Principal

Lector de Feeds

MGASA-2025-0115 - Updated bluez packages fix security vulnerabilities

Mageia Security - 26 Marzo, 2025 - 04:43
Publication date: 26 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-44431 , CVE-2023-51580 , CVE-2023-51589 , CVE-2023-51592 , CVE-2023-51594 , CVE-2023-51596 Description BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. (CVE-2023-44431) BlueZ Audio Profile AVRCP avrcp_parse_attribute_list Out-Of-Bounds Read Information Disclosure Vulnerability. (CVE-2023-51580) BlueZ Audio Profile AVRCP parse_media_element Out-Of-Bounds Read Information Disclosure Vulnerability. (CVE-2023-51589) BlueZ Audio Profile AVRCP parse_media_folder Out-Of-Bounds Read Information Disclosure Vulnerability. (CVE-2023-51592) BlueZ OBEX Library Out-Of-Bounds Read Information Disclosure Vulnerability. (CVE-2023-51594) BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. (CVE-2023-51596) References SRPMS 9/core
  • bluez-5.80-1.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2025-0114 - Updated ffmpeg packages fix security vulnerability

Mageia Security - 26 Marzo, 2025 - 04:43
Publication date: 26 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-12361 Description FFmpeg NULL Pointer Dereference. (CVE-2024-12361) References SRPMS 9/core
  • ffmpeg-5.1.6-1.5.mga9
9/tainted
  • ffmpeg-5.1.6-1.5.mga9.tainted
Categorías: Actualizaciones de Seguridad

Re: [dev] Packagers meeting? - j.alberto.vc@gmail.com

Mageia Cauldron - 25 Marzo, 2025 - 20:45

MGASA-2025-0113 - Updated wpa_supplicant & hostapd packages fix security vulnerability

Mageia Security - 24 Marzo, 2025 - 18:27
Publication date: 24 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-24912 Description hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail. (CVE-2025-24912) References SRPMS 9/core
  • hostapd-2.11-1.1.mga9
  • wpa_supplicant-2.11-1.1.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2025-0112 - Updated kernel-linus packages fix security vulnerabilities

Mageia Security - 24 Marzo, 2025 - 18:27
Publication date: 24 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-58088 , CVE-2025-21838 , CVE-2025-21844 , CVE-2025-21846 , CVE-2025-21847 , CVE-2025-21848 , CVE-2025-21853 , CVE-2025-21854 , CVE-2025-21855 , CVE-2025-21856 , CVE-2025-21857 , CVE-2025-21858 , CVE-2025-21859 , CVE-2025-21862 , CVE-2025-21863 , CVE-2025-21864 , CVE-2025-21865 , CVE-2025-21866 Description Vanilla upstream kernel version 6.6.83 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links. References SRPMS 9/core
  • kernel-linus-6.6.83-1.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2025-0111 - Updated kernel, kmod-virtualbox & kmod-xtables-addons packages fix security vulnerabilities

Mageia Security - 24 Marzo, 2025 - 18:27
Publication date: 24 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-58088 , CVE-2025-21838 , CVE-2025-21844 , CVE-2025-21846 , CVE-2025-21847 , CVE-2025-21848 , CVE-2025-21853 , CVE-2025-21854 , CVE-2025-21855 , CVE-2025-21856 , CVE-2025-21857 , CVE-2025-21858 , CVE-2025-21859 , CVE-2025-21862 , CVE-2025-21863 , CVE-2025-21864 , CVE-2025-21865 , CVE-2025-21866 Description Upstream kernel version 6.6.83 fixes bugs and vulnerabilities. The kmod-virtualbox and kmod-xtables-addons packages have been updated to work with this new kernel. For information about the vulnerabilities see the links. References SRPMS 9/core
  • kernel-6.6.83-1.mga9
  • kmod-virtualbox-7.0.24-68.mga9
  • kmod-xtables-addons-3.24-74.mga9
Categorías: Actualizaciones de Seguridad

Re: [dev] Routing problem - mhrambo3501@posteo.net

Mageia Cauldron - 24 Marzo, 2025 - 16:33

Re: [dev] [changelog] [RPM] cauldron core/release gramps-6.0.0-2.mga10 - j.alberto.vc@gmail.com

Mageia Cauldron - 23 Marzo, 2025 - 12:44

Re: [dev] [changelog] [RPM] cauldron core/release gramps-6.0.0-2.mga10 - wally@mageia.org

Mageia Cauldron - 23 Marzo, 2025 - 11:52

Re: [dev] [changelog] [RPM] cauldron core/release gramps-6.0.0-2.mga10 - j.alberto.vc@gmail.com

Mageia Cauldron - 23 Marzo, 2025 - 11:06

Re: [dev] [changelog] [RPM] cauldron core/release gramps-6.0.0-2.mga10 - j.alberto.vc@gmail.com

Mageia Cauldron - 23 Marzo, 2025 - 11:02

Re: [dev] [changelog] [RPM] cauldron core/release gramps-6.0.0-2.mga10 - j.alberto.vc@gmail.com

Mageia Cauldron - 23 Marzo, 2025 - 10:45

Re: [dev] [changelog] [RPM] cauldron core/release gramps-6.0.0-2.mga10 - wally@mageia.org

Mageia Cauldron - 23 Marzo, 2025 - 09:13

Re: [dev] [changelog] [RPM] cauldron core/release gramps-6.0.0-2.mga10 - wally@mageia.org

Mageia Cauldron - 23 Marzo, 2025 - 09:03

Re: [dev] [changelog] [RPM] cauldron core/release gramps-6.0.0-2.mga10 - j.alberto.vc@gmail.com

Mageia Cauldron - 22 Marzo, 2025 - 22:52

Re: [dev] [changelog] [RPM] cauldron core/release gramps-6.0.0-2.mga10 - thierry.vignaud@gmail.com

Mageia Cauldron - 22 Marzo, 2025 - 21:56

MGASA-2025-0110 - Updated libxslt packages fix security vulnerabilities

Mageia Security - 22 Marzo, 2025 - 18:53
Publication date: 22 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-55549 , CVE-2025-24855 Description xsltGetInheritedNsList in libxslt has a use-after-free issue related to exclusion of result prefixes (CVE-2024-55549). numbers.c in libxslt has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal (CVE-2025-24855). References SRPMS 9/core
  • libxslt-1.1.38-1.1.mga9
Categorías: Actualizaciones de Seguridad

MGASA-2025-0109 - Updated expat packages fix security vulnerability

Mageia Security - 22 Marzo, 2025 - 18:53
Publication date: 22 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-8176 Description Improper restriction of xml entity expansion depth in libexpat. (CVE-2024-8176) References SRPMS 9/core
  • expat-2.7.0-1.mga9
Categorías: Actualizaciones de Seguridad

Re: [dev] When send to release and to updates_testing in cauldron? - geiger.david68210@gmail.com

Mageia Cauldron - 22 Marzo, 2025 - 05:30

Re: [dev] When send to release and to updates_testing in cauldron? - j.alberto.vc@gmail.com

Mageia Cauldron - 22 Marzo, 2025 - 03:28
Feed