[ubuntu/noble-updates] libsoup2.4 2.74.3-6ubuntu1.6 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Thu Jul 17 13:28:47 UTC 2025
libsoup2.4 (2.74.3-6ubuntu1.6) noble-security; urgency=medium
* SECURITY UPDATE: Denial of service.
- debian/patches/CVE-2025-32907-*.patch: Add i-- in
libsoup/soup-message-headers.c. Add B_SANITIZE_OPTION to meson.build.
- debian/patches/CVE-2025-4948.patch: Add ternary end - 2 - split check in
libsoup/soup-multipart.c.
- CVE-2025-32907
- CVE-2025-4948
* SECURITY UPDATE: Out of bounds read.
- debian/patches/CVE-2025-4969.patch: Add extra if checks for start of line
in libsoup/soup-multipart.c.
- CVE-2025-4969
* SECURITY UPDATE: Improper validation of cookie expiration.
- debian/patches/CVE-2025-4945-*.patch: Add extra date checks in
libsoup/soup-date.c.
- CVE-2025-4945
Date: 2025-07-16 14:39:18.243908+00:00
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/libsoup2.4/2.74.3-6ubuntu1.6
-------------- next part --------------
Sorry, changesfile not available.
More information about the noble-changes
mailing list