Updated minetest packages fix security vulnerabilities
Publication date: 10 Jun 2026Modification date: 09 Jun 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-40959 , CVE-2026-40960
Description
Mod security sandbox escape. (CVE-2026-40959)
HTTP API and insecure environment access control bypass.
(CVE-2026-40960)
References
- https://bugs.mageia.org/show_bug.cgi?id=35422
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2K6QTVDXSL7E72EYONNHDCY7I7LTD27B/
- https://lists.debian.org/debian-security-announce/2026/msg00127.html
- https://github.com/luanti-org/luanti/security/advisories/GHSA-g596-mf82-w8c3
- https://github.com/luanti-org/luanti/security/advisories/GHSA-22c4-238c-m5j4
- https://www.cve.org/CVERecord?id=CVE-2026-40959
- https://www.cve.org/CVERecord?id=CVE-2026-40960
SRPMS
9/core
- minetest-5.7.0-1.1.mga9