[ubuntu/oracular-security] libsoup3 3.6.0-2ubuntu0.4 (Accepted)
Hlib Korzhynskyy
hlib.korzhynskyy at canonical.com
Wed May 28 13:52:59 UTC 2025
libsoup3 (3.6.0-2ubuntu0.4) oracular-security; urgency=medium
* SECURITY UPDATE: Denial of service.
- debian/patches/CVE-2025-32908-1.patch: Add NULL checks with returns for
NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE in
./libsoup/server/http2/soup-server-message-io-http2.c.
- debian/patches/CVE-2025-32908-2.patch: Improve NULL checks in
./libsoup/server/http2/soup-server-message-io-http2.c.
- debian/patches/CVE-2025-4476.patch: Replace strcmp with g_strcmp0 in
./libsoup/auth/soup-auth-digest.c.
- CVE-2025-32908
- CVE-2025-4476
Date: 2025-05-22 18:23:16.286991+00:00
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
https://launchpad.net/ubuntu/+source/libsoup3/3.6.0-2ubuntu0.4
-------------- next part --------------
Sorry, changesfile not available.
More information about the oracular-changes
mailing list