[CLSA-2026:1783345900] glib2: Fix of 3 CVEs
Type:
security
Severity:
Critical
Release date:
2026-07-06 13:51:59 UTC
Description:
- CVE-2026-58014: fix one-byte heap under-read in g_key_file_get_locale_string_list() on an empty value - CVE-2026-58015: validate the server-supplied cookie_context in the DBUS_COOKIE_SHA1 client to prevent path traversal / arbitrary file read - CVE-2026-58016: fix state-confusion in g_dbus_node_info_new_for_xml() by rejecting a element nested inside a non- parent
Updated packages:
  • glib2-2.68.4-16.el9_6.3.tuxcare.els4.i686.rpm
    sha:9b541beccd98142442898925fce839767cf1d31b256933a81f342e4bebf31036
  • glib2-2.68.4-16.el9_6.3.tuxcare.els4.x86_64.rpm
    sha:a7acc6cb64b16c2b5b931661aa922a33b8dbadee1510d9c7fabef71757787904
  • glib2-devel-2.68.4-16.el9_6.3.tuxcare.els4.i686.rpm
    sha:916531746dfce94fa4064389f3963258b41c8adf999991683a527933f051cd6f
  • glib2-devel-2.68.4-16.el9_6.3.tuxcare.els4.x86_64.rpm
    sha:460633052cb498c018a73d4c29af573ba9d9571761866ecd4a174150e61bd560
  • glib2-doc-2.68.4-16.el9_6.3.tuxcare.els4.noarch.rpm
    sha:6a50d049fb90589d32ad4e442ebd5299df3c8aed55bec7c32ce819f28312bcc6
  • glib2-static-2.68.4-16.el9_6.3.tuxcare.els4.i686.rpm
    sha:f5c6e71494b74aefa2dbfb2092ae832a09c0b43536253b32739e925e52a489e4
  • glib2-static-2.68.4-16.el9_6.3.tuxcare.els4.x86_64.rpm
    sha:ac9c138b4a4843bcfe78c8e7c6c78f1abe39b7610278aa383416c43d2f38bf91
  • glib2-tests-2.68.4-16.el9_6.3.tuxcare.els4.x86_64.rpm
    sha:beeb03f67a086f92b845ebad6598bb56c9a624df9f4bb87f32b7ab4e535cbdbb
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.