СloudLinux Blog

A new glib2 package with the fix for the CVE-2021-28153 and the CVE-2021-27219 within CentOS 6 ELS has been scheduled for gradual rollout

Written by Inessa Atmachian | Jun 1, 2021 2:44:11 PM

A new glib2 package with the fix for the CVE-2021-28153 and the CVE-2021-27219 within CentOS 6 extended lifecycle support has been scheduled for gradual rollout from our production repository.

Rollout slot: 3

Rolled out to: 1%

ETA for 100% rollout: June, 15

Changelog

glib2-2.28.8-12.el6.cloudlinux.els
  • Fix creating empty target for dangling symlink in g_file_replace() with G_FILE_CREATE_REPLACE_DESTINATION (CVE-2021-28153)
  • Fix integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (CVE-2021-27219)

Update command

yum update glib2*

Immediate update (via bypass)

yum update glib2* --enablerepo=ELS6-rollout-3-bypass