A vulnerability was found in GLib2.0, where denial of service caused by handling a malicious serialised variant which is structured to cause allocations or looping superlinear to its serialised size. Applications are at risk if they accept untrusted serialised variants by checking them with g_variant_get_normal_form() (or don’t check them). References: https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835
Created glib tracking bugs for this issue: Affects: epel-all [bug 2181185] Affects: fedora-all [bug 2181189] Created glib2 tracking bugs for this issue: Affects: fedora-all [bug 2181186] Created mingw-glib2 tracking bugs for this issue: Affects: fedora-all [bug 2181190]
This CVE has been rejected, can you please remove the CVE alias as well?