Mageia App Db - Security issues

Security issues

Distribution Latest stable (9) Applications Show only applications Arch i586 More

Regular/Source Regular packages Media All Group All Maintainers All

Mageia Cauldron

Bug number	Summary (hover for RPM name)	Assignee	Versions affected	Status comment	Date created	Last action (days)	Quick search
19800	dracut new security issue CVE-2016-4484	Mageia tools maintainers	Cauldron, 9	Should be mitigated by the installer	2016-11-16	42	Bugzilla
26629	python-beaker new security issue due to deserialization of untrusted data CVE-2013-7489	Philippe Makowski	Cauldron, 9	No fix available as of end of 2020	2020-05-15	42	Bugzilla
27131	Possible missing security fixes in several libraries used by PHP modules	All Packagers	Cauldron		2020-08-18	136
27750	resteasy new security issue CVE-2020-25633	Java Stack Maintainers	Cauldron, 9	No fix available as of end of 2020	2020-12-05	42	Bugzilla
27771	hdf5 new security issue CVE-2020-10812	Chris Denice	Cauldron, 9	Fixed upstream in 1.14.4	2020-12-07	36	Bugzilla
28478	containernetworking-plugins new security issues CVE-2021-20206, CVE-2021-34558, CVE-2023-39326 and C[...]	Joseph Wang	Cauldron, 9		2021-02-27	54	Bugzilla
30309	tpm2-abrmd dbus service allows regular users to clear TPM	Thierry Vignaud	Cauldron, 9		2022-04-20	42	Bugzilla
30467	libpng12 possible new security issues CVE-2017-12652, CVE-2018-14048	Rémi Verschelde	Cauldron		2022-05-23	796	Bugzilla
31123	xmlrpc-c new security issues CVE-2022-25236 CVE-2022-2531[345] CVE-2022-40674 CVE-2022-43680	All Packagers	Cauldron, 9		2022-11-14	42	Bugzilla
31458	python-py new security issue CVE-2022-42969	Python Stack Maintainers	Cauldron, 9		2023-01-27	42	Bugzilla
31677	ffmpeg new security issues CVE-2023-092[7-9], CVE-2023-093[0-3], CVE-2023-0941, CVE-2023-121[3-9], C[...]	Stig-Ørjan Smelror	Cauldron, 9	Fixed upstream in 7.0	2023-03-15	30	Bugzilla
31791	pcre unfixed security issue CVE-2017-11164	All Packagers	Cauldron		2023-04-13	402	Bugzilla
31804	golang-github-prometheus, golang-github-prometheus-exporter-toolkit new security issue CVE-2022-4614[...]	Guillaume Rousse	Cauldron	Fixed upstream in golang-github-prometheus-exporter-toolkit 0.7.2	2023-04-17	439	Bugzilla
31852	perl, perl-CPAN, perl-HTTP-Tiny new security issues CVE-2023-31484 and CVE-2023-31486	Perl Stack Maintainers	Cauldron, 9		2023-05-01	42	Bugzilla
32113	kanboard new security issue CVE-2023-36813	All Packagers	Cauldron, 9	Fixed upstream in 1.2.31	2023-07-17	42	Bugzilla
32584	python-cryptography new security issues CVE-2023-49083, CVE-2023-50782 and CVE-2024-26130	Python Stack Maintainers	Cauldron, 9	Patches available from Ubuntu and upstream	2023-11-30	60	Bugzilla
32641	[TRACKER] CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)	All Packagers	Cauldron, 9		2023-12-20	190
32674	CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack) - golang-x-crypto	All Packagers	Cauldron, 9		2023-12-31	190	Bugzilla
32675	CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack) -apache-sshd	Nicolas Lécureuil	Cauldron, 9		2023-12-31	161	Bugzilla
32676	CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack) - trilead-ssh2	All Packagers	Cauldron, 9		2023-12-31	127	Bugzilla
32682	CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack) - ruby-net-ssh	All Packagers	Cauldron, 9		2024-01-02	190	Bugzilla
33036	buildah and podman new security issues CVE-2024-1753, CVE-2023-45290, CVE-2024-28180 and CVE-2024-28[...]	Joseph Wang	Cauldron, 9	Fixed upstream in buildah 1.35.4 and podman 4.9.4	2024-03-29	23	Bugzilla
33080	/boot/EFI access should be root-only, to avoid unauthorized tampering	Thierry Vignaud	Cauldron, 9		2024-04-09	78	Bugzilla
33081	freeimage new security issues CWE-121 (Stack-based Buffer Overflow), CWE-122 (Heap-based Buffer Over[...]	All Packagers	Cauldron, 9		2024-04-10	108	Bugzilla
33086	edk2 new security issues CVE-2022-3676[34], CVE-2023-45229 and CVE-2023-4523[0-7]	Thierry Vignaud	Cauldron, 9	Patches available from Debian, CVE-2023-4523[67] unfixed	2024-04-10	30	Bugzilla
33143	kubernetes new security issue CVE-2024-3177	Bruno Cornec	Cauldron, 9	Fixed upstream in 1.27.13	2024-04-25	90	Bugzilla
33159	qtbase5, qtbase6 new security issues CVE-2023-51714, CVE-2024-25580 and CVE-2024-39936	All Packagers	Cauldron, 9		2024-04-30	15	Bugzilla
33300	cyrus-imapd new security issue CVE-2024-34055	All Packagers	Cauldron, 9	Fixed upstream in 3.6.5	2024-06-13	44	Bugzilla
33301	389-ds-base new security issues CVE-2024-3657 and CVE-2024-2199	All Packagers	Cauldron, 9		2024-06-13	44	Bugzilla
33305	virtuoso-opensource new security issues CVE-2023-3160[7-9], CVE-2023-3161[0-9], CVE-2023-31620, CVE-[...]	All Packagers	Cauldron, 9	Patches available from Ubuntu	2024-06-13	22	Bugzilla
33313	python3 and python new security issues CVE-2024-0397 and CVE-2024-4032	Python Stack Maintainers	Cauldron, 9	Fixed upstream in 3.12.4 and patches available from upstream	2024-06-18	37	Bugzilla
33314	bouncycastle new security issue CVE-2024-30171	Nicolas Lécureuil	Cauldron, 9	Fixed upstream in 1.78.1	2024-06-19	37	Bugzilla
33328	gnome-settings-daemon new security issue CVE-2024-38394	GNOME maintainers	Cauldron, 9	Patch available from openSUSE and upstream	2024-06-24	32	Bugzilla
33365	p7zip new security issues CVE-2023-5216[89]	David GEIGER	Cauldron, 9	Fixed in 7zip 24.01 beta	2024-07-04	22	Bugzilla
33368	cockpit new security issue CVE-2024-6126	All Packagers	Cauldron, 9	Fixed upstream in 320	2024-07-05	22	Bugzilla
33387	python-django new security issues CVE-2024-38875, CVE-2024-39329, CVE-2024-39330, and CVE-2024-39614	Python Stack Maintainers	Cauldron, 9	Fixed upstream in 5.0.7 and patches available from upstream	2024-07-10	17	Bugzilla
33395	python-zipp new security issue CVE-2024-5569	Python Stack Maintainers	Cauldron, 9	Fixed upstream in 3.19.1 and patch available from upstream and openSUSE	2024-07-12	15	Bugzilla
33401	xen new security issues CVE-2024-3114[34]	Giuseppe Ghibò	Cauldron, 9		2024-07-16	9	Bugzilla
33409	gtk+2.0 and gtk+3.0 new security issue CVE-2024-6655	All Packagers	Cauldron, 9	Patches available from Ubuntu	2024-07-17	9	Bugzilla
33413	java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, java-21-openjdk and java-latest-openjdk new se[...]	Java Stack Maintainers	Cauldron, 9		2024-07-18	2	Bugzilla
33415	nodejs new security issues CVE-2024-22020, CVE-2024-36137, CVE-2024-22018	All Packagers	Cauldron, 9	Fixed upstream in 20.15.1	2024-07-19	7	Bugzilla
33430	ffmpeg new security issue CVE-2023-49528	Nicolas Salguero	Cauldron, 9		2024-07-25	2	Bugzilla
33431	suricata new security issues CVE-2024-37151 and CVE-2024-3853[4-6]	David GEIGER	Cauldron, 9	Fixed upstream in 7.0.6 and, maybe partially, 6.0.20	2024-07-25	2	Bugzilla
33434	gnome-shell new security issue CVE-2024-36472	GNOME maintainers	Cauldron, 9	Patch available from upstream and openSUSE	2024-07-25	2	Bugzilla
33435	libvirt new security issue CVE-2024-4418	Thierry Vignaud	Cauldron	fixed at least in version 10.4.0	2024-07-25	2	Bugzilla
33437	bind new security issues CVE-2024-0760, CVE-2024-1737, CVE-2024-1975, CVE-2024-4076	Nicolas Salguero	Cauldron, 9	Fixed upstream in 9.18.28 and patches available from upstream and Ubuntu	2024-07-25	2	Bugzilla

Number: 46

Mageia 9

Bug number	Summary (hover for RPM name)	Assignee	Versions affected	Status comment	Date created	Last action (days)	Quick search
19800	dracut new security issue CVE-2016-4484	Mageia tools maintainers	Cauldron, 9	Should be mitigated by the installer	2016-11-16	42	Bugzilla
26629	python-beaker new security issue due to deserialization of untrusted data CVE-2013-7489	Philippe Makowski	Cauldron, 9	No fix available as of end of 2020	2020-05-15	42	Bugzilla
27750	resteasy new security issue CVE-2020-25633	Java Stack Maintainers	Cauldron, 9	No fix available as of end of 2020	2020-12-05	42	Bugzilla
27771	hdf5 new security issue CVE-2020-10812	Chris Denice	Cauldron, 9	Fixed upstream in 1.14.4	2020-12-07	36	Bugzilla
28478	containernetworking-plugins new security issues CVE-2021-20206, CVE-2021-34558, CVE-2023-39326 and C[...]	Joseph Wang	Cauldron, 9		2021-02-27	54	Bugzilla
30309	tpm2-abrmd dbus service allows regular users to clear TPM	Thierry Vignaud	Cauldron, 9		2022-04-20	42	Bugzilla
31123	xmlrpc-c new security issues CVE-2022-25236 CVE-2022-2531[345] CVE-2022-40674 CVE-2022-43680	All Packagers	Cauldron, 9		2022-11-14	42	Bugzilla
31458	python-py new security issue CVE-2022-42969	Python Stack Maintainers	Cauldron, 9		2023-01-27	42	Bugzilla
31677	ffmpeg new security issues CVE-2023-092[7-9], CVE-2023-093[0-3], CVE-2023-0941, CVE-2023-121[3-9], C[...]	Stig-Ørjan Smelror	Cauldron, 9	Fixed upstream in 7.0	2023-03-15	30	Bugzilla
31852	perl, perl-CPAN, perl-HTTP-Tiny new security issues CVE-2023-31484 and CVE-2023-31486	Perl Stack Maintainers	Cauldron, 9		2023-05-01	42	Bugzilla
31881	cloud-init new security issue CVE-2023-1786	All Packagers	9	Fixed upstream in 23.1.2	2023-05-06	135	Bugzilla
32113	kanboard new security issue CVE-2023-36813	All Packagers	Cauldron, 9	Fixed upstream in 1.2.31	2023-07-17	42	Bugzilla
32584	python-cryptography new security issues CVE-2023-49083, CVE-2023-50782 and CVE-2024-26130	Python Stack Maintainers	Cauldron, 9	Patches available from Ubuntu and upstream	2023-11-30	60	Bugzilla
32641	[TRACKER] CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)	All Packagers	Cauldron, 9		2023-12-20	190
32674	CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack) - golang-x-crypto	All Packagers	Cauldron, 9		2023-12-31	190	Bugzilla
32675	CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack) -apache-sshd	Nicolas Lécureuil	Cauldron, 9		2023-12-31	161	Bugzilla
32676	CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack) - trilead-ssh2	All Packagers	Cauldron, 9		2023-12-31	127	Bugzilla
32682	CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack) - ruby-net-ssh	All Packagers	Cauldron, 9		2024-01-02	190	Bugzilla
33036	buildah and podman new security issues CVE-2024-1753, CVE-2023-45290, CVE-2024-28180 and CVE-2024-28[...]	Joseph Wang	Cauldron, 9	Fixed upstream in buildah 1.35.4 and podman 4.9.4	2024-03-29	23	Bugzilla
33070	ncurses new security issue CVE-2023-45918	Jani Välimaa	9	Patches available from SUSE and fixed upstream in 6.4-20230615	2024-04-09	107	Bugzilla
33074	qemu new security issues CVE-2023-1544, CVE-2023-3019, CVE-2023-3255, CVE-2023-5088, CVE-2023-6683, [...]	Giuseppe Ghibò	9	Patches available from openSUSE and Redhat	2024-04-09	38	Bugzilla
33080	/boot/EFI access should be root-only, to avoid unauthorized tampering	Thierry Vignaud	Cauldron, 9		2024-04-09	78	Bugzilla
33081	freeimage new security issues CWE-121 (Stack-based Buffer Overflow), CWE-122 (Heap-based Buffer Over[...]	All Packagers	Cauldron, 9		2024-04-10	108	Bugzilla
33086	edk2 new security issues CVE-2022-3676[34], CVE-2023-45229 and CVE-2023-4523[0-7]	Thierry Vignaud	Cauldron, 9	Patches available from Debian, CVE-2023-4523[67] unfixed	2024-04-10	30	Bugzilla
33143	kubernetes new security issue CVE-2024-3177	Bruno Cornec	Cauldron, 9	Fixed upstream in 1.27.13	2024-04-25	90	Bugzilla
33159	qtbase5, qtbase6 new security issues CVE-2023-51714, CVE-2024-25580 and CVE-2024-39936	All Packagers	Cauldron, 9		2024-04-30	15	Bugzilla
33198	glib2.0 new security issue CVE-2024-34397	Base system maintainers	9	Patches available from Ubuntu and upstream	2024-05-13	42	Bugzilla
33206	tinyproxy new security issues CVE-2022-40468, CVE-2023-40533 and CVE-2023-49606	Johnny A. Solbu	9	Fixed upstream in 1.11.2	2024-05-13	59	Bugzilla
33207	podofo new security issues CVE-2023-3156[6-8]	All Packagers	9	Fixed upstream in 0.10.1	2024-05-13	23	Bugzilla
33300	cyrus-imapd new security issue CVE-2024-34055	All Packagers	Cauldron, 9	Fixed upstream in 3.6.5	2024-06-13	44	Bugzilla
33301	389-ds-base new security issues CVE-2024-3657 and CVE-2024-2199	All Packagers	Cauldron, 9		2024-06-13	44	Bugzilla
33305	virtuoso-opensource new security issues CVE-2023-3160[7-9], CVE-2023-3161[0-9], CVE-2023-31620, CVE-[...]	All Packagers	Cauldron, 9	Patches available from Ubuntu	2024-06-13	22	Bugzilla
33313	python3 and python new security issues CVE-2024-0397 and CVE-2024-4032	Python Stack Maintainers	Cauldron, 9	Fixed upstream in 3.12.4 and patches available from upstream	2024-06-18	37	Bugzilla
33314	bouncycastle new security issue CVE-2024-30171	Nicolas Lécureuil	Cauldron, 9	Fixed upstream in 1.78.1	2024-06-19	37	Bugzilla
33328	gnome-settings-daemon new security issue CVE-2024-38394	GNOME maintainers	Cauldron, 9	Patch available from openSUSE and upstream	2024-06-24	32	Bugzilla
33365	p7zip new security issues CVE-2023-5216[89]	David GEIGER	Cauldron, 9	Fixed in 7zip 24.01 beta	2024-07-04	22	Bugzilla
33368	cockpit new security issue CVE-2024-6126	All Packagers	Cauldron, 9	Fixed upstream in 320	2024-07-05	22	Bugzilla
33369	python-astropy new security issue CVE-2023-41334	Python Stack Maintainers	9	Fixed upstream in 5.3.3	2024-07-05	22	Bugzilla
33387	python-django new security issues CVE-2024-38875, CVE-2024-39329, CVE-2024-39330, and CVE-2024-39614	Python Stack Maintainers	Cauldron, 9	Fixed upstream in 5.0.7 and patches available from upstream	2024-07-10	17	Bugzilla
33395	python-zipp new security issue CVE-2024-5569	Python Stack Maintainers	Cauldron, 9	Fixed upstream in 3.19.1 and patch available from upstream and openSUSE	2024-07-12	15	Bugzilla
33401	xen new security issues CVE-2024-3114[34]	Giuseppe Ghibò	Cauldron, 9		2024-07-16	9	Bugzilla
33409	gtk+2.0 and gtk+3.0 new security issue CVE-2024-6655	All Packagers	Cauldron, 9	Patches available from Ubuntu	2024-07-17	9	Bugzilla
33413	java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, java-21-openjdk and java-latest-openjdk new se[...]	Java Stack Maintainers	Cauldron, 9		2024-07-18	2	Bugzilla
33415	nodejs new security issues CVE-2024-22020, CVE-2024-36137, CVE-2024-22018	All Packagers	Cauldron, 9	Fixed upstream in 20.15.1	2024-07-19	7	Bugzilla
33429	botan2 new security issue CVE-2024-34703	Stig-Ørjan Smelror	9	Fixed upstream in 2.19.5 and patch available from upstream	2024-07-25	2	Bugzilla
33430	ffmpeg new security issue CVE-2023-49528	Nicolas Salguero	Cauldron, 9		2024-07-25	2	Bugzilla
33431	suricata new security issues CVE-2024-37151 and CVE-2024-3853[4-6]	David GEIGER	Cauldron, 9	Fixed upstream in 7.0.6 and, maybe partially, 6.0.20	2024-07-25	2	Bugzilla
33432	tcpreplay new security issue CVE-2024-3024	David GEIGER	9	Fixed in v4.5.1	2024-07-25	2	Bugzilla
33434	gnome-shell new security issue CVE-2024-36472	GNOME maintainers	Cauldron, 9	Patch available from upstream and openSUSE	2024-07-25	2	Bugzilla
33436	python3 new security issue CVE-2024-4032	Python Stack Maintainers	9		2024-07-25	2	Bugzilla
33437	bind new security issues CVE-2024-0760, CVE-2024-1737, CVE-2024-1975, CVE-2024-4076	Nicolas Salguero	Cauldron, 9	Fixed upstream in 9.18.28 and patches available from upstream and Ubuntu	2024-07-25	2	Bugzilla

Number: 51

Latest

Browse

Tools

Mageia Cauldron

Mageia 9