Mageia Security
MGASA-2026-0091 - Updated openssl packages fix security vulnerabilities
Publication date: 10 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-31790 , CVE-2026-28387 , CVE-2026-28388 , CVE-2026-28389 , CVE-2026-28390 , CVE-2026-31789 Description Incorrect Failure Handling in RSA KEM RSASVE Encapsulation. (CVE-2026-31790) Potential Use-after-free in DANE Client Code. (CVE-2026-28387) NULL Pointer Dereference When Processing a Delta CRL. (CVE-2026-28388) Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo. (CVE-2026-28389) Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo. (CVE-2026-28390) Heap Buffer Overflow in Hexadecimal Conversion. (CVE-2026-31789) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-31790 , CVE-2026-28387 , CVE-2026-28388 , CVE-2026-28389 , CVE-2026-28390 , CVE-2026-31789 Description Incorrect Failure Handling in RSA KEM RSASVE Encapsulation. (CVE-2026-31790) Potential Use-after-free in DANE Client Code. (CVE-2026-28387) NULL Pointer Dereference When Processing a Delta CRL. (CVE-2026-28388) Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo. (CVE-2026-28389) Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo. (CVE-2026-28390) Heap Buffer Overflow in Hexadecimal Conversion. (CVE-2026-31789) References
- https://bugs.mageia.org/show_bug.cgi?id=35331
- https://www.openwall.com/lists/oss-security/2026/04/07/11
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31790
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28387
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28388
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28389
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28390
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31789
- openssl-3.0.20-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0090 - Updated python-pygments packages fix security vulnerability
Publication date: 08 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-4539 Description A security flaw in Pygments function AdlLexer in archetype.py stems from a regular expression having an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles. (CVE-2026-4539) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-4539 Description A security flaw in Pygments function AdlLexer in archetype.py stems from a regular expression having an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles. (CVE-2026-4539) References
- https://bugs.mageia.org/show_bug.cgi?id=35318
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/EBSMTYMFOHFBVTCLFPVRVEOWXXCIDDMI/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4539
- python-pygments-2.15.1-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2026-0025 - Updated simgear, flightgear & flightgear-data packages fix bugs
Publication date: 08 Apr 2026
Type: bugfix
Affected Mageia releases : 9
Description Updated simgear, flightgear and flightgear-data packages to new stable release version 2024.1.5 References
Type: bugfix
Affected Mageia releases : 9
Description Updated simgear, flightgear and flightgear-data packages to new stable release version 2024.1.5 References
- https://bugs.mageia.org/show_bug.cgi?id=35322
- https://www.flightgear.org/download/releases/2024-1-5/
- flightgear-2024.1.5-1.mga9
- simgear-2024.1.5-1.mga9
- flightgear-data-2024.1.5-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0089 - Updated roundcubemail packages fix security vulnerability
Publication date: 07 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-35545 Description SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke And some regressions from the last fix are fixed. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-35545 Description SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke And some regressions from the last fix are fixed. References
- https://bugs.mageia.org/show_bug.cgi?id=35302
- https://github.com/roundcube/roundcubemail/releases/tag/1.6.15
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35545
- roundcubemail-1.6.15-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0088 - Updated tigervnc packages fix security vulnerability
Publication date: 07 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-34352 Description In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions. (CVE-2026-34352) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-34352 Description In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions. (CVE-2026-34352) References
- https://bugs.mageia.org/show_bug.cgi?id=35311
- https://www.openwall.com/lists/oss-security/2026/03/26/7
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34352
- tigervnc-1.13.1-2.10.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0087 - Updated python-pyasn1 packages fix security vulnerability
Publication date: 06 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-30922 Description pyasn1 Vulnerable to Denial of Service via Unbounded Recursion. (CVE-2026-30922) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-30922 Description pyasn1 Vulnerable to Denial of Service via Unbounded Recursion. (CVE-2026-30922) References
- https://bugs.mageia.org/show_bug.cgi?id=35253
- https://www.openwall.com/lists/oss-security/2026/03/20/4
- https://github.com/pyasn1/pyasn1/security/advisories/GHSA-jr27-m4p2-rc6r
- https://ubuntu.com/security/notices/USN-8129-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-30922
- python-pyasn1-0.4.8-6.2.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0086 - Updated freerdp packages fix security vulnerabilities
Publication date: 06 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-22852 , CVE-2026-22854 , CVE-2026-22855 , CVE-2026-22856 , CVE-2026-22857 , CVE-2026-22859 , CVE-2026-23732 , CVE-2026-23883 , CVE-2026-23884 , CVE-2026-24491 , CVE-2026-26271 , CVE-2026-26955 , CVE-2026-26965 , CVE-2026-31806 , CVE-2026-31883 , CVE-2026-31885 Description FreeRDP has a heap-buffer-overflow in audin_process_formats. (CVE-2026-22852) FreeRDP has a heap-buffer-overflow in drive_process_irp_read. (CVE-2026-22854) FreeRDP has a heap-buffer-overflow in smartcard_unpack_set_attrib_call. (CVE-2026-22855) FreeRDP has a heap-use-after-free in create_irp_thread. (CVE-2026-22856) FreeRDP has a heap-use-after-free in irp_thread_func. (CVE-2026-22857) FreeRDP has a heap-buffer-overflow in urb_select_configuration. (CVE-2026-22859) FreeRDP has heap-buffer-overflow in Glyph_Alloc. (CVE-2026-23732) Heap-use-after-free in update_pointer_new. (CVE-2026-23883) Heap-use-after-free in gdi_set_bounds. (CVE-2026-23884) FreeRDP has a heap-use-after-free in video_timer. (CVE-2026-24491) Buffer Overread in FreeRDP Icon Processing. (CVE-2026-26271) FreeRDP has Out-of-bounds Write. (CVE-2026-26955, CVE-2026-26965) FreeRDP has a Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions. (CVE-2026-31806) FreeRDP has a `size_t` underflow in ADPCM decoder leads to heap-buffer-overflow write. (CVE-2026-31883) FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks. (CVE-2026-31885) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-22852 , CVE-2026-22854 , CVE-2026-22855 , CVE-2026-22856 , CVE-2026-22857 , CVE-2026-22859 , CVE-2026-23732 , CVE-2026-23883 , CVE-2026-23884 , CVE-2026-24491 , CVE-2026-26271 , CVE-2026-26955 , CVE-2026-26965 , CVE-2026-31806 , CVE-2026-31883 , CVE-2026-31885 Description FreeRDP has a heap-buffer-overflow in audin_process_formats. (CVE-2026-22852) FreeRDP has a heap-buffer-overflow in drive_process_irp_read. (CVE-2026-22854) FreeRDP has a heap-buffer-overflow in smartcard_unpack_set_attrib_call. (CVE-2026-22855) FreeRDP has a heap-use-after-free in create_irp_thread. (CVE-2026-22856) FreeRDP has a heap-use-after-free in irp_thread_func. (CVE-2026-22857) FreeRDP has a heap-buffer-overflow in urb_select_configuration. (CVE-2026-22859) FreeRDP has heap-buffer-overflow in Glyph_Alloc. (CVE-2026-23732) Heap-use-after-free in update_pointer_new. (CVE-2026-23883) Heap-use-after-free in gdi_set_bounds. (CVE-2026-23884) FreeRDP has a heap-use-after-free in video_timer. (CVE-2026-24491) Buffer Overread in FreeRDP Icon Processing. (CVE-2026-26271) FreeRDP has Out-of-bounds Write. (CVE-2026-26955, CVE-2026-26965) FreeRDP has a Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions. (CVE-2026-31806) FreeRDP has a `size_t` underflow in ADPCM decoder leads to heap-buffer-overflow write. (CVE-2026-31883) FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks. (CVE-2026-31885) References
- https://bugs.mageia.org/show_bug.cgi?id=35141
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/F2VLQU7USVAQ733RYB7II6KGZB3FG2KW/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HAYMD62GFPCFHGN6JPLMCVJHP3SKINMW/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J3QGQZQS6664TXPPYGBP7673W2JAXG4K/
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/34ABPSLQFVRGFKDSR5ZEDKG5UH6KIBCA/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22852
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22854
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22855
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22856
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22857
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22859
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23732
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23883
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23884
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24491
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26271
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26955
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26965
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31806
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31883
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31885
- freerdp-2.11.7-1.3.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0085 - Updated polkit-122 packages fix security vulnerability
Publication date: 06 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-4897 Description Denial of service via unbounded input processing through standard input. (CVE-2026-4897) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-4897 Description Denial of service via unbounded input processing through standard input. (CVE-2026-4897) References
- https://bugs.mageia.org/show_bug.cgi?id=35303
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOQZ5PSNKYLZPW6FHB2MTGHOYDTRJHLV/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4897
- polkit-122-2.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0084 - Updated xz packages fix security vulnerability
Publication date: 06 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-34743 Description Buffer overflow in lzma_index_append(). (CVE-2026-34743) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-34743 Description Buffer overflow in lzma_index_append(). (CVE-2026-34743) References
- https://bugs.mageia.org/show_bug.cgi?id=35307
- https://www.openwall.com/lists/oss-security/2026/03/31/13
- https://tukaani.org/xz/index-append-overflow.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34743
- xz-5.4.3-1.2.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0083 - Updated vim packages fix security vulnerabilities
Publication date: 06 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-34982 , CVE-2026-35177 Description Vim modeline bypass via various options affects Vim < 9.2.0276. (CVE-2026-34982) Path traversal issue with zip.vim in Vim < v9.2.0280. (CVE-2026-35177) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-34982 , CVE-2026-35177 Description Vim modeline bypass via various options affects Vim < 9.2.0276. (CVE-2026-34982) Path traversal issue with zip.vim in Vim < v9.2.0280. (CVE-2026-35177) References
- https://bugs.mageia.org/show_bug.cgi?id=35308
- https://www.openwall.com/lists/oss-security/2026/03/31/14
- https://www.openwall.com/lists/oss-security/2026/04/01/1
- https://github.com/vim/vim/security/advisories/GHSA-8h6p-m6gr-mpw9
- https://www.openwall.com/lists/oss-security/2026/04/01/4
- https://github.com/vim/vim/security/advisories/GHSA-jc86-w7vm-8p24
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34982
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35177
- vim-9.2.280-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0082 - Updated python-nltk packages fix security vulnerability
Publication date: 06 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-33230 Description nltk Vulnerable to Cross-site Scripting. (CVE-2026-33230) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-33230 Description nltk Vulnerable to Cross-site Scripting. (CVE-2026-33230) References
- https://bugs.mageia.org/show_bug.cgi?id=35314
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/Z36Q44HZY76RE7YZX5B55777UQB6MPEI/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33230
- python-nltk-3.9.4-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0081 - Updated thunderbird packages fix security vulnerabilities
Publication date: 02 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-59375 , CVE-2026-3889 , CVE-2026-4684 , CVE-2026-4685 , CVE-2026-4686 , CVE-2026-4687 , CVE-2026-4688 , CVE-2026-4689 , CVE-2026-4690 , CVE-2026-4691 , CVE-2026-4692 , CVE-2026-4693 , CVE-2026-4694 , CVE-2026-4695 , CVE-2026-4696 , CVE-2026-4697 , CVE-2026-4698 , CVE-2026-4699 , CVE-2026-4700 , CVE-2026-4701 , CVE-2026-4702 , CVE-2026-4704 , CVE-2026-4705 , CVE-2026-4706 , CVE-2026-4707 , CVE-2026-4708 , CVE-2026-4709 , CVE-2026-4710 , CVE-2026-4711 , CVE-2026-4712 , CVE-2026-4713 , CVE-2026-4714 , CVE-2026-4715 , CVE-2026-4716 , CVE-2026-4717 , CVE-2026-4718 , CVE-2026-4719 , CVE-2026-4720 , CVE-2026-4721 Description Denial-of-service in the XML component. (CVE-2025-59375) Spoofing issue in Thunderbird. (CVE-2026-3889) Race condition, use-after-free in the Graphics: WebRender component. (CVE-2026-4684) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4685) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4686) Sandbox escape due to incorrect boundary conditions in the Telemetry component. (CVE-2026-4687) Sandbox escape due to use-after-free in the Disability Access APIs component. (CVE-2026-4688) Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. (CVE-2026-4689) Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. (CVE-2026-4690) Use-after-free in the CSS Parsing and Computation component. (CVE-2026-4691) Sandbox escape in the Responsive Design Mode component. (CVE-2026-4692) Incorrect boundary conditions in the Audio/Video: Playback component. (CVE-2026-4693) Incorrect boundary conditions, integer overflow in the Graphics component. (CVE-2026-4694) Incorrect boundary conditions in the Audio/Video: Web Codecs component. (CVE-2026-4695) Use-after-free in the Layout: Text and Fonts component. (CVE-2026-4696) Incorrect boundary conditions in the Audio/Video: Web Codecs component. (CVE-2026-4697) JIT miscompilation in the JavaScript Engine: JIT component. (CVE-2026-4698) Incorrect boundary conditions in the Layout: Text and Fonts component. (CVE-2026-4699) Mitigation bypass in the Networking: HTTP component. (CVE-2026-4700) Use-after-free in the JavaScript Engine component. (CVE-2026-4701) JIT miscompilation in the JavaScript Engine component. (CVE-2026-4702) Denial-of-service in the WebRTC: Signaling component. (CVE-2026-4704) Undefined behavior in the WebRTC: Signaling component. (CVE-2026-4705) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4706) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4707) Incorrect boundary conditions in the Graphics component. (CVE-2026-4708) Incorrect boundary conditions in the Audio/Video: GMP component. (CVE-2026-4709) Incorrect boundary conditions in the Audio/Video component. (CVE-2026-4710) Use-after-free in the Widget: Cocoa component. (CVE-2026-4711) Information disclosure in the Widget: Cocoa component. (CVE-2026-4712) Incorrect boundary conditions in the Graphics component. (CVE-2026-4713) Incorrect boundary conditions in the Audio/Video component. (CVE-2026-4714) Uninitialized memory in the Graphics: Canvas2D component. (CVE-2026-4715) Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. (CVE-2026-4716) Privilege escalation in the Netmonitor component. (CVE-2026-4717) Undefined behavior in the WebRTC: Signaling component. (CVE-2026-4718) Incorrect boundary conditions in the Graphics: Text component. (CVE-2026-4719) Memory safety bugs fixed in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. (CVE-2026-4720) Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. (CVE-2026-4721) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-59375 , CVE-2026-3889 , CVE-2026-4684 , CVE-2026-4685 , CVE-2026-4686 , CVE-2026-4687 , CVE-2026-4688 , CVE-2026-4689 , CVE-2026-4690 , CVE-2026-4691 , CVE-2026-4692 , CVE-2026-4693 , CVE-2026-4694 , CVE-2026-4695 , CVE-2026-4696 , CVE-2026-4697 , CVE-2026-4698 , CVE-2026-4699 , CVE-2026-4700 , CVE-2026-4701 , CVE-2026-4702 , CVE-2026-4704 , CVE-2026-4705 , CVE-2026-4706 , CVE-2026-4707 , CVE-2026-4708 , CVE-2026-4709 , CVE-2026-4710 , CVE-2026-4711 , CVE-2026-4712 , CVE-2026-4713 , CVE-2026-4714 , CVE-2026-4715 , CVE-2026-4716 , CVE-2026-4717 , CVE-2026-4718 , CVE-2026-4719 , CVE-2026-4720 , CVE-2026-4721 Description Denial-of-service in the XML component. (CVE-2025-59375) Spoofing issue in Thunderbird. (CVE-2026-3889) Race condition, use-after-free in the Graphics: WebRender component. (CVE-2026-4684) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4685) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4686) Sandbox escape due to incorrect boundary conditions in the Telemetry component. (CVE-2026-4687) Sandbox escape due to use-after-free in the Disability Access APIs component. (CVE-2026-4688) Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. (CVE-2026-4689) Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. (CVE-2026-4690) Use-after-free in the CSS Parsing and Computation component. (CVE-2026-4691) Sandbox escape in the Responsive Design Mode component. (CVE-2026-4692) Incorrect boundary conditions in the Audio/Video: Playback component. (CVE-2026-4693) Incorrect boundary conditions, integer overflow in the Graphics component. (CVE-2026-4694) Incorrect boundary conditions in the Audio/Video: Web Codecs component. (CVE-2026-4695) Use-after-free in the Layout: Text and Fonts component. (CVE-2026-4696) Incorrect boundary conditions in the Audio/Video: Web Codecs component. (CVE-2026-4697) JIT miscompilation in the JavaScript Engine: JIT component. (CVE-2026-4698) Incorrect boundary conditions in the Layout: Text and Fonts component. (CVE-2026-4699) Mitigation bypass in the Networking: HTTP component. (CVE-2026-4700) Use-after-free in the JavaScript Engine component. (CVE-2026-4701) JIT miscompilation in the JavaScript Engine component. (CVE-2026-4702) Denial-of-service in the WebRTC: Signaling component. (CVE-2026-4704) Undefined behavior in the WebRTC: Signaling component. (CVE-2026-4705) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4706) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4707) Incorrect boundary conditions in the Graphics component. (CVE-2026-4708) Incorrect boundary conditions in the Audio/Video: GMP component. (CVE-2026-4709) Incorrect boundary conditions in the Audio/Video component. (CVE-2026-4710) Use-after-free in the Widget: Cocoa component. (CVE-2026-4711) Information disclosure in the Widget: Cocoa component. (CVE-2026-4712) Incorrect boundary conditions in the Graphics component. (CVE-2026-4713) Incorrect boundary conditions in the Audio/Video component. (CVE-2026-4714) Uninitialized memory in the Graphics: Canvas2D component. (CVE-2026-4715) Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. (CVE-2026-4716) Privilege escalation in the Netmonitor component. (CVE-2026-4717) Undefined behavior in the WebRTC: Signaling component. (CVE-2026-4718) Incorrect boundary conditions in the Graphics: Text component. (CVE-2026-4719) Memory safety bugs fixed in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. (CVE-2026-4720) Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. (CVE-2026-4721) References
- https://bugs.mageia.org/show_bug.cgi?id=35273
- https://www.thunderbird.net/en-US/thunderbird/140.9.0esr/releasenotes/
- https://www.mozilla.org/en-US/security/advisories/mfsa2026-24/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59375
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3889
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4684
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4685
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4686
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4687
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4688
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4689
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4690
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4691
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4692
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4693
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4694
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4695
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4696
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4697
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4698
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4699
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4700
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4701
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4702
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4704
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4705
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4706
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4707
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4708
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4709
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4710
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4711
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4712
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4713
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4714
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4715
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4716
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4717
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4718
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4719
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4720
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4721
- thunderbird-140.9.0-1.mga9
- thunderbird-l10n-140.9.0-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0080 - Updated nss & firefox packages fix security vulnerabilities
Publication date: 02 Apr 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-59375 , CVE-2026-4684 , CVE-2026-4685 , CVE-2026-4686 , CVE-2026-4687 , CVE-2026-4688 , CVE-2026-4689 , CVE-2026-4690 , CVE-2026-4691 , CVE-2026-4692 , CVE-2026-4693 , CVE-2026-4694 , CVE-2026-4695 , CVE-2026-4696 , CVE-2026-4697 , CVE-2026-4698 , CVE-2026-4699 , CVE-2026-4700 , CVE-2026-4701 , CVE-2026-4702 , CVE-2026-4704 , CVE-2026-4705 , CVE-2026-4706 , CVE-2026-4707 , CVE-2026-4708 , CVE-2026-4709 , CVE-2026-4710 , CVE-2026-4711 , CVE-2026-4712 , CVE-2026-4713 , CVE-2026-4714 , CVE-2026-4715 , CVE-2026-4716 , CVE-2026-4717 , CVE-2026-4718 , CVE-2026-4719 , CVE-2026-4720 , CVE-2026-4721 Description Denial-of-service in the XML component. (CVE-2025-59375) Race condition, use-after-free in the Graphics: WebRender component. (CVE-2026-4684) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4685) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4686) Sandbox escape due to incorrect boundary conditions in the Telemetry component. (CVE-2026-4687) Sandbox escape due to use-after-free in the Disability Access APIs component. (CVE-2026-4688) Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. (CVE-2026-4689) Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. (CVE-2026-4690) Use-after-free in the CSS Parsing and Computation component. (CVE-2026-4691) Sandbox escape in the Responsive Design Mode component. (CVE-2026-4692) Incorrect boundary conditions in the Audio/Video: Playback component. (CVE-2026-4693) Incorrect boundary conditions, integer overflow in the Graphics component. (CVE-2026-4694) Incorrect boundary conditions in the Audio/Video: Web Codecs component. (CVE-2026-4695) Use-after-free in the Layout: Text and Fonts component. (CVE-2026-4696) Incorrect boundary conditions in the Audio/Video: Web Codecs component. (CVE-2026-4697) JIT miscompilation in the JavaScript Engine: JIT component. (CVE-2026-4698) Incorrect boundary conditions in the Layout: Text and Fonts component. (CVE-2026-4699) Mitigation bypass in the Networking: HTTP component. (CVE-2026-4700) Use-after-free in the JavaScript Engine component. (CVE-2026-4701) JIT miscompilation in the JavaScript Engine component. (CVE-2026-4702) Denial-of-service in the WebRTC: Signaling component. (CVE-2026-4704) Undefined behavior in the WebRTC: Signaling component. (CVE-2026-4705) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4706) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4707) Incorrect boundary conditions in the Graphics component. (CVE-2026-4708) Incorrect boundary conditions in the Audio/Video: GMP component. (CVE-2026-4709) Incorrect boundary conditions in the Audio/Video component. (CVE-2026-4710) Use-after-free in the Widget: Cocoa component. (CVE-2026-4711) Information disclosure in the Widget: Cocoa component. (CVE-2026-4712) Incorrect boundary conditions in the Graphics component. (CVE-2026-4713) Incorrect boundary conditions in the Audio/Video component. (CVE-2026-4714) Uninitialized memory in the Graphics: Canvas2D component. (CVE-2026-4715) Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. (CVE-2026-4716) Privilege escalation in the Netmonitor component. (CVE-2026-4717) Undefined behavior in the WebRTC: Signaling component. (CVE-2026-4718) Incorrect boundary conditions in the Graphics: Text component. (CVE-2026-4719) Memory safety bugs fixed in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. (CVE-2026-4720) Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. (CVE-2026-4721) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-59375 , CVE-2026-4684 , CVE-2026-4685 , CVE-2026-4686 , CVE-2026-4687 , CVE-2026-4688 , CVE-2026-4689 , CVE-2026-4690 , CVE-2026-4691 , CVE-2026-4692 , CVE-2026-4693 , CVE-2026-4694 , CVE-2026-4695 , CVE-2026-4696 , CVE-2026-4697 , CVE-2026-4698 , CVE-2026-4699 , CVE-2026-4700 , CVE-2026-4701 , CVE-2026-4702 , CVE-2026-4704 , CVE-2026-4705 , CVE-2026-4706 , CVE-2026-4707 , CVE-2026-4708 , CVE-2026-4709 , CVE-2026-4710 , CVE-2026-4711 , CVE-2026-4712 , CVE-2026-4713 , CVE-2026-4714 , CVE-2026-4715 , CVE-2026-4716 , CVE-2026-4717 , CVE-2026-4718 , CVE-2026-4719 , CVE-2026-4720 , CVE-2026-4721 Description Denial-of-service in the XML component. (CVE-2025-59375) Race condition, use-after-free in the Graphics: WebRender component. (CVE-2026-4684) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4685) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4686) Sandbox escape due to incorrect boundary conditions in the Telemetry component. (CVE-2026-4687) Sandbox escape due to use-after-free in the Disability Access APIs component. (CVE-2026-4688) Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. (CVE-2026-4689) Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. (CVE-2026-4690) Use-after-free in the CSS Parsing and Computation component. (CVE-2026-4691) Sandbox escape in the Responsive Design Mode component. (CVE-2026-4692) Incorrect boundary conditions in the Audio/Video: Playback component. (CVE-2026-4693) Incorrect boundary conditions, integer overflow in the Graphics component. (CVE-2026-4694) Incorrect boundary conditions in the Audio/Video: Web Codecs component. (CVE-2026-4695) Use-after-free in the Layout: Text and Fonts component. (CVE-2026-4696) Incorrect boundary conditions in the Audio/Video: Web Codecs component. (CVE-2026-4697) JIT miscompilation in the JavaScript Engine: JIT component. (CVE-2026-4698) Incorrect boundary conditions in the Layout: Text and Fonts component. (CVE-2026-4699) Mitigation bypass in the Networking: HTTP component. (CVE-2026-4700) Use-after-free in the JavaScript Engine component. (CVE-2026-4701) JIT miscompilation in the JavaScript Engine component. (CVE-2026-4702) Denial-of-service in the WebRTC: Signaling component. (CVE-2026-4704) Undefined behavior in the WebRTC: Signaling component. (CVE-2026-4705) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4706) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4707) Incorrect boundary conditions in the Graphics component. (CVE-2026-4708) Incorrect boundary conditions in the Audio/Video: GMP component. (CVE-2026-4709) Incorrect boundary conditions in the Audio/Video component. (CVE-2026-4710) Use-after-free in the Widget: Cocoa component. (CVE-2026-4711) Information disclosure in the Widget: Cocoa component. (CVE-2026-4712) Incorrect boundary conditions in the Graphics component. (CVE-2026-4713) Incorrect boundary conditions in the Audio/Video component. (CVE-2026-4714) Uninitialized memory in the Graphics: Canvas2D component. (CVE-2026-4715) Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. (CVE-2026-4716) Privilege escalation in the Netmonitor component. (CVE-2026-4717) Undefined behavior in the WebRTC: Signaling component. (CVE-2026-4718) Incorrect boundary conditions in the Graphics: Text component. (CVE-2026-4719) Memory safety bugs fixed in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. (CVE-2026-4720) Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. (CVE-2026-4721) References
- https://bugs.mageia.org/show_bug.cgi?id=35272
- https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_122.html
- https://www.firefox.com/en-US/firefox/140.9.0/releasenotes/
- https://www.mozilla.org/en-US/security/advisories/mfsa2026-22/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59375
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4684
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4685
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4686
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4687
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4688
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4689
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4690
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4691
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4692
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4693
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4694
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4695
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4696
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4697
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4698
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4699
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4700
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4701
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4702
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4704
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4705
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4706
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4707
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4708
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4709
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4710
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4711
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4712
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4713
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4714
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4715
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4716
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4717
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4718
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4719
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4720
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4721
- nss-3.122.0-1.mga9
- firefox-140.9.0-1.mga9
- firefox-l10n-140.9.0-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0079 - Updated python-ply packages fix security vulnerability
Publication date: 31 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-56005 Description Unsafe pickle file handling in Ply. (CVE-2025-56005) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-56005 Description Unsafe pickle file handling in Ply. (CVE-2025-56005) References
- https://bugs.mageia.org/show_bug.cgi?id=35294
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHEPCPZY7AYJOCFYA65AKYXVQ5H5GOMT/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-56005
- python-ply-3.11-8.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0078 - Updated freeipmi packages fix security vulnerability
Publication date: 31 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-33554 Description ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response messages. (CVE-2026-33554) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-33554 Description ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response messages. (CVE-2026-33554) References
- https://bugs.mageia.org/show_bug.cgi?id=35293
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/CMUSXA2JYCKVIWVK4S4VIC7PKTX2BCXY/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33554
- freeipmi-1.6.10-2.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0077 - Updated vim packages fix security vulnerability
Publication date: 31 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-34714 Description Vim tabpanel modeline escape affects Vim < 9.2.0272. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-34714 Description Vim tabpanel modeline escape affects Vim < 9.2.0272. References
- https://bugs.mageia.org/show_bug.cgi?id=35292
- https://www.openwall.com/lists/oss-security/2026/03/30/3
- https://github.com/vim/vim/security/advisories/GHSA-2gmj-rpqf-pxvh
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34714
- vim-9.2.272-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0076 - Updated zlib packages fix security vulnerability
Publication date: 31 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-27171 Description zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition. (CVE-2026-27171) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-27171 Description zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition. (CVE-2026-27171) References
- https://bugs.mageia.org/show_bug.cgi?id=35291
- https://bugzilla.redhat.com/show_bug.cgi?id=2440530
- https://ubuntu.com/security/CVE-2026-27171
- https://security-tracker.debian.org/tracker/CVE-2026-27171
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27171
- zlib-1.2.13-1.4.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0075 - Updated ruby-rack packages fix security vulnerabilities
Publication date: 31 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-22860 , CVE-2026-25500 Description Rack has a Directory Traversal via Rack:Directory. (CVE-2026-22860) Rack's Stored XSS in Rack::Directory via javascript: filenames rendered into anchor href. (CVE-2026-25500) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-22860 , CVE-2026-25500 Description Rack has a Directory Traversal via Rack:Directory. (CVE-2026-22860) Rack's Stored XSS in Rack::Directory via javascript: filenames rendered into anchor href. (CVE-2026-25500) References
- https://bugs.mageia.org/show_bug.cgi?id=35285
- https://lists.debian.org/debian-security-announce/2026/msg00089.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22860
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25500
- ruby-rack-2.2.22-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2026-0074 - Updated python-openssl packages fix security vulnerabilities
Publication date: 31 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-27448 , CVE-2026-27459 Description pyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback. (CVE-2026-27448) pyOpenSSL DTLS cookie callback buffer overflow. (CVE-2026-27459) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-27448 , CVE-2026-27459 Description pyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback. (CVE-2026-27448) pyOpenSSL DTLS cookie callback buffer overflow. (CVE-2026-27459) References
- https://bugs.mageia.org/show_bug.cgi?id=35254
- https://www.openwall.com/lists/oss-security/2026/03/20/5
- https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4
- https://github.com/pyca/pyopenssl/security/advisories/GHSA-vp96-hxj8-p424
- https://ubuntu.com/security/notices/USN-8115-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27448
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27459
- python-openssl-23.0.0-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2026-0024 - Updated zynaddsubfx packages fix bug
Publication date: 31 Mar 2026
Type: bugfix
Affected Mageia releases : 9
Description The application crashes whe you try to refresh bank list. This update fixes the reported issue. References SRPMS 9/core
Type: bugfix
Affected Mageia releases : 9
Description The application crashes whe you try to refresh bank list. This update fixes the reported issue. References SRPMS 9/core
- zynaddsubfx-3.0.6-1.1.mga9
Categorías: Actualizaciones de Seguridad
