Actualizaciones de Seguridad
MGASA-2026-0048 - Updated rsync packages fix security vulnerability
Publication date: 06 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-10158 Description Out of bounds array access via negative index. (CVE-2025-10158) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-10158 Description Out of bounds array access via negative index. (CVE-2025-10158) References
- https://bugs.mageia.org/show_bug.cgi?id=35177
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QZOPBIA4TYYH7HBPKXO4XFIWVXML27HR/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10158
- rsync-3.2.7-1.3.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2026-0016 - Updated libsolv packages fix bug
Publication date: 26 Feb 2026
Type: bugfix
Affected Mageia releases : 9
Description The update includes a patch from Fedora which allows the production of metadata for python3-libsolv. References SRPMS 9/core
Type: bugfix
Affected Mageia releases : 9
Description The update includes a patch from Fedora which allows the production of metadata for python3-libsolv. References SRPMS 9/core
- libsolv-0.7.35-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0047 - Updated gegl packages fix security vulnerabilities
Publication date: 23 Feb 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-2049 , CVE-2026-2050 Description ZDI-CAN-28618: New Vulnerability Report at rgbe.c. (CVE-2026-2049) ZDI-CAN-28266: New Vulnerability Report at rgbe.c. (CVE-2026-2050) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-2049 , CVE-2026-2050 Description ZDI-CAN-28618: New Vulnerability Report at rgbe.c. (CVE-2026-2049) ZDI-CAN-28266: New Vulnerability Report at rgbe.c. (CVE-2026-2050) References
- https://bugs.mageia.org/show_bug.cgi?id=35147
- https://lists.debian.org/debian-security-announce/2026/msg00051.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2049
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2050
- gegl-0.4.42-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0046 - Updated freerdp packages fix security vulnerabilities
Publication date: 22 Feb 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-23530 , CVE-2026-23531 , CVE-2026-23532 , CVE-2026-23533 , CVE-2026-23534 , CVE-2026-23948 , CVE-2026-24491 , CVE-2026-24675 , CVE-2026-24676 , CVE-2026-24677 , CVE-2026-24678 , CVE-2026-24679 , CVE-2026-24680 , CVE-2026-24681 , CVE-2026-24682 , CVE-2026-24683 , CVE-2026-24684 Description FreeRDP has heap-buffer-overflow in planar_decompress_plane_rle. (CVE-2026-23530) FreeRDP has heap-buffer-overflow in clear_decompress. (CVE-2026-23531) FreeRDP has heap-buffer-overflow in gdi_SurfaceToSurface. (CVE-2026-23532) FreeRDP has heap-buffer-overflow in clear_decompress_residual_data. (CVE-2026-23533) FreeRDP has heap-buffer-overflow in clear_decompress_bands_data. (CVE-2026-23534) FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2(). (CVE-2026-23948) FreeRDP has a heap-use-after-free in video_timer. (CVE-2026-24491) FreeRDP has a Heap-use-after-free in urb_select_interface. (CVE-2026-24675) FreeRDP has a heap-use-after-free in audio_format_compatible. (CVE-2026-24676) FreeRDP has a heap-buffer-overflow in ecam_encoder_compress_h264. (CVE-2026-24677) FreeRDP has a Heap-use-after-free in cam_v4l_stream_capture_thread. (CVE-2026-24678) FreeRDP has a heap-buffer-overflow in urb_select_interface. (CVE-2026-24679) FreeRDP has a heap-use-after-free in update_pointer_new(SDL). (CVE-2026-24680) FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb. (CVE-2026-24681) FreeRDP has a Heap-buffer-overflow in audio_formats_free. (CVE-2026-24682) FreeRDP has a heap-use-after-free in ainput_send_input_event. (CVE-2026-24683) FreeRDP has a Heap-use-after-free in play_thread. (CVE-2026-24684) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-23530 , CVE-2026-23531 , CVE-2026-23532 , CVE-2026-23533 , CVE-2026-23534 , CVE-2026-23948 , CVE-2026-24491 , CVE-2026-24675 , CVE-2026-24676 , CVE-2026-24677 , CVE-2026-24678 , CVE-2026-24679 , CVE-2026-24680 , CVE-2026-24681 , CVE-2026-24682 , CVE-2026-24683 , CVE-2026-24684 Description FreeRDP has heap-buffer-overflow in planar_decompress_plane_rle. (CVE-2026-23530) FreeRDP has heap-buffer-overflow in clear_decompress. (CVE-2026-23531) FreeRDP has heap-buffer-overflow in gdi_SurfaceToSurface. (CVE-2026-23532) FreeRDP has heap-buffer-overflow in clear_decompress_residual_data. (CVE-2026-23533) FreeRDP has heap-buffer-overflow in clear_decompress_bands_data. (CVE-2026-23534) FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2(). (CVE-2026-23948) FreeRDP has a heap-use-after-free in video_timer. (CVE-2026-24491) FreeRDP has a Heap-use-after-free in urb_select_interface. (CVE-2026-24675) FreeRDP has a heap-use-after-free in audio_format_compatible. (CVE-2026-24676) FreeRDP has a heap-buffer-overflow in ecam_encoder_compress_h264. (CVE-2026-24677) FreeRDP has a Heap-use-after-free in cam_v4l_stream_capture_thread. (CVE-2026-24678) FreeRDP has a heap-buffer-overflow in urb_select_interface. (CVE-2026-24679) FreeRDP has a heap-use-after-free in update_pointer_new(SDL). (CVE-2026-24680) FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb. (CVE-2026-24681) FreeRDP has a Heap-buffer-overflow in audio_formats_free. (CVE-2026-24682) FreeRDP has a heap-use-after-free in ainput_send_input_event. (CVE-2026-24683) FreeRDP has a Heap-use-after-free in play_thread. (CVE-2026-24684) References
- https://bugs.mageia.org/show_bug.cgi?id=35038
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/3PECP75D65BGMOXX4VA6VFZW5A365UOB/
- https://www.openwall.com/lists/oss-security/2026/02/09/8
- https://www.openwall.com/lists/oss-security/2026/02/10/1
- https://ubuntu.com/security/notices/USN-8004-1
- https://ubuntu.com/security/notices/USN-8042-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23530
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23531
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23532
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23533
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23534
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23948
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24491
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24675
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24676
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24677
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24678
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24679
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24680
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24681
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24682
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24683
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24684
- freerdp-2.11.7-1.2.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2026-0015 - Updated webkit2 packages fix bug
Publication date: 22 Feb 2026
Type: bugfix
Affected Mageia releases : 9
Description The updated packages fix several crashes and rendering issues. References
Type: bugfix
Affected Mageia releases : 9
Description The updated packages fix several crashes and rendering issues. References
- https://bugs.mageia.org/show_bug.cgi?id=35144
- https://webkitgtk.org/2026/02/09/webkitgtk2.50.5-released.html
- webkit2-2.50.5-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0045 - Updated gnutls packages fix security vulnerability
Publication date: 20 Feb 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-14831 Description Denial of service via excessive resource consumption during certificate verification. (CVE-2025-14831) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-14831 Description Denial of service via excessive resource consumption during certificate verification. (CVE-2025-14831) References
- https://bugs.mageia.org/show_bug.cgi?id=35114
- https://www.openwall.com/lists/oss-security/2026/02/09/6
- https://lists.debian.org/debian-security-announce/2026/msg00049.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14831
- gnutls-3.8.4-1.4.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0044 - Updated libvpx packages fix security vulnerability
Publication date: 20 Feb 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-2447 Description Heap buffer overflow in libvpx. (CVE-2026-2447) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-2447 Description Heap buffer overflow in libvpx. (CVE-2026-2447) References
- https://bugs.mageia.org/show_bug.cgi?id=35137
- https://www.mozilla.org/en-US/security/advisories/mfsa2026-10/
- https://www.mozilla.org/en-US/security/advisories/mfsa2026-11/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2447
- libvpx-1.12.0-1.5.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2026-0014 - Updated mariadb packages fix bug
Publication date: 20 Feb 2026
Type: bugfix
Affected Mageia releases : 9
Description Updated mariadb package fix crashes when not using grant tables. The latest update introduced a bug which makes mariadb crash in case it was started with skip-grant-tables. E.g. akonadi uses mariadb as a backend and does not use the rights management. This update fixes the issue. References SRPMS 9/core
Type: bugfix
Affected Mageia releases : 9
Description Updated mariadb package fix crashes when not using grant tables. The latest update introduced a bug which makes mariadb crash in case it was started with skip-grant-tables. E.g. akonadi uses mariadb as a backend and does not use the rights management. This update fixes the issue. References SRPMS 9/core
- mariadb-11.4.10-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2026-0013 - Updated sddm-theme-coffee-ng packages fix bug
Publication date: 20 Feb 2026
Type: bugfix
Affected Mageia releases : 9
Description Minor fixes to our alternative sddm theme. References SRPMS 9/core
Type: bugfix
Affected Mageia releases : 9
Description Minor fixes to our alternative sddm theme. References SRPMS 9/core
- sddm-theme-coffee-ng-2.0-1.2.mga9
Categorías: Actualizaciones de Seguridad
