Release date:
2026-07-09 09:37:23 UTC
Description:
* SECURITY UPDATE: off-by-one out-of-bounds read in GVariant
normal-form checking
- debian/patches/CVE-2026-58010.patch: fix an off-by-one offset
comparison in gvs_tuple_is_normal()
- CVE-2026-58010
* SECURITY UPDATE: out-of-range GDateTime creation leading to
out-of-bounds reads in getter functions
- debian/patches/CVE-2026-58011.patch: add missing range validation
to g_date_time_add_full()
- CVE-2026-58011
* SECURITY UPDATE: buffer over-read in g_regex_replace() case-change
substitutions under G_REGEX_RAW
- debian/patches/CVE-2026-58012.patch: operate on bytes instead of
UTF-8 characters when changing case of raw-mode matches
- CVE-2026-58012
* SECURITY UPDATE: memcmp() buffer over-read in g_io_channel_read_line()
with multi-byte line terminators
- debian/patches/CVE-2026-58013.patch: check the remaining buffer
length against the line terminator length before memcmp()
- CVE-2026-58013
Updated packages:
-
libglib2.0-0_2.48.2-0ubuntu4.8+tuxcare.els7_amd64.deb
sha:d9f4783e2a549e96357096c31e0af01b1dded027
-
libglib2.0-0-refdbg_2.48.2-0ubuntu4.8+tuxcare.els7_amd64.deb
sha:1d3c97271d9b90e5089882df08a174d15da4465a
-
libglib2.0-bin_2.48.2-0ubuntu4.8+tuxcare.els7_amd64.deb
sha:4466a68fecc4d85f0f320ec61a54f3a090ab59cc
-
libglib2.0-data_2.48.2-0ubuntu4.8+tuxcare.els7_all.deb
sha:2e0dee8626a41342b6be8b367430422eb0d07d08
-
libglib2.0-dev_2.48.2-0ubuntu4.8+tuxcare.els7_amd64.deb
sha:da64ea07397fc65eac9dfaab43daf1669e82dcd4
-
libglib2.0-doc_2.48.2-0ubuntu4.8+tuxcare.els7_all.deb
sha:4f7eed4cae2c771ed35c632f0c1ad64764fe6259
-
libglib2.0-tests_2.48.2-0ubuntu4.8+tuxcare.els7_amd64.deb
sha:58010fb0d8104c9c854eccc106fc292e39d0f5aa
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.