Bug#924344: glib2.0: CVE-2019-9633
Simon McVittie
smcv at debian.org
Wed Apr 3 13:00:34 BST 2019
On Fri, 29 Mar 2019 at 20:13:17 +0100, Moritz Mühlenhoff wrote:
> On Mon, Mar 11, 2019 at 09:32:02PM +0100, Salvatore Bonaccorso wrote:
> > Version: 2.58.3-1
Do we know for sure that 2.58.x is vulnerable? I've tried the reproducer
from the upstream bug and didn't see criticals or a crash.
> > Forwarded: https://gitlab.gnome.org/GNOME/glib/issues/1649
This bug says "Another likely regression from Happy Eyeballs". GLib's
implementation of RFC 8305 "Happy Eyeballs" is a new feature (or new
optimization, depending how you look at it) in 2.59.x/2.60.x.
smcv
More information about the pkg-gnome-maintainers
mailing list