Release date:
2026-07-06 12:18:22 UTC
Description:
* SECURITY UPDATE: state confusion in the D-Bus introspection XML parser
- debian/patches/CVE-2026-58016.patch: reject a element nested
inside a non- parent in g_dbus_node_info_new_for_xml()
- CVE-2026-58016
* SECURITY UPDATE: one-byte heap under-read on an empty key-file value
- debian/patches/CVE-2026-58014.patch: skip the trailing-separator check
when the value length is 0 in g_key_file_get_locale_string_list()
- CVE-2026-58014
* SECURITY UPDATE: DBUS_COOKIE_SHA1 client-side path traversal
- debian/patches/CVE-2026-58015.patch: validate the server-supplied
cookie_context before building the keyring path
- CVE-2026-58015
Updated packages:
-
libglib2.0-0_2.48.2-0ubuntu4.8+tuxcare.els6_amd64.deb
sha:1281173168711e291bb0cde476831ff75954479f
-
libglib2.0-0-refdbg_2.48.2-0ubuntu4.8+tuxcare.els6_amd64.deb
sha:126a691cf7a71c9392c932efceb66aab7d0f446a
-
libglib2.0-bin_2.48.2-0ubuntu4.8+tuxcare.els6_amd64.deb
sha:37d44f234c418d578fc0567eae8c6835f36f7c2d
-
libglib2.0-data_2.48.2-0ubuntu4.8+tuxcare.els6_all.deb
sha:80499f001d5cb4d2a65844d5fa094f2ef3c13df2
-
libglib2.0-dev_2.48.2-0ubuntu4.8+tuxcare.els6_amd64.deb
sha:6f569a3049c19074da3cc06f918ae92acdb9b1aa
-
libglib2.0-doc_2.48.2-0ubuntu4.8+tuxcare.els6_all.deb
sha:cba41938e346920b1ad650b1a1bfa5f6481a1788
-
libglib2.0-tests_2.48.2-0ubuntu4.8+tuxcare.els6_amd64.deb
sha:d8d476fb99eacc1f182d38d648cd7d51880b7260
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.