[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
glib@2.62.6 is vulnerable to CVE-2021-27218 and CVE-2021-27219
From: |
Léo Le Bouter |
Subject: |
glib@2.62.6 is vulnerable to CVE-2021-27218 and CVE-2021-27219 |
Date: |
Thu, 11 Mar 2021 00:44:06 +0100 |
User-agent: |
Evolution 3.34.2 |
Upstream does not provide fixes for the 2.62.x series so we need to
backport ourselves.
I would rather switch to upstream-supported version (2.66.x or later)
as backporting patches does not appear sustainable for us, we already
have enough on our plate.
See:
- https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1942 (CVE-2021-
27218)
- https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1944 (CVE-2021-
27218)
- https://gitlab.gnome.org/GNOME/glib/-/issues/2319 (CVE-2021-27219)
Léo
signature.asc
Description: This is a digitally signed message part
- glib@2.62.6 is vulnerable to CVE-2021-27218 and CVE-2021-27219,
Léo Le Bouter <=