[arch-dev-public] [signoff] glib2 2.16.0 (security issue)
Jan de Groot
jan at jgc.homeip.net
Tue Mar 24 17:47:15 EDT 2009
On Tue, 2009-03-24 at 17:11 +0100, Pierre Schmitz wrote:
> Am Montag 23 März 2009 08:52:46 schrieb Jan de Groot:
> > This release fixes a security issue:
> > glib/gbase64.c: Avoid integer overflows in the base64 29 functions.
> > Fixes CVE-2008-4316
> > This is a major version update that should be compatible with the old
> > 2.14 series and is a requirement for GNOME 2.26. Please signoff for both
> > architectures.
> If you meant glib2-2.20.0-1 I'll sign-off for both arches.
Yes, that's what I actually meant :D
gtk2 has this version, that's what caused the confusion.
More information about the arch-dev-public