ALSA-2023:6631

[ALSA-2023:6631] Low: glib2 security and bug fix update

Type:

security

Severity:

low

Release date:

2023-11-14

Description:

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures.

Security Fix(es):

* glib: GVariant offset table entry size is not checked in is_normal() (CVE-2023-29499)
* glib: g_variant_byteswap() can take a long time with some non-normal inputs (CVE-2023-32611)
* glib: GVariant deserialisation does not match spec for non-normal data (CVE-2023-32665)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	glib2-static-2.68.4-11.el9.aarch64.rpm	3cf913259a1ccc62a68af14b915b3fa142a064c0020139b3036f1febb26d3eeb
aarch64	glib2-2.68.4-11.el9.aarch64.rpm	4e0f501bfb0e12fa5ae82ecc224b6d368f800f1771aed6802cd76f7f334b2735
aarch64	glib2-devel-2.68.4-11.el9.aarch64.rpm	9cc65521cce92bc3e0531eb070b16b51914a0707c8246df8e190806eb3e5615e
aarch64	glib2-tests-2.68.4-11.el9.aarch64.rpm	ca86b179a2432ea029867fc93ac946d6032e1bad9eb45d1fd61830673de793b3
i686	glib2-static-2.68.4-11.el9.i686.rpm	87ee8e737f4016af2f3befb75c9f62e1c8451c6422c9330bd2673bc22a7c4007
i686	glib2-2.68.4-11.el9.i686.rpm	8febaf749452cfae551010e44d7e6bac1246c70f2d8cc4e90f38998c85766fa9
i686	glib2-devel-2.68.4-11.el9.i686.rpm	93ccac16492d1adb3f0a1658bb844c7efebc8e3c48d3b7410078537e3b8cec66
noarch	glib2-doc-2.68.4-11.el9.noarch.rpm	9d711ffafd75abebaf87048ec7616c332c8dd24f88398c746a5e8be14f921329
ppc64le	glib2-tests-2.68.4-11.el9.ppc64le.rpm	15019741e3c69204ac49a0d2da65ce085642766f3d9656c9ae6c135e0184f415
ppc64le	glib2-2.68.4-11.el9.ppc64le.rpm	28541e7558d8cf3ad6261a215fcbdf34f2fb9c0d42a9f0f1d90ea8f484afe7d0
ppc64le	glib2-devel-2.68.4-11.el9.ppc64le.rpm	47170a724f0306caf4c4a4c020210f12650aa08165948581f848d9306ec2301f
ppc64le	glib2-static-2.68.4-11.el9.ppc64le.rpm	cfa65f429e2c59e6cb0ba63f7ea78f2006c50ec6cdeaf78ae6099b9e1f18018d
s390x	glib2-2.68.4-11.el9.s390x.rpm	051cba2987ae9fced4ffd49df952eed432be5a02307a9153b06e425e40525275
s390x	glib2-devel-2.68.4-11.el9.s390x.rpm	4f15a2950b9af4a5917d8a74973832189edd1a058aa60f1ac32f4469263c5231
s390x	glib2-tests-2.68.4-11.el9.s390x.rpm	5dda6023577ed31872b0d1324851d65865b7ecd123d7d8f49a16425c2475aa29
s390x	glib2-static-2.68.4-11.el9.s390x.rpm	ac92a0002e15da3d754c8bf4ab3adab228fcdbc3f97b049d335d7376c24509e5
x86_64	glib2-devel-2.68.4-11.el9.x86_64.rpm	476d42bd28a2d941579e3ce145492fea83af9a822fd5f36d503628a7f3ec860c
x86_64	glib2-2.68.4-11.el9.x86_64.rpm	5a39f7df12d5f1ebbff68746d179dc1e4c06ae12ae941b8f0bfd5afe8db0bb26
x86_64	glib2-static-2.68.4-11.el9.x86_64.rpm	6397a7853a91ba61791d19b9e3e6327e6dd1baaa952d1a1545faab2468940d40
x86_64	glib2-tests-2.68.4-11.el9.x86_64.rpm	912c595313128dd8af9ae89bbdb3c6f8cb6bd98b4779347d4a2be2f5cb8af3d9

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.