iznogood cdc7df0539 glib-networking: Update to version 2.90.alpha:
+ Bugs fixed:
    - test fails with openssl 3.4.x
    - (CVE-2025-60018) (#YWH-PGM9867-106) Out of Bond Reads on
      glib-networking through tls/openssl/gtlscertificate-openssl.c
      via "g_tls_certificate_openssl_get_property()" due to
      Incorrect BIO_write Return Value Validation in Certificate
      PEM Export
    - (CVE-2026-2574) (#YWH-PGM9867-150) OOB Read on
      glib-networking through
      tls/openssl/gtlsclientconnection-openssl.c via
      g_tls_client_connection_openssl_get_property()
    - (CVE-2026-10028) (#YWH-PGM9867-278) Infinite loop in
      certification path building
    - meson: Introduce option for enable/disable tests
    - openssl: check return value of g_tls_bio_alloc() and BIO_new()
    - openssl: delete support for OCSP stapling
    - Fix file database and PKCS11 test failures and update CI!
    - Fix miscellaneous safety issues reported by bug hunters
    - Delete gtlshttp
    - Fix connection test reusing a GError
    - openssl: fix error code confusion
    - ci: add catch for reporting stack traces
    - Require OpenSSL 1.1.1 or newer
    - Some fixes found with kiro
    - Fix various memory leaks
    - openssl: refactor error handling code
    - openssl: use ERR_clear_error() all over the place
    - gnutls: always notify accepted-cas property after handshake
  + Updated translations.
- Drop CVE-2026-10028.patch: Fixed upstream.
2026-07-01 09:25:56 +02:00
S
Description
No description provided
5.6 MiB
Languages
XML 100%