A new glib2 package with the fix for the CVE-2021-28153 and the CVE-2021-27219 within CentOS 6 extended lifecycle support has been scheduled for gradual rollout from our production repository.
Rollout slot: 3
Rolled out to: 1%
ETA for 100% rollout: June, 15
Changelog
glib2-2.28.8-12.el6.cloudlinux.els
- Fix creating empty target for dangling symlink in g_file_replace() with G_FILE_CREATE_REPLACE_DESTINATION (CVE-2021-28153)
- Fix integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (CVE-2021-27219)
Update command
yum update glib2*
Immediate update (via bypass)
yum update glib2* --enablerepo=ELS6-rollout-3-bypass