[CLSA-2026:1783079573] glib2: Fix of 3 CVEs
Type:
security
Severity:
Critical
Release date:
2026-07-03 11:53:12 UTC
Description:
- CVE-2026-58014: fix one-byte heap under-read in g_key_file_get_locale_string_list() on an empty value - CVE-2026-58015: validate the server-supplied cookie_context in the DBUS_COOKIE_SHA1 client to prevent path traversal / arbitrary file read - CVE-2026-58016: fix state-confusion in g_dbus_node_info_new_for_xml() by rejecting a element nested inside a non- parent
Updated packages:
  • glib2-2.56.4-156.el8.tuxcare.els8.i686.rpm
    sha:4ae587eb8f1c91e88c0a2490927bf11151e55f608045055cf8a4170ef027a6a2
  • glib2-2.56.4-156.el8.tuxcare.els8.x86_64.rpm
    sha:d12a01bc5c8b8d1db1095e58e8533175db242602c4a867036a79f352cdd048d8
  • glib2-devel-2.56.4-156.el8.tuxcare.els8.i686.rpm
    sha:9e5e60a7583e08cfec5f4e7b09d5d57d7cb5c25ad56b802a18e34babbae9160f
  • glib2-devel-2.56.4-156.el8.tuxcare.els8.x86_64.rpm
    sha:9c6de70a8f64a07c72a6f8b54195f7111195e0b4d575140661e075ca75a9cb45
  • glib2-doc-2.56.4-156.el8.tuxcare.els8.noarch.rpm
    sha:3c7e6f5119b0a5fe36e2031e2aa4bf6f01ba67c3fd750d419efad71508e9ecb8
  • glib2-fam-2.56.4-156.el8.tuxcare.els8.x86_64.rpm
    sha:66b09df725e24b2f90280779135241bffc6cd7eb9829f9bfe089fa5183ba8e72
  • glib2-static-2.56.4-156.el8.tuxcare.els8.i686.rpm
    sha:197cd7ecc3d42b5fa7985f0bb48a7c1b37f221b8b839e420541b3ee7a0bcc81a
  • glib2-static-2.56.4-156.el8.tuxcare.els8.x86_64.rpm
    sha:8e3282f1cc74bef3a1907b7eceb8d6d4b567197c81ad38c464c20222bf9252d5
  • glib2-tests-2.56.4-156.el8.tuxcare.els8.x86_64.rpm
    sha:3ee86bc3ab67273b07942875d45c5dd792b3695d36b1e55193d5f0d00084d761
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.