RHSA-2021:4526: Important: mingw-glib2 security, bug fix, and enhancement update
First published: Tue Nov 09 2021(Updated: )
GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures.<br>The following packages have been upgraded to a later upstream version: mingw-glib2 (2.66.7). (BZ#1935248, BZ#1939111)<br>Security Fix(es):<br><li> glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (CVE-2021-27219)</li> <li> glib: integer overflow in g_byte_array_new_take function when called with a buffer of 4GB or more on a 64-bit platform (CVE-2021-27218)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Additional Changes:<br>For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/mingw-glib2 | <2.66.7-2.el8 | 2.66.7-2.el8 |
| redhat/mingw32-glib2 | <2.66.7-2.el8 | 2.66.7-2.el8 |
| redhat/mingw32-glib2-debuginfo | <2.66.7-2.el8 | 2.66.7-2.el8 |
| redhat/mingw32-glib2-static | <2.66.7-2.el8 | 2.66.7-2.el8 |
| redhat/mingw64-glib2 | <2.66.7-2.el8 | 2.66.7-2.el8 |
| redhat/mingw64-glib2-debuginfo | <2.66.7-2.el8 | 2.66.7-2.el8 |
| redhat/mingw64-glib2-static | <2.66.7-2.el8 | 2.66.7-2.el8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=1929847
- https://bugzilla.redhat.com/show_bug.cgi?id=1929858
- https://access.redhat.com/security/updates/classification/#important
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/
- https://access.redhat.com/errata/RHSA-2021:4526 (Advisory)
Frequently Asked Questions
What is the severity of RHSA-2021:4526?
The severity of RHSA-2021:4526 is classified as important.
How do I fix RHSA-2021:4526?
You can fix RHSA-2021:4526 by updating the affected packages to version 2.66.7-2.el8.
Which packages are affected by RHSA-2021:4526?
Affected packages include mingw-glib2, mingw32-glib2, mingw32-glib2-debuginfo, mingw32-glib2-static, mingw64-glib2, mingw64-glib2-debuginfo, and mingw64-glib2-static.
What functionality does GLib provide that is relevant to RHSA-2021:4526?
GLib provides core application building blocks for libraries and applications written in C, including the core object system and utility functions.
Is there any specific software source for the packages related to RHSA-2021:4526?
Yes, the packages related to RHSA-2021:4526 are sourced from Red Hat.
- agent/severity
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/remedy
- agent/title
- agent/weakness
- agent/references
- agent/description
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2021:4526
- agent/software-canonical-lookup
- agent/event
- agent/trending
- agent/tags
- agent/source
- package-manager/redhat