CLSA-2023-1697135256

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2023-1697135256.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2023-1697135256

Upstream

CVE-2023-29499

CVE-2023-32611

CVE-2023-32636

CVE-2023-32643

CVE-2023-32665

Published

2023-10-12T18:27:40Z

Modified

2026-06-01T00:33:17.217704145Z

Summary

glib2: Fix of 5 CVEs

Details

CVE-2023-29499: Fix GVariant offset table entry size which is not checked in is_normal()
CVE-2023-32611: Fix an issue where gvariantbyteswap() can take a long time with some non-normal inputs
CVE-2023-32665: Fix GVariant deserialisation which does not match spec for non-normal data
CVE-2023-32636: Fix a wrong timeout in fuzzvarianttext()
CVE-2023-32643: Fix a heap-buffer-overflow in gvariantserialisedgetchild()
Fix gtestbug assertion in gvariant test

References

https://errata.cloudlinux.com/centos7-els/CLSA-2023-1697135256.html

Affected packages

TuxCare:CentOS:7

glib2

Package

Name: glib2
Purl: pkg:rpm/tuxcare/glib2?distro=centos-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.56.1-9.el7_9.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2023-1697135256.json"

glib2-devel

Package

Name: glib2-devel
Purl: pkg:rpm/tuxcare/glib2-devel?distro=centos-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.56.1-9.el7_9.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2023-1697135256.json"

glib2-doc

Package

Name: glib2-doc
Purl: pkg:rpm/tuxcare/glib2-doc?distro=centos-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.56.1-9.el7_9.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2023-1697135256.json"

glib2-fam

Package

Name: glib2-fam
Purl: pkg:rpm/tuxcare/glib2-fam?distro=centos-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.56.1-9.el7_9.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2023-1697135256.json"

glib2-static

Package

Name: glib2-static
Purl: pkg:rpm/tuxcare/glib2-static?distro=centos-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.56.1-9.el7_9.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2023-1697135256.json"

glib2-tests

Package

Name: glib2-tests
Purl: pkg:rpm/tuxcare/glib2-tests?distro=centos-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.56.1-9.el7_9.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2023-1697135256.json"