Mageia Security

Publication date: 12 Feb 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-46901 Description Insufficient validation of filenames against control characters in Apache Subversion repositories served via mod_dav_svn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. (CVE-2024-46901) References

• https://bugs.mageia.org/show_bug.cgi?id=33838
• https://www.openwall.com/lists/oss-security/2024/12/09/1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46901

SRPMS 9/core

• subversion-1.14.2-2.1.mga9

Publication date: 12 Feb 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-49528 Description A buffer overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via af_dialoguenhance.c:261:5 in the de_stereo component. (CVE-2023-49528) References

• https://bugs.mageia.org/show_bug.cgi?id=33430
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3BMDGSJN6WOKM5DG6WR4ITFVPI77UHH/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49528

SRPMS 9/core

• ffmpeg-5.1.6-1.1.mga9

9/tainted

• ffmpeg-5.1.6-1.1.mga9.tainted