Mageia Security

Publication date: 07 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-5283 Description Double-free in libvpx encoder. (CVE-2025-5283) References

• https://bugs.mageia.org/show_bug.cgi?id=34346
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KFW4D73K3AUKLCFQCO3CMQVM3FH6SE6V/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5283

SRPMS 9/core

• libvpx-1.12.0-1.4.mga9

Publication date: 07 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-9732 Description A vulnerability was identified in DCMTK up to 3.6.9. This affects an unknown function in the library dcmimage/include/dcmtk/dcmimage/diybrpxt.h of the component dcm2img. Such manipulation leads to memory corruption. Local access is required to approach this attack. The name of the patch is 7ad81d69b. It is best practice to apply a patch to resolve this issue. References

• https://bugs.mageia.org/show_bug.cgi?id=34718
• https://lists.debian.org/debian-lts-announce/2025/11/msg00006.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9732

SRPMS 9/core

• dcmtk-3.6.7-4.6.mga9

Publication date: 07 Nov 2025
Type: bugfix
Affected Mageia releases : 9
Description Added support for YCbCr 4:2:2 display modes over HDMI Fixed Rate Link (FRL). This capability is only supported on Blackwell or later. Downgraded an error message "Failed to allocate NvKmsKapiDevice" to an informational message "NUMA was not set up yet; ignoring this device" when initializing nvidia-drm in cases where initialization is expected to fail due to NUMA not being online. Fixed a bug that caused interactive object outlines to not be rendered in Indiana Jones and the Great Circle. Fixed a regression introduced in the 575 driver series that caused GPUs to be powered on unnecessarily when processing redundant system power source notifications from the ACPI subsystem. References

• https://bugs.mageia.org/show_bug.cgi?id=34712
• https://www.nvidia.com/en-us/drivers/details/254665/

SRPMS 9/nonfree

• nvidia-current-580.95.05-1.mga9.nonfree

Publication date: 06 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-3887 Description GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. (CVE-2025-3887) References

• https://bugs.mageia.org/show_bug.cgi?id=34356
• https://ubuntu.com/security/notices/USN-7558-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3887

SRPMS 9/core

• gstreamer1.0-plugins-bad-1.22.11-1.1.mga9

9/tainted

• gstreamer1.0-plugins-bad-1.22.11-1.1.mga9.tainted

Publication date: 06 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-62229 , CVE-2025-62230 , CVE-2025-62231 Description Use-after-free in XPresentNotify structures creation. (CVE-2025-62229) Use-after-free in Xkb client resource removal. (CVE-2025-62230) Value overflow in Xkb extension XkbSetCompatMap(). (CVE-2025-62231) References

• https://bugs.mageia.org/show_bug.cgi?id=34701
• https://www.openwall.com/lists/oss-security/2025/10/28/7
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62229
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62230
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62231

SRPMS 9/core

• x11-server-21.1.8-7.9.mga9
• x11-server-xwayland-22.1.9-1.9.mga9
• tigervnc-1.13.1-2.9.mga9

Publication date: 06 Nov 2025
Type: bugfix
Affected Mageia releases : 9
Description We are rebuilding packages requiring icu version 72 with icu version 73 to use an icu version with security fixes. These packages are the second set. References

• https://bugs.mageia.org/show_bug.cgi?id=34665

SRPMS 9/core

• brltty-6.5-2.1.mga9
• darktable-4.6.1-1.1.mga9
• dino-0.4.2-1.1.mga9
• gnome-text-editor-44.0-1.1.mga9
• godot-4.5-1.1.mga9
• hfst-ospell-0.5.3-2.1.mga9
• kdb-3.2.90-11.git20220620.mga9
• libe-book-0.1.3-13.1.mga9
• libphonenumber-8.12.57-4.1.mga9
• libical-3.0.16-2.1.mga9
• liblcf-0.7.0-3.1.mga9
• mapnik-3.1.0-9.1.mga9
• libmspub-0.1.4-13.1.mga9
• nuspell-5.1.2-1.1.mga9
• libqalculate-4.5.1-2.1.mga9
• qt5compat6-6.4.1-3.1.mga9
• qt4-4.8.7-45.1.mga9
• libqxp-0.0.2-10.1.mga9
• libvisio-0.1.7-10.1.mga9
• vte-0.72.1-1.2.mga9
• xalan-c-1.12-5.1.mga9
• libzmf-0.0.2-13.1.mga9
• ncmpcpp-0.9.2-11.1.mga9
• openttd-13.3-1.1.mga9
• qtlocation5-5.15.7-2.1.mga9
• rspamd-3.2-3.1.mga9
• slop-7.6-2.1.mga9
• tesseract-5.3.0-3.1.mga9
• texlive-20220321-7.2.mga9
• unar-1.10.7-11.1.mga9
• widelands-1.1-2.1.mga9
• znc-1.8.2-21.2.mga9
• samba-4.17.12-1.1.mga9

Publication date: 06 Nov 2025
Type: bugfix
Affected Mageia releases : 9
Description We are rebuilding packages requiring icu 72 version with icu 73 version to use an icu version with security fixes. These packages are the first set. References

• https://bugs.mageia.org/show_bug.cgi?id=34619

SRPMS 9/core

• 389-adminutil-1.1.22-19.1.mga9
• 389-ds-base-1.4.0.26-17.1.mga9
• 389-dsgw-1.1.11-27.1.mga9
• boost-1.81.0-3.1.mga9
• couchdb-3.2.2-2.2.mga9
• dee-1.2.7-31.1.mga9
• fbembed-2.5.9.27115-13.1.mga9
• freeciv-3.0.7-1.1.mga9
• harfbuzz-7.0.1-1.1.mga9
• ibus-qt4-1.3.3-19.1.mga9
• ircclient-qt-0.3.2-32.1.mga9
• mongo-c-driver-1.23.2-2.1.mga9
• mozjs102-102.6.0-2.1.mga9
• parrot-8.1.0-15.1.mga9
• postfix-3.8.4-1.1.mga9
• prelude-lml-5.2.0-7.1.mga9
• python-icu-2.10.2-1.1.mga9
• sword-1.9.0-9.1.mga9
• tepl-6.4.0-1.1.mga9
• tracker-3.5.3-1.1.mga9
• tracker-miners-3.5.2-1.1.mga9
• xerces-c-3.2.4-1.1.mga9
• xfsprogs-6.6.0-1.1.mga9
• yaz-5.34.0-1.1.mga9

Publication date: 06 Nov 2025
Type: bugfix
Affected Mageia releases : 9
Description The updated packages provide the latest version of xscreensaver to get rid of "This version is very old" and fix a heap buffer overflow. References

• https://bugs.mageia.org/show_bug.cgi?id=34707

SRPMS 9/core

• xscreensaver-6.12-1.1.mga9

9/tainted

• xscreensaver-6.12-1.1.mga9.tainted

Publication date: 05 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-1153 , CVE-2025-1176 , CVE-2025-1178 , CVE-2025-1181 , CVE-2025-1182 Description GNU Binutils format.c bfd_set_format memory corruption. (CVE-2025-1153) GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec heap-based overflow. (CVE-2025-1176) GNU Binutils ld libbfd.c bfd_putl64 memory corruption. (CVE-2025-1178) GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec memory corruption. (CVE-2025-1181) GNU Binutils ld elflink.c bfd_elf_reloc_symbol_deleted_p memory corruption. (CVE-2025-1182) References

• https://bugs.mageia.org/show_bug.cgi?id=34180
• https://ubuntu.com/security/notices/USN-7423-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1153
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1176
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1178
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1181
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1182

SRPMS 9/core

• binutils-2.40-11.2.mga9

Publication date: 05 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-2784 , CVE-2025-32049 , CVE-2025-32050 , CVE-2025-32051 , CVE-2025-32052 , CVE-2025-32053 , CVE-2025-32906 , CVE-2025-32907 , CVE-2025-32908 , CVE-2025-32909 , CVE-2025-32910 , CVE-2025-32911 , CVE-2025-32912 , CVE-2025-32913 , CVE-2025-32914 Description Libsoup: heap buffer over-read in `skip_insignificant_space` when sniffing content. (CVE-2025-2784) Libsoup: denial of service attack to websocket server. (CVE-2025-32049) Libsoup: integer overflow in append_param_quoted. (CVE-2025-32050) Libsoup: segmentation fault when parsing malformed data uri. (CVE-2025-32051) Libsoup: heap buffer overflow in sniff_unknown(). (CVE-2025-32052) Libsoup: heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space(). (CVE-2025-32053) Libsoup: out of bounds reads in soup_headers_parse_request(). (CVE-2025-32906) Libsoup: denial of service in server when client requests a large amount of overlapping ranges with range header. (CVE-2025-32907) Libsoup: denial of service on libsoup through http/2 server. (CVE-2025-32908) Libsoup: null pointer dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c. (CVE-2025-32909) Libsoup: null pointer deference on libsoup via /auth/soup-auth-digest.c through "soup_auth_digest_authenticate" on client when server omits the "realm" parameter in an unauthorized response with digest authentication. (CVE-2025-32910) Libsoup: double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" ghashtable value. (CVE-2025-32911) Libsoup: null pointer dereference in client when server omits the "nonce" parameter in an unauthorized response with digest authentication. (CVE-2025-32912) Libsoup: null pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in content-disposition header. (CVE-2025-32913) Libsoup: oob read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process. (CVE-2025-32914) Libsoup: memory leak on soup_header_parse_quality_list() via soup-headers.c. (CVE-2025-46420) Libsoup: information disclosure may leads libsoup client sends authorization header to a different host when being redirected by a server. (CVE-2025-46421) Libsoup: null pointer dereference in libsoup may lead to denial of service. (CVE-2025-4476) Libsoup: integer overflow in cookie expiration date handling in libsoup. (CVE-2025-4945) References

• https://bugs.mageia.org/show_bug.cgi?id=34187
• https://ubuntu.com/security/notices/USN-7432-1
• https://openwall.com/lists/oss-security/2025/04/18/4
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/53THXHSDPP4TLMFRSP5DPLY4DK72M7XY/
• https://ubuntu.com/security/notices/USN-7543-1
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/NK7USYFSJPRTIVISSEDBLS53JCM5ETOI/
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/EPLHUVQI4JICGWTVGG7KI7D4BMHB34YD/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2784
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32049
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32050
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32051
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32052
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32053
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32906
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32907
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32908
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32909
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32910
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32911
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32912
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32913
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32914

SRPMS 9/core

• libsoup3-3.4.2-1.2.mga9
• libsoup-2.74.3-1.2.mga9

Publication date: 05 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-3469 , CVE-2025-32696 , CVE-2025-32697 , CVE-2025-32698 , CVE-2025-32699 , CVE-2025-32700 , CVE-2025-32072 , CVE-2025-11173 , CVE-2025-11261 , CVE-2025-61635 , CVE-2025-61638 , CVE-2025-61639 , CVE-2025-61640 , CVE-2025-61641 , CVE-2025-61643 , CVE-2025-61646 , CVE-2025-61653 Description i18n XSS vulnerability in HTMLMultiSelectField when sections are used. (CVE-2025-3469) "reupload-own" restriction can be bypassed by reverting file. (CVE-2025-32696) Cascading protection is not preventing file reversions. (CVE-2025-32697) LogPager.php: Restriction enforcer functions do not correctly enforce suppression restrictions. (CVE-2025-32698) Potential javascript injection attack enabled by Unicode normalization in Action API. (CVE-2025-32699) AbuseFilter log interfaces expose global private and hidden filters when central DB is not available. (CVE-2025-32700) HTML injection in feed output from i18n message. (CVE-2025-32072) OATHAuth extension: Reauthentication for enabling 2FA can be bypassed by submitting a form in Special:OATHManage. (CVE-2025-11173) Stored i18n Cross-site scripting (XSS) vulnerability in mw.language.listToText. (CVE-2025-11261) ConfirmEdit extension: Missing rate limiting in ApiFancyCaptchaReload. (CVE-2025-61635) Parsoid: Validation bypass for `data-` attributes. (CVE-2025-61638) Log entries which are hidden from the creation of the entry may be disclosed to the public recent change entry. (CVE-2025-61639) Stored i18n Cross-site scripting (XSS) vulnerability in Special:RecentChangesLinked. (CVE-2025-61640) DDoS vulnerability in QueryAllPages API in miser mode. The `maxsize` value is now ignored in that mode. (CVE-2025-61641) Suppressed recent changes may be disclosed to the public RCFeeds. (CVE-2025-61643) Public Watchlist/RecentChanges pages may disclose hidden usernames when an individual editor makes consecutive revisions on a single page, and only some are marked as hidden username. (CVE-2025-61646) TextExtracts extension: Information disclosure vulnerability in the extracts API action endpoint due to missing read permission check. (CVE-2025-61653) VisualEditor extension: Stored i18n Cross-site scripting (XSS) vulnerability in `lastModifiedAt` system messages. (CVE-2025-61655) VisualEditor extension: Missing attribute validation for attributes unwrapped from `data-ve-attributes`. (CVE-2025-61656) References

• https://bugs.mageia.org/show_bug.cgi?id=34211
• https://lists.debian.org/debian-security-announce/2025/msg00063.html
• https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/CIXFJVC57OFRBCCEIDRLZCLFGMYGEYTT/
• https://lists.debian.org/debian-security-announce/2025/msg00121.html
• https://lists.debian.org/debian-lts-announce/2025/10/msg00034.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3469
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32696
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32697
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32698
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32699
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32700
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32072
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11173
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11261
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61635
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61638
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61639
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61640
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61641
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61643
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61646
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61653

SRPMS 9/core

• mediawiki-1.35.14-1.1.mga9

Publication date: 05 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-46836 Description net-tools Stack-based Buffer Overflow vulnerability. (CVE-2025-46836) References

• https://bugs.mageia.org/show_bug.cgi?id=34295
• https://lists.debian.org/debian-security-announce/2025/msg00086.html
• https://ubuntu.com/security/notices/USN-7537-1
• https://ubuntu.com/security/notices/USN-7537-2
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46836

SRPMS 9/core

• net-tools-2.10-1.1.mga9

Publication date: 05 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-36347 Description AMD CPU Microcode Signature Verification Vulnerability. (CVE-2024-36347) References

• https://bugs.mageia.org/show_bug.cgi?id=34706
• https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7033.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36347

SRPMS 9/nonfree

• microcode-0.20250812-3.mga9.nonfree

Publication date: 04 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-48174 , CVE-2025-48175 Description In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream->offset+size. (CVE-2025-48174) In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes. (CVE-2025-48175) References

• https://bugs.mageia.org/show_bug.cgi?id=34336
• https://lists.debian.org/debian-security-announce/2025/msg00094.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48174
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48175

SRPMS 9/core

• libavif-0.11.1-1.1.mga9

Publication date: 04 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-47912 , CVE-2025-58183 , CVE-2025-58185 , CVE-2025-58186 , CVE-2025-58187 , CVE-2025-58188 , CVE-2025-58189 , CVE-2025-61723 , CVE-2025-61724 , CVE-2025-61725 Description Insufficient validation of bracketed IPv6 hostnames in net/url. (CVE-2025-47912) Unbounded allocation when parsing GNU sparse map in archive/tar. (CVE-2025-58183) Parsing DER payload can cause memory exhaustion in encoding/asn1. (CVE-2025-58185) Lack of limit when parsing cookies can cause memory exhaustion in net/http. (CVE-2025-58186) Quadratic complexity when checking name constraints in crypto/x509. (CVE-2025-58187) Panic when validating certificates with DSA public keys in crypto/x509. (CVE-2025-58188) ALPN negotiation error contains attacker controlled information in crypto/tls. (CVE-2025-58189) Quadratic complexity when parsing some invalid inputs in encoding/pem. (CVE-2025-61723) Excessive CPU consumption in Reader.ReadResponse in net/textproto. (CVE-2025-61724) Excessive CPU consumption in ParseAddress in net/mail. (CVE-2025-61725) These packages fix the issues for the compiler only; applications using the functions still need to be rebuilt. References

• https://bugs.mageia.org/show_bug.cgi?id=34651
• https://www.openwall.com/lists/oss-security/2025/10/08/1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47912
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58183
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58185
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58186
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58187
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58188
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58189
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61723
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61724
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61725

SRPMS 9/core

• golang-1.24.9-1.mga9

Publication date: 31 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-53603 Description It was discovered that sope, the set of Objective-C frameworks powering SOGo, contains a DoS bug which could cause a crash (CVE-2025-53603). References

• https://bugs.mageia.org/show_bug.cgi?id=34416
• https://www.openwall.com/lists/oss-security/2025/07/02/3
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53603

SRPMS 9/core

• sope-5.6.0-2.1.mga9

Publication date: 31 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-8677 , CVE-2025-40778 , CVE-2025-40780 Description Resource exhaustion via malformed DNSKEY handling (CVE-2025-8677). Cache poisoning attacks with unsolicited RRs (CVE-2025-40778). Cache poisoning due to weak PRNG (CVE-2025-40780). References

• https://bugs.mageia.org/show_bug.cgi?id=34696
• https://www.openwall.com/lists/oss-security/2025/10/22/1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8677
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40778
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40780

SRPMS 9/core

• bind-9.18.39-1.1.mga9

Publication date: 31 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-46397 , CVE-2025-46398 , CVE-2025-46399 , CVE-2025-46400 Description fig2dev stack-overflow. (CVE-2025-46397) fig2dev stack-overflow via read_objects. (CVE-2025-46398) fig2dev segmentation fault vulnerability. (CVE-2025-46399) fig2dev segmentation fault in read_arcobject. (CVE-2025-46400) References

• https://bugs.mageia.org/show_bug.cgi?id=34309
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/ZDNSWLCQENGSN2O2GVDL64VL52AR7HAU/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46397
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46398
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46399
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46400

SRPMS 9/core

• transfig-3.2.9a-1.1.mga9

Publication date: 31 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-13978 , CVE-2025-8176 , CVE-2025-8177 , CVE-2025-8534 , CVE-2025-8961 , CVE-2025-9165 , CVE-2025-9900 Description LibTIFF fax2ps tiff2pdf.c t2p_read_tiff_init null pointer dereference. (CVE-2024-13978) LibTIFF tiffmedian.c get_histogram use after free. (CVE-2025-8176) LibTIFF thumbnail.c setrow buffer overflow. (CVE-2025-8177) libtiff tiff2ps tiff2ps.c PS_Lvl2page null pointer dereference. (CVE-2025-8534) LibTIFF tiffcrop tiffcrop.c main memory corruption. (CVE-2025-8961) LibTIFF tiffcmp tiffcmp.c InitCCITTFax3 memory leak. (CVE-2025-9165) Libtiff: libtiff write-what-where. (CVE-2025-9900) References

• https://bugs.mageia.org/show_bug.cgi?id=34704
• https://lists.debian.org/debian-security-announce/2025/msg00189.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13978
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8176
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8177
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8534
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8961
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9165
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9900

SRPMS 9/core

• libtiff-4.5.1-1.6.mga9

Publication date: 29 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-52885 Description Use After Free (UAF) in Poppler. (CVE-2025-52885) References

• https://bugs.mageia.org/show_bug.cgi?id=34668
• https://www.openwall.com/lists/oss-security/2025/10/13/2
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52885

SRPMS 9/core

• poppler-23.02.0-1.8.mga9