Hello everyone,
Today, a critical 0day security vulnerability was discovered in glib2.
This vulnerability has to do with the g_bytes_new and g_memdup
functions, which are very commonly used in applications that use GLib.
The vulnerability is an integer-overflow in the g_bytes_new function.
I'm posting this to both lfs-support and blfs-support.
When I started here, things were a lot simpler - far fewer packages,
a much more limited desktop, and not many security vulnerabilities
were getting disclosed. In those days we had the lfs-security list
for mentioning new vulnerabilities,