An update for glib-networking is now available for openEuler-24.03-LTS-SP3,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS-SP1 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2026-2561 Final 1.0 1.0 2026-06-05 Initial 2026-06-05 2026-06-05 openEuler SA Tool V1.0 2026-06-05 glib-networking security update An update for glib-networking is now available for openEuler-24.03-LTS-SP3,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS-SP1 glib-networking contains the implementations of certain GLib networking features that cannot be implemented directly in GLib itself because of their dependencies. Security Fix(es): A flaw was found in glib-networking. A remote attacker can exploit this vulnerability by presenting a specially crafted certificate chain to an application that uses glib-networking with the GnuTLS backend enabled and performs certificate verification. This crafted chain, which contains circular issuer relationships, can cause an infinite loop during certificate verification. The unbounded traversal consumes excessive CPU resources, leading to a denial of service for the affected process or worker.(CVE-2026-10028) An update for glib-networking is now available for openEuler-24.03-LTS-SP3,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS-SP1. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium glib-networking https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2561 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-10028 https://nvd.nist.gov/vuln/detail/CVE-2026-10028 openEuler-24.03-LTS-SP3 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS-SP4 openEuler-24.03-LTS-SP1 glib-networking-2.78.0-4.oe2403sp3.aarch64.rpm glib-networking-debuginfo-2.78.0-4.oe2403sp3.aarch64.rpm glib-networking-debugsource-2.78.0-4.oe2403sp3.aarch64.rpm glib-networking-tests-2.78.0-4.oe2403sp3.aarch64.rpm glib-networking-2.62.4-4.oe2003sp4.aarch64.rpm glib-networking-debuginfo-2.62.4-4.oe2003sp4.aarch64.rpm glib-networking-debugsource-2.62.4-4.oe2003sp4.aarch64.rpm glib-networking-tests-2.62.4-4.oe2003sp4.aarch64.rpm glib-networking-2.68.1-8.oe2203sp4.aarch64.rpm glib-networking-debuginfo-2.68.1-8.oe2203sp4.aarch64.rpm glib-networking-debugsource-2.68.1-8.oe2203sp4.aarch64.rpm glib-networking-tests-2.68.1-8.oe2203sp4.aarch64.rpm glib-networking-2.78.0-4.oe2403sp1.aarch64.rpm glib-networking-debuginfo-2.78.0-4.oe2403sp1.aarch64.rpm glib-networking-debugsource-2.78.0-4.oe2403sp1.aarch64.rpm glib-networking-tests-2.78.0-4.oe2403sp1.aarch64.rpm glib-networking-2.78.0-4.oe2403sp3.src.rpm glib-networking-2.62.4-4.oe2003sp4.src.rpm glib-networking-2.68.1-8.oe2203sp4.src.rpm glib-networking-2.78.0-4.oe2403sp1.src.rpm glib-networking-2.78.0-4.oe2403sp3.x86_64.rpm glib-networking-debuginfo-2.78.0-4.oe2403sp3.x86_64.rpm glib-networking-debugsource-2.78.0-4.oe2403sp3.x86_64.rpm glib-networking-tests-2.78.0-4.oe2403sp3.x86_64.rpm glib-networking-2.62.4-4.oe2003sp4.x86_64.rpm glib-networking-debuginfo-2.62.4-4.oe2003sp4.x86_64.rpm glib-networking-debugsource-2.62.4-4.oe2003sp4.x86_64.rpm glib-networking-tests-2.62.4-4.oe2003sp4.x86_64.rpm glib-networking-2.68.1-8.oe2203sp4.x86_64.rpm glib-networking-debuginfo-2.68.1-8.oe2203sp4.x86_64.rpm glib-networking-debugsource-2.68.1-8.oe2203sp4.x86_64.rpm glib-networking-tests-2.68.1-8.oe2203sp4.x86_64.rpm glib-networking-2.78.0-4.oe2403sp1.x86_64.rpm glib-networking-debuginfo-2.78.0-4.oe2403sp1.x86_64.rpm glib-networking-debugsource-2.78.0-4.oe2403sp1.x86_64.rpm glib-networking-tests-2.78.0-4.oe2403sp1.x86_64.rpm A flaw was found in glib-networking. A remote attacker can exploit this vulnerability by presenting a specially crafted certificate chain to an application that uses glib-networking with the GnuTLS backend enabled and performs certificate verification. This crafted chain, which contains circular issuer relationships, can cause an infinite loop during certificate verification. The unbounded traversal consumes excessive CPU resources, leading to a denial of service for the affected process or worker. 2026-06-05 CVE-2026-10028 openEuler-24.03-LTS-SP3 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS-SP4 openEuler-24.03-LTS-SP1 Medium 4.3 AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L glib-networking security update 2026-06-05 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2561