CVE-2024-52533 was announced here: https://www.openwall.com/lists/oss-security/2024/11/12/11
Source RPM: (none) => glib2.0-2.76.3-1.2.mga9.src.rpmCVE: (none) => CVE-2024-52533
Our M9 version 2.76.3 goes back a long way; we have in Cauldron recent version 2.82.2. Is it sufficient to update it? CC'ing DavidG because you have done most updates for glib2.0
Assignee: bugsquad => basesystemCC: (none) => geiger.david68210
Suggested advisory: ======================== The updated packages fix a security vulnerability: Buffer overflow in socks proxy code in glib < 2.82.1. (CVE-2024-52533) References: https://www.openwall.com/lists/oss-security/2024/11/12/11 ======================== Updated packages in core/updates_testing: ======================== glib-gettextize-2.76.3-1.3.mga9 glib2.0-common-2.76.3-1.3.mga9 glib2.0-tests-2.76.3-1.3.mga9 lib(64)gio2.0_0-2.76.3-1.3.mga9 lib(64)glib2.0_0-2.76.3-1.3.mga9 lib(64)glib2.0-devel-2.76.3-1.3.mga9 lib(64)glib2.0-static-devel-2.76.3-1.3.mga9 from SRPM: glib2.0-2.76.3-1.3.mga9.src.rpm
Assignee: basesystem => qa-bugsStatus: NEW => ASSIGNED
Keywords: (none) => advisory
RH x86_64 installing lib64glib2.0_0-2.76.3-1.3.mga9.x86_64.rpm glib2.0-common-2.76.3-1.3.mga9.x86_64.rpm lib64gio2.0_0-2.76.3-1.3.mga9.x86_64.rpm from //home/katnatek/qa-testing/x86_64 Preparing... ################################################################################################## 1/3: lib64glib2.0_0 ################################################################################################## 2/3: lib64gio2.0_0 ################################################################################################## 3/3: glib2.0-common ################################################################################################## 1/3: removing glib2.0-common-2.76.3-1.2.mga9.x86_64 ################################################################################################## 2/3: removing lib64gio2.0_0-2.76.3-1.2.mga9.x86_64 ################################################################################################## 3/3: removing lib64glib2.0_0-2.76.3-1.2.mga9.x86_64 ################################################################################################## audacity works pidgin works
Note: the quicklink in the updates list links to "0" for this entry. Bug???
CC: (none) => herman.viaene
MGA9-64 Plasma Wayland on Compaq H000SB No installation issues. Tested by running audacity and thunar, all work OK.
(In reply to Herman Viaene from comment #4) > Note: the quicklink in the updates list links to "0" for this entry. Bug??? Yes a bug in madb https://bugs.mageia.org/show_bug.cgi?id=33729 and mga-advisor
Whiteboard: (none) => MGA8-64-OKCC: (none) => andrewsfarm
MGA8 ?????
Whiteboard: MGA8-64-OK => MGA9-64-OK
Validating.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2024-0386.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED