[ubuntu/xenial-security] glib2.0 2.48.2-0ubuntu4.7 (Accepted)

Marc Deslauriers Mon, 08 Mar 2021 10:09:26 -0800

glib2.0 (2.48.2-0ubuntu4.7) xenial-security; urgency=medium

  * SECURITY UPDATE: g_byte_array_new_take length truncation
    - debian/patches/CVE-2021-2721x/CVE-2021-27218.patch: do not accept too
      large byte arrays in glib/garray.c, glib/gbytes.c,
      glib/tests/bytes.c.
    - CVE-2021-27218
  * SECURITY UPDATE: integer overflow in g_bytes_new
    - debian/patches/CVE-2021-2721x/CVE-2021-27219*.patch: add internal
      g_memdup2() function and use it instead of g_memdup() in a bunch of
      places.
    - CVE-2021-27219


Date: 2021-03-03 14:44:09.448568+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/glib2.0/2.48.2-0ubuntu4.7

Sorry, changesfile not available.

-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] glib2.0 2.48.2-0ubuntu4.7 (Accepted)

Reply via email to