| Package | glib2.0 |
|---|---|
| Version | 2.42.1-1+deb8u7 (jessie) |
| Related CVEs | CVE-2024-34397 |
Alicia Boya Garcia reported that the GDBus signal subscriptions in the GLib library are prone to a spoofing vulnerability. A local attacker can take advantage of this flaw to cause a GDBus-based client to behave incorrectly, with an application-dependent impact.
For Debian 8 jessie, these problems have been fixed in version 2.42.1-1+deb8u7.
We recommend that you upgrade your glib2.0 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.