ALAS2-2019-1289

Affecting glib2 package, versions <2.56.1-4.amzn2

Report new vulnerabilities
medium severity
Do your applications use this vulnerable package? Test your applications

Overview

Package updates are available for Amazon Linux 2 that fix the following vulnerabilities: CVE-2019-12450: file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used. 1719141: CVE-2019-12450 glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress

References

CVE
ALAS2-2019-1289
Snyk ID
SNYK-AMZN2-GLIB2-484723
Published
13 Nov, 2019