File _patchinfo of Package patchinfo.5832

<patchinfo incident="5832">
  <issue tracker="bnc" id="1137001">VUL-0: CVE-2019-12450: glib2: file_copy_fallback in gio/gfile.c does not properly restrict file permissions while a copy operation is in progress</issue>
  <issue id="1061599" tracker="bnc">L3: dead symlink in libgio package</issue>
  <issue id="1107121" tracker="bnc">VUL-1: CVE-2018-16428: glib,glib2: g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference</issue>
  <issue id="1107116" tracker="bnc">VUL-1: CVE-2018-16429: glib,glib2: out-of-bounds read vulnerability ing_markup_parse_context_parse() in gmarkup.c, related to utf8_str()</issue>          
  <issue id="2018-16429" tracker="cve" />
  <issue id="2018-16428" tracker="cve" />
  <issue tracker="cve" id="2019-12450"/>
  <category>security</category>
  <rating>important</rating>
  <packager>sbrabec</packager>
  <description>This update for glib2 provides the following fix:


Security issues fixed:

- CVE-2019-12450: Fixed an improper file permission when copy operation
  takes place (bsc#1137001).     
- CVE-2018-16428: Avoid a null pointer dereference that could crash glib2 users in markup processing (bnc#1107121).
- CVE-2018-16429: Fixed out-of-bounds read vulnerability ing_markup_parse_context_parse() (bsc#1107116).

Non-security issues fixed:

- Install dummy *-mimeapps.list files to prevent dead symlinks. (bsc#1061599)

</description>
  <summary>Security update for glib2</summary>
  </patchinfo>