Bug 33856 - gstreamer1.0, gstreamer1.0-plugins-base, gstreamer1.0-plugins-good new security issues CVE-2024-4753[7-9], CVE-2024-4754[0-6], CVE-2024-4759[6-9], CVE-2024-4760[012367], CVE-2024-4761[35], CVE-2024-4777[4-8], CVE-2024-4783[45]
Summary: gstreamer1.0, gstreamer1.0-plugins-base, gstreamer1.0-plugins-good new securi...
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 9
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA9-32-OK MGA9-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2024-12-16 11:24 CET by Nicolas Salguero
Modified: 2025-02-06 21:02 CET (History)
4 users (show)

See Also:
Source RPM: gstreamer1.0, gstreamer1.0-plugins-base, gstreamer1.0-plugins-good
CVE: CVE-2024-47537 CVE-2024-47538 CVE-2024-47539 CVE-2024-47540 CVE-2024-47541 CVE-2024-47542 CVE-2024-47543 CVE-2024-47544 CVE-2024-47545 CVE-2024-47546 CVE-2024-47596 CVE-2024-47597 CVE-2024-47598 CVE-2024-47599 CVE-2024-47600 CVE-2024-47601 CVE-2024-47602
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Nicolas Salguero 2024-12-16 11:24:51 CET 
Those issues were announced here:
https://www.openwall.com/lists/oss-security/2024/12/13/1
Nicolas Salguero 2024-12-16 11:33:09 CET

CVE: (none) => CVE-2024-47537 CVE-2024-47538 CVE-2024-47539 CVE-2024-47540 CVE-2024-47541 CVE-2024-47542 CVE-2024-47543 CVE-2024-47544 CVE-2024-47545 CVE-2024-47546 CVE-2024-47596 CVE-2024-47597 CVE-2024-47598 CVE-2024-47599 CVE-2024-47600 CVE-2024-47601 CVE-2024-47602
Whiteboard: (none) => MGA9TOO
Source RPM: (none) => gstreamer1.0-plugins-base, gstreamer1.0-plugins-bad

Comment 1 Lewis Smith 2024-12-17 21:49:42 CET 
This may not be as bad as it looks.

The openwall URL says:
"https://discourse.gstreamer.org/t/gstreamer-1-24-10-stable-bug-fix-release/3683
was posted on December 3, announcing:
The GStreamer team is pleased to announce another bug fix release in the new
    stable 1.24 release series.
    This release only contains bug fixes and security fixes. It should be safe to
    upgrade from 1.24.x and we recommend you update at your earliest convenience.
     Highlights:
     - More than 40 security fixes across a wide range of elements following an
       audit by the GitHub Security Lab, including the MP4, Matroska, Ogg and WAV
       demuxers, subtitle parsers, image decoders, audio decoders and the id3v2
       tag parser.
where "security fixes" links to https://gstreamer.freedesktop.org/security/
which lists these advisories dated Dec. 3:
which affect the gstreamer core, gstreamer-plugins-base, and
gstreamer-plugins-good packages."

No mention of 'bad'. It lists all the CVEs addressed.

The freedesktop URL lists again all the CVEs, with a Details link which expands on that, giving the exact version up to which it applies, and the version which  fixes it. Be careful: this page includes the current CVE bunch up to 2024-12-03; and a lot of *earlier* ones.
Each Detals page also includes the patch for the version for which the CVE applies.

M9 is at  v1.22.11 for both. Unsure whether we can update to new 1-24-10.

Assignee: bugsquad => pkg-bugs
Status comment: (none) => For versions at 1.24.8,,fixed in 1-24-10.

Comment 2 Nicolas Salguero 2024-12-18 11:17:44 CET 
Debian has issued an advisory on December 14:
https://lwn.net/Articles/1002291/

For Mageia 9 (version 1.22.x), patches are available from Debian:
https://sources.debian.org/src/gst-plugins-base1.0/1.22.0-3%2Bdeb12u3/debian/patches/
Comment 4 Nicolas Salguero 2024-12-18 11:25:10 CET 
gstreamer1.0 is also affected by CVE-2024-47606 (Debian seems to have patches for that in version 1.22.0-2+deb12u1).

Summary: gstreamer1.0-plugins-base, gstreamer1.0-plugins-bad new security issues CVE-2024-4753[7-9], CVE-2024-4754[0-6], CVE-2024-4759[6-9], CVE-2024-4760[012367], CVE-2024-4761[35], CVE-2024-4777[4-8], CVE-2024-4783[45] => gstreamer1.0, gstreamer1.0-plugins-base, gstreamer1.0-plugins-bad new security issues CVE-2024-4753[7-9], CVE-2024-4754[0-6], CVE-2024-4759[6-9], CVE-2024-4760[012367], CVE-2024-4761[35], CVE-2024-4777[4-8], CVE-2024-4783[45]
Source RPM: gstreamer1.0-plugins-base, gstreamer1.0-plugins-bad => gstreamer1.0, gstreamer1.0-plugins-base, gstreamer1.0-plugins-bad

Comment 5 Nicolas Salguero 2024-12-20 09:32:44 CET 
Ubuntu has issued advisories on December 18:
https://ubuntu.com/security/notices/USN-7174-1 (gstreamer1.0)
https://ubuntu.com/security/notices/USN-7175-1 (gstreamer1.0-plugins-base)
https://ubuntu.com/security/notices/USN-7176-1 (gstreamer1.0-plugins-good)

Source RPM: gstreamer1.0, gstreamer1.0-plugins-base, gstreamer1.0-plugins-bad => gstreamer1.0, gstreamer1.0-plugins-base, gstreamer1.0-plugins-bad, gstreamer1.0-plugins-good
Summary: gstreamer1.0, gstreamer1.0-plugins-base, gstreamer1.0-plugins-bad new security issues CVE-2024-4753[7-9], CVE-2024-4754[0-6], CVE-2024-4759[6-9], CVE-2024-4760[012367], CVE-2024-4761[35], CVE-2024-4777[4-8], CVE-2024-4783[45] => gstreamer1.0, gstreamer1.0-plugins-base, gstreamer1.0-plugins-bad, gstreamer1.0-plugins-good new security issues CVE-2024-4753[7-9], CVE-2024-4754[0-6], CVE-2024-4759[6-9], CVE-2024-4760[012367], CVE-2024-4761[35], CVE-2024-4777[4-8], CVE-2024-4783[45]

Comment 6 Nicolas Salguero 2025-02-03 11:28:28 CET 
Fixed in Cauldron (version 1.24.11).

Whiteboard: MGA9TOO => (none)
Status comment: For versions at 1.24.8,,fixed in 1-24-10. => (none)
Version: Cauldron => 9

Nicolas Salguero 2025-02-03 11:55:04 CET

Source RPM: gstreamer1.0, gstreamer1.0-plugins-base, gstreamer1.0-plugins-bad, gstreamer1.0-plugins-good => gstreamer1.0, gstreamer1.0-plugins-base, gstreamer1.0-plugins-good

Nicolas Salguero 2025-02-03 11:55:17 CET

Summary: gstreamer1.0, gstreamer1.0-plugins-base, gstreamer1.0-plugins-bad, gstreamer1.0-plugins-good new security issues CVE-2024-4753[7-9], CVE-2024-4754[0-6], CVE-2024-4759[6-9], CVE-2024-4760[012367], CVE-2024-4761[35], CVE-2024-4777[4-8], CVE-2024-4783[45] => gstreamer1.0, gstreamer1.0-plugins-base, gstreamer1.0-plugins-good new security issues CVE-2024-4753[7-9], CVE-2024-4754[0-6], CVE-2024-4759[6-9], CVE-2024-4760[012367], CVE-2024-4761[35], CVE-2024-4777[4-8], CVE-2024-4783[45]

Comment 7 Nicolas Salguero 2025-02-04 10:10:09 CET 
Suggested advisory:
========================

The updated packages fix security vulnerabilities:

GStreamer has an OOB-write in isomp4/qtdemux.c. (CVE-2024-47537)

GStreamer has a stack-buffer overflow in vorbis_handle_identification_packet. (CVE-2024-47538)

GStreamer has an OOB-write in convert_to_s334_1a. (CVE-2024-47539)

GStreamer uses uninitialized stack memory in Matroska/WebM demuxer. (CVE-2024-47540)

GStreamer has an out-of-bounds write in SSA subtitle parser. (CVE-2024-47541)

GStreamer ID3v2 parser out-of-bounds read and NULL-pointer dereference. (CVE-2024-47542)

GStreamer has an OOB-read in qtdemux_parse_container. (CVE-2024-47543)

GStreamer has NULL-pointer dereferences in MP4/MOV demuxer CENC handling. (CVE-2024-47544)

GStreamer has an integer underflow in FOURCC_strf parsing leading to OOB-read. (CVE-2024-47545)

GStreamer has an integer underflow in extract_cc_from_data leading to OOB-read. (CVE-2024-47546)

GStreamer has an OOB-read in FOURCC_SMI_ parsing. (CVE-2024-47596)

GStreamer has an OOB-read in qtdemux_parse_samples. (CVE-2024-47597)

GStreamer has an OOB-read in qtdemux_merge_sample_table. (CVE-2024-47598)

GStreamer Insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences. (CVE-2024-47599)

GStreamer has an OOB-read in format_channel_mask. (CVE-2024-47600)

GStreamer has a NULL-pointer dereference in Matroska/WebM demuxer. (CVE-2024-47601)

GStreamer NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer. (CVE-2024-47602)

GStreamer NULL-pointer dereference in Matroska/WebM demuxer. (CVE-2024-47603)

GStreamer Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes. (CVE-2024-47606)

Stack-buffer overflow in gst_opus_dec_parse_header. (CVE-2024-47607)

GStreamer has a null pointer dereference in gst_gdk_pixbuf_dec_flush. (CVE-2024-47613)

GStreamer has an out-of-bounds write in Ogg demuxer. (CVE-2024-47615)

GStreamer has an OOB-read in gst_avi_subtitle_parse_gab2_chunk. (CVE-2024-47774)

GStreamer has an OOB-read in parse_ds64. (CVE-2024-47775)

GStreamer has a OOB-read in gst_wavparse_cue_chunk. (CVE-2024-47776)

GStreamer has an OOB-read in gst_wavparse_smpl_chunk. (CVE-2024-47777)

GStreamer has an OOB-read in gst_wavparse_adtl_chunk. (CVE-2024-47778)

Gstreamer Use-After-Free read in Matroska CodecPrivate. (CVE-2024-47834)

Gstreamer NULL-pointer dereference in LRC subtitle parser. (CVE-2024-47835)

References:
https://www.openwall.com/lists/oss-security/2024/12/13/1
https://lists.debian.org/debian-security-announce/2024/msg00247.html
https://lists.debian.org/debian-security-announce/2024/msg00248.html
https://lists.debian.org/debian-security-announce/2024/msg00254.html
https://ubuntu.com/security/notices/USN-7174-1
https://ubuntu.com/security/notices/USN-7175-1
https://ubuntu.com/security/notices/USN-7176-1
========================

Updated packages in core/updates_testing:
========================
gstreamer1.0-tools-1.22.11-1.1.mga9
lib(64)gst-gir1.0-1.22.11-1.1.mga9
lib(64)gstreamer1.0_0-1.22.11-1.1.mga9
lib(64)gstreamer1.0-devel-1.22.11-1.1.mga9

gstreamer1.0-cdparanoia-1.22.11-1.2.mga9
gstreamer1.0-libvisual-1.22.11-1.2.mga9
gstreamer1.0-plugins-base-1.22.11-1.2.mga9
lib(64)gstgl-gir1.0-1.22.11-1.2.mga9
lib(64)gstgl1.0_0-1.22.11-1.2.mga9
lib(64)gstreamer-plugins-base-gir1.0-1.22.11-1.2.mga9
lib(64)gstreamer-plugins-base1.0_0-1.22.11-1.2.mga9
lib(64)gstreamer-plugins-base1.0-devel-1.22.11-1.2.mga9

gstreamer1.0-aalib-1.22.11-1.1.mga9
gstreamer1.0-caca-1.22.11-1.1.mga9
gstreamer1.0-dv-1.22.11-1.1.mga9
gstreamer1.0-flac-1.22.11-1.1.mga9
gstreamer1.0-jack-1.22.11-1.1.mga9
gstreamer1.0-lame-1.22.11-1.1.mga9
gstreamer1.0-plugins-good-1.22.11-1.1.mga9
gstreamer1.0-pulse-1.22.11-1.1.mga9
gstreamer1.0-raw1394-1.22.11-1.1.mga9
gstreamer1.0-soup-1.22.11-1.1.mga9
gstreamer1.0-speex-1.22.11-1.1.mga9
gstreamer1.0-twolame-1.22.11-1.1.mga9
gstreamer1.0-vp8-1.22.11-1.1.mga9
gstreamer1.0-wavpack-1.22.11-1.1.mga9

from SRPMS:
gstreamer1.0-1.22.11-1.1.mga9.src.rpm
gstreamer1.0-plugins-base-1.22.11-1.2.mga9.src.rpm
gstreamer1.0-plugins-good-1.22.11-1.1.mga9.src.rpm

Assignee: pkg-bugs => qa-bugs
Status: NEW => ASSIGNED

Comment 8 katnatek 2025-02-04 18:23:40 CET 
I wonder if also should be build the tainted version?
PC LX 2025-02-04 22:27:26 CET

CC: (none) => mageia

Thomas Andrews 2025-02-04 23:56:37 CET

CC: (none) => andrewsfarm

Comment 9 Thomas Andrews 2025-02-05 16:11:07 CET 
(In reply to katnatek from comment #8)
> I wonder if also should be build the tainted version?

A good question. We have a history of some confusion about which gstreamer plugin packages have to be rebuilt. 

Bug 28977, for example, had to be pushed because the upstream advisory for Bug 28685 didn't list some of the gstreamer plugins that also needed rebuilding, so they were missed in the original bug.

So, definitely something to check.
Comment 10 Nicolas Salguero 2025-02-05 16:15:37 CET 
Hi,

gstreamer1.0, gstreamer1.0-plugins-base and gstreamer1.0-plugins-good are only in core.

gstreamer1.0-plugins-bad and gstreamer1.0-plugins-ugly are the ones that can be find in tainted.

Best regards,

Nico.
katnatek 2025-02-05 18:29:09 CET

Keywords: (none) => advisory

Comment 11 katnatek 2025-02-05 18:54:07 CET 
RH x86_64

installing gstreamer1.0-wavpack-1.22.11-1.1.mga9.x86_64.rpm gstreamer1.0-vp8-1.22.11-1.1.mga9.x86_64.rpm gstreamer1.0-speex-1.22.11-1.1.mga9.x86_64.rpm gstreamer1.0-flac-1.22.11-1.1.mga9.x86_64.rpm gstreamer1.0-pulse-1.22.11-1.1.mga9.x86_64.rpm lib64gstreamer1.0_0-1.22.11-1.1.mga9.x86_64.rpm gstreamer1.0-twolame-1.22.11-1.1.mga9.x86_64.rpm lib64gstgl1.0_0-1.22.11-1.2.mga9.x86_64.rpm gstreamer1.0-plugins-good-1.22.11-1.1.mga9.x86_64.rpm gstreamer1.0-plugins-base-1.22.11-1.2.mga9.x86_64.rpm lib64gstreamer-plugins-base1.0_0-1.22.11-1.2.mga9.x86_64.rpm gstreamer1.0-dv-1.22.11-1.1.mga9.x86_64.rpm gstreamer1.0-lame-1.22.11-1.1.mga9.x86_64.rpm gstreamer1.0-soup-1.22.11-1.1.mga9.x86_64.rpm lib64gst-gir1.0-1.22.11-1.1.mga9.x86_64.rpm gstreamer1.0-cdparanoia-1.22.11-1.2.mga9.x86_64.rpm lib64gstreamer-plugins-base-gir1.0-1.22.11-1.2.mga9.x86_64.rpm gstreamer1.0-tools-1.22.11-1.1.mga9.x86_64.rpm from //home/katnatek/qa-testing/x86_64
Preparing...                     ##################################################################################################
     1/18: gstreamer1.0-tools    ##################################################################################################
     2/18: lib64gstreamer1.0_0   ##################################################################################################
     3/18: lib64gstreamer-plugins-base1.0_0
                                 ##################################################################################################
     4/18: lib64gstgl1.0_0       ##################################################################################################
     5/18: gstreamer1.0-plugins-base
                                 ##################################################################################################
     6/18: gstreamer1.0-soup     ##################################################################################################
     7/18: lib64gst-gir1.0       ##################################################################################################
     8/18: lib64gstreamer-plugins-base-gir1.0
                                 ##################################################################################################
     9/18: gstreamer1.0-plugins-good
                                 ##################################################################################################
    10/18: gstreamer1.0-wavpack  ##################################################################################################
    11/18: gstreamer1.0-speex    ##################################################################################################
    12/18: gstreamer1.0-flac     ##################################################################################################
    13/18: gstreamer1.0-pulse    ##################################################################################################
    14/18: gstreamer1.0-twolame  ##################################################################################################
    15/18: gstreamer1.0-dv       ##################################################################################################
    16/18: gstreamer1.0-lame     ##################################################################################################
    17/18: gstreamer1.0-cdparanoia
                                 ##################################################################################################
    18/18: gstreamer1.0-vp8      ##################################################################################################
     1/18: removing gstreamer1.0-plugins-good-1.22.11-1.mga9.x86_64
                                 ##################################################################################################
     2/18: removing lib64gstreamer-plugins-base-gir1.0-1.22.11-1.1.mga9.x86_64
                                 ##################################################################################################
     3/18: removing lib64gst-gir1.0-1.22.11-1.mga9.x86_64
                                 ##################################################################################################
     4/18: removing gstreamer1.0-dv-1.22.11-1.mga9.x86_64
                                 ##################################################################################################
     5/18: removing gstreamer1.0-flac-1.22.11-1.mga9.x86_64
                                 ##################################################################################################
     6/18: removing gstreamer1.0-soup-1.22.11-1.mga9.x86_64
                                 ##################################################################################################
     7/18: removing gstreamer1.0-lame-1.22.11-1.mga9.x86_64
                                 ##################################################################################################
     8/18: removing gstreamer1.0-pulse-1.22.11-1.mga9.x86_64
                                 ##################################################################################################
     9/18: removing gstreamer1.0-speex-1.22.11-1.mga9.x86_64
                                 ##################################################################################################
    10/18: removing gstreamer1.0-cdparanoia-1.22.11-1.1.mga9.x86_64
                                 ##################################################################################################
    11/18: removing gstreamer1.0-twolame-1.22.11-1.mga9.x86_64
                                 ##################################################################################################
    12/18: removing gstreamer1.0-vp8-1.22.11-1.mga9.x86_64
                                 ##################################################################################################
    13/18: removing gstreamer1.0-wavpack-1.22.11-1.mga9.x86_64
                                 ##################################################################################################
    14/18: removing gstreamer1.0-plugins-base-1.22.11-1.1.mga9.x86_64
                                 ##################################################################################################
    15/18: removing lib64gstgl1.0_0-1.22.11-1.1.mga9.x86_64
                                 ##################################################################################################
    16/18: removing lib64gstreamer-plugins-base1.0_0-1.22.11-1.1.mga9.x86_64
                                 ##################################################################################################
    17/18: removing lib64gstreamer1.0_0-1.22.11-1.mga9.x86_64
                                 ##################################################################################################
    18/18: removing gstreamer1.0-tools-1.22.11-1.mga9.x86_64
                                 ##################################################################################################

Play audio and video files with gst-play-1.0 without issues
Comment 12 katnatek 2025-02-05 21:43:28 CET 
RH i586

installing gstreamer1.0-lame-1.22.11-1.1.mga9.i586.rpm gstreamer1.0-speex-1.22.11-1.1.mga9.i586.rpm gstreamer1.0-plugins-good-1.22.11-1.1.mga9.i586.rpm gstreamer1.0-wavpack-1.22.11-1.1.mga9.i586.rpm gstreamer1.0-tools-1.22.11-1.1.mga9.i586.rpm gstreamer1.0-dv-1.22.11-1.1.mga9.i586.rpm libgstreamer1.0_0-1.22.11-1.1.mga9.i586.rpm gstreamer1.0-twolame-1.22.11-1.1.mga9.i586.rpm gstreamer1.0-vp8-1.22.11-1.1.mga9.i586.rpm libgstgl1.0_0-1.22.11-1.2.mga9.i586.rpm gstreamer1.0-cdparanoia-1.22.11-1.2.mga9.i586.rpm gstreamer1.0-flac-1.22.11-1.1.mga9.i586.rpm gstreamer1.0-plugins-base-1.22.11-1.2.mga9.i586.rpm gstreamer1.0-pulse-1.22.11-1.1.mga9.i586.rpm libgstreamer-plugins-base1.0_0-1.22.11-1.2.mga9.i586.rpm gstreamer1.0-soup-1.22.11-1.1.mga9.i586.rpm from //home/katnatek/qa-testing/i586
Preparing...                     #######################################################################################
     1/16: libgstreamer1.0_0     #######################################################################################
     2/16: gstreamer1.0-tools    #######################################################################################
     3/16: libgstreamer-plugins-base1.0_0
                                 #######################################################################################
     4/16: libgstgl1.0_0         #######################################################################################
     5/16: gstreamer1.0-plugins-base
                                 #######################################################################################
     6/16: gstreamer1.0-soup     #######################################################################################
     7/16: gstreamer1.0-plugins-good
                                 #######################################################################################
     8/16: gstreamer1.0-lame     #######################################################################################
     9/16: gstreamer1.0-speex    #######################################################################################
    10/16: gstreamer1.0-wavpack  #######################################################################################
    11/16: gstreamer1.0-dv       #######################################################################################
    12/16: gstreamer1.0-twolame  #######################################################################################
    13/16: gstreamer1.0-cdparanoia
                                 #######################################################################################
    14/16: gstreamer1.0-flac     #######################################################################################
    15/16: gstreamer1.0-pulse    #######################################################################################
    16/16: gstreamer1.0-vp8      #######################################################################################
     1/16: removing gstreamer1.0-plugins-good-1.22.11-1.mga9.i586
                                 #######################################################################################
     2/16: removing gstreamer1.0-flac-1.22.11-1.mga9.i586
                                 #######################################################################################
     3/16: removing gstreamer1.0-dv-1.22.11-1.mga9.i586
                                 #######################################################################################
     4/16: removing gstreamer1.0-soup-1.22.11-1.mga9.i586
                                 #######################################################################################
     5/16: removing gstreamer1.0-pulse-1.22.11-1.mga9.i586
                                 #######################################################################################
     6/16: removing gstreamer1.0-speex-1.22.11-1.mga9.i586
                                 #######################################################################################
     7/16: removing gstreamer1.0-lame-1.22.11-1.mga9.i586
                                 #######################################################################################
     8/16: removing gstreamer1.0-cdparanoia-1.22.11-1.1.mga9.i586
                                 #######################################################################################
     9/16: removing gstreamer1.0-vp8-1.22.11-1.mga9.i586
                                 #######################################################################################
    10/16: removing gstreamer1.0-twolame-1.22.11-1.mga9.i586
                                 #######################################################################################
    11/16: removing gstreamer1.0-wavpack-1.22.11-1.mga9.i586
                                 #######################################################################################
    12/16: removing gstreamer1.0-plugins-base-1.22.11-1.1.mga9.i586
                                 #######################################################################################
    13/16: removing libgstgl1.0_0-1.22.11-1.1.mga9.i586
                                 #######################################################################################
    14/16: removing libgstreamer-plugins-base1.0_0-1.22.11-1.1.mga9.i586
                                 #######################################################################################
    15/16: removing gstreamer1.0-tools-1.22.11-1.mga9.i586
                                 #######################################################################################
    16/16: removing libgstreamer1.0_0-1.22.11-1.mga9.i586
                                 #######################################################################################


Play audio and video files with gst-play-1.0 without issues
Comment 13 Thomas Andrews 2025-02-06 00:33:04 CET 
MGA9-64 Plasma guest in VirtualBox. This particular guest is "untainted," meaning the tainted repositories have never been activated.

No installation issues with the update. Afterward, I used parole to play videos using x264, x265, and Xvid codecs. One video had a subtitle track that I was able to enable and disable as desired.

Looks good here.
Comment 14 Thomas Andrews 2025-02-06 02:05:33 CET 
No reason I can see to hold this back any longer. Validating.

CC: (none) => sysadmin-bugs
Whiteboard: (none) => MGA9-32-OK MGA9-64-OK
Keywords: (none) => validated_update

Comment 15 Dan Fandrich 2025-02-06 19:04:44 CET 
I don't see any confirmation that the tainted plugins mentioned in comment #10 have been explicitly excluded from this security advisory.

CC: (none) => dan

Comment 16 David Walser 2025-02-06 20:24:15 CET 
(In reply to Dan Fandrich from comment #15)
> I don't see any confirmation that the tainted plugins mentioned in comment
> #10 have been explicitly excluded from this security advisory.

There's nothing to exclude.  As Nicolas stated, the packages in this advisory are only in core, not tainted.
Comment 17 Mageia Robot 2025-02-06 21:02:20 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2025-0040.html

Resolution: (none) => FIXED
Status: ASSIGNED => RESOLVED
Note You need to log in before you can comment on or make changes to this bug.