Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2021-0123)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.1.10.2021.0123

Kategorie: Mageia Linux Local Security Checks

Titel: Mageia: Security Advisory (MGASA-2021-0123)

Zusammenfassung: The remote host is missing an update for the 'glib2.0, mingw-glib2' package(s) announced via the MGASA-2021-0123 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'glib2.0, mingw-glib2' package(s) announced via the MGASA-2021-0123 advisory.

Vulnerability Insight:
* Fix various instances within GLib where `g_memdup()` was vulnerable to a
silent integer truncation and heap overflow problem (discovered by
Kevin Backhouse, work by Philip Withnall) (#2319)

* Fix some issues with handling over-long (invalid) input when parsing for
`GDate` (!1824)

* Don't load GIO modules or parse other GIO environment variables when
`AT_SECURE` is set (i.e. in a setuid/setgid/setcap process). GIO has always
been documented as not being safe to use in privileged processes, but people
persist in using it unsafely, so these changes should harden things against
potential attacks at least a little.
Unfortunately they break a couple of projects which were relying on reading
`DBUS_SESSION_BUS_ADDRESS`, so GIO continues to read that for setgid/setcap
(but not setuid) processes. This loophole will be closed in GLib 2.70
(see issue #2316), which should give modules 6 months to change their behaviour.
(Work by Simon McVittie and Philip Withnall) (#2168, #2305)

* Fix `g_spawn()` searching `PATH` when it wasn't meant to (work by Simon
McVittie and Thomas Haller) (!1913)

Also, this update provides 2.66.7 version that fixes several issues:
* Fix various regressions caused by rushed security fixes in 2.66.6
(work by Simon McVittie and Jan Alexander Steffens) (!1933, !1943)

* Fix a silent integer truncation when calling `g_byte_array_new_take()` for
byte arrays bigger than `G_MAXUINT` (work by Krzesimir Nowak) (!1944)

* Disallow using currently-undefined D-Bus connection or server flags to prevent
forward-compatibility problems with new security-sensitive flags likely to be
released in GLib 2.68 (work by Simon McVittie) (!1945)

Affected Software/OS:
'glib2.0, mingw-glib2' package(s) on Mageia 8.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Copyright Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2021.0123
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2021-0123)
Zusammenfassung:	The remote host is missing an update for the 'glib2.0, mingw-glib2' package(s) announced via the MGASA-2021-0123 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'glib2.0, mingw-glib2' package(s) announced via the MGASA-2021-0123 advisory. Vulnerability Insight: * Fix various instances within GLib where `g_memdup()` was vulnerable to a silent integer truncation and heap overflow problem (discovered by Kevin Backhouse, work by Philip Withnall) (#2319) * Fix some issues with handling over-long (invalid) input when parsing for `GDate` (!1824) * Don't load GIO modules or parse other GIO environment variables when `AT_SECURE` is set (i.e. in a setuid/setgid/setcap process). GIO has always been documented as not being safe to use in privileged processes, but people persist in using it unsafely, so these changes should harden things against potential attacks at least a little. Unfortunately they break a couple of projects which were relying on reading `DBUS_SESSION_BUS_ADDRESS`, so GIO continues to read that for setgid/setcap (but not setuid) processes. This loophole will be closed in GLib 2.70 (see issue #2316), which should give modules 6 months to change their behaviour. (Work by Simon McVittie and Philip Withnall) (#2168, #2305) * Fix `g_spawn()` searching `PATH` when it wasn't meant to (work by Simon McVittie and Thomas Haller) (!1913) Also, this update provides 2.66.7 version that fixes several issues: * Fix various regressions caused by rushed security fixes in 2.66.6 (work by Simon McVittie and Jan Alexander Steffens) (!1933, !1943) * Fix a silent integer truncation when calling `g_byte_array_new_take()` for byte arrays bigger than `G_MAXUINT` (work by Krzesimir Nowak) (!1944) * Disallow using currently-undefined D-Bus connection or server flags to prevent forward-compatibility problems with new security-sensitive flags likely to be released in GLib 2.68 (work by Simon McVittie) (!1945) Affected Software/OS: 'glib2.0, mingw-glib2' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Copyright	Copyright (C) 2022 Greenbone AG