Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

Warning: Undefined array key "Description" in /var/www/www.linuxsecurity.com-443/html/lsadvisories/lsadvisories.php on line 220

Fedora 42: Fix for Important Integer Overflow Vulnerability in mingw-glib2

fedora
Calendar Grey December 23, 2025
Dist Fedora Esm H88
Critical fixes for mingw-glib2 in Fedora 42 addressing buffer and integer overflows are now available. Update advised.
Update to glib-2.84.4 and backport fixes for CVE-2025-13601, CVE-2025-14087 and CVE-2025-14512.

Summary

MinGW Windows Glib2 library.

Update Information:

Update to glib-2.84.4 and backport fixes for CVE-2025-13601, CVE-2025-14087 and CVE-2025-14512.

Topics%20covered

Topics Covered

security advisory fedora buffer overflow important integer overflow mingw-glib2

Change Log

* Sun Dec 14 2025 Sandro Mani - 2.84.1-1 - Update to 2.84.1 - Backport patch for CVE-2025-14512 - Backport patch for CVE-2025-14087 * Sun Dec 14 2025 Sandro Mani - 2.84.3-3 - Backport patch for CVE-2025-13601

References


[ 1 ] Bug #2417052 - CVE-2025-13601 mingw-glib2: Integer overflow in in g_escape_uri_string() [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2417052 [ 2 ] Bug #2419111 - CVE-2025-14087 mingw-glib2: A buffer-underflow vulnerability exists in GLib\u2019s GVariant parser, specifically within bytestring_parse() and string_parse(). The parser uses signed 32-bit integers (gint) as loop indices (i and j). When extreme ... [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2419111 [ 3 ] Bug #2421343 - CVE-2025-14512 mingw-glib2: Integer Overflow in GLib GIO Attribute Escaping Causes Heap Buffer Overflow [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2421343

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-b2df36b70a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: mingw-glib2
Product: Fedora 42
Version: 2.84.4
Release: 1.fc42
URL: http://www.gtk.org
Summary: MinGW Windows GLib2 library

Topics%20covered

Topics Covered

security advisory fedora buffer overflow important integer overflow mingw-glib2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here