{"id":"CLSA-2023-1697740212","summary":"glib2: Fix of 5 CVEs","details":"- Enable internal tests\n- Skip several failed tests from the check\n- CVE-2023-29499: Fix GVariant offset table entry size which is not checked\n  in is_normal()\n- CVE-2023-32611: Fix an issue where g_variant_byteswap() can take a long time\n  with some non-normal inputs\n- CVE-2023-32665: Fix GVariant deserialisation which does not match spec\n  for non-normal data\n- CVE-2023-32636: Fix a wrong timeout in fuzz_variant_text()\n- CVE-2023-32643: Fix a heap-buffer-overflow in g_variant_serialised_get_child()\n- Fix g_test_bug assertion in gvariant test","modified":"2026-06-01T00:33:11.920290046Z","published":"2023-10-19T18:30:17Z","upstream":["CVE-2023-29499","CVE-2023-32611","CVE-2023-32665","CVE-2023-32636","CVE-2023-32643"],"references":[{"type":"ADVISORY","url":"https://errata.cloudlinux.com/centos8.4-els/CLSA-2023-1697740212.html"}],"affected":[{"package":{"name":"glib2","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/glib2?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.56.4-156.el8.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1697740212.json"}},{"package":{"name":"glib2-devel","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/glib2-devel?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.56.4-156.el8.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1697740212.json"}},{"package":{"name":"glib2-doc","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/glib2-doc?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.56.4-156.el8.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1697740212.json"}},{"package":{"name":"glib2-fam","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/glib2-fam?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.56.4-156.el8.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1697740212.json"}},{"package":{"name":"glib2-static","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/glib2-static?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.56.4-156.el8.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1697740212.json"}},{"package":{"name":"glib2-tests","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/glib2-tests?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.56.4-156.el8.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1697740212.json"}}],"schema_version":"1.7.5"}