Debian has issued an advisory on March 23: https://lists.debian.org/debian-security-announce/2026/msg00085.html
Flags: (none) => affects_mga9+Whiteboard: (none) => MGA9TOOCVE: (none) => CVE-2026-25075Source RPM: (none) => strongswan-6.0.4-1.mga10.src.rpm, strongswan-5.9.14-1.1.mga9.src.rpm
Ubuntu has issued an advisory on March 23: https://ubuntu.com/security/notices/USN-8117-1
Suggested advisory: ======================== The updated packages fix a security vulnerability: strongSwan 4.5.0 < 6.0.5 EAP-TTLS AVP Parsing Integer Underflow. (CVE-2026-25075) References: https://lists.debian.org/debian-security-announce/2026/msg00085.html https://ubuntu.com/security/notices/USN-8117-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/WWO45DS2P5I7KBXXZSDAS4ECX6DR3NYJ/ ======================== Updated packages in core/updates_testing: ======================== lib(64àstrongswan0-5.9.14-1.2.mga9 strongswan-5.9.14-1.2.mga9 strongswan-charon-nm-5.9.14-1.2.mga9 strongswan-tnc-imcvs-5.9.14-1.2.mga9 from SRPM: strongswan-5.9.14-1.2.mga9.src.rpm
Flags: affects_mga9+ => (none)Whiteboard: MGA9TOO => (none)Version: Cauldron => 9Assignee: bugsquad => qa-bugsSource RPM: strongswan-6.0.4-1.mga10.src.rpm, strongswan-5.9.14-1.1.mga9.src.rpm => strongswan-5.9.14-1.1.mga9.src.rpmStatus: NEW => ASSIGNED
MGA9-64 Plasma, using Network Manager. No installation issues. I repeated the test, such as it is, from bug34705 comment 4, with the same results. As before, that's as far as I can go with it. Giving it an OK, and validating.
Keywords: (none) => validated_updateFlags: (none) => test_passed_mga9_64+CC: (none) => andrewsfarm, sysadmin-bugsWhiteboard: (none) => MGA9-64-OK
Keywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2026-0072.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED