glib-2.0: fix CVE-2025-4373 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Praveen Kumar <praveen.kumar@windriver.com>	2025-05-16 17:14:21 +0530
committer	Steve Sakoman <steve@sakoman.com>	2025-05-27 09:38:57 -0700
commit	4ff1ba9c72b2a73f792cb706711e8596f5f2657b (patch)
tree	51a5f3ecec0f3d52350175f31400df4f51ff111a /scripts/lib/scriptutils.py
parent	f80b122315a3a8168152c0cee5a004761c602073 (diff)
download	poky-4ff1ba9c72b2a73f792cb706711e8596f5f2657b.tar.gz

glib-2.0: fix CVE-2025-4373

A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite. References: https://nvd.nist.gov/vuln/detail/CVE-2025-4373 https://security-tracker.debian.org/tracker/CVE-2025-4373 Upstream-patches: https://gitlab.gnome.org/GNOME/glib/-/commit/cc647f9e46d55509a93498af19659baf9c80f2e3 https://gitlab.gnome.org/GNOME/glib/-/commit/4d435bb4809793c445846db8fb87e3c9184c4703 (From OE-Core rev: 02e2f5211962394ec3d66882daab240cb465ef85) Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'scripts/lib/scriptutils.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: