[ubuntu/noble-security] glib2.0 2.80.0-6ubuntu3.8 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Thu Feb 5 13:04:24 UTC 2026
glib2.0 (2.80.0-6ubuntu3.8) noble-security; urgency=medium
* SECURITY UPDATE: integer overflow in Base64 encoding
- debian/patches/CVE-2026-1484-1.patch: use gsize to prevent potential
overflow in glib/gbase64.c.
- debian/patches/CVE-2026-1484-2.patch: ensure that the out value is
within allocated size in glib/gbase64.c.
- CVE-2026-1484
* SECURITY UPDATE: buffer underflow via header length
- debian/patches/CVE-2026-1485.patch: do not overflow if header is
longer than MAXINT in gio/gcontenttype.c.
- CVE-2026-1485
* SECURITY UPDATE: integer overflow via Unicode case conversion
- debian/patches/CVE-2026-1489-1.patch: use size_t for output_marks
length in glib/guniprop.c.
- debian/patches/CVE-2026-1489-2.patch: do not convert size_t to gint
in glib/guniprop.c.
- debian/patches/CVE-2026-1489-3.patch: ensure we do not overflow size
in glib/guniprop.c.
- debian/patches/CVE-2026-1489-4.patch: add test debug information when
parsing input files in glib/tests/unicode.c.
- CVE-2026-1489
Date: 2026-01-28 19:13:12.424776+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/glib2.0/2.80.0-6ubuntu3.8
-------------- next part --------------
Sorry, changesfile not available.
More information about the noble-changes
mailing list