[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*
OVAL

SUSE-SU-2023:3535-1 -- SLES glib2, libgthread-2_0-0, libglib-2_0-0, libgio-2_0-0, libgmodule-2_0-0, libgobject-2_0-0

ID: oval:org.secpod.oval:def:89049360Date: (C)2023-11-17   (M)2024-04-29
Class: PATCHFamily: unix




This update for glib2 fixes the following issues: * CVE-2021-28153: Fixed an issue where symlink targets would be incorrectly created as empty files. * CVE-2023-32665: Fixed GVariant deserialisation which does not match spec for non-normal data. * CVE-2023-32643: Fixed a heap-buffer-overflow in g_variant_serialised_get_child. * CVE-2023-29499: Fixed GVariant offset table entry size which is not checked in is_normal. * CVE-2023-32636: Fixed a wrong timeout in fuzz_variant_text. * CVE-2023-32611: Fixed an issue where g_variant_byteswap can take a long time with some non-normal inputs

Platform:
SUSE Linux Enterprise Server 15 SP1
Product:
glib2
libgthread-2_0-0
libglib-2_0-0
libgio-2_0-0
libgmodule-2_0-0
libgobject-2_0-0
Reference:
SUSE-SU-2023:3535-1
CVE-2021-28153
CVE-2023-29499
CVE-2023-32611
CVE-2023-32636
CVE-2023-32643
CVE-2023-32665
CVE    6
CVE-2023-32643
CVE-2023-29499
CVE-2023-32665
CVE-2023-32636
...
CPE    7
cpe:/a:libglib-2_0-0:libglib-2_0-0
cpe:/o:suse:suse_linux_enterprise_server:15:sp1
cpe:/a:libgio-2_0-0:libgio-2_0-0
cpe:/a:libgthread-2_0-0:libgthread-2_0-0
...

© SecPod Technologies