Fedora 9 : glib2-2.16.4-1.fc9 (2008-6048)

high Nessus Plugin ID 33411

Synopsis

The remote Fedora host is missing a security update.

Description

><i>From the release announcement: * Update to PCRE 7.7 - fix a heap-based </I>buffer overflow in PCRE (CVE-2008-2371) * Bug fixes:
528752 Win32 build and SSL not working 539074 Cannot get exit status with g_spawn_command_line_sync() 316221 G_LOCK warns about breaking strict-aliasing rules 519137 g_slice_dup macro needs cast for 64-bit platform 536158 also bump GHashTable version when a node is removed via g_hash_table_iter_remove()/g_hash_table_iter_steal() 529321 make check fails in glib/pcre 314453 Nautilus crashes in Solaris when browsing the attached file 502511 g_assert_cmphex prints invalid message 538119 glib's mainloop leaks a pipe to sub-processes 540459 there are no way of getting the real number of bytes written in GMemoryOutputStream 540423 unrecoverable error after g_seekable_truncate(seekable,0,...) 530196
_g_local_file_has_trash_dir() doesn't handle st_dev == 0 528600 g_dummy_file_get_parent('scheme://example.com/') 536641 Filesystem querying in gio does not list AFS and autofs file systems 537392 Additional colon in xattr name 528433 gdesktopappinfo snafu ... 526320 should not list mounts that the user doesn't have permiss... 527132 nautilus crash when making ftp connection 532852 totem_pl_parser_parse_with_base: assertion `... 459905 Bug in wcwidth data 534085 g_unichar_iswide_cjk() has a totally wrong table * Updated translations: Bulgarian (bg) German (de)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected glib2 package.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=452079

http://www.nessus.org/u?97a20446

Plugin Details

Severity: High

ID: 33411

File Name: fedora_2008-6048.nasl

Version: 1.14

Type: local

Agent: unix

Published: 7/8/2008

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.6

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:glib2, cpe:/o:fedoraproject:fedora:9

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 7/3/2008

Reference Information

CVE: CVE-2008-2371

CWE: 119

FEDORA: 2008-6048