|
|
Log in / Subscribe / Register

Debian alert DLA-3962-1 (glib2.0)



From:
              Adrian Bunk <bunk@debian.org>


To:
              debian-lts-announce@lists.debian.org


Subject:
              [SECURITY] [DLA 3962-1] glib2.0 security update


Date:
              Sat, 23 Nov 2024 21:02:47 +0200


Message-ID:
              <Z0Im1x3BI4mN7wO4@localhost>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3962-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                          Adrian Bunk
November 23, 2024                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : glib2.0
Version        : 2.66.8-1+deb11u5
CVE ID         : CVE-2024-52533
Debian Bug     : 1087419

A buffer overflow with long SOCKS4a proxy hostname and username has been 
fixed in the GNOME Input/Output library (GIO).

For Debian 11 bullseye, this problem has been fixed in version
2.66.8-1+deb11u5.

We recommend that you upgrade your glib2.0 packages.

For the detailed security status of glib2.0 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/glib2.0

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmdCJtcACgkQiNJCh6LY
mLF5WBAAz0dG6NddDf4o4n3UD+YLZ0leIkU+sMHIsLtXCJv7RcHHtjaq3t/rsySM
WkP/bXy/9nDD1TISm0Xbw0kvd1P95F3mZRxrhTnwngGRnMF4Ylxa1hfkAcC+7NSF
d3eL+A2QcUh0sT1lw8iFxxLo9tpIh2Mekz1azBo8TkuC76F3hFTjJ7UjpdkWI5Fa
oiZcY6gp6BvUjtsznfMacYOfGpT3DT+r9rpkqOGo+pTDgTKBLRf5tpgj4crOjI3c
13qFCXDxGvtiQV0D0ErYiNS7JuNVQJVn3eroyfaemDGL5HrTuQDoBoTYhwD2pqLj
wkGWMLYpMCVz6w+6jvpR9iUHaLBk/6qqvuMq8ogKp8+F4fJYkwa2HaXzLclK8hgP
bFCcMruilS+6OawkryEN4zoVPtpfkfP88hBFIitYaMRY7wHoSXwAjuWwhzEM8o1e
Mm9hmdRLefMm9a+f2EYsQBn57a2c47qDt69u3aZR76US6viidU/a7IMgEWUYC8CB
JBBscpF2oi9G2Y2chQrU5+oz7P9p9W/26zkG9/ZadsPvekVZFyyWZyDOIIcxavrz
BgiP5EXbSIRkkoCoh5CsqRPRcRF4am74QoGjabf2WQX+ghFrOny1SWeG29pZZNr/
2rTQpiAarclv3pU/hz8+ETn9ZDgHxcNbmrGVpLNBcl3qELMa1z4=
=JWnx
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds