Release date:
2026-07-06 12:12:22 UTC
Description:
* SECURITY UPDATE: state confusion in the D-Bus introspection XML parser
- debian/patches/CVE-2026-58016.patch: reject a element nested
inside a non- parent in g_dbus_node_info_new_for_xml()
- CVE-2026-58016
* SECURITY UPDATE: one-byte heap under-read on an empty key-file value
- debian/patches/CVE-2026-58014.patch: skip the trailing-separator check
when the value length is 0 in g_key_file_get_locale_string_list()
- CVE-2026-58014
* SECURITY UPDATE: DBUS_COOKIE_SHA1 client-side path traversal
- debian/patches/CVE-2026-58015.patch: validate the server-supplied
cookie_context before building the keyring path
- CVE-2026-58015
Updated packages:
-
libglib2.0-0_2.56.4-0ubuntu0.18.04.9+tuxcare.els5_amd64.deb
sha:df31537adcdce62bf4ab61f3b1083b63c6027bf9
-
libglib2.0-bin_2.56.4-0ubuntu0.18.04.9+tuxcare.els5_amd64.deb
sha:896c4c2adc0ffbb3b1f974eca81a7c9892133163
-
libglib2.0-data_2.56.4-0ubuntu0.18.04.9+tuxcare.els5_all.deb
sha:3460ada378d6d657998b1a90190be28fcaa073e9
-
libglib2.0-dev_2.56.4-0ubuntu0.18.04.9+tuxcare.els5_amd64.deb
sha:ebb6953d7538df536ec2fb6c0b49ba3cc6e18858
-
libglib2.0-dev-bin_2.56.4-0ubuntu0.18.04.9+tuxcare.els5_amd64.deb
sha:49501645348aa6769c5dc8ea7fcf5e9134a9db1b
-
libglib2.0-doc_2.56.4-0ubuntu0.18.04.9+tuxcare.els5_all.deb
sha:239c228ec2e0d912159e4345d06322dfe1c11ad2
-
libglib2.0-tests_2.56.4-0ubuntu0.18.04.9+tuxcare.els5_amd64.deb
sha:f1a31f88380ea78e280ee11b39be28897c6d84db
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.