Fedora 30: glib2 Security Update
Summary
GLib is the low-level core library that forms the basis for projects
such as GTK+ and GNOME. It provides data structure handling for C,
portability wrappers, and interfaces for such runtime functionality
as an event loop, threads, dynamic loading, and an object system.
glib 2.60.4 release: * Fixes to improved network status detection with
NetworkManager * Leak fixes to some `glib-genmarshal` generated code * Further
fixes to the Happy Eyeballs (RFC 8305) implementation * File system permissions
fix to clamp down permissions in a small time window when copying files
(CVE-2019-12450)
* Tue Jun 11 2019 Kalev Lember
- Update to 2.60.4
* Tue May 21 2019 Kalev Lember
- Update to 2.60.3
* Fri May 3 2019 Kalev Lember
- Update to 2.60.2
[ 1 ] Bug #1719141 - CVE-2019-12450 glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress
https://bugzilla.redhat.com/show_bug.cgi?id=1719141
su -c 'dnf upgrade --advisory FEDORA-2019-c18d2bd1bd' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
FEDORA-2019-c18d2bd1bd 2019-06-17 18:27:25.204662 Product : Fedora 30 Version : 2.60.4 Release : 1.fc30 URL : https://www.gtk.org/ Summary : A library of handy utility functions Description : GLib is the low-level core library that forms the basis for projects such as GTK+ and GNOME. It provides data structure handling for C, portability wrappers, and interfaces for such runtime functionality as an event loop, threads, dynamic loading, and an object system. glib 2.60.4 release: * Fixes to improved network status detection with NetworkManager * Leak fixes to some `glib-genmarshal` generated code * Further fixes to the Happy Eyeballs (RFC 8305) implementation * File system permissions fix to clamp down permissions in a small time window when copying files (CVE-2019-12450) * Tue Jun 11 2019 Kalev Lember - 2.60.4-1 - Update to 2.60.4 * Tue May 21 2019 Kalev Lember - 2.60.3-1 - Update to 2.60.3 * Fri May 3 2019 Kalev Lember - 2.60.2-1 - Update to 2.60.2 [ 1 ] Bug #1719141 - CVE-2019-12450 glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress https://bugzilla.redhat.com/show_bug.cgi?id=1719141 su -c 'dnf upgrade --advisory FEDORA-2019-c18d2bd1bd' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Change Log
References