| Package | glib2.0 |
|---|---|
| Version | 2.42.1-1+deb8u9 (jessie) |
| Related CVEs | CVE-2025-4373 |
A flaw was found in GLib, a bundle of low-level system libraries, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.
Additionally this update addresses a regression introduced in ELA-625-1 in order to fix CVE-2021-27218. The inline keyword in the gmem.h header file was not defined if software used an older C standard which led to a build failure when building reverse-dependencies of GLib, e.g. subversion.
For Debian 8 jessie, these problems have been fixed in version 2.42.1-1+deb8u9.
We recommend that you upgrade your glib2.0 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.