[CLSA-2026:1783340758] glib2: Fix of 3 CVEs
Type:
security
Severity:
Critical
Release date:
2026-07-06 12:26:17 UTC
Description:
- CVE-2026-58014: fix one-byte heap under-read in g_key_file_get_locale_string_list() on an empty value - CVE-2026-58015: validate the server-supplied cookie_context in the DBUS_COOKIE_SHA1 client to prevent path traversal / arbitrary file read - CVE-2026-58016: fix state-confusion in g_dbus_node_info_new_for_xml() by rejecting a element nested inside a non- parent
Updated packages:
  • glib2-2.56.4-163.el8.tuxcare.els6.i686.rpm
    sha:2976cd7d79c0ad39c83332194bc6897daa6e8a3bbe73e9f5a2f2c5140e7e7501
  • glib2-2.56.4-163.el8.tuxcare.els6.x86_64.rpm
    sha:e3776e4841947163e008c3d32f79b82bc3c07c622500e6891d1e2026d999e903
  • glib2-devel-2.56.4-163.el8.tuxcare.els6.i686.rpm
    sha:19822b6046c96f607a02fb5c76eed92a1015ccaf6243174db1411156e091daff
  • glib2-devel-2.56.4-163.el8.tuxcare.els6.x86_64.rpm
    sha:aa78a58706b3c0c43cce7905d954de8c702b7060034b0e7dfa40383002edead5
  • glib2-doc-2.56.4-163.el8.tuxcare.els6.noarch.rpm
    sha:bccd3f87fea39b45c848cf5f5423dc84cfc8b22c375de724823baba767bbf9e5
  • glib2-fam-2.56.4-163.el8.tuxcare.els6.x86_64.rpm
    sha:b358e140c3ff7c599baf26137123fdb143ab532bb78d12613415835320cfd0bd
  • glib2-static-2.56.4-163.el8.tuxcare.els6.i686.rpm
    sha:db43cbd407fc21905080436634c6f75eb269024522a7d6a89f9794c71b9ae4d3
  • glib2-static-2.56.4-163.el8.tuxcare.els6.x86_64.rpm
    sha:e7827423b36267b7f2d78b65f30223d2448b888d134401f002eb35e21c2ac20c
  • glib2-tests-2.56.4-163.el8.tuxcare.els6.x86_64.rpm
    sha:c1d56bfe63d3b73df8aeac461d5c166600d10f2bcdb10cd6413bd0172fac8f75
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.