Actualizaciones de Seguridad
MGASA-2026-0135 - Updated dnsmasq packages fix security vulnerabilities
Publication date: 14 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-2291 , CVE-2026-4890 , CVE-2026-4891 , CVE-2026-4892 , CVE-2026-4893 , CVE-2026-5172 Description CVE-2026-2291: dnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS. CVE-2026-4890: A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet. CVE-2026-4891: A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet. CVE-2026-4892: A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet. CVE-2026-4893: An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information. CVE-2026-5172: A buffer overflow in dnsmasq’s extract_addresses() function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extract_name() to advance the pointer past the record’s end. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-2291 , CVE-2026-4890 , CVE-2026-4891 , CVE-2026-4892 , CVE-2026-4893 , CVE-2026-5172 Description CVE-2026-2291: dnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS. CVE-2026-4890: A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet. CVE-2026-4891: A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet. CVE-2026-4892: A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet. CVE-2026-4893: An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information. CVE-2026-5172: A buffer overflow in dnsmasq’s extract_addresses() function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extract_name() to advance the pointer past the record’s end. References
- https://bugs.mageia.org/show_bug.cgi?id=35520
- https://thekelleys.org.uk/dnsmasq/CHANGELOG
- https://www.cve.org/CVERecord?id=CVE-2026-2291
- https://www.cve.org/CVERecord?id=CVE-2026-4890
- https://www.cve.org/CVERecord?id=CVE-2026-4891
- https://www.cve.org/CVERecord?id=CVE-2026-4892
- https://www.cve.org/CVERecord?id=CVE-2026-4893
- https://www.cve.org/CVERecord?id=CVE-2026-5172
- dnsmasq-2.92rel2-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0134 - Updated redis packages fix security vulnerabilities
Publication date: 14 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-23479 , CVE-2026-23631 , CVE-2026-25243 , CVE-2026-25588 , CVE-2026-25589 Description (CVE-2026-23479) Use-After-Free in unblock client flow may lead to Remote Code Execution. (CVE-2026-25243) Invalid memory access in RESTORE may lead to Remote Code Execution (CVE-2026-23631) Lua Use-After-Free may lead to remote code execution A user can manipulate data read by a connection by injecting rn sequences into a Redis error reply References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-23479 , CVE-2026-23631 , CVE-2026-25243 , CVE-2026-25588 , CVE-2026-25589 Description (CVE-2026-23479) Use-After-Free in unblock client flow may lead to Remote Code Execution. (CVE-2026-25243) Invalid memory access in RESTORE may lead to Remote Code Execution (CVE-2026-23631) Lua Use-After-Free may lead to remote code execution A user can manipulate data read by a connection by injecting rn sequences into a Redis error reply References
- https://bugs.mageia.org/show_bug.cgi?id=35514
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/CVOEZ7I2TIPXYBFA4UYY5GI5Q4VOAD7C/
- https://github.com/redis/redis/releases/tag/7.2.13
- https://github.com/redis/redis/releases/tag/7.2.14
- https://www.cve.org/CVERecord?id=CVE-2026-23479
- https://www.cve.org/CVERecord?id=CVE-2026-23631
- https://www.cve.org/CVERecord?id=CVE-2026-25243
- https://www.cve.org/CVERecord?id=CVE-2026-25588
- https://www.cve.org/CVERecord?id=CVE-2026-25589
- redis-7.2.14-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0133 - Updated flatpak packages fix security vulnerabilities
Publication date: 14 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-34078 , CVE-2026-34079 Description Complete sandbox escape leading to host file access and code execution in the host context. (CVE-2026-34078) Arbitrary file deletion on the host filesystem. (CVE-2026-34079) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-34078 , CVE-2026-34079 Description Complete sandbox escape leading to host file access and code execution in the host context. (CVE-2026-34078) Arbitrary file deletion on the host filesystem. (CVE-2026-34079) References
- https://bugs.mageia.org/show_bug.cgi?id=35336
- https://www.openwall.com/lists/oss-security/2026/04/09/3
- https://github.com/flatpak/flatpak/security/advisories/GHSA-cc2q-qc34-jprg
- https://github.com/flatpak/flatpak/security/advisories/GHSA-p29x-r292-46pp
- https://github.com/flatpak/flatpak/security/advisories/GHSA-2fxp-43j9-pwvc
- https://github.com/flatpak/flatpak/security/advisories/GHSA-89xm-3m96-w3jg
- https://lists.debian.org/debian-security-announce/2026/msg00133.html
- https://www.cve.org/CVERecord?id=CVE-2026-34078
- https://www.cve.org/CVERecord?id=CVE-2026-34079
- flatpak-1.14.10-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0132 - Updated kernel, kmod-virtualbox & kmod-xtables-addons packages fix security vulnerability
Publication date: 13 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-43284 Description Upstream kernel version 6.6.138 fixes a vulnerability. The kmod-virtualbox & kmod-xtables-addons packages have been updated to work with this new kernel. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-43284 Description Upstream kernel version 6.6.138 fixes a vulnerability. The kmod-virtualbox & kmod-xtables-addons packages have been updated to work with this new kernel. References
- https://bugs.mageia.org/show_bug.cgi?id=35499
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.138
- https://www.cve.org/CVERecord?id=CVE-2026-43284
- kernel-6.6.138-1.mga9
- kmod-virtualbox-7.1.18-19.mga9
- kmod-xtables-addons-3.24-91.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0131 - Updated kernel-linus packages fix security vulnerability
Publication date: 13 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-43284 Description Vanilla upstream kernel version 6.6.138 fixes vulnerability. For information about the vulnerability see the links. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-43284 Description Vanilla upstream kernel version 6.6.138 fixes vulnerability. For information about the vulnerability see the links. References
- https://bugs.mageia.org/show_bug.cgi?id=35500
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.138
- https://www.cve.org/CVERecord?id=CVE-2026-43284
- kernel-linus-6.6.138-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0130 - Updated perl-Gazelle packages fix security vulnerability
Publication date: 13 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-40562 Description Gazelle versions through 0.49 for Perl allows HTTP Request Smuggling via Improper Header Precedence. (CVE-2026-40562) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-40562 Description Gazelle versions through 0.49 for Perl allows HTTP Request Smuggling via Improper Header Precedence. (CVE-2026-40562) References
- https://bugs.mageia.org/show_bug.cgi?id=35485
- https://www.openwall.com/lists/oss-security/2026/05/06/7
- https://datatracker.ietf.org/doc/html/rfc7230#section-3.3.3
- https://www.cve.org/CVERecord?id=CVE-2026-40562
- perl-Gazelle-0.490.0-5.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0129 - Updated apache packages fix security vulnerabilities
Publication date: 13 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-23918 , CVE-2026-24072 , CVE-2026-28780 , CVE-2026-29168 , CVE-2026-29169 , CVE-2026-33006 , CVE-2026-33007 , CVE-2026-33523 , CVE-2026-33857 , CVE-2026-34032 , CVE-2026-34059 Description http2: double free and possible RCE on early reset. (CVE-2026-23918) mod_rewrite elevation of privileges via ap_expr. (CVE-2026-24072) buffer overflow in mod_proxy_ajp via ajp_msg_check_header(). (CVE-2026-28780) mod_md unrestricted OCSP response. (CVE-2026-29168) mod_dav_lock indirect lock crash. (CVE-2026-29169) mod_auth_digest timing attack. (CVE-2026-33006) mod_authn_socache crash. (CVE-2026-33007) HTTP response splitting forwarding malicious status line. (CVE-2026-33523) Off-by-one OOB reads in AJP getter functions. (CVE-2026-33857) Heap Buffer Over-Read Due to Missing Null-Termination Check (ajp_msg_get_string). (CVE-2026-34032) Heap Over-Read and memory disclosure in ajp_parse_data(). (CVE-2026-34059) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-23918 , CVE-2026-24072 , CVE-2026-28780 , CVE-2026-29168 , CVE-2026-29169 , CVE-2026-33006 , CVE-2026-33007 , CVE-2026-33523 , CVE-2026-33857 , CVE-2026-34032 , CVE-2026-34059 Description http2: double free and possible RCE on early reset. (CVE-2026-23918) mod_rewrite elevation of privileges via ap_expr. (CVE-2026-24072) buffer overflow in mod_proxy_ajp via ajp_msg_check_header(). (CVE-2026-28780) mod_md unrestricted OCSP response. (CVE-2026-29168) mod_dav_lock indirect lock crash. (CVE-2026-29169) mod_auth_digest timing attack. (CVE-2026-33006) mod_authn_socache crash. (CVE-2026-33007) HTTP response splitting forwarding malicious status line. (CVE-2026-33523) Off-by-one OOB reads in AJP getter functions. (CVE-2026-33857) Heap Buffer Over-Read Due to Missing Null-Termination Check (ajp_msg_get_string). (CVE-2026-34032) Heap Over-Read and memory disclosure in ajp_parse_data(). (CVE-2026-34059) References
- https://bugs.mageia.org/show_bug.cgi?id=35473
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2026&m=slackware-security.435691
- https://downloads.apache.org/httpd/CHANGES_2.4.67
- https://httpd.apache.org/security/vulnerabilities_24.html
- https://www.openwall.com/lists/oss-security/2026/05/04/15
- https://www.openwall.com/lists/oss-security/2026/05/04/16
- https://www.openwall.com/lists/oss-security/2026/05/04/17
- https://www.openwall.com/lists/oss-security/2026/05/04/18
- https://www.openwall.com/lists/oss-security/2026/05/04/19
- https://www.openwall.com/lists/oss-security/2026/05/04/20
- https://www.openwall.com/lists/oss-security/2026/05/04/21
- https://www.openwall.com/lists/oss-security/2026/05/04/22
- https://www.openwall.com/lists/oss-security/2026/05/04/23
- https://www.openwall.com/lists/oss-security/2026/05/05/6
- https://www.openwall.com/lists/oss-security/2026/05/05/9
- https://www.cve.org/CVERecord?id=CVE-2026-23918
- https://www.cve.org/CVERecord?id=CVE-2026-24072
- https://www.cve.org/CVERecord?id=CVE-2026-28780
- https://www.cve.org/CVERecord?id=CVE-2026-29168
- https://www.cve.org/CVERecord?id=CVE-2026-29169
- https://www.cve.org/CVERecord?id=CVE-2026-33006
- https://www.cve.org/CVERecord?id=CVE-2026-33007
- https://www.cve.org/CVERecord?id=CVE-2026-33523
- https://www.cve.org/CVERecord?id=CVE-2026-33857
- https://www.cve.org/CVERecord?id=CVE-2026-34032
- https://www.cve.org/CVERecord?id=CVE-2026-34059
- apache-2.4.67-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0128 - Updated sed packages fix security vulnerability
Publication date: 13 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-5958 Description Race Condition in GNU Sed. (CVE-2026-5958) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-5958 Description Race Condition in GNU Sed. (CVE-2026-5958) References
- https://bugs.mageia.org/show_bug.cgi?id=35465
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/242J2LW3C7C4MDLVKSD3DJDBKXAJXUTP/
- https://www.cve.org/CVERecord?id=CVE-2026-5958
- sed-4.9-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0127 - Updated php packages fix security vulnerabilities
Publication date: 13 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-6735 , CVE-2026-7259 , CVE-2025-14179 , CVE-2026-6722 , CVE-2026-7261 , CVE-2026-7262 , CVE-2026-7568 , CVE-2026-7258 Description FPM: Fixed GHSA-7qg2-v9fj-4mwv (XSS within status endpoint). (CVE-2026-6735) MBString: Fixed GHSA-wm6j-2649-pv75 (Null pointer dereference in php_mb_check_encoding() via mb_ereg_search_init()). (CVE-2026-7259) OpenSSL: Fix compatibility issues with OpenSSL 4.0. PDO_Firebird: Fixed GHSA-w476-322c-wpvm (SQL injection via NUL bytes in quoted strings). (CVE-2025-14179) SOAP: - Fixed GHSA-85c2-q967-79q5 (Stale SOAP_GLOBAL(ref_map) pointer with Apache Map). (CVE-2026-6722) - Fixed GHSA-m33r-qmcv-p97q (Use-after-free after header parsing failure with SOAP_PERSISTENCE_SESSION). (CVE-2026-7261) - Fixed GHSA-hmxp-6pc4-f3vv (Broken Apache map value NULL check). (CVE-2026-7262) Standard: - Fixed GHSA-96wq-48vp-hh57 (Signed integer overflow of char array offset). (CVE-2026-7568) - Fixed GHSA-m8rr-4c36-8gq4 (Consistently pass unsigned char to ctype.h functions). (CVE-2026-7258) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-6735 , CVE-2026-7259 , CVE-2025-14179 , CVE-2026-6722 , CVE-2026-7261 , CVE-2026-7262 , CVE-2026-7568 , CVE-2026-7258 Description FPM: Fixed GHSA-7qg2-v9fj-4mwv (XSS within status endpoint). (CVE-2026-6735) MBString: Fixed GHSA-wm6j-2649-pv75 (Null pointer dereference in php_mb_check_encoding() via mb_ereg_search_init()). (CVE-2026-7259) OpenSSL: Fix compatibility issues with OpenSSL 4.0. PDO_Firebird: Fixed GHSA-w476-322c-wpvm (SQL injection via NUL bytes in quoted strings). (CVE-2025-14179) SOAP: - Fixed GHSA-85c2-q967-79q5 (Stale SOAP_GLOBAL(ref_map) pointer with Apache Map). (CVE-2026-6722) - Fixed GHSA-m33r-qmcv-p97q (Use-after-free after header parsing failure with SOAP_PERSISTENCE_SESSION). (CVE-2026-7261) - Fixed GHSA-hmxp-6pc4-f3vv (Broken Apache map value NULL check). (CVE-2026-7262) Standard: - Fixed GHSA-96wq-48vp-hh57 (Signed integer overflow of char array offset). (CVE-2026-7568) - Fixed GHSA-m8rr-4c36-8gq4 (Consistently pass unsigned char to ctype.h functions). (CVE-2026-7258) References
- https://bugs.mageia.org/show_bug.cgi?id=35481
- https://www.php.net/ChangeLog-8.php#8.2.31
- https://www.cve.org/CVERecord?id=CVE-2026-6735
- https://www.cve.org/CVERecord?id=CVE-2026-7259
- https://www.cve.org/CVERecord?id=CVE-2025-14179
- https://www.cve.org/CVERecord?id=CVE-2026-6722
- https://www.cve.org/CVERecord?id=CVE-2026-7261
- https://www.cve.org/CVERecord?id=CVE-2026-7262
- https://www.cve.org/CVERecord?id=CVE-2026-7568
- https://www.cve.org/CVERecord?id=CVE-2026-7258
- php-8.2.31-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0126 - Updated openvpn packages fix security vulnerabilities
Publication date: 10 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-35058 , CVE-2026-40215 Description CVE-2026-35058 - fix server ASSERT() on receiving a suitably malformed packet with a valid tls-crypt-v2 key CVE-2026-40215 - fix race condition in TLS handshake that could lead to leaking of packet data from a previous handshake under specific circumstances References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-35058 , CVE-2026-40215 Description CVE-2026-35058 - fix server ASSERT() on receiving a suitably malformed packet with a valid tls-crypt-v2 key CVE-2026-40215 - fix race condition in TLS handshake that could lead to leaking of packet data from a previous handshake under specific circumstances References
- https://bugs.mageia.org/show_bug.cgi?id=35442
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFR4RR6F447AZK2ZTKVGZP3NKKWFW6DW/
- https://community.openvpn.net/Security%20Announcements/CVE-2026-35058
- https://community.openvpn.net/Security%20Announcements/CVE-2026-40215
- https://www.cve.org/CVERecord?id=CVE-2026-35058
- https://www.cve.org/CVERecord?id=CVE-2026-40215
- openvpn-2.6.20-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0125 - Updated thunderbird packages fix security vulnerabilities
Publication date: 09 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-6746 , CVE-2026-6747 , CVE-2026-6748 , CVE-2026-6749 , CVE-2026-6750 , CVE-2026-6751 , CVE-2026-6752 , CVE-2026-6753 , CVE-2026-6754 , CVE-2026-6757 , CVE-2026-6759 , CVE-2026-6761 , CVE-2026-6762 , CVE-2026-6763 , CVE-2026-6764 , CVE-2026-6765 , CVE-2026-6769 Description Use-after-free in the DOM: Core & HTML component. (CVE-2026-6746) Use-after-free in the WebRTC component. (CVE-2026-6747) Uninitialized memory in the Audio/Video: Web Codecs component. (CVE-2026-6748) Information disclosure due to uninitialized memory in the Graphics: Canvas2D component. (CVE-2026-6749) Privilege escalation in the Graphics: WebRender component. (CVE-2026-6750) Uninitialized memory in the Audio/Video: Web Codecs component. (CVE-2026-6751) Incorrect boundary conditions in the WebRTC component. (CVE-2026-6752) Incorrect boundary conditions in the WebRTC component. (CVE-2026-6753) Use-after-free in the JavaScript Engine component. (CVE-2026-6754) Invalid pointer in the JavaScript: WebAssembly component. (CVE-2026-6757) Use-after-free in the Widget: Cocoa component. (CVE-2026-6759) Privilege escalation in the Networking component. (CVE-2026-6761) Spoofing issue in the DOM: Core & HTML component. (CVE-2026-6762) Mitigation bypass in the File Handling component. (CVE-2026-6763) Incorrect boundary conditions in the DOM: Device Interfaces component. (CVE-2026-6764) Information disclosure in the Form Autofill component. (CVE-2026-6765) Privilege escalation in the Debugger component. (CVE-2026-6769) Other issue in the Storage: IndexedDB component. (CVE-2026-6770) Mitigation bypass in the DOM: Security component. (CVE-2026-6771) Incorrect boundary conditions in the WebRTC: Networking component. (CVE-2026-6776) Memory safety bugs fixed in Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150. (CVE-2026-6785) Memory safety bugs fixed in Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150. (CVE-2026-6786) Information disclosure due to incorrect boundary conditions in the Audio/Video component. (CVE-2026-7320) Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. (CVE-2026-7321) Memory safety bugs fixed in Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1. (CVE-2026-7322) Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1. (CVE-2026-7323) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-6746 , CVE-2026-6747 , CVE-2026-6748 , CVE-2026-6749 , CVE-2026-6750 , CVE-2026-6751 , CVE-2026-6752 , CVE-2026-6753 , CVE-2026-6754 , CVE-2026-6757 , CVE-2026-6759 , CVE-2026-6761 , CVE-2026-6762 , CVE-2026-6763 , CVE-2026-6764 , CVE-2026-6765 , CVE-2026-6769 Description Use-after-free in the DOM: Core & HTML component. (CVE-2026-6746) Use-after-free in the WebRTC component. (CVE-2026-6747) Uninitialized memory in the Audio/Video: Web Codecs component. (CVE-2026-6748) Information disclosure due to uninitialized memory in the Graphics: Canvas2D component. (CVE-2026-6749) Privilege escalation in the Graphics: WebRender component. (CVE-2026-6750) Uninitialized memory in the Audio/Video: Web Codecs component. (CVE-2026-6751) Incorrect boundary conditions in the WebRTC component. (CVE-2026-6752) Incorrect boundary conditions in the WebRTC component. (CVE-2026-6753) Use-after-free in the JavaScript Engine component. (CVE-2026-6754) Invalid pointer in the JavaScript: WebAssembly component. (CVE-2026-6757) Use-after-free in the Widget: Cocoa component. (CVE-2026-6759) Privilege escalation in the Networking component. (CVE-2026-6761) Spoofing issue in the DOM: Core & HTML component. (CVE-2026-6762) Mitigation bypass in the File Handling component. (CVE-2026-6763) Incorrect boundary conditions in the DOM: Device Interfaces component. (CVE-2026-6764) Information disclosure in the Form Autofill component. (CVE-2026-6765) Privilege escalation in the Debugger component. (CVE-2026-6769) Other issue in the Storage: IndexedDB component. (CVE-2026-6770) Mitigation bypass in the DOM: Security component. (CVE-2026-6771) Incorrect boundary conditions in the WebRTC: Networking component. (CVE-2026-6776) Memory safety bugs fixed in Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150. (CVE-2026-6785) Memory safety bugs fixed in Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150. (CVE-2026-6786) Information disclosure due to incorrect boundary conditions in the Audio/Video component. (CVE-2026-7320) Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. (CVE-2026-7321) Memory safety bugs fixed in Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1. (CVE-2026-7322) Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1. (CVE-2026-7323) References
- https://bugs.mageia.org/show_bug.cgi?id=35404
- https://www.thunderbird.net/en-US/thunderbird/140.10.0esr/releasenotes/
- https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/
- https://www.thunderbird.net/en-US/thunderbird/140.10.1esr/releasenotes/
- https://www.mozilla.org/en-US/security/advisories/mfsa2026-39/
- https://www.cve.org/CVERecord?id=CVE-2026-6746
- https://www.cve.org/CVERecord?id=CVE-2026-6747
- https://www.cve.org/CVERecord?id=CVE-2026-6748
- https://www.cve.org/CVERecord?id=CVE-2026-6749
- https://www.cve.org/CVERecord?id=CVE-2026-6750
- https://www.cve.org/CVERecord?id=CVE-2026-6751
- https://www.cve.org/CVERecord?id=CVE-2026-6752
- https://www.cve.org/CVERecord?id=CVE-2026-6753
- https://www.cve.org/CVERecord?id=CVE-2026-6754
- https://www.cve.org/CVERecord?id=CVE-2026-6757
- https://www.cve.org/CVERecord?id=CVE-2026-6759
- https://www.cve.org/CVERecord?id=CVE-2026-6761
- https://www.cve.org/CVERecord?id=CVE-2026-6762
- https://www.cve.org/CVERecord?id=CVE-2026-6763
- https://www.cve.org/CVERecord?id=CVE-2026-6764
- https://www.cve.org/CVERecord?id=CVE-2026-6765
- https://www.cve.org/CVERecord?id=CVE-2026-6769
- thunderbird-140.10.1-1.mga9
- thunderbird-l10n-140.10.1-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0124 - Updated rootcerts, nss & firefox packages fix security vulnerabilities
Publication date: 09 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-6746 , CVE-2026-6747 , CVE-2026-6748 , CVE-2026-6749 , CVE-2026-6750 , CVE-2026-6751 , CVE-2026-6752 , CVE-2026-6753 , CVE-2026-6754 , CVE-2026-6757 , CVE-2026-6759 , CVE-2026-6761 , CVE-2026-6762 , CVE-2026-6763 , CVE-2026-6764 , CVE-2026-6765 , CVE-2026-6766 Description Use-after-free in the DOM: Core & HTML component. (CVE-2026-6746) Use-after-free in the WebRTC component. (CVE-2026-6747) Uninitialized memory in the Audio/Video: Web Codecs component. (CVE-2026-6748) Information disclosure due to uninitialized memory in the Graphics: Canvas2D component. (CVE-2026-6749) Privilege escalation in the Graphics: WebRender component. (CVE-2026-6750) Uninitialized memory in the Audio/Video: Web Codecs component. (CVE-2026-6751) Incorrect boundary conditions in the WebRTC component. (CVE-2026-6752) Incorrect boundary conditions in the WebRTC component. (CVE-2026-6753) Use-after-free in the JavaScript Engine component. (CVE-2026-6754) Invalid pointer in the JavaScript: WebAssembly component. (CVE-2026-6757) Use-after-free in the Widget: Cocoa component. (CVE-2026-6759) Privilege escalation in the Networking component. (CVE-2026-6761) Spoofing issue in the DOM: Core & HTML component. (CVE-2026-6762) Mitigation bypass in the File Handling component. (CVE-2026-6763) Incorrect boundary conditions in the DOM: Device Interfaces component. (CVE-2026-6764) Information disclosure in the Form Autofill component. (CVE-2026-6765) Incorrect boundary conditions in the Libraries component in NSS. (CVE-2026-6766) Other issue in the Libraries component in NSS. (CVE-2026-6767) Privilege escalation in the Debugger component. (CVE-2026-6769) Other issue in the Storage: IndexedDB component. (CVE-2026-6770) Mitigation bypass in the DOM: Security component. (CVE-2026-6771) Incorrect boundary conditions in the Libraries component in NSS. (CVE-2026-6772) Incorrect boundary conditions in the WebRTC: Networking component. (CVE-2026-6776) Memory safety bugs fixed in Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150. (CVE-2026-6785) Memory safety bugs fixed in Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150. (CVE-2026-6786) Information disclosure due to incorrect boundary conditions in the Audio/Video component. (CVE-2026-7320) Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. (CVE-2026-7321) Memory safety bugs fixed in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. (CVE-2026-7322) Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1. (CVE-2026-7323) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-6746 , CVE-2026-6747 , CVE-2026-6748 , CVE-2026-6749 , CVE-2026-6750 , CVE-2026-6751 , CVE-2026-6752 , CVE-2026-6753 , CVE-2026-6754 , CVE-2026-6757 , CVE-2026-6759 , CVE-2026-6761 , CVE-2026-6762 , CVE-2026-6763 , CVE-2026-6764 , CVE-2026-6765 , CVE-2026-6766 Description Use-after-free in the DOM: Core & HTML component. (CVE-2026-6746) Use-after-free in the WebRTC component. (CVE-2026-6747) Uninitialized memory in the Audio/Video: Web Codecs component. (CVE-2026-6748) Information disclosure due to uninitialized memory in the Graphics: Canvas2D component. (CVE-2026-6749) Privilege escalation in the Graphics: WebRender component. (CVE-2026-6750) Uninitialized memory in the Audio/Video: Web Codecs component. (CVE-2026-6751) Incorrect boundary conditions in the WebRTC component. (CVE-2026-6752) Incorrect boundary conditions in the WebRTC component. (CVE-2026-6753) Use-after-free in the JavaScript Engine component. (CVE-2026-6754) Invalid pointer in the JavaScript: WebAssembly component. (CVE-2026-6757) Use-after-free in the Widget: Cocoa component. (CVE-2026-6759) Privilege escalation in the Networking component. (CVE-2026-6761) Spoofing issue in the DOM: Core & HTML component. (CVE-2026-6762) Mitigation bypass in the File Handling component. (CVE-2026-6763) Incorrect boundary conditions in the DOM: Device Interfaces component. (CVE-2026-6764) Information disclosure in the Form Autofill component. (CVE-2026-6765) Incorrect boundary conditions in the Libraries component in NSS. (CVE-2026-6766) Other issue in the Libraries component in NSS. (CVE-2026-6767) Privilege escalation in the Debugger component. (CVE-2026-6769) Other issue in the Storage: IndexedDB component. (CVE-2026-6770) Mitigation bypass in the DOM: Security component. (CVE-2026-6771) Incorrect boundary conditions in the Libraries component in NSS. (CVE-2026-6772) Incorrect boundary conditions in the WebRTC: Networking component. (CVE-2026-6776) Memory safety bugs fixed in Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150. (CVE-2026-6785) Memory safety bugs fixed in Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150. (CVE-2026-6786) Information disclosure due to incorrect boundary conditions in the Audio/Video component. (CVE-2026-7320) Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. (CVE-2026-7321) Memory safety bugs fixed in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. (CVE-2026-7322) Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1. (CVE-2026-7323) References
- https://bugs.mageia.org/show_bug.cgi?id=35403
- https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_123.html
- https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_123_1.html
- https://www.firefox.com/en-US/firefox/140.10.0/releasenotes/
- https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/
- https://www.firefox.com/en-US/firefox/140.10.1/releasenotes/
- https://www.mozilla.org/en-US/security/advisories/mfsa2026-36/
- https://www.cve.org/CVERecord?id=CVE-2026-6746
- https://www.cve.org/CVERecord?id=CVE-2026-6747
- https://www.cve.org/CVERecord?id=CVE-2026-6748
- https://www.cve.org/CVERecord?id=CVE-2026-6749
- https://www.cve.org/CVERecord?id=CVE-2026-6750
- https://www.cve.org/CVERecord?id=CVE-2026-6751
- https://www.cve.org/CVERecord?id=CVE-2026-6752
- https://www.cve.org/CVERecord?id=CVE-2026-6753
- https://www.cve.org/CVERecord?id=CVE-2026-6754
- https://www.cve.org/CVERecord?id=CVE-2026-6757
- https://www.cve.org/CVERecord?id=CVE-2026-6759
- https://www.cve.org/CVERecord?id=CVE-2026-6761
- https://www.cve.org/CVERecord?id=CVE-2026-6762
- https://www.cve.org/CVERecord?id=CVE-2026-6763
- https://www.cve.org/CVERecord?id=CVE-2026-6764
- https://www.cve.org/CVERecord?id=CVE-2026-6765
- https://www.cve.org/CVERecord?id=CVE-2026-6766
- rootcerts-20260412.00-1.mga9
- nss-3.123.1-1.mga9
- firefox-140.10.1-1.mga9
- firefox-l10n-140.10.1-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0123 - Updated vim packages fix security vulnerabilities
Publication date: 09 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-39881 , CVE-2026-41411 , CVE-2026-42307 Description Ex command injection in Vims NetBeans integration. (CVE-2026-39881) Command injection via backtick expansion in tag filenames in Vim < v9.2.0357. (CVE-2026-41411) OS Command Injection in netrw affects Vim < 9.2.0383. (CVE-2026-42307) OS Command Injection via 'path' completion affects Vim < 9.2.0435. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-39881 , CVE-2026-41411 , CVE-2026-42307 Description Ex command injection in Vims NetBeans integration. (CVE-2026-39881) Command injection via backtick expansion in tag filenames in Vim < v9.2.0357. (CVE-2026-41411) OS Command Injection in netrw affects Vim < 9.2.0383. (CVE-2026-42307) OS Command Injection via 'path' completion affects Vim < 9.2.0435. References
- https://bugs.mageia.org/show_bug.cgi?id=35332
- https://www.openwall.com/lists/oss-security/2026/04/07/13
- https://github.com/vim/vim/security/advisories/GHSA-mr87-rhgv-7pw6
- https://www.openwall.com/lists/oss-security/2026/04/15/7
- https://github.com/vim/vim/security/advisories/GHSA-cwgx-gcj7-6qh8
- https://www.openwall.com/lists/oss-security/2026/04/22/8
- https://github.com/vim/vim/security/advisories/GHSA-85ch-p2qr-m5gx
- https://www.openwall.com/lists/oss-security/2026/05/03/11
- https://github.com/vim/vim/security/advisories/GHSA-hwg5-3cxw-wvvg
- https://www.cve.org/CVERecord?id=CVE-2026-39881
- https://www.cve.org/CVERecord?id=CVE-2026-41411
- https://www.cve.org/CVERecord?id=CVE-2026-42307
- vim-9.2.437-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0122 - Updated krb5-appl packages fix security vulnerability
Publication date: 07 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-32746 Description telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full. (CVE-2026-32746) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-32746 Description telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full. (CVE-2026-32746) References
- https://bugs.mageia.org/show_bug.cgi?id=35468
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/X5ABJVGBTZGH3FCDZEF3XQAMMJVC5AWA/
- https://www.cve.org/CVERecord?id=CVE-2026-32746
- krb5-appl-1.0.3-16.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0121 - Updated nano packages fix security vulnerabilities
Publication date: 07 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-6842 , CVE-2026-6843 Description Local attacker can inject malicious .desktop launcher due to insecure directory permissions. (CVE-2026-6842) Format string vulnerability leads to denial of service. (CVE-2026-6843) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-6842 , CVE-2026-6843 Description Local attacker can inject malicious .desktop launcher due to insecure directory permissions. (CVE-2026-6842) Format string vulnerability leads to denial of service. (CVE-2026-6843) References
- https://bugs.mageia.org/show_bug.cgi?id=35466
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLLMINU5CKQDNMS5OT7OKS5V6YQFIJUC/
- https://www.cve.org/CVERecord?id=CVE-2026-6842
- https://www.cve.org/CVERecord?id=CVE-2026-6843
- nano-7.2-1.2.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0120 - Updated perl-Starlet packages fix security vulnerability
Publication date: 07 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-40561 Description Starlet versions through 0.31 for Perl allow HTTP Request Smuggling via Improper Header Precedence. (CVE-2026-40561) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-40561 Description Starlet versions through 0.31 for Perl allow HTTP Request Smuggling via Improper Header Precedence. (CVE-2026-40561) References
- https://bugs.mageia.org/show_bug.cgi?id=35464
- https://www.openwall.com/lists/oss-security/2026/05/03/1
- https://datatracker.ietf.org/doc/html/rfc7230#section-3.3.3
- https://www.cve.org/CVERecord?id=CVE-2026-40561
- perl-Starlet-0.310.0-4.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0119 - Updated perl-Starman packages fix security vulnerability
Publication date: 07 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-40560 Description Starman versions before 0.4018 for Perl allow HTTP Request Smuggling via Improper Header Precedence. Starman incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An attacker could exploit this to smuggle malicious HTTP requests via a front-end reverse proxy. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-40560 Description Starman versions before 0.4018 for Perl allow HTTP Request Smuggling via Improper Header Precedence. Starman incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An attacker could exploit this to smuggle malicious HTTP requests via a front-end reverse proxy. References
- https://bugs.mageia.org/show_bug.cgi?id=35448
- https://www.openwall.com/lists/oss-security/2026/04/29/1
- https://metacpan.org/release/MIYAGAWA/Starman-0.4018/changes
- https://datatracker.ietf.org/doc/html/rfc7230#section-3.3.3
- https://www.cve.org/CVERecord?id=CVE-2026-40560
- perl-Starman-0.401.800-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0118 - Updated ntfs-3g packages fix security vulnerability
Publication date: 07 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-40706 Description In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in ntfs_build_permissions_posix() in acls.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered on the READ path (stat, readdir, open) when processing a security descriptor with multiple ACCESS_DENIED ACEs containing WRITE_OWNER from distinct group SIDs. (CVE-2026-40706) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-40706 Description In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in ntfs_build_permissions_posix() in acls.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered on the READ path (stat, readdir, open) when processing a security descriptor with multiple ACCESS_DENIED ACEs containing WRITE_OWNER from distinct group SIDs. (CVE-2026-40706) References
- https://bugs.mageia.org/show_bug.cgi?id=35412
- https://www.openwall.com/lists/oss-security/2026/04/21/4
- https://lists.debian.org/debian-security-announce/2026/msg00131.html
- https://www.cve.org/CVERecord?id=CVE-2026-40706
- ntfs-3g-2022.10.3-1.2.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0117 - Updated graphicsmagick packages fix security vulnerabilities
Publication date: 07 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-26284 , CVE-2026-33535 Description ImageMagick has a heap overflow in the pcd decoder that leads to an out of bounds read. (CVE-2026-26284) ImageMagick has an Out-of-Bounds write of a zero byte in its X11 display interaction. (CVE-2026-33535) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-26284 , CVE-2026-33535 Description ImageMagick has a heap overflow in the pcd decoder that leads to an out of bounds read. (CVE-2026-26284) ImageMagick has an Out-of-Bounds write of a zero byte in its X11 display interaction. (CVE-2026-33535) References
- https://bugs.mageia.org/show_bug.cgi?id=35408
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/BMSWBU7XGK6MZYTE62GVV7BFJIH6PSZU/
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/NPVKK6XVDNZQVOOYGCEQVGQHUWYX64EY/
- https://www.cve.org/CVERecord?id=CVE-2026-26284
- https://www.cve.org/CVERecord?id=CVE-2026-33535
- graphicsmagick-1.3.40-1.5.mga9
- graphicsmagick-1.3.40-1.5.mga9.tainted
Categorías: Actualizaciones de Seguridad
MGASA-2026-0116 - Updated opam packages fix security vulnerability
Publication date: 07 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-41082 Description In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory. (CVE-2026-41082) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-41082 Description In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory. (CVE-2026-41082) References
- https://bugs.mageia.org/show_bug.cgi?id=35405
- https://lists.debian.org/debian-security-announce/2026/msg00126.html
- https://www.cve.org/CVERecord?id=CVE-2026-41082
- opam-2.1.3-1.1.mga9
Categorías: Actualizaciones de Seguridad
