Описание
Security update for glib2
This update for glib2 fixes the following issues:
- CVE-2024-34397: Fixed signal subscription unicast spoofing vulnerability (bsc#1224044).
Список пакетов
Image SLES12-SP5-Azure-BYOS
glib2-tools-2.48.2-12.37.1
libgio-2_0-0-2.48.2-12.37.1
libglib-2_0-0-2.48.2-12.37.1
libgmodule-2_0-0-2.48.2-12.37.1
libgobject-2_0-0-2.48.2-12.37.1
Image SLES12-SP5-Azure-Basic-On-Demand
glib2-tools-2.48.2-12.37.1
libgio-2_0-0-2.48.2-12.37.1
libglib-2_0-0-2.48.2-12.37.1
libgmodule-2_0-0-2.48.2-12.37.1
libgobject-2_0-0-2.48.2-12.37.1
Image SLES12-SP5-Azure-HPC-BYOS
glib2-tools-2.48.2-12.37.1
libgio-2_0-0-2.48.2-12.37.1
libglib-2_0-0-2.48.2-12.37.1
libgmodule-2_0-0-2.48.2-12.37.1
libgobject-2_0-0-2.48.2-12.37.1
Image SLES12-SP5-Azure-HPC-On-Demand
glib2-tools-2.48.2-12.37.1
libgio-2_0-0-2.48.2-12.37.1
libglib-2_0-0-2.48.2-12.37.1
libgmodule-2_0-0-2.48.2-12.37.1
libgobject-2_0-0-2.48.2-12.37.1
Image SLES12-SP5-Azure-SAP-BYOS
glib2-tools-2.48.2-12.37.1
libgio-2_0-0-2.48.2-12.37.1
libglib-2_0-0-2.48.2-12.37.1
libgmodule-2_0-0-2.48.2-12.37.1
libgobject-2_0-0-2.48.2-12.37.1
libgthread-2_0-0-2.48.2-12.37.1
Image SLES12-SP5-Azure-SAP-On-Demand
glib2-tools-2.48.2-12.37.1
libgio-2_0-0-2.48.2-12.37.1
libglib-2_0-0-2.48.2-12.37.1
libgmodule-2_0-0-2.48.2-12.37.1
libgobject-2_0-0-2.48.2-12.37.1
libgthread-2_0-0-2.48.2-12.37.1
Image SLES12-SP5-Azure-Standard-On-Demand
glib2-tools-2.48.2-12.37.1
libgio-2_0-0-2.48.2-12.37.1
libglib-2_0-0-2.48.2-12.37.1
libgmodule-2_0-0-2.48.2-12.37.1
libgobject-2_0-0-2.48.2-12.37.1
Image SLES12-SP5-EC2-BYOS
glib2-tools-2.48.2-12.37.1
libgio-2_0-0-2.48.2-12.37.1
libglib-2_0-0-2.48.2-12.37.1
libgmodule-2_0-0-2.48.2-12.37.1
libgobject-2_0-0-2.48.2-12.37.1
Image SLES12-SP5-EC2-ECS-On-Demand
glib2-tools-2.48.2-12.37.1
libgio-2_0-0-2.48.2-12.37.1
libglib-2_0-0-2.48.2-12.37.1
libgmodule-2_0-0-2.48.2-12.37.1
libgobject-2_0-0-2.48.2-12.37.1
Image SLES12-SP5-EC2-On-Demand
glib2-tools-2.48.2-12.37.1
libgio-2_0-0-2.48.2-12.37.1
libglib-2_0-0-2.48.2-12.37.1
libgmodule-2_0-0-2.48.2-12.37.1
libgobject-2_0-0-2.48.2-12.37.1
Image SLES12-SP5-EC2-SAP-BYOS
glib2-tools-2.48.2-12.37.1
libgio-2_0-0-2.48.2-12.37.1
libglib-2_0-0-2.48.2-12.37.1
libgmodule-2_0-0-2.48.2-12.37.1
libgobject-2_0-0-2.48.2-12.37.1
libgthread-2_0-0-2.48.2-12.37.1
Image SLES12-SP5-EC2-SAP-On-Demand
glib2-tools-2.48.2-12.37.1
libgio-2_0-0-2.48.2-12.37.1
libglib-2_0-0-2.48.2-12.37.1
libgmodule-2_0-0-2.48.2-12.37.1
libgobject-2_0-0-2.48.2-12.37.1
libgthread-2_0-0-2.48.2-12.37.1
Image SLES12-SP5-GCE-BYOS
glib2-tools-2.48.2-12.37.1
libgio-2_0-0-2.48.2-12.37.1
libglib-2_0-0-2.48.2-12.37.1
libgmodule-2_0-0-2.48.2-12.37.1
libgobject-2_0-0-2.48.2-12.37.1
Image SLES12-SP5-GCE-On-Demand
glib2-tools-2.48.2-12.37.1
libgio-2_0-0-2.48.2-12.37.1
libglib-2_0-0-2.48.2-12.37.1
libgmodule-2_0-0-2.48.2-12.37.1
libgobject-2_0-0-2.48.2-12.37.1
Image SLES12-SP5-GCE-SAP-BYOS
glib2-tools-2.48.2-12.37.1
libgio-2_0-0-2.48.2-12.37.1
libglib-2_0-0-2.48.2-12.37.1
libgmodule-2_0-0-2.48.2-12.37.1
libgobject-2_0-0-2.48.2-12.37.1
libgthread-2_0-0-2.48.2-12.37.1
Image SLES12-SP5-GCE-SAP-On-Demand
glib2-tools-2.48.2-12.37.1
libgio-2_0-0-2.48.2-12.37.1
libglib-2_0-0-2.48.2-12.37.1
libgmodule-2_0-0-2.48.2-12.37.1
libgobject-2_0-0-2.48.2-12.37.1
libgthread-2_0-0-2.48.2-12.37.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
glib2-tools-2.48.2-12.37.1
libgio-2_0-0-2.48.2-12.37.1
libglib-2_0-0-2.48.2-12.37.1
libgmodule-2_0-0-2.48.2-12.37.1
libgobject-2_0-0-2.48.2-12.37.1
libgthread-2_0-0-2.48.2-12.37.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
glib2-tools-2.48.2-12.37.1
libgio-2_0-0-2.48.2-12.37.1
libglib-2_0-0-2.48.2-12.37.1
libgmodule-2_0-0-2.48.2-12.37.1
libgobject-2_0-0-2.48.2-12.37.1
libgthread-2_0-0-2.48.2-12.37.1
SUSE Linux Enterprise Server 12 SP5
glib2-lang-2.48.2-12.37.1
glib2-tools-2.48.2-12.37.1
libgio-2_0-0-2.48.2-12.37.1
libgio-2_0-0-32bit-2.48.2-12.37.1
libglib-2_0-0-2.48.2-12.37.1
libglib-2_0-0-32bit-2.48.2-12.37.1
libgmodule-2_0-0-2.48.2-12.37.1
libgmodule-2_0-0-32bit-2.48.2-12.37.1
libgobject-2_0-0-2.48.2-12.37.1
libgobject-2_0-0-32bit-2.48.2-12.37.1
libgthread-2_0-0-2.48.2-12.37.1
libgthread-2_0-0-32bit-2.48.2-12.37.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
glib2-lang-2.48.2-12.37.1
glib2-tools-2.48.2-12.37.1
libgio-2_0-0-2.48.2-12.37.1
libgio-2_0-0-32bit-2.48.2-12.37.1
libglib-2_0-0-2.48.2-12.37.1
libglib-2_0-0-32bit-2.48.2-12.37.1
libgmodule-2_0-0-2.48.2-12.37.1
libgmodule-2_0-0-32bit-2.48.2-12.37.1
libgobject-2_0-0-2.48.2-12.37.1
libgobject-2_0-0-32bit-2.48.2-12.37.1
libgthread-2_0-0-2.48.2-12.37.1
libgthread-2_0-0-32bit-2.48.2-12.37.1
SUSE Linux Enterprise Software Development Kit 12 SP5
glib2-devel-2.48.2-12.37.1
glib2-devel-static-2.48.2-12.37.1
libgio-fam-2.48.2-12.37.1
SUSE Linux Enterprise Workstation Extension 12 SP5
libgio-fam-2.48.2-12.37.1
Ссылки
- Link for SUSE-SU-2024:1833-1
- E-Mail link for SUSE-SU-2024:1833-1
- SUSE Security Ratings
- SUSE Bug 1224044
- SUSE CVE CVE-2024-34397 page
Описание
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact.
Затронутые продукты
Image SLES12-SP5-Azure-BYOS:glib2-tools-2.48.2-12.37.1
Image SLES12-SP5-Azure-BYOS:libgio-2_0-0-2.48.2-12.37.1
Image SLES12-SP5-Azure-BYOS:libglib-2_0-0-2.48.2-12.37.1
Image SLES12-SP5-Azure-BYOS:libgmodule-2_0-0-2.48.2-12.37.1
Ссылки
- CVE-2024-34397
- SUSE Bug 1224044