[ubuntu/questing-proposed] libsoup3 3.6.5-1ubuntu1 (Accepted)
Hlib Korzhynskyy
hlib.korzhynskyy at canonical.com
Fri May 23 17:32:15 UTC 2025
libsoup3 (3.6.5-1ubuntu1) questing; urgency=medium
* SECURITY UPDATE: Denial of service.
- debian/patches/CVE-2025-32908-1.patch: Add NULL checks with returns for
NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE in
./libsoup/server/http2/soup-server-message-io-http2.c.
- debian/patches/CVE-2025-32908-2.patch: Improve NULL checks in
./libsoup/server/http2/soup-server-message-io-http2.c.
- debian/patches/CVE-2025-4476.patch: Replace strcmp with g_strcmp0 in
./libsoup/auth/soup-auth-digest.c.
- CVE-2025-32908
- CVE-2025-4476
Date: Thu, 22 May 2025 15:04:22 -0230
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/libsoup3/3.6.5-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Thu, 22 May 2025 15:04:22 -0230
Source: libsoup3
Built-For-Profiles: noudeb
Architecture: source
Version: 3.6.5-1ubuntu1
Distribution: questing
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
Changes:
libsoup3 (3.6.5-1ubuntu1) questing; urgency=medium
.
* SECURITY UPDATE: Denial of service.
- debian/patches/CVE-2025-32908-1.patch: Add NULL checks with returns for
NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE in
./libsoup/server/http2/soup-server-message-io-http2.c.
- debian/patches/CVE-2025-32908-2.patch: Improve NULL checks in
./libsoup/server/http2/soup-server-message-io-http2.c.
- debian/patches/CVE-2025-4476.patch: Replace strcmp with g_strcmp0 in
./libsoup/auth/soup-auth-digest.c.
- CVE-2025-32908
- CVE-2025-4476
Checksums-Sha1:
9c370cc2b480c999af625952efd16375aaa57f88 3122 libsoup3_3.6.5-1ubuntu1.dsc
3f87f2e8a6286efc54ca4f491d2c425852614f81 29148 libsoup3_3.6.5-1ubuntu1.debian.tar.xz
fa350eff1a64352789ec7f447082dd82185edb82 15325 libsoup3_3.6.5-1ubuntu1_source.buildinfo
Checksums-Sha256:
a02f48769beb1e8291af0c72efae98e35f4ed03caa4d3a8b2ffba28dad170cf1 3122 libsoup3_3.6.5-1ubuntu1.dsc
5623b337191b2216e918a61474a9826ccbaca905fe9418427de7e3250204afb9 29148 libsoup3_3.6.5-1ubuntu1.debian.tar.xz
3b1afa0b22a8f2e83730a8c2c3db5620b82ed1d741997e969c8a949c9fcfb389 15325 libsoup3_3.6.5-1ubuntu1_source.buildinfo
Files:
11dcd9878ce9c91a7cc04dbbebdce749 3122 devel optional libsoup3_3.6.5-1ubuntu1.dsc
f230b65a7ffdb0196386a1aebb20ede8 29148 devel optional libsoup3_3.6.5-1ubuntu1.debian.tar.xz
9135aaa2a2c777e3cda4112f45050d15 15325 devel optional libsoup3_3.6.5-1ubuntu1_source.buildinfo
Original-Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers at lists.alioth.debian.org>
More information about the Questing-changes
mailing list