SUSE-SU-2021:0890-1 -- SLES glib2, libgio-2_0-0, libglib-2_0-0, libgmodule-2_0-0, libgobject-2_0-0, libgthread-2_0-0ID: oval:org.secpod.oval:def:89044073 | Date: (C)2021-03-25 (M)2024-05-22 |
Class: PATCH | Family: unix |
This update for glib2 fixes the following issues: - CVE-2021-27218: g_byte_array_new_take takes a gsize as length but stores in a guint, this patch will refuse if the length is larger than guint. - CVE-2021-27219: g_memdup takes a guint as parameter and sometimes leads into an integer overflow, so add a g_memdup2 function which uses gsize to replace it
Platform: |
SUSE Linux Enterprise Server 15 |
SUSE Linux Enterprise Server 15 SP1 |
Product: |
glib2 |
libgio-2_0-0 |
libglib-2_0-0 |
libgmodule-2_0-0 |
libgobject-2_0-0 |
libgthread-2_0-0 |