UbuntuUpdates.org

Package "glib2.0"

Name: glib2.0

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Introspection data for GIRepository library, API version 3.0
  • GIR XML for GIRepository library, API version 3.0
  • Introspection data for GLib, GObject, Gio and GModule
  • GIR XML for GLib, GObject, Gio and GModule
Latest version: 2.86.0-2ubuntu0.1
Release: questing (25.10)
Level: security
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "glib2.0" in Questing

Repository Area Version
base main 2.86.0-2
base universe 2.86.0-2
security universe 2.86.0-2ubuntu0.1
updates main 2.86.0-2ubuntu0.1
updates universe 2.86.0-2ubuntu0.1
PPA: Ubuntu-desktop ppa 2.86.0-2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.86.0-2ubuntu0.1 2026-01-06 19:08:59 UTC

  glib2.0 (2.86.0-2ubuntu0.1) questing-security; urgency=medium

  * SECURITY UPDATE: heap overflow in g_escape_uri_string()
    - debian/patches/CVE-2025-13601.patch: add overflow check in
      glib/gconvert.c.
    - CVE-2025-13601
  * SECURITY UPDATE: buffer underflow through glib/gvariant
    - debian/patches/CVE-2025-14087-1.patch: fix potential integer overflow
      parsing (byte)strings in glib/gvariant-parser.c.
    - debian/patches/CVE-2025-14087-2.patch: use size_t to count numbers of
      child elements in glib/gvariant-parser.c.
    - debian/patches/CVE-2025-14087-3.patch: convert error handling code to
      use size_t in glib/gvariant-parser.c.
    - CVE-2025-14087
  * SECURITY UPDATE: integer overflow in gfileattribute
    - debian/patches/gfileattribute-overflow.patch: add overflow check in
      gio/gfileattribute.c.
    - No CVE number

 -- Marc Deslauriers <email address hidden> Wed, 10 Dec 2025 10:20:04 -0500
CVE-2025-13601 A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the
CVE-2025-14087 A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potenti


About   -   Send Feedback to @ubuntu_updates