[ubuntu/plucky-updates] libsoup3 3.6.5-1ubuntu0.2 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Thu Jul 17 13:28:49 UTC 2025
libsoup3 (3.6.5-1ubuntu0.2) plucky-security; urgency=medium
* SECURITY UPDATE: Denial of service.
- debian/patches/CVE-2025-32907-*.patch: Add i-- in
libsoup/soup-message-headers.c. Add B_SANITIZE_OPTION to meson.build.
- debian/patches/CVE-2025-4948.patch: Add ternary end - 2 - split check in
libsoup/soup-multipart.c.
- CVE-2025-32907
- CVE-2025-4948
* SECURITY UPDATE: Out of bounds read.
- debian/patches/CVE-2025-32914.patch: Replace strstr operation with
g_strstr_len in ./libsoup/soup-multipart.c.
- debian/patches/CVE-2025-4969.patch: Add extra if checks for start of line
in libsoup/soup-multipart.c.
- CVE-2025-32914
- CVE-2025-4969
* SECURITY UPDATE: Improper validation of cookie expiration.
- debian/patches/CVE-2025-4945-*.patch: Add extra date checks in
libsoup/soup-date-utils.c.
- CVE-2025-4945
Date: 2025-07-16 14:37:11.694449+00:00
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/libsoup3/3.6.5-1ubuntu0.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the plucky-changes
mailing list