Amazon Linux 2 Security Advisory: ALAS-2024-2488
Advisory Release Date: 2024-02-29 10:03 Pacific
Advisory Updated Date: 2024-03-04 12:00 Pacific
Severity:
Low
Issue Overview:
plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x before 3.40.0 mishandles widget rebuilding for GladeGtkBox, leading to a denial of service (application crash). (CVE-2020-36774)
Affected Packages:
glade
Note:
This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update glade to update your system.
New Packages:
aarch64:
glade-3.22.1-1.amzn2.0.1.aarch64
glade-libs-3.22.1-1.amzn2.0.1.aarch64
glade-devel-3.22.1-1.amzn2.0.1.aarch64
glade-debuginfo-3.22.1-1.amzn2.0.1.aarch64
i686:
glade-3.22.1-1.amzn2.0.1.i686
glade-libs-3.22.1-1.amzn2.0.1.i686
glade-devel-3.22.1-1.amzn2.0.1.i686
glade-debuginfo-3.22.1-1.amzn2.0.1.i686
src:
glade-3.22.1-1.amzn2.0.1.src
x86_64:
glade-3.22.1-1.amzn2.0.1.x86_64
glade-libs-3.22.1-1.amzn2.0.1.x86_64
glade-devel-3.22.1-1.amzn2.0.1.x86_64
glade-debuginfo-3.22.1-1.amzn2.0.1.x86_64