Mageia Security

Publication date: 05 Apr 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-2588 Description Hercules Augeas fa.c re_case_expand null pointer dereference. (CVE-2025-2588) References

• https://bugs.mageia.org/show_bug.cgi?id=34141
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JLS6PXWXBARZ5FZS4C2ASIP6X56BMH24/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2588

SRPMS 9/core

• augeas-1.12.0-4.1.mga9

Publication date: 05 Apr 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-30472 Description Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet. (CVE-2025-30472) References

• https://bugs.mageia.org/show_bug.cgi?id=34146
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/L63W4FOTC7DCCZ5Z6IDGHNMPP3LXH2YY/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30472

SRPMS 9/core

• corosync-3.1.7-1.1.mga9

Publication date: 05 Apr 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-3028 , CVE-2025-3029 , CVE-2025-3030 Description Use-after-free triggered by XSLTProcessor. (CVE-2025-3028) URL Bar Spoofing via non-BMP Unicode characters. (CVE-2025-3029) Memory safety bugs fixed in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. (CVE-2025-3030) References

• https://bugs.mageia.org/show_bug.cgi?id=34155
• https://www.thunderbird.net/en-US/thunderbird/128.9.0esr/releasenotes/
• https://www.mozilla.org/en-US/security/advisories/mfsa2025-24/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3028
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3029
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3030

SRPMS 9/core

• thunderbird-128.9.0-1.mga9
• thunderbird-l10n-128.9.0-1.mga9

Publication date: 05 Apr 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-3028 , CVE-2025-3029 , CVE-2025-3030 Description Use-after-free triggered by XSLTProcessor. (CVE-2025-3028) URL Bar Spoofing via non-BMP Unicode characters. (CVE-2025-3029) Memory safety bugs fixed in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. (CVE-2025-3030) References

• https://bugs.mageia.org/show_bug.cgi?id=34153
• https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_110.html
• https://www.mozilla.org/en-US/firefox/128.9.0/releasenotes/
• https://www.mozilla.org/en-US/security/advisories/mfsa2025-22/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3028
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3029
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3030

SRPMS 9/core

• firefox-128.9.0-1.mga9
• firefox-l10n-128.9.0-1.mga9
• nss-3.110.0-1.mga9

Publication date: 05 Apr 2025
Type: bugfix
Affected Mageia releases : 9
Description The current version of wapiti is not compatible with our version of python3-httpx and python3-browser-cookie3 lacks some runtime requirements. We update the necessary packages to fix this issue, and to be able to build wapiti version 3.1.4 it was necessary to import some new packages as part of its build and runtime requirements. References

• https://bugs.mageia.org/show_bug.cgi?id=34144
• https://bugs.mageia.org/show_bug.cgi?id=34021

SRPMS 9/core

• python-browser-cookie3-0.20.1-1.mga9
• python-socksio-1.0.0-1.1.mga9
• python-httpx-0.23.0-1.1.mga9
• python-aiomcache-0.8.2-1.mga9
• python-aiosqlite-0.20.0-1.mga9
• python-aiocache-0.12.3-1.mga9
• python-arsenic-21.8-1.mga9
• python-maturin-1.2.3-1.mga9
• python-mitmproxy-wireguard-0.1.23-1.mga9
• python3-loguru-0.5.3-1.mga9
• wapiti-3.1.4-1.mga9

Publication date: 03 Apr 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-56161 Description Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP. (CVE-2024-56161) References

• https://bugs.mageia.org/show_bug.cgi?id=34149
• https://lists.debian.org/debian-lts-announce/2025/03/msg00024.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56161

SRPMS 9/nonfree

• microcode-0.20250211-2.mga9.nonfree

Publication date: 03 Apr 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-0167 , CVE-2025-0665 , CVE-2025-0725 Description When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. The fix was included previously as part of MGAA-2025-0004. References

• https://bugs.mageia.org/show_bug.cgi?id=33992
• https://bugs.mageia.org/show_bug.cgi?id=33893
• https://curl.se/docs/CVE-2025-0167.html
• https://advisories.mageia.org/MGAA-2025-0004.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0167
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0665
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0725

SRPMS 9/core

• curl-7.88.1-4.6.mga9

Publication date: 03 Apr 2025
Type: bugfix
Affected Mageia releases : 9
Description opencpn-celestial-navigation-plugin, opencpn-weather-routing-plugin and opencpn-weatherfax-plugin have improvements, useful for sailors using OpenCPN (a navigation chart plotter). References

• https://bugs.mageia.org/show_bug.cgi?id=34150

SRPMS 9/core

• opencpn-celestial-navigation-plugin-2.4.47.0-1.mga9
• opencpn-weather-routing-plugin-1.15.21.22-1.mga9
• opencpn-weatherfax-plugin-1.10.17.0-1.mga9

Publication date: 03 Apr 2025
Type: bugfix
Affected Mageia releases : 9
Description This new version of opencpn-o-charts-plugin contains a new nonfree binary for aarch64 but no major change for the other arches. References

• https://bugs.mageia.org/show_bug.cgi?id=34148

SRPMS 9/nonfree

• opencpn-o-charts-plugin-2.0.30.0-1.mga9.nonfree

Publication date: 02 Apr 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-2849 Description UPX p_lx_elf.cpp un_DT_INIT heap-based overflow. (CVE-2025-2849) References

• https://bugs.mageia.org/show_bug.cgi?id=34157
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/4FBRFLGSEHNFULMPARVADU2TACHDQM4L/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2849

SRPMS 9/core

• upx-4.2.3-1.1.mga9

Publication date: 31 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-2173 , CVE-2025-2174 , CVE-2025-2175 , CVE-2025-2176 , CVE-2025-2177 Description A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbi_strndup_iconv_ucs2 of the file src/conv.c. The manipulation of the argument src_length leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue (CVE-2025-2173). A vulnerability classified as critical has been found in libzvbi up to 0.2.43. This affects the function vbi_capture_sim_load_caption of the file src/io-sim.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue(A vulnerability classified as critical has been found in libzvbi up to 0.2.43. This affects the function vbi_capture_sim_load_caption of the file src/io-sim.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue (CVE-2025-2176). A vulnerability was found in libzvbi up to 0.2.43. It has been rated as problematic. Affected by this issue is the function _vbi_strndup_iconv. The manipulation leads to integer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue (CVE-2025-2175). A vulnerability classified as critical was found in libzvbi up to 0.2.43. This vulnerability affects the function vbi_search_new of the file src/search.c. The manipulation of the argument pat_len leads to integer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue (CVE-2025-2177) A vulnerability was found in libzvbi up to 0.2.43. It has been declared as problematic. Affected by this vulnerability is the function vbi_strndup_iconv_ucs2 of the file src/conv.c. The manipulation of the argument src_length leads to integer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue (CVE-2025-2174). References

• https://bugs.mageia.org/show_bug.cgi?id=34136
• https://ubuntu.com/security/notices/USN-7367-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2173
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2174
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2175
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2176
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2177

SRPMS 9/core

• zvbi-0.2.44-1.mga9

Publication date: 31 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-2361 Description Mercurial SCM Web Interface cross site scripting. (CVE-2025-2361) References

• https://bugs.mageia.org/show_bug.cgi?id=34129
• https://www.openwall.com/lists/oss-security/2025/03/21/2
• https://lists.mercurial-scm.org/pipermail/mercurial-packaging/2025-March/000754.html
• https://lists.debian.org/debian-security-announce/2025/msg00045.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2361

SRPMS 9/core

• mercurial-6.5.1-1.1.mga9

Publication date: 31 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-25260 , CVE-2025-1372 , CVE-2025-1377 Description elfutils v0.189 was discovered to contain a NULL pointer dereference via the handle_verdef() function at readelf.c. (CVE-2024-25260) GNU elfutils eu-readelf readelf.c print_string_section buffer overflow. (CVE-2025-1372) GNU elfutils eu-strip strip.c gelf_getsymshndx denial of service. (CVE-2025-1377) References

• https://bugs.mageia.org/show_bug.cgi?id=34134
• https://ubuntu.com/security/notices/USN-7369-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25260
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1372
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1377

SRPMS 9/core

• elfutils-0.189-1.1.mga9

Publication date: 27 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-2476 Description Use after free in Lens. (CVE-2025-2476) References

• https://bugs.mageia.org/show_bug.cgi?id=34125
• https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_19.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2476

SRPMS 9/tainted

• chromium-browser-stable-134.0.6998.117-1.mga9.tainted

Publication date: 26 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-2357 Description DCMTK dcmjpls JPEG-LS Decoder memory corruption. (CVE-2025-2357) References

• https://bugs.mageia.org/show_bug.cgi?id=34120
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/4KKPT4TUWSBKUZJOLDBLHRTKHRBW4RIQ/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2357

SRPMS 9/core

• dcmtk-3.6.7-4.5.mga9

Publication date: 26 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-56737 , CVE-2025-1744 , CVE-2025-1864 Description Buffer overflow in the HFS parser from grub2. (CVE-2024-56737) Out-of-bounds Write in radare2. (CVE-2025-1744) Buffer Overflow and Potential Code Execution in Radare2. (CVE-2025-1864) References

• https://bugs.mageia.org/show_bug.cgi?id=34122
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JESFQCNT2ONAGTVQXEDREBQFC7NUDPEC/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56737
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1744
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1864

SRPMS 9/core

• radare2-5.8.8-1.6.mga9

Publication date: 26 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-44431 , CVE-2023-51580 , CVE-2023-51589 , CVE-2023-51592 , CVE-2023-51594 , CVE-2023-51596 Description BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. (CVE-2023-44431) BlueZ Audio Profile AVRCP avrcp_parse_attribute_list Out-Of-Bounds Read Information Disclosure Vulnerability. (CVE-2023-51580) BlueZ Audio Profile AVRCP parse_media_element Out-Of-Bounds Read Information Disclosure Vulnerability. (CVE-2023-51589) BlueZ Audio Profile AVRCP parse_media_folder Out-Of-Bounds Read Information Disclosure Vulnerability. (CVE-2023-51592) BlueZ OBEX Library Out-Of-Bounds Read Information Disclosure Vulnerability. (CVE-2023-51594) BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. (CVE-2023-51596) References

• https://bugs.mageia.org/show_bug.cgi?id=34123
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6KKJVC5RPR5AMR4ZTMHWP7TATS4SY47/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44431
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51580
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51589
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51592
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51594
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51596

SRPMS 9/core

• bluez-5.80-1.mga9

Publication date: 26 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-12361 Description FFmpeg NULL Pointer Dereference. (CVE-2024-12361) References

• https://bugs.mageia.org/show_bug.cgi?id=34130
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RJNUZFKKYTUNYVVV4IRSNIJAOCMVCKVS/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12361

SRPMS 9/core

• ffmpeg-5.1.6-1.5.mga9

9/tainted

• ffmpeg-5.1.6-1.5.mga9.tainted

Publication date: 24 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-24912 Description hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail. (CVE-2025-24912) References

• https://bugs.mageia.org/show_bug.cgi?id=34117
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24912

SRPMS 9/core

• hostapd-2.11-1.1.mga9
• wpa_supplicant-2.11-1.1.mga9

Publication date: 24 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-58088 , CVE-2025-21838 , CVE-2025-21844 , CVE-2025-21846 , CVE-2025-21847 , CVE-2025-21848 , CVE-2025-21853 , CVE-2025-21854 , CVE-2025-21855 , CVE-2025-21856 , CVE-2025-21857 , CVE-2025-21858 , CVE-2025-21859 , CVE-2025-21862 , CVE-2025-21863 , CVE-2025-21864 , CVE-2025-21865 , CVE-2025-21866 Description Vanilla upstream kernel version 6.6.83 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links. References

• https://bugs.mageia.org/show_bug.cgi?id=34115
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-58088
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21838
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21844
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21846
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21847
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21848
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21853
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21854
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21855
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21856
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21857
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21858
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21859
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21862
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21863
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21864
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21865
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21866

SRPMS 9/core

• kernel-linus-6.6.83-1.mga9