Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

openSUSE Leap 16.0 glib2 Important Buffer Integer Overflows 2026-20150-1

opensuse
Calendar Grey February 3, 2026
Dist Opensuse Esm H88
Learn about critical updates for glib2 on openSUSE fixing several important bugs to maintain system integrity.
An update that solves 4 vulnerabilities and has 4 bug fixes can now be installed.

Description

This update for glib2 fixes the following issues:

- CVE-2026-1485: Fixed buffer underflow and out-of-bounds access due to integer wraparound in content type parsing (bsc#1257354).

- CVE-2026-1484: Fixed buffer underflow and out-of-bounds access due to miscalculated buffer boundaries in the Base64 encoding routine (bsc#1257355).

- CVE-2026-1489: Fixed undersized heap allocation followed by out-of-bounds access due to integer overflow in Unicode case conversion (bsc#1257353).

- CVE-2026-0988: Fixed a potential integer overflow in g_buffered_input_stream_peek (bsc#1257049).

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-235=1

Patch

Package List

- openSUSE Leap 16.0:

gio-branding-upstream-2.84.4-160000.2.1

glib2-devel-2.84.4-160000.2.1

glib2-devel-static-2.84.4-160000.2.1

glib2-doc-2.84.4-160000.2.1

glib2-lang-2.84.4-160000.2.1

glib2-tests-devel-2.84.4-160000.2.1

glib2-tools-2.84.4-160000.2.1

libgio-2_0-0-2.84.4-160000.2.1

libgirepository-2_0-0-2.84.4-160000.2.1

libglib-2_0-0-2.84.4-160000.2.1

libgmodule-2_0-0-2.84.4-160000.2.1

libgobject-2_0-0-2.84.4-160000.2.1

libgthread-2_0-0-2.84.4-160000.2.1

typelib-1_0-GIRepository-3_0-2.84.4-160000.2.1

typelib-1_0-GLib-2_0-2.84.4-160000.2.1

typelib-1_0-GLibUnix-2_0-2.84.4-160000.2.1

typelib-1_0-GModule-2_0-2.84.4-160000.2.1

typelib-1_0-GObject-2_0-2.84.4-160000.2.1

typelib-1_0-Gio-2_0-2.84.4-160000.2.1

References

* bsc#1257049

* bsc#1257353

* bsc#1257354

* bsc#1257355

References:

* https://www.suse.com/security/cve/CVE-2026-0988.html

* https://www.suse.com/security/cve/CVE-2026-1484.html

* https://www.suse.com/security/cve/CVE-2026-1485.html

* https://www.suse.com/security/cve/CVE-2026-1489.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:20150-1
Rating: important
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here