Package "libglib2.0-doc"
Name: |
libglib2.0-doc
|
Description: |
Documentation files for the GLib library
|
Latest version: |
2.56.4-0ubuntu0.18.04.9 |
Release: |
bionic (18.04) |
Level: |
updates |
Repository: |
main |
Head package: |
glib2.0 |
Homepage: |
http://www.gtk.org/ |
Links
Download "libglib2.0-doc"
Other versions of "libglib2.0-doc" in Bionic
Changelog
glib2.0 (2.56.4-0ubuntu0.18.04.4) bionic-security; urgency=medium
* SECURITY UPDATE: Not properly restrict directory and file permissions
- debian/patches/CVE-2019-13012.patch: changes the permissions when
a directory is created, using 700 instead 777 in
gio/gkeyfilesettingsbackend.c and changes test to run in a temp
directory in gio/tests/gsettings.c.
- CVE-2019-13012
-- <email address hidden> (Leonidas S. Barbosa) Wed, 03 Jul 2019 15:50:24 -0300
|
Source diff to previous version |
CVE-2019-13012 |
The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.59.1 creates directories using g_file_make_directory_with_parents (kfsb->dir, NULL, |
|
glib2.0 (2.56.4-0ubuntu0.18.04.3) bionic-security; urgency=medium
* SECURITY UPDATE: Less restrictive permissions during copying
- debian/patches/CVE-2019-12450.patch: limit access to file when
copying in file_copy_fallback in file gio/gfile.c.
- CVE-2019-12450
-- <email address hidden> (Leonidas S. Barbosa) Wed, 05 Jun 2019 13:47:02 -0300
|
Source diff to previous version |
CVE-2019-12450 |
file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progre |
|
glib2.0 (2.56.4-0ubuntu0.18.04.2) bionic; urgency=medium
* Backport upstream patches to fix GVariant alignment tests
d/p/gvariant-test-Also-force-alignment-for-tuple-test-data.patch,
d/p/tests-Allocate-gvariant-data-from-the-heap-to-guarantee-a.patch:
Cherry-pick.
|
Source diff to previous version |
glib2.0 (2.56.3-0ubuntu0.18.04.1) bionic; urgency=medium
* New upstream release (LP: #1794544)
+ The documentation for G_GNUC_MALLOC has changed to be more restrictive
to avoid miscompilations; you should check whether any uses of it in
your code are appropriate
+ Fix cancellation of g_subprocess_communicate_async() calls
+ Bug fixes:
+ /network-monitor/create-in-thread fails in (LXC) containers on glib-2-56
+ GBookmarkFile: nullptr access in current_element
+ GBookmarkFile: heap-buffer-overflow in g_utf8_get_char
+ Backport g_subprocess_communicate() cancellation fixes from !266 to
glib-2-56 (LP: #1789476)
+ Many uses of G_GNUC_MALLOC are incorrect
+ Test for BROKEN_IP_MREQ_SOURCE_STRUCT is broken on Windows / Mingw
+ Fix persistent CI failure on glib-2-56
* debian/watch: Only find 2.56 versions.
* Drop CVE-2018-16428.patch and CVE-2018-16429.patch: applied in this release
-- Iain Lane <email address hidden> Wed, 26 Sep 2018 17:35:59 +0100
|
Source diff to previous version |
1794544 |
[SRU] 2.56.3 |
1789476 |
glib apps using GSubprocess communicate might crash on g_subprocess_communicate_cancelled |
CVE-2018-16428 |
In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference. |
CVE-2018-16429 |
GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str(). |
|
glib2.0 (2.56.2-0ubuntu0.18.04.2) bionic-security; urgency=medium
* SECURITY UPDATE: NULL pointer deference
- debian/patches/CVE-2018-16428.patch: fix in glib/gmarkup.c,
glib/tests/Makefile.am,
glib/tests/markups/fail-51.expected,
glib/tests/markups/fail-51.gmarkup.
- CVE-2018-16428
* SECURITY UPDATE: Read out-of-bounds
- debian/patches/CVE-2018-16429.patch: fix in glib/gmarkup.c and
glib/tests/Makefile.am,
glib/tests/markups/fail-50.expected,
glib/tests/markups/fail-50.gmarkup.
- CVE-2018-16429
-- <email address hidden> (Leonidas S. Barbosa) Mon, 17 Sep 2018 09:52:54 -0300
|
CVE-2018-16428 |
In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference. |
CVE-2018-16429 |
GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str(). |
|
About
-
Send Feedback to @ubuntu_updates