[gentoo-announce] [ GLSA 201904-23 ] GLib: Multiple vulnerabilities - gentoo-announce

From:	Aaron Bauman <bman@g.o>
To:	gentoo-announce@l.g.o
Subject:	[gentoo-announce] [ GLSA 201904-23 ] GLib: Multiple vulnerabilities
Date:	Mon, 22 Apr 2019 23:52:10
Message-Id:	`20190422233702.GF32445@monkey`

1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

2

Gentoo Linux Security Advisory                           GLSA 201904-23

3

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

4

                                           https://security.gentoo.org/

5

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

6

7

 Severity: Normal

8

    Title: GLib: Multiple vulnerabilities

9

     Date: April 22, 2019

10

     Bugs: #668474

11

       ID: 201904-23

12

13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

14

15

Synopsis

16

========

17

18

Multiple vulnerabilities have been found in GLib, the worst of which

19

could result in a Denial of Service condition.

20

21

Background

22

==========

23

24

GLib is a library providing a number of GNOME's core objects and

25

functions.

26

27

Affected packages

28

=================

29

30

    -------------------------------------------------------------------

31

     Package              /     Vulnerable     /            Unaffected

32

    -------------------------------------------------------------------

33

  1  dev-libs/glib                < 2.56.4                  >= 2.56.4 

34

35

Description

36

===========

37

38

Multiple vulnerabilities have been discovered in GLib. Please review

39

the referenced bug for details.

40

41

Impact

42

======

43

44

Please review the referenced bugs for details.

45

46

Workaround

47

==========

48

49

There is no known workaround at this time.

50

51

Resolution

52

==========

53

54

All GLib users should upgrade to the latest version:

55

56

  # emerge --sync

57

  # emerge --ask --oneshot --verbose ">=dev-libs/glib-2.56.4"

58

59

References

60

==========

61

62

63

Availability

64

============

65

66

This GLSA and any updates to it are available for viewing at

67

the Gentoo Security Website:

68

69

 https://security.gentoo.org/glsa/201904-23

70

71

Concerns?

72

=========

73

74

Security is a primary focus of Gentoo Linux and ensuring the

75

confidentiality and security of our users' machines is of utmost

76

importance to us. Any security concerns should be addressed to

77

security@g.o or alternatively, you may file a bug at

78

https://bugs.gentoo.org.

79

80

License

81

=======

82

83

Copyright 2019 Gentoo Foundation, Inc; referenced text

84

belongs to its owner(s).

85

86

The contents of this document are licensed under the

87

Creative Commons - Attribution / Share Alike license.

88

89

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Archives: gentoo-announce

Attachments

1	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2	Gentoo Linux Security Advisory GLSA 201904-23
3	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4	https://security.gentoo.org/
5	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7	Severity: Normal
8	Title: GLib: Multiple vulnerabilities
9	Date: April 22, 2019
10	Bugs: #668474
11	ID: 201904-23
12
13	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15	Synopsis
16	========
17
18	Multiple vulnerabilities have been found in GLib, the worst of which
19	could result in a Denial of Service condition.
20
21	Background
22	==========
23
24	GLib is a library providing a number of GNOME's core objects and
25	functions.
26
27	Affected packages
28	=================
29
30	-------------------------------------------------------------------
31	Package / Vulnerable / Unaffected
32	-------------------------------------------------------------------
33	1 dev-libs/glib < 2.56.4 >= 2.56.4
34
35	Description
36	===========
37
38	Multiple vulnerabilities have been discovered in GLib. Please review
39	the referenced bug for details.
40
41	Impact
42	======
43
44	Please review the referenced bugs for details.
45
46	Workaround
47	==========
48
49	There is no known workaround at this time.
50
51	Resolution
52	==========
53
54	All GLib users should upgrade to the latest version:
55
56	# emerge --sync
57	# emerge --ask --oneshot --verbose ">=dev-libs/glib-2.56.4"
58
59	References
60	==========
61
62
63	Availability
64	============
65
66	This GLSA and any updates to it are available for viewing at
67	the Gentoo Security Website:
68
69	https://security.gentoo.org/glsa/201904-23
70
71	Concerns?
72	=========
73
74	Security is a primary focus of Gentoo Linux and ensuring the
75	confidentiality and security of our users' machines is of utmost
76	importance to us. Any security concerns should be addressed to
77	security@g.o or alternatively, you may file a bug at
78	https://bugs.gentoo.org.
79
80	License
81	=======
82
83	Copyright 2019 Gentoo Foundation, Inc; referenced text
84	belongs to its owner(s).
85
86	The contents of this document are licensed under the
87	Creative Commons - Attribution / Share Alike license.
88
89	https://creativecommons.org/licenses/by-sa/2.5