Bug 2433353
| Summary: | CVE-2026-1489 cosmic-files: GLib: Memory corruption via integer overflow in Unicode case conversion [fedora-all] | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Abhishek Raj <abhraj> |
| Component: | cosmic-files | Assignee: | Ryan Brue <ryanbrue.dev> |
| Status: | CLOSED NOTABUG | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 43 | CC: | cosmic-sig, decathorpe, rust-sig, ryanbrue.dev |
| Target Milestone: | --- | Keywords: | Security, SecurityTracking |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | {"flaws": ["d470bbb6-b269-4798-a1d3-478115405f5e"]} | ||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2026-02-05 21:21:24 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 2433348 | ||
|
Description
Abhishek Raj
2026-01-27 14:08:23 UTC
This issue is in the "glib" C library (packaged as "glib2"), not in the "glib" Rust crate used in this package. glib2 is only dynamically linked here. So the issue needs to be fixed in glib2, and there is nothing to be done here. |