CVE 2018-16429

GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str().

Related bugs and status

CVE-2018-16429 (Candidate) is related to these bugs:

Bug #1789476: glib apps using GSubprocess communicate might crash on g_subprocess_communicate_cancelled

Summary				In	Importance	Status
	1789476	glib apps using GSubprocess communicate might crash on g_subprocess_communicate_cancelled		glib2.0 (Ubuntu)	Medium	Fix Released
	1789476	glib apps using GSubprocess communicate might crash on g_subprocess_communicate_cancelled		glib2.0 (Ubuntu Bionic)	Undecided	Fix Released

Bug #1794544: [SRU] 2.56.3

Summary				In	Importance	Status
	1794544	[SRU] 2.56.3		glib2.0 (Ubuntu)	Undecided	Fix Released
	1794544	[SRU] 2.56.3		glib2.0 (Ubuntu Bionic)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.