[ubuntu/plucky-security] libsoup3 3.6.5-1ubuntu0.1 (Accepted)
Hlib Korzhynskyy
hlib.korzhynskyy at canonical.com
Wed May 28 13:52:59 UTC 2025
libsoup3 (3.6.5-1ubuntu0.1) plucky-security; urgency=medium
* SECURITY UPDATE: Denial of service.
- debian/patches/CVE-2025-32908-1.patch: Add NULL checks with returns for
NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE in
./libsoup/server/http2/soup-server-message-io-http2.c.
- debian/patches/CVE-2025-32908-2.patch: Improve NULL checks in
./libsoup/server/http2/soup-server-message-io-http2.c.
- debian/patches/CVE-2025-4476.patch: Replace strcmp with g_strcmp0 in
./libsoup/auth/soup-auth-digest.c.
- CVE-2025-32908
- CVE-2025-4476
Date: 2025-05-22 18:19:13.515072+00:00
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
https://launchpad.net/ubuntu/+source/libsoup3/3.6.5-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the plucky-changes
mailing list