** DISPUTED ** GLib 2.31.8 and earlier, when the g_str_hash function is
used, computes hash values without restricting the ability to trigger hash
collisions predictably, which allows context-dependent attackers to cause a
denial of service (CPU consumption) via crafted input to an application
that maintains a hash table. NOTE: this issue may be disputed by the
vendor; the existence of the g_str_hash function is not a vulnerability in
the library, because callers of g_hash_table_new and g_hash_table_new_full
can specify an arbitrary hash function that is appropriate for the
mdeslauras of 2012-02-21, upstream has simply added a warning:

This CVE is disputed by upstream, we will not be fixing this
issue in stable releases
Ubuntu 12.04 ESM (Precise Pangolin):ignored
Ubuntu 14.04 ESM (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):ignored
Ubuntu 18.04 LTS (Bionic Beaver):ignored
Ubuntu 19.10 (Eoan Ermine):ignored
More Information

Updated: 2020-01-29 19:43:05 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)