CVE-2023-24593

Publication date 29 March 2023

Last updated 24 July 2024

** REJECT ** Rejected by upstream.

Read the notes from the security team

Status

Show unmaintained releases

How can I get the fixes?
What do statuses mean?
Patch details

Notes

mdeslaur

fixes introduced two more issues: https://gitlab.gnome.org/GNOME/glib/-/issues/2840 (CVE-2023-32643) https://gitlab.gnome.org/GNOME/glib/-/issues/2841 (CVE-2023-32636)

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
glib2.0	Upstream: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3125 Upstream: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3126

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-6165-1
GLib vulnerabilities
14 June 2023

Other references

https://access.redhat.com/security/cve/CVE-2023-24593
https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835
https://www.cve.org/CVERecord?id=CVE-2023-24593