure via authentication credential leakage in error handling. (CVE-2025-62168) Squid vulnerable to Denial of Service in ICP Request handling. (CVE-2026-33526) Squid has Denial of Service in ICP Response handling. (CVE-2026-32748) Squid has issues in ICP message handling. (CVE-2026-33515) References SRPMS 9/core
  • squid-5.9-1.5.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2026-0093 - Updated python-django packages fix security vulnerabilities

Mageia Security - 12 Abril, 2026 - 00:02
Publication date: 11 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-3902 , CVE-2026-4277 , CVE-2026-4292 , CVE-2026-33033 , CVE-2026-33034 Description ASGI header spoofing via underscore/hyphen conflation. (CVE-2026-3902) Privilege abuse in ``GenericInlineModelAdmin``. (CVE-2026-4277) Privilege abuse in ``ModelAdmin.list_editable``. (CVE-2026-4292) Potential denial-of-service vulnerability in ``MultiPartParser`` via base64-encoded file upload. (CVE-2026-33033) Potential denial-of-service vulnerability in ASGI requests via memory upload limit bypass. (CVE-2026-33034) References SRPMS 9/core
  • python-django-4.1.13-1.12.mga9
Categorías: Actualizaciones de Seguridad
Feed