You are here
Home > Preporuke > Sigurnosni nedostatak programske biblioteke glib2

Sigurnosni nedostatak programske biblioteke glib2

——————————————————————————–
Fedora Update Notification
FEDORA-2020-092ef6572a
2020-02-23 01:09:04.861235
——————————————————————————–

Name : glib2
Product : Fedora 30
Version : 2.60.7
Release : 3.fc30
URL : http://www.gtk.org
Summary : A library of handy utility functions
Description :
GLib is the low-level core library that forms the basis for projects
such as GTK+ and GNOME. It provides data structure handling for C,
portability wrappers, and interfaces for such runtime functionality
as an event loop, threads, dynamic loading, and an object system.

——————————————————————————–
Update Information:

Add patch for CVE-2020-6750 and related issues.
——————————————————————————–
ChangeLog:

* Fri Feb 7 2020 Michael Catanzaro <mcatanzaro@redhat.com> – 2.60.7-3
– Add patch for CVE-2020-6750 and related issues.
* Wed Nov 13 2019 Christian Krause <chkr@fedoraproject.org> – 2.60.7-2
– Fix libdbus client authentication failures (BZ #1762455,
https://gitlab.gnome.org/GNOME/glib/issues/1831)
* Mon Sep 2 2019 Kalev Lember <klember@redhat.com> – 2.60.7-1
– Update to 2.60.7
* Wed Jul 24 2019 Pete Walter <pwalter@fedoraproject.org> – 2.60.6-1
– Update to 2.60.6
* Tue Jul 9 2019 Kalev Lember <klember@redhat.com> – 2.60.5-1
– Update to 2.60.5
* Tue Jun 11 2019 Kalev Lember <klember@redhat.com> – 2.60.4-1
– Update to 2.60.4
* Tue May 21 2019 Kalev Lember <klember@redhat.com> – 2.60.3-1
– Update to 2.60.3
* Fri May 3 2019 Kalev Lember <klember@redhat.com> – 2.60.2-1
– Update to 2.60.2
——————————————————————————–
References:

[ 1 ] Bug #1790288 – CVE-2020-6750 glib: Mishandling of proxy_addr field in GSocketClient may lead to proxy being ignored
https://bugzilla.redhat.com/show_bug.cgi?id=1790288
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-092ef6572a’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa nghttp2

Otkriven je sigurnosni nedostatak u programskom paketu nghttp2 za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje izvođenje XSS napada....

Close