{"id":"MGASA-2018-0405","summary":"Updated glib2.0 packages fix security vulnerabilities","details":"The updated glib2.0 packages fix security vulnerabilities:\n\nIn GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c\nhas a NULL pointer dereference (CVE-2018-16428).\n\nGNOME GLib 2.56.1 has an out-of-bounds read vulnerability in\ng_markup_parse_context_parse() in gmarkup.c, related to utf8_str()\n(CVE-2018-16429).\n","modified":"2026-04-16T01:47:20.955038028Z","published":"2018-10-19T18:00:37Z","upstream":["CVE-2018-16428","CVE-2018-16429"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2018-0405.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=23665"},{"type":"WEB","url":"https://usn.ubuntu.com/3767-1/"}],"affected":[{"package":{"name":"glib2.0","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/glib2.0?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.54.3-1.2.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0405.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}