Package "libglib2.0-doc"

  glib2.0 (2.64.6-1~ubuntu20.04.2) focal-security; urgency=medium

  * SECURITY UPDATE: g_byte_array_new_take length truncation
    - debian/patches/CVE-2021-2721x/CVE-2021-27218.patch: do not accept too
      large byte arrays in glib/garray.c, glib/gbytes.c,
      glib/tests/bytes.c.
    - CVE-2021-27218
  * SECURITY UPDATE: integer overflow in g_bytes_new
    - debian/patches/CVE-2021-2721x/CVE-2021-27219*.patch: add internal
      g_memdup2() function and use it instead of g_memdup() in a bunch of
      places.
    - CVE-2021-27219

 -- Marc Deslauriers <email address hidden> Tue, 02 Mar 2021 12:28:09 -0500

  glib2.0 (2.64.6-1~ubuntu20.04.1) focal; urgency=medium

  [ Iain Lane ]
  * New upstream release (LP: #1907433), fixing bugs:
    - Ensure g_subprocess_communicate_async() never blocks
    - Fix large writes in gfileutils
    - Fix splice behavior on cancellation
    - gdatetime: Avoid integer overflow creating dates too far in the past
    - gdesktopappinfo: Fix unnecessarily copied and leaked URI list
    - gthreadedresolver: faulty logic in parse_res_txt
    - gtk3/glib crash on gimp
    - gvariant: Ensure GVS.depth is initialised
    - trash portal: Handle portal failures
  * gbp.conf: Set upstream branch to upstream/2.64.x
  * Drop patches applied upstream:
    - glib-compile-resources-Fix-exporting-on-Visual-Studio.patch
    - gdesktopappinfo-Fix-unnecessarily-copied-and-leaked-URI-l.patch
  * Revert changes from Debian which we don't need in this SRU:
    + Revert "d/tests/build: Don't exercise static linking for GIO"
    + control{,.in}: Re-lower libmount BD version.
      The problems that prompted this to be raised happened post-focal.

 -- Iain Lane <email address hidden> Wed, 09 Dec 2020 11:23:14 +0000

  glib2.0 (2.64.3-1~ubuntu20.04.1) focal; urgency=medium

  * No-change backport from unstable / groovy to focal (LP: #1883694)
  * control, gbp.conf: Use the ubuntu/focal branch