Updated packages fix security vulnerabilities
Publication date: 13 Jun 2026Modification date: 13 Jun 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-49261 , CVE-2026-48165 , CVE-2026-48163
Description
CVE-2026-49261 MariaDB server has unsafe parameter handling in
`wsrep_notify_cmd`
CVE-2026-48165 MariaDB: unsafe usage of `wsrep_sst_receive_address`
values on the joiner side
CVE-2026-48163 MariaDB: wsrep SST unsafe parameter handling on the donor
side (rsync)
References
SRPMS
9/core
- mariadb-11.4.12-1.1.mga9