Ubuntu
glib2.0 package

glib2.0 2.80.0-6ubuntu3.6 source package in Ubuntu

Changelog

glib2.0 (2.80.0-6ubuntu3.6) noble-security; urgency=medium

  * SECURITY UPDATE: overflow via long invalid ISO 8601 timestamp
    - debian/patches/CVE-2025-3360-1.patch: fix integer overflow when
      parsing very long ISO8601 inputs in glib/gdatetime.c.
    - debian/patches/CVE-2025-3360-2.patch: fix potential integer overflow
      in timezone offset handling in glib/gdatetime.c.
    - debian/patches/CVE-2025-3360-3.patch: track timezone length as an
      unsigned size_t in glib/gdatetime.c.
    - debian/patches/CVE-2025-3360-4.patch: factor out some string pointer
      arithmetic in glib/gdatetime.c.
    - debian/patches/CVE-2025-3360-5.patch: factor out an undersized
      variable in glib/gdatetime.c.
    - debian/patches/CVE-2025-3360-6.patch: add some missing GDateTime
      ISO8601 parsing tests in glib/tests/gdatetime.c.
    - CVE-2025-3360
  * SECURITY UPDATE: GString overflow
    - debian/patches/CVE-2025-6052.patch: fix overflow check when expanding
      the string in glib/gstring.c.
    - CVE-2025-6052
  * SECURITY UPDATE: integer overflow in temp file creation
    - debian/patches/CVE-2025-7039.patch: fix computation of temporary file
      name in glib/gfileutils.c.
    - CVE-2025-7039
  * SECURITY UPDATE: heap overflow in g_escape_uri_string()
    - debian/patches/CVE-2025-13601.patch: add overflow check in
      glib/gconvert.c.
    - CVE-2025-13601
  * SECURITY UPDATE: buffer underflow through glib/gvariant
    - debian/patches/CVE-2025-14087-1.patch: fix potential integer overflow
      parsing (byte)strings in glib/gvariant-parser.c.
    - debian/patches/CVE-2025-14087-2.patch: use size_t to count numbers of
      child elements in glib/gvariant-parser.c.
    - debian/patches/CVE-2025-14087-3.patch: convert error handling code to
      use size_t in glib/gvariant-parser.c.
    - CVE-2025-14087
  * SECURITY UPDATE: integer overflow in gfileattribute
    - debian/patches/gfileattribute-overflow.patch: add overflow check in
      gio/gfileattribute.c.
    - No CVE number

 -- Marc Deslauriers <email address hidden>  Wed, 10 Dec 2025 10:51:22 -0500

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Noble
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
glib2.0_2.80.0.orig-unicode-data.tar.xz 257.2 KiB 38680f78a0ae6258826418cb5096c19ae3566ba8fee0a2112a0ec40056e58729
glib2.0_2.80.0.orig.tar.xz 5.3 MiB 8228a92f92a412160b139ae68b6345bd28f24434a7b5af150ebe21ff587a561d
glib2.0_2.80.0-6ubuntu3.6.debian.tar.xz 158.4 KiB 30c46992397f2d50a6617e26abc98ba82aabf817104b496f3699b3c750aa60c4
glib2.0_2.80.0-6ubuntu3.6.dsc 4.4 KiB 137dc055abcc71e840405a794f46abc7c1966bb0f1dacd2210e8ad110c5f640f

View changes file

Binary packages built by this source

gir1.2-girepository-3.0: Introspection data for GIRepository library, API version 3.0

 GObject Introspection is a project for providing machine readable
 introspection data of the API of C libraries. This introspection
 data can be used in several different use cases, for example
 automatic code generation for bindings, API verification and documentation
 generation.
 .
 This package contains the introspection data for the GIRepository library,
 which can be used to manipulate the search path used by language bindings
 and load introspection data.

gir1.2-girepository-3.0-dev: GIR XML for GIRepository library, API version 3.0

 GObject Introspection is a project for providing machine readable
 introspection data of the API of C libraries. This introspection
 data can be used in several different use cases, for example
 automatic code generation for bindings, API verification and documentation
 generation.
 .
 This package contains the introspection data for the GIRepository
 library, in the GIR XML format used to generate bindings for static languages
 like C++, D and Haskell.

gir1.2-glib-2.0: Introspection data for GLib, GObject, Gio and GModule

 GObject Introspection is a project for providing machine readable
 introspection data of the API of C libraries. This introspection
 data can be used in several different use cases, for example
 automatic code generation for bindings, API verification and documentation
 generation.
 .
 This package contains the introspection data for the GLib, GObject,
 GModule and Gio libraries, in the typelib format used to generate
 bindings for dynamic languages like JavaScript and Python.

gir1.2-glib-2.0-dev: GIR XML for GLib, GObject, Gio and GModule

 GObject Introspection is a project for providing machine readable
 introspection data of the API of C libraries. This introspection
 data can be used in several different use cases, for example
 automatic code generation for bindings, API verification and documentation
 generation.
 .
 This package contains the introspection data for the GLib, GObject,
 GModule and Gio libraries, in the GIR XML format used to generate
 bindings for static languages like C++, D and Haskell.

libgirepository-2.0-0: GLib runtime library for handling GObject introspection data

 GLib is a library containing many useful C routines for things such
 as trees, hashes, lists, and strings. It is a useful general-purpose
 C library used by projects such as GTK+, GIMP, and GNOME.
 .
 This package contains the shared library used by language bindings such
 as PyGObject and gjs to call GObject methods.

libgirepository-2.0-0-dbgsym: debug symbols for libgirepository-2.0-0
libgirepository-2.0-dev: Development files for the GObject introspection library

 GLib is a library containing many useful C routines for things such
 as trees, hashes, lists, and strings. It is a useful general-purpose
 C library used by projects such as GTK+, GIMP, and GNOME.
 .
 This package is needed to compile programs against libgirepository-2.0-0.

libglib2.0-0t64: GLib library of C routines

 GLib is a library containing many useful C routines for things such
 as trees, hashes, lists, and strings. It is a useful general-purpose
 C library used by projects such as GTK+, GIMP, and GNOME.
 .
 This package contains the shared libraries.

libglib2.0-0t64-dbgsym: debug symbols for libglib2.0-0t64
libglib2.0-bin: Programs for the GLib library

 GLib is a library containing many useful C routines for things such
 as trees, hashes, lists, and strings. It is a useful general-purpose
 C library used by projects such as GTK+, GIMP, and GNOME.
 .
 This package contains the program files which is used for the libraries
 and others.

libglib2.0-bin-dbgsym: debug symbols for libglib2.0-bin
libglib2.0-data: Common files for GLib library

 GLib is a library containing many useful C routines for things such
 as trees, hashes, lists, and strings. It is a useful general-purpose
 C library used by projects such as GTK+, GIMP, and GNOME.
 .
 This package is needed for the runtime libraries to display messages in
 languages other than English.

libglib2.0-dev: Development files for the GLib library

 GLib is a library containing many useful C routines for things such
 as trees, hashes, lists, and strings. It is a useful general-purpose
 C library used by projects such as GTK+, GIMP, and GNOME.
 .
 This package is needed to compile programs against libglib2.0-0t64,
 as only it includes the header files and static libraries (optionally)
 needed for compiling.
 .
 GObject-Introspection metadata for this library can be found in the
 libgirepository1.0-dev package.

libglib2.0-dev-bin: Development utilities for the GLib library

 GLib is a library containing many useful C routines for things such
 as trees, hashes, lists, and strings. It is a useful general-purpose
 C library used by projects such as GTK+, GIMP, and GNOME.
 .
 This package is needed to compile programs against libglib2.0-0. It contains
 development utilities typically run during compilation and should not be
 installed directly. Use libglib2.0-dev instead.

libglib2.0-dev-bin-dbgsym: debug symbols for libglib2.0-dev-bin
libglib2.0-dev-dbgsym: debug symbols for libglib2.0-dev
libglib2.0-doc: Documentation files for the GLib library

 GLib is a library containing many useful C routines for things such
 as trees, hashes, lists, and strings. It is a useful general-purpose
 C library used by projects such as GTK+, GIMP, and GNOME.
 .
 This package contains the HTML documentation for the GLib library
 in /usr/share/doc/libglib2.0-doc/ .

libglib2.0-tests: GLib library of C routines - installed tests

 GLib is a library containing many useful C routines for things such
 as trees, hashes, lists, and strings. It is a useful general-purpose
 C library used by projects such as GTK+, GIMP, and GNOME.
 .
 This package contains test programs, designed to be run as part of a
 regression testsuite.

libglib2.0-tests-dbgsym: debug symbols for libglib2.0-tests