[CLSA-2026:1783589822] Fix CVE(s): CVE-2026-58010, CVE-2026-58011, CVE-2026-58012, CVE-2026-58013
Type:
security
Severity:
Important
Release date:
2026-07-09 09:37:23 UTC
Description:
* SECURITY UPDATE: off-by-one out-of-bounds read in GVariant normal-form checking - debian/patches/CVE-2026-58010.patch: fix an off-by-one offset comparison in gvs_tuple_is_normal() - CVE-2026-58010 * SECURITY UPDATE: out-of-range GDateTime creation leading to out-of-bounds reads in getter functions - debian/patches/CVE-2026-58011.patch: add missing range validation to g_date_time_add_full() - CVE-2026-58011 * SECURITY UPDATE: buffer over-read in g_regex_replace() case-change substitutions under G_REGEX_RAW - debian/patches/CVE-2026-58012.patch: operate on bytes instead of UTF-8 characters when changing case of raw-mode matches - CVE-2026-58012 * SECURITY UPDATE: memcmp() buffer over-read in g_io_channel_read_line() with multi-byte line terminators - debian/patches/CVE-2026-58013.patch: check the remaining buffer length against the line terminator length before memcmp() - CVE-2026-58013
Updated packages:
  • libglib2.0-0_2.48.2-0ubuntu4.8+tuxcare.els7_amd64.deb
    sha:d9f4783e2a549e96357096c31e0af01b1dded027
  • libglib2.0-0-refdbg_2.48.2-0ubuntu4.8+tuxcare.els7_amd64.deb
    sha:1d3c97271d9b90e5089882df08a174d15da4465a
  • libglib2.0-bin_2.48.2-0ubuntu4.8+tuxcare.els7_amd64.deb
    sha:4466a68fecc4d85f0f320ec61a54f3a090ab59cc
  • libglib2.0-data_2.48.2-0ubuntu4.8+tuxcare.els7_all.deb
    sha:2e0dee8626a41342b6be8b367430422eb0d07d08
  • libglib2.0-dev_2.48.2-0ubuntu4.8+tuxcare.els7_amd64.deb
    sha:da64ea07397fc65eac9dfaab43daf1669e82dcd4
  • libglib2.0-doc_2.48.2-0ubuntu4.8+tuxcare.els7_all.deb
    sha:4f7eed4cae2c771ed35c632f0c1ad64764fe6259
  • libglib2.0-tests_2.48.2-0ubuntu4.8+tuxcare.els7_amd64.deb
    sha:58010fb0d8104c9c854eccc106fc292e39d0f5aa
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.