RHSA-2021:2147

Affecting glib2 package, versions <0:2.56.1-9.el7_9

Report new vulnerabilities
high severity
Do your applications use this vulnerable package? Test your applications

NVD Description

Note: Versions mentioned in the description apply to the upstream glib2 package. See Remediation section below for Centos:7 relevant versions.

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fix(es): * glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (CVE-2021-27219) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade Centos:7 glib2 to version 0:2.56.1-9.el7_9 or higher.

References

CVE
RHSA-2021:2147
Snyk ID
SNYK-CENTOS7-GLIB2-1298086
Published
31 May, 2021