What Are You Looking For?

Popular Tags

Sign Up
--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2023-1a7e2b3dda
2023-06-16 02:13:40.625179
--------------------------------------------------------------------------------Name        : mingw-glib2
Product     : Fedora 37
Version     : 2.74.7
Release     : 1.fc37
URL         : https://www.gtk.org
Summary     : MinGW Windows GLib2 library
Description :
MinGW Windows Glib2 library.

--------------------------------------------------------------------------------Update Information:

Update to glib2-2.74.7.
--------------------------------------------------------------------------------ChangeLog:

* Tue Jun  6 2023 Sandro Mani  - 2.74.7-1
- Update to 2.74.7
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #2212693 - CVE-2023-32665 mingw-glib2: glib: GVariant deserialisation does not match spec for non-normal data [fedora-37]
        https://bugzilla.redhat.com/show_bug.cgi?id=2212693
  [ 2 ] Bug #2212697 - CVE-2023-32665 mingw-glib2: glib: GVariant deserialisation does not match spec for non-normal data [fedora-38]
        https://bugzilla.redhat.com/show_bug.cgi?id=2212697
  [ 3 ] Bug #2212701 - CVE-2023-29499 mingw-glib2: glib: GVariant offset table entry size is not checked in is_normal() [fedora-37]
        https://bugzilla.redhat.com/show_bug.cgi?id=2212701
  [ 4 ] Bug #2212707 - CVE-2023-29499 mingw-glib2: glib: GVariant offset table entry size is not checked in is_normal() [fedora-38]
        https://bugzilla.redhat.com/show_bug.cgi?id=2212707
  [ 5 ] Bug #2212710 - CVE-2023-32611 mingw-glib2: glib: g_variant_byteswap() can take a long time with some non-normal inputs [fedora-37]
        https://bugzilla.redhat.com/show_bug.cgi?id=2212710
  [ 6 ] Bug #2212712 - CVE-2023-32611 mingw-glib2: glib: g_variant_byteswap() can take a long time with some non-normal inputs [fedora-38]
        https://bugzilla.redhat.com/show_bug.cgi?id=2212712
  [ 7 ] Bug #2212718 - CVE-2023-32643 mingw-glib2: glib: fuzz_variant_binary_byteswap: Heap-buffer-overflow in g_variant_serialised_get_child [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2212718
  [ 8 ] Bug #2212723 - CVE-2023-32636 mingw-glib2: glib: fuzz_variant_text: Timeout in fuzz_variant_text [fedora-37]
        https://bugzilla.redhat.com/show_bug.cgi?id=2212723
  [ 9 ] Bug #2212728 - CVE-2023-32636 mingw-glib2: glib: fuzz_variant_text: Timeout in fuzz_variant_text [fedora-38]
        https://bugzilla.redhat.com/show_bug.cgi?id=2212728
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-1a7e2b3dda' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

Fedora 37: mingw-glib2 2023-1a7e2b3dda

June 16, 2023
Update to glib2-2.74.7.

Summary

MinGW Windows Glib2 library.

Update to glib2-2.74.7.

* Tue Jun 6 2023 Sandro Mani - 2.74.7-1

- Update to 2.74.7

[ 1 ] Bug #2212693 - CVE-2023-32665 mingw-glib2: glib: GVariant deserialisation does not match spec for non-normal data [fedora-37]

https://bugzilla.redhat.com/show_bug.cgi?id=2212693

[ 2 ] Bug #2212697 - CVE-2023-32665 mingw-glib2: glib: GVariant deserialisation does not match spec for non-normal data [fedora-38]

https://bugzilla.redhat.com/show_bug.cgi?id=2212697

[ 3 ] Bug #2212701 - CVE-2023-29499 mingw-glib2: glib: GVariant offset table entry size is not checked in is_normal() [fedora-37]

https://bugzilla.redhat.com/show_bug.cgi?id=2212701

[ 4 ] Bug #2212707 - CVE-2023-29499 mingw-glib2: glib: GVariant offset table entry size is not checked in is_normal() [fedora-38]

https://bugzilla.redhat.com/show_bug.cgi?id=2212707

[ 5 ] Bug #2212710 - CVE-2023-32611 mingw-glib2: glib: g_variant_byteswap() can take a long time with some non-normal inputs [fedora-37]

https://bugzilla.redhat.com/show_bug.cgi?id=2212710

[ 6 ] Bug #2212712 - CVE-2023-32611 mingw-glib2: glib: g_variant_byteswap() can take a long time with some non-normal inputs [fedora-38]

https://bugzilla.redhat.com/show_bug.cgi?id=2212712

[ 7 ] Bug #2212718 - CVE-2023-32643 mingw-glib2: glib: fuzz_variant_binary_byteswap: Heap-buffer-overflow in g_variant_serialised_get_child [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2212718

[ 8 ] Bug #2212723 - CVE-2023-32636 mingw-glib2: glib: fuzz_variant_text: Timeout in fuzz_variant_text [fedora-37]

https://bugzilla.redhat.com/show_bug.cgi?id=2212723

[ 9 ] Bug #2212728 - CVE-2023-32636 mingw-glib2: glib: fuzz_variant_text: Timeout in fuzz_variant_text [fedora-38]

https://bugzilla.redhat.com/show_bug.cgi?id=2212728

su -c 'dnf upgrade --advisory FEDORA-2023-1a7e2b3dda' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/keys

package-announce mailing list -- [email protected]

To unsubscribe send an email to [email protected]

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/[email protected]

Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

FEDORA-2023-1a7e2b3dda 2023-06-16 02:13:40.625179 Product : Fedora 37 Version : 2.74.7 Release : 1.fc37 URL : https://www.gtk.org Summary : MinGW Windows GLib2 library Description : MinGW Windows Glib2 library. Update to glib2-2.74.7. * Tue Jun 6 2023 Sandro Mani - 2.74.7-1 - Update to 2.74.7 [ 1 ] Bug #2212693 - CVE-2023-32665 mingw-glib2: glib: GVariant deserialisation does not match spec for non-normal data [fedora-37] https://bugzilla.redhat.com/show_bug.cgi?id=2212693 [ 2 ] Bug #2212697 - CVE-2023-32665 mingw-glib2: glib: GVariant deserialisation does not match spec for non-normal data [fedora-38] https://bugzilla.redhat.com/show_bug.cgi?id=2212697 [ 3 ] Bug #2212701 - CVE-2023-29499 mingw-glib2: glib: GVariant offset table entry size is not checked in is_normal() [fedora-37] https://bugzilla.redhat.com/show_bug.cgi?id=2212701 [ 4 ] Bug #2212707 - CVE-2023-29499 mingw-glib2: glib: GVariant offset table entry size is not checked in is_normal() [fedora-38] https://bugzilla.redhat.com/show_bug.cgi?id=2212707 [ 5 ] Bug #2212710 - CVE-2023-32611 mingw-glib2: glib: g_variant_byteswap() can take a long time with some non-normal inputs [fedora-37] https://bugzilla.redhat.com/show_bug.cgi?id=2212710 [ 6 ] Bug #2212712 - CVE-2023-32611 mingw-glib2: glib: g_variant_byteswap() can take a long time with some non-normal inputs [fedora-38] https://bugzilla.redhat.com/show_bug.cgi?id=2212712 [ 7 ] Bug #2212718 - CVE-2023-32643 mingw-glib2: glib: fuzz_variant_binary_byteswap: Heap-buffer-overflow in g_variant_serialised_get_child [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2212718 [ 8 ] Bug #2212723 - CVE-2023-32636 mingw-glib2: glib: fuzz_variant_text: Timeout in fuzz_variant_text [fedora-37] https://bugzilla.redhat.com/show_bug.cgi?id=2212723 [ 9 ] Bug #2212728 - CVE-2023-32636 mingw-glib2: glib: fuzz_variant_text: Timeout in fuzz_variant_text [fedora-38] https://bugzilla.redhat.com/show_bug.cgi?id=2212728 su -c 'dnf upgrade --advisory FEDORA-2023-1a7e2b3dda' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys package-announce mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

Change Log

References

Update Instructions

Severity
Product : Fedora 37
Version : 2.74.7
Release : 1.fc37
URL : https://www.gtk.org
Summary : MinGW Windows GLib2 library

Related News

Long-term Support for Linux Kernel to Be Cut as Maintenance Remains Under Strain

Sep 21, 2023

RISC-V With Linux 6.6 Offers Better Kernel Security With KASLR

Sep 11, 2023

Microsoft's CBL-Mariner 2.0 Linux Distribution Adds Clippy

Aug 4, 2023

Nitrux Devs Make It Easier to Upgrade Your Immutable Nitrux OS Installations

Jun 20, 2023

News

Advisories

HOWTOs

Features

Linux Endpoint Detection and Response (EDR): A Crucial Part of a Successful Cybersecurity Strategy
Supercharging Linux: Tips & Tricks to Beat the Threat Landscape
LinuxSecurity.com Migrates to Joomla 4 and PHP 8: Our Experience & Key Takeaways
The Unseen Potential of Wake-on-LAN
Linux Vulnerabilities: The Antidote to This Linux Security Poison

About Us

Powered By

Footer Logo

Feedback