Mageia Security

Feed
Mageia Advisories
Updated: hace 18 horas 9 minutos

MGASA-2024-0304 - Updated tgt packages fix security vulnerability

16 Septiembre, 2024 - 18:44
Publication date: 16 Sep 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-45751 Description tgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical. (CVE-2024-45751) References SRPMS 9/core
  • tgt-1.0.85-1.1.mga9

MGASA-2024-0303 - Updated wireshark packages fix security vulnerability

16 Septiembre, 2024 - 18:44
Publication date: 16 Sep 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-8250 Description NTLMSSP dissector crash in Wireshark 4.2.0 to 4.2.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file. (CVE-2024-8250) References SRPMS 9/core
  • wireshark-4.0.17-1.mga9

MGASA-2024-0302 - Updated microcode packages fix security vulnerabilities

16 Septiembre, 2024 - 18:44
Publication date: 16 Sep 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-23984 , CVE-2024-24968 Description Observable discrepancy in RAPL interface for some Intel® Processors may allow a privileged user to potentially enable information disclosure via local access. (CVE-2024-23984) Improper finite state machines (FSMs) in hardware logic in some Intel® Processors may allow an privileged user to potentially enable a denial of service via local access. (CVE-2024-24968) References SRPMS 9/nonfree
  • microcode-0.20240910-1.mga9.nonfree

MGASA-2024-0301 - Updated postgresql15 & postgresql13 packages fix security vulnerability

16 Septiembre, 2024 - 18:44
Publication date: 16 Sep 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-7348 Description Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. (CVE-2024-7348) References SRPMS 9/core
  • postgresql15-15.8-1.mga9
  • postgresql13-13.16-1.mga9

MGAA-2024-0196 - Updated purple-telegram-tdlib & tdlib packages fix bug

16 Septiembre, 2024 - 18:44
Publication date: 16 Sep 2024
Type: bugfix
Affected Mageia releases : 9
Description Current versions can't connect to a new Telegram account from Pidgin with the tdlib protocol. This update fixes the reported issue. References SRPMS 9/core
  • purple-telegram-tdlib-0.8.1-2.git20240907.mga9
  • tdlib-1.8.35-1.git20240813.mga9

MGAA-2024-0195 - Updated coolreader3 packages provides latest upstream version

16 Septiembre, 2024 - 18:44
Publication date: 16 Sep 2024
Type: bugfix
Affected Mageia releases : 9
Description coolreader3 is updated to latest upstream release 3.2.59 References SRPMS 9/core
  • coolreader3-3.2.59-1.mga9

MGASA-2024-0300 - Updated assimp packages fix security vulnerability

13 Septiembre, 2024 - 18:15
Publication date: 13 Sep 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-40724 Description Heap-based buffer overflow vulnerability in Assimp allows a local attacker to execute arbitrary code by inputting a specially crafted file into the program. References SRPMS 9/core
  • assimp-5.2.2-4.1.mga9

MGASA-2024-0299 - Updated python-tqdm package fixes security vulnerability

13 Septiembre, 2024 - 18:15
Publication date: 13 Sep 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-34062 Description Any optional non-boolean CLI arguments (e.g. `--delim`, `--buf-size`, `--manpath`) are passed through python's `eval`, allowing arbitrary code execution. This issue is only locally exploitable. References SRPMS 9/core
  • python-tqdm-4.64.1-2.1.mga9

MGASA-2024-0298 - Updated radare2 packages fix security vulnerability

13 Septiembre, 2024 - 18:15
Publication date: 13 Sep 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-47016 Description radare2 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian References SRPMS 9/core
  • radare2-5.8.8-1.2.mga9

MGASA-2024-0297 - Updated botan2 packages fix security vulnerability

13 Septiembre, 2024 - 18:15
Publication date: 13 Sep 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-34703 Description An attacker could present an ECDSA X.509 certificate using explicit encoding where the parameters are very large. When parsing, the parameter is checked to be prime, causing excessive computation. This was patched in 2.19.4 and 3.3.0 to allow the prime parameter of the elliptic curve to be at most 521 bits. No known workarounds are available. Note that support for explicit encoding of elliptic curve parameters is deprecated in Botan. References SRPMS 9/core
  • botan2-2.19.5-1.mga9

MGAA-2024-0194 - Updated purple-googlechat packages fix bug

13 Septiembre, 2024 - 18:15
Publication date: 13 Sep 2024
Type: bugfix
Affected Mageia releases : 9
Description The current version of purple-googlechat has started to fail to connect to the service. This update fixes the reported issue. References SRPMS 9/core
  • purple-googlechat-0-1.20240101gitddc118b.mga9

MGASA-2024-0296 - Updated microcode package fix security vulnerabilities

11 Septiembre, 2024 - 21:42
Publication date: 11 Sep 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-42667 , CVE-2023-49141 , CVE-2024-24853 , CVE-2024-24980 , CVE-2024-25939 Description Improper isolation in the Intel(R) Core(TM) Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. (CVE-2023-42667) Improper isolation in some Intel(R) Processors stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. (CVE-2023-49141) Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2024-24853) Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2024-24980) Mirrored regions with different values in 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. (CVE-2024-25939) References SRPMS 9/nonfree
  • microcode-0.20240813-1.mga9.nonfree

MGASA-2024-0295 - Updated libpcap packages fix security vulnerabilities

11 Septiembre, 2024 - 21:42
Publication date: 11 Sep 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-7256 , CVE-2024-8006 Description In affected libpcap versions during the setup of a remote packet capture the internal function sock_initaddress() calls getaddrinfo() and possibly freeaddrinfo(), but does not clearly indicate to the caller function whether freeaddrinfo() still remains to be called after the function returns. This makes it possible in some scenarios that both the function and its caller call freeaddrinfo() for the same allocated memory block. (CVE-2023-7256) Remote packet capture support is disabled by default in libpcap. When a user builds libpcap with remote packet capture support enabled, one of the functions that become available is pcap_findalldevs_ex(). One of the function arguments can be a filesystem path, which normally means a directory with input data files. When the specified path cannot be used as a directory, the function receives NULL from opendir(), but does not check the return value and passes the NULL value to readdir(), which causes a NULL pointer derefence. (CVE-2024-8006) References SRPMS 9/core
  • libpcap-1.10.5-1.mga9

MGASA-2024-0294 - Updated expat packages fix security vulnerabilities

11 Septiembre, 2024 - 21:42
Publication date: 11 Sep 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-45490 , CVE-2024-45491 , CVE-2024-45492 Description An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer. (CVE-2024-45490) An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX). (CVE-2024-45491) An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX). (CVE-2024-45492) References SRPMS 9/core
  • expat-2.6.3-1.mga9

MGASA-2024-0293 - Updated unbound packages fix security vulnerability

10 Septiembre, 2024 - 17:40
Publication date: 10 Sep 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-43167 Description Along with various minor bug fixing, this update addresses the security vulnerability CVE-2024-43167. References SRPMS 9/core
  • unbound-1.21.0-1.mga9

MGASA-2024-0292 - Updated apr packages fix security vulnerability

10 Septiembre, 2024 - 17:40
Publication date: 10 Sep 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-49582 Description Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. (CVE-203-49582) References SRPMS 9/core
  • apr-1.7.5-1.mga9

MGASA-2024-0291 - Updated openssl packages fix security vulnerability

10 Septiembre, 2024 - 17:40
Publication date: 10 Sep 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-6119 Description Possible denial of service in X.509 name checks. (CVE-2024-6119) References SRPMS 9/core
  • openssl-3.0.15-1.mga9

MGASA-2024-0290 - Updated webmin package fixes security vulnerability

10 Septiembre, 2024 - 17:40
Publication date: 10 Sep 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-2169 Description CVE-2024-2169: Implementations of UDP application protocol are vulnerable to network loops. An unauthenticated attacker can use maliciously-crafted packets against a vulnerable implementation that can lead to Denial of Service (DOS) and/or abuse of resources. References SRPMS 9/core
  • webmin-2.202-1.mga9

MGASA-2024-0289 - Updated zziplib packages fix security vulnerability

10 Septiembre, 2024 - 17:40
Publication date: 10 Sep 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-39134 Description A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the __zzip_fetch_disk_trailer() function at /zzip/zip.c. (CVE-2024-39134) References SRPMS 9/core
  • zziplib-0.13.72-2.2.mga9

MGASA-2024-0288 - Updated orc packages fix security vulnerability

10 Septiembre, 2024 - 17:40
Publication date: 10 Sep 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-40897 Description Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of developer machines or CI build environments. (CVE-2024-40897) References SRPMS 9/core
  • orc-0.4.33-1.1.mga9