MGASA-2018-0405

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2018-0405.html
Import Source
https://advisories.mageia.org/MGASA-2018-0405.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2018-0405
Related
Published
2018-10-19T18:00:37Z
Modified
2018-10-19T17:35:51Z
Summary
Updated glib2.0 packages fix security vulnerabilities
Details

The updated glib2.0 packages fix security vulnerabilities:

In GNOME GLib 2.56.1, gmarkupparsecontextend_parse() in gmarkup.c has a NULL pointer dereference (CVE-2018-16428).

GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in gmarkupparsecontextparse() in gmarkup.c, related to utf8_str() (CVE-2018-16429).

References
Credits

Affected packages

Mageia:6 / glib2.0

Package

Name
glib2.0
Purl
pkg:rpm/mageia/glib2.0?distro=mageia-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.54.3-1.2.mga6

Ecosystem specific 

{
    "section": "core"
}