[CLSA-2026:1783339702] Fix CVE(s): CVE-2026-58014, CVE-2026-58015, CVE-2026-58016
Type:
security
Severity:
Critical
Release date:
2026-07-06 12:08:43 UTC
Description:
* SECURITY UPDATE: Multiple vulnerabilities in glib2 - debian/patches/CVE-2026-58014.patch: Fix one-byte heap under-read in g_key_file_get_locale_string_list() when value is empty. - debian/patches/CVE-2026-58015.patch: Validate cookie_context in GDBusAuthMechanismSha1 to prevent path traversal via DBUS_COOKIE_SHA1. - debian/patches/CVE-2026-58016.patch: Fix XML parser state confusion in gdbusintrospection when checking element nesting. - CVE-2026-58014 - CVE-2026-58015 - CVE-2026-58016
Updated packages:
  • libglib2.0-0_2.64.6-1~ubuntu20.04.9+tuxcare.els3_amd64.deb
    sha:d78ff1f62b48867c6330d341ce9281b5c650ba53
  • libglib2.0-bin_2.64.6-1~ubuntu20.04.9+tuxcare.els3_amd64.deb
    sha:7e7652ef804c19782f350824dbda2762f30c6a7a
  • libglib2.0-data_2.64.6-1~ubuntu20.04.9+tuxcare.els3_all.deb
    sha:e8f68ee71793176a9a1a57f679cecdf2db03647a
  • libglib2.0-dev_2.64.6-1~ubuntu20.04.9+tuxcare.els3_amd64.deb
    sha:5af51bac7842701e51026888cc06fd2e08837810
  • libglib2.0-dev-bin_2.64.6-1~ubuntu20.04.9+tuxcare.els3_amd64.deb
    sha:5394a229435d06f24ba4e638cc6c0e4e0c2b2ec8
  • libglib2.0-doc_2.64.6-1~ubuntu20.04.9+tuxcare.els3_all.deb
    sha:1d3b2782766cf864546af259c5926cf7c3826673
  • libglib2.0-tests_2.64.6-1~ubuntu20.04.9+tuxcare.els3_amd64.deb
    sha:d57277be0f8c6579905ccfa60d529112c4a66bf8
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.