UbuntuUpdates.org

Package "glib2.0"

Name: glib2.0

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • GLib library of C routines
  • Programs for the GLib library
  • Common files for GLib library
  • Development files for the GLib library
Latest version: 2.72.4-0ubuntu2.5
Release: jammy (22.04)
Level: updates
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "glib2.0" in Jammy

Repository Area Version
base main 2.72.1-1
base universe 2.72.1-1
security main 2.72.4-0ubuntu2.5
security universe 2.72.4-0ubuntu2.5
updates universe 2.72.4-0ubuntu2.5
proposed main 2.72.4-0ubuntu2.6
proposed universe 2.72.4-0ubuntu2.6

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.72.4-0ubuntu2.5 2025-05-26 15:07:52 UTC

  glib2.0 (2.72.4-0ubuntu2.5) jammy-security; urgency=medium

  * SECURITY UPDATE: Integer Overflow
    - debian/patches/CVE-2025-4373-1.patch: carefully handle gssize
      in glib/gstring.c.
    - debian/patches/CVE-2025-4373-2.patch: make len_unsigned
      unsigned in glib/gstring.c
    - CVE-2025-4373

 -- Leonidas Da Silva Barbosa <email address hidden> Mon, 12 May 2025 05:34:39 -0300
Source diff to previous version
CVE-2025-4373 A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert

Version: 2.72.4-0ubuntu2.4 2024-11-18 20:06:57 UTC

  glib2.0 (2.72.4-0ubuntu2.4) jammy-security; urgency=medium

  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2024-52533.patch: fix a single byte buffer
      overflow in connect messages in gio/gsocks4aproxy.c.
    - CVE-2024-52533

 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 13 Nov 2024 14:54:48 -0300
Source diff to previous version
CVE-2024-52533 gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient f

Version: 2.72.4-0ubuntu2.3 2024-05-09 15:07:12 UTC

  glib2.0 (2.72.4-0ubuntu2.3) jammy-security; urgency=medium

  [ Marco Trevisan (Treviño) ]
  * debian/patches: Backport patches to handle CVE-2024-34397

  [ Marc Deslauriers ]
  * debian/patches/gdbusconnection-regression.patch: fix ibus regression.
  * debian/control*: added Breaks for gnome-shell without regression fix.

 -- Marc Deslauriers <email address hidden> Wed, 08 May 2024 13:22:46 -0400
Source diff to previous version
CVE-2024-34397 An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trus

Version: 2.72.4-0ubuntu2.2 2023-06-14 16:07:05 UTC

  glib2.0 (2.72.4-0ubuntu2.2) jammy-security; urgency=medium

  * SECURITY UPDATE: multiple GVariant security issues
    - debian/patches/gvariant-security-*.patch: backported upstream fixes
      for GVariant normalization issues.
    - CVE-2023-24593, CVE-2023-29499, CVE-2023-25180, CVE-2023-32611,
      CVE-2023-32636, CVE-2023-32643, CVE-2023-32665

 -- Marc Deslauriers <email address hidden> Thu, 08 Jun 2023 10:15:59 -0400
Source diff to previous version
CVE-2023-29499 GVariant offset table entry size is not checked in is_normal()
CVE-2023-32611 g_variant_byteswap() can take a long time with some non-normal inputs
CVE-2023-32665 GVariant deserialisation does not match spec for non-normal data

Version: 2.72.4-0ubuntu2 2023-04-27 23:07:09 UTC

  glib2.0 (2.72.4-0ubuntu2) jammy; urgency=medium

  * d/p/0001-gio-Make-portal-support-aware-of-snaps.patch:
    - Make portal support aware of snaps (LP: #1998267)

 -- Robert Ancell <email address hidden> Wed, 22 Mar 2023 15:52:13 +1300
1998267 glib not aware of snap confinement


About   -   Send Feedback to @ubuntu_updates