A new glib2 package with the fix for the CVE-2021-28153 and the CVE-2021-27219 within OracleLinux 6 extended lifecycle support is now available for download from our production repository.
Changelog
glib2-2.28.8-12.el6.cloudlinux.els
- Fix creating empty target for dangling symlink in g_file_replace() with G_FILE_CREATE_REPLACE_DESTINATION (CVE-2021-28153)
- Fix integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (CVE-2021-27219)
Update command
yum update glib2*