openSUSE-SU-2018:4005-1

Опубликовано: 06 дек. 2018

Источник: suse-cvrf

Описание

Security update for glib2

This update for glib2 fixes the following issues:

Security issues fixed:

CVE-2018-16428: Do not do a NULL pointer dereference (crash). Avoid that, at the cost of introducing a new translatable error message (bsc#1107121).
CVE-2018-16429: Fixed out-of-bounds read vulnerability ing_markup_parse_context_parse() (bsc#1107116).

Non-security issue fixed:

various GVariant parsing issues have been resolved (bsc#1111499)

This update was imported from the SUSE:SLE-15:Update update project.

Список пакетов

openSUSE Leap 15.0

gio-branding-upstream-2.54.3-lp150.3.3.1

glib2-2.54.3-lp150.3.3.1

glib2-devel-2.54.3-lp150.3.3.1

glib2-devel-32bit-2.54.3-lp150.3.3.1

glib2-devel-static-2.54.3-lp150.3.3.1

glib2-lang-2.54.3-lp150.3.3.1

glib2-tools-2.54.3-lp150.3.3.1

glib2-tools-32bit-2.54.3-lp150.3.3.1

libgio-2_0-0-2.54.3-lp150.3.3.1

libgio-2_0-0-32bit-2.54.3-lp150.3.3.1

libgio-fam-2.54.3-lp150.3.3.1

libgio-fam-32bit-2.54.3-lp150.3.3.1

libglib-2_0-0-2.54.3-lp150.3.3.1

libglib-2_0-0-32bit-2.54.3-lp150.3.3.1

libgmodule-2_0-0-2.54.3-lp150.3.3.1

libgmodule-2_0-0-32bit-2.54.3-lp150.3.3.1

libgobject-2_0-0-2.54.3-lp150.3.3.1

libgobject-2_0-0-32bit-2.54.3-lp150.3.3.1

libgthread-2_0-0-2.54.3-lp150.3.3.1

libgthread-2_0-0-32bit-2.54.3-lp150.3.3.1

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00005.html
E-Mail link for openSUSE-SU-2018:4005-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.

Затронутые продукты

openSUSE Leap 15.0:gio-branding-upstream-2.54.3-lp150.3.3.1

openSUSE Leap 15.0:glib2-2.54.3-lp150.3.3.1

openSUSE Leap 15.0:glib2-devel-2.54.3-lp150.3.3.1

openSUSE Leap 15.0:glib2-devel-32bit-2.54.3-lp150.3.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-16428.html
CVE-2018-16428
https://bugzilla.suse.com/1107121
SUSE Bug 1107121

Описание

GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str().

Затронутые продукты

openSUSE Leap 15.0:gio-branding-upstream-2.54.3-lp150.3.3.1

openSUSE Leap 15.0:glib2-2.54.3-lp150.3.3.1

openSUSE Leap 15.0:glib2-devel-2.54.3-lp150.3.3.1

openSUSE Leap 15.0:glib2-devel-32bit-2.54.3-lp150.3.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-16429.html
CVE-2018-16429
https://bugzilla.suse.com/1107116
SUSE Bug 1107116

openSUSE-SU-2018:4005-1

Описание

Список пакетов

openSUSE Leap 15.0

Ссылки

Уязвимость: CVE-2018-16428

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2018-16429

Описание

Затронутые продукты

Ссылки