ELSA-2023-6631

Опубликовано: 11 нояб. 2023

Источник: oracle-oval

Платформа: Oracle Linux 9

Описание

ELSA-2023-6631: glib2 security and bug fix update (LOW)

[2.68.4-11]

Really fix authentication failures when sd-bus clients connect to GDBus servers
Resolves: #2217771

[2.68.4-10]

Fix authentication failures when sd-bus clients connect to GDBus servers
Resolves: #2217771

[2.68.4-9]

Resolve s390x crashes introduced by fixes for CVE-2023-24593/CVE-2023-25180
Related: #2181196
Related: #2181200

[2.68.4-8]

Resolve use after free introduced by fixes for CVE-2023-24593/CVE-2023-25180
Related: #2181196
Related: #2181200

[2.68.4-7]

Fix CVE-2023-24593 and CVE-2023-25180
Resolves: #2181196
Resolves: #2181200

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

glib2

2.68.4-11.el9

glib2-devel

2.68.4-11.el9

glib2-doc

2.68.4-11.el9

glib2-static

2.68.4-11.el9

glib2-tests

2.68.4-11.el9

Oracle Linux x86_64

glib2

2.68.4-11.el9

glib2-devel

2.68.4-11.el9

glib2-doc

2.68.4-11.el9

glib2-static

2.68.4-11.el9

glib2-tests

2.68.4-11.el9

Связанные CVE

CVE-2023-32665

CVE-2023-32611

CVE-2023-29499

Ссылки на источники

Связанные уязвимости

ELSA-2024-2528

oracle-oval

около 1 года назад

ELSA-2024-2528: mingw-glib2 security update (LOW)

SUSE-SU-2023:3535-1

suse-cvrf

почти 2 года назад

Security update for glib2

ROS-20240506-02

CVSS3: 9.8

redos

около 1 года назад

Множественные уязвимости glib2

CVE-2023-32665

CVSS3: 5.5

ubuntu

почти 2 года назад

A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.

CVE-2023-32665

CVSS3: 6.5

redhat

больше 2 лет назад

A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.