Package | glib2.0 |
---|---|
Version | 2.33.12+really2.32.4-5+deb7u2 |
Related CVEs | CVE-2018-16428 CVE-2018-16429 CVE-2019-13012 |
Several flaws were corrected in glib2.0, a general-purpose C library.
CVE-2018-16428
A NULL pointer dereference may lead to a denial-of-service (application
crash) when parsing a document.
CVE-2018-16429
While parsing an invalid string an out-of-bounds read may occur which can
lead to an access violation error or may have other unspecified impact.
CVE-2019-13012
The keyfile settings backend in GNOME GLib creates directories and files
with insecure permissions. This is similar to CVE-2019-12450.
For Debian 7 Wheezy, these problems have been fixed in version 2.33.12+really2.32.4-5+deb7u2.
We recommend that you upgrade your glib2.0 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.