[Git][security-tracker-team/security-tracker][master] Add initial tracking for glib2.0 issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jun 30 20:30:34 BST 2026



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
40392531 by Salvatore Bonaccorso at 2026-06-30T21:29:59+02:00
Add initial tracking for glib2.0 issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -67,19 +67,33 @@ CVE-2026-58138 (Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticate
 CVE-2026-58116 (LLaMA-Factory through 0.9.5 contains a remote code execution vulnerabi ...)
 	TODO: check
 CVE-2026-58016 (A flaw was found in GLib. A state confusion issue exists in g_dbus_nod ...)
-	TODO: check
+	- glib2.0 <unfixed>
+	NOTE: https://gitlab.gnome.org/GNOME/glib/-/work_items/3932
+	NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/5156 (2.89.0)
 CVE-2026-58015 (A flaw was found in GLib. The D-Bus client-side implementation of the  ...)
-	TODO: check
+	- glib2.0 <unfixed>
+	NOTE: https://gitlab.gnome.org/GNOME/glib/-/work_items/3931
+	NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/5172 (2.89.0)
 CVE-2026-58014 (A flaw was found in GLib. An off-by-one error can occur in the g_key_f ...)
-	TODO: check
+	- glib2.0 <unfixed>
+	NOTE: https://gitlab.gnome.org/GNOME/glib/-/work_items/3930
+	NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/5171 (2.89.0)
 CVE-2026-58013 (A flaw was found in GLib. A buffer over-read can occur in g_io_channel ...)
-	TODO: check
+	- glib2.0 <unfixed>
+	NOTE: https://gitlab.gnome.org/GNOME/glib/-/work_items/3925
+	NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/5170 (2.89.0)
 CVE-2026-58012 (A flaw was found in GLib. A buffer over-read can occur in the g_regex_ ...)
-	TODO: check
+	- glib2.0 <unfixed>
+	NOTE: https://gitlab.gnome.org/GNOME/glib/-/work_items/3918
+	NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/5132 (2.89.0)
 CVE-2026-58011 (A flaw was found in GLib. An out-of-bounds read of only 2 bytes can oc ...)
-	TODO: check
+	- glib2.0 <unfixed>
+	NOTE: https://gitlab.gnome.org/GNOME/glib/-/work_items/3917
+	NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/5131 (2.89.0)
 CVE-2026-58010 (A flaw was found in GLib. An off-by-one error can occur in the gvs_tup ...)
-	TODO: check
+	- glib2.0 <unfixed>
+	NOTE: https://gitlab.gnome.org/GNOME/glib/-/work_items/3915
+	NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/5129 (2.89.0)
 CVE-2026-54475 (Missing Authorization vulnerability in Apache ActiveMQ Broker, Apache  ...)
 	TODO: check
 CVE-2026-53917 (Memory Allocation with Excessive Size Value vulnerability in Apache Ac ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/40392531da50695b69149c48faa0c4e724b6b17e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/40392531da50695b69149c48faa0c4e724b6b17e
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260630/837224d6/attachment.htm>


More information about the debian-security-tracker-commits mailing list