UbuntuUpdates.org

Package "libgio-2.0-dev-bin"

Name: libgio-2.0-dev-bin

Description:

Development utilities for GLib, GObject and GIO libraries
Latest version: 2.84.1-1ubuntu0.2
Release: plucky (25.04)
Level: security
Repository: main
Head package: glib2.0
Homepage: https://wiki.gnome.org/Projects/GLib

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "libgio-2.0-dev-bin"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "libgio-2.0-dev-bin" in Plucky

Repository Area Version
updates main 2.84.1-1ubuntu0.2

Changelog

Version: 2.84.1-1ubuntu0.2 2026-01-06 19:08:54 UTC

  glib2.0 (2.84.1-1ubuntu0.2) plucky-security; urgency=medium

  * SECURITY UPDATE: GString overflow
    - debian/patches/CVE-2025-6052.patch: fix overflow check when expanding
      the string in glib/gstring.c.
    - CVE-2025-6052
  * SECURITY UPDATE: integer overflow in temp file creation
    - debian/patches/CVE-2025-7039.patch: fix computation of temporary file
      name in glib/gfileutils.c.
    - CVE-2025-7039
  * SECURITY UPDATE: heap overflow in g_escape_uri_string()
    - debian/patches/CVE-2025-13601.patch: add overflow check in
      glib/gconvert.c.
    - CVE-2025-13601
  * SECURITY UPDATE: buffer underflow through glib/gvariant
    - debian/patches/CVE-2025-14087-1.patch: fix potential integer overflow
      parsing (byte)strings in glib/gvariant-parser.c.
    - debian/patches/CVE-2025-14087-2.patch: use size_t to count numbers of
      child elements in glib/gvariant-parser.c.
    - debian/patches/CVE-2025-14087-3.patch: convert error handling code to
      use size_t in glib/gvariant-parser.c.
    - CVE-2025-14087
  * SECURITY UPDATE: integer overflow in gfileattribute
    - debian/patches/gfileattribute-overflow.patch: add overflow check in
      gio/gfileattribute.c.
    - No CVE number

 -- Marc Deslauriers <email address hidden> Wed, 10 Dec 2025 10:28:39 -0500
Source diff to previous version
CVE-2025-6052 A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input ca
CVE-2025-7039 A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potenti
CVE-2025-13601 A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the
CVE-2025-14087 A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potenti

Version: 2.84.1-1ubuntu0.1 2025-05-26 12:07:28 UTC

  glib2.0 (2.84.1-1ubuntu0.1) plucky-security; urgency=medium

  * SECURITY UPDATE: Integer Overflow
    - debian/patches/CVE-2025-4373-1.patch: carefully handle gssize
      in glib/gstring.c.
    - debian/patches/CVE-2025-4373-2.patch: make len_unsigned
      unsigned in glib/gstring.c
    - CVE-2025-4373

 -- Leonidas Da Silva Barbosa <email address hidden> Mon, 12 May 2025 05:09:09 -0300
CVE-2025-4373 A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert


About   -   Send Feedback to @ubuntu_updates