5993 matches found
Updated bind packages fix security vulnerabilities
Resource exhaustion via malformed DNSKEY handling CVE-2025-8677. Cache poisoning attacks with unsolicited RRs CVE-2025-40778. Cache poisoning due to weak PRNG CVE-2025-40780...
Updated sope packages fix security vulnerability
It was discovered that sope, the set of Objective-C frameworks powering SOGo, contains a DoS bug which could cause a crash CVE-2025-53603...
Updated transfig packages fix security vulnerabilities
fig2dev stack-overflow. CVE-2025-46397 fig2dev stack-overflow via readobjects. CVE-2025-46398 fig2dev segmentation fault vulnerability. CVE-2025-46399 fig2dev segmentation fault in readarcobject. CVE-2025-46400...
Updated libtiff packages fix security vulnerabilities
LibTIFF fax2ps tiff2pdf.c t2preadtiffinit null pointer dereference. CVE-2024-13978 LibTIFF tiffmedian.c gethistogram use after free. CVE-2025-8176 LibTIFF thumbnail.c setrow buffer overflow. CVE-2025-8177 libtiff tiff2ps tiff2ps.c PSLvl2page null pointer dereference. CVE-2025-8534 LibTIFF tiffcro...
Updated poppler packages fix security vulnerability
Use After Free UAF in Poppler. CVE-2025-52885...
Updated tomcat packages fix security vulnerabilities
Directory traversal via rewrite with possible RCE if PUT is enabled. CVE-2025-55752 Console manipulation via escape sequences in log messages. CVE-2025-55754 Delayed cleaning of multi-part upload temporary files may lead to DoS. CVE-2025-61795...
Updated icu packages fix security vulnerability
A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution...
Updated libtpms package fixes security vulnerability
It was discovered that libtpms had a potential out-of-bound access & abort due to HMAC signing issue CVE-2025-49133...
Updated firefox, nss & rootcerts fix security vulnerabilities
CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures CVE-2025-11710: Cross-process information leaked due to malicious IPC messages CVE-2025-11711: Some non-writable Object properties could ...
Updated thunderbird packgaes fix security vulnerabilities
CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures CVE-2025-11710: Cross-process information leaked due to malicious IPC messages CVE-2025-11711: Some non-writable Object properties could ...
Updated python-django packages fix a security vulnerability
An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate, QuerySet.alias, QuerySet.aggregate, and QuerySet.extra are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the kwarg...
Updated haproxy packages fix security vulnerability & bugs
Haproxy has a critical, a major, few medium and few minor bugs fixed in the last upstream version 2.8.16 of branch 2.8. Fixed critical bug list: - mjson: fix possible DoS when parsing numbers Fixed major bug list: - listeners: transfer connection accounting when switching listeners Fixed medium...
Updated nginx package fixes security vulnerability
It was discovered that nginx contains a security issue in the ngxmailsmtpmodule which might allow an attacker to cause buffer over-read potentially resulting in sensitive information leak in a HTTP request to the authentication server CVE-2025-53859...
Updated openssl packages fix a security vulnerability
Out-of-bounds read & write in RFC 3211 KEK Unwrap. CVE-2025-9230...
Updated quictls packages with two security issues and bug fixes
Two security issues and miscellaneous minor bug fixes. Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap. CVE-2025-9230 Fix Out-of-bounds read in HTTP client noproxy handling. CVE-2025-9232...
Updated expat packages fix security vulnerabilities
Improper restriction of xml entity expansion depth in libexpat. CVE-2024-8176 This is an extension of the fix published in MGASA-2025-0109 that was determined by upstream to be incomplete. Libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small...
Updated varnish & lighttpd packages fix security vulnerability
It was discovered that a denial of service attack can be performed on cache servers that have the HTTP/2 protocol turned on. An attacker can create a large number of streams and immediately reset them without ever reaching the maximum number of concurrent streams allowed for the session, causing...
Updated fetchmail package fixes security vulnerability
It was discovered that fetchmail's SMTP client, when configured to authenticate, is susceptible to a protocol violation where, when a trusted but malicious or malfunctioning SMTP server responds to an authentication request with a "334" code but without a following blank on the line, it will...
Updated open-vm-tools package fixes security vulnerability
It was discovered that open-vm-tools contains a local privilege escalation vulnerability. A malicious actor with non-administrative privileges on a guest VM may exploit this vulnerability to escalate privileges to root on the same VM CVE-2025-41244...
Updated microcode packages fix security vulnerabilities
The updated package updates AMD cpu microcode for processor family 19h, adds AMD cpu microcode for processor family 1ah and fixes security vulnerabilities for Intel processors: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel® Processors may allow an...
Updated kernel, kmod-virtualbox & kmod-xtables-addons packages fix security vulnerabilities
Upstream kernel version 6.6.105 fixes bugs and vulnerabilities. The kmod-virtualbox & kmod-xtables-addons packages have been updated to work with this new kernel. The newer meta-task and mageia-repos packages are required to simplify the correct installation of the kernel-stable-userspace-headers...
Updated kernel-linus packages fix security vulnerabilities
Vanilla upstream kernel version 6.6.105 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links...
Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk & java-latest-openjdk packages fix security vulnerabilities
Better Glyph drawing. CVE-2025-30749 Enhance TLS protocol support. CVE-2025-30754 Improve scripting supports. CVE-2025-30761 Improve HTTP client header handling. CVE-2025-50059 Better Glyph drawing redux. CVE-2025-50106...
Updated curl packages fix security vulnerability
curl is susceptible to an out-of-bounds read in the cookie handler that could either cause a crash or potentially make allow a clear-text site to override the contents of a secure cookie. This release also fixes a rare memory leak in HTTP trailers...
Updated udisks2 packages fix a security vulnerability
Out-of-bounds read in udisks daemon. CVE-2025-8067...
Updated postgresql15 & postgresql13 packages fix security vulnerabilities
PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table. CVE-2025-8713 PostgreSQL pgdump lets superuser of origin server execute arbitrary code in psql client. CVE-2025-8714 PostgreSQL pgdump newline in object name executes arbitrary code in psql client an...
Updated python-django packages fix security vulnerability
Potential SQL injection in FilteredRelation column aliases. CVE-2025-57833...
Updated rootcerts, nspr, nss & firefox packages fix vulnerabilities
JavaScript engine only wrote partial return value to stack. CVE-2025-8027 Large branch table could lead to truncated instruction. CVE-2025-8028 Javascript: URLs executed on object and embed tags. CVE-2025-8029 Potential user-assisted code execution in “Copy as cURL” command. CVE-2025-8030 Incorre...
Updated thunderbird packages fix vulnerabilities
Use-after-free in FontFaceSet. CVE-2025-6424 The WebCompat WebExtension shipped exposed a persistent UUID. CVE-2025-6425 Incorrect parsing of URLs could have allowed embedding of youtube.com. CVE-2025-6429 Content-Disposition header ignored when a file is included in an embed or object tag...
Updated tomcat packages fix vulnerabilities
APR/Native Connector crash leading to DoS. CVE-2025-52434 DoS via integer overflow in multipart file upload. CVE-2025-52520 DoS via excessive h2 streams at connection start. CVE-2025-53506 H2 DoS - Made You Reset. CVE-2025-48989...
Updated gnutls packages fix vulnerabilities
null pointer dereference in gnutlsfigurecommonciphersuite. CVE-2025-6395 Vulnerability in gnutls othername san export. CVE-2025-32988 Vulnerability in gnutls sct extension parsing. CVE-2025-32989 Vulnerability in gnutls certtool template parsing. CVE-2025-32990...
Updated aide packages fix vulnerabilities
Improper output neutralization potential AIDE detection bypass. CVE-2025-54389 Null pointer dereference after reading incorrectly encoded xattr attributes from database local DoS. CVE-2025-54409...
Updated vim packages fix vulnerabilities
Path traversal issue with tar.vim and special crafted tar archives in Vim 9.1.1552. CVE-2025-53905 Path traversal issue with zip.vim and special crafted zip archives in Vim v9.1.1551. CVE-2025-53906...
Updated golang packages fix vulnerabilities
LookPath may return unexpected paths, CVE-2025-47906. incorrect results returned from Rows.Scan, CVE-2025-47907. These packages fix the issues for the compiler only; applications using the functions still need to be rebuilt...
Updated ceph packages fix vulnerability
Security regression CVE-2025-52555 that would have allowed an user to read, write and execute to any directory owned by root as long as they chmod 777 it...
Updated glibc packages fix vulnerability
Double-free after allocation failure in regcomp. CVE-2025-8058...
Updated kernel-linus packages fix security vulnerabilities
Vanilla upstream kernel version 6.6.101 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links...
Updated kernel, kmod-virtualbox, kmod-xtables-addons & wireless-regdb packages fix security vulnerabilities
Upstream kernel version 6.6.101 fixes bugs and vulnerabilities. The kmod-virtualbox, kmod-xtables-addons & wireless-regdb packages have been updated to work with this new kernel. For information about the vulnerabilities see the links...
Updated wxgtk packages fix security vulnerability
In wxWidgets before 3.2.7, a crash can be triggered in wxWidgets apps when connections are refused in wxWebRequestCURL...
Updated glib2.0 packages fix security vulnerability
A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be writte...
Updated slurm packages fix security vulnerability
Updated slurm packages to fix a vulnerability in the Slurm’s accounting system that would have allowed a Coordinator to promote a user to Administrator CVE-2025-43904...
Updated sudo packages fix security vulnerabilities
CVE-2025-32462 - Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines CVE-2025-32463 - Sudo before 1.9.17p1 allows local users to obtain root access because...
Updated poppler packages fix security vulnerabilities
poppler uses std::atomicint for reference counting. Because it is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free...
Updated qtbase6 & qtbase5 packages fix security vulnerability
An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a value such as...
Updated djvulibre packages fix security vulnerability
An out-of-bounds write in the MMRDecoder::scanruns method was fixed. The vulnerability could be exploited to gain code execution on a Linux Desktop system when the user tries to open a crafted document...
Updated quictls packages with minor bug fixes
Miscellaneous minor bug fixes...
Updated redis packages fix security vulnerabilities
Updated redis packages to a more recent version to fix security vulnerabilities: Some vulnerabilities have been discovered and fixed. Please note this update is from 7.0 to 7.2 which brings some potentially breaking changes. In most cases this update could be installed without problems. Potential...
Updated qtimageformats6 packages fix security vulnerabilities
Loading a specifically-crafted ICNS format image file in QImage will trigger a crash. This issue affects Qt from versions 6.3.0 through 6.5.9, from 6.6.0 through 6.8.4, 6.9.0...
Updated gnupg2 packages fix security vulnerabilities
Key validity not computed when key is certified by a trusted "certify-only" key regression due to patch for CVE-2025-30258...
Updated firefox packages fix security vulnerabilities
Suggested Advisory The last packaged version for armv7hl was 115.13.0, so from the point of view of the armv7hl architecture, this is a Security Advisory and fixes a lot of CVEs; see the linked Security Advisories below. https://advisories.mageia.org/MGASA-2024-0325.html...