Those CVEs were announced here: https://www.openwall.com/lists/oss-security/2025/02/25/1
Status comment: (none) => Fixed upstream in 21.1.16 and 24.1.6 and patches available from upstreamAssignee: bugsquad => nicolas.salgueroCVE: (none) => CVE-2025-26594, CVE-2025-26595, CVE-2025-26596, CVE-2025-26597, CVE-2025-26598, CVE-2025-26599, CVE-2025-26600, CVE-2025-26601Whiteboard: (none) => MGA9TOOSource RPM: (none) => x11-server-21.1.8-7.6.mga9.src.rpm, x11-server-xwayland-22.1.9-1.6.mga9.src.rpm, tigervnc-1.13.1-2.6.mga9.src.rpm
Suggested advisory: ======================== The updated packages fix security vulnerabilities: Use-after-free of the root cursor. (CVE-2025-26594) Buffer overflow in XkbVModMaskText(). (CVE-2025-26595) Heap overflow in XkbWriteKeySyms(). (CVE-2025-26596) Buffer overflow in XkbChangeTypesOfKey(). (CVE-2025-26597) Out-of-bounds write in CreatePointerBarrierClient(). (CVE-2025-26598) Use of uninitialized pointer in compRedirectWindow(). (CVE-2025-26599) Use-after-free in PlayReleasedEvents(). (CVE-2025-26600) Use-after-free in SyncInitTrigger(). (CVE-2025-26601) References: https://www.openwall.com/lists/oss-security/2025/02/25/1 ======================== Updated packages in core/updates_testing: ======================== x11-server-21.1.8-7.7.mga9 x11-server-common-21.1.8-7.7.mga9 x11-server-devel-21.1.8-7.7.mga9 x11-server-source-21.1.8-7.7.mga9 x11-server-xephyr-21.1.8-7.7.mga9 x11-server-xnest-21.1.8-7.7.mga9 x11-server-xorg-21.1.8-7.7.mga9 x11-server-xvfb-21.1.8-7.7.mga9 x11-server-xwayland-22.1.9-1.7.mga9 x11-server-xwayland-devel-22.1.9-1.7.mga9 tigervnc-1.13.1-2.7.mga9 tigervnc-java-1.13.1-2.7.mga9 tigervnc-server-1.13.1-2.7.mga9 tigervnc-server-module-1.13.1-2.7.mga9 from SRPMS: x11-server-21.1.8-7.7.mga9.src.rpm x11-server-xwayland-22.1.9-1.7.mga9.src.rpm tigervnc-1.13.1-2.7.mga9.src.rpm
Status: NEW => ASSIGNEDVersion: Cauldron => 9Assignee: nicolas.salguero => qa-bugsStatus comment: Fixed upstream in 21.1.16 and 24.1.6 and patches available from upstream => (none)Whiteboard: MGA9TOO => (none)
MGA9-64 Plasma on Compaq H000SB. Installed whole bunch on one go without problems. After installation, logged out and logged in again with Plasma X11. Looks good at first sight.
CC: (none) => herman.viaene
Logged out and in again now with Plasma Wayland. Looks equally good. # systemctl start vncserver # systemctl -l status vncserver ● vncserver.service - LSB: Start TigerVNC server at boot time Loaded: loaded (/etc/rc.d/init.d/vncserver; generated) Active: active (exited) since Wed 2025-02-26 16:04:15 CET; 16s ago Docs: man:systemd-sysv-generator(8) Process: 139219 ExecStart=/etc/rc.d/init.d/vncserver start (code=exited, status=0/SUCCESS) CPU: 97ms Feb 26 16:04:15 mach3.hviaene.thuis systemd[1]: Starting vncserver.service... Feb 26 16:04:15 mach3.hviaene.thuis vncserver[139219]: Starting vncserver: [ OK ] Feb 26 16:04:15 mach3.hviaene.thuis systemd[1]: Started vncserver.service. [root@mach3 ~]# vncpasswd Password: Verify: Would you like to enter a view-only password (y/n)? n A view-only password is not used Opened ports 5800:5802/tcp and 5900:5902/tcp As in the past, I cann't make any sense of this tigervnc. Trying to connect locally or from desktop, I always get error 111 Connection refused. Giving up on that.
Installed and tested without issues. Tested: - local session, using sddm session manager; - VirtIO plus SPICE; - OpenGL, Vulkan; - QEMU/KVM guests integration: clipboard sharing, screen resizing to match viewer window. Host System: Mageia 9, x86_64, Plasma DE, AMD Ryzen 5 5600G with Radeon Graphics using amdpro driver. Guest System: Mageia 9, x86_64, Plasma DE, QEMU/KVM guest, AMD Ryzen 5 5600G with Radeon Graphics, virtio plus SPICE. $ uname -a Linux jupiter-vm-mageia-9 6.6.79-desktop-1.mga9 #1 SMP PREEMPT_DYNAMIC Fri Feb 21 17:45:39 UTC 2025 x86_64 GNU/Linux $ rpm -qa | grep -P x11-server | sort x11-server-common-21.1.8-7.7.mga9 x11-server-xorg-21.1.8-7.7.mga9 x11-server-xwayland-22.1.9-1.7.mga9
CC: (none) => mageia
Continuation of comment 4. $ inxi -SMCGN System: Host: jupiter-vm-mageia-9 Kernel: 6.6.79-desktop-1.mga9 arch: x86_64 bits: 64 Desktop: KDE Plasma v: 5.27.10 Distro: Mageia 9 Machine: Type: Kvm System: QEMU product: Standard PC (Q35 + ICH9, 2009) v: pc-q35-5.2 serial: <superuser required> Mobo: N/A model: N/A serial: N/A UEFI: EDK II v: edk2-20221117gitfff6d81270b5-7.mga9 date: 11/17/2022 CPU: Info: 12x 1-core model: AMD Ryzen 5 5600G with Radeon Graphics bits: 64 type: SMP cache: L2: 12x 512 KiB (6 MiB) Speed (MHz): avg: 3893 min/max: N/A cores: 1: 3893 2: 3893 3: 3893 4: 3893 5: 3893 6: 3893 7: 3893 8: 3893 9: 3893 10: 3893 11: 3893 12: 3893 Graphics: Device-1: Red Hat Virtio 1.0 GPU driver: virtio-pci v: 1 Display: x11 server: X.org v: 1.21.1.8 with: Xwayland v: 22.1.9 driver: X: loaded: modesetting,v4l gpu: virtio-pci resolution: 1920x932~75Hz API: EGL v: 1.5 drivers: kms_swrast,swrast platforms: gbm,x11,surfaceless,device API: OpenGL v: 4.5 vendor: mesa v: 24.2.8 renderer: llvmpipe (LLVM 15.0.6 256 bits) API: Vulkan v: 1.3.231 drivers: llvmpipe surfaces: xcb,xlib Network: Device-1: Red Hat Virtio 1.0 network driver: virtio-pci
RH x86_64 installing x11-server-common-21.1.8-7.7.mga9.x86_64.rpm x11-server-xwayland-22.1.9-1.7.mga9.x86_64.rpm x11-server-xorg-21.1.8-7.7.mga9.x86_64.rpm from //home/katnatek/qa-testing/x86_64 Preparing... ################################################################################################## 1/3: x11-server-common ################################################################################################## 2/3: x11-server-xwayland ################################################################################################## 3/3: x11-server-xorg ################################################################################################## 1/3: removing x11-server-xorg-21.1.8-7.6.mga9.x86_64 ################################################################################################## 2/3: removing x11-server-xwayland-22.1.9-1.6.mga9.x86_64 ################################################################################################## 3/3: removing x11-server-common-21.1.8-7.6.mga9.x86_64 ################################################################################################## Reboot Start lxqt Use the desktop some time Looks good
RH x96_64 Plasma Wayland Use the desktop some time Looks good
Installed and tested without issues. Tested: - local session, using sddm session manager; - PCI pass through to QEMU/KVM virtual machines; - LXQt DE; - OpenGL, Vulkan; - Steam and games; All OK. System: Mageia 9, x86_64, LXQt DE, QEMU/KVM guest, AMD Ryzen 5 5600G with Radeon Graphics, PCI pass through of AMD RX 6500 XT using amdgpu driver. $ uname -a Linux jupiter-vm-mageia-9-jogos 6.6.79-desktop-1.mga9 #1 SMP PREEMPT_DYNAMIC Fri Feb 21 17:45:39 UTC 2025 x86_64 GNU/Linux $ rpm -qa | grep x11-server | sort x11-server-common-21.1.8-7.7.mga9 x11-server-xorg-21.1.8-7.7.mga9 x11-server-xwayland-22.1.9-1.7.mga9 $ inxi -SMCGN System: Host: jupiter-vm-mageia-9-jogos Kernel: 6.6.79-desktop-1.mga9 arch: x86_64 bits: 64 Desktop: LXQt v: 1.4.0 Distro: Mageia 9 Machine: Type: Kvm System: QEMU product: Standard PC (Q35 + ICH9, 2009) v: pc-q35-5.2 serial: <superuser required> Mobo: N/A model: N/A serial: N/A UEFI: EDK II v: edk2-20221117gitfff6d81270b5-7.mga9 date: 11/17/2022 CPU: Info: 12x 1-core model: AMD Ryzen 5 5600G with Radeon Graphics bits: 64 type: SMP cache: L2: 12x 512 KiB (6 MiB) Speed (MHz): avg: 3893 min/max: N/A cores: 1: 3893 2: 3893 3: 3893 4: 3893 5: 3893 6: 3893 7: 3893 8: 3893 9: 3893 10: 3893 11: 3893 12: 3893 Graphics: Device-1: Advanced Micro Devices [AMD/ATI] Navi 24 [Radeon RX 6400/6500 XT/6500M] driver: amdgpu v: kernel Display: x11 server: X.org v: 1.21.1.8 with: Xwayland v: 22.1.9 driver: X: loaded: amdgpu,v4l dri: radeonsi gpu: amdgpu resolution: 1920x1080~60Hz API: OpenGL v: 4.6 vendor: amd mesa v: 24.2.8 renderer: AMD Radeon RX 6500 XT (radeonsi navi24 LLVM 15.0.6 DRM 3.54 6.6.79-desktop-1.mga9) API: Vulkan v: 1.3.231 drivers: radv,llvmpipe surfaces: xcb,xlib API: EGL Message: EGL data requires eglinfo. Check --recommends. Network: Device-1: Red Hat Virtio 1.0 network driver: virtio-pci
RH i586 Test togheter libcap bug installing x11-server-common-21.1.8-7.7.mga9.i586.rpm libcap-devel-2.52-5.1.mga9.i586.rpm libcap-utils-2.52-5.1.mga9.i586.rpm x11-server-xorg-21.1.8-7.7.mga9.i586.rpm x11-server-xwayland-22.1.9-1.7.mga9.i586.rpm libcap2-2.52-5.1.mga9.i586.rpm from //home/katnatek/qa-testing/i586 Preparing... ####################################################################################### 1/6: libcap2 ####################################################################################### 2/6: x11-server-common ####################################################################################### 3/6: libcap-utils ####################################################################################### 4/6: libcap-devel ####################################################################################### 5/6: x11-server-xorg ####################################################################################### 6/6: x11-server-xwayland ####################################################################################### 1/6: removing libcap-devel-2.52-5.mga9.i586 ####################################################################################### 2/6: removing libcap-utils-2.52-5.mga9.i586 ####################################################################################### 3/6: removing x11-server-xwayland-22.1.9-1.6.mga9.i586 ####################################################################################### 4/6: removing x11-server-xorg-21.1.8-7.6.mga9.i586 ####################################################################################### 5/6: removing x11-server-common-21.1.8-7.6.mga9.i586 ####################################################################################### 6/6: removing libcap2-2.52-5.mga9.i586 ####################################################################################### Reboot Start lxqt without issues
Installed and tested without issues. Tested: - local session, using sddm session manager; - vncserver for VNC remote session; - VNC remote session through ssh tunnel; - Plasma DE and LXQt DE in both local and VNC remote sessions; - vncserver started with systemd socket activation; - VNC clients: KRDC, vncviewer, VncViewer.jar; - reconnecting to VNC remote session; - terminating VNC remote session. - video decoding with VAAPI; - Intel iGPU; - OpenGL using glmark2; - Vulkan using vkcube; All OK. System: Mageia 9, x86_64, Plasma DE, LXQt DE, VNC server, Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz, Intel iGPU Xeon E3-1200 using i915 driver. $ uname -a Linux marte 6.6.79-server-1.mga9 #1 SMP PREEMPT_DYNAMIC Wed Feb 12 23:07:28 UTC 2025 x86_64 GNU/Linux $ rpm -qa | grep -P 'x11-server|tigervnc' | sort tigervnc-server-1.13.1-2.7.mga9 x11-server-common-21.1.8-7.7.mga9 x11-server-xorg-21.1.8-7.7.mga9 x11-server-xwayland-22.1.9-1.7.mga9 $ inxi -SMCGN System: Host: marte Kernel: 6.6.79-server-1.mga9 arch: x86_64 bits: 64 Desktop: KDE Plasma v: 5.27.10 Distro: Mageia 9 Machine: Type: Desktop System: Hewlett-Packard product: HP EliteDesk 800 G1 SFF v: N/A serial: <superuser required> Mobo: Hewlett-Packard model: 1998 serial: <superuser required> UEFI: Hewlett-Packard v: L01 v02.65 date: 07/13/2015 CPU: Info: quad core model: Intel Core i5-4590 bits: 64 type: MCP cache: L2: 1024 KiB Speed (MHz): avg: 1035 min/max: 800/3700 cores: 1: 1035 2: 1035 3: 1035 4: 1035 Graphics: Device-1: Intel Xeon E3-1200 v3/4th Gen Core Processor Integrated Graphics driver: i915 v: kernel Display: x11 server: X.org v: 1.21.1.8 with: Xwayland v: 22.1.9 driver: X: loaded: intel,v4l dri: i965 gpu: i915 resolution: 1280x1024~60Hz API: EGL v: 1.5 drivers: crocus,swrast platforms: gbm,x11,surfaceless,device API: OpenGL v: 4.6 vendor: intel mesa v: 24.2.8 renderer: Mesa Intel HD Graphics 4600 (HSW GT2) API: Vulkan v: 1.3.231 drivers: intel,llvmpipe surfaces: xcb,xlib Network: Device-1: Intel Ethernet I217-LM driver: e1000e
mga9-64 OK here on my workstation Plasma X11, Firefox with video, various apps In VirtualBox a MSW7 guest suspend-resume [morgan@svarten ~]$ inxi -SMCG System: Host: svarten.tribun Kernel: 6.6.79-desktop-1.mga9 arch: x86_64 bits: 64 Desktop: KDE Plasma v: 5.27.10 Distro: Mageia 9 Machine: Type: Desktop Mobo: ASRock model: P55 Pro serial: <superuser required> BIOS: American Megatrends v: P2.60 date: 08/20/2010 CPU: Info: quad core model: Intel Core i7 870 bits: 64 type: MT MCP cache: L2: 1024 KiB Speed (MHz): avg: 3213 min/max: 1200/2934 cores: 1: 3213 2: 3213 3: 3213 4: 3213 5: 3213 6: 3213 7: 3213 8: 3213 Graphics: Device-1: Advanced Micro Devices [AMD/ATI] Navi 24 [Radeon RX 6400/6500 XT/6500M] driver: amdgpu v: kernel Display: x11 server: X.org v: 1.21.1.8 with: Xwayland v: 22.1.9 driver: X: loaded: amdgpu,v4l dri: radeonsi gpu: amdgpu resolution: 3840x2160~60Hz API: EGL v: 1.5 drivers: kms_swrast,radeonsi,swrast platforms: gbm,x11,surfaceless,device API: OpenGL v: 4.6 vendor: amd mesa v: 24.3.4 renderer: AMD Radeon RX 6400 (radeonsi navi24 LLVM 15.0.6 DRM 3.54 6.6.79-desktop-1.mga9)
CC: (none) => fri
Another x86_64 OK. I forgot to say in previous comment i only test X11 on Plasma X11, and not tigervnc at all. Also it use mesa from testing. Only updated 3 packages in this bug, to: x11-server-common-21.1.8-7.7.mga9 x11-server-xwayland-22.1.9-1.7.mga9 x11-server-xorg-21.1.8-7.7.mga9 --- Same packages (incl mesa) and tests now on Acer Aspire 7: Plasma X11, normal desktop apps, suspend-resume. No surprises in journal. Only using Intel GPU, nvidia not configured. [kajsa@aspire ~]$ inxi -SMCG System: Host: aspire Kernel: 6.6.79-desktop-1.mga9 arch: x86_64 bits: 64 Desktop: KDE Plasma v: 5.27.10 Distro: Mageia 9 Machine: Type: Laptop System: Acer product: Aspire A717-71G v: V1.13 serial: <superuser required> Mobo: KBL model: Charizard_KLS v: V1.13 serial: <superuser required> UEFI: Insyde v: 1.13 date: 12/26/2017 CPU: Info: quad core model: Intel Core i5-7300HQ bits: 64 type: MCP cache: L2: 1024 KiB Speed (MHz): avg: 800 min/max: 800/3500 cores: 1: 800 2: 800 3: 800 4: 800 Graphics: Device-1: Intel HD Graphics 630 driver: i915 v: kernel Device-2: NVIDIA GP107M [GeForce GTX 1050 Mobile] driver: nouveau v: kernel Device-3: Chicony Integrated HD WebCam driver: uvcvideo type: USB Display: x11 server: X.org v: 1.21.1.8 with: Xwayland v: 22.1.9 driver: X: loaded: intel,v4l dri: i965 gpu: i915 resolution: 1920x1080~60Hz API: EGL v: 1.5 drivers: iris,nouveau,swrast platforms: gbm,x11,surfaceless,device API: OpenGL v: 4.6 vendor: intel mesa v: 24.3.4 renderer: Mesa Intel HD Graphics 630 (KBL GT2) API: Vulkan v: 1.3.231 drivers: intel,llvmpipe surfaces: xcb,xlib
Keywords: (none) => advisory
MGA9-32 on Foolishness, my Dell Inspiron 5100, P4, Radeon RV200 graphics, Xfce system. No installation issues, and no ill effects noted after a few minutes of use. Enough tests. Validating the update.
Keywords: (none) => validated_updateWhiteboard: (none) => MGA9-64-OK MGA9-32-OKCC: (none) => andrewsfarm, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2025-0086.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED