[arch-dev-public] [signoff] glib2 2.16.0 (security issue)
This release fixes a security issue: glib/gbase64.c: Avoid integer overflows in the base64 29 functions. Fixes CVE-2008-4316 This is a major version update that should be compatible with the old 2.14 series and is a requirement for GNOME 2.26. Please signoff for both architectures.
On Mon, 23 Mar 2009 08:52:46 +0100 Jan de Groot <jan@jgc.homeip.net> wrote:
This release fixes a security issue: glib/gbase64.c: Avoid integer overflows in the base64 29 functions. Fixes CVE-2008-4316
This is a major version update that should be compatible with the old 2.14 series and is a requirement for GNOME 2.26. Please signoff for both architectures.
Installed and every application (firefox, xchat, pidgin, etc.) is running fine. Signoff x86_64. Daniel
Am Montag 23 März 2009 08:52:46 schrieb Jan de Groot:
This release fixes a security issue: glib/gbase64.c: Avoid integer overflows in the base64 29 functions. Fixes CVE-2008-4316
This is a major version update that should be compatible with the old 2.14 series and is a requirement for GNOME 2.26. Please signoff for both architectures.
If you meant glib2-2.20.0-1 I'll sign-off for both arches. -- Pierre Schmitz Clemens-August-Straße 76 53115 Bonn Telefon 0228 9716608 Mobil 0160 95269831 Jabber pierre@jabber.archlinux.de WWW http://www.archlinux.de
On Tue, 2009-03-24 at 17:11 +0100, Pierre Schmitz wrote:
Am Montag 23 März 2009 08:52:46 schrieb Jan de Groot:
This release fixes a security issue: glib/gbase64.c: Avoid integer overflows in the base64 29 functions. Fixes CVE-2008-4316
This is a major version update that should be compatible with the old 2.14 series and is a requirement for GNOME 2.26. Please signoff for both architectures.
If you meant glib2-2.20.0-1 I'll sign-off for both arches.
Yes, that's what I actually meant :D gtk2 has this version, that's what caused the confusion.
participants (3)
-
Daniel Isenmann
-
Jan de Groot
-
Pierre Schmitz