Actualizaciones de Seguridad
MGASA-2025-0207 - Updated firefox packages fix security vulnerabilities
Publication date: 11 Jul 2025
Type: security
Affected Mageia releases : 9
Description Suggested Advisory The last packaged version for armv7hl was 115.13.0, so from the point of view of the armv7hl architecture, this is a Security Advisory and fixes a lot of CVEs; see the linked Security Advisories below. https://advisories.mageia.org/MGASA-2024-0325.html https://advisories.mageia.org/MGASA-2024-0331.html https://advisories.mageia.org/MGASA-2024-0349.html https://advisories.mageia.org/MGASA-2024-0383.html https://advisories.mageia.org/MGASA-2025-0009.html https://advisories.mageia.org/MGASA-2025-0045.html https://advisories.mageia.org/MGASA-2025-0092.html https://advisories.mageia.org/MGASA-2025-0125.html https://advisories.mageia.org/MGASA-2025-0150.html https://advisories.mageia.org/MGASA-2025-0165.html https://advisories.mageia.org/MGASA-2025-0195.html https://advisories.mageia.org/MGASA-2025-0201.html For the remaining architectures, this is just a bump in the release subversion. We understand it can be upsetting to get an update that does not fix or improve something, but as part of quality assurance the packages of a piece of software should be built from the same source rpm for all the architectures. References SRPMS 9/core
Type: security
Affected Mageia releases : 9
Description Suggested Advisory The last packaged version for armv7hl was 115.13.0, so from the point of view of the armv7hl architecture, this is a Security Advisory and fixes a lot of CVEs; see the linked Security Advisories below. https://advisories.mageia.org/MGASA-2024-0325.html https://advisories.mageia.org/MGASA-2024-0331.html https://advisories.mageia.org/MGASA-2024-0349.html https://advisories.mageia.org/MGASA-2024-0383.html https://advisories.mageia.org/MGASA-2025-0009.html https://advisories.mageia.org/MGASA-2025-0045.html https://advisories.mageia.org/MGASA-2025-0092.html https://advisories.mageia.org/MGASA-2025-0125.html https://advisories.mageia.org/MGASA-2025-0150.html https://advisories.mageia.org/MGASA-2025-0165.html https://advisories.mageia.org/MGASA-2025-0195.html https://advisories.mageia.org/MGASA-2025-0201.html For the remaining architectures, this is just a bump in the release subversion. We understand it can be upsetting to get an update that does not fix or improve something, but as part of quality assurance the packages of a piece of software should be built from the same source rpm for all the architectures. References SRPMS 9/core
- firefox-128.12.0-1.4.mga9
- firefox-l10n-128.12.0-1.2.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0206 - Updated gnupg2 packages fix security vulnerabilities
Publication date: 11 Jul 2025
Type: security
Affected Mageia releases : 9
Description Key validity not computed when key is certified by a trusted "certify-only" key (regression due to patch for CVE-2025-30258) References SRPMS 9/core
Type: security
Affected Mageia releases : 9
Description Key validity not computed when key is certified by a trusted "certify-only" key (regression due to patch for CVE-2025-30258) References SRPMS 9/core
- gnupg2-2.3.8-1.4.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0205 - Updated golang packages fix security vulnerabilities
Publication date: 11 Jul 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-4674 Description Various uses of the Go toolchain in untrusted VCS repositories can result in unexpected code execution. When using the Go toolchain in directories fetched using various VCS tools (such as directly cloning Git or Mercurial repositories) can cause the toolchain to execute unexpected commands, if said directory contains multiple VCS configuration metadata (such as a '.hg' directory in a Git repository). This is due to how the Go toolchain attempts to resolve which VCS is being used in order to embed build information in binaries and determine module versions. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-4674 Description Various uses of the Go toolchain in untrusted VCS repositories can result in unexpected code execution. When using the Go toolchain in directories fetched using various VCS tools (such as directly cloning Git or Mercurial repositories) can cause the toolchain to execute unexpected commands, if said directory contains multiple VCS configuration metadata (such as a '.hg' directory in a Git repository). This is due to how the Go toolchain attempts to resolve which VCS is being used in order to embed build information in binaries and determine module versions. References
- https://bugs.mageia.org/show_bug.cgi?id=34456
- https://www.openwall.com/lists/oss-security/2025/07/08/5
- https://github.com/golang/go/issues/74382
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4674
- golang-1.24.5-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0204 - Updated dpkg packages fix security vulnerabilities
Publication date: 11 Jul 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-6297 Description It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on adversarial .deb packages or with well compressible files, placed inside a directory with permissions not allowing removal by a non-root user, this can end up in a DoS scenario due to causing disk quota exhaustion or disk full conditions. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-6297 Description It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on adversarial .deb packages or with well compressible files, placed inside a directory with permissions not allowing removal by a non-root user, this can end up in a DoS scenario due to causing disk quota exhaustion or disk full conditions. References
- https://bugs.mageia.org/show_bug.cgi?id=34441
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/FNSLEIUKJQUM5CTEBYJAKWDXADY2FDTH/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6297
- dpkg-1.22.21-1.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2025-0067 - Updated nss packages fix bug
Publication date: 11 Jul 2025
Type: bugfix
Affected Mageia releases : 9
Description pretrans scripts are run before any package installation is run, as such the scripts must not depend on any interpreter/only lua is allowed. The problem occurs when creating livecd or similar chroots from scratch, then the pretrans script fails because there is nothing that would provide /bin/sh to run the script. This update fixes the reported issue. References SRPMS 9/core
Type: bugfix
Affected Mageia releases : 9
Description pretrans scripts are run before any package installation is run, as such the scripts must not depend on any interpreter/only lua is allowed. The problem occurs when creating livecd or similar chroots from scratch, then the pretrans script fails because there is nothing that would provide /bin/sh to run the script. This update fixes the reported issue. References SRPMS 9/core
- nss-3.113.0-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2025-0066 - Updated blender packages fix bug
Publication date: 11 Jul 2025
Type: bugfix
Affected Mageia releases : 9
Description The 32bit blender version comes with a wrapper script which automatically select between a sse (pentium4 and above) or non-sse (pentium) flavours. Unfortunately this script at some point lost the executable permission in the SPEC file. This update fixes the reported issue and bring new version of blender. References SRPMS 9/core
Type: bugfix
Affected Mageia releases : 9
Description The 32bit blender version comes with a wrapper script which automatically select between a sse (pentium4 and above) or non-sse (pentium) flavours. Unfortunately this script at some point lost the executable permission in the SPEC file. This update fixes the reported issue and bring new version of blender. References SRPMS 9/core
- blender-3.3.21-1.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2025-0065 - Updated llvm19-suite packages fix bug
Publication date: 08 Jul 2025
Type: bugfix
Affected Mageia releases : 9
Description The update fixes an issue building firefox & thunderbird in the armv7hl architecture. References SRPMS 9/core
Type: bugfix
Affected Mageia releases : 9
Description The update fixes an issue building firefox & thunderbird in the armv7hl architecture. References SRPMS 9/core
- llvm19-suite-19.1.0-4.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0203 - Updated php packages fix security vulnerabilities
Publication date: 05 Jul 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-1735 , CVE-2025-6491 , CVE-2025-1220 Description PGSQL: Fixed GHSA-hrwm-9436-5mv3 (pgsql extension does not check for errors during escaping). (CVE-2025-1735) SOAP: Fixed GHSA-453j-q27h-5p8x (NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix). (CVE-2025-6491) Standard: Fixed GHSA-3cr5-j632-f35r (Null byte termination in hostnames). (CVE-2025-1220) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-1735 , CVE-2025-6491 , CVE-2025-1220 Description PGSQL: Fixed GHSA-hrwm-9436-5mv3 (pgsql extension does not check for errors during escaping). (CVE-2025-1735) SOAP: Fixed GHSA-453j-q27h-5p8x (NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix). (CVE-2025-6491) Standard: Fixed GHSA-3cr5-j632-f35r (Null byte termination in hostnames). (CVE-2025-1220) References
- https://bugs.mageia.org/show_bug.cgi?id=34418
- https://www.php.net/ChangeLog-8.php#8.2.29
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1735
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6491
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1220
- php-8.2.29-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0202 - Updated catdoc packages fix security vulnerabilities
Publication date: 05 Jul 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-48877 , CVE-2024-52035 , CVE-2024-54028 Description A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in the xls2csv utility version 0.95. (CVE-2024-48877) An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of catdoc 0.95. (CVE-2024-52035) An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. (CVE-2024-54028) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-48877 , CVE-2024-52035 , CVE-2024-54028 Description A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in the xls2csv utility version 0.95. (CVE-2024-48877) An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of catdoc 0.95. (CVE-2024-52035) An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. (CVE-2024-54028) References
- https://bugs.mageia.org/show_bug.cgi?id=34411
- https://lists.debian.org/debian-security-announce/2025/msg00117.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-48877
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52035
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54028
- catdoc-0.95-5.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0201 - Updated rootcerts, nss & firefox packages fix security vulnerabilities
Publication date: 02 Jul 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-6424 , CVE-2025-6425 , CVE-2025-6429 , CVE-2025-6430 Description CVE-2025-6424: A use-after-free in FontFaceSet resulted in a potentially exploitable crash. CVE-2025-6425: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. CVE-2025-6429: Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an embed tag. This could have bypassed website security checks that restricted which domains users were allowed to embed. CVE-2025-6430: When a file download is specified via the Content-Disposition header, that directive would be ignored if the file was included via a or tag, potentially making a website vulnerable to a cross-site scripting attack. We can't yet ship this update to the armv7hl architecture; we are investigating the issue and will try to update firefox for armv7hl as soon as possible. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-6424 , CVE-2025-6425 , CVE-2025-6429 , CVE-2025-6430 Description CVE-2025-6424: A use-after-free in FontFaceSet resulted in a potentially exploitable crash. CVE-2025-6425: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. CVE-2025-6429: Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an embed tag. This could have bypassed website security checks that restricted which domains users were allowed to embed. CVE-2025-6430: When a file download is specified via the Content-Disposition header, that directive would be ignored if the file was included via a or tag, potentially making a website vulnerable to a cross-site scripting attack. We can't yet ship this update to the armv7hl architecture; we are investigating the issue and will try to update firefox for armv7hl as soon as possible. References
- https://bugs.mageia.org/show_bug.cgi?id=34393
- https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_113.html
- https://www.mozilla.org/en-US/firefox/128.12.0/releasenotes/
- https://www.mozilla.org/en-US/security/advisories/mfsa2025-53/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6424
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6425
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6429
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6430
- firefox-128.12.0-1.1.mga9
- firefox-l10n-128.12.0-1.1.mga9
- rootcerts-20250613.00-1.mga9
- nss-3.113.0-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0200 - Updated libarchive packages fix security vulnerabilities
Publication date: 02 Jul 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-5914 , CVE-2025-5915 , CVE-2025-5916 , CVE-2025-5917 Description Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c. (CVE-2025-5914) Heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c. (CVE-2025-5915) Integer overflow while reading warc files at archive_read_support_format_warc.c. (CVE-2025-5916) Off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c. (CVE-2025-5917) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-5914 , CVE-2025-5915 , CVE-2025-5916 , CVE-2025-5917 Description Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c. (CVE-2025-5914) Heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c. (CVE-2025-5915) Integer overflow while reading warc files at archive_read_support_format_warc.c. (CVE-2025-5916) Off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c. (CVE-2025-5917) References
- https://bugs.mageia.org/show_bug.cgi?id=34402
- https://ubuntu.com/security/notices/USN-7601-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5914
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5915
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5916
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5917
- libarchive-3.6.2-5.5.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0199 - Updated x11-server, x11-server-xwayland & tigervnc packages fix security vulnerabilities
Publication date: 28 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-49175 , CVE-2025-49176 , CVE-2025-49177 , CVE-2025-49178 , CVE-2025-49179 , CVE-2025-49180 Description Out-of-bounds access in X Rendering extension (Animated cursors). (CVE-2025-49175) Integer overflow in Big Requests Extension. (CVE-2025-49176) Data leak in XFIXES Extension 6 (XFixesSetClientDisconnectMode). (CVE-2025-49177) Unprocessed client request via bytes to ignore. (CVE-2025-49178) Integer overflow in X Record extension. (CVE-2025-49179) Integer overflow in RandR extension (RRChangeProviderProperty). (CVE-2025-49180) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-49175 , CVE-2025-49176 , CVE-2025-49177 , CVE-2025-49178 , CVE-2025-49179 , CVE-2025-49180 Description Out-of-bounds access in X Rendering extension (Animated cursors). (CVE-2025-49175) Integer overflow in Big Requests Extension. (CVE-2025-49176) Data leak in XFIXES Extension 6 (XFixesSetClientDisconnectMode). (CVE-2025-49177) Unprocessed client request via bytes to ignore. (CVE-2025-49178) Integer overflow in X Record extension. (CVE-2025-49179) Integer overflow in RandR extension (RRChangeProviderProperty). (CVE-2025-49180) References
- https://bugs.mageia.org/show_bug.cgi?id=34381
- https://www.openwall.com/lists/oss-security/2025/06/17/3
- https://www.openwall.com/lists/oss-security/2025/06/18/2
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49175
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49176
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49177
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49178
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49179
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49180
- x11-server-21.1.8-7.8.mga9
- x11-server-xwayland-22.1.9-1.8.mga9
- tigervnc-1.13.1-2.8.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2025-0064 - Updated muse & qt5ct packages fix bug
Publication date: 28 Jun 2025
Type: bugfix
Affected Mageia releases : 9
Description In some desktops, Muse freezes when you set a custom color for a track. We fixed the issue requiring the qt5ct package and forcing QT_QPA_PLATFORMTHEME=qt5ct muse4 in the desktop file. But, to not introduce unwanted side effects in systems with mixed desktops (Plasma KDE with others), we split the profile.d files of qt5ct in the package qt5ct-profile; the package is not fetched as part of the update and if you want to keep the effects of qt5ct at desktop start you should install qt5ct-profile after the update. References SRPMS 9/core
Type: bugfix
Affected Mageia releases : 9
Description In some desktops, Muse freezes when you set a custom color for a track. We fixed the issue requiring the qt5ct package and forcing QT_QPA_PLATFORMTHEME=qt5ct muse4 in the desktop file. But, to not introduce unwanted side effects in systems with mixed desktops (Plasma KDE with others), we split the profile.d files of qt5ct in the package qt5ct-profile; the package is not fetched as part of the update and if you want to keep the effects of qt5ct at desktop start you should install qt5ct-profile after the update. References SRPMS 9/core
- muse-4.2.1-1.3.mga9
- qt5ct-1.7-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0198 - Updated gdk-pixbuf2.0 packages fix security vulnerability
Publication date: 27 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-6199 Description It was discovered that incorrect bounds validation in the GIF decoder of the GDK Pixbuf library may result in memory disclosure. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-6199 Description It was discovered that incorrect bounds validation in the GIF decoder of the GDK Pixbuf library may result in memory disclosure. References
- https://bugs.mageia.org/show_bug.cgi?id=34388
- https://lists.debian.org/debian-security-announce/2025/msg00110.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6199
- gdk-pixbuf2.0-2.42.10-2.2.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0197 - Updated thunderbird packages fix security vulnerabilities
Publication date: 27 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-5262 , CVE-2025-5263 , CVE-2025-5264 , CVE-2025-5266 , CVE-2025-5267 , CVE-2025-5268 , CVE-2025-5269 , CVE-2025-5986 Description CVE-2025-5262: A double-free could have occurred in vpx_codec_enc_init_multi after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. CVE-2025-5263: Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. CVE-2025-5264: Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. CVE-2025-5266: Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. CVE-2025-5267: A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page. CVE-2025-5268: Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. CVE-2025-5269: Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. CVE-2025-5986: A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to fill the disk with garbage data (e.g. using /dev/urandom on Linux) or to leak Windows credentials via SMB links when the email is viewed in HTML mode. While user interaction is required to download the .pdf file, visual obfuscation can conceal the download trigger. Viewing the email in HTML mode is enough to load external content. We can't ship this update to armv7hl architecture, we are investigating the issue and will try to update thunderbird for armv7hl as soon as posible. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-5262 , CVE-2025-5263 , CVE-2025-5264 , CVE-2025-5266 , CVE-2025-5267 , CVE-2025-5268 , CVE-2025-5269 , CVE-2025-5986 Description CVE-2025-5262: A double-free could have occurred in vpx_codec_enc_init_multi after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. CVE-2025-5263: Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. CVE-2025-5264: Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. CVE-2025-5266: Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. CVE-2025-5267: A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page. CVE-2025-5268: Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. CVE-2025-5269: Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. CVE-2025-5986: A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to fill the disk with garbage data (e.g. using /dev/urandom on Linux) or to leak Windows credentials via SMB links when the email is viewed in HTML mode. While user interaction is required to download the .pdf file, visual obfuscation can conceal the download trigger. Viewing the email in HTML mode is enough to load external content. We can't ship this update to armv7hl architecture, we are investigating the issue and will try to update thunderbird for armv7hl as soon as posible. References
- https://bugs.mageia.org/show_bug.cgi?id=34338
- https://www.thunderbird.net/en-US/thunderbird/128.11.0esr/releasenotes/
- https://www.mozilla.org/en-US/security/advisories/mfsa2025-46/
- https://www.thunderbird.net/en-US/thunderbird/128.11.1esr/releasenotes/
- https://www.mozilla.org/en-US/security/advisories/mfsa2025-49/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5262
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5263
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5264
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5266
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5267
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5268
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5269
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5986
- thunderbird-128.11.1-1.1.mga9
- thunderbird-l10n-128.11.1-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0196 - Updated chromium-browser-stable packages fix security vulnerabilities
Publication date: 25 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-6191 , CVE-2025-6192 Description Integer overflow in V8. (CVE-2025-6191) Use after free in Profiler. (CVE-2025-6192) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-6191 , CVE-2025-6192 Description Integer overflow in V8. (CVE-2025-6191) Use after free in Profiler. (CVE-2025-6192) References
- https://bugs.mageia.org/show_bug.cgi?id=34386
- https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_17.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6191
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6192
- chromium-browser-stable-136.0.7103.113-3.mga9.tainted
Categorías: Actualizaciones de Seguridad
MGASA-2025-0195 - Updated nss & firefox packages fix security vulnerabilities
Publication date: 25 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-5262 , CVE-2025-5263 , CVE-2025-5264 , CVE-2025-5266 , CVE-2025-5267 , CVE-2025-5268 , CVE-2025-5269 Description CVE-2025-5283: A double-free could have occurred in vpx_codec_enc_init_multi after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. CVE-2025-5263: Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. CVE-2025-5264: Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. CVE-2025-5266: Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. CVE-2025-5267: A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page. CVE-2025-5268: Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. CVE-2025-5269: Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. We can't ship this update to armv7hl architecture, we are investigating the issue and will try to update firefox for armv7hl as soon as posible. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-5262 , CVE-2025-5263 , CVE-2025-5264 , CVE-2025-5266 , CVE-2025-5267 , CVE-2025-5268 , CVE-2025-5269 Description CVE-2025-5283: A double-free could have occurred in vpx_codec_enc_init_multi after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. CVE-2025-5263: Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. CVE-2025-5264: Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. CVE-2025-5266: Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. CVE-2025-5267: A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page. CVE-2025-5268: Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. CVE-2025-5269: Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. We can't ship this update to armv7hl architecture, we are investigating the issue and will try to update firefox for armv7hl as soon as posible. References
- https://bugs.mageia.org/show_bug.cgi?id=34337
- https://www.mozilla.org/en-US/firefox/128.11.0/releasenotes/
- https://www.mozilla.org/en-US/security/advisories/mfsa2025-44/
- https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_112.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5262
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5263
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5264
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5266
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5267
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5268
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5269
- firefox-128.11.0-1.1.mga9
- firefox-l10n-128.11.0-1.mga9
- nss-3.112.0-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0194 - Updated yarnpkg packages fix security vulnerabilities
Publication date: 25 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2020-7677 , CVE-2021-43138 , CVE-2022-3517 , CVE-2024-37890 , CVE-2024-48949 , CVE-2022-37599 , CVE-2023-26136 , CVE-2023-46234 , CVE-2024-12905 , CVE-2024-4067 , CVE-2025-48387 Description CVE-2024-37890 yarnpkg: denial of service when handling a request with many HTTP headers. CVE-2024-48949 yarnpkg: Missing Validation in Elliptic's EDDSA Signature Verification. CVE-2024-12905 yarnpkg: link following and path traversal via maliciously crafted tar file And other vulnerabilities in the yarn's bundled nodejs components are fixed too, see the references. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2020-7677 , CVE-2021-43138 , CVE-2022-3517 , CVE-2024-37890 , CVE-2024-48949 , CVE-2022-37599 , CVE-2023-26136 , CVE-2023-46234 , CVE-2024-12905 , CVE-2024-4067 , CVE-2025-48387 Description CVE-2024-37890 yarnpkg: denial of service when handling a request with many HTTP headers. CVE-2024-48949 yarnpkg: Missing Validation in Elliptic's EDDSA Signature Verification. CVE-2024-12905 yarnpkg: link following and path traversal via maliciously crafted tar file And other vulnerabilities in the yarn's bundled nodejs components are fixed too, see the references. References
- https://bugs.mageia.org/show_bug.cgi?id=33674
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2UGLXZO6VIHGIITQTEUY5Q5YCAP2A4ZP/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VEDIJM7VQF4Q2L2KKQ6KJ2WZNR7AXYQD/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7677
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43138
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3517
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37890
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-48949
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37599
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26136
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46234
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12905
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4067
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48387
- yarnpkg-1.22.22-0.10.9.2.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0193 - Updated python-django packages fix security vulnerability
Publication date: 25 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-48432 Description Potential log injection via unescaped request path. (CVE-2025-48432) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-48432 Description Potential log injection via unescaped request path. (CVE-2025-48432) References
- https://bugs.mageia.org/show_bug.cgi?id=34348
- https://www.openwall.com/lists/oss-security/2025/06/04/5
- https://www.openwall.com/lists/oss-security/2025/06/10/2
- https://ubuntu.com/security/notices/USN-7555-1
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVFOPDCA45B4XTMYRHQUSJ7JCA56453W/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
- python-django-4.1.13-1.5.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2025-0192 - Updated apache-mod_security packages fix security vulnerabilities
Publication date: 25 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-47947 , CVE-2025-48866 Description ModSecurity Has Possible DoS Vulnerability. (CVE-2025-47947) ModSecurity has possible DoS vulnerability in sanitiseArg action. (CVE-2025-48866) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-47947 , CVE-2025-48866 Description ModSecurity Has Possible DoS Vulnerability. (CVE-2025-47947) ModSecurity has possible DoS vulnerability in sanitiseArg action. (CVE-2025-48866) References
- https://bugs.mageia.org/show_bug.cgi?id=34362
- https://lists.debian.org/debian-security-announce/2025/msg00104.html
- https://ubuntu.com/security/notices/USN-7567-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47947
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48866
- apache-mod_security-2.9.7-1.1.mga9
Categorías: Actualizaciones de Seguridad
