- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1697740947.json
- JSON Data
-
https://api.osv.dev/v1/vulns/CLSA-2023-1697740947
- Upstream
- Published
- 2023-10-19T18:42:31Z
- Modified
- 2026-05-29T01:35:43.271291746Z
- Summary
-
glib2: Fix of 5 CVEs
- Details
-
- Enable internal tests
- Skip several failed tests from the check
- CVE-2023-29499: Fix GVariant offset table entry size which is not checked
in is_normal()
- CVE-2023-32611: Fix an issue where gvariantbyteswap() can take a long time
with some non-normal inputs
- CVE-2023-32665: Fix GVariant deserialisation which does not match spec
for non-normal data
- CVE-2023-32636: Fix a wrong timeout in fuzzvarianttext()
- CVE-2023-32643: Fix a heap-buffer-overflow in gvariantserialisedgetchild()
- Fix gtestbug assertion in gvariant test
- References
-
Affected packages
CLSA-2023-1697740947 - OSV
