SUSE-SU-2026:0266-1

Опубликовано: 23 янв. 2026

Источник: suse-cvrf

Описание

Security update for glib2

This update for glib2 fixes the following issues:

CVE-2026-0988: Fixed a potential integer overflow in g_buffered_input_stream_peek (bsc#1257049).

Список пакетов

Image SLES12-SP5-Azure-BYOS

glib2-tools-2.48.2-12.55.1

libgio-2_0-0-2.48.2-12.55.1

libglib-2_0-0-2.48.2-12.55.1

libgmodule-2_0-0-2.48.2-12.55.1

libgobject-2_0-0-2.48.2-12.55.1

Image SLES12-SP5-Azure-Standard-On-Demand

glib2-tools-2.48.2-12.55.1

libgio-2_0-0-2.48.2-12.55.1

libglib-2_0-0-2.48.2-12.55.1

libgmodule-2_0-0-2.48.2-12.55.1

libgobject-2_0-0-2.48.2-12.55.1

Image SLES12-SP5-EC2-BYOS

glib2-tools-2.48.2-12.55.1

libgio-2_0-0-2.48.2-12.55.1

libglib-2_0-0-2.48.2-12.55.1

libgmodule-2_0-0-2.48.2-12.55.1

libgobject-2_0-0-2.48.2-12.55.1

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

glib2-devel-2.48.2-12.55.1

glib2-devel-static-2.48.2-12.55.1

glib2-lang-2.48.2-12.55.1

glib2-tools-2.48.2-12.55.1

libgio-2_0-0-2.48.2-12.55.1

libgio-2_0-0-32bit-2.48.2-12.55.1

libglib-2_0-0-2.48.2-12.55.1

libglib-2_0-0-32bit-2.48.2-12.55.1

libgmodule-2_0-0-2.48.2-12.55.1

libgmodule-2_0-0-32bit-2.48.2-12.55.1

libgobject-2_0-0-2.48.2-12.55.1

libgobject-2_0-0-32bit-2.48.2-12.55.1

libgthread-2_0-0-2.48.2-12.55.1

libgthread-2_0-0-32bit-2.48.2-12.55.1

Ссылки

https://www.suse.com/support/update/announcement/2026/suse-su-20260266-1/
Link for SUSE-SU-2026:0266-1
https://lists.suse.com/pipermail/sle-security-updates/2026-January/023905.html
E-Mail link for SUSE-SU-2026:0266-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1257049
SUSE Bug 1257049
https://www.suse.com/security/cve/CVE-2026-0988/
SUSE CVE CVE-2026-0988 page

Описание

A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).

Затронутые продукты

Image SLES12-SP5-Azure-BYOS:glib2-tools-2.48.2-12.55.1

Image SLES12-SP5-Azure-BYOS:libgio-2_0-0-2.48.2-12.55.1

Image SLES12-SP5-Azure-BYOS:libglib-2_0-0-2.48.2-12.55.1

Image SLES12-SP5-Azure-BYOS:libgmodule-2_0-0-2.48.2-12.55.1

Ссылки

https://www.suse.com/security/cve/CVE-2026-0988.html
CVE-2026-0988
https://bugzilla.suse.com/1257049
SUSE Bug 1257049

SUSE-SU-2026:0266-1

Описание

Список пакетов

Image SLES12-SP5-Azure-BYOS

Image SLES12-SP5-Azure-Standard-On-Demand

Image SLES12-SP5-EC2-BYOS

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

Ссылки

Уязвимость: CVE-2026-0988

Описание

Затронутые продукты

Ссылки