UbuntuUpdates.org

Package "libglib2.0-dev-bin"

Name: libglib2.0-dev-bin

Description:

Development utilities for the GLib library

Latest version: 2.64.6-1~ubuntu20.04.8
Release: focal (20.04)
Level: updates
Repository: main
Head package: glib2.0
Homepage: http://www.gtk.org/

Links


Download "libglib2.0-dev-bin"


Other versions of "libglib2.0-dev-bin" in Focal

Repository Area Version
base main 2.64.2-1~fakesync1
security main 2.64.6-1~ubuntu20.04.8

Changelog

Version: 2.64.6-1~ubuntu20.04.2 2021-03-08 20:07:34 UTC

  glib2.0 (2.64.6-1~ubuntu20.04.2) focal-security; urgency=medium

  * SECURITY UPDATE: g_byte_array_new_take length truncation
    - debian/patches/CVE-2021-2721x/CVE-2021-27218.patch: do not accept too
      large byte arrays in glib/garray.c, glib/gbytes.c,
      glib/tests/bytes.c.
    - CVE-2021-27218
  * SECURITY UPDATE: integer overflow in g_bytes_new
    - debian/patches/CVE-2021-2721x/CVE-2021-27219*.patch: add internal
      g_memdup2() function and use it instead of g_memdup() in a bunch of
      places.
    - CVE-2021-27219

 -- Marc Deslauriers <email address hidden> Tue, 02 Mar 2021 12:28:09 -0500

Source diff to previous version
CVE-2021-27218 An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a
CVE-2021-27219 An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms du

Version: 2.64.6-1~ubuntu20.04.1 2021-01-28 16:06:19 UTC

  glib2.0 (2.64.6-1~ubuntu20.04.1) focal; urgency=medium

  [ Iain Lane ]
  * New upstream release (LP: #1907433), fixing bugs:
    - Ensure g_subprocess_communicate_async() never blocks
    - Fix large writes in gfileutils
    - Fix splice behavior on cancellation
    - gdatetime: Avoid integer overflow creating dates too far in the past
    - gdesktopappinfo: Fix unnecessarily copied and leaked URI list
    - gthreadedresolver: faulty logic in parse_res_txt
    - gtk3/glib crash on gimp
    - gvariant: Ensure GVS.depth is initialised
    - trash portal: Handle portal failures
  * gbp.conf: Set upstream branch to upstream/2.64.x
  * Drop patches applied upstream:
    - glib-compile-resources-Fix-exporting-on-Visual-Studio.patch
    - gdesktopappinfo-Fix-unnecessarily-copied-and-leaked-URI-l.patch
  * Revert changes from Debian which we don't need in this SRU:
    + Revert "d/tests/build: Don't exercise static linking for GIO"
    + control{,.in}: Re-lower libmount BD version.
      The problems that prompted this to be raised happened post-focal.

 -- Iain Lane <email address hidden> Wed, 09 Dec 2020 11:23:14 +0000

Source diff to previous version
1907433 [SRU] New stable release 2.64.6

Version: 2.64.3-1~ubuntu20.04.1 2020-07-07 23:07:08 UTC

  glib2.0 (2.64.3-1~ubuntu20.04.1) focal; urgency=medium

  * No-change backport from unstable / groovy to focal (LP: #1883694)
  * control, gbp.conf: Use the ubuntu/focal branch

1883694 [SRU] New upstream release 2.64.3



About   -   Send Feedback to @ubuntu_updates