Red Hat Enterprise Linux 8 RHSA-2021-2170-01 Important Integer Overflow
red hat
June 1, 2021
An update for glib2 is now available for Red Hat Enterprise Linux 8
Solution
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
Summary
GLib provides the core application building blocks for libraries and
applications written in C. It provides the core object system used in
GNOME, the main loop implementation, and a large set of utility functions
for strings and common data structures.
Security Fix(es):
* glib: integer overflow in g_bytes_new function on 64-bit platforms due to
an implicit cast from 64 bits to 32 bits (CVE-2021-27219)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* Refcounting issue causes crashes and slow workarounds (BZ#1953553)
References
https://access.redhat.com/security/cve/CVE-2021-27219 https://access.redhat.com/security/updates/classification#important
Package List
Red Hat Enterprise Linux BaseOS (v. 8):
Source:
glib2-2.56.4-10.el8_4.src.rpm
aarch64:
glib2-2.56.4-10.el8_4.aarch64.rpm
glib2-debuginfo-2.56.4-10.el8_4.aarch64.rpm
glib2-debugsource-2.56.4-10.el8_4.aarch64.rpm
glib2-devel-2.56.4-10.el8_4.aarch64.rpm
glib2-devel-debuginfo-2.56.4-10.el8_4.aarch64.rpm
glib2-fam-2.56.4-10.el8_4.aarch64.rpm
glib2-fam-debuginfo-2.56.4-10.el8_4.aarch64.rpm
glib2-tests-2.56.4-10.el8_4.aarch64.rpm
glib2-tests-debuginfo-2.56.4-10.el8_4.aarch64.rpm
ppc64le:
glib2-2.56.4-10.el8_4.ppc64le.rpm
glib2-debuginfo-2.56.4-10.el8_4.ppc64le.rpm
glib2-debugsource-2.56.4-10.el8_4.ppc64le.rpm
glib2-devel-2.56.4-10.el8_4.ppc64le.rpm
glib2-devel-debuginfo-2.56.4-10.el8_4.ppc64le.rpm
glib2-fam-2.56.4-10.el8_4.ppc64le.rpm
glib2-fam-debuginfo-2.56.4-10.el8_4.ppc64le.rpm
glib2-tests-2.56.4-10.el8_4.ppc64le.rpm
glib2-tests-debuginfo-2.56.4-10.el8_4.ppc64le.rpm
s390x:
glib2-2.56.4-10.el8_4.s390x.rpm
glib2-debuginfo-2.56.4-10.el8_4.s390x.rpm
glib2-debugsource-2.56.4-10.el8_4.s390x.rpm
glib2-devel-2.56.4-10.el8_4.s390x.rpm
glib2-devel-debuginfo-2.56.4-10.el8_4.s390x.rpm
glib2-fam-2.56.4-10.el8_4.s390x.rpm
glib2-fam-debuginfo-2.56.4-10.el8_4.s390x.rpm
glib2-tests-2.56.4-10.el8_4.s390x.rpm
glib2-tests-debuginfo-2.56.4-10.el8_4.s390x.rpm
x86_64:
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Advisory ID: RHSA-2021:2170-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2170
Issue date: 2021-06-01
Topic
An update for glib2 is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.
Relevant Releases Architectures
Red Hat CodeReady Linux Builder (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64
Bugs Fixed
1929858 - CVE-2021-27219 glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits
1953553 - Refcounting issue causes crashes and slow workarounds [rhel-8.4.0.z]
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!