File _patchinfo of Package patchinfo.34032

<patchinfo incident="34032">
  <issue tracker="bnc" id="1224044">VUL-0: CVE-2024-34397: glib2: signal subscriptions are vulnerable to unicast spoofing</issue>
  <issue tracker="cve" id="2024-34397"/>
  <packager>mgorse</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for glib2</summary>
  <description>This update for glib2 fixes the following issues:

Update to version 2.78.6:

+ Fix a regression with IBus caused by the fix for CVE-2024-34397

Changes in version 2.78.5:

+ Fix CVE-2024-34397: GDBus signal subscriptions for well-known
  names are vulnerable to unicast spoofing. (bsc#1224044)
+ Bugs fixed:
  - gvfs-udisks2-volume-monitor SIGSEGV in
    g_content_type_guess_for_tree() due to filename with bad
    encoding
  - gcontenttype: Make filename valid utf-8 string before processing.
  - gdbusconnection: Don't deliver signals if the sender doesn't match.

Changes in version 2.78.4:

+ Bugs fixed:
  - Fix generated RST anchors for methods, signals and properties.
  - docs/reference: depend on a native gtk-doc.
  - gobject_gdb.py: Do not break bt on optimized build.
  - gregex: clean up usage of _GRegex.jit_status.
</description>
</patchinfo>