UbuntuUpdates.org

Package "gir1.2-girepository-3.0-dev"

Name: gir1.2-girepository-3.0-dev

Description:

GIR XML for GIRepository library, API version 3.0

Latest version: 2.80.0-6ubuntu3.2
Release: noble (24.04)
Level: security
Repository: main
Head package: glib2.0
Homepage: https://wiki.gnome.org/Projects/GLib

Links


Download "gir1.2-girepository-3.0-dev"


Other versions of "gir1.2-girepository-3.0-dev" in Noble

Repository Area Version
base main 2.80.0-6ubuntu1
updates main 2.80.0-6ubuntu3.2

Changelog

Version: 2.80.0-6ubuntu3.2 2024-11-18 19:07:18 UTC

  glib2.0 (2.80.0-6ubuntu3.2) noble-security; urgency=medium

  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2024-52533.patch: fix a single byte buffer
      overflow in connect messages in gio/gsocks4aproxy.c.
    - CVE-2024-52533

 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 13 Nov 2024 14:42:10 -0300

Source diff to previous version
CVE-2024-52533 gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient f

Version: 2.80.0-6ubuntu3.1 2024-05-09 15:07:19 UTC

  glib2.0 (2.80.0-6ubuntu3.1) noble-security; urgency=medium

  * SECURITY UPDATE: GDBus signal subscription mishandling
    - debian/patches/CVE-2024-34397-*.patch: upstream commits.
    - debian/control: added Breaks for gnome-shell without regression fix.
    - CVE-2024-34397

 -- Marc Deslauriers <email address hidden> Tue, 07 May 2024 13:30:21 -0400

CVE-2024-34397 An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trus



About   -   Send Feedback to @ubuntu_updates