Описание
ELSA-2025-11327: glib2 security update (MODERATE)
[2.56.4-166]
- Add patches for CVE-2024-34397, CVE-2024-52533, CVE-2025-4373
- Update GDateTime test for new tzdata
- Resolves: RHEL-67084
- Resolves: RHEL-94286
- Resolves: RHEL-94848
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
glib2-doc
2.56.4-166.el8_10
glib2-static
2.56.4-166.el8_10
glib2
2.56.4-166.el8_10
glib2-devel
2.56.4-166.el8_10
glib2-fam
2.56.4-166.el8_10
glib2-tests
2.56.4-166.el8_10
Oracle Linux x86_64
glib2-doc
2.56.4-166.el8_10
glib2-static
2.56.4-166.el8_10
glib2
2.56.4-166.el8_10
glib2-devel
2.56.4-166.el8_10
glib2-fam
2.56.4-166.el8_10
glib2-tests
2.56.4-166.el8_10
Связанные CVE
Связанные уязвимости
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact.
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact.
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact.