A new glib2 package with the fix for the CVE-2021-28153 and the CVE-2021-27219 within CloudLinux 6 ELS has been scheduled for gradual rollout

A new glib2 package with the fix for the CVE-2021-28153 and the CVE-2021-27219 within CloudLinux 6 extended lifecycle support has been scheduled for gradual rollout from our production repository.

Rollout slot: 1

Rolled out to: 1%

ETA for 100% rollout: June, 15

Changelog

glib2-2.28.8-12.el6.cloudlinux.els

• Fix creating empty target for dangling symlink in g_file_replace() with G_FILE_CREATE_REPLACE_DESTINATION (CVE-2021-28153)
• Fix integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (CVE-2021-27219)

Update command

yum update glib2*

Immediate update (via bypass)

yum update glib2* --enablerepo=cloudlinux-rollout-1-bypass