| Package | glib2.0 |
|---|---|
| Version | 2.50.3-2+deb9u6 (stretch) |
| Related CVEs | CVE-2024-34397 |
Alicia Boya Garcia reported that the GDBus signal subscriptions in the GLib library are prone to a spoofing vulnerability. A local attacker can take advantage of this flaw to cause a GDBus-based client to behave incorrectly, with an application-dependent impact.
For Debian 9 stretch, these problems have been fixed in version 2.50.3-2+deb9u6.
We recommend that you upgrade your glib2.0 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.